vibefs 0.1.0__tar.gz

vibefs-0.1.0/.gitignore

@@ -0,0 +1,13 @@
+# Python-generated files
+__pycache__/
+*.py[oc]
+build/
+dist/
+wheels/
+*.egg-info
+
+# Virtual environments
+.venv
+
+# Runtime data
+*.db

vibefs-0.1.0/.python-version

@@ -0,0 +1 @@
+3.14

vibefs-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 reorx
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

vibefs-0.1.0/PKG-INFO

@@ -0,0 +1,149 @@
+Metadata-Version: 2.4
+Name: vibefs
+Version: 0.1.0
+Summary: A simple, secure file preview service with time-limited URLs
+Project-URL: Homepage, https://github.com/reorx/vibefs
+Project-URL: Repository, https://github.com/reorx/vibefs
+Author-email: reorx <novoreorx@gmail.com>
+License-Expression: MIT
+License-File: LICENSE
+Keywords: agent,cli,file-server,preview
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: Internet :: WWW/HTTP :: HTTP Servers
+Classifier: Topic :: Utilities
+Requires-Python: >=3.10
+Requires-Dist: bottle>=0.13.4
+Requires-Dist: click>=8.3.1
+Requires-Dist: pygments>=2.19.2
+Description-Content-Type: text/markdown
+
+# vibefs
+
+A file preview server with time-limited access control, designed for AI agents to share local files with users via URLs.
+
+Files are not accessible by default. Each file must be explicitly authorized with a TTL (default: 1 hour). The server starts automatically on the first `allow` call and shuts down when all authorizations expire.
+
+## Install
+
+With [uv](https://docs.astral.sh/uv/):
+
+```bash
+# Install globally
+uv tool install vibefs
+
+# Or run directly without installing
+uvx vibefs --help
+```
+
+## Usage
+
+### Authorize a file
+
+```bash
+vibefs allow /path/to/file.py
+# http://localhost:17173/f/a3b7c2d1/file.py
+
+vibefs allow /path/to/file.py --ttl 300  # 5 minutes
+```
+
+The daemon starts automatically if it's not already running.
+
+### Manage authorizations
+
+```bash
+vibefs list                 # List active authorizations
+vibefs revoke <token>       # Revoke a specific authorization
+```
+
+### Server control
+
+```bash
+vibefs status               # Check if daemon is running
+vibefs stop                 # Stop the daemon
+vibefs serve                # Start server in foreground (for debugging)
+```
+
+### Configuration
+
+```bash
+vibefs config set base_url https://files.example.com
+vibefs config get base_url
+```
+
+When `base_url` is set, the `allow` command outputs URLs using it instead of `localhost:port`:
+
+```bash
+vibefs allow /path/to/file.py
+# https://files.example.com/f/a3b7c2d1/file.py
+```
+
+## File rendering
+
+- Code and text files (`.py`, `.js`, `.md`, `.json`, etc.) are rendered with syntax highlighting via Pygments.
+- Other files are served with their original content type.
+
+## Deploy
+
+vibefs listens on `localhost:17173` by default. To make it accessible from the internet, use a tunneling service to map the local port to a public domain.
+
+### Cloudflare Tunnel
+
+```bash
+# Install cloudflared: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/
+
+# Quick tunnel (temporary public URL)
+cloudflared tunnel --url http://localhost:17173
+
+# Named tunnel (persistent domain)
+cloudflared tunnel create vibefs
+cloudflared tunnel route dns vibefs vibefs.example.com
+cloudflared tunnel run --url http://localhost:17173 vibefs
+```
+
+### Other options
+
+- **ngrok**: `ngrok http 17173`
+- **Tailscale Funnel**: `tailscale funnel 17173`
+- **frp**, **bore**, or any TCP tunneling tool
+
+After setting up the tunnel, configure the base URL so generated links use your public domain:
+
+```bash
+vibefs config set base_url https://vibefs.example.com
+```
+
+## Agent integration
+
+To let an AI agent use vibefs, add instructions like the following to its system prompt or tool documentation:
+
+```
+You have access to `vibefs`, a file preview tool. When you want to share a file
+with the user, run:
+
+    vibefs allow /path/to/file [--ttl SECONDS]
+
+This prints a URL. Send the URL to the user — they can open it in a browser to
+view the file. The link expires after the TTL (default: 1 hour).
+
+Use this when:
+- Showing code, logs, or config files
+- Sharing generated output
+- Any time a file is easier to read in a browser than in chat
+```
+
+## State
+
+All runtime data is stored in `~/.vibefs/`:
+
+- `vibefs.db` — authorization records (SQLite)
+- `vibefs.pid` — daemon PID file
+- `vibefs.log` — daemon log output
+- `config.json` — configuration
+
+## License
+
+MIT

