pal-explorer-cli 0.4.0

package/lib/commands/serve.js

@@ -0,0 +1,438 @@
+import WebTorrent from 'webtorrent';
+import chalk from 'chalk';
+import path from 'path';
+import fs from 'fs';
+import { spawn } from 'child_process';
+import { fileURLToPath } from 'url';
+import { listShares, getShareKey, isShareExpired, expireOldShares } from '../core/shares.js';
+import { getTransfers, updateTransferProgress, completeTransfer } from '../core/transfers.js';
+import { encryptForSeed, getEncryptedSeedDir } from '../crypto/streamEncryption.js';
+import { generateShareKey } from '../crypto/shareEncryption.js';
+import config from '../utils/config.js';
+import logger from '../utils/logger.js';
+import { requireRole } from '../core/users.js';
+import { startWebServer } from '../core/webServer.js';
+import { getPrimaryServer, postTo } from '../core/discoveryClient.js';
+import { startMdns } from '../core/mdnsService.js';
+import { connect, getConnectionState } from '../core/connectionManager.js';
+import { startAsync as startSignaling, setMessageHandler, stop as stopSignaling } from '../core/signalingServer.js';
+import { DEFAULT_TRACKERS } from '../utils/torrent.js';
+import os from 'os';
+
+function getLanIp() {
+  const interfaces = os.networkInterfaces();
+  const candidates = [];
+  for (const name of Object.keys(interfaces)) {
+    for (const iface of interfaces[name]) {
+      if (iface.family === 'IPv4' && !iface.internal) {
+        // Prefer 192.168.x.x and 10.x.x.x over virtual adapters (172.x usually WSL/Docker)
+        const priority = iface.address.startsWith('192.168.') || iface.address.startsWith('10.') ? 0 : 1;
+        candidates.push({ address: iface.address, priority, name });
+      }
+    }
+  }
+  candidates.sort((a, b) => a.priority - b.priority);
+  return candidates[0]?.address || null;
+}
+
+const pidFile = () => path.join(path.dirname(config.path), 'serve.pid');
+
+export default function serveCommand(program) {
+  program
+    .command('serve')
+    .description('start the sharing daemon (seeds all active shares)')
+    .option('--daemon', 'Run as a background daemon')
+    .option('--stop', 'Stop a running daemon')
+    .option('--web', 'Start the web dashboard alongside the seeder')
+    .option('--web-port <port>', 'Web dashboard port (default: 8585)', '8585')
+    .option('--lan', 'Bind web server to 0.0.0.0 for LAN access')
+    .option('--public-ip <ip>', 'Public IP/hostname for serveUrl announcement (for VPS/cloud)')
+    .addHelpText('after', `
+Examples:
+  $ pe serve                        Start seeding in foreground
+  $ pe serve --daemon               Start as background daemon
+  $ pe serve --stop                 Stop the daemon
+  $ pe serve --web                  Start with web dashboard
+  $ pe serve --web --web-port 9090  Custom web dashboard port
+  $ pe serve --web --lan --public-ip 1.2.3.4  VPS with public IP
+`)
+    .action(async (opts) => {
+      try { requireRole('user'); } catch (e) {
+        console.log(chalk.red(e.message));
+        process.exitCode = 1;
+        return;
+      }
+      if (opts.stop) {
+        const pidPath = pidFile();
+        if (!fs.existsSync(pidPath)) {
+          console.log(chalk.yellow('No daemon PID file found.'));
+          return;
+        }
+        const pid = parseInt(fs.readFileSync(pidPath, 'utf8').trim(), 10);
+        try {
+          process.kill(pid, 0); // check if alive
+          process.kill(pid, 'SIGTERM');
+          fs.unlinkSync(pidPath);
+          console.log(chalk.green(`Daemon stopped (PID ${pid}).`));
+        } catch (err) {
+          fs.unlinkSync(pidPath);
+          if (err.code === 'ESRCH') {
+            console.log(chalk.yellow(`Daemon (PID ${pid}) was not running. Cleaned up stale PID file.`));
+          } else {
+            console.log(chalk.red(`Failed to stop daemon (PID ${pid}): ${err.message}`));
+            process.exitCode = 1;
+          }
+        }
+        return;
+      }
+
+      if (opts.daemon) {
+        const binPath = fileURLToPath(new URL('../../bin/pal.js', import.meta.url));
+        const args = [binPath, 'serve'];
+        if (opts.web) {
+          args.push('--web');
+          if (opts.webPort && opts.webPort !== '8585') args.push('--web-port', opts.webPort);
+          if (opts.lan) args.push('--lan');
+          if (opts.publicIp) args.push('--public-ip', opts.publicIp);
+        }
+        const child = spawn(process.execPath, args, {
+          detached: true,
+          stdio: 'ignore'
+        });
+        child.unref();
+        fs.writeFileSync(pidFile(), String(child.pid));
+        console.log(chalk.green(`Daemon started (PID: ${child.pid})`));
+        return;
+      }
+
+      // ── Start P2P services FIRST (signaling, mDNS, DHT) ──
+      // These must start before seeding so peers can query us immediately
+
+      // Start PAL/1.0 signaling server (port 7474)
