svamp-cli 0.2.21 → 0.2.23

package/dist/{agentCommands-DRxsYzlw.mjs → agentCommands-rofwcLx3.mjs}

@@ -148,7 +148,7 @@ async function sessionBroadcast(action, args) {
   console.log(`Broadcast sent: ${action}`);
 }
 async function connectToMachineService() {
-  const { connectAndGetMachine } = await import('./commands-DVCdUK0p.mjs');
+  const { connectAndGetMachine } = await import('./commands-DrNOSpki.mjs');
   return connectAndGetMachine();
 }
 async function inboxSend(targetSessionId, opts) {
@@ -165,7 +165,7 @@ async function inboxSend(targetSessionId, opts) {
   }
   const { server, machine } = await connectToMachineService();
   try {
-    const { resolveSessionId } = await import('./commands-DVCdUK0p.mjs');
+    const { resolveSessionId } = await import('./commands-DrNOSpki.mjs');
     const sessions = await machine.listSessions();
     const match = resolveSessionId(sessions, targetSessionId);
     const fullTargetId = match.sessionId;

package/dist/cli.mjs

@@ -1,4 +1,4 @@
-import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-CdjKXuaY.mjs';
+import { s as startDaemon, b as stopDaemon, d as daemonStatus } from './run-YVIJdP0j.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -36,7 +36,7 @@ async function main() {
     await logoutFromHypha();
   } else if (subcommand === "daemon") {
     if (daemonSubcommand === "restart") {
-      const { restartDaemon } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.k; });
+      const { restartDaemon } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.k; });
       await restartDaemon();
       process.exit(0);
     }
@@ -238,7 +238,7 @@ async function main() {
       console.error("svamp service: Service commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServiceCommand } = await import('./commands-DdwOBsOi.mjs');
+    const { handleServiceCommand } = await import('./commands-CqULIXFK.mjs');
     await handleServiceCommand();
   } else if (subcommand === "serve") {
     const { isSandboxed: isSandboxedServe } = await import('./sandboxDetect-DNTcbgWD.mjs');
@@ -246,7 +246,7 @@ async function main() {
       console.error("svamp serve: Serve commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { handleServeCommand } = await import('./serveCommands-PxeZcd-5.mjs');
+    const { handleServeCommand } = await import('./serveCommands-CCbnvtwL.mjs');
     await handleServeCommand();
     process.exit(0);
   } else if (subcommand === "process" || subcommand === "proc") {
@@ -255,7 +255,7 @@ async function main() {
       console.error("svamp process: Process commands are not available in sandboxed sessions.");
       process.exit(1);
     }
-    const { processCommand } = await import('./commands-DkmPKHhv.mjs');
+    const { processCommand } = await import('./commands-DCI1dZuS.mjs');
     let machineId;
     const processArgs = args.slice(1);
     const mIdx = processArgs.findIndex((a) => a === "--machine" || a === "-m");
@@ -273,7 +273,7 @@ async function main() {
   } else if (!subcommand || subcommand === "start") {
     await handleInteractiveCommand();
   } else if (subcommand === "--version" || subcommand === "-v") {
-    const pkg = await import('./package-DkmeUIJ-.mjs').catch(() => ({ default: { version: "unknown" } }));
+    const pkg = await import('./package-D-GTa0i_.mjs').catch(() => ({ default: { version: "unknown" } }));
     console.log(`svamp version: ${pkg.default.version}`);
   } else {
     console.error(`Unknown command: ${subcommand}`);
@@ -282,7 +282,7 @@ async function main() {
   }
 }
 async function handleInteractiveCommand() {
-  const { runInteractive } = await import('./run-B_yFI97i.mjs');
+  const { runInteractive } = await import('./run-Ckm62Pws.mjs');
   const interactiveArgs = subcommand === "start" ? args.slice(1) : args;
   let directory = process.cwd();
   let resumeSessionId;
