ezpm2gui 1.6.0 → 1.9.0

package/dist/server/routes/remoteConnections.js

@@ -5,6 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const express_1 = __importDefault(require("express"));
 const remote_connection_1 = require("../utils/remote-connection");
+const encryption_1 = require("../utils/encryption");
 const router = express_1.default.Router();
 // @group Security : Validate remote log file paths before shell interpolation
 const SHELL_UNSAFE_CHARS = /['"`;$|&<>(){}\\\n\r\0]/;
@@ -26,6 +27,29 @@ const safeLogLines = (raw) => {
         return 200;
     return Math.min(n, MAX_LOG_LINES);
 };
+/**
+ * Decrypts a field that may be either a plain string (legacy/internal)
+ * or an EncryptedPayload object produced by the client-side hybrid encryptor.
+ */
+function decryptField(value) {
+    if (!value)
+        return undefined;
+    if (typeof value === 'string')
+        return value;
+    try {
+        return (0, encryption_1.decryptTransitPayload)(value);
+    }
+    catch {
+        throw new Error('Failed to decrypt field — possible tampering or key mismatch');
+    }
+}
+/**
+ * Expose RSA public key so the client can encrypt sensitive fields before sending.
+ * GET /api/remote/public-key
+ */
+router.get('/public-key', (_req, res) => {
+    res.json({ publicKey: (0, encryption_1.getRSAPublicKey)() });
+});
 /**
  * Connect to an existing remote server
  * POST /api/remote/:connectionId/connect
@@ -819,15 +843,19 @@ router.get('/:connectionId/log-file/download', async (req, res) => {
 router.get('/connections', async (req, res) => {
     try {
         const connections = remote_connection_1.remoteConnectionManager.getAllConnections();
-        const connectionsList = Array.from(connections.entries()).map(([id, conn]) => ({
-            id,
-            name: conn.name || `${conn.username}@${conn.host}`,
-            host: conn.host,
-            port: conn.port,
-            username: conn.username,
-            connected: conn.isConnected(),
-            isPM2Installed: conn.isPM2Installed
-        }));
+        const connectionsList = Array.from(connections.entries()).map(([id, conn]) => {
+            const connected = conn.isConnected();
+            return {
+                id,
+                name: conn.name || `${conn.username}@${conn.host}`,
+                host: conn.host,
+                port: conn.port,
+                username: conn.username,
+                connected,
+                isPM2Installed: conn.isPM2Installed,
+                status: connected ? 'connected' : 'disconnected',
+            };
+        });
         res.json(connectionsList);
     }
     catch (error) {
@@ -844,17 +872,21 @@ router.get('/connections', async (req, res) => {
  */
 router.post('/connections', (req, res) => {
     try {
-        const connectionConfig = req.body;
-        if (!connectionConfig.name || !connectionConfig.host || !connectionConfig.username) {
+        const body = req.body;
+        if (!body.name || !body.host || !body.username) {
             return res.status(400).json({
                 success: false,
                 error: 'Missing required connection parameters: name, host, or username'
             });
         }
-        // Ensure port is set
-        if (!connectionConfig.port) {
-            connectionConfig.port = 22;
-        }
+        // Decrypt sensitive fields that may have been encrypted by the client
+        const connectionConfig = {
+            ...body,
+            port: body.port || 22,
+            password: decryptField(body.password),
+            privateKey: decryptField(body.privateKey),
+            passphrase: decryptField(body.passphrase),
+        };
         // Create the connection
         const connectionId = remote_connection_1.remoteConnectionManager.createConnection(connectionConfig);
         res.status(201).json({
@@ -877,17 +909,21 @@ router.post('/connections', (req, res) => {
 router.put('/connections/:connectionId', async (req, res) => {
     try {
         const { connectionId } = req.params;
-        const connectionConfig = req.body;
-        if (!connectionConfig.name || !connectionConfig.host || !connectionConfig.username) {
+        const body = req.body;
+        if (!body.name || !body.host || !body.username) {
             return res.status(400).json({
                 success: false,
                 error: 'Missing required connection parameters: name, host, or username'
             });
         }
-        // Ensure port is set
-        if (!connectionConfig.port) {
-            connectionConfig.port = 22;
-        }
+        // Decrypt sensitive fields that may have been encrypted by the client
+        const connectionConfig = {
+            ...body,
+            port: body.port || 22,
+            password: decryptField(body.password),
+            privateKey: decryptField(body.privateKey),
+            passphrase: decryptField(body.passphrase),
+        };
         // Update the connection
         const success = await remote_connection_1.remoteConnectionManager.updateConnection(connectionId, connectionConfig);
         if (!success) {

