otavia 0.1.0

package/src/commands/dev/gateway.ts

@@ -0,0 +1,421 @@
+import { existsSync, readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { pathToFileURL } from "node:url";
+import { Hono } from "hono";
+import type { OtaviaYaml } from "../../config/otavia-yaml-schema.js";
+import type { CellConfig } from "../../config/cell-yaml-schema.js";
+import { loadOtaviaYaml } from "../../config/load-otavia-yaml.js";
+import { loadCellConfig } from "../../config/load-cell-yaml.js";
+import { resolveCellDir } from "../../config/resolve-cell-dir.js";
+import { assertDeclaredParamsProvided, mergeParams, resolveParams } from "../../config/resolve-params.js";
+import { loadEnvForCell } from "../../utils/env.js";
+import { tablePhysicalName, bucketPhysicalName } from "../../config/resource-names.js";
+import { buildForwardUrlForCellMount } from "./forward-url.js";
+import {
+  isDockerRunning,
+  startDynamoDB,
+  startMinIO,
+  waitForPort,
+} from "../../local/docker.js";
+import { isDynamoDBReady, ensureLocalTables, type LocalTableEntry } from "../../local/dynamodb-local.js";
+import { isMinIOReady, ensureLocalBuckets } from "../../local/minio-local.js";
+import {
+  buildOAuthAuthorizationServerMetadata,
+  buildOAuthProtectedResourceMetadata,
+  createOAuthDiscoveryRegistry,
+  extractMountFromAuthorizationServerWellKnownPath,
+  extractProtectedResourcePathFromWellKnown,
+  getRequestOrigin,
+} from "./well-known.js";
+import { resolveRootRedirectMount } from "./mount-selection.js";
+
+const DYNAMODB_CONTAINER = "otavia-dynamodb-dev";
+const MINIO_CONTAINER = "otavia-minio-dev";
+
+export interface GatewayCellInfo {
+  /** Path segment for this cell in the stack (e.g. "sso", "drive"). */
+  mount: string;
+  cellDir: string;
+  /** Package name (e.g. @otavia/sso). Used to import gateway module. */
+  packageName: string;
+  config: CellConfig;
+  env: Record<string, string>;
+}
+
+function resolvedParamsToEnv(resolved: Record<string, string | unknown>): Record<string, string> {
+  const env: Record<string, string> = {};
+  for (const [key, value] of Object.entries(resolved)) {
+    if (value === null || value === undefined) {
+      env[key] = "";
+    } else if (typeof value === "object") {
+      env[key] = JSON.stringify(value);
+    } else {
+      env[key] = String(value);
+    }
+  }
+  return env;
+}
+
+export function resolveGatewaySsoBaseUrl(
+  configuredSsoBaseUrl: string | undefined,
+  backendPort: number,
+  defaultMount: string,
+  publicBaseUrl?: string
+): string {
+  const configured = configuredSsoBaseUrl?.trim();
+  if (configured) {
+    if (publicBaseUrl) {
+      try {
+        const parsed = new URL(configured);
+        const host = parsed.hostname.toLowerCase();
+        if (host === "localhost" || host === "127.0.0.1" || host === "::1") {
+          return `${publicBaseUrl.replace(/\/$/, "")}/${defaultMount}`;
+        }
+      } catch {
+        // Keep configured value if it is not a URL.
