lightman-agent 1.0.0

package/src/services/serviceLauncher.ts

@@ -0,0 +1,183 @@
+import { spawn, execSync } from 'child_process';
+import type { ChildProcess } from 'child_process';
+import { resolve } from 'path';
+import type { Logger } from '../lib/logger.js';
+
+interface ManagedService {
+  name: string;
+  cwd: string;
+  command: string;
+  args: string[];
+  port: number;
+  process: ChildProcess | null;
+}
+
+export class ServiceLauncher {
+  private services: ManagedService[] = [];
+  private logger: Logger;
+  private projectRoot: string;
+
+  constructor(logger: Logger, projectRoot: string) {
+    this.logger = logger;
+    this.projectRoot = projectRoot;
+  }
+
+  /**
+   * Kill any existing processes on managed ports, then start fresh.
+   */
+  async startAll(): Promise<void> {
+    const npmCmd = process.platform === 'win32' ? 'npm.cmd' : 'npm';
+
+    this.services = [
+      {
+        name: 'server',
+        cwd: resolve(this.projectRoot, 'server'),
+        command: npmCmd,
+        args: ['run', 'dev'],
+        port: 3401,
+        process: null,
+      },
+      {
+        name: 'display',
+        cwd: resolve(this.projectRoot, 'display'),
+        command: npmCmd,
+        args: ['run', 'dev'],
+        port: 3403,
+        process: null,
+      },
+    ];
+
+    // Kill anything already on these ports for a clean start
+    for (const svc of this.services) {
+      await this.killProcessOnPort(svc.port);
+    }
+
+    // Small delay to let ports free up
+    await new Promise((r) => setTimeout(r, 1_000));
+
+    for (const svc of this.services) {
+      this.logger.info(`Starting ${svc.name} (port ${svc.port})...`);
+      svc.process = spawn(svc.command, svc.args, {
+        cwd: svc.cwd,
+        stdio: 'pipe',
+        detached: false,
+        shell: true,
+      });
+
+      svc.process.stdout?.on('data', (data: Buffer) => {
+        const lines = data.toString().trim();
+        if (lines) this.logger.debug(`[${svc.name}] ${lines}`);
+      });
+
+      svc.process.stderr?.on('data', (data: Buffer) => {
+        const lines = data.toString().trim();
+        if (lines) this.logger.debug(`[${svc.name}:err] ${lines}`);
+      });
+
+      svc.process.on('exit', (code) => {
+        this.logger.warn(`${svc.name} exited with code ${code}`);
+        svc.process = null;
+      });
+
+      svc.process.on('error', (err) => {
+        this.logger.error(`${svc.name} spawn error: ${err.message}`);
+        svc.process = null;
+      });
+    }
+
+    // Wait for each service to become reachable
+    for (const svc of this.services) {
+      await this.waitForPort(svc.name, svc.port, 60_000);
+    }
+
+    this.logger.info('All services started successfully');
+  }
+
+  /**
+   * Stop all managed services.
+   */
+  stopAll(): void {
+    for (const svc of this.services) {
+      if (svc.process) {
+        this.logger.info(`Stopping ${svc.name} (pid ${svc.process.pid})...`);
+        try {
+          if (process.platform === 'win32') {
+            spawn('taskkill', ['/pid', String(svc.process.pid), '/T', '/F'], {
+              stdio: 'ignore',
+              shell: true,
+            });
+          } else {
+            svc.process.kill('SIGTERM');
+          }
+        } catch {
+          // already dead
+        }
+        svc.process = null;
+      }
+    }
+  }
+
+  isRunning(name: string): boolean {
+    const svc = this.services.find((s) => s.name === name);
+    return svc?.process !== null && svc?.process?.exitCode === null;
+  }
+
+  private async killProcessOnPort(port: number): Promise<void> {
+    try {
+      if (process.platform === 'win32') {
+        // Find PID using the port on Windows
+        const result = execSync(
+          `netstat -ano | findstr :${port} | findstr LISTENING`,
+          { encoding: 'utf-8', timeout: 5_000 }
+        ).trim();
+        const lines = result.split('\n');
+        const pids = new Set<string>();
+        for (const line of lines) {
+          const parts = line.trim().split(/\s+/);
+          const pid = parts[parts.length - 1];
+          if (pid && pid !== '0') pids.add(pid);
+        }
+        for (const pid of pids) {
+          this.logger.info(`Killing existing process on port ${port} (pid ${pid})`);
+          try {
+            execSync(`taskkill /pid ${pid} /T /F`, { timeout: 5_000 });
+          } catch {
+            // process may already be gone
+          }
+        }
+      } else {
+        // Unix: use fuser or lsof
+        try {
+          execSync(`fuser -k ${port}/tcp`, { timeout: 5_000 });
+          this.logger.info(`Killed existing process on port ${port}`);
+        } catch {