package/dist/server/routes/remoteMetrics.d.ts

@@ -0,0 +1,3 @@
+import { Router } from 'express';
+declare const router: Router;
+export default router;

package/dist/server/routes/remoteMetrics.js

@@ -0,0 +1,84 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const remote_metrics_db_1 = require("../utils/remote-metrics-db");
+const router = express_1.default.Router();
+// @group Constants : Default and maximum query bounds
+const DEFAULT_RANGE_MS = 3600000; // 1 hour
+const MAX_RANGE_MS = 7 * 24 * 3600000; // 7 days
+const MAX_POINTS = 500;
+// @group Utilities : Parse and clamp a query-string integer
+const parseIntParam = (raw, fallback, min, max) => {
+    const n = parseInt(raw, 10);
+    if (!Number.isFinite(n))
+        return fallback;
+    return Math.max(min, Math.min(max, n));
+};
+/**
+ * List all remote connections that have recorded metrics
+ * GET /api/remote-metrics/connections
+ */
+router.get('/connections', (_req, res) => {
+    try {
+        const connections = remote_metrics_db_1.remoteMetricsDB.getConnectionsWithData();
+        res.json({ success: true, connections });
+    }
+    catch (err) {
+        res.status(500).json({ success: false, error: err.message });
+    }
+});
+/**
+ * List all process names recorded for a connection
+ * GET /api/remote-metrics/:connectionId/processes
+ */
+router.get('/:connectionId/processes', (req, res) => {
+    try {
+        const { connectionId } = req.params;
+        const names = remote_metrics_db_1.remoteMetricsDB.getProcessNames(connectionId);
+        res.json({ success: true, processes: names });
+    }
+    catch (err) {
+        res.status(500).json({ success: false, error: err.message });
+    }
+});
+/**
+ * Latest snapshot (most recent metric point per process) for a connection
+ * GET /api/remote-metrics/:connectionId/snapshot
+ */
+router.get('/:connectionId/snapshot', (req, res) => {
+    try {
+        const { connectionId } = req.params;
+        const snapshot = remote_metrics_db_1.remoteMetricsDB.getLatestSnapshot(connectionId);
+        res.json({ success: true, snapshot });
+    }
+    catch (err) {
+        res.status(500).json({ success: false, error: err.message });
+    }
+});
+/**
+ * Time-series metrics for one process on a connection
+ * GET /api/remote-metrics/:connectionId/:processName
+ *   ?from=<unix-ms>  (default: now - 1h)
+ *   ?to=<unix-ms>    (default: now)
+ *   ?maxPoints=<n>   (default: 500, max: 1000)
+ */
+router.get('/:connectionId/:processName', (req, res) => {
+    try {
+        const { connectionId, processName } = req.params;
+        const now = Date.now();
+        const to = parseIntParam(req.query.to, now, 0, now + 60000);
+        const from = parseIntParam(req.query.from, to - DEFAULT_RANGE_MS, 0, now);
+        // Clamp range to max window
+        const clampedFrom = Math.max(from, to - MAX_RANGE_MS);
+        const maxPoints = parseIntParam(req.query.maxPoints, MAX_POINTS, 50, 1000);
+        const metrics = remote_metrics_db_1.remoteMetricsDB.getMetrics(connectionId, processName, clampedFrom, to, maxPoints);
+        res.json({ success: true, metrics });
+    }
+    catch (err) {
+        res.status(500).json({ success: false, error: err.message });
+    }
+});
+exports.default = router;

package/dist/server/services/ProjectSetupService.d.ts

@@ -62,7 +62,7 @@ export declare class ProjectSetupService {
     private ensureLogDirectory;
     private log;
     detectProjectType(projectPath: string): string | null;
-    setupProject(projectPath: string, projectType: string): Promise<SetupResult>;
+    setupProject(projectPath: string, projectType: string, onLog?: (msg: string) => void): Promise<SetupResult>;
     private shouldSkipStep;
     private executeStep;
     private validateSetup;

