mop-agent 0.1.0 → 0.1.2

package/README.md

@@ -5,8 +5,8 @@ through MOP-FLOW. It stores project memory, performs semantic recall and
 consolidation, serves grounded chat, and can request approved actions from a
 linked FLOW node.
 
-> **Release status:** npm package `mop-agent@0.1.0` is prepared but may not have
-> been published yet. After publication, the canonical installation command is
+> **Release status:** npm package `mop-agent@0.1.2` contains the corrected VPS
+> installer flow. After publishing 0.1.2, the canonical installation command is
 > exactly `npx mop-agent`.
 
 ## Current status
@@ -44,21 +44,40 @@ Prerequisites:
 - A domain with an `A`/`AAAA` record pointing to the server
 - Inbound ports 80 and 443 allowed by the firewall/security group
 
-Run as your normal user:
+Run as either your normal sudo user or directly as root on a VPS:
 
 ```bash
 npx mop-agent
 ```
 
 The first run copies the npm-packaged runtime from the temporary npx cache into
-`/opt/mop-agent`, installs its dependencies, and opens the TUI. Choose
-`install` to install nginx/Certbot, then `setup` to configure the domain,
-SQLite database, HTTPS, and systemd service. The menu remains open between
-steps.
+`/opt/mop-agent`, installs its dependencies, and opens a four-action TUI:
 
-The installer requests `sudo` only when it needs to write under `/opt` or
-`/etc`, install OS packages, or control nginx/systemd. Do not run the entire
-npm/npx process with `sudo`.
+- `Install` — installs nginx/Certbot and immediately continues through the
+  complete domain, SQLite, HTTPS, and systemd setup.
+- `Update` — updates only MOP-AGENT, migrates/builds, and restarts it.
+- `Status` — reports service health and filesystem locations.
+- `Delete` — removes the service and nginx configuration while preserving data
+  unless purge is explicitly requested.
+
+During `setup`, choose one deployment mode:
+
+- `public` — enter a public domain and optionally obtain a Let's Encrypt HTTPS
+  certificate. Use this for an internet-facing server with public IP/DNS.
+- `local` — use a LAN hostname such as `mop-agent.local`; the installer uses
+  HTTP and does not invoke Certbot.
+
+For a LAN-only test, map the selected hostname to the server IP in your router
+DNS or client `/etc/hosts`. Let's Encrypt public mode requires a real public
+domain and reachable ports 80/443.
+
+When launched by a normal user, the installer requests `sudo` only when it
+needs to write under `/opt` or `/etc`, install OS packages, or control
+nginx/systemd. When launched as root, it creates a locked-down `mop-agent`
+system account and runs the web service under that account—not as root.
+
+MOP-AGENT never upgrades or modifies the system npm installation. npm and
+Node.js upgrades remain an explicit server-administration task.
 
 Subsequent operations use the same command:
 
@@ -83,6 +102,7 @@ so it uses `/opt/mop-agent` rather than `/var/www` for application code.
 | systemd unit | `/etc/systemd/system/mop-agent.service` | same |
 | TLS certificates | `/etc/letsencrypt/live/<domain>/` | same |
 | Service logs | `journalctl -u mop-agent -f` | same |
+| Root-install service account | `mop-agent` | `mop-agent` |
 
 `MOP_AGENT_DIR` can override `/opt/mop-agent`. Updates preserve
 `apps/web/.env` and `data/`; uninstall preserves SQLite brain data unless the

package/apps/web/.env.example

@@ -1,11 +1,13 @@
 # MOP-AGENT web — copy to .env and fill in.
 PORT=3000
+MOP_AGENT_DEPLOY_MODE=public   # public | local
 
 # --- Fasa 2 (auth + db + secrets) ---
 # BETTER_AUTH_SECRET=
 # BETTER_AUTH_URL=http://localhost:3000
 # MOP_AGENT_SECRET=          # AES-GCM key for provider keys at rest (32 bytes hex)
 # MOP_AGENT_DATA_DIR=        # defaults to OS data dir if unset
+# MOP_AGENT_MODEL_CACHE=     # local MiniLM model cache; installer puts it under data/models
 
 # --- providers (Fasa 2/3) ---
 # ANTHROPIC_API_KEY=

package/apps/web/lib/memory/local-embedder.ts

@@ -15,6 +15,9 @@ export function localEmbedder(model = "Xenova/all-MiniLM-L6-v2"): Embedder {
         _extractor = (async () => {
           const t = await import("@xenova/transformers");
           t.env.allowLocalModels = false;
+          if (process.env.MOP_AGENT_MODEL_CACHE) {
+            t.env.cacheDir = process.env.MOP_AGENT_MODEL_CACHE;
+          }
           return t.pipeline("feature-extraction", model);
         })();
       }

package/installer/bootstrap.mjs

@@ -12,6 +12,7 @@ import {
   constants,
   cpSync,
   existsSync,
+  mkdirSync,
   readFileSync,
   writeFileSync,
 } from "node:fs";
@@ -44,18 +45,18 @@ MOP-AGENT ${VERSION}
 
