mop-agent 0.1.0 → 0.1.1

package/README.md

@@ -5,8 +5,8 @@ through MOP-FLOW. It stores project memory, performs semantic recall and
 consolidation, serves grounded chat, and can request approved actions from a
 linked FLOW node.
 
-> **Release status:** npm package `mop-agent@0.1.0` is prepared but may not have
-> been published yet. After publication, the canonical installation command is
+> **Release status:** npm package `mop-agent@0.1.1` contains the root/VPS
+> installer fix. After publishing 0.1.1, the canonical installation command is
 > exactly `npx mop-agent`.
 
 ## Current status
@@ -44,7 +44,7 @@ Prerequisites:
 - A domain with an `A`/`AAAA` record pointing to the server
 - Inbound ports 80 and 443 allowed by the firewall/security group
 
-Run as your normal user:
+Run as either your normal sudo user or directly as root on a VPS:
 
 ```bash
 npx mop-agent
@@ -56,9 +56,26 @@ The first run copies the npm-packaged runtime from the temporary npx cache into
 SQLite database, HTTPS, and systemd service. The menu remains open between
 steps.
 
-The installer requests `sudo` only when it needs to write under `/opt` or
-`/etc`, install OS packages, or control nginx/systemd. Do not run the entire
-npm/npx process with `sudo`.
+During `setup`, choose one deployment mode:
+
+- `public` — enter a public domain and optionally obtain a Let's Encrypt HTTPS
+  certificate. Use this for an internet-facing server with public IP/DNS.
+- `local` — use a LAN hostname such as `mop-agent.local`; the installer uses
+  HTTP and does not invoke Certbot.
+
+For a LAN-only test, map the selected hostname to the server IP in your router
+DNS or client `/etc/hosts`. Let's Encrypt public mode requires a real public
+domain and reachable ports 80/443.
+
+When launched by a normal user, the installer requests `sudo` only when it
+needs to write under `/opt` or `/etc`, install OS packages, or control
+nginx/systemd. When launched as root, it creates a locked-down `mop-agent`
+system account and runs the web service under that account—not as root.
+
+During the `install` step, MOP-AGENT checks the installed npm version. If a
+newer npm is available it displays the version and Node.js requirement, then
+asks before running the global npm update. Set `MOP_AGENT_SKIP_NPM_UPDATE=1` to
+skip this check.
 
 Subsequent operations use the same command:
 
@@ -83,6 +100,7 @@ so it uses `/opt/mop-agent` rather than `/var/www` for application code.
 | systemd unit | `/etc/systemd/system/mop-agent.service` | same |
 | TLS certificates | `/etc/letsencrypt/live/<domain>/` | same |
 | Service logs | `journalctl -u mop-agent -f` | same |
+| Root-install service account | `mop-agent` | `mop-agent` |
 
 `MOP_AGENT_DIR` can override `/opt/mop-agent`. Updates preserve
 `apps/web/.env` and `data/`; uninstall preserves SQLite brain data unless the

package/apps/web/.env.example

@@ -1,11 +1,13 @@
 # MOP-AGENT web — copy to .env and fill in.
 PORT=3000
+MOP_AGENT_DEPLOY_MODE=public   # public | local
 
 # --- Fasa 2 (auth + db + secrets) ---
 # BETTER_AUTH_SECRET=
 # BETTER_AUTH_URL=http://localhost:3000
 # MOP_AGENT_SECRET=          # AES-GCM key for provider keys at rest (32 bytes hex)
 # MOP_AGENT_DATA_DIR=        # defaults to OS data dir if unset
+# MOP_AGENT_MODEL_CACHE=     # local MiniLM model cache; installer puts it under data/models
 
 # --- providers (Fasa 2/3) ---
 # ANTHROPIC_API_KEY=

package/apps/web/lib/memory/local-embedder.ts

@@ -15,6 +15,9 @@ export function localEmbedder(model = "Xenova/all-MiniLM-L6-v2"): Embedder {
         _extractor = (async () => {
           const t = await import("@xenova/transformers");
           t.env.allowLocalModels = false;
+          if (process.env.MOP_AGENT_MODEL_CACHE) {
+            t.env.cacheDir = process.env.MOP_AGENT_MODEL_CACHE;
+          }
           return t.pipeline("feature-extraction", model);
         })();