package/dist/server/services/ProjectSetupService.js

@@ -78,8 +78,9 @@ class ProjectSetupService {
         this.log('Could not detect project type');
         return null;
     }
-    async setupProject(projectPath, projectType) {
+    async setupProject(projectPath, projectType, onLog) {
         this.log(`Starting setup for ${projectType} project at: ${projectPath}`);
+        onLog === null || onLog === void 0 ? void 0 : onLog(`Starting ${projectType} project setup at: ${projectPath}`);
         const config = this.configs[projectType];
         if (!config) {
             throw new Error(`Unknown project type: ${projectType}`);
@@ -96,6 +97,7 @@ class ProjectSetupService {
             try {
                 // Check if step should be skipped
                 if (this.shouldSkipStep(step, projectPath)) {
+                    onLog === null || onLog === void 0 ? void 0 : onLog(`[SKIP] ${step.name}`);
                     result.steps.push({
                         name: step.name,
                         success: true,
@@ -106,24 +108,31 @@ class ProjectSetupService {
                     continue;
                 }
                 this.log(`Executing step: ${step.name}`);
-                const stepResult = await this.executeStep(step, projectPath, result.environment);
+                onLog === null || onLog === void 0 ? void 0 : onLog(`\n[STEP] ${step.name}`);
+                const stepResult = await this.executeStep(step, projectPath, result.environment, onLog);
                 const duration = Date.now() - stepStart;
                 result.steps.push({
                     ...stepResult,
                     duration
                 });
                 if (!stepResult.success && step.required) {
+                    onLog === null || onLog === void 0 ? void 0 : onLog(`[ERROR] Step failed: ${step.name}`);
                     result.success = false;
                     result.errors.push(`Required step failed: ${step.name} - ${stepResult.error}`);
                     break;
                 }
                 else if (!stepResult.success) {
+                    onLog === null || onLog === void 0 ? void 0 : onLog(`[WARN] Optional step failed: ${step.name}`);
                     result.warnings.push(`Optional step failed: ${step.name} - ${stepResult.error}`);
                 }
+                else {
+                    onLog === null || onLog === void 0 ? void 0 : onLog(`[OK] ${step.name} completed (${duration}ms)`);
+                }
             }
             catch (error) {
                 const duration = Date.now() - stepStart;
                 const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+                onLog === null || onLog === void 0 ? void 0 : onLog(`[ERROR] ${step.name}: ${errorMessage}`);
                 result.steps.push({
                     name: step.name,
                     success: false,
@@ -152,13 +161,13 @@ class ProjectSetupService {
                 result.environment.PYTHON_INTERPRETER = venvPath;
             }
         }
-        // Validate the setup
+        // Validate the setup (advisory only — step success/failure is the real gate)
         const validationResult = await this.validateSetup(projectPath, config);
         if (!validationResult.success) {
-            result.success = false;
-            result.errors.push(...validationResult.errors);
+            result.warnings.push(...validationResult.errors);
         }
         this.log(`Setup completed. Success: ${result.success}`);
+        onLog === null || onLog === void 0 ? void 0 : onLog(`\nSetup ${result.success ? 'completed successfully' : 'failed'}.`);
         return result;
     }
     shouldSkipStep(step, projectPath) {
@@ -216,7 +225,7 @@ class ProjectSetupService {
         }
         return false;
     }
-    async executeStep(step, projectPath, environment) {
+    async executeStep(step, projectPath, environment, onLog) {
         const workingDir = step.workingDirectory === 'project' ? projectPath : process.cwd();
         let command = step.command;
         // Handle virtual environment activation for Python
@@ -245,13 +254,20 @@ class ProjectSetupService {
             (_a = child.stdout) === null || _a === void 0 ? void 0 : _a.on('data', (data) => {
                 const text = data.toString();
                 output += text;
-                // Log real-time output for debugging
-                console.log(`[${step.name}] ${text.trim()}`);
+                for (const line of text.split('\n')) {
+                    const trimmed = line.trim();
+                    if (trimmed)
+                        onLog === null || onLog === void 0 ? void 0 : onLog(trimmed);
+                }
             });
             (_b = child.stderr) === null || _b === void 0 ? void 0 : _b.on('data', (data) => {
                 const text = data.toString();
                 error += text;
-                console.error(`[${step.name}] ERROR: ${text.trim()}`);
+                for (const line of text.split('\n')) {
+                    const trimmed = line.trim();
+                    if (trimmed)
+                        onLog === null || onLog === void 0 ? void 0 : onLog(`[WARN] ${trimmed}`);
+                }
             });
             child.on('close', (code) => {
                 const success = code === 0;

package/dist/server/utils/encryption.d.ts

@@ -10,3 +10,25 @@ export declare function encrypt(text: string): string;
  * @returns The decrypted text
  */
 export declare function decrypt(encryptedText: string): string;
+/**
+ * Returns the server's RSA public key in PEM (SPKI) format.
+ * Expose this via a GET endpoint so clients can encrypt before sending.
+ */
+export declare function getRSAPublicKey(): string;
+/**
+ * Hybrid-encrypted payload sent by the client.
+ * - encryptedKey : RSA-OAEP encrypted 256-bit AES key (base64)
+ * - iv           : 12-byte AES-GCM IV (base64)
+ * - data         : AES-256-GCM ciphertext + 16-byte auth-tag (base64)
+ */
+export interface EncryptedPayload {
+    encryptedKey: string;
+    iv: string;
+    data: string;
+}
+/**
+ * Decrypts a hybrid-encrypted payload produced by the client.
+ * 1. Unwraps the AES key with RSA-OAEP (SHA-256)
+ * 2. Decrypts the data with AES-256-GCM
+ */
+export declare function decryptTransitPayload(payload: EncryptedPayload): string;