+      let signalingActive = false;
+      try {
+        const { handleIncoming } = await import('../protocol/handler.js');
+        const identity = config.get('identity');
+        if (identity?.privateKey) {
+          const keyPair = {
+            publicKey: Buffer.from(identity.publicKey, 'hex'),
+            privateKey: Buffer.from(identity.privateKey, 'hex'),
+          };
+          setMessageHandler((envelope) => handleIncoming(envelope, keyPair));
+        }
+        const sigResult = await startSignaling();
+        signalingActive = sigResult.bound;
+        if (signalingActive) {
+          console.log(chalk.cyan('PAL/1.0 signaling server active (port 7474)'));
+        } else {
+          console.log(chalk.yellow(`Signaling server failed to bind (${sigResult.error || 'unknown'})`));
+        }
+      } catch (err) {
+        console.error(chalk.red(`Failed to start signaling: ${err.message}`));
+      }
+
+      // Start mDNS background advertisement (only if signaling bound successfully)
+      if (signalingActive) {
+        try {
+          const identity = config.get('identity');
+          if (identity) {
+            startMdns(identity, {});
+            console.log(chalk.cyan('mDNS discovery active (LAN peer detection)'));
+          }
+        } catch { /* non-fatal */ }
+      } else {
+        console.log(chalk.yellow('Skipping mDNS — signaling server not active (port in use by another instance?)'));
+      }
+
+      // Re-publish to DHT every 30 minutes
+      const identity = config.get('identity');
+      if (identity?.handle && identity?.privateKey && identity?.publicKey) {
+        const republishDHT = async () => {
+          try {
+            const { DHTDiscovery } = await import('../core/dhtDiscovery.js');
+            const dht = new DHTDiscovery();
+            const dhtHash = await dht.publish(identity.handle, identity.publicKey, identity.privateKey);
+            const cache = config.get('handleCache') || {};
+            if (!cache[identity.handle]) cache[identity.handle] = {};
+            cache[identity.handle].dhtHash = dhtHash;
+            config.set('handleCache', cache);
+            logger.info('DHT re-published', { handle: identity.handle, hash: dhtHash.slice(0, 12) });
+            dht.destroy();
+          } catch (err) {
+            logger.warn(`DHT re-publish failed: ${err.message}`);
+          }
+        };
+        republishDHT();
+        setInterval(republishDHT, 30 * 60 * 1000);
+      }
+
+      // Register device with discovery server so peers can find us
+      try {
+        const ident = config.get('identity');
+        const device = config.get('device');
+        if (ident?.handle && ident?.publicKey && device?.id) {
+          const { getIdentity: getFullIdentity } = await import('../core/identity.js');
+          const fullIdent = await getFullIdentity();
+          if (fullIdent?.privateKey) {
+            const { signMessage } = await import('../crypto/chatEncryption.js');
+            const timestamp = String(Date.now());
+            const sigMsg = `${ident.handle}:${device.id}:${device.name}:${timestamp}`;
+            const signature = signMessage(sigMsg, fullIdent.privateKey);
+            const serverUrl = getPrimaryServer();
+            postTo(serverUrl, '/devices/register', {
+              handle: ident.handle,
+              deviceId: device.id,
+              deviceName: device.name,
+              publicKey: ident.publicKey,
+              timestamp,
+              signature,
+            }).then(() => console.log(chalk.cyan('Device registered with discovery server')))
+              .catch(() => {});
+          }
+        }
+      } catch {}
+
+      // Connect to network in background (don't block serving)
+      const connState = getConnectionState();
+      if (connState.status !== 'connected') {
+        console.log(chalk.blue('Connecting to network...'));
+        connect({
+          onProgress: (step) => console.log(chalk.gray(`  ${step}`)),
+        }).catch(() => console.log(chalk.yellow('Network connect failed — serving locally only')));
+      }
+
+      // ── Seed shares via WebTorrent ──
+      const shares = listShares();
+      if (shares.length === 0) {
+        console.log(chalk.gray('No active shares to seed. Signaling server still running.'));
+      }
+
+      const client = new WebTorrent();
+      client.setMaxListeners(Math.max(shares.length, 10) + 20);
+
+      // Auto-expire old shares before seeding
+      expireOldShares();
+
+      if (shares.length > 0) {
+        logger.info('Starting Pal Explorer Seeder...', { shares: shares.length });
+        console.log(chalk.blue(`Seeding ${shares.length} share(s)...`));
+      }
+
+      for (const share of shares) {
+        try {
+          if (isShareExpired(share)) {
+            console.log(chalk.gray(`Skipping ${share.name}: expired`));
+            continue;
+          }
+