@@ -327,7 +327,7 @@ async function handleAgentCommand() {
     return;
   }
   if (agentArgs[0] === "list") {
-    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.i; });
+    const { KNOWN_ACP_AGENTS, KNOWN_MCP_AGENTS: KNOWN_MCP_AGENTS2 } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.i; });
     console.log("Known agents:");
     for (const [name, config2] of Object.entries(KNOWN_ACP_AGENTS)) {
       console.log(`  ${name.padEnd(12)} ${config2.command} ${config2.args.join(" ")}  (ACP)`);
@@ -339,7 +339,7 @@ async function handleAgentCommand() {
     console.log('Use "svamp agent -- <command> [args]" for a custom ACP agent.');
     return;
   }
-  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.i; });
+  const { resolveAcpAgentConfig, KNOWN_MCP_AGENTS } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.i; });
   let cwd = process.cwd();
   const filteredArgs = [];
   for (let i = 0; i < agentArgs.length; i++) {
@@ -363,12 +363,12 @@ async function handleAgentCommand() {
   console.log(`Starting ${config.agentName} agent in ${cwd}...`);
   let backend;
   if (KNOWN_MCP_AGENTS[config.agentName]) {
-    const { CodexMcpBackend } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.j; });
+    const { CodexMcpBackend } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.j; });
     backend = new CodexMcpBackend({ cwd, log: logFn });
   } else {
-    const { AcpBackend } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.h; });
-    const { GeminiTransport } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.G; });
-    const { DefaultTransport } = await import('./run-CdjKXuaY.mjs').then(function (n) { return n.D; });
+    const { AcpBackend } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.h; });
+    const { GeminiTransport } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.G; });
+    const { DefaultTransport } = await import('./run-YVIJdP0j.mjs').then(function (n) { return n.D; });
     const transportHandler = config.agentName === "gemini" ? new GeminiTransport() : new DefaultTransport(config.agentName);
     backend = new AcpBackend({
       agentName: config.agentName,
@@ -495,7 +495,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
   }
-  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-DVCdUK0p.mjs');
+  const { sessionList, sessionSpawn, sessionStop, sessionInfo, sessionMessages, sessionAttach, sessionMachines, sessionSend, sessionWait, sessionShare, sessionRalphStart, sessionRalphCancel, sessionRalphStatus, sessionInboxSend, sessionInboxList, sessionInboxRead, sessionInboxReply, sessionInboxClear } = await import('./commands-DrNOSpki.mjs');
   const parseFlagStr = (flag, shortFlag) => {
     for (let i = 1; i < sessionArgs.length; i++) {
       if ((sessionArgs[i] === flag || shortFlag) && i + 1 < sessionArgs.length) {
@@ -555,7 +555,7 @@ async function handleSessionCommand() {
         allowDomain.push(sessionArgs[++i]);
       }
     }
-    const { parseShareArg } = await import('./commands-DVCdUK0p.mjs');
+    const { parseShareArg } = await import('./commands-DrNOSpki.mjs');
     const shareEntries = share.map((s) => parseShareArg(s));
     await sessionSpawn(agent, dir, targetMachineId, {
       message,
@@ -641,7 +641,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session approve <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionApprove } = await import('./commands-DVCdUK0p.mjs');
+    const { sessionApprove } = await import('./commands-DrNOSpki.mjs');
     const approveReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionApprove(sessionArgs[1], approveReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -651,7 +651,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session deny <session-id> [request-id] [--json]");
       process.exit(1);
     }
