2026-02-02 19:01:51 -08:00
|
|
|
"""
|
|
|
|
|
Gateway subcommand for hermes CLI.
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
Handles: hermes gateway [run|start|stop|restart|status|install|uninstall|setup]
|
2026-02-02 19:01:51 -08:00
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
import asyncio
|
|
|
|
|
import os
|
2026-02-03 10:46:23 -08:00
|
|
|
import signal
|
2026-02-02 19:01:51 -08:00
|
|
|
import subprocess
|
|
|
|
|
import sys
|
|
|
|
|
from pathlib import Path
|
|
|
|
|
|
|
|
|
|
PROJECT_ROOT = Path(__file__).parent.parent.resolve()
|
|
|
|
|
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
from hermes_cli.config import get_env_value, get_hermes_home, save_env_value
|
2026-03-03 18:57:33 -08:00
|
|
|
from hermes_cli.setup import (
|
|
|
|
|
print_header, print_info, print_success, print_warning, print_error,
|
|
|
|
|
prompt, prompt_choice, prompt_yes_no,
|
|
|
|
|
)
|
|
|
|
|
from hermes_cli.colors import Colors, color
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
|
2026-02-03 10:46:23 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Process Management (for manual gateway runs)
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
|
|
|
|
def find_gateway_pids() -> list:
|
|
|
|
|
"""Find PIDs of running gateway processes."""
|
|
|
|
|
pids = []
|
2026-03-02 22:03:29 -08:00
|
|
|
patterns = [
|
|
|
|
|
"hermes_cli.main gateway",
|
|
|
|
|
"hermes gateway",
|
|
|
|
|
"gateway/run.py",
|
|
|
|
|
]
|
|
|
|
|
|
2026-02-03 10:46:23 -08:00
|
|
|
try:
|
2026-03-02 22:03:29 -08:00
|
|
|
if is_windows():
|
|
|
|
|
# Windows: use wmic to search command lines
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
["wmic", "process", "get", "ProcessId,CommandLine", "/FORMAT:LIST"],
|
|
|
|
|
capture_output=True, text=True
|
|
|
|
|
)
|
|
|
|
|
# Parse WMIC LIST output: blocks of "CommandLine=...\nProcessId=...\n"
|
|
|
|
|
current_cmd = ""
|
|
|
|
|
for line in result.stdout.split('\n'):
|
|
|
|
|
line = line.strip()
|
|
|
|
|
if line.startswith("CommandLine="):
|
|
|
|
|
current_cmd = line[len("CommandLine="):]
|
|
|
|
|
elif line.startswith("ProcessId="):
|
|
|
|
|
pid_str = line[len("ProcessId="):]
|
|
|
|
|
if any(p in current_cmd for p in patterns):
|
2026-02-03 10:46:23 -08:00
|
|
|
try:
|
2026-03-02 22:03:29 -08:00
|
|
|
pid = int(pid_str)
|
|
|
|
|
if pid != os.getpid() and pid not in pids:
|
2026-02-03 10:46:23 -08:00
|
|
|
pids.append(pid)
|
|
|
|
|
except ValueError:
|
2026-03-02 22:03:29 -08:00
|
|
|
pass
|
|
|
|
|
current_cmd = ""
|
|
|
|
|
else:
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
["ps", "aux"],
|
|
|
|
|
capture_output=True,
|
|
|
|
|
text=True
|
|
|
|
|
)
|
|
|
|
|
for line in result.stdout.split('\n'):
|
|
|
|
|
# Skip grep and current process
|
|
|
|
|
if 'grep' in line or str(os.getpid()) in line:
|
|
|
|
|
continue
|
|
|
|
|
for pattern in patterns:
|
|
|
|
|
if pattern in line:
|
|
|
|
|
parts = line.split()
|
|
|
|
|
if len(parts) > 1:
|
|
|
|
|
try:
|
|
|
|
|
pid = int(parts[1])
|
|
|
|
|
if pid not in pids:
|
|
|
|
|
pids.append(pid)
|
|
|
|
|
except ValueError:
|
|
|
|
|
continue
|
|
|
|
|
break
|
2026-02-03 10:46:23 -08:00
|
|
|
except Exception:
|
|
|
|
|
pass
|
2026-03-02 22:03:29 -08:00
|
|
|
|
2026-02-03 10:46:23 -08:00
|
|
|
return pids
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def kill_gateway_processes(force: bool = False) -> int:
|
|
|
|
|
"""Kill any running gateway processes. Returns count killed."""