+      }
+    }
+    return configured;
+  }
+  if (publicBaseUrl) return `${publicBaseUrl.replace(/\/$/, "")}/${defaultMount}`;
+  return `http://localhost:${backendPort}/${defaultMount}`;
+}
+
+function toResourceEnvKey(prefix: string, key: string): string {
+  const normalized = key.replace(/[^A-Za-z0-9]/g, "_").toUpperCase();
+  return `${prefix}${normalized}`;
+}
+
+export function applyResourceNameEnvVars(cells: GatewayCellInfo[], stackName: string): void {
+  for (const cell of cells) {
+    if (cell.config.tables) {
+      for (const key of Object.keys(cell.config.tables)) {
+        cell.env[toResourceEnvKey("DYNAMODB_TABLE_", key)] = tablePhysicalName(
+          stackName,
+          cell.mount,
+          key
+        );
+      }
+    }
+    if (cell.config.buckets) {
+      for (const key of Object.keys(cell.config.buckets)) {
+        cell.env[toResourceEnvKey("S3_BUCKET_", key)] = bucketPhysicalName(
+          stackName,
+          cell.mount,
+          key
+        );
+      }
+    }
+  }
+}
+
+async function discoverCells(
+  rootDir: string,
+  otavia: OtaviaYaml,
+  backendPort: number,
+  publicBaseUrl?: string
+): Promise<GatewayCellInfo[]> {
+  const firstMount = otavia.cellsList[0]?.mount ?? "";
+  const cells: GatewayCellInfo[] = [];
+
+  for (const entry of otavia.cellsList) {
+    const cellDir = resolveCellDir(rootDir, entry.package);
+    const cellYamlPath = resolve(cellDir, "cell.yaml");
+    if (!existsSync(cellYamlPath)) {
+      console.warn(`[gateway] Skipping "${entry.mount}" (${entry.package}): cell.yaml not found at ${cellYamlPath}`);
+      continue;
+    }
+    const pkgPath = resolve(cellDir, "package.json");
+    if (!existsSync(pkgPath)) {
+      console.warn(`[gateway] Skipping "${entry.mount}": package.json not found`);
+      continue;
+    }
+    const pkg = JSON.parse(readFileSync(pkgPath, "utf-8")) as { name?: string };
+    const packageName = pkg?.name ?? entry.package;
+    const config = loadCellConfig(cellDir);
+    const merged = mergeParams(otavia.params, entry.params);
+    assertDeclaredParamsProvided(config.params, merged, entry.mount);
+    const envMap = loadEnvForCell(rootDir, cellDir, { stage: "dev" });
+    if (!envMap.SSO_BASE_URL?.trim()) {
+      envMap.SSO_BASE_URL = resolveGatewaySsoBaseUrl(undefined, backendPort, firstMount, publicBaseUrl);
+    }
+    const resolved = resolveParams(merged as Record<string, unknown>, envMap, {
+      onMissingParam: "placeholder",
+    });
+    const env = resolvedParamsToEnv(resolved as Record<string, string | unknown>);
+    const ssoBaseUrl = resolveGatewaySsoBaseUrl(env.SSO_BASE_URL, backendPort, firstMount, publicBaseUrl);
+    env.CELL_BASE_URL =
+      entry.mount === "sso"
+        ? ssoBaseUrl
+        : publicBaseUrl
+          ? `${publicBaseUrl.replace(/\/$/, "")}/${entry.mount}`
+          : `http://localhost:${backendPort}/${entry.mount}`;
+    env.SSO_BASE_URL = ssoBaseUrl;
+    cells.push({ mount: entry.mount, cellDir, packageName, config, env });
+  }
+  return cells;
+}
+
+async function ensureDockerResources(
+  rootDir: string,
+  otavia: OtaviaYaml,
+  cells: GatewayCellInfo[],
+  options: { dynamodbPort: number; minioPort: number }
+): Promise<{ dynamoEndpoint?: string; s3Endpoint?: string }> {
+  const hasTables = cells.some((c) => c.config.tables && Object.keys(c.config.tables).length > 0);
+  const hasBuckets = cells.some((c) => c.config.buckets && Object.keys(c.config.buckets).length > 0);
+  if (!hasTables && !hasBuckets) return {};
+
+  if (!(await isDockerRunning())) {
+    throw new Error("Docker is not running. Start Docker to use local DynamoDB/MinIO.");
+  }
+
+  const stackName = otavia.stackName;
+  let dynamoEndpoint: string | undefined;
+  let s3Endpoint: string | undefined;