-    const { sessionDeny } = await import('./commands-DVCdUK0p.mjs');
+    const { sessionDeny } = await import('./commands-DrNOSpki.mjs');
     const denyReqId = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
     await sessionDeny(sessionArgs[1], denyReqId, targetMachineId, {
       json: hasFlag("--json")
@@ -687,7 +687,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session set-title <title>");
       process.exit(1);
     }
-    const { sessionSetTitle } = await import('./agentCommands-DRxsYzlw.mjs');
+    const { sessionSetTitle } = await import('./agentCommands-rofwcLx3.mjs');
     await sessionSetTitle(title);
   } else if (sessionSubcommand === "set-link") {
     const url = sessionArgs[1];
@@ -696,7 +696,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const label = sessionArgs[2] && !sessionArgs[2].startsWith("--") ? sessionArgs[2] : void 0;
-    const { sessionSetLink } = await import('./agentCommands-DRxsYzlw.mjs');
+    const { sessionSetLink } = await import('./agentCommands-rofwcLx3.mjs');
     await sessionSetLink(url, label);
   } else if (sessionSubcommand === "notify") {
     const message = sessionArgs[1];
@@ -705,7 +705,7 @@ async function handleSessionCommand() {
       process.exit(1);
     }
     const level = parseFlagStr("--level") || "info";
-    const { sessionNotify } = await import('./agentCommands-DRxsYzlw.mjs');
+    const { sessionNotify } = await import('./agentCommands-rofwcLx3.mjs');
     await sessionNotify(message, level);
   } else if (sessionSubcommand === "broadcast") {
     const action = sessionArgs[1];
@@ -713,7 +713,7 @@ async function handleSessionCommand() {
       console.error("Usage: svamp session broadcast <action> [args...]\nActions: open-canvas <url> [label], close-canvas, toast <message>");
       process.exit(1);
     }
-    const { sessionBroadcast } = await import('./agentCommands-DRxsYzlw.mjs');
+    const { sessionBroadcast } = await import('./agentCommands-rofwcLx3.mjs');
     await sessionBroadcast(action, sessionArgs.slice(2).filter((a) => !a.startsWith("--")));
   } else if (sessionSubcommand === "inbox") {
     const inboxSubcmd = sessionArgs[1];
@@ -724,7 +724,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId) {
-        const { inboxSend } = await import('./agentCommands-DRxsYzlw.mjs');
+        const { inboxSend } = await import('./agentCommands-rofwcLx3.mjs');
         await inboxSend(sessionArgs[2], {
           body: sessionArgs[3],
           subject: parseFlagStr("--subject"),
@@ -739,7 +739,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "list" || inboxSubcmd === "ls") {
       if (agentSessionId && !sessionArgs[2]) {
-        const { inboxList } = await import('./agentCommands-DRxsYzlw.mjs');
+        const { inboxList } = await import('./agentCommands-rofwcLx3.mjs');
         await inboxList({
           unread: hasFlag("--unread"),
           limit: parseFlagInt("--limit"),
@@ -761,7 +761,7 @@ async function handleSessionCommand() {
         process.exit(1);
       }
       if (agentSessionId && !sessionArgs[3]) {
-        const { inboxList } = await import('./agentCommands-DRxsYzlw.mjs');
+        const { inboxList } = await import('./agentCommands-rofwcLx3.mjs');
         await sessionInboxRead(agentSessionId, sessionArgs[2], targetMachineId);
       } else if (sessionArgs[3]) {
         await sessionInboxRead(sessionArgs[2], sessionArgs[3], targetMachineId);
@@ -771,7 +771,7 @@ async function handleSessionCommand() {
       }
     } else if (inboxSubcmd === "reply") {
       if (agentSessionId && sessionArgs[2] && sessionArgs[3] && !sessionArgs[4]) {
-        const { inboxReply } = await import('./agentCommands-DRxsYzlw.mjs');
+        const { inboxReply } = await import('./agentCommands-rofwcLx3.mjs');
         await inboxReply(sessionArgs[2], sessionArgs[3]);
