limbo-ai 2026.4.1 → 2026.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Dockerfile +7 -0
- package/README.md +34 -17
- package/RELEASES.md +33 -0
- package/cli.js +477 -188
- package/evals/cli.js +23 -6
- package/lib/cf-tunnel.js +123 -0
- package/lib/control-client.js +110 -0
- package/lib/control-router.js +174 -0
- package/lib/control-server.js +184 -0
- package/lib/session-store.js +179 -0
- package/lib/supervisor.js +254 -0
- package/lib/telegram-notify.js +10 -22
- package/lib/wizard-spawner.js +137 -0
- package/package.json +2 -2
- package/scripts/entrypoint.sh +73 -200
- package/setup-server/server.js +128 -84
package/Dockerfile
CHANGED
|
@@ -95,6 +95,13 @@ COPY --chown=limbo:limbo openclaw.json.template ./openclaw.json.template
|
|
|
95
95
|
COPY scripts/entrypoint.sh /entrypoint.sh
|
|
96
96
|
RUN chmod +x /entrypoint.sh
|
|
97
97
|
|
|
98
|
+
# Wizard supervisor (container main process after entrypoint bootstrap) +
|
|
99
|
+
# standalone regen helper used by both the entrypoint and the setup-server
|
|
100
|
+
# to rewrite openclaw.json on boot and after wizard completion.
|
|
101
|
+
COPY --chown=limbo:limbo scripts/supervisor.js /app/scripts/supervisor.js
|
|
102
|
+
COPY --chown=limbo:limbo scripts/regen-openclaw-config.sh /app/scripts/regen-openclaw-config.sh
|
|
103
|
+
RUN chmod +x /app/scripts/regen-openclaw-config.sh /app/scripts/supervisor.js
|
|
104
|
+
|
|
98
105
|
# Pre-create dirs with correct ownership for image-layer defaults
|
|
99
106
|
RUN mkdir -p /data && chown limbo:limbo /data
|
|
100
107
|
RUN mkdir -p /flags && chown limbo:limbo /flags
|
package/README.md
CHANGED
|
@@ -160,29 +160,46 @@ Limbo uses ~150 MB at rest, peaks ~300 MB during agent runs. CPU usage is neglig
|
|
|
160
160
|
## Architecture
|
|
161
161
|
|
|
162
162
|
```
|
|
163
|
-
|
|
164
|
-
│
|
|
165
|
-
│
|
|
166
|
-
│
|
|
167
|
-
│ │
|
|
168
|
-
│ │
|
|
169
|
-
│
|
|
170
|
-
│
|
|
171
|
-
│
|
|
172
|
-
│
|
|
173
|
-
│
|
|
174
|
-
│
|
|
175
|
-
│
|
|
176
|
-
│
|
|
177
|
-
│
|
|
178
|
-
│
|
|
179
|
-
|
|
163
|
+
┌──────────────────────────────────────────────────┐
|
|
164
|
+
│ Docker Container │
|
|
165
|
+
│ │
|
|
166
|
+
│ ┌──────────────┐ │
|
|
167
|
+
│ │ Supervisor │ (PID 2, under tini) │
|
|
168
|
+
│ └──┬────┬──┬───┘ │
|
|
169
|
+
│ │ │ │ │
|
|
170
|
+
│ │ │ └── Control plane :LIMBO_PORT+2 │ ◄── limbo CLI (host)
|
|
171
|
+
│ │ │ │
|
|
172
|
+
│ │ └───── Wizard port :LIMBO_PORT+1 │ ◄── connect-calendar /
|
|
173
|
+
│ │ (on-demand, forked by spawner) │ switch-brain browser
|
|
174
|
+
│ │ │
|
|
175
|
+
│ ▼ │
|
|
176
|
+
│ ┌──────────────┐ ┌────────────────────┐ │
|
|
177
|
+
│ │ OpenClaw │◄───►│ LLM provider │ │
|
|
178
|
+
│ │ gateway │ │ (anthropic/...) │ │
|
|
179
|
+
│ │ :LIMBO_PORT │ └──────────┬─────────┘ │
|
|
180
|
+
│ └───┬──────────┘ │ │
|
|
181
|
+
│ │ ┌───────────▼──────────┐ │
|
|
182
|
+
│ │ Telegram │ MCP Server │ │
|
|
183
|
+
│ ├── channel │ (limbo-vault) │ │
|
|
184
|
+
│ │ └───────────┬──────────┘ │
|
|
185
|
+
│ │ ▼ │
|
|
186
|
+
│ │ /data/vault/ │
|
|
187
|
+
│ │ (markdown notes) │
|
|
188
|
+
└──────┴───────────────────────────────────────────┘
|
|
189
|
+
│
|
|
190
|
+
▼
|
|
191
|
+
Telegram
|
|
180
192
|
```
|
|
181
193
|
|
|
194
|
+
- **Supervisor** — container main process, owns OpenClaw + the wizard control plane
|
|
182
195
|
- **OpenClaw** — Node.js runtime (~150 MB) handling connections, LLM routing, Telegram, and MCP tools
|
|
196
|
+
- **Control plane** — tiny HTTP API the `limbo` CLI uses to open on-demand wizards (`connect-calendar`, `switch-brain`) without restarting the container
|
|
197
|
+
- **Wizard port** — a setup-server child spawned on demand, used only during an active wizard
|
|
183
198
|
- **MCP server** — Node.js vault read/write tools, spawned by OpenClaw
|
|
184
199
|
- **Vault** — plain markdown with YAML frontmatter, persisted in a Docker volume
|
|
185
200
|
|
|
201
|
+
All three ports bind to the host loopback only (`127.0.0.1`), never LAN.