vibefs-0.1.0/PLAN.md

@@ -0,0 +1,113 @@
+# vibefs — Vibe File Server
+
+A simple, secure file preview service designed for AI agents to share files with users via time-limited URLs.
+
+## Concept
+
+Agents often need to show files to users. vibefs provides a lightweight web server where files must be explicitly authorized before they can be accessed, with automatic expiration.
+
+## Architecture
+
+- **Single-file core**: All logic lives in one Python file (`vibefs.py`) for maximum portability
+- **CLI**: click-based, subcommands for serving and authorizing
+- **Web**: Bottle (zero-dependency micro framework)
+- **Storage**: SQLite (Python built-in), stores authorization records
+
+## Commands
+
+```
+vibefs allow <path> [--ttl 3600]                # Authorize a file, auto-start daemon if needed, output access URL
+vibefs revoke <token>                           # Revoke access to a file
+vibefs list                                     # List currently authorized files
+vibefs serve [--port 8080] [--host 0.0.0.0]    # Manually start server in foreground (for debugging)
+vibefs stop                                     # Manually stop the daemon
+vibefs status                                   # Check if daemon is running
+```
+
+## URL Format
+
+```
+http://localhost:8080/f/{short_hash}/{filename}
+```
+
+- `short_hash`: 6-8 char random token, not derived from path (no path leakage)
+- `filename`: original filename for readability (e.g. `report.txt`)
+- Full filesystem path is never exposed
+
+## Flow
+
+1. Agent runs `vibefs allow /home/user/projects/output/report.txt`
+2. vibefs generates a short token, stores `{token, filepath, filename, created_at, expires_at}` in SQLite
+3. Checks if daemon is running (via PID file):
+   - Not running → fork a background daemon process that starts the Bottle server
+   - Already running → skip
+4. Outputs: `http://localhost:8080/f/a3b7c2/report.txt`
+5. User clicks link → vibefs checks token in SQLite:
+   - Valid & not expired → read file, return content with appropriate content-type
+   - Expired → show "This file is no longer available" page
+   - Unknown token → 404
+6. Default TTL: 1 hour, configurable via `--ttl` (seconds)
+
+## Daemon Architecture
+
+The server runs as an implicit, on-demand daemon — no manual `serve` required.
+
+### Auto-start
+- `allow` command checks PID file (`~/.vibefs/vibefs.pid`) to see if daemon is alive
+- If not running, forks a background daemon process (double-fork or `subprocess` detach)
+- Daemon writes its PID to the PID file on startup
+
+### Auto-stop (self-cleanup)
+- Daemon runs a background check every 60 seconds
+- On each check: query SQLite for any non-expired authorizations
+- If ALL authorizations have expired → daemon exits gracefully, removes PID file
+- This ensures the server only runs when there are active files to serve
+
+### State directory: `~/.vibefs/`
+- `~/.vibefs/vibefs.db` — SQLite database (always use this path, not cwd)
+- `~/.vibefs/vibefs.pid` — PID file for daemon liveness check
+- `~/.vibefs/vibefs.log` — daemon log output (stdout/stderr redirect)
+
+### PID file liveness check
+- Read PID from file → `os.kill(pid, 0)` to check if process is alive
+- If PID file exists but process is dead → stale PID file, clean up and restart
+
+## File Format Support
+
+- **Phase 1**: Plain text files (text/plain)
+- **Future**: Markdown rendering, images, PDFs, syntax highlighting, etc.
+
+## Dependencies
+
+- `click` — CLI framework
+- `bottle` — Web framework
+- Everything else is Python stdlib (sqlite3, hashlib, os, etc.)
+
+## Project Structure
+
+```
+vibefs/
+├── PLAN.md          # This file
+├── vibefs.py        # All core logic (single file)
+├── pyproject.toml   # Project metadata, dependencies & entry point
+├── uv.lock          # Lock file (auto-generated)
+└── README.md        # Usage documentation
+```
+
+## Packaging & Tooling
+
+Single-file core, but proper Python packaging practices:
+
+- **uv** as package manager (`uv init`, `uv add`, `uv run`)
+- **pyproject.toml** for metadata, dependencies, and CLI entry point
+- Entry point via `[project.scripts]`: `vibefs = "vibefs:cli"`
+- Install with `uv pip install -e .` or run directly with `uv run vibefs`
+- No `src/` layout — `vibefs.py` sits at project root, keeps it flat and simple
+
+## Design Principles
+
+- **Portable**: Single Python file, minimal dependencies
+- **Proper packaging**: uv + pyproject.toml, installable as a real Python package
+- **Secure by default**: Nothing is accessible until explicitly allowed
+- **Ephemeral**: Authorizations expire automatically
+- **Agent-friendly**: CLI output is clean and parseable

