npm - openclaw-navigator - Versions diffs - 2.1.0 → 3.0.0 - Mend

openclaw-navigator 2.1.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/cli.mjs +122 -138
package/package.json +1 -1

package/cli.mjs CHANGED Viewed

@@ -4,14 +4,15 @@
  * openclaw-navigator
  *
  * Self-contained Navigator bridge server.
- * Starts an HTTP server with all Navigator endpoints, sets up a tunnel,
- * generates pairing info, and keeps running as the bridge.
+ * Starts an HTTP server on localhost with all Navigator endpoints,
+ * then helps you connect from the Navigator browser via SSH tunnel.
  *
- * Zero dependencies — pure Node.js.
+ * Zero dependencies — pure Node.js + macOS built-in SSH.
  *
  * Usage:
- *   npx openclaw-navigator
- *   npx openclaw-navigator --port 18790
+ *   npx openclaw-navigator                  Start bridge (default)
+ *   npx openclaw-navigator --port 18790     Custom port
+ *   npx openclaw-navigator --bind 0.0.0.0   Listen on all interfaces (skip SSH)
  */
 import { createServer } from "node:http";
@@ -53,7 +54,7 @@ const recentEvents = [];
 const MAX_EVENTS = 200;
 const validTokens = new Set();
-// ── Helpers ────────────────────────────────────────────────────────────────
+// ── Network helpers ────────────────────────────────────────────────────────
 function getLocalIP() {
   const ifaces = networkInterfaces();
@@ -79,35 +80,6 @@ function getTailscaleIP() {
   return null;
 }
-function getTailscaleDNS() {
-  try {
-    const raw = execSync("tailscale status --json", { encoding: "utf8", timeout: 5000 });
-    const status = JSON.parse(raw);
-    const dns = status?.Self?.DNSName;
-    if (dns) return dns.replace(/\.$/, "");
-  } catch { /* ignore */ }
-  return null;
-}
-function setupTailscaleServe(localPort, httpsPort = 8443) {
-  try {
-    // Set up tailscale serve to proxy HTTPS → our local HTTP server
-    execSync(`tailscale serve --bg --https=${httpsPort} http://localhost:${localPort}`, {
-      stdio: "ignore",
-      timeout: 10_000,
-    });
-    return true;
-  } catch {
-    return false;
-  }
-}
-function teardownTailscaleServe(httpsPort = 8443) {
-  try {
-    execSync(`tailscale serve --https=${httpsPort} off`, { stdio: "ignore", timeout: 5000 });
-  } catch { /* ignore */ }
-}
 function commandExists(cmd) {
   try {
     execSync(`which ${cmd}`, { stdio: "ignore" });
@@ -117,6 +89,8 @@ function commandExists(cmd) {
   }
 }
+// ── Interactive prompt ─────────────────────────────────────────────────────
 async function ask(question, options) {
   const rl = createInterface({ input: process.stdin, output: process.stdout });
   return new Promise((resolve) => {
@@ -139,6 +113,8 @@ async function ask(question, options) {
   });
 }
+// ── Cloudflare tunnel ──────────────────────────────────────────────────────
 function startCloudflaredTunnel(port) {
   return new Promise((resolve) => {
     const child = spawn("cloudflared", ["tunnel", "--url", `http://localhost:${port}`], {
@@ -201,7 +177,7 @@ function handleRequest(req, res) {
     return;
   }
-  const url = new URL(req.url ?? "/", `http://localhost`);
+  const url = new URL(req.url ?? "/", "http://localhost");
   const path = url.pathname.replace(/\/+$/, "");
   // ── GET /navigator/status ──
@@ -220,7 +196,6 @@ function handleRequest(req, res) {
   // ── GET /navigator/commands ──
   if (req.method === "GET" && path === "/navigator/commands") {
-    // Mark as connected on first poll
     if (!bridgeState.connected) {
       bridgeState.connected = true;
       bridgeState.connectedAt = Date.now();
@@ -228,7 +203,6 @@ function handleRequest(req, res) {
     }
     bridgeState.lastHeartbeat = Date.now();
-    // Drain pending commands
     const commands = [...pendingCommands];
     pendingCommands.length = 0;
     sendJSON(res, 200, { ok: true, commands });