+          if (!fs.existsSync(share.path)) {
+            console.log(chalk.yellow(`Skipping ${share.name}: path not found (${share.path})`));
+            continue;
+          }
+
+          let seedPath = share.path;
+
+          // Non-recursive: seed only top-level files
+          if (share.recursive === false && fs.statSync(share.path).isDirectory()) {
+            const items = fs.readdirSync(share.path, { withFileTypes: true });
+            const topFiles = items.filter(i => i.isFile()).map(i => path.join(share.path, i.name));
+            if (topFiles.length === 0) {
+              console.log(chalk.yellow(`Skipping ${share.name}: no top-level files (non-recursive).`));
+              continue;
+            }
+            seedPath = topFiles;
+          }
+
+          if (share.visibility === 'private') {
+            const shareKeyHex = await getShareKey(share.id);
+            if (shareKeyHex) {
+              const shareKey = Buffer.from(shareKeyHex, 'hex');
+              const encDir = share.encryptedPath || getEncryptedSeedDir(share.id);
+              if (!fs.existsSync(path.join(encDir, '.manifest.enc'))) {
+                console.log(chalk.gray(`  Encrypting ${share.name} for E2EE seeding...`));
+                encryptForSeed(share.path, encDir, shareKey);
+                const allShares = config.get('shares') || [];
+                const entry = allShares.find(s => s.id === share.id);
+                if (entry) {
+                  entry.encryptedPath = encDir;
+                  config.set('shares', allShares);
+                }
+              }
+              seedPath = encDir;
+            } else if (share.encryptedPath && fs.existsSync(share.encryptedPath)) {
+              seedPath = share.encryptedPath;
+            }
+          }
+
+          console.log(chalk.yellow(`Initializing: ${share.name} (${share.visibility})`));
+
+          const options = {
+            name: share.name,
+            announce: share.visibility === 'private' ? [] : [...DEFAULT_TRACKERS]
+          };
+
+          client.seed(seedPath, options, async (torrent) => {
+            logger.info(`Seeding: ${share.name}`, { magnet: torrent.magnetURI, size: torrent.length });
+            console.log(chalk.green(`✔ Seeding: ${share.name}`));
+            if (share.visibility === 'global') {
+              console.log(chalk.cyan(`  Magnet: ${torrent.magnetURI}`));
+            } else {
+              console.log(chalk.red(`  [PRIVATE E2EE] Encrypted transfer only.`));
+              console.log(chalk.gray(`  Secret Magnet: ${torrent.magnetURI}`));
+            }
+            console.log(chalk.gray(`  Size: ${(torrent.length / 1024 / 1024).toFixed(2)} MB`));
+
+            const allShares = config.get('shares') || [];
+            const entry = allShares.find(s => s.path === share.path);
+            const isNewMagnet = entry && !entry.magnet;
+            if (entry) {
+              if (isNewMagnet) entry.magnet = torrent.magnetURI;
+              entry.files = torrent.files.map(f => ({ name: f.name, path: f.path, size: f.length }));
+              config.set('shares', allShares);
+            }
+
+            // Send share invite to recipients via discovery server inbox
+            if (isNewMagnet && share.visibility === 'private' && share.recipients?.length > 0) {
+              const ident = config.get('identity');
+              const discoveryUrl = getPrimaryServer();
+              const { getFriends } = await import('../core/users.js');
+              const friends = getFriends();
+              const encKeys = share.encryptedShareKeys || {};
+
+              for (const recipient of share.recipients) {
+                const pal = friends.find(f => f.id === recipient.id || f.name === recipient.name);
+                const handle = pal?.handle || recipient.handle;
+                if (!handle) continue;
+
+                const invite = {
+                  type: 'share-invite',
+                  shareName: share.name,
+                  shareId: share.id,
+                  magnet: torrent.magnetURI,
+                  encryptedShareKey: encKeys[pal?.id || recipient.id] || null,
+                  from: ident?.handle || ident?.name || 'unknown',
+                };
+
+                try {
+                  const res = await postTo(discoveryUrl, '/messages', { toHandle: handle, fromHandle: ident?.handle, payload: JSON.stringify(invite) });
+                  if (res.ok) {
+                    console.log(chalk.cyan(`  Sent share invite to @${handle}`));
+                  } else {
+                    console.log(chalk.yellow(`  Failed to notify @${handle}: ${res.status}`));
+                  }
+                } catch {
+                  console.log(chalk.yellow(`  Could not reach discovery server to notify @${handle}`));
+                }
+              }
+            }
+          });
+        } catch (err) {
