saymon-syswatch-linux 1.0.0 → 1.0.2

package/bin/gen-cert.js

@@ -3,7 +3,7 @@
 //  bin/gen-cert.js
 //  Generates a self-signed TLS cert for HTTPS mode.
 //  Uses openssl — must be installed on the system.
-//  Saves to: certs/key.pem + certs/cert.pem
+//  Saves to: <configDir>/certs/key.pem + cert.pem
 // ─────────────────────────────────────────────────────
 'use strict';
 
@@ -11,7 +11,8 @@ const { execSync } = require('child_process');
 const fs   = require('fs');
 const path = require('path');
 
-const certsDir = path.join(__dirname, '..', 'certs');
+const { CONFIG_DIR } = require('../src/config');
+const certsDir = path.join(CONFIG_DIR, 'certs');
 
 function generateCert() {
   if (!fs.existsSync(certsDir)) fs.mkdirSync(certsDir, { recursive: true });
@@ -33,7 +34,7 @@ function generateCert() {
        -subj "/CN=syswatch/O=SysWatch/C=US"`,
       { stdio: 'pipe' }
     );
-    console.log('✓ Certificates saved to certs/key.pem + certs/cert.pem');
+    console.log(`✓ Certificates saved to ${certsDir}/`);
     console.log('  Note: Browser will warn "Not secure" for self-signed certs — that is normal.');
     console.log('  For production, replace with Let\'s Encrypt certs.');
   } catch (e) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "saymon-syswatch-linux",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "Linux system monitor & learning dashboard — HTTP/HTTPS, journal logs, services, processes",
   "main": "src/server.js",
   "bin": {
@@ -11,9 +11,28 @@
     "dev": "node src/server.js --dev",
     "setup-https": "node bin/gen-cert.js"
   },
-  "keywords": ["linux", "monitor", "systemd", "journalctl", "sysadmin", "dashboard", "learning"],
+  "files": [
+    "bin/",
+    "src/",
+    "public/",
+    "syswatch.config.example.json",
+    "README.md"
+  ],
+  "keywords": [
+    "linux",
+    "monitor",
+    "systemd",
+    "journalctl",
+    "sysadmin",
+    "dashboard",
+    "learning"
+  ],
   "author": "Saymon",
   "license": "MIT",
+  "preferGlobal": true,
+  "os": [
+    "linux"
+  ],
   "dependencies": {
     "express": "^4.18.2",
     "cors": "^2.8.5",
@@ -25,4 +44,4 @@
   "engines": {
     "node": ">=18.0.0"
   }
-}
+}

package/public/login.html

@@ -31,9 +31,9 @@
          onkeydown="if(event.key==='Enter')login()">
   <button onclick="login()">Sign In →</button>
   <div class="err" id="err">Invalid password. Try again.</div>
-  <div class="note" id="note">
-    First time? Enter any password — it becomes your login for this session.<br>
-    To persist it, add the bcrypt hash to <code>syswatch.config.json</code>.
+  <div class="note">
+    Enter the password you set during <code>syswatch --setup</code>.<br>
+    To re-configure, run <code>sudo syswatch --setup</code> in the terminal.
   </div>
 </div>
 <script>
@@ -51,11 +51,8 @@ async function login() {
     document.getElementById('pw').focus();
   }
 }
-// check if auth is even enabled
 fetch('/auth/status').then(r=>r.json()).then(d=>{
   if (!d.authEnabled) window.location.href = '/';
-  if (d.passwordHash === null)
-    document.getElementById('note').style.display='block';
 });
 </script>
 </body>

package/src/config.js

@@ -3,13 +3,26 @@
 //  Reads config from (priority order):
 //    1. CLI arguments   (--port 9000)
 //    2. ENV variables   (SYSWATCH_PORT=9000)
-//    3. syswatch.config.json in cwd  (if exists)
+//    3. Config file at fixed path (see CONFIG_PATH below)
 //    4. Defaults below
 // ─────────────────────────────────────────────────────
 'use strict';
 
 const fs   = require('fs');
 const path = require('path');
+const os   = require('os');
+
+// ── fixed config path (same regardless of cwd) ────
+// root/sudo → /etc/syswatch/   non-root → ~/.config/syswatch/
+function getConfigDir() {
+  try {
+    if (process.getuid && process.getuid() === 0) return '/etc/syswatch';
+  } catch {}
+  return path.join(os.homedir(), '.config', 'syswatch');
+}
+
+const CONFIG_DIR  = process.env.SYSWATCH_CONFIG_DIR || getConfigDir();
+const CONFIG_PATH = path.join(CONFIG_DIR, 'syswatch.config.json');
 
 // ── parse CLI args ─────────────────────────────────
 const argv = process.argv.slice(2);
@@ -21,10 +34,9 @@ const flag = (f) => argv.includes(f);
 