       } else if (sessionArgs[2] && sessionArgs[3] && sessionArgs[4]) {
         await sessionInboxReply(sessionArgs[2], sessionArgs[3], sessionArgs[4], targetMachineId);
@@ -807,7 +807,7 @@ async function handleMachineCommand() {
     return;
   }
   if (machineSubcommand === "share") {
-    const { machineShare } = await import('./commands-DVCdUK0p.mjs');
+    const { machineShare } = await import('./commands-DrNOSpki.mjs');
     let machineId;
     const shareArgs = [];
     for (let i = 1; i < machineArgs.length; i++) {
@@ -837,7 +837,7 @@ async function handleMachineCommand() {
     }
     await machineShare(machineId, { add, remove, list, configPath, showConfig });
   } else if (machineSubcommand === "exec") {
-    const { machineExec } = await import('./commands-DVCdUK0p.mjs');
+    const { machineExec } = await import('./commands-DrNOSpki.mjs');
     let machineId;
     let cwd;
     const cmdParts = [];
@@ -857,7 +857,7 @@ async function handleMachineCommand() {
     }
     await machineExec(machineId, command, cwd);
   } else if (machineSubcommand === "info") {
-    const { machineInfo } = await import('./commands-DVCdUK0p.mjs');
+    const { machineInfo } = await import('./commands-DrNOSpki.mjs');
     let machineId;
     for (let i = 1; i < machineArgs.length; i++) {
       if ((machineArgs[i] === "--machine" || machineArgs[i] === "-m") && i + 1 < machineArgs.length) {
@@ -877,10 +877,10 @@ async function handleMachineCommand() {
         level = machineArgs[++i];
       }
     }
-    const { machineNotify } = await import('./agentCommands-DRxsYzlw.mjs');
+    const { machineNotify } = await import('./agentCommands-rofwcLx3.mjs');
     await machineNotify(message, level);
   } else if (machineSubcommand === "ls") {
-    const { machineLs } = await import('./commands-DVCdUK0p.mjs');
+    const { machineLs } = await import('./commands-DrNOSpki.mjs');
     let machineId;
     let showHidden = false;
     let path;

package/dist/commands-CqULIXFK.mjs

@@ -0,0 +1,179 @@
+import * as path from 'path';
+
+function getFlag(args, flag) {
+  const idx = args.indexOf(flag);
+  return idx !== -1 && idx + 1 < args.length ? args[idx + 1] : void 0;
+}
+function getAllFlags(args, flag) {
+  const values = [];
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === flag && i + 1 < args.length) {
+      values.push(args[i + 1]);
+      i++;
+    }
+  }
+  return values;
+}
+function hasFlag(args, ...flags) {
+  return flags.some((f) => args.includes(f));
+}
+function positionalArgs(args) {
+  const result = [];
+  for (let i = 0; i < args.length; i++) {
+    if (args[i].startsWith("--")) {
+      if (i + 1 < args.length && !args[i + 1].startsWith("--")) {
+        i++;
+      }
+      continue;
+    }
+    result.push(args[i]);
+  }
+  return result;
+}
+function parsePorts(args) {
+  const portStrs = getAllFlags(args, "--port");
+  if (portStrs.length === 0) return [];
+  const ports = [];
+  for (const s of portStrs) {
+    const p = parseInt(s, 10);
+    if (isNaN(p) || p < 1 || p > 65535) {
+      console.error(`Error: invalid port '${s}' \u2014 must be 1-65535`);
+      process.exit(1);
+    }
+    ports.push(p);
+  }
+  return ports;
+}
+async function serviceExpose(args) {
+  const positional = positionalArgs(args);
+  const name = positional[0];
+  const ports = parsePorts(args);
+  const group = getFlag(args, "--group");
+  const groupKey = getFlag(args, "--group-key");
+  const healthCheck = getFlag(args, "--health-check");
+  const healthPath = getFlag(args, "--health-path");
+  const healthInterval = getFlag(args, "--health-interval");
+  if (!name || ports.length === 0) {
+    console.error("Usage: svamp service expose <name> --port <port> [--port <port2>] [options]");
+    process.exit(1);
+  }
+  const { runFrpcTunnel } = await import('./frpc-qqYQ6F9T.mjs');
+  await runFrpcTunnel(name, ports, void 0, {