 Usage:
   npx mop-agent              Open the installer menu
-  npx mop-agent install      Install nginx and Certbot
-  npx mop-agent setup        Configure domain, HTTPS, app and systemd
+  npx mop-agent install      Install dependencies and complete setup
   npx mop-agent status       Show service health and file locations
   npx mop-agent update       Apply the npm version selected by npx
-  npx mop-agent uninstall    Remove service and nginx config
+  npx mop-agent delete       Remove service and nginx config
 
 Environment:
   MOP_AGENT_DIR              Durable app directory (default: ${DEFAULT_DIR})
 
-Run this command as your normal user. MOP-AGENT asks for sudo only when an OS
-operation requires it. Native Windows/macOS production installation is not yet
-supported; use WSL2 Ubuntu on Windows or a Linux host.
+Run this command as either a normal sudo user or root. When launched by a normal
+user, MOP-AGENT asks for sudo only when an OS operation requires it. The web
+service itself never runs as root. Native Windows/macOS production installation
+is not yet supported; use WSL2 Ubuntu on Windows or a Linux host.
 `);
 }
 
@@ -86,7 +87,10 @@ function writable(path) {
 
 function ensureDestination() {
   if (existsSync(APP_DIR) && writable(APP_DIR)) return;
-  if (isRoot) fail("Do not run `npx mop-agent` with sudo/root. Run it as your normal user.");
+  if (isRoot) {
+    mkdirSync(APP_DIR, { recursive: true });
+    return;
+  }
   const uid = String(process.getuid());
   const gid = String(process.getgid());
   console.log(`\n▸ Preparing ${APP_DIR} (sudo is required once for this system directory)`);
@@ -151,7 +155,6 @@ if (argv.includes("--help") || argv.includes("-h")) {
 } else {
   assertPlatform();
   assertSafeDestination();
-  if (isRoot) fail("Do not run `npx mop-agent` with sudo/root. Run it as your normal user.");
   ensureDestination();
   deployPackage();
   run(process.execPath, [resolve(APP_DIR, "installer/mop-agent.mjs"), ...argv], {

package/installer/mop-agent.mjs

@@ -3,11 +3,10 @@
  * MOP-AGENT installer / operator (TUI). Self-host with one command.
  *
  *   npx mop-agent            # interactive TUI
- *   npx mop-agent install    # install system deps (nginx/certbot)
- *   npx mop-agent setup      # domain / SQLite / ssl / systemd
+ *   npx mop-agent install    # dependencies + complete setup
  *   npx mop-agent update     # migrate + build + restart staged npm version
  *   npx mop-agent status     # health
- *   npx mop-agent uninstall  # remove service + nginx vhost (keeps data unless --purge)
+ *   npx mop-agent delete     # remove service + nginx vhost (keeps data unless --purge)
  *
  * Run as a normal user. Privileged OS operations request sudo individually.
  */
@@ -105,26 +104,39 @@ function q(value) {
 
 // ---- commands ----------------------------------------------------------
 
-function cmdInstall() {
+async function cmdInstall() {
   banner();
   const os = detectOS();
   if (!printInstallLocations(os)) return;
   console.log(c("bold", "Installing system dependencies (nginx and Certbot)…\n"));
   runSteps(planInstallDeps(os), { privileged: true });
-  console.log(c("green", "\n✓ dependencies step complete. Next: mop-agent setup\n"));
+  console.log(c("green", "\n✓ dependencies installed. Continuing to application setup…\n"));
+  await cmdSetup({ continuation: true });
 }
 
-async function cmdSetup() {
-  banner();
+async function cmdSetup({ continuation = false } = {}) {
+  if (!continuation) banner();
   const os = detectOS();
-  if (!printInstallLocations(os)) return;
+  if (!continuation && !printInstallLocations(os)) return;
   const rl = createInterface({ input, output });
   const ask = async (q, def) => (await rl.question(c("cyan", `  ${q}${def ? c("gray", ` [${def}]`) : ""}: `))).trim() || def || "";
 
-  const domain = await ask("Domain (e.g. agent.mydomain.com)");
+  const deployMode = (await ask("Deployment mode (public/local)", "public")).toLowerCase();
+  if (!new Set(["public", "local"]).has(deployMode)) {
+    rl.close();
+    throw new Error(`Invalid deployment mode: ${deployMode}. Use public or local.`);
+  }
+  const domain = await ask(
+    deployMode === "public" ? "Public domain (e.g. agent.mydomain.com)" : "LAN hostname",
+    deployMode === "local" ? "mop-agent.local" : "",
+  );
   const port = await ask("App port", "3000");
-  const email = await ask("Email for Let's Encrypt", domain ? `admin@${domain.split(".").slice(-2).join(".")}` : "");
-  const wantSsl = (await ask("Obtain HTTPS cert now? (y/n)", "y")).toLowerCase().startsWith("y");
+  const wantSsl = deployMode === "public"
+    ? (await ask("Obtain HTTPS cert now? (y/n)", "y")).toLowerCase().startsWith("y")
+    : false;
+  const email = wantSsl
+    ? await ask("Email for Let's Encrypt", domain ? `admin@${domain.split(".").slice(-2).join(".")}` : "")
+    : "";
   rl.close();
 
   if (!isValidDomain(domain)) throw new Error(`Invalid domain: ${domain || "(empty)"}`);
@@ -133,12 +145,15 @@ async function cmdSetup() {
 
