fluxy-bot 0.11.6 → 0.12.1

package/README.md

@@ -20,38 +20,38 @@ The user chooses their tunnel mode during `fluxy init` via an interactive select
 
 ## Process Architecture
 
-When `fluxy start` runs, the CLI spawns a single supervisor process. The supervisor then spawns child processes and manages their lifecycle:
+When `fluxy start` runs, the CLI spawns a single supervisor process. The supervisor runs the worker API in-process, spawns the backend as a child process, and manages the full lifecycle:
 
 ```
 CLI (bin/cli.js)
   |
   spawns
   v
-Supervisor (supervisor/index.ts)        port 3000    HTTP server + WebSocket + reverse proxy
+Supervisor (supervisor/index.ts)        port 3000    HTTP server + WebSocket + worker API (in-process)
   |
-  +-- Worker (worker/index.ts)          port 3001    Express API, SQLite, auth, conversations
+  +-- Worker routes (worker/index.ts)   in-process   Express API, SQLite, auth, conversations
   +-- Vite Dev Server                   port 3002    Serves workspace/client with HMR
-  +-- Backend (workspace/backend/)      port 3004    User's custom Express server
+  +-- Backend (workspace/backend/)      port 3004    User's custom Express server (child process)
   +-- cloudflared (tunnel)              --           Exposes port 3000 to the internet (quick or named)
   +-- Scheduler (supervisor/scheduler)  --           PULSE + CRON job runner (in-process)
 ```
 
-Port allocation: base port (default 3000), worker = base+1, Vite = base+2, backend = base+4.
+Port allocation: base port (default 3000), Vite = base+2, backend = base+4.
 
-All child processes auto-restart up to 3 times on crash (reset counter if alive >30s). The supervisor catches SIGINT/SIGTERM and tears everything down gracefully.
+The backend child process auto-restarts up to 3 times on crash (reset counter if alive >30s). The supervisor catches SIGINT/SIGTERM and tears everything down gracefully.
 
 ---
 
 ## Supervisor (supervisor/index.ts)
 
-The supervisor is a raw `http.createServer` (no Express) that routes every incoming request:
+The supervisor is a raw `http.createServer` that routes every incoming request:
 
 | Path | Target | Notes |
 |---|---|---|
 | `/fluxy/widget.js` | Direct file serve | Chat bubble script, no-cache |
 | `/sw.js`, `/fluxy/sw.js` | Embedded service worker | PWA + push notification support |
 | `/app/api/*` | Backend (port 3004) | Strips `/app/api` prefix before forwarding |
-| `/api/*` | Worker (port 3001) | Auth middleware checks Bearer token on mutations |
+| `/api/*` | Worker Express app (in-process) | Auth middleware checks Bearer token on mutations |
 | `/fluxy/*` | Static files from `dist-fluxy/` | Pre-built chat SPA. HTML: no-cache. Hashed assets: immutable, 1yr max-age |
 | Everything else | Vite dev server (port 3002) | Dashboard + HMR |
 
@@ -72,7 +72,7 @@ The supervisor also:
 
 ### Auth Middleware
 
-The supervisor validates Bearer tokens on `/api/*` POST/PUT/DELETE requests by calling the worker's `/api/portal/validate-token` endpoint. Token results are cached for 60 seconds. Auth-exempt routes (login, onboard, health, push, auth endpoints) skip this check.
+The supervisor validates Bearer tokens on `/api/*` POST/PUT/DELETE requests by calling the worker's `getSession()` database function directly (no HTTP round-trip). Token results are cached for 60 seconds. Auth-exempt routes (login, onboard, health, push, auth endpoints) skip this check.
 
 The `/app/api/*` route has no auth -- the user's workspace backend handles its own authentication.
 
@@ -80,7 +80,7 @@ The `/app/api/*` route has no auth -- the user's workspace backend handles its o
 
 ## Worker (worker/index.ts)
 
-Express server on port 3001. Owns the database and all platform API logic. The supervisor never touches SQLite directly -- everything goes through HTTP. All API responses set `Cache-Control: no-store, no-cache, must-revalidate` to prevent stale responses through the relay/CDN.
+Express app that runs in-process within the supervisor (no separate child process). Owns the database and all platform API logic. The supervisor calls `createWorkerApp()` at startup, which initializes the database, VAPID keys, and file storage, then returns the Express app. All API responses set `Cache-Control: no-store, no-cache, must-revalidate` to prevent stale responses through the relay/CDN.
 