package/dist/server/utils/encryption.js

@@ -5,6 +5,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.encrypt = encrypt;
 exports.decrypt = decrypt;
+exports.getRSAPublicKey = getRSAPublicKey;
+exports.decryptTransitPayload = decryptTransitPayload;
 /**
  * Utility for encrypting and decrypting sensitive data
  */
@@ -58,3 +60,54 @@ function decrypt(encryptedText) {
         return '';
     }
 }
+// ---------------------------------------------------------------------------
+// RSA-OAEP key pair for in-transit encryption
+// A fresh key pair is generated once per server process and kept in memory.
+// The public key is shared with clients so they can encrypt sensitive fields
+// before sending them over the network. The private key never leaves the server.
+// ---------------------------------------------------------------------------
+let _rsaPrivateKey = null;
+let _rsaPublicKeyPem = null;
+function getOrCreateRSAKeyPair() {
+    if (!_rsaPrivateKey || !_rsaPublicKeyPem) {
+        const { privateKey, publicKey } = crypto_1.default.generateKeyPairSync('rsa', {
+            modulusLength: 2048,
+        });
+        _rsaPrivateKey = privateKey;
+        _rsaPublicKeyPem = publicKey.export({ type: 'spki', format: 'pem' });
+    }
+    return { publicKeyPem: _rsaPublicKeyPem, privateKey: _rsaPrivateKey };
+}
+/**
+ * Returns the server's RSA public key in PEM (SPKI) format.
+ * Expose this via a GET endpoint so clients can encrypt before sending.
+ */
+function getRSAPublicKey() {
+    return getOrCreateRSAKeyPair().publicKeyPem;
+}
+/**
+ * Decrypts a hybrid-encrypted payload produced by the client.
+ * 1. Unwraps the AES key with RSA-OAEP (SHA-256)
+ * 2. Decrypts the data with AES-256-GCM
+ */
+function decryptTransitPayload(payload) {
+    const { privateKey } = getOrCreateRSAKeyPair();
+    // Step 1 — decrypt the AES-256 key with RSA-OAEP / SHA-256
+    const encryptedAesKey = Buffer.from(payload.encryptedKey, 'base64');
+    const aesKey = crypto_1.default.privateDecrypt({
+        key: privateKey,
+        padding: crypto_1.default.constants.RSA_PKCS1_OAEP_PADDING,
+        oaepHash: 'sha256',
+    }, encryptedAesKey);
+    // Step 2 — decrypt data with AES-256-GCM
+    // WebCrypto appends the 16-byte auth tag at the end of the ciphertext buffer
+    const iv = Buffer.from(payload.iv, 'base64');
+    const encryptedBuf = Buffer.from(payload.data, 'base64');
+    const authTag = encryptedBuf.slice(encryptedBuf.length - 16);
+    const ciphertext = encryptedBuf.slice(0, encryptedBuf.length - 16);
+    const decipher = crypto_1.default.createDecipheriv('aes-256-gcm', aesKey, iv);
+    decipher.setAuthTag(authTag);
+    let decrypted = decipher.update(ciphertext, undefined, 'utf8');
+    decrypted += decipher.final('utf8');
+    return decrypted;
+}

package/dist/server/utils/metrics-history.d.ts

@@ -0,0 +1,21 @@
+export interface MetricPoint {
+    timestamp: number;
+    cpu: number;
+    memory: number;
+    memoryMB: number;
+    memoryPercent: number;
+}
+export interface ProcessHistory {
+    pm_id: number;
+    name: string;
+    status: string;
+    history: MetricPoint[];
+}
+declare class MetricsHistoryStore {
+    private readonly store;
+    record(processList: any[]): void;
+    getOne(pm_id: number): ProcessHistory | null;
+    getAll(): ProcessHistory[];
+}
+export declare const metricsHistory: MetricsHistoryStore;
+export {};