 // ── load optional config file ──────────────────────
 let fileConf = {};
-const cfgPath = path.join(process.cwd(), 'syswatch.config.json');
-if (fs.existsSync(cfgPath)) {
-  try { fileConf = JSON.parse(fs.readFileSync(cfgPath, 'utf8')); }
-  catch (e) { console.warn('[syswatch] Warning: invalid syswatch.config.json'); }
+if (fs.existsSync(CONFIG_PATH)) {
+  try { fileConf = JSON.parse(fs.readFileSync(CONFIG_PATH, 'utf8')); }
+  catch (e) { console.warn('[syswatch] Warning: invalid syswatch.config.json at ' + CONFIG_PATH); }
 }
 
 // ── merge config ───────────────────────────────────
@@ -46,8 +58,8 @@ const config = {
   sessionHours: fileConf.sessionHours || 8,
 
   // TLS cert paths (used when httpsEnabled)
-  certPath: fileConf.certPath || path.join(__dirname, '..', 'certs', 'cert.pem'),
-  keyPath:  fileConf.keyPath  || path.join(__dirname, '..', 'certs', 'key.pem'),
+  certPath: fileConf.certPath || path.join(CONFIG_DIR, 'certs', 'cert.pem'),
+  keyPath:  fileConf.keyPath  || path.join(CONFIG_DIR, 'certs', 'key.pem'),
 
   // Features
   learnMode:  fileConf.learnMode  !== false,   // default on
@@ -62,4 +74,7 @@ function _randomSecret() {
   catch { return 'syswatch-change-this-secret'; }
 }
 
+config.CONFIG_PATH = CONFIG_PATH;
+config.CONFIG_DIR  = CONFIG_DIR;
+
 module.exports = config;

package/src/server.js

@@ -98,12 +98,9 @@ function banner() {
 function afterBanner() {
   console.log(`
   📖  Learn mode:  ${config.learnMode ? 'ON  (toggle in UI)' : 'OFF'}
-  🔐  Auth:        ${config.authEnabled ? 'ON  (set password on first login)' : 'OFF (--no-auth)'}
+  🔐  Auth:        ${config.authEnabled ? 'ON' : 'OFF (--no-auth)'}
   🖥  Host:        ${config.host}
   `);
-  if (config.authEnabled && !config.passwordHash) {
-    console.log('  ℹ  No password set yet — you will create one on first login.\n');
-  }
 }
 
 function displayHost() {

package/src/setup.js

@@ -1,8 +1,8 @@
 // ─────────────────────────────────────────────────────
 //  src/setup.js
 //  First-run interactive setup wizard.
-//  Runs automatically if syswatch.config.json is missing.
-//  Also callable via: npx syswatch --setup
+//  Runs automatically if config is missing.
+//  Also callable via: syswatch --setup
 // ─────────────────────────────────────────────────────
 'use strict';
 
@@ -10,35 +10,57 @@ const fs       = require('fs');
 const path     = require('path');
 const readline = require('readline');
 const crypto   = require('crypto');
+const os       = require('os');
+
+// ── config path (mirrors src/config.js logic) ─────
+function getConfigDir() {
+  try {
+    if (process.getuid && process.getuid() === 0) return '/etc/syswatch';
+  } catch {}
+  return path.join(os.homedir(), '.config', 'syswatch');
+}
 
-const CONFIG_PATH = path.join(process.cwd(), 'syswatch.config.json');
+const CONFIG_DIR  = process.env.SYSWATCH_CONFIG_DIR || getConfigDir();
+const CONFIG_PATH = path.join(CONFIG_DIR, 'syswatch.config.json');
 
 // ── helpers ───────────────────────────────────────
 function ask(rl, question) {
   return new Promise(resolve => rl.question(question, resolve));
 }
 
+// Hide password input — uses raw stdin mode WITHOUT creating a readline interface
+// so there is no conflict with the rl instance used for other questions.
 function askHidden(question) {
-  // hide password input on linux/mac terminals
   return new Promise(resolve => {
     process.stdout.write(question);
-    const stdin = process.openStdin();
-    // try to hide input
-    try { process.stdin.setRawMode(true); } catch {}
+
+    const isTTY = process.stdin.isTTY;
+    if (isTTY) {
+      try { process.stdin.setRawMode(true); } catch {}
+    }
+
     let input = '';
-    process.stdin.resume();
-    process.stdin.setEncoding('utf8');
+
     const onData = (ch) => {
-      ch = ch + '';
-      if (ch === '\n' || ch === '\r' || ch === '\u0004') {
-        try { process.stdin.setRawMode(false); } catch {}
-        process.stdin.pause();
+      const s = ch.toString();
+
+      if (s === '\n' || s === '\r' || s === '\u0004') {
+        // Enter / Ctrl-D → done
+        if (isTTY) {
+          try { process.stdin.setRawMode(false); } catch {}
+        }
         process.stdin.removeListener('data', onData);
+        process.stdin.pause();
         process.stdout.write('\n');
         resolve(input);
-      } else if (ch === '\u0003') {
-        process.exit();
-      } else if (ch === '\u007f' || ch === '\b') {
+
+      } else if (s === '\u0003') {
+        // Ctrl-C → exit
+        process.stdout.write('\n');
+        process.exit(0);
+
+      } else if (s === '\u007f' || s === '\b') {
+        // Backspace
         if (input.length > 0) {
           input = input.slice(0, -1);
           process.stdout.clearLine(0);
@@ -46,10 +68,13 @@ function askHidden(question) {
           process.stdout.write(question + '*'.repeat(input.length));
         }
       } else {
-        input += ch;
+        input += s;
         process.stdout.write('*');
       }
     };
+
+    process.stdin.resume();
+    process.stdin.setEncoding('utf8');
     process.stdin.on('data', onData);
   });
 }
@@ -86,27 +111,20 @@ async function run(autoMode = false) {
   ]);
   console.log();
 