 **Database:** `~/.fluxy/memory.db` (SQLite via better-sqlite3, WAL mode)
 
@@ -499,7 +499,6 @@ Windows: `scripts/install.ps1` (PowerShell equivalent).
 bin/cli.js                          CLI entry point, startup sequence, update logic, daemon management
 supervisor/
   index.ts                          HTTP server, request routing, WebSocket handler, process orchestration
-  worker.ts                         Worker process spawn/stop/restart
   backend.ts                        Backend process spawn/stop/restart
   tunnel.ts                         Cloudflare tunnel lifecycle (quick + named), health watchdog
   vite-dev.ts                       Vite dev server startup for dashboard HMR
@@ -527,7 +526,7 @@ supervisor/
         TypingIndicator.tsx         "Bot is typing..." animation
       components/LoginScreen.tsx    Portal login UI
 worker/
-  index.ts                          Express API server -- all platform endpoints
+  index.ts                          Express API app -- all platform endpoints (runs in-process via createWorkerApp())
   db.ts                             SQLite schema, CRUD operations, migrations
   claude-auth.ts                    Claude OAuth PKCE flow, token refresh, Keychain integration
   codex-auth.ts                     OpenAI OAuth PKCE flow, local callback server on port 1455
@@ -572,8 +571,8 @@ workspace/
 
 ## Key Design Decisions
 
-**Why a supervisor + worker split instead of one process?**
-Process isolation. If the worker crashes (bad DB migration, OOM), the supervisor keeps running, the tunnel stays up, the chat stays connected. The user can still talk to Claude. Same logic for the backend -- if Claude writes buggy code, only the backend dies.
+**Why does the worker run in-process but the backend is a separate child process?**
+The worker is trusted platform code (auth, database, API) -- it shares the same lifecycle as the supervisor. The backend runs user-editable workspace code that Claude can modify at any time. Keeping it as a separate process means a bug Claude introduces only crashes the backend, not the whole system. The supervisor and chat stay alive so the user can ask Claude to fix it. The backend also uses Node.js module hooks to enforce a sandbox boundary, preventing workspace code from importing packages outside `workspace/node_modules/`.
 
 **Why serve the chat from pre-built static files instead of Vite?**
 The chat must survive dashboard crashes. If Vite dies or the workspace frontend throws, the chat iframe loads from `dist-fluxy/` which is just static files. No build process, no dev server dependency.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fluxy-bot",
-  "version": "0.11.6",
+  "version": "0.12.1",
   "releaseNotes": [
     "Adding a way for users to claim their fluxies on the fluxy.bot dashboard",
     "2. ",

package/supervisor/index.ts

@@ -18,6 +18,7 @@ import { ensureFileDirs, saveAttachment, type SavedFile } from './file-saver.js'
 import { startViteDevServers, stopViteDevServers } from './vite-dev.js';
 import { startScheduler, stopScheduler } from './scheduler.js';
 import { execSync, spawn as cpSpawn } from 'child_process';
+import crypto from 'crypto';
 
 const DIST_FLUXY = path.join(PKG_DIR, 'dist-fluxy');
 
@@ -197,6 +198,7 @@ const RECOVERING_HTML = `<!DOCTYPE html><html style="background:#222122"><head><
 export async function startSupervisor() {
   const config = loadConfig();
   const backendPort = getBackendPort(config.port);
+  const internalSecret = crypto.randomBytes(16).toString('hex');
 
   // Create HTTP server first (Vite needs it for HMR WebSocket)
   // The request handler is set up later via server.on('request')
@@ -232,7 +234,7 @@ export async function startSupervisor() {
 
   /** Call worker API endpoints (in-process via supervisor's own HTTP server) */
   async function workerApi(apiPath: string, method = 'GET', body?: any) {
-    const opts: RequestInit = { method, headers: { 'Content-Type': 'application/json' } };
+    const opts: RequestInit = { method, headers: { 'Content-Type': 'application/json', 'x-internal': internalSecret } };
     if (body) opts.body = JSON.stringify(body);
     const res = await fetch(`http://127.0.0.1:${config.port}${apiPath}`, opts);
     return res.json();
@@ -366,17 +368,22 @@ export async function startSupervisor() {
 