vibefs-0.1.0/README.md

@@ -0,0 +1,126 @@
+# vibefs
+
+A file preview server with time-limited access control, designed for AI agents to share local files with users via URLs.
+
+Files are not accessible by default. Each file must be explicitly authorized with a TTL (default: 1 hour). The server starts automatically on the first `allow` call and shuts down when all authorizations expire.
+
+## Install
+
+With [uv](https://docs.astral.sh/uv/):
+
+```bash
+# Install globally
+uv tool install vibefs
+
+# Or run directly without installing
+uvx vibefs --help
+```
+
+## Usage
+
+### Authorize a file
+
+```bash
+vibefs allow /path/to/file.py
+# http://localhost:17173/f/a3b7c2d1/file.py
+
+vibefs allow /path/to/file.py --ttl 300  # 5 minutes
+```
+
+The daemon starts automatically if it's not already running.
+
+### Manage authorizations
+
+```bash
+vibefs list                 # List active authorizations
+vibefs revoke <token>       # Revoke a specific authorization
+```
+
+### Server control
+
+```bash
+vibefs status               # Check if daemon is running
+vibefs stop                 # Stop the daemon
+vibefs serve                # Start server in foreground (for debugging)
+```
+
+### Configuration
+
+```bash
+vibefs config set base_url https://files.example.com
+vibefs config get base_url
+```
+
+When `base_url` is set, the `allow` command outputs URLs using it instead of `localhost:port`:
+
+```bash
+vibefs allow /path/to/file.py
+# https://files.example.com/f/a3b7c2d1/file.py
+```
+
+## File rendering
+
+- Code and text files (`.py`, `.js`, `.md`, `.json`, etc.) are rendered with syntax highlighting via Pygments.
+- Other files are served with their original content type.
+
+## Deploy
+
+vibefs listens on `localhost:17173` by default. To make it accessible from the internet, use a tunneling service to map the local port to a public domain.
+
+### Cloudflare Tunnel
+
+```bash
+# Install cloudflared: https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/downloads/
+
+# Quick tunnel (temporary public URL)
+cloudflared tunnel --url http://localhost:17173
+
+# Named tunnel (persistent domain)
+cloudflared tunnel create vibefs
+cloudflared tunnel route dns vibefs vibefs.example.com
+cloudflared tunnel run --url http://localhost:17173 vibefs
+```
+
+### Other options
+
+- **ngrok**: `ngrok http 17173`
+- **Tailscale Funnel**: `tailscale funnel 17173`
+- **frp**, **bore**, or any TCP tunneling tool
+
+After setting up the tunnel, configure the base URL so generated links use your public domain:
+
+```bash
+vibefs config set base_url https://vibefs.example.com
+```
+
+## Agent integration
+
+To let an AI agent use vibefs, add instructions like the following to its system prompt or tool documentation:
+
+```
+You have access to `vibefs`, a file preview tool. When you want to share a file
+with the user, run:
+
+    vibefs allow /path/to/file [--ttl SECONDS]
+
+This prints a URL. Send the URL to the user — they can open it in a browser to
+view the file. The link expires after the TTL (default: 1 hour).
+
+Use this when:
+- Showing code, logs, or config files
+- Sharing generated output
+- Any time a file is easier to read in a browser than in chat
+```
+
+## State
+
+All runtime data is stored in `~/.vibefs/`:
+
+- `vibefs.db` — authorization records (SQLite)
+- `vibefs.pid` — daemon PID file
+- `vibefs.log` — daemon log output
+- `config.json` — configuration
+
+## License
+
+MIT