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout,
-  });
-
   const config = {};
 
-  // ── Step 1: Password ────────────────────────────
+  // ── Step 1: Password (raw stdin — no readline yet) ─
   print('Step 1/4 — Set your login password', 'bold');
   print('  (This protects your dashboard from others on the network)\n', 'dim');
 
   let password = '';
-  let confirmed = '';
-
   while (true) {
-    password  = await askHidden('  Enter password: ');
+    password         = await askHidden('  Enter password: ');
     if (password.length < 4) {
       print('  ✗ Password must be at least 4 characters. Try again.\n', 'red');
       continue;
     }
-    confirmed = await askHidden('  Confirm password: ');
+    const confirmed  = await askHidden('  Confirm password: ');
     if (password !== confirmed) {
       print('  ✗ Passwords do not match. Try again.\n', 'red');
       continue;
@@ -119,6 +137,12 @@ async function run(autoMode = false) {
   config.passwordHash = await bcrypt.hash(password, 10);
   print('  ✓ Password set!\n', 'green');
 
+  // ── readline for remaining non-secret questions ──
+  const rl = readline.createInterface({
+    input:  process.stdin,
+    output: process.stdout,
+  });
+
   // ── Step 2: Port ────────────────────────────────
   print('Step 2/4 — HTTP Port', 'bold');
   print('  Default is 8080. Press Enter to keep it.\n', 'dim');
@@ -147,15 +171,18 @@ async function run(autoMode = false) {
   config.httpsPort = 8443;
   print(`  ✓ HTTPS: ${config.https ? 'Enabled on port 8443' : 'Disabled'}\n`, 'green');
 
-  // ── Generate JWT secret ─────────────────────────
-  config.jwtSecret = crypto.randomBytes(32).toString('hex');
+  config.jwtSecret    = crypto.randomBytes(32).toString('hex');
   config.sessionHours = 8;
-  config.learnMode = true;
-  config.maxLogLines = 200;
+  config.learnMode    = true;
+  config.maxLogLines  = 200;
 
   rl.close();
 
   // ── Write config file ───────────────────────────
+  if (!fs.existsSync(CONFIG_DIR)) {
+    fs.mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+
   const finalConfig = {
     _note: "Auto-generated by syswatch --setup. Do NOT commit this file to git.",
     host:         config.host,
@@ -177,23 +204,19 @@ async function run(autoMode = false) {
   box([
     '\x1b[1m\x1b[32m  ✓ Setup complete!\x1b[0m',
     '',
-    `  Config saved → syswatch.config.json`,
+    `  Config saved → ${CONFIG_PATH}`,
     '',
     `  🌐  http://${config.host === '0.0.0.0' ? 'YOUR_IP' : 'localhost'}:${config.port}`,
     config.https ? `  🔒  https://${config.host === '0.0.0.0' ? 'YOUR_IP' : 'localhost'}:${config.httpsPort}` : '',
     '',
-    '  Start the server:',
-    '    sudo node src/server.js',
-    '',
-    '  Or if installed globally:',
-    '    sudo syswatch',
+    '  To start:  sudo syswatch',
+    '  Re-setup:  sudo syswatch --setup',
   ].filter(l => l !== ''));
   console.log();
 
   if (autoMode) {
-    // auto-start after setup
     print('  Starting SysWatch now...\n', 'cyan');
-    require('./server');
+    // server is already chained via .then(startServer) in server.js
   } else {
     process.exit(0);
   }
@@ -202,10 +225,10 @@ async function run(autoMode = false) {
 // ── check if config exists, if not → auto-run setup ─
 function checkAndSetup() {
   if (!fs.existsSync(CONFIG_PATH)) {
-    print('\n  ⚠  No syswatch.config.json found — running first-time setup...\n', 'yellow');
-    return run(true); // autoMode = true means start server after setup
+    print(`\n  ⚠  No config found at ${CONFIG_PATH} — running first-time setup...\n`, 'yellow');
+    return run(true);
   }
   return Promise.resolve();
 }
 
-module.exports = { run, checkAndSetup };
+module.exports = { run, checkAndSetup, CONFIG_PATH, CONFIG_DIR };

package/syswatch.config.example.json

@@ -14,6 +14,6 @@
   "learnMode": true,
   "maxLogLines": 200,
 
-  "certPath": "./certs/cert.pem",
-  "keyPath":  "./certs/key.pem"
+  "certPath": "/etc/syswatch/certs/cert.pem",
+  "keyPath":  "/etc/syswatch/certs/key.pem"
 }