+
+  if (hasTables) {
+    await startDynamoDB({
+      port: options.dynamodbPort,
+      persistent: false,
+      containerName: DYNAMODB_CONTAINER,
+    });
+    if (!(await waitForPort(options.dynamodbPort))) {
+      throw new Error("DynamoDB Local did not become ready in time");
+    }
+    dynamoEndpoint = `http://localhost:${options.dynamodbPort}`;
+    // DynamoDB Local may accept TCP before the API is ready; retry isDynamoDBReady
+    for (let i = 0; i < 30; i++) {
+      if (await isDynamoDBReady(dynamoEndpoint)) break;
+      await Bun.sleep(500);
+      if (i === 29) {
+        throw new Error("DynamoDB endpoint not accepting requests");
+      }
+    }
+    const tablesList: LocalTableEntry[] = [];
+    for (const cell of cells) {
+      if (!cell.config.tables) continue;
+      for (const [key, config] of Object.entries(cell.config.tables)) {
+        tablesList.push({
+          tableName: tablePhysicalName(stackName, cell.mount, key),
+          config,
+        });
+      }
+    }
+    await ensureLocalTables(dynamoEndpoint, tablesList);
+  }
+
+  if (hasBuckets) {
+    await startMinIO({
+      port: options.minioPort,
+      containerName: MINIO_CONTAINER,
+      // no dataDir for dev => ephemeral
+    });
+    if (!(await waitForPort(options.minioPort))) {
+      throw new Error("MinIO did not become ready in time");
+    }
+    s3Endpoint = `http://localhost:${options.minioPort}`;
+    // MinIO may accept TCP before the S3 API is ready; retry isMinIOReady
+    for (let i = 0; i < 30; i++) {
+      if (await isMinIOReady(s3Endpoint)) break;
+      await Bun.sleep(500);
+      if (i === 29) {
+        throw new Error("MinIO endpoint not accepting S3 requests");
+      }
+    }
+    const bucketNames: string[] = [];
+    for (const cell of cells) {
+      if (!cell.config.buckets) continue;
+      for (const key of Object.keys(cell.config.buckets)) {
+        bucketNames.push(bucketPhysicalName(stackName, cell.mount, key));
+      }
+    }
+    await ensureLocalBuckets(s3Endpoint, bucketNames);
+  }
+
+  return { dynamoEndpoint, s3Endpoint };
+}
+
+function applyLocalEndpoints(
+  cells: GatewayCellInfo[],
+  dynamoEndpoint?: string,
+  s3Endpoint?: string
+): void {
+  for (const cell of cells) {
+    if (dynamoEndpoint && cell.config.tables && Object.keys(cell.config.tables).length > 0) {
+      cell.env.DYNAMODB_ENDPOINT = dynamoEndpoint;
+    }
+    if (s3Endpoint && cell.config.buckets && Object.keys(cell.config.buckets).length > 0) {
+      cell.env.S3_ENDPOINT = s3Endpoint;
+    }
+  }
+}
+
+async function loadCellGatewayApp(
+  cell: GatewayCellInfo
+): Promise<((env: Record<string, string>) => Hono | Promise<Hono>) | null> {
+  // Preferred: package export contract "@pkg/backend"
+  try {
+    const mod = await import(`${cell.packageName}/backend`);
+    if (typeof mod?.createAppForBackend === "function") {
+      return mod.createAppForBackend;
+    }
+    if (typeof mod?.createAppForGateway === "function") {
+      return mod.createAppForGateway;
+    }
+  } catch {
+    // Fallback to file-based discovery.
+  }
+
+  // Compatibility fallback while migrating from gateway naming.
+  const candidates = [
+    resolve(cell.cellDir, "backend", "app.ts"),
+    resolve(cell.cellDir, "backend", "gateway-app.ts"),
+  ];
+  for (const backendEntryPath of candidates) {
+    if (!existsSync(backendEntryPath)) continue;
+    try {
+      const mod = await import(pathToFileURL(backendEntryPath).href);
+      if (typeof mod?.createAppForBackend === "function") {
+        return mod.createAppForBackend;
+      }
+      if (typeof mod?.createAppForGateway === "function") {
+        return mod.createAppForGateway;
+      }
+    } catch {
+      // Module load error, try next candidate.