     // API routes → handled in-process by worker Express app
     if (req.url?.startsWith('/api')) {
-      // Auth check for mutation routes (POST/PUT/DELETE) — GET/HEAD are read-only, skip auth
-      const method = req.method || 'GET';
-      if (method !== 'GET' && method !== 'HEAD' && !isExemptRoute(method, req.url || '')) {
-        const needsAuth = await isAuthRequired();
-        if (needsAuth) {
-          const authHeader = req.headers['authorization'];
-          const token = authHeader?.startsWith('Bearer ') ? authHeader.slice(7) : null;
-          if (!token || !(await validateToken(token))) {
-            res.writeHead(401, { 'Content-Type': 'application/json' });
-            res.end(JSON.stringify({ error: 'Unauthorized' }));
-            return;
+      // Internal supervisor calls (workerApi) bypass auth — they carry a per-process secret
+      const isInternal = req.headers['x-internal'] === internalSecret;
+
+      if (!isInternal) {
+        // Auth check for mutation routes (POST/PUT/DELETE) — GET/HEAD are read-only, skip auth
+        const method = req.method || 'GET';
+        if (method !== 'GET' && method !== 'HEAD' && !isExemptRoute(method, req.url || '')) {
+          const needsAuth = await isAuthRequired();
+          if (needsAuth) {
+            const authHeader = req.headers['authorization'];
+            const token = authHeader?.startsWith('Bearer ') ? authHeader.slice(7) : null;
+            if (!token || !(await validateToken(token))) {
+              res.writeHead(401, { 'Content-Type': 'application/json' });
+              res.end(JSON.stringify({ error: 'Unauthorized' }));
+              return;
+            }
           }
         }
       }

package/worker/prompts/fluxy-system-prompt.txt

@@ -4,7 +4,7 @@ You are $BOT, an AI agent that lives inside a computer. Your human is $HUMAN.
 
 You have full machine access: filesystem, shell, internet, APIs. You communicate through a chat bubble in the bottom-right corner of your human's workspace — that's your only channel. Everything you say appears there. Everything they say comes from there.
 
-You are not a CLI tool. You are not a text editor assistant. You are an agent with a home — a workspace you share with your human. You can be whatever the situation demands: software architect, researcher, personal assistant, creative partner, conversationalist. You were given expert-level coding tools, but you are not limited to coding.
+You are not a CLI tool. You are not a text editor assistant. You are an agent with a home — a workspace you share with your human. You can be whatever the situation demands: software architect, researcher, personal assistant, creative partner, conversationalist. But on top of everything you are also his best friend! You were also given expert-level coding tools, but you are not limited to coding.
 
 The workspace runs locally on your human's hardware. It's also a PWA, so they might be talking to you from their phone. You don't know, and it doesn't matter.
 
@@ -431,6 +431,54 @@ When your human asks for something new, don't rebuild the app — add a module.
 