package/dist/server/utils/metrics-history.js

@@ -0,0 +1,68 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.metricsHistory = void 0;
+const os_1 = __importDefault(require("os"));
+// @group Constants : Ring-buffer capacity — 60 points × 3 s = 3 minutes of history
+const MAX_POINTS = 60;
+// @group MetricsHistory : In-memory ring buffer; key = pm_id (string)
+class MetricsHistoryStore {
+    constructor() {
+        this.store = new Map();
+    }
+    // @group MetricsHistory : Record a snapshot from the PM2 process list
+    record(processList) {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+        const totalMem = os_1.default.totalmem();
+        const seen = new Set();
+        for (const proc of processList) {
+            const pm_id = proc.pm_id;
+            seen.add(pm_id);
+            const cpu = (_b = (_a = proc.monit) === null || _a === void 0 ? void 0 : _a.cpu) !== null && _b !== void 0 ? _b : 0;
+            const memory = (_d = (_c = proc.monit) === null || _c === void 0 ? void 0 : _c.memory) !== null && _d !== void 0 ? _d : 0;
+            const point = {
+                timestamp: Date.now(),
+                cpu: parseFloat(cpu.toFixed(2)),
+                memory,
+                memoryMB: parseFloat((memory / 1048576).toFixed(2)),
+                memoryPercent: parseFloat(((memory / totalMem) * 100).toFixed(2)),
+            };
+            if (!this.store.has(pm_id)) {
+                this.store.set(pm_id, {
+                    pm_id,
+                    name: (_e = proc.name) !== null && _e !== void 0 ? _e : String(pm_id),
+                    status: (_g = (_f = proc.pm2_env) === null || _f === void 0 ? void 0 : _f.status) !== null && _g !== void 0 ? _g : 'unknown',
+                    history: [],
+                });
+            }
+            const entry = this.store.get(pm_id);
+            // Refresh mutable fields on every poll
+            entry.name = (_h = proc.name) !== null && _h !== void 0 ? _h : entry.name;
+            entry.status = (_k = (_j = proc.pm2_env) === null || _j === void 0 ? void 0 : _j.status) !== null && _k !== void 0 ? _k : entry.status;
+            // Append point, trim to ring-buffer size
+            entry.history.push(point);
+            if (entry.history.length > MAX_POINTS) {
+                entry.history.shift();
+            }
+        }
+        // Remove processes that no longer exist in PM2
+        for (const id of this.store.keys()) {
+            if (!seen.has(id)) {
+                this.store.delete(id);
+            }
+        }
+    }
+    // @group MetricsHistory : Return history for a single process; null if not found
+    getOne(pm_id) {
+        var _a;
+        return (_a = this.store.get(pm_id)) !== null && _a !== void 0 ? _a : null;
+    }
+    // @group MetricsHistory : Return history for all tracked processes
+    getAll() {
+        return Array.from(this.store.values());
+    }
+}
+// @group Exports : Singleton instance used across the server
+exports.metricsHistory = new MetricsHistoryStore();

package/dist/server/utils/remote-connection.js

@@ -78,9 +78,9 @@ class RemoteConnection extends events_1.EventEmitter {
                 host: this.config.host,
                 port: this.config.port || 22,
                 username: this.config.username,
-                // Add reasonable timeouts
-                readyTimeout: 10000,
-                keepaliveInterval: 30000
+                // Add reasonable timeouts optimized for VPN/remote scenarios
+                readyTimeout: 20000, // 20 seconds to establish connection (was 10s)
+                keepaliveInterval: 10000 // Send keepalive every 10 seconds (was 30s) for aggressive firewalls
             };
             // Debug output
             console.log(`Connecting to ${this.config.host}:${this.config.port} as ${this.config.username}`);

package/dist/server/utils/remote-metrics-db.d.ts

@@ -0,0 +1,29 @@
+export interface RemoteMetricRow {
+    id: number;
+    connection_id: string;
+    connection_name: string;
+    process_name: string;
+    pm_id: number;
+    timestamp: number;
+    cpu: number;
+    memory_bytes: number;
+    memory_mb: number;
+}
+declare class RemoteMetricsDB {
+    private db;
+    constructor();
+    private initSchema;
+    private purgeOld;
+    insert(row: Omit<RemoteMetricRow, 'id'>): void;
+    insertBatch(rows: Omit<RemoteMetricRow, 'id'>[]): void;
+    getConnectionsWithData(): {
+        id: string;
+        name: string;
+    }[];
+    getProcessNames(connectionId: string): string[];
+    getMetrics(connectionId: string, processName: string, from: number, to: number, maxPoints?: number): RemoteMetricRow[];
+    getLatestSnapshot(connectionId: string): RemoteMetricRow[];
+    close(): void;
+}
+export declare const remoteMetricsDB: RemoteMetricsDB;
+export {};