vibefs-0.1.0/pyproject.toml

@@ -0,0 +1,36 @@
+[project]
+name = "vibefs"
+version = "0.1.0"
+description = "A simple, secure file preview service with time-limited URLs"
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.10"
+authors = [
+    { name = "reorx", email = "novoreorx@gmail.com" },
+]
+keywords = ["file-server", "preview", "cli", "agent"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Environment :: Console",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Topic :: Internet :: WWW/HTTP :: HTTP Servers",
+    "Topic :: Utilities",
+]
+dependencies = [
+    "bottle>=0.13.4",
+    "click>=8.3.1",
+    "pygments>=2.19.2",
+]
+
+[project.urls]
+Homepage = "https://github.com/reorx/vibefs"
+Repository = "https://github.com/reorx/vibefs"
+
+[project.scripts]
+vibefs = "vibefs:cli"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"

vibefs-0.1.0/uv.lock

@@ -0,0 +1,59 @@
+version = 1
+revision = 3
+requires-python = ">=3.14"
+
+[[package]]
+name = "bottle"
+version = "0.13.4"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/7a/71/cca6167c06d00c81375fd668719df245864076d284f7cb46a694cbeb5454/bottle-0.13.4.tar.gz", hash = "sha256:787e78327e12b227938de02248333d788cfe45987edca735f8f88e03472c3f47", size = 98717, upload-time = "2025-06-15T10:08:59.439Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/83/f6/b55ec74cfe68c6584163faa311503c20b0da4c09883a41e8e00d6726c954/bottle-0.13.4-py2.py3-none-any.whl", hash = "sha256:045684fbd2764eac9cdeb824861d1551d113e8b683d8d26e296898d3dd99a12e", size = 103807, upload-time = "2025-06-15T10:08:57.691Z" },
+]
+
+[[package]]
+name = "click"
+version = "8.3.1"
+source = { registry = "https://pypi.org/simple" }
+dependencies = [
+    { name = "colorama", marker = "sys_platform == 'win32'" },
+]
+sdist = { url = "https://files.pythonhosted.org/packages/3d/fa/656b739db8587d7b5dfa22e22ed02566950fbfbcdc20311993483657a5c0/click-8.3.1.tar.gz", hash = "sha256:12ff4785d337a1bb490bb7e9c2b1ee5da3112e94a8622f26a6c77f5d2fc6842a", size = 295065, upload-time = "2025-11-15T20:45:42.706Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/98/78/01c019cdb5d6498122777c1a43056ebb3ebfeef2076d9d026bfe15583b2b/click-8.3.1-py3-none-any.whl", hash = "sha256:981153a64e25f12d547d3426c367a4857371575ee7ad18df2a6183ab0545b2a6", size = 108274, upload-time = "2025-11-15T20:45:41.139Z" },
+]
+
+[[package]]
+name = "colorama"
+version = "0.4.6"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/d8/53/6f443c9a4a8358a93a6792e2acffb9d9d5cb0a5cfd8802644b7b1c9a02e4/colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", size = 27697, upload-time = "2022-10-25T02:36:22.414Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/d1/d6/3965ed04c63042e047cb6a3e6ed1a63a35087b6a609aa3a15ed8ac56c221/colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6", size = 25335, upload-time = "2022-10-25T02:36:20.889Z" },
+]
+
+[[package]]
+name = "pygments"
+version = "2.19.2"
+source = { registry = "https://pypi.org/simple" }
+sdist = { url = "https://files.pythonhosted.org/packages/b0/77/a5b8c569bf593b0140bde72ea885a803b82086995367bf2037de0159d924/pygments-2.19.2.tar.gz", hash = "sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887", size = 4968631, upload-time = "2025-06-21T13:39:12.283Z" }
+wheels = [
+    { url = "https://files.pythonhosted.org/packages/c7/21/705964c7812476f378728bdf590ca4b771ec72385c533964653c68e86bdc/pygments-2.19.2-py3-none-any.whl", hash = "sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b", size = 1225217, upload-time = "2025-06-21T13:39:07.939Z" },
+]
+
+[[package]]
+name = "vibefs"
+version = "0.1.0"
+source = { editable = "." }
+dependencies = [
+    { name = "bottle" },
+    { name = "click" },
+    { name = "pygments" },
+]
+
+[package.metadata]
+requires-dist = [
+    { name = "bottle", specifier = ">=0.13.4" },
+    { name = "click", specifier = ">=8.3.1" },
+    { name = "pygments", specifier = ">=2.19.2" },
+]