@@ -252,7 +226,6 @@ function handleRequest(req, res) {
         recentEvents.push(event);
         if (recentEvents.length > MAX_EVENTS) recentEvents.shift();
-        // Update state from heartbeats
         if (body.type === "heartbeat") {
           bridgeState.lastHeartbeat = Date.now();
           bridgeState.activeTabCount = body.data?.tabCount ?? bridgeState.activeTabCount;
@@ -297,7 +270,7 @@ function handleRequest(req, res) {
     return;
   }
-  // ── POST /navigator/command (push command to Navigator) ──
+  // ── POST /navigator/command ──
   if (req.method === "POST" && path === "/navigator/command") {
     readBody(req).then((bodyStr) => {
       try {
@@ -323,7 +296,7 @@ function handleRequest(req, res) {
     return;
   }
-  // ── GET /navigator/events (read recent events) ──
+  // ── GET /navigator/events ──
   if (req.method === "GET" && path === "/navigator/events") {
     const limit = parseInt(url.searchParams.get("limit") ?? "50", 10);
     const events = recentEvents.slice(-Math.min(limit, MAX_EVENTS));
@@ -333,11 +306,10 @@ function handleRequest(req, res) {
   // ── Health check ──
   if (req.method === "GET" && (path === "/" || path === "/health")) {
-    sendJSON(res, 200, { ok: true, service: "openclaw-navigator-bridge", version: "1.1.0" });
+    sendJSON(res, 200, { ok: true, service: "openclaw-navigator-bridge", version: "3.0.0" });
     return;
   }
-  // Unknown
   sendJSON(res, 404, { ok: false, error: "Not found" });
 }
@@ -363,9 +335,6 @@ function showConnectionBox(gatewayURL, token, deepLink, method) {
   console.log("");
   console.log(`  ${CYAN}${deepLink}${RESET}`);
   console.log("");
-  console.log(`${DIM}  Paste URL + Token into Navigator > Settings > OpenClaw${RESET}`);
-  console.log(`${DIM}  Or paste the deep link into the address bar and press Enter.${RESET}`);
-  console.log("");
 }
 // ── Main ───────────────────────────────────────────────────────────────────
@@ -373,35 +342,37 @@ function showConnectionBox(gatewayURL, token, deepLink, method) {
 async function main() {
   const args = process.argv.slice(2);
   let port = 18790;
+  let bindHost = "127.0.0.1"; // Default: localhost only (secure, no firewall issues)
   for (let i = 0; i < args.length; i++) {
     if (args[i] === "--port" && args[i + 1]) port = parseInt(args[i + 1], 10);
+    if (args[i] === "--bind" && args[i + 1]) bindHost = args[i + 1];
     if (args[i] === "--help" || args[i] === "-h") {
       console.log(`
 ${BOLD}openclaw-navigator${RESET} — Navigator bridge server
 ${BOLD}Usage:${RESET}
-  npx openclaw-navigator              Start bridge + tunnel setup
-  npx openclaw-navigator --port 18790 Use a specific port
+  npx openclaw-navigator                  Start bridge (SSH tunnel mode)
+  npx openclaw-navigator --port 18790     Custom port
+  npx openclaw-navigator --bind 0.0.0.0   Listen on all interfaces (direct mode)
 ${BOLD}Options:${RESET}
-  --port <port>   Bridge server port (default: 18790)
-  --help          Show this help
-${BOLD}What this does:${RESET}
-  1. Starts a local bridge server with Navigator endpoints
-  2. Sets up a tunnel so Navigator can reach it
-  3. Generates pairing info (URL + Token)
-  4. Keeps running as the bridge between Navigator and this machine
-  No OpenClaw installation required.
+  --port <port>    Bridge server port (default: 18790)
+  --bind <host>    Bind address (default: 127.0.0.1 for SSH tunnel security)
+  --help           Show this help
+${BOLD}How it works:${RESET}
+  1. Starts a bridge server on localhost (secure, no firewall issues)
+  2. You run one SSH command on your Navigator Mac to create a tunnel
+  3. Navigator connects to localhost — everything encrypted over SSH
+  4. No third-party services required. Just macOS built-in SSH.