+          logger.error(`Failed to seed ${share.name}: ${err.message}`, { share: share.id });
+          console.error(chalk.red(`Failed to seed ${share.name}: ${err.message}`));
+        }
+      }
+
+      // Auto-resume incomplete downloads (skip paused)
+      const pendingDownloads = getTransfers().filter(t => !t.paused && t.status !== 'completed');
+      if (pendingDownloads.length > 0) {
+        console.log(chalk.blue(`Resuming ${pendingDownloads.length} incomplete download(s)...`));
+        for (const t of pendingDownloads) {
+          try {
+            const torrent = client.add(t.magnet, { path: t.savePath });
+            torrent.on('download', () => updateTransferProgress(t.magnet, torrent.progress));
+            torrent.on('done', () => {
+              completeTransfer(t.magnet);
+              console.log(chalk.green(`✔ Download complete: ${t.name}`));
+            });
+            console.log(chalk.yellow(`  Resuming: ${t.name || t.magnet.slice(0, 40) + '...'}`));
+          } catch (err) {
+            console.error(chalk.red(`Failed to resume download: ${err.message}`));
+          }
+        }
+      }
+
+      // Start web dashboard if requested
+      if (opts.web) {
+        try {
+          const webPort = parseInt(opts.webPort, 10);
+          const bindAddress = opts.lan ? '0.0.0.0' : '127.0.0.1';
+          const { token } = await startWebServer(webPort, client, { bindAddress });
+          console.log('');
+          const announceIp = opts.publicIp || getLanIp() || 'localhost';
+          const webServeUrl = `http://${announceIp}:${webPort}`;
+          if (opts.lan) {
+            console.log(chalk.green(`Web dashboard running at ${webServeUrl}?token=${token}`));
+            console.log(chalk.dim(`  (LAN accessible, browse from other devices)`));
+          } else {
+            console.log(chalk.green(`Web dashboard running at http://localhost:${webPort}?token=${token}`));
+          }
+
+          const { hooks } = await import('../core/extensions.js');
+          await hooks.emit('on:server:start', { port: webPort, url: webServeUrl });
+        } catch (err) {
+          console.error(chalk.red(`Failed to start web dashboard: ${err.message}`));
+        }
+      }
+
+      // Store torrent port in config once WebTorrent is listening
+      const storeTorrentPort = () => {
+        const torrentPort = client.address()?.port || null;
+        if (torrentPort) {
+          config.set('torrentPort', torrentPort);
+          // Update mDNS with port info
+          try {
+            const ident = config.get('identity');
+            if (ident) {
+              const webPort = opts.web ? parseInt(opts.webPort, 10) : null;
+              import('../core/mdnsService.js').then(({ stopMdns }) => {
+                stopMdns();
+                startMdns(ident, { torrentPort, webPort });
+              });
+            }
+          } catch { /* non-fatal */ }
+        }
+      };
+      // Try immediately, then retry after a delay (WebTorrent may not be listening yet)
+      storeTorrentPort();
+      setTimeout(storeTorrentPort, 5000);
+      setTimeout(storeTorrentPort, 15000);
+
+      console.log('');
+      console.log(chalk.bgBlue('Daemon is running. Press Ctrl+C to stop sharing.'));
+      console.log('');
+
+      // Bug #20 fix: auto-seed new shares created after daemon started
+      const seededPaths = new Set(shares.map(s => s.path));
+      setInterval(() => {
+        try {
+          expireOldShares();
+          const currentShares = listShares();
+          for (const share of currentShares) {
+            if (seededPaths.has(share.path)) continue;
+            if (isShareExpired(share)) continue;
+            if (!fs.existsSync(share.path)) continue;
+            seededPaths.add(share.path);
+            const seedOpts = { name: share.name, announce: share.visibility === 'private' ? [] : [...DEFAULT_TRACKERS] };
+            client.seed(share.path, seedOpts, (torrent) => {
+              console.log(chalk.green(`✔ Auto-seeding new share: ${share.name}`));
+              const allShares = config.get('shares') || [];
+              const entry = allShares.find(s => s.path === share.path);
+              if (entry && !entry.magnet) {
+                entry.magnet = torrent.magnetURI;
+                entry.files = torrent.files.map(f => ({ name: f.name, path: f.path, size: f.length }));
+                config.set('shares', allShares);
+              }
+            });
+          }
+        } catch {}
+      }, 60000);
+
+      // Periodic stats every 30 seconds
+      setInterval(() => {
+        const up = (client.uploadSpeed / 1024).toFixed(1);
+        const down = (client.downloadSpeed / 1024).toFixed(1);
+        const count = client.torrents.length;
+        console.log(chalk.gray(`[stats] ↑ ${up} KB/s  ↓ ${down} KB/s  torrents: ${count}`));
+      }, 30000);
+    });
+}