vibefs-0.1.0/vibefs.py

@@ -0,0 +1,589 @@
+"""vibefs — Vibe File Server
+
+A simple, secure file preview service designed for AI agents to share files
+with users via time-limited URLs.
+"""
+
+import atexit
+import json
+import mimetypes
+import os
+import secrets
+import signal
+import sqlite3
+import subprocess
+import sys
+import threading
+import time
+
+import bottle
+import click
+
+# --- Constants ---
+
+DEFAULT_PORT = 17173
+DEFAULT_HOST = '0.0.0.0'
+DEFAULT_TTL = 3600  # 1 hour
+TOKEN_LENGTH = 4  # bytes, produces 8 hex chars
+CLEANUP_INTERVAL = 60  # seconds between auto-stop checks
+
+# --- State Directory ---
+
+STATE_DIR = os.path.expanduser('~/.vibefs')
+DB_PATH = os.path.join(STATE_DIR, 'vibefs.db')
+PID_PATH = os.path.join(STATE_DIR, 'vibefs.pid')
+LOG_PATH = os.path.join(STATE_DIR, 'vibefs.log')
+CONFIG_PATH = os.path.join(STATE_DIR, 'config.json')
+
+
+def ensure_state_dir():
+    os.makedirs(STATE_DIR, exist_ok=True)
+
+
+# --- Config ---
+
+def load_config():
+    if os.path.isfile(CONFIG_PATH):
+        with open(CONFIG_PATH) as f:
+            return json.load(f)
+    return {}
+
+
+def save_config(cfg):
+    ensure_state_dir()
+    with open(CONFIG_PATH, 'w') as f:
+        json.dump(cfg, f, indent=2)
+        f.write('\n')
+
+
+# --- Database ---
+
+
+def get_db_path():
+    return os.environ.get('VIBEFS_DB', DB_PATH)
+
+
+def get_db():
+    db = sqlite3.connect(get_db_path())
+    db.row_factory = sqlite3.Row
+    db.execute("""
+        CREATE TABLE IF NOT EXISTS authorizations (
+            token TEXT PRIMARY KEY,
+            filepath TEXT NOT NULL,
+            filename TEXT NOT NULL,
+            created_at REAL NOT NULL,
+            expires_at REAL NOT NULL
+        )
+    """)
+    db.commit()
+    return db
+
+
+def add_authorization(filepath, ttl):
+    """Add an authorization record and return (token, filename)."""
+    abs_path = os.path.abspath(filepath)
+    if not os.path.isfile(abs_path):
+        raise FileNotFoundError(f'File not found: {abs_path}')
+
+    token = secrets.token_hex(TOKEN_LENGTH)
+    filename = os.path.basename(abs_path)
+    now = time.time()
+
+    db = get_db()
+    db.execute(
+        'INSERT INTO authorizations (token, filepath, filename, created_at, expires_at) VALUES (?, ?, ?, ?, ?)',
+        (token, abs_path, filename, now, now + ttl),
+    )
+    db.commit()
+    db.close()
+    return token, filename
+
+
+def remove_authorization(token):
+    """Remove an authorization record. Returns True if it existed."""
+    db = get_db()
+    cursor = db.execute('DELETE FROM authorizations WHERE token = ?', (token,))
+    db.commit()
+    deleted = cursor.rowcount > 0
+    db.close()
+    return deleted
+
+
+def list_authorizations():
+    """Return all authorization records."""
+    db = get_db()
+    rows = db.execute(
+        'SELECT token, filepath, filename, created_at, expires_at FROM authorizations ORDER BY created_at DESC'
+    ).fetchall()
+    db.close()
+    return rows
+
+
+def lookup_authorization(token):
+    """Look up a token. Returns (row, status) where status is 'valid', 'expired', or 'not_found'."""
+    db = get_db()
+    row = db.execute(
+        'SELECT token, filepath, filename, created_at, expires_at FROM authorizations WHERE token = ?',
+        (token,),
+    ).fetchone()
+    db.close()
+
+    if row is None:
+        return None, 'not_found'
+    if time.time() > row['expires_at']:
+        return row, 'expired'
+    return row, 'valid'
+
+
+def has_active_authorizations():
+    """Check if there are any non-expired authorizations."""
+    db = get_db()
+    row = db.execute(
+        'SELECT COUNT(*) as cnt FROM authorizations WHERE expires_at > ?',
+        (time.time(),),
+    ).fetchone()
+    db.close()
+    return row['cnt'] > 0
+
+
+# --- PID File Management ---
+
+
+def read_pid():
+    """Read PID from file. Returns int or None."""
+    if not os.path.exists(PID_PATH):
+        return None
+    with open(PID_PATH) as f:
+        content = f.read().strip()
+    if not content:
+        return None
+    return int(content)
+
+
+def write_pid():
+    """Write current process PID to file."""
+    ensure_state_dir()
+    with open(PID_PATH, 'w') as f:
+        f.write(str(os.getpid()))
+
+
+def remove_pid():
+    """Remove PID file if it exists."""
+    if os.path.exists(PID_PATH):
+        os.remove(PID_PATH)
+
+
+def is_daemon_running():
+    """Check if daemon is alive via PID file. Cleans stale PID files."""
+    pid = read_pid()
+    if pid is None:
+        return False
+    try:
+        os.kill(pid, 0)
+        return True
+    except ProcessLookupError:
+        # Process doesn't exist — stale PID file
+        remove_pid()
+        return False
+    except PermissionError:
+        # Process exists but we can't signal it (different user) — treat as running
+        return True
+
+
+# --- Daemon ---
+
+
+def start_daemon(port, host):
+    """Fork a background daemon process running 'vibefs serve'."""
+    ensure_state_dir()
+    log_file = open(LOG_PATH, 'a')
+    proc = subprocess.Popen(
+        [sys.executable, '-m', 'vibefs', 'serve', '--port', str(port), '--host', host],
+        stdout=log_file,
+        stderr=log_file,
+        start_new_session=True,
+    )
+    log_file.close()
+    # Give it a moment to start and write PID
+    time.sleep(0.3)
+    if proc.poll() is not None:
+        click.echo('Warning: daemon process exited immediately, check ~/.vibefs/vibefs.log', err=True)
+    else:
+        click.echo(f'Daemon started (pid {proc.pid})', err=True)
+
+
+def stop_daemon():
+    """Send SIGTERM to the daemon. Returns True if signal was sent."""
+    pid = read_pid()
+    if pid is None:
+        return False
+    try:
+        os.kill(pid, signal.SIGTERM)
+        return True
+    except ProcessLookupError:
+        remove_pid()
+        return False
+
+
+# --- Auto-stop Timer ---
+
+
+def start_cleanup_timer():
+    """Start a background thread that exits the server when all authorizations expire."""
+
+    def check_loop():
+        while True:
+            time.sleep(CLEANUP_INTERVAL)
+            if not has_active_authorizations():
+                click.echo('All authorizations expired, shutting down.', err=True)
+                remove_pid()
+                os._exit(0)
+
+    t = threading.Thread(target=check_loop, daemon=True)
+    t.start()
+
+
+# --- Renderers ---
+
+
+class BaseRenderer:
+    """Default renderer: returns raw file content with guessed content-type."""
+
+    def render(self, filepath):
+        content_type, _ = mimetypes.guess_type(filepath)
+        if content_type is None:
+            content_type = 'application/octet-stream'
+        bottle.response.content_type = content_type
+        with open(filepath, 'rb') as f:
+            return f.read()
+
+
+class CodeRenderer:
+    """Renders code files with syntax highlighting via Pygments."""
+
+    def render(self, filepath):
+        from pygments import highlight
+        from pygments.formatters import HtmlFormatter
+        from pygments.lexers import get_lexer_for_filename, TextLexer
+
+        with open(filepath) as f:
+            code = f.read()
+
+        try:
+            lexer = get_lexer_for_filename(filepath)
+        except Exception:
+            lexer = TextLexer()
+
+        formatter = HtmlFormatter(
+            style='monokai',
+            linenos=False,
+            cssclass='highlight',
+        )
+        highlighted = highlight(code, lexer, formatter)
+        css = formatter.get_style_defs('.highlight')
+        filename = os.path.basename(filepath)
+        stat = os.stat(filepath)
+        file_size = _format_size(stat.st_size)
+        file_mtime = time.strftime('%Y-%m-%d %H:%M', time.localtime(stat.st_mtime))
+
+        bottle.response.content_type = 'text/html; charset=utf-8'
+        return CODE_HTML_TEMPLATE.format(
+            filename=filename,
+            file_info=f'{file_size} · {file_mtime}',