+    group,
+    groupKey,
+    healthCheckType: healthCheck,
+    healthCheckPath: healthPath,
+    healthCheckInterval: healthInterval ? parseInt(healthInterval, 10) : void 0
+  });
+}
+async function serviceServe(args) {
+  const positional = positionalArgs(args);
+  const name = positional[0];
+  const directory = positional[1] || ".";
+  const noListing = hasFlag(args, "--no-listing");
+  if (!name) {
+    console.error("Usage: svamp service serve <name> [directory] [--no-listing]");
+    console.error("  directory defaults to current directory");
+    process.exit(1);
+  }
+  try {
+    const resolvedDir = path.resolve(directory);
+    console.log(`Serving ${resolvedDir}`);
+    const caddyPort = 18080;
+    const { CaddyManager } = await import('./caddy-fJWXn1kE.mjs');
+    const caddy = new CaddyManager({ listenPort: caddyPort });
+    await caddy.addMount(name, resolvedDir, !noListing);
+    await caddy.start();
+    const cleanup = () => {
+      caddy.stop();
+      process.exit(0);
+    };
+    process.on("SIGINT", cleanup);
+    process.on("SIGTERM", cleanup);
+    const { runFrpcTunnel } = await import('./frpc-qqYQ6F9T.mjs');
+    await runFrpcTunnel(name, [caddyPort]);
+  } catch (err) {
+    console.error(`Error serving directory: ${err.message}`);
+    process.exit(1);
+  }
+}
+async function serviceTunnel(args) {
+  await serviceExpose(args);
+}
+async function serviceList(args) {
+  console.log("Active tunnels are managed by the svamp daemon.");
+  console.log('Use "svamp service expose" to start a tunnel in the foreground.');
+}
+async function serviceDelete(args) {
+  const positional = positionalArgs(args);
+  const name = positional[0];
+  if (!name) {
+    console.error("Usage: svamp service delete <name>");
+    process.exit(1);
+  }
+  console.log(`Tunnel '${name}' can only be stopped via the daemon (tunnelStop RPC).`);
+}
+async function handleServiceCommand() {
+  const args = process.argv.slice(2);
+  const serviceArgs = args.slice(1);
+  const sub = serviceArgs[0];
+  if (!sub || sub === "--help" || sub === "-h") {
+    printServiceHelp();
+    return;
+  }
+  const commandArgs = serviceArgs.slice(1);
+  if (sub === "expose") {
+    await serviceExpose(commandArgs);
+  } else if (sub === "serve") {
+    await serviceServe(commandArgs);
+  } else if (sub === "tunnel") {
+    await serviceTunnel(commandArgs);
+  } else if (sub === "list" || sub === "ls") {
+    await serviceList();
+  } else if (sub === "delete" || sub === "rm") {
+    await serviceDelete(commandArgs);
+  } else {
+    console.error(`Unknown service command: ${sub}`);
+    printServiceHelp();
+    process.exit(1);
+  }
+}
+function printServiceHelp() {
+  console.log(`
+svamp service \u2014 Expose local services via frpc tunnels
+
+Usage:
+  svamp service expose <name> --port <port> [options]    Expose local ports via tunnel
+  svamp service serve <name> [directory] [--no-listing]   Serve static files via tunnel
+  svamp service tunnel <name> --port <port> [options]     Alias for expose
+  svamp service list                                      List active tunnels (daemon)
+  svamp service delete <name>                             Stop a tunnel (daemon)
+
+Options:
+  --port <port>              Port to expose (repeatable for multi-port)
+  --group <name>             Service group \u2014 multiple machines share the same URL
+  --group-key <secret>       Shared key for the service group
+  --health-check <tcp|http>  Enable health checks on local backend
+  --health-path <path>       HTTP health check path (e.g., /health)
+  --health-interval <sec>    Health check interval (default: 10s)
+
+Service Groups:
+  Run the same command on different machines with --group to create a
+  load-balanced service. frps round-robins traffic across all group members.