   // 1) .env
   const secret = (n) => randomToken(n);
+  const protocol = wantSsl ? "https" : "http";
   const env = [
     `PORT=${port}`,
-    `BETTER_AUTH_URL=https://${domain}`,
+    `MOP_AGENT_DEPLOY_MODE=${deployMode}`,
+    `BETTER_AUTH_URL=${protocol}://${domain}`,
     `BETTER_AUTH_SECRET=${secret(48)}`,
     `MOP_AGENT_SECRET=${secret(64).replace(/[^0-9a-f]/g, "").padEnd(64, "0").slice(0, 64)}`,
     `MOP_AGENT_DATA_DIR=${APP_DIR}/data`,
+    `MOP_AGENT_MODEL_CACHE=${APP_DIR}/data/models`,
     `MOP_AGENT_CONSOLIDATE_CRON=0 3 * * *`,
   ].join("\n") + "\n";
   console.log(c("cyan", "\n▸ Write apps/web/.env"));
@@ -172,8 +187,13 @@ async function cmdSetup() {
     { label: "Reload nginx", cmd: "systemctl reload nginx" },
   ], { privileged: true });
 
-  // 4) systemd — run the app as the invoking user, never as root by default.
-  const serviceUser = isRoot ? process.env.SUDO_USER || "root" : process.env.USER || String(process.getuid?.() ?? "root");
+  // 4) systemd — root installs get a dedicated locked-down service account.
+  const serviceUser = isRoot
+    ? ensureRootServiceUser(os)
+    : process.env.USER || String(process.getuid?.() ?? "root");
+  if (isRoot) {
+    run(`mkdir -p ${q(`${APP_DIR}/data`)} && chown -R ${serviceUser}:${serviceUser} ${q(`${APP_DIR}/data`)} ${q(`${APP_DIR}/apps/web/.env`)}`);
+  }
   const unit = renderSystemdUnit({ appDir: APP_DIR, port, user: serviceUser });
   console.log(c("cyan", "▸ systemd service (auto-restart on boot)"));
   writeConf("/etc/systemd/system/mop-agent.service", unit, { privileged: true });
@@ -200,7 +220,7 @@ async function cmdSetup() {
     }
   }
 
-  console.log(c("green", `\n✓ Setup complete. Visit ${domain ? `https://${domain}` : `http://localhost:${port}`}/setup to create the owner.\n`));
+  console.log(c("green", `\n✓ ${deployMode} setup complete. Visit ${protocol}://${domain}/setup to create the owner.\n`));
   printInstallLocations(os);
 }
 
@@ -282,17 +302,25 @@ function randomToken(n) {
   return randomBytes(Math.ceil(n / 2)).toString("hex").slice(0, n);
 }
 
+function ensureRootServiceUser(os) {
+  const user = "mop-agent";
+  const create = os.family === "alpine"
+    ? `id -u ${user} >/dev/null 2>&1 || adduser -S -H -h ${q(APP_DIR)} -s /sbin/nologin ${user}`
+    : `id -u ${user} >/dev/null 2>&1 || useradd --system --home-dir ${q(APP_DIR)} --shell /usr/sbin/nologin ${user}`;
+  run(create);
+  return user;
+}
+
 async function tui() {
   banner();
   if (!supportedLinux()) return;
   if (DRY) console.log(c("yellow", "  Running in DRY-RUN (no changes).\n"));
   const rl = createInterface({ input, output });
   const menu = [
-    ["1", "install", "Install system deps (nginx and Certbot)"],
-    ["2", "setup", "Configure domain, SQLite, SSL, systemd service"],
+    ["1", "install", "Install (dependencies + complete setup)"],
+    ["2", "update", "Update MOP-AGENT + restart"],
     ["3", "status", "Show service health"],
-    ["4", "update", "Update to latest + restart"],
-    ["5", "uninstall", "Remove service + nginx vhost"],
+    ["4", "delete", "Delete service + nginx config"],
     ["q", "quit", "Exit"],
   ];
   for (const [k, , desc] of menu) console.log(`  ${c("cyan", k)}  ${desc}`);

package/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "mop-agent",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "mop-agent",
-      "version": "0.1.0",
+      "version": "0.1.2",
       "license": "UNLICENSED",
       "workspaces": [
         "packages/*",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mop-agent",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Self-hosted AI brain and control plane for MOP-FLOW projects, installed with npx mop-agent.",
   "author": "BURHANDEV ENTERPRISE",
   "license": "UNLICENSED",