|
|
|
|
|
pids = find_gateway_pids()
|
|
|
|
|
killed = 0
|
|
|
|
|
|
|
|
|
|
for pid in pids:
|
|
|
|
|
try:
|
2026-03-02 22:03:29 -08:00
|
|
|
if force and not is_windows():
|
2026-02-03 10:46:23 -08:00
|
|
|
os.kill(pid, signal.SIGKILL)
|
|
|
|
|
else:
|
|
|
|
|
os.kill(pid, signal.SIGTERM)
|
|
|
|
|
killed += 1
|
|
|
|
|
except ProcessLookupError:
|
|
|
|
|
# Process already gone
|
|
|
|
|
pass
|
|
|
|
|
except PermissionError:
|
|
|
|
|
print(f"⚠ Permission denied to kill PID {pid}")
|
|
|
|
|
|
|
|
|
|
return killed
|
|
|
|
|
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
def is_linux() -> bool:
|
|
|
|
|
return sys.platform.startswith('linux')
|
|
|
|
|
|
|
|
|
|
def is_macos() -> bool:
|
|
|
|
|
return sys.platform == 'darwin'
|
|
|
|
|
|
|
|
|
|
def is_windows() -> bool:
|
|
|
|
|
return sys.platform == 'win32'
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
# Service Configuration
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
2026-03-16 04:42:46 -07:00
|
|
|
_SERVICE_BASE = "hermes-gateway"
|
2026-02-02 19:01:51 -08:00
|
|
|
SERVICE_DESCRIPTION = "Hermes Agent Gateway - Messaging Platform Integration"
|
|
|
|
|
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-03-16 04:42:46 -07:00
|
|
|
def get_service_name() -> str:
|
|
|
|
|
"""Derive a systemd service name scoped to this HERMES_HOME.
|
|
|
|
|
|
|
|
|
|
Default ``~/.hermes`` returns ``hermes-gateway`` (backward compatible).
|
|
|
|
|
Any other HERMES_HOME appends a short hash so multiple installations
|
|
|
|
|
can each have their own systemd service without conflicting.
|
|
|
|
|
"""
|
|
|
|
|
import hashlib
|
|
|
|
|
from pathlib import Path as _Path # local import to avoid monkeypatch interference
|
|
|
|
|
home = _Path(os.getenv("HERMES_HOME", _Path.home() / ".hermes")).resolve()
|
|
|
|
|
default = (_Path.home() / ".hermes").resolve()
|
|
|
|
|
if home == default:
|
|
|
|
|
return _SERVICE_BASE
|
|
|
|
|
suffix = hashlib.sha256(str(home).encode()).hexdigest()[:8]
|
|
|
|
|
return f"{_SERVICE_BASE}-{suffix}"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SERVICE_NAME = _SERVICE_BASE # backward-compat for external importers; prefer get_service_name()
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def get_systemd_unit_path(system: bool = False) -> Path:
|
2026-03-16 04:42:46 -07:00
|
|
|
name = get_service_name()
|
2026-03-14 20:54:51 -07:00
|
|
|
if system:
|
2026-03-16 04:42:46 -07:00
|
|
|
return Path("/etc/systemd/system") / f"{name}.service"
|
|
|
|
|
return Path.home() / ".config" / "systemd" / "user" / f"{name}.service"
|
2026-02-02 19:01:51 -08:00
|
|
|
|
2026-03-14 06:11:33 -07:00
|
|
|
|
fix: auto-detect D-Bus session bus for systemctl --user on headless servers (#1601)
* fix: Anthropic OAuth compatibility — Claude Code identity fingerprinting
Anthropic routes OAuth/subscription requests based on Claude Code's
identity markers. Without them, requests get intermittent 500 errors
(~25% failure rate observed). This matches what pi-ai (clawdbot) and
OpenCode both implement for OAuth compatibility.