+    }
+  }
+  return null;
+}
+
+export type GatewayServer = { stop: () => void };
+
+/**
+ * Start the dev gateway: single Hono app mounting each cell at /<mount>.
+ * Starts Docker (DynamoDB Local + MinIO) when any cell has tables/buckets, unless
+ * overrides are provided (e.g. for e2e: caller already started Docker and passes endpoints).
+ */
+export async function runGatewayDev(
+  rootDir: string,
+  backendPort: number,
+  overrides?: { dynamoEndpoint?: string; s3Endpoint?: string },
+  options?: { publicBaseUrl?: string; dynamodbPort: number; minioPort: number }
+): Promise<GatewayServer> {
+  const otavia = loadOtaviaYaml(rootDir);
+  const cells = await discoverCells(rootDir, otavia, backendPort, options?.publicBaseUrl);
+  if (cells.length === 0) {
+    throw new Error("No cells found");
+  }
+  applyResourceNameEnvVars(cells, otavia.stackName);
+
+  let dynamoEndpoint: string | undefined;
+  let s3Endpoint: string | undefined;
+  if (overrides?.dynamoEndpoint !== undefined || overrides?.s3Endpoint !== undefined) {
+    dynamoEndpoint = overrides.dynamoEndpoint;
+    s3Endpoint = overrides.s3Endpoint;
+  } else {
+    if (!options) {
+      throw new Error("Missing docker port options for local resources.");
+    }
+    const resources = await ensureDockerResources(rootDir, otavia, cells, {
+      dynamodbPort: options.dynamodbPort,
+      minioPort: options.minioPort,
+    });
+    dynamoEndpoint = resources.dynamoEndpoint;
+    s3Endpoint = resources.s3Endpoint;
+  }
+  applyLocalEndpoints(cells, dynamoEndpoint, s3Endpoint);
+
+  const gatewayApp = new Hono();
+  const firstMount = otavia.cellsList[0]?.mount ?? "";
+  const rootRedirectMount = resolveRootRedirectMount(
+    otavia.cellsList.map((cell) => cell.mount),
+    otavia.defaultCell
+  );
+  const oauthDiscoveryRegistry = createOAuthDiscoveryRegistry(cells);
+
+  gatewayApp.get("/", (c) => c.redirect(`/${rootRedirectMount}/`, 301));
+
+  gatewayApp.get("/.well-known/oauth-authorization-server", (c) => {
+    return c.json({ error: "not_found", message: "issuer path suffix is required" }, 404);
+  });
+
+  gatewayApp.get("/.well-known/oauth-authorization-server/*", (c) => {
+    const mount = extractMountFromAuthorizationServerWellKnownPath(c.req.path);
+    if (!mount) {
+      return c.json({ error: "not_found" }, 404);
+    }
+    const oauthCell = oauthDiscoveryRegistry.get(mount);
+    if (!oauthCell) {
+      return c.json({ error: "not_found" }, 404);
+    }
+    const origin = getRequestOrigin(c);
+    return c.json(buildOAuthAuthorizationServerMetadata(origin, mount, oauthCell.scopes));
+  });
+
+  gatewayApp.get("/.well-known/oauth-protected-resource", (c) => {
+    return c.json({ error: "not_found", message: "resource path suffix is required" }, 404);
+  });
+
+  gatewayApp.get("/.well-known/oauth-protected-resource/*", (c) => {
+    const resourcePath = extractProtectedResourcePathFromWellKnown(c.req.path);
+    if (!resourcePath) {
+      return c.json({ error: "not_found" }, 404);
+    }
+    const mount = resourcePath.split("/").filter(Boolean)[0];
+    if (!mount) {
+      return c.json({ error: "not_found" }, 404);
+    }
+    const oauthCell = oauthDiscoveryRegistry.get(mount);
+    if (!oauthCell) {
+      return c.json({ error: "not_found" }, 404);
+    }
+    const origin = getRequestOrigin(c);
+    return c.json(buildOAuthProtectedResourceMetadata(origin, resourcePath, mount, oauthCell.scopes));