       }

package/installer/bootstrap.mjs

@@ -12,6 +12,7 @@ import {
   constants,
   cpSync,
   existsSync,
+  mkdirSync,
   readFileSync,
   writeFileSync,
 } from "node:fs";
@@ -53,9 +54,10 @@ Usage:
 Environment:
   MOP_AGENT_DIR              Durable app directory (default: ${DEFAULT_DIR})
 
-Run this command as your normal user. MOP-AGENT asks for sudo only when an OS
-operation requires it. Native Windows/macOS production installation is not yet
-supported; use WSL2 Ubuntu on Windows or a Linux host.
+Run this command as either a normal sudo user or root. When launched by a normal
+user, MOP-AGENT asks for sudo only when an OS operation requires it. The web
+service itself never runs as root. Native Windows/macOS production installation
+is not yet supported; use WSL2 Ubuntu on Windows or a Linux host.
 `);
 }
 
@@ -86,7 +88,10 @@ function writable(path) {
 
 function ensureDestination() {
   if (existsSync(APP_DIR) && writable(APP_DIR)) return;
-  if (isRoot) fail("Do not run `npx mop-agent` with sudo/root. Run it as your normal user.");
+  if (isRoot) {
+    mkdirSync(APP_DIR, { recursive: true });
+    return;
+  }
   const uid = String(process.getuid());
   const gid = String(process.getgid());
   console.log(`\n▸ Preparing ${APP_DIR} (sudo is required once for this system directory)`);
@@ -151,7 +156,6 @@ if (argv.includes("--help") || argv.includes("-h")) {
 } else {
   assertPlatform();
   assertSafeDestination();
-  if (isRoot) fail("Do not run `npx mop-agent` with sudo/root. Run it as your normal user.");
   ensureDestination();
   deployPackage();
   run(process.execPath, [resolve(APP_DIR, "installer/mop-agent.mjs"), ...argv], {

package/installer/mop-agent.mjs

@@ -105,10 +105,11 @@ function q(value) {
 
 // ---- commands ----------------------------------------------------------
 
-function cmdInstall() {
+async function cmdInstall() {
   banner();
   const os = detectOS();
   if (!printInstallLocations(os)) return;
+  await maybeUpdateNpm();
   console.log(c("bold", "Installing system dependencies (nginx and Certbot)…\n"));
   runSteps(planInstallDeps(os), { privileged: true });
   console.log(c("green", "\n✓ dependencies step complete. Next: mop-agent setup\n"));
@@ -121,10 +122,22 @@ async function cmdSetup() {
   const rl = createInterface({ input, output });
   const ask = async (q, def) => (await rl.question(c("cyan", `  ${q}${def ? c("gray", ` [${def}]`) : ""}: `))).trim() || def || "";
 
-  const domain = await ask("Domain (e.g. agent.mydomain.com)");
+  const deployMode = (await ask("Deployment mode (public/local)", "public")).toLowerCase();
+  if (!new Set(["public", "local"]).has(deployMode)) {
+    rl.close();
+    throw new Error(`Invalid deployment mode: ${deployMode}. Use public or local.`);
+  }
+  const domain = await ask(
+    deployMode === "public" ? "Public domain (e.g. agent.mydomain.com)" : "LAN hostname",
+    deployMode === "local" ? "mop-agent.local" : "",
+  );
   const port = await ask("App port", "3000");
-  const email = await ask("Email for Let's Encrypt", domain ? `admin@${domain.split(".").slice(-2).join(".")}` : "");
-  const wantSsl = (await ask("Obtain HTTPS cert now? (y/n)", "y")).toLowerCase().startsWith("y");
+  const wantSsl = deployMode === "public"
+    ? (await ask("Obtain HTTPS cert now? (y/n)", "y")).toLowerCase().startsWith("y")
+    : false;
+  const email = wantSsl
+    ? await ask("Email for Let's Encrypt", domain ? `admin@${domain.split(".").slice(-2).join(".")}` : "")
+    : "";
   rl.close();
 
   if (!isValidDomain(domain)) throw new Error(`Invalid domain: ${domain || "(empty)"}`);
@@ -133,12 +146,15 @@ async function cmdSetup() {
 
   // 1) .env
   const secret = (n) => randomToken(n);
+  const protocol = wantSsl ? "https" : "http";
   const env = [
     `PORT=${port}`,
-    `BETTER_AUTH_URL=https://${domain}`,
+    `MOP_AGENT_DEPLOY_MODE=${deployMode}`,