Changes (OAuth tokens only — API key users unaffected):
1. Headers: user-agent 'claude-cli/2.1.2 (external, cli)' + x-app 'cli'
2. System prompt: prepend 'You are Claude Code, Anthropic's official CLI'
3. System prompt sanitization: replace Hermes/Nous references
4. Tool names: prefix with 'mcp_' (Claude Code convention for non-native tools)
5. Tool name stripping: remove 'mcp_' prefix from response tool calls
Before: 9/12 OK, 1 hard fail, 4 needed retries (~25% error rate)
After: 16/16 OK, 0 failures, 0 retries (0% error rate)
* fix: auto-detect DBUS_SESSION_BUS_ADDRESS for systemctl --user on headless servers
On SSH sessions to headless servers, DBUS_SESSION_BUS_ADDRESS and
XDG_RUNTIME_DIR may not be set even when the user's systemd instance
is running via linger. This causes 'systemctl --user' to fail with
'Failed to connect to bus: No medium found', breaking gateway
restart/start/stop as a service and falling back to foreground mode.
Add _ensure_user_systemd_env() that detects the standard D-Bus socket
at /run/user/<UID>/bus and sets the env vars before any systemctl --user
call. Called from _systemctl_cmd() so all existing call sites benefit
automatically with zero changes.
Fixes: gateway restart falling back to foreground on headless servers
* fix: show linger guidance when gateway restart fails during update and gateway restart
When systemctl --user restart fails during 'hermes update' or
'hermes gateway restart', check linger status and tell the user
exactly what to run (sudo -S -p '' loginctl enable-linger) instead of
silently falling back to foreground mode.
Also applies _ensure_user_systemd_env() to the raw systemctl calls
in cmd_update so they work properly on SSH sessions where D-Bus
env vars are missing.
2026-03-16 17:45:48 -07:00
|
|
|
def _ensure_user_systemd_env() -> None:
|
|
|
|
|
"""Ensure DBUS_SESSION_BUS_ADDRESS and XDG_RUNTIME_DIR are set for systemctl --user.
|
|
|
|
|
|
|
|
|
|
On headless servers (SSH sessions), these env vars may be missing even when
|
|
|
|
|
the user's systemd instance is running (via linger). Without them,
|
|
|
|
|
``systemctl --user`` fails with "Failed to connect to bus: No medium found".
|
|
|
|
|
We detect the standard socket path and set the vars so all subsequent
|
|
|
|
|
subprocess calls inherit them.
|
|
|
|
|
"""
|
|
|
|
|
uid = os.getuid()
|
|
|
|
|
if "XDG_RUNTIME_DIR" not in os.environ:
|
|
|
|
|
runtime_dir = f"/run/user/{uid}"
|
|
|
|
|
if Path(runtime_dir).exists():
|
|
|
|
|
os.environ["XDG_RUNTIME_DIR"] = runtime_dir
|
|
|
|
|
|
|
|
|
|
if "DBUS_SESSION_BUS_ADDRESS" not in os.environ:
|
|
|
|
|
xdg_runtime = os.environ.get("XDG_RUNTIME_DIR", f"/run/user/{uid}")
|
|
|
|
|
bus_path = Path(xdg_runtime) / "bus"
|
|
|
|
|
if bus_path.exists():
|
|
|
|
|
os.environ["DBUS_SESSION_BUS_ADDRESS"] = f"unix:path={bus_path}"
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def _systemctl_cmd(system: bool = False) -> list[str]:
|
fix: auto-detect D-Bus session bus for systemctl --user on headless servers (#1601)
* fix: Anthropic OAuth compatibility — Claude Code identity fingerprinting
Anthropic routes OAuth/subscription requests based on Claude Code's
identity markers. Without them, requests get intermittent 500 errors
(~25% failure rate observed). This matches what pi-ai (clawdbot) and
OpenCode both implement for OAuth compatibility.