+  Unhealthy backends are auto-removed when --health-check is enabled.
+
+  Machine A:  svamp service expose my-api --port 8000 --group my-api --group-key secret123
+  Machine B:  svamp service expose my-api --port 8000 --group my-api --group-key secret123
+  \u2192 Both serve at the same URL, frps load-balances between them
+
+Examples:
+  svamp service expose my-api --port 8000
+  svamp service expose my-api --port 8000 --health-check http --health-path /health
+  svamp service expose my-api --port 8000 --port 3000
+  svamp service expose my-api --port 8000 --group my-api --group-key s3cret
+  svamp service serve my-site ./dist
+  svamp service serve my-site
+`.trim());
+}
+
+export { handleServiceCommand, serviceDelete, serviceExpose, serviceList, serviceServe, serviceTunnel };

package/dist/{commands-DkmPKHhv.mjs → commands-DCI1dZuS.mjs}

@@ -1,11 +1,11 @@
 import { writeFileSync, readFileSync } from 'fs';
 import { resolve } from 'path';
-import { connectAndGetMachine } from './commands-DVCdUK0p.mjs';
+import { connectAndGetMachine } from './commands-DrNOSpki.mjs';
 import 'node:fs';
 import 'node:child_process';
 import 'node:path';
 import 'node:os';
-import './run-CdjKXuaY.mjs';
+import './run-YVIJdP0j.mjs';
 import 'os';
 import 'fs/promises';
 import 'url';

package/dist/{commands-DVCdUK0p.mjs → commands-DrNOSpki.mjs}

@@ -2,7 +2,7 @@ import { existsSync, readFileSync } from 'node:fs';
 import { execSync } from 'node:child_process';
 import { resolve, join } from 'node:path';
 import os from 'node:os';
-import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-CdjKXuaY.mjs';
+import { l as loadSecurityContextConfig, e as resolveSecurityContext, f as buildSecurityContextFromFlags, m as mergeSecurityContexts, c as connectToHypha } from './run-YVIJdP0j.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';

package/dist/{frpc-Ckiiq9Lw.mjs → frpc-qqYQ6F9T.mjs}

@@ -1,14 +1,18 @@
 import { spawn, execSync } from 'child_process';
-import { mkdirSync, writeFileSync, unlinkSync, existsSync, chmodSync } from 'fs';
+import { mkdirSync, writeFileSync, unlinkSync, existsSync, chmodSync, readFileSync } from 'fs';
 import { join } from 'path';
 import { homedir, platform, arch } from 'os';
-import { randomUUID } from 'crypto';
+import { createHash } from 'crypto';
 
 const FRP_VERSION = "0.61.1";
 const BIN_DIR = join(homedir(), ".svamp", "bin");
 const FRPC_BIN = join(BIN_DIR, platform() === "win32" ? "frpc.exe" : "frpc");
-const DEFAULT_FRPS_ADDR = "34.51.246.12";
-const DEFAULT_FRPS_PORT = 7e3;
+function isInCluster() {
+  return !!(process.env.KUBERNETES_SERVICE_HOST || process.env.SANDBOX_ID);
+}
+const DEFAULT_FRPS_ADDR = isInCluster() ? "frps.hypha.svc.cluster.local" : "frps-ctrl.svc.hypha.aicell.io";
+const DEFAULT_FRPS_PORT = isInCluster() ? 7e3 : 443;
+const FRPS_PUBLIC_TOKEN = "hypha-frps-public";
 function getFrpcDownloadUrl() {
   const os = platform();
   const a = arch();
@@ -80,6 +84,15 @@ async function ensureFrpc(log) {
       { stdio: "pipe" }
     );
     chmodSync(FRPC_BIN, 493);
+    const bin = readFileSync(FRPC_BIN);
+    const old = Buffer.from("/~!frp");
+    const patched = Buffer.from("/frpws");
+    const idx = bin.indexOf(old);
+    if (idx !== -1) {
+      patched.copy(bin, idx);
+      writeFileSync(FRPC_BIN, bin);
+      logger("Patched frpc WebSocket path: /~!frp \u2192 /frpws");