 `);
       process.exit(0);
     }
   }
   heading("🧭 Navigator Bridge");
-  info("Self-contained bridge server for the Navigator browser\n");
+  info("Self-contained bridge for the Navigator browser\n");
   // ── Step 1: Start HTTP server ─────────────────────────────────────────
   const server = createServer(handleRequest);
@@ -414,115 +385,128 @@ ${BOLD}What this does:${RESET}
       }
       reject(err);
     });
-    server.listen(port, "0.0.0.0", () => resolve());
+    server.listen(port, bindHost, () => resolve());
   });
-  ok(`Bridge server running on port ${port}`);
-  info(`  Local: http://127.0.0.1:${port}/navigator/status`);
+  ok(`Bridge server running on ${bindHost}:${port}`);
-  // ── Step 2: Choose connection method ──────────────────────────────────
-  const hasCloudflared = commandExists("cloudflared");
+  // ── Step 2: Determine connection method ───────────────────────────────
+  const isDirectMode = bindHost === "0.0.0.0";
   const tailscaleIP = getTailscaleIP();
   const localIP = getLocalIP();
+  const hasCloudflared = commandExists("cloudflared");
+  const displayName = hostname().replace(/\.local$/, "");
+  const user = userInfo().username;
-  const tailscaleDNS = tailscaleIP ? getTailscaleDNS() : null;
-  const methods = [];
-  if (hasCloudflared) methods.push({ value: "cloudflare", label: "Cloudflare Tunnel (recommended)", hint: "works anywhere, no config" });
-  if (tailscaleDNS) methods.push({ value: "tailscale-https", label: "Tailscale HTTPS (recommended)", hint: tailscaleDNS });
-  else if (tailscaleIP) methods.push({ value: "tailscale", label: "Tailscale (raw IP)", hint: tailscaleIP });
-  methods.push({ value: "ssh", label: "SSH Tunnel", hint: "run SSH on your Mac" });
-  if (localIP) methods.push({ value: "lan", label: "Direct LAN", hint: localIP });
-  const method = await ask("How will Navigator connect to this machine?", methods);
+  // Best reachable IP for SSH (prefer Tailscale, then LAN)
+  const sshTarget = tailscaleIP ?? localIP ?? "this-machine";
-  // ── Step 3: Resolve gateway URL ───────────────────────────────────────
   let gatewayURL;
-  let usedTailscaleServe = false;
-  const tailscaleHttpsPort = 8443;
-  switch (method) {
-    case "cloudflare": {
-      process.stdout.write(`\n${DIM}Starting Cloudflare tunnel...${RESET}`);
-      const tunnelURL = await startCloudflaredTunnel(port);
-      if (!tunnelURL) {
-        process.stdout.write("\r" + " ".repeat(60) + "\r");
-        fail("Failed to start tunnel. Install: brew install cloudflare/cloudflare/cloudflared");
-        process.exit(1);
-      }
-      process.stdout.write("\r" + " ".repeat(60) + "\r");
-      ok(`Tunnel active: ${tunnelURL}`);
-      gatewayURL = tunnelURL;
-      break;
-    }
-    case "tailscale-https": {
-      process.stdout.write(`\n${DIM}Setting up Tailscale HTTPS on port ${tailscaleHttpsPort}...${RESET}`);
-      const served = setupTailscaleServe(port, tailscaleHttpsPort);
-      process.stdout.write("\r" + " ".repeat(70) + "\r");
-      if (served) {
-        gatewayURL = `https://${tailscaleDNS}:${tailscaleHttpsPort}`;
-        usedTailscaleServe = true;
-        ok(`Tailscale HTTPS active: ${gatewayURL}`);
-      } else {
-        // Fallback to raw IP
-        warn("tailscale serve failed, falling back to raw IP");
-        gatewayURL = `http://${tailscaleIP}:${port}`;
-        ok(`Using Tailscale IP: ${tailscaleIP}:${port}`);
+  let method;
+  if (isDirectMode) {
+    // ── Direct mode (--bind 0.0.0.0) — skip SSH, use IP directly ──────
+    const methods = [];
+    if (hasCloudflared) methods.push({ value: "cloudflare", label: "Cloudflare Tunnel", hint: "works anywhere" });
+    if (tailscaleIP) methods.push({ value: "tailscale", label: "Tailscale IP", hint: tailscaleIP });
+    if (localIP) methods.push({ value: "lan", label: "Direct LAN", hint: localIP });
+    if (methods.length === 0) {
+      gatewayURL = `http://${bindHost}:${port}`;
+      method = "direct";
+    } else {
+      method = await ask("How will Navigator reach this machine?", methods);
+      switch (method) {
+        case "cloudflare": {
+          process.stdout.write(`\n${DIM}Starting Cloudflare tunnel...${RESET}`);
+          const tunnelURL = await startCloudflaredTunnel(port);
+          if (!tunnelURL) {
+            process.stdout.write("\r" + " ".repeat(60) + "\r");
+            fail("Failed to start tunnel.");
+            process.exit(1);
+          }
+          process.stdout.write("\r" + " ".repeat(60) + "\r");