+          // no process on port, that's fine
+        }
+      }
+    } catch {
+      // No process found on port — that's fine
+    }
+  }
+
+  private async waitForPort(name: string, port: number, timeoutMs: number): Promise<void> {
+    const start = Date.now();
+    const interval = 1_500;
+
+    while (Date.now() - start < timeoutMs) {
+      try {
+        const res = await fetch(`http://localhost:${port}/`, {
+          signal: AbortSignal.timeout(2_000),
+        });
+        if (res.status > 0) {
+          this.logger.info(`${name} is ready on port ${port}`);
+          return;
+        }
+      } catch {
+        // not ready yet
+      }
+      await new Promise((r) => setTimeout(r, interval));
+    }
+
+    this.logger.warn(`${name} did not become ready on port ${port} within ${timeoutMs}ms, continuing anyway`);
+  }
+}

package/src/services/staticServer.ts

@@ -0,0 +1,226 @@
+import { createServer, request as httpRequest, type IncomingMessage, type ServerResponse } from 'http';
+import { createReadStream, statSync, existsSync } from 'fs';
+import { resolve, extname, join } from 'path';
+import { WebSocket, WebSocketServer } from 'ws';
+import type { Logger } from '../lib/logger.js';
+
+const MIME: Record<string, string> = {
+  '.html': 'text/html; charset=utf-8',
+  '.js':   'application/javascript',
+  '.css':  'text/css',
+  '.json': 'application/json',
+  '.png':  'image/png',
+  '.jpg':  'image/jpeg',
+  '.svg':  'image/svg+xml',
+  '.ico':  'image/x-icon',
+  '.woff': 'font/woff',
+  '.woff2': 'font/woff2',
+  '.ttf':  'font/ttf',
+  '.mp4':  'video/mp4',
+  '.webm': 'video/webm',
+};
+
+export class StaticServer {
+  private port: number;
+  private distPath: string;
+  private serverUrl: string;
+  private logger: Logger;
+  private server: ReturnType<typeof createServer> | null = null;
+
+  constructor(port: number, distPath: string, serverUrl: string, logger: Logger) {
+    this.port = port;
+    this.distPath = distPath;
+    this.serverUrl = serverUrl;
+    this.logger = logger;
+  }
+
+  start(): void {
+    if (!existsSync(this.distPath)) {
+      this.logger.warn(`StaticServer: dist path not found: ${this.distPath}`);
+      return;
+    }
+
+    this.server = createServer((req: IncomingMessage, res: ServerResponse) => {
+      this.handle(req, res);
+    });
+
+    // Proxy WebSocket upgrades (/ws/*) to the real server
+    this.server.on('upgrade', (req, socket, head) => {
+      const upstream = new URL(req.url || '/', this.serverUrl);
+      const wsUrl = upstream.toString().replace(/^http/, 'ws');
+      this.logger.debug(`WS proxy: ${req.url} → ${wsUrl}`);
+
+      const upstreamWs = new WebSocket(wsUrl, {
+        headers: { ...req.headers, host: new URL(this.serverUrl).host },
+      });
+
+      upstreamWs.on('open', () => {
+        const wss = new WebSocketServer({ noServer: true });
+        wss.handleUpgrade(req, socket, head, (clientWs) => {
+          // Pipe client ↔ upstream
+          clientWs.on('message', (data, isBinary) => {
+            if (upstreamWs.readyState === WebSocket.OPEN) {
+              upstreamWs.send(data, { binary: isBinary });
+            }
+          });
+          upstreamWs.on('message', (data, isBinary) => {
+            if (clientWs.readyState === WebSocket.OPEN) {
+              clientWs.send(data, { binary: isBinary });
+            }
+          });
+          clientWs.on('close', () => upstreamWs.close());
+          upstreamWs.on('close', () => clientWs.close());
+          clientWs.on('error', () => upstreamWs.close());
+          upstreamWs.on('error', () => clientWs.close());
+        });
+      });
+
+      upstreamWs.on('error', (err) => {
+        this.logger.warn(`WS proxy error: ${err.message}`);
+        socket.destroy();
+      });
+    });
+
+    this.server.listen(this.port, '0.0.0.0', () => {
+      this.logger.info(`Display static server listening on port ${this.port} (proxy → ${this.serverUrl})`);
+    });
+
+    this.server.on('error', (err) => {
+      this.logger.error(`StaticServer error: ${err.message}`);
+    });
+  }
+
+  stop(): void {
+    if (this.server) {
+      this.server.close();
+      this.server = null;
+      this.logger.info('Display static server stopped');
+    }
+  }
+
+  private handle(req: IncomingMessage, res: ServerResponse): void {
+    const rawUrl = req.url || '/';
+    const path = rawUrl.split('?')[0];
+
+    // Proxy /api/* and /storage/* to the real server
+    if (path.startsWith('/api/') || path.startsWith('/storage/')) {
+      this.proxyHttp(req, res);
+      return;
+    }
+
+    // Proxy /display/* to the server first (always get latest build).