+  });
+
+  for (const cell of cells) {
+    gatewayApp.get(`/${cell.mount}`, (c) => c.redirect(`/${cell.mount}/`, 301));
+  }
+
+  for (const cell of cells) {
+    const createApp = await loadCellGatewayApp(cell);
+    if (!createApp) {
+      console.warn(
+        `[gateway] No backend entry for "${cell.mount}" (tried backend/app.ts and backend/gateway-app.ts), skipping mount`
+      );
+      continue;
+    }
+    const cellApp = await Promise.resolve(createApp(cell.env));
+    const prefix = `/${cell.mount}`;
+    gatewayApp.all(prefix + "/", async (c) => {
+      const newUrl = buildForwardUrlForCellMount(c.req.url, prefix);
+      const newReq = new Request(newUrl.href, {
+        method: c.req.method,
+        headers: c.req.raw.headers,
+        body: c.req.raw.body,
+      });
+      return cellApp.fetch(newReq);
+    });
+    gatewayApp.all(`${prefix}/*`, async (c) => {
+      const newUrl = buildForwardUrlForCellMount(c.req.url, prefix);
+      const newReq = new Request(newUrl.href, {
+        method: c.req.method,
+        headers: c.req.raw.headers,
+        body: c.req.raw.body,
+      });
+      return cellApp.fetch(newReq);
+    });
+    console.log(`[gateway] Mounted ${cell.mount} at /${cell.mount}`);
+  }
+
+  const server = Bun.serve({
+    port: backendPort,
+    hostname: "0.0.0.0",
+    fetch: gatewayApp.fetch,
+  });
+
+  console.log(`[gateway] Gateway running at http://localhost:${server.port}`);
+  return { stop: () => server.stop() };
+}

package/src/commands/dev/main-frontend-runtime/main-entry.ts

@@ -0,0 +1,35 @@
+export type MountLoaders = Record<string, () => Promise<unknown>>;
+
+function normalizePathname(pathname: string): string {
+  if (!pathname.endsWith("/")) return pathname + "/";
+  return pathname;
+}
+
+function resolveMount(pathname: string, mounts: string[]): string | null {
+  const seg = pathname.split("/").filter(Boolean)[0];
+  if (!seg) return null;
+  return mounts.includes(seg) ? seg : null;
+}
+
+export async function bootMainFrontend(
+  rootRedirectMount: string,
+  mounts: string[],
+  mountLoaders: MountLoaders
+): Promise<void> {
+  const mount = resolveMount(window.location.pathname, mounts);
+  if (!mount) {
+    window.location.replace(`/${rootRedirectMount}/`);
+    return;
+  }
+  const desiredPrefix = `/${mount}/`;
+  if (!normalizePathname(window.location.pathname).startsWith(desiredPrefix)) {
+    window.location.replace(desiredPrefix);
+    return;
+  }
+  const load = mountLoaders[mount];
+  if (!load) {
+    window.location.replace(`/${rootRedirectMount}/`);
+    return;
+  }
+  await load();
+}

package/src/commands/dev/main-frontend-runtime/vite-config.ts

@@ -0,0 +1,210 @@
+import { existsSync, readFileSync } from "node:fs";
+import { resolve as resolvePath } from "node:path";
+import { defineConfig, type Plugin } from "vite";
+import react from "@vitejs/plugin-react";
+
+export type RouteMatch = "prefix" | "exact";
+export type RouteRule = { path: string; match: RouteMatch };
+export type ProxyRule = { mount: string; path: string; match: RouteMatch; target: string };
+export type FrontendModuleProxyRule = { path: string; sourcePath: string };
+export type MainDevGeneratedConfig = {
+  firstMount: string;
+  mounts: string[];
+  routeRules: RouteRule[];
+  proxyRules: ProxyRule[];
+  frontendModuleProxyRules: FrontendModuleProxyRule[];