+    `BETTER_AUTH_URL=${protocol}://${domain}`,
     `BETTER_AUTH_SECRET=${secret(48)}`,
     `MOP_AGENT_SECRET=${secret(64).replace(/[^0-9a-f]/g, "").padEnd(64, "0").slice(0, 64)}`,
     `MOP_AGENT_DATA_DIR=${APP_DIR}/data`,
+    `MOP_AGENT_MODEL_CACHE=${APP_DIR}/data/models`,
     `MOP_AGENT_CONSOLIDATE_CRON=0 3 * * *`,
   ].join("\n") + "\n";
   console.log(c("cyan", "\n▸ Write apps/web/.env"));
@@ -172,8 +188,13 @@ async function cmdSetup() {
     { label: "Reload nginx", cmd: "systemctl reload nginx" },
   ], { privileged: true });
 
-  // 4) systemd — run the app as the invoking user, never as root by default.
-  const serviceUser = isRoot ? process.env.SUDO_USER || "root" : process.env.USER || String(process.getuid?.() ?? "root");
+  // 4) systemd — root installs get a dedicated locked-down service account.
+  const serviceUser = isRoot
+    ? ensureRootServiceUser(os)
+    : process.env.USER || String(process.getuid?.() ?? "root");
+  if (isRoot) {
+    run(`mkdir -p ${q(`${APP_DIR}/data`)} && chown -R ${serviceUser}:${serviceUser} ${q(`${APP_DIR}/data`)} ${q(`${APP_DIR}/apps/web/.env`)}`);
+  }
   const unit = renderSystemdUnit({ appDir: APP_DIR, port, user: serviceUser });
   console.log(c("cyan", "▸ systemd service (auto-restart on boot)"));
   writeConf("/etc/systemd/system/mop-agent.service", unit, { privileged: true });
@@ -200,7 +221,7 @@ async function cmdSetup() {
     }
   }
 
-  console.log(c("green", `\n✓ Setup complete. Visit ${domain ? `https://${domain}` : `http://localhost:${port}`}/setup to create the owner.\n`));
+  console.log(c("green", `\n✓ ${deployMode} setup complete. Visit ${protocol}://${domain}/setup to create the owner.\n`));
   printInstallLocations(os);
 }
 
@@ -282,6 +303,37 @@ function randomToken(n) {
   return randomBytes(Math.ceil(n / 2)).toString("hex").slice(0, n);
 }
 
+async function maybeUpdateNpm() {
+  if (args["skip-npm-update"] || process.env.MOP_AGENT_SKIP_NPM_UPDATE === "1") return;
+  const current = run("npm --version", { capture: true }).stdout.trim();
+  const latestResult = run("npm view npm version", { capture: true, allowFailure: true });
+  const latest = latestResult.stdout.trim();
+  if (!latest || latest === current) {
+    console.log(c("green", `✓ npm ${current || "unknown"} is current\n`));
+    return;
+  }
+  const engineResult = run("npm view npm@latest engines.node", { capture: true, allowFailure: true });
+  const engine = engineResult.stdout.trim();
+  const rl = createInterface({ input, output });
+  const answer = (await rl.question(c("cyan", `  Update npm ${current} → ${latest}${engine ? ` (Node ${engine})` : ""}? [Y/n]: `))).trim().toLowerCase();
+  rl.close();
+  if (answer && !answer.startsWith("y")) {
+    console.log(c("gray", "  npm update skipped.\n"));
+    return;
+  }
+  run("npm install -g npm@latest", { privileged: true });
+  console.log(c("green", `✓ npm updated to ${latest}\n`));
+}
+
+function ensureRootServiceUser(os) {
+  const user = "mop-agent";
+  const create = os.family === "alpine"
+    ? `id -u ${user} >/dev/null 2>&1 || adduser -S -H -h ${q(APP_DIR)} -s /sbin/nologin ${user}`
+    : `id -u ${user} >/dev/null 2>&1 || useradd --system --home-dir ${q(APP_DIR)} --shell /usr/sbin/nologin ${user}`;
+  run(create);
+  return user;
+}
+
 async function tui() {
   banner();
   if (!supportedLinux()) return;

package/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "mop-agent",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "mop-agent",
-      "version": "0.1.0",
+      "version": "0.1.1",
       "license": "UNLICENSED",
       "workspaces": [
         "packages/*",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mop-agent",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Self-hosted AI brain and control plane for MOP-FLOW projects, installed with npx mop-agent.",
   "author": "BURHANDEV ENTERPRISE",
   "license": "UNLICENSED",