+    // Only fall back to local files if server is unreachable.
+    if (path.startsWith('/display')) {
+      this.proxyWithFallback(req, res);
+      return;
+    }
+
+    // Serve static files for non-display paths
+    this.serveStatic(req, res);
+  }
+
+  private proxyHttp(req: IncomingMessage, res: ServerResponse): void {
+    const target = new URL(this.serverUrl);
+    const options = {
+      hostname: target.hostname,
+      port: target.port || 80,
+      path: req.url,
+      method: req.method,
+      headers: { ...req.headers, host: target.host },
+    };
+
+    const proxy = httpRequest(options, (upstreamRes) => {
+      res.writeHead(upstreamRes.statusCode || 502, upstreamRes.headers);
+      upstreamRes.pipe(res);
+    });
+
+    proxy.on('error', (err) => {
+      this.logger.warn(`HTTP proxy error: ${err.message}`);
+      if (!res.headersSent) {
+        res.writeHead(502);
+        res.end('Bad Gateway');
+      }
+    });
+
+    req.pipe(proxy);
+  }
+
+  /**
+   * Try to proxy the request to the real server (latest display build).
+   * If the server is unreachable, fall back to local static files.
+   */
+  private proxyWithFallback(req: IncomingMessage, res: ServerResponse): void {
+    const target = new URL(this.serverUrl);
+    let fell = false;
+    const fallback = () => {
+      if (fell || res.headersSent) return;
+      fell = true;
+      this.logger.debug(`Proxy failed for ${req.url}, serving from local files`);
+      this.serveStatic(req, res);
+    };
+
+    const options = {
+      hostname: target.hostname,
+      port: target.port || 80,
+      path: req.url,
+      method: req.method,
+      headers: { ...req.headers, host: target.host },
+      timeout: 3000,
+    };
+
+    const proxy = httpRequest(options, (upstreamRes) => {
+      const statusCode = upstreamRes.statusCode || 502;
+
+      // If upstream display route is unavailable/misconfigured,
+      // serve the local bundled display instead of surfacing server errors.