+};
+
+function isRouteMatch(v: unknown): v is RouteMatch {
+  return v === "prefix" || v === "exact";
+}
+
+function isRouteRule(v: unknown): v is RouteRule {
+  return (
+    typeof v === "object" &&
+    v !== null &&
+    typeof (v as RouteRule).path === "string" &&
+    isRouteMatch((v as RouteRule).match)
+  );
+}
+
+function isProxyRule(v: unknown): v is ProxyRule {
+  return (
+    typeof v === "object" &&
+    v !== null &&
+    typeof (v as ProxyRule).mount === "string" &&
+    typeof (v as ProxyRule).path === "string" &&
+    isRouteMatch((v as ProxyRule).match) &&
+    typeof (v as ProxyRule).target === "string"
+  );
+}
+
+function isFrontendModuleProxyRule(v: unknown): v is FrontendModuleProxyRule {
+  return (
+    typeof v === "object" &&
+    v !== null &&
+    typeof (v as FrontendModuleProxyRule).path === "string" &&
+    typeof (v as FrontendModuleProxyRule).sourcePath === "string"
+  );
+}
+
+function loadGeneratedConfig(generatedConfigPath: URL): MainDevGeneratedConfig | null {
+  if (!existsSync(generatedConfigPath)) return null;
+  try {
+    const parsed = JSON.parse(readFileSync(generatedConfigPath, "utf-8")) as Partial<MainDevGeneratedConfig>;
+    if (
+      !Array.isArray(parsed.mounts) ||
+      !Array.isArray(parsed.routeRules) ||
+      !Array.isArray(parsed.proxyRules)
+    ) {
+      return null;
+    }
+    const mounts = parsed.mounts.filter((m): m is string => typeof m === "string");
+    const routeRules = parsed.routeRules.filter(isRouteRule);
+    const proxyRules = parsed.proxyRules.filter(isProxyRule);
+    const frontendModuleProxyRules = Array.isArray(parsed.frontendModuleProxyRules)
+      ? parsed.frontendModuleProxyRules.filter(isFrontendModuleProxyRule)
+      : [];
+    const firstMount = typeof parsed.firstMount === "string" ? parsed.firstMount : mounts[0] ?? "";
+    return { firstMount, mounts, routeRules, proxyRules, frontendModuleProxyRules };
+  } catch {
+    return null;
+  }
+}
+
+function toAbsoluteFsPath(sourcePath: string, packageRoot: string): string {
+  const isWindowsAbs = /^[A-Za-z]:[\\/]/.test(sourcePath);
+  const absolute = sourcePath.startsWith("/") || isWindowsAbs
+    ? sourcePath
+    : resolvePath(packageRoot, sourcePath);
+  return absolute.replace(/\\/g, "/");
+}
+
+function extractMountFromPath(pathname: string, mountSet: Set<string>): string | null {
+  const seg = pathname.split("/").filter(Boolean)[0];
+  if (!seg) return null;
+  return mountSet.has(seg) ? seg : null;
+}
+
+function matchesRule(pathname: string, rule: RouteRule): boolean {
+  return rule.match === "exact"
+    ? pathname === rule.path
+    : pathname === rule.path || pathname.startsWith(rule.path + "/");
+}
+
+function isBackendRoute(pathname: string, routeRules: RouteRule[]): boolean {
+  return routeRules.some((r) => matchesRule(pathname, r));
+}
+
+function isGlobalWellKnownPath(pathname: string): boolean {
+  return pathname === "/.well-known" || pathname.startsWith("/.well-known/");
+}
+
+type ConfigOptions = {
+  generatedConfigPath: URL;
+  packageRoot: string;
+  backendPort: string;
+  vitePort: number;
+};
+
+export function createMainFrontendViteConfig(options: ConfigOptions) {
+  const backendTarget = `http://localhost:${options.backendPort}`;
+  const generated = loadGeneratedConfig(options.generatedConfigPath);
+  if (!generated) {
+    throw new Error(