|
|
202
|
+
|
|
186
203
|
---
|
|
187
204
|
|
|
188
205
|
## Agent Installation (headless)
|
package/RELEASES.md
CHANGED
|
@@ -18,6 +18,39 @@
|
|
|
18
18
|
> - fix: technical description (#PR)
|
|
19
19
|
> ```
|
|
20
20
|
|
|
21
|
+
## Next release
|
|
22
|
+
|
|
23
|
+
- **Instant connect-calendar and switch-brain.** Both commands used to tear down the container, rebuild the image, and start a fresh setup wizard — that easily took 5–20 minutes. Now they take a few seconds: Limbo stays running the whole time, the wizard opens in a new window, and your changes apply live.
|
|
24
|
+
- **One single `.env` file.** All tokens (LLM key, Telegram, voice, search, Google) now live in `~/.limbo/config/.env`. Legacy secret files from older installs are migrated automatically on first start after this update — nothing for you to do.
|
|
25
|
+
- **Cloudflare tunnel self-heals.** If a previous `limbo connect-calendar` left a dangling tunnel on your Cloudflare account, `limbo update` cleans it up. Also blocks the case where the tunnel DNS landed in the wrong zone.
|
|
26
|
+
|
|
27
|
+
### Heads up — **if you already had Google Calendar connected**
|
|
28
|
+
|
|
29
|
+
You need to add one new URL to your Google OAuth client (one-time, ~30 seconds):
|
|
30
|
+
|
|
31
|
+
1. Open <https://console.cloud.google.com/apis/credentials>
|
|
32
|
+
2. Click the OAuth 2.0 Client ID you use for Limbo
|
|
33
|
+
3. Under **Authorized redirect URIs**, add: `http://localhost:18790/auth/google/callback`
|
|
34
|
+
(if you use a custom `LIMBO_PORT`, use `<LIMBO_PORT + 1>` instead of 18790)
|
|
35
|
+
4. Save
|
|
36
|
+
|
|
37
|
+
Until you do this, `limbo connect-calendar` will fail with `redirect_uri_mismatch`. Existing connections keep working — this is only needed if you re-run connect-calendar.
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
### Technical changelog
|
|
42
|
+
|
|
43
|
+
- feat(supervisor): wizard sidecar — on-demand wizards over a TCP control plane
|
|
44
|
+
- feat(cli): migrate `switch-brain` and `connect-calendar` to the control plane (no more container rebuild)
|
|
45
|
+
- feat(supervisor): control-plane HTTP API bound to 127.0.0.1:LIMBO_PORT+2 with Host-header allowlist
|
|
46
|
+
- fix(supervisor): set `OPENCLAW_NO_RESPAWN=1` on the OpenClaw child so config reloads become in-process restarts (no fork+exec, no port collisions)
|
|
47
|
+
- fix(supervisor): respawn OpenClaw on clean exit with a sliding-window crash-loop guard (5 restarts / 60 s)
|
|
48
|
+
- feat(supervisor): enforce single active wizard session at a time (409 Conflict on concurrent POST /wizard)
|
|
49
|
+
- feat(cli): install SIGINT/SIGTERM cleanup so Ctrl+C during a wizard cancels the session on the supervisor
|
|
50
|
+
- fix(setup-server): honour `SETUP_TOKEN` injected by the supervisor (was generating a mismatched token)
|
|
51
|
+
- fix(secrets): consolidate all tokens into `~/.limbo/config/.env`; drop `/run/secrets` and `~/.limbo/secrets/`
|
|
52
|
+
- fix(cli): cloudflare tunnel self-heal via blocking DNS check + stale-tunnel sweep on start
|
|
53
|
+
|
|
21
54
|
## v1.30.0
|
|
22
55
|
|
|
23
56
|
- Limbo now notifies you when a new version is available
|