+          ok(`Tunnel active: ${tunnelURL}`);
+          gatewayURL = tunnelURL;
+          break;
+        }
+        case "tailscale": {
+          gatewayURL = `http://${tailscaleIP}:${port}`;
+          ok(`Using Tailscale: ${tailscaleIP}:${port}`);
+          break;
+        }
+        case "lan": {
+          gatewayURL = `http://${localIP}:${port}`;
+          ok(`Using LAN: ${localIP}:${port}`);
+          break;
+        }
       }
-      break;
-    }
-    case "tailscale": {
-      gatewayURL = `http://${tailscaleIP}:${port}`;
-      ok(`Using Tailscale: ${tailscaleIP}:${port}`);
-      break;
     }
-    case "ssh": {
-      gatewayURL = `http://127.0.0.1:${port}`;
-      console.log("");
-      console.log(`${BOLD}Run this on your Mac:${RESET}`);
-      console.log(`  ${CYAN}ssh -L ${port}:127.0.0.1:${port} ${userInfo().username}@${hostname()}${RESET}`);
-      console.log(`${DIM}Keep SSH open while using Navigator.${RESET}`);
-      break;
-    }
-    case "lan": {
-      gatewayURL = `http://${localIP}:${port}`;
-      ok(`Using LAN: ${localIP}:${port}`);
-      warn("Both machines must be on the same network.");
-      break;
+  } else {
+    // ── SSH tunnel mode (default) ─────────────────────────────────────
+    method = "ssh-tunnel";
+    gatewayURL = `http://localhost:${port}`;
+    console.log("");
+    console.log(`${BOLD}${MAGENTA}━━━ Step 1: Open SSH tunnel from your Navigator Mac ━━━${RESET}`);
+    console.log("");
+    console.log(`  On your ${BOLD}Navigator Mac${RESET}, open Terminal and run:`);
+    console.log("");
+    console.log(`  ${CYAN}${BOLD}ssh -L ${port}:localhost:${port} ${user}@${sshTarget} -N${RESET}`);
+    console.log("");
+    if (tailscaleIP) {
+      info(`  (${sshTarget} is your Tailscale IP — works from anywhere)`);
+    } else if (localIP) {
+      info(`  (${sshTarget} is your LAN IP — both Macs must be on the same network)`);
     }
+    console.log("");
+    info("  This creates an encrypted tunnel. Keep it open while using Navigator.");
+    info("  The -N flag means 'no shell' — it just forwards the port.");
+    console.log("");
+    console.log(`${BOLD}${MAGENTA}━━━ Step 2: Connect Navigator ━━━${RESET}`);
+    console.log("");
+    console.log(`  After SSH is connected, paste this in Navigator's address bar:`);
+    console.log("");
   }
-  // ── Step 4: Generate pairing token ────────────────────────────────────
-  const displayName = hostname().replace(/\.local$/, "");
+  // ── Step 3: Generate pairing token ────────────────────────────────────
   const token = randomUUID().replace(/-/g, "");
   validTokens.add(token);
   ok("Pairing token generated");
-  // ── Step 5: Show result ───────────────────────────────────────────────
+  // ── Step 4: Show connection info ──────────────────────────────────────
   const deepLink = `navigator://connect?url=${encodeURIComponent(gatewayURL)}&token=${token}&name=${encodeURIComponent(displayName)}`;
-  showConnectionBox(gatewayURL, token, deepLink, method);
+  if (method === "ssh-tunnel") {
+    // Compact display for SSH mode (instructions already shown above)
+    console.log("");
+    console.log(`  ${CYAN}${BOLD}${deepLink}${RESET}`);
+    console.log("");
+    info(`  Or manually enter in Navigator > Settings > OpenClaw:`);
+    info(`  URL:   ${gatewayURL}`);
+    info(`  Token: ${token}`);
+    console.log("");
+    console.log(`${BOLD}${MAGENTA}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${RESET}`);
+  } else {
+    showConnectionBox(gatewayURL, token, deepLink, method);
+  }
+  console.log("");
   console.log(`${BOLD}${GREEN}Bridge is running.${RESET} Waiting for Navigator to connect...`);
   console.log(`${DIM}Press Ctrl+C to stop.${RESET}\n`);
   // Graceful shutdown
-  const cleanup = () => {
-    if (usedTailscaleServe) {
-      console.log(`${DIM}Removing tailscale serve...${RESET}`);
-      teardownTailscaleServe(tailscaleHttpsPort);
-    }
-    server.close();
-  };
   process.on("SIGINT", () => {
     console.log(`\n${DIM}Shutting down bridge...${RESET}`);
-    cleanup();
+    server.close();
     process.exit(0);
   });
   process.on("SIGTERM", () => {
-    cleanup();
+    server.close();
     process.exit(0);
   });
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-navigator",
-  "version": "2.1.0",
+  "version": "3.0.0",
   "description": "Self-contained Navigator bridge server — connects the Navigator browser to any machine",
   "license": "MIT",
   "bin": {