+      `Missing or invalid generated dev config at ${options.generatedConfigPath.href}. Run otavia dev to regenerate it.`
+    );
+  }
+  const mounts: string[] = generated.mounts;
+  const mountSet = new Set(mounts);
+  const firstMount = generated.firstMount;
+  const routeRules: RouteRule[] = generated.routeRules;
+  const frontendModuleProxyRules = generated.frontendModuleProxyRules;
+  const frontendModuleProxyMap = new Map(frontendModuleProxyRules.map((r) => [r.path, r.sourcePath]));
+
+  function mountAwareApiRewritePlugin(): Plugin {
+    return {
+      name: "otavia-mount-aware-api-rewrite",
+      configureServer(server) {
+        server.middlewares.use((req, _res, next) => {
+          const url = req.url ?? "/";
+          const parsed = new URL(url, "http://localhost");
+          const pathname = parsed.pathname;
+          const moduleSourcePath = frontendModuleProxyMap.get(pathname);
+          if (moduleSourcePath) {
+            req.url = `/@fs/${toAbsoluteFsPath(moduleSourcePath, options.packageRoot)}${parsed.search}`;
+            next();
+            return;
+          }
+
+          if (isGlobalWellKnownPath(pathname)) {
+            next();
+            return;
+          }
+
+          const alreadyMounted = extractMountFromPath(pathname, mountSet);
+          if (alreadyMounted) {
+            next();
+            return;
+          }
+          if (!isBackendRoute(pathname, routeRules)) {
+            next();
+            return;
+          }
+
+          const referer = req.headers.referer;
+          let mount = firstMount;
+          if (referer) {
+            try {
+              const refPath = new URL(referer).pathname;
+              const refMount = extractMountFromPath(refPath, mountSet);
+              if (refMount) mount = refMount;
+            } catch {
+              // Ignore malformed referer.
+            }
+          }
+          if (mount) {
+            req.url = `/${mount}${pathname}${parsed.search}`;
+          }
+          next();
+        });
+      },
+    };
+  }
+
+  const proxy: Record<string, object> = {};
+  const proxyRules: ProxyRule[] = generated.proxyRules;
+  const sortedProxyRules = proxyRules.slice().sort((a, b) => {
+    if (a.path === b.path) {
+      if (a.match === b.match) return 0;
+      return a.match === "exact" ? -1 : 1;
+    }
+    return b.path.length - a.path.length;
+  });
+  for (const rule of sortedProxyRules) {
+    if (proxy[rule.path]) continue;
+    if (rule.match === "exact") {
+      proxy[rule.path] = {
+        target: rule.target,
+        bypass(req: { url?: string }) {
+          const pathname = req.url?.split("?")[0] ?? "";
+          if (pathname !== rule.path) return "/index.html";
+        },
+      };
+    } else {
+      proxy[rule.path] = { target: rule.target };
+    }
+  }
+
+  return defineConfig({
+    plugins: [mountAwareApiRewritePlugin(), react()],
+    resolve: { conditions: ["bun"], dedupe: ["react", "react-dom"] },
+    server: {
+      port: options.vitePort,
+      host: "0.0.0.0",
+      allowedHosts: true,
+      strictPort: true,
+      proxy,
+    },
+  });
+}

package/src/commands/dev/mount-selection.ts

@@ -0,0 +1,9 @@
+export function resolveRootRedirectMount(
+  mounts: string[],
+  preferredMount?: string
+): string {
+  if (preferredMount && mounts.includes(preferredMount)) {
+    return preferredMount;
+  }
+  return mounts[0] ?? "";
+}