+      if (statusCode >= 400) {
+        upstreamRes.resume();
+        fallback();
+        return;
+      }
+
+      res.writeHead(statusCode, upstreamRes.headers);
+      upstreamRes.pipe(res);
+    });
+
+    proxy.on('error', fallback);
+    proxy.on('timeout', () => { proxy.destroy(); fallback(); });
+
+    req.pipe(proxy);
+  }
+
+  private serveStatic(req: IncomingMessage, res: ServerResponse): void {
+    const rawUrl = (req.url || '/').split('?')[0];
+
+    // Strip /display prefix to map to dist files
+    let filePath = rawUrl.startsWith('/display')
+      ? rawUrl.slice('/display'.length) || '/'
+      : rawUrl;
+
+    let absPath = resolve(this.distPath, filePath.replace(/^\//, ''));
+
+    // Security: stay inside distPath
+    if (!absPath.startsWith(this.distPath)) {
+      res.writeHead(403);
+      res.end('Forbidden');
+      return;
+    }
+
+    // SPA fallback
+    if (!existsSync(absPath) || statSync(absPath).isDirectory()) {
+      absPath = join(this.distPath, 'index.html');
+    }
+
+    if (!existsSync(absPath)) {
+      res.writeHead(404);
+      res.end('Not Found');
+      return;
+    }
+
+    const ext = extname(absPath).toLowerCase();
+    const mime = MIME[ext] || 'application/octet-stream';
+
+    res.writeHead(200, { 'Content-Type': mime });
+    createReadStream(absPath).pipe(res);
+  }
+}

package/src/services/updater.ts

@@ -0,0 +1,249 @@
+import { createWriteStream, createReadStream, existsSync, mkdirSync, renameSync, rmSync, readdirSync, statSync } from 'fs';
+import { resolve, join } from 'path';
+import { createHash } from 'crypto';
+import { pipeline } from 'stream/promises';
+import http from 'http';
+import https from 'https';
+import { execFileSync } from 'child_process';
+import type { Logger } from '../lib/logger.js';
+
+interface UpdatePaths {
+  current: string;   // /opt/lightman/agent/
+  staging: string;   // /opt/lightman/agent-staging/
+  backup: string;    // /opt/lightman/agent-backup/
+  downloads: string; // /opt/lightman/agent-downloads/
+}
+
+interface UpdateStatus {
+  phase: 'idle' | 'downloading' | 'verifying' | 'installing' | 'restarting' | 'error';
+  version?: string;
+  progress?: number;
+  error?: string;
+}
+
+export class Updater {
+  private readonly logger: Logger;
+  private readonly paths: UpdatePaths;
+  private status: UpdateStatus = { phase: 'idle' };
+
+  constructor(logger: Logger, basePath?: string) {
+    this.logger = logger;
+    const base = basePath || '/opt/lightman';
+    this.paths = {
+      current: resolve(base, 'agent'),
+      staging: resolve(base, 'agent-staging'),
+      backup: resolve(base, 'agent-backup'),
+      downloads: resolve(base, 'agent-downloads'),
+    };
+  }
+
+  getStatus(): UpdateStatus {
+    return { ...this.status };
+  }
+
+  /**
+   * Returns true if the updater is in the middle of an install or download.
+   */
+  isBusy(): boolean {
+    return this.status.phase === 'downloading' ||
+      this.status.phase === 'verifying' ||
+      this.status.phase === 'installing';
+  }
+
+  /**
+   * Download a file from URL to a local temp path.
+   * Returns the local file path.
+   */
+  async download(url: string): Promise<string> {
+    // Validate URL protocol
+    const parsed = new URL(url);
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
+      throw new Error('Only http and https URLs are supported');
+    }
+
+    this.status = { ...this.status, phase: 'downloading' };
+    this.logger.info(`Downloading update from: ${url}`);
+
+    // Ensure downloads dir exists
+    if (!existsSync(this.paths.downloads)) {
+      mkdirSync(this.paths.downloads, { recursive: true });
+    }
+
+    const filename = `update-${Date.now()}.tar.gz`;
+    const filePath = join(this.paths.downloads, filename);
+
+    return new Promise<string>((resolvePromise, reject) => {
+      const client = parsed.protocol === 'https:' ? https : http;
+      const req = client.get(url, (res) => {
+        if (res.statusCode !== 200) {
+          reject(new Error(`Download failed with status ${res.statusCode}`));
+          return;
+        }
+
+        const ws = createWriteStream(filePath);
+        pipeline(res, ws)
+          .then(() => {
+            this.logger.info(`Download complete: ${filePath}`);
+            resolvePromise(filePath);
+          })
+          .catch(reject);
+      });
+
+      req.on('error', reject);
+      req.setTimeout(5 * 60 * 1000, () => {
+        req.destroy(new Error('Download timeout (5 minutes)'));
+      });
+    });
+  }
+
+  /**
+   * Verify SHA256 checksum of a file.
+   */
+  async verify(filePath: string, expectedChecksum: string): Promise<boolean> {
+    this.status = { ...this.status, phase: 'verifying' };
+    this.logger.info(`Verifying checksum for: ${filePath}`);
+
+    const hash = createHash('sha256');
+    const stream = createReadStream(filePath);
+
+    await pipeline(stream, hash);
+    const actual = hash.digest('hex');
+
+    const match = actual === expectedChecksum.toLowerCase();
+    if (!match) {
+      this.logger.error(`Checksum mismatch: expected ${expectedChecksum}, got ${actual}`);
+    } else {
+      this.logger.info('Checksum verified OK');
+    }
+    return match;
+  }
+
+  /**
+   * Install update: extract tarball to staging, swap current -> backup, staging -> current, restart.