+            pygments_css=css,
+            highlighted=highlighted,
+        )
+
+
+def _format_size(nbytes):
+    for unit in ('B', 'KB', 'MB', 'GB'):
+        if nbytes < 1024:
+            return f'{nbytes:.0f} {unit}' if unit == 'B' else f'{nbytes:.1f} {unit}'
+        nbytes /= 1024
+    return f'{nbytes:.1f} TB'
+
+
+CODE_HTML_TEMPLATE = """<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<title>{filename}</title>
+<style>
+  * {{ margin: 0; padding: 0; box-sizing: border-box; }}
+  body {{
+    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;
+    background: #1e1e1e;
+    color: #d4d4d4;
+    min-height: 100vh;
+  }}
+  .file-header {{
+    background: #2d2d2d;
+    border-bottom: 1px solid #404040;
+    padding: 12px 16px;
+    font-size: 14px;
+    font-weight: 600;
+    color: #e0e0e0;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+  }}
+  .file-info {{
+    font-size: 12px;
+    font-weight: 400;
+    color: #888;
+  }}
+  .file-content {{
+    overflow-x: auto;
+  }}
+  /* Pygments overrides */
+  {pygments_css}
+  .highlight {{
+    background: #1e1e1e;
+    padding: 0;
+  }}
+  .highlight pre {{
+    padding: 12px 8px;
+    margin: 0;
+    font-family: 'SF Mono', 'Menlo', 'Monaco', 'Consolas', 'Liberation Mono', monospace;
+    font-size: 15px;
+    line-height: 1.6;
+    white-space: pre-wrap;
+    word-wrap: break-word;
+    overflow-wrap: break-word;
+  }}
+  /* Mobile responsive */
+  @media (max-width: 768px) {{
+    .file-header {{
+      padding: 10px 12px;
+      font-size: 13px;
+    }}
+    .highlight pre {{
+      font-size: 14px;
+      line-height: 1.5;
+      padding: 8px 12px;
+    }}
+  }}
+</style>
+</head>
+<body>
+  <div class="file-header"><span>{filename}</span><span class="file-info">{file_info}</span></div>
+  <div class="file-content">
+    {highlighted}
+  </div>
+</body>
+</html>"""
+
+
+# Renderer registry: extension -> renderer instance
+_renderers = {}
+_fallback_renderer = BaseRenderer()
+
+CODE_EXTENSIONS = [
+    '.py', '.js', '.ts', '.jsx', '.tsx', '.go', '.rs', '.rb', '.java',
+    '.c', '.cpp', '.h', '.hpp', '.cs', '.swift', '.kt', '.scala',
+    '.sh', '.bash', '.zsh', '.fish',
+    '.html', '.css', '.scss', '.less',
+    '.json', '.yaml', '.yml', '.toml', '.ini', '.cfg',
+    '.xml', '.sql', '.graphql',
+    '.md', '.rst', '.txt',
+    '.lua', '.vim', '.el', '.clj', '.hs', '.ml', '.ex', '.exs',
+    '.r', '.R', '.jl', '.pl', '.pm', '.php',
+    '.dockerfile', '.makefile', '.cmake',
+    '.conf', '.env', '.gitignore',
+]
+
+
+def init_renderers():
+    """Register renderers for known extensions."""
+    code_renderer = CodeRenderer()
+    for ext in CODE_EXTENSIONS:
+        _renderers[ext] = code_renderer
+
+
+def get_renderer(filepath):
+    """Get the appropriate renderer for a file, falling back to BaseRenderer."""
+    _, ext = os.path.splitext(filepath)
+    return _renderers.get(ext.lower(), _fallback_renderer)
+
+
+init_renderers()
+
+
+# --- Web Server (Bottle) ---
+
+app = bottle.Bottle()
+
+
+@app.route('/f/<token>/<filename>')
+def serve_file(token, filename):
+    row, status = lookup_authorization(token)
+
+    if status == 'not_found':
+        bottle.abort(404, 'Not found')
+
+    if status == 'expired':
+        return bottle.template(EXPIRED_TEMPLATE, filename=row['filename'])
+
+    filepath = row['filepath']
+    if not os.path.isfile(filepath):
+        bottle.abort(404, 'File no longer exists on disk')
+
+    renderer = get_renderer(filepath)
+    return renderer.render(filepath)
+
+
+EXPIRED_TEMPLATE = """<!DOCTYPE html>
+<html>
+<head><title>File Expired</title>
+<style>
+  body { font-family: system-ui, sans-serif; max-width: 480px; margin: 80px auto; text-align: center; color: #333; }
+  h1 { font-size: 1.4em; }
+  p { color: #666; }
+</style>
+</head>
+<body>
+  <h1>This file is no longer available</h1>
+  <p><strong>{{filename}}</strong> has expired and can no longer be accessed.</p>
+</body>
+</html>
+"""
+
+
+# --- CLI (Click) ---