+    }
     logger(`frpc installed at ${FRPC_BIN}`);
   } finally {
     try {
@@ -90,6 +103,7 @@ async function ensureFrpc(log) {
   return FRPC_BIN;
 }
 function generateFrpcConfig(config, proxies) {
+  const useWSS = config.serverPort === 443;
   const lines = [
     "# Auto-generated by svamp \u2014 do not edit",
     `serverAddr = "${config.serverAddr}"`,
@@ -98,11 +112,18 @@ function generateFrpcConfig(config, proxies) {
     'auth.method = "token"',
     `auth.token = "${config.authToken}"`,
     "",
+    "# Hypha JWT token for server-side authentication",
+    ...config.hyphaToken ? [`metadatas.token = "${config.hyphaToken}"`] : [],
+    "",
     "# Transport",
+    ...useWSS ? ['transport.protocol = "wss"'] : [],
     "transport.heartbeatInterval = 30",
     "transport.heartbeatTimeout = 90",
     "transport.poolCount = 5",
     "",
+    "# Don't exit on login failure \u2014 let frpc keep retrying",
+    "loginFailExit = false",
+    "",
     'log.to = "console"',
     'log.level = "info"',
     ""
@@ -119,6 +140,21 @@ function generateFrpcConfig(config, proxies) {
     if (proxy.customDomains && proxy.customDomains.length > 0) {
       lines.push(`customDomains = [${proxy.customDomains.map((d) => `"${d}"`).join(", ")}]`);
     }
+    if (proxy.group) {
+      lines.push(`loadBalancer.group = "${proxy.group}"`);
+      if (proxy.groupKey) {
+        lines.push(`loadBalancer.groupKey = "${proxy.groupKey}"`);
+      }
+    }
+    if (proxy.healthCheckType) {
+      lines.push(`healthCheck.type = "${proxy.healthCheckType}"`);
+      if (proxy.healthCheckType === "http" && proxy.healthCheckPath) {
+        lines.push(`healthCheck.path = "${proxy.healthCheckPath}"`);
+      }
+      lines.push(`healthCheck.intervalSeconds = ${proxy.healthCheckInterval || 10}`);
+      lines.push(`healthCheck.timeoutSeconds = ${proxy.healthCheckTimeout || 3}`);
+      lines.push(`healthCheck.maxFailed = ${proxy.healthCheckMaxFailed || 3}`);
+    }
     if (proxy.type === "http") {
       lines.push("transport.useEncryption = false");
       lines.push("transport.useCompression = false");
@@ -137,20 +173,41 @@ class FrpcTunnel {
   log;
   logBuffer = [];
   maxLogLines = 200;
+  proxies = [];
   constructor(options) {
     this.options = options;
     this.log = options.log || ((msg) => console.log(`[FRPC] ${msg}`));
+    const hyphaToken = options.serverConfig?.hyphaToken || process.env.HYPHA_TOKEN || "";
     this.serverConfig = {
       serverAddr: options.serverConfig?.serverAddr || process.env.FRPS_SERVER_ADDR || DEFAULT_FRPS_ADDR,
       serverPort: options.serverConfig?.serverPort || parseInt(process.env.FRPS_SERVER_PORT || "", 10) || DEFAULT_FRPS_PORT,
-      authToken: options.serverConfig?.authToken || process.env.FRPS_AUTH_TOKEN || "",
-      subDomainHost: options.serverConfig?.subDomainHost || process.env.FRPS_SUBDOMAIN_HOST || "svc.hypha.amun.ai"
+      authToken: options.serverConfig?.authToken || process.env.FRPS_AUTH_TOKEN || FRPS_PUBLIC_TOKEN,
+      hyphaToken,
+      subDomainHost: options.serverConfig?.subDomainHost || process.env.FRPS_SUBDOMAIN_HOST || "svc.hypha.aicell.io"
     };
-    if (!this.serverConfig.authToken) {
+    if (!this.serverConfig.hyphaToken) {
       throw new Error(
-        "frpc auth token required. Set FRPS_AUTH_TOKEN or pass serverConfig.authToken."