+   */
+  async install(tarballPath: string, version: string): Promise<void> {
+    this.status = { phase: 'installing', version };
+    this.logger.info(`Installing update v${version}...`);
+
+    // Clean staging dir
+    if (existsSync(this.paths.staging)) {
+      rmSync(this.paths.staging, { recursive: true, force: true });
+    }
+    mkdirSync(this.paths.staging, { recursive: true });
+
+    // Extract tarball to staging
+    try {
+      execFileSync('tar', ['-xzf', tarballPath, '-C', this.paths.staging], {
+        timeout: 60_000,
+      });
+    } catch (err) {
+      this.status = { phase: 'error', version, error: 'Extraction failed' };
+      // Clean up staging directory on extraction failure
+      try {
+        if (existsSync(this.paths.staging)) {
+          rmSync(this.paths.staging, { recursive: true, force: true });
+        }
+      } catch {
+        // Non-critical cleanup error
+      }
+      throw new Error(`Failed to extract tarball: ${err instanceof Error ? err.message : String(err)}`);
+    }
+
+    // Atomic swap: current -> backup, staging -> current
+    try {
+      // Remove old backup if it exists
+      if (existsSync(this.paths.backup)) {
+        rmSync(this.paths.backup, { recursive: true, force: true });
+      }
+
+      // Move current -> backup (preserve for rollback)
+      if (existsSync(this.paths.current)) {
+        renameSync(this.paths.current, this.paths.backup);
+      }
+
+      // Move staging -> current
+      renameSync(this.paths.staging, this.paths.current);
+
+      this.logger.info(`Update v${version} installed successfully`);
+    } catch (err) {
+      this.status = { phase: 'error', version, error: 'Swap failed' };
+      // Attempt recovery: if backup exists and current doesn't, restore backup
+      if (!existsSync(this.paths.current) && existsSync(this.paths.backup)) {
+        try {
+          renameSync(this.paths.backup, this.paths.current);
+          this.logger.warn('Recovered from failed swap using backup');
+        } catch {
+          this.logger.error('CRITICAL: Failed to recover from swap failure');
+        }
+      }
+      throw new Error(`Install swap failed: ${err instanceof Error ? err.message : String(err)}`);
+    }
+
+    // Clean up downloaded tarball
+    try {
+      rmSync(tarballPath, { force: true });
+    } catch {
+      // Non-critical
+    }
+
+    this.status = { phase: 'restarting', version };
+  }
+
+  /**
+   * Rollback to backup version.
+   */
+  async rollback(): Promise<void> {
+    this.logger.info('Rolling back to backup version...');
+
+    if (!existsSync(this.paths.backup)) {
+      throw new Error('No backup version available for rollback');
+    }
+
+    // Move current -> staging (temporary)
+    if (existsSync(this.paths.staging)) {
+      rmSync(this.paths.staging, { recursive: true, force: true });
+    }
+    if (existsSync(this.paths.current)) {
+      renameSync(this.paths.current, this.paths.staging);
+    }
+
+    // Move backup -> current
+    renameSync(this.paths.backup, this.paths.current);
+
+    // Clean up old current (now in staging)
+    if (existsSync(this.paths.staging)) {
+      rmSync(this.paths.staging, { recursive: true, force: true });
+    }
+
+    this.logger.info('Rollback complete');
+  }
+
+  /**
+   * Clean old downloads, keeping only the most recent 3.
+   */
+  cleanDownloads(): void {
+    try {
+      if (!existsSync(this.paths.downloads)) return;
+
+      const files = readdirSync(this.paths.downloads)
+        .filter(f => f.endsWith('.tar.gz'))
+        .map(f => ({
+          name: f,
+          path: join(this.paths.downloads, f),
+          mtime: statSync(join(this.paths.downloads, f)).mtimeMs,
+        }))
+        .sort((a, b) => b.mtime - a.mtime);
+
+      // Keep only 3 most recent
+      for (const file of files.slice(3)) {
+        try {
+          rmSync(file.path, { force: true });
+        } catch {
+          // Ignore cleanup errors
+        }
+      }
+    } catch {
+      // Non-critical
+    }
+  }
+}