+
+
+@click.group()
+def cli():
+    """vibefs — Vibe File Server
+
+    A simple, secure file preview service for sharing files via time-limited URLs.
+    """
+    pass
+
+
+@cli.command()
+@click.option('--port', default=DEFAULT_PORT, show_default=True, help='Port to listen on')
+@click.option('--host', default=DEFAULT_HOST, show_default=True, help='Host to bind to')
+@click.option('--foreground', is_flag=True, default=False, help='Run in foreground (no PID file cleanup timer)')
+def serve(port, host, foreground):
+    """Start the web server."""
+    ensure_state_dir()
+    write_pid()
+    atexit.register(remove_pid)
+
+    if not foreground:
+        start_cleanup_timer()
+
+    click.echo(f'vibefs serving on http://{host}:{port} (pid {os.getpid()})')
+    app.run(host=host, port=port, quiet=True)
+
+
+@cli.command()
+@click.argument('path')
+@click.option('--ttl', default=DEFAULT_TTL, show_default=True, help='Time-to-live in seconds')
+@click.option('--port', default=DEFAULT_PORT, show_default=True, help='Port for URL generation')
+@click.option('--host', default='localhost', show_default=True, help='Host for URL generation')
+def allow(path, ttl, port, host):
+    """Authorize a file for access, auto-start daemon if needed, and print its URL."""
+    ensure_state_dir()
+    token, filename = add_authorization(path, ttl)
+    base_url = load_config().get('base_url')
+    if base_url:
+        url = f'{base_url.rstrip("/")}/f/{token}/{filename}'
+    else:
+        url = f'http://{host}:{port}/f/{token}/{filename}'
+    click.echo(url)
+
+    # Auto-start daemon if not running
+    if not is_daemon_running():
+        start_daemon(port, DEFAULT_HOST)
+
+
+@cli.command()
+@click.argument('token')
+def revoke(token):
+    """Revoke access to a file by its token."""
+    if remove_authorization(token):
+        click.echo(f'Revoked: {token}')
+    else:
+        click.echo(f'Token not found: {token}', err=True)
+
+
+@cli.command('list')
+def list_cmd():
+    """List currently authorized files."""
+    rows = list_authorizations()
+    if not rows:
+        click.echo('No active authorizations.')
+        return
+
+    now = time.time()
+    for row in rows:
+        remaining = row['expires_at'] - now
+        if remaining > 0:
+            status = f'{int(remaining)}s remaining'
+        else:
+            status = 'expired'
+        click.echo(f'  {row["token"]}  {row["filepath"]}  [{status}]')
+
+
+@cli.command()
+def stop():
+    """Stop the running daemon."""
+    if stop_daemon():
+        click.echo('Daemon stopped.')
+    else:
+        click.echo('Daemon is not running.', err=True)
+
+
+@cli.command()
+def status():
+    """Check if the daemon is running."""
+    pid = read_pid()
+    if is_daemon_running():
+        click.echo(f'Daemon is running (pid {pid}).')
+    else:
+        click.echo('Daemon is not running.')
+
+
+@cli.group()
+def config():
+    """Get or set configuration values."""
+    pass
+
+
+VALID_CONFIG_KEYS = ['base_url']
+
+
+@config.command('set')
+@click.argument('key')
+@click.argument('value')
+def config_set(key, value):
+    """Set a config value (e.g. vibefs config set base_url https://files.example.com)."""
+    if key not in VALID_CONFIG_KEYS:
+        click.echo(f'Unknown config key: {key}. Valid keys: {", ".join(VALID_CONFIG_KEYS)}', err=True)
+        sys.exit(1)
+    cfg = load_config()
+    cfg[key] = value
+    save_config(cfg)
+    click.echo(f'{key} = {value}')
+
+
+@config.command('get')
+@click.argument('key')
+def config_get(key):
+    """Get a config value (e.g. vibefs config get base_url)."""
+    if key not in VALID_CONFIG_KEYS:
+        click.echo(f'Unknown config key: {key}. Valid keys: {", ".join(VALID_CONFIG_KEYS)}', err=True)
+        sys.exit(1)
+    cfg = load_config()
+    value = cfg.get(key)
+    if value is None:
+        click.echo(f'{key}: (not set)')
+    else:
+        click.echo(f'{key} = {value}')
+
+
+if __name__ == '__main__':
+    cli()