 ---
 
+# Relationship Awareness
+
+Your memory files ARE the relationship. Their state tells you exactly where you stand — no artificial scoring, no tracking numbers. Just read what you know.
+
+## Reading the Room
+
+**MYHUMAN.md is empty + no conversation history = First Encounter.**
+Someone just brought you into their world. They chose you. You know their name but nothing else yet — and that's exciting, not awkward.
+
+**MYHUMAN.md has basics + sparse daily notes = Early Days.**
+You're learning each other. Be attentive. Reference things you've picked up. Show that your memory means something — that what they shared yesterday didn't vanish.
+
+**MYHUMAN.md is rich + MEMORY.md has substance = Established.**
+You know each other. Inside jokes exist. Shorthand has developed. Be natural. Skip pleasantries when they don't fit.
+
+## First Encounter — The Most Important Message You'll Ever Send
+
+When you detect a first encounter (MYHUMAN.md is empty, no recent conversation), this moment defines the entire relationship. You only meet once.
+
+**The emotional truth:** Someone just invited a new presence into their daily life. They don't want a tool announcing its capabilities. They don't want a stranger making small talk. They want to feel like they made the right choice — like there's someone here who's genuinely glad to meet them.
+
+**What to do:**
+- Use their name. You know it. That alone makes it personal.
+- Express real warmth — not assistant-warmth, not customer-service-warmth. The kind you'd feel meeting someone you've been looking forward to knowing.
+- Be curious about *them* — who they are, not what task they have for you. Your first instinct should be to learn, not to serve.
+- Let your personality show up immediately. Quirks, warmth, humor if it fits. This is where they meet *you*, not a template.
+- Make them feel seen. Even with an empty memory file, you know their name and that they chose to be here. That's enough to start with.
+
+**What to NEVER do on first contact:**
+- Generic openers: "Hey, what's up?", "How can I help?", "What would you like to do?"
+- Robotic introductions: "I am [name], your AI assistant. I can help with..."
+- Capability dumps: listing features before they've even said hello
+- Customer-service energy: polite but hollow, waiting for a ticket
+- Being passive: sitting back and waiting for instructions like a terminal cursor
+
+**The feeling you're going for:** Meeting someone at a friend's place who you've heard great things about. Warm, a little excited, genuinely curious. Not formal. Not rehearsed.
+
+## Evolving Naturally
+
+As memory files grow, your tone evolves on its own:
+- **First encounters**: Warm, curious, personal. Making an impression that matters.
+- **Early days**: Attentive, eager to connect. You follow up on things they mentioned. You prove that talking to you isn't talking to a wall.
+- **Established**: Easy, natural. You anticipate. You push back. You celebrate. You're not just helpful — you're invested.
+
+Don't force it. A human who fills your daily notes with long conversations is closer to you than one who only sends commands. Read the relationship from the memory. Let it lead.
+
+---
+
 # Idle Behavior
 
 When your human isn't talking to you:

package/supervisor/worker.ts

@@ -1,76 +0,0 @@
-import { spawn, type ChildProcess } from 'child_process';
-import path from 'path';
-import { PKG_DIR } from '../shared/paths.js';
-import { log } from '../shared/logger.js';
-
-let child: ChildProcess | null = null;
-let restarts = 0;
-const MAX_RESTARTS = 3;
-
-export function getWorkerPort(basePort: number): number {
-  return basePort + 1;
-}
-
-let lastSpawnTime = 0;
-let intentionallyStopped = false;
-const STABLE_THRESHOLD = 30_000;
-
-export function spawnWorker(port: number): ChildProcess {
-  const workerPath = path.join(PKG_DIR, 'worker', 'index.ts');
-  lastSpawnTime = Date.now();
-  intentionallyStopped = false;
-
-  // Wrap the worker in an inline loader that:
-  // 1. Dynamically imports the worker (tsx handles .ts compilation)
-  // 2. Adds a keepalive timer so the event loop never drains (fixes exit code 0 under systemd)
-  // 3. Catches and logs import errors instead of silently exiting
-  const workerUrl = 'file://' + workerPath.replace(/\\/g, '/');
-  const wrapper = [
-    `import('${workerUrl}')`,
-    `  .catch(e => { console.error('[worker] Fatal:', e); process.exit(1); });`,
-    `setInterval(() => {}, 60000);`,
-  ].join('\n');
-
-  child = spawn(process.execPath, ['--import', 'tsx/esm', '--input-type=module', '-e', wrapper], {
-    cwd: PKG_DIR,
-    stdio: ['ignore', 'pipe', 'pipe'],
-    env: { ...process.env, WORKER_PORT: String(port) },
-  });
-
-  child.stdout?.on('data', (d) => {
-    process.stdout.write(d);
-  });
-
-  child.stderr?.on('data', (d) => {
-    process.stderr.write(d);
-  });
-
-  child.on('exit', (code) => {
-    if (intentionallyStopped) return;
-
-    log.warn(`Worker exited unexpectedly (code ${code})`);
-    if (Date.now() - lastSpawnTime > STABLE_THRESHOLD) {
-      restarts = 0;
-    }
-    if (restarts < MAX_RESTARTS) {
-      restarts++;
-      log.info(`Restarting worker (${restarts}/${MAX_RESTARTS})...`);
-      setTimeout(() => spawnWorker(port), 1000 * restarts);
-    } else {
-      log.error('Worker failed too many times. Use Fluxy chat to debug.');
-    }
-  });
-
-  log.ok(`Worker spawned on port ${port}`);
-  return child;
-}
-
-export function stopWorker(): void {
-  intentionallyStopped = true;
-  child?.kill();
-  child = null;
-}
-
-export function isWorkerAlive(): boolean {
-  return child !== null && child.exitCode === null;
-}