+        'Hypha token required for frpc authentication. Run "svamp login" or set HYPHA_TOKEN.'
       );
     }
+    const machineId = homedir();
+    const machineHash = createHash("sha256").update(machineId).digest("hex").slice(0, 6);
+    this.proxies = options.ports.map((port) => {
+      const subdomain = options.subdomains?.get(port) || (options.group ? `${options.group}-${createHash("sha256").update(options.group).digest("hex").slice(0, 8)}` : `${options.name}-${port}-${createHash("sha256").update(`${options.name}-${port}-${machineId}`).digest("hex").slice(0, 8)}`);
+      const proxyName = options.group ? `${options.name}-${port}-${machineHash}` : `${options.name}-${port}`;
+      return {
+        name: proxyName,
+        type: "http",
+        localIP: options.localHost || "127.0.0.1",
+        localPort: port,
+        subdomain,
+        group: options.group,
+        groupKey: options.groupKey,
+        healthCheckType: options.healthCheckType,
+        healthCheckPath: options.healthCheckPath,
+        healthCheckInterval: options.healthCheckInterval
+      };
+    });
     const configDir = join(homedir(), ".svamp", "frpc");
     mkdirSync(configDir, { recursive: true });
     this.configPath = join(configDir, `${options.name}.toml`);
@@ -160,17 +217,7 @@ class FrpcTunnel {
     if (this._destroyed) return;
     if (this.process) return;
     const frpcPath = await ensureFrpc(this.log);
-    const proxies = this.options.ports.map((port, i) => {
-      const subdomain = this.options.subdomains?.get(port) || `${this.options.name}-${port}-${randomUUID().slice(0, 8)}`;
-      return {
-        name: `${this.options.name}-${port}`,
-        type: "http",
-        localIP: this.options.localHost || "127.0.0.1",
-        localPort: port,
-        subdomain
-      };
-    });
-    const configContent = generateFrpcConfig(this.serverConfig, proxies);
+    const configContent = generateFrpcConfig(this.serverConfig, this.proxies);
     writeFileSync(this.configPath, configContent);
     this.log(`Config written to ${this.configPath}`);
     return new Promise((resolve, reject) => {
@@ -279,19 +326,20 @@ class FrpcTunnel {
   getUrls() {
     const urls = /* @__PURE__ */ new Map();
     const base = this.serverConfig.subDomainHost || "svc.hypha.amun.ai";
-    for (const port of this.options.ports) {
-      const subdomain = this.options.subdomains?.get(port) || `${this.options.name}-${port}`;
-      urls.set(port, `https://${subdomain}.${base}`);
+    for (const proxy of this.proxies) {
+      const subdomain = proxy.subdomain || proxy.name;
+      urls.set(proxy.localPort, `https://${subdomain}.${base}`);
     }
     return urls;
   }
 }
-async function runFrpcTunnel(name, ports, serverConfig) {
+async function runFrpcTunnel(name, ports, serverConfig, tunnelOptions) {
   const portList = ports.join(", ");
   const tunnel = new FrpcTunnel({
     name,
     ports,
     serverConfig,
+    ...tunnelOptions,
     onConnect: () => {
       console.log(`Tunnel connected: ${name} \u2192 localhost:[${portList}]`);
       const urls = tunnel.getUrls();

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-CdjKXuaY.mjs';
+export { c as connectToHypha, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, a as registerSessionService, s as startDaemon, b as stopDaemon } from './run-YVIJdP0j.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';