Changes (OAuth tokens only — API key users unaffected):
1. Headers: user-agent 'claude-cli/2.1.2 (external, cli)' + x-app 'cli'
2. System prompt: prepend 'You are Claude Code, Anthropic's official CLI'
3. System prompt sanitization: replace Hermes/Nous references
4. Tool names: prefix with 'mcp_' (Claude Code convention for non-native tools)
5. Tool name stripping: remove 'mcp_' prefix from response tool calls
Before: 9/12 OK, 1 hard fail, 4 needed retries (~25% error rate)
After: 16/16 OK, 0 failures, 0 retries (0% error rate)
* fix: auto-detect DBUS_SESSION_BUS_ADDRESS for systemctl --user on headless servers
On SSH sessions to headless servers, DBUS_SESSION_BUS_ADDRESS and
XDG_RUNTIME_DIR may not be set even when the user's systemd instance
is running via linger. This causes 'systemctl --user' to fail with
'Failed to connect to bus: No medium found', breaking gateway
restart/start/stop as a service and falling back to foreground mode.
Add _ensure_user_systemd_env() that detects the standard D-Bus socket
at /run/user/<UID>/bus and sets the env vars before any systemctl --user
call. Called from _systemctl_cmd() so all existing call sites benefit
automatically with zero changes.
Fixes: gateway restart falling back to foreground on headless servers
* fix: show linger guidance when gateway restart fails during update and gateway restart
When systemctl --user restart fails during 'hermes update' or
'hermes gateway restart', check linger status and tell the user
exactly what to run (sudo -S -p '' loginctl enable-linger) instead of
silently falling back to foreground mode.
Also applies _ensure_user_systemd_env() to the raw systemctl calls
in cmd_update so they work properly on SSH sessions where D-Bus
env vars are missing.
2026-03-16 17:45:48 -07:00
|
|
|
if not system:
|
|
|
|
|
_ensure_user_systemd_env()
|
2026-03-14 20:54:51 -07:00
|
|
|
return ["systemctl"] if system else ["systemctl", "--user"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _journalctl_cmd(system: bool = False) -> list[str]:
|
|
|
|
|
return ["journalctl"] if system else ["journalctl", "--user"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _service_scope_label(system: bool = False) -> str:
|
|
|
|
|
return "system" if system else "user"
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 21:06:52 -07:00
|
|
|
def get_installed_systemd_scopes() -> list[str]:
|
|
|
|
|
scopes = []
|
|
|
|
|
seen_paths: set[Path] = set()
|
|
|
|
|
for system, label in ((False, "user"), (True, "system")):
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
|
|
|
|
if unit_path in seen_paths:
|
|
|
|
|
continue
|
|
|
|
|
if unit_path.exists():
|
|
|
|
|
scopes.append(label)
|
|
|
|
|
seen_paths.add(unit_path)
|
|
|
|
|
return scopes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def has_conflicting_systemd_units() -> bool:
|
|
|
|
|
return len(get_installed_systemd_scopes()) > 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def print_systemd_scope_conflict_warning() -> None:
|
|
|
|
|
scopes = get_installed_systemd_scopes()
|
|
|
|
|
if len(scopes) < 2:
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
rendered_scopes = " + ".join(scopes)
|
|
|
|
|
print_warning(f"Both user and system gateway services are installed ({rendered_scopes}).")
|
|
|
|
|
print_info(" This is confusing and can make start/stop/status behavior ambiguous.")
|
|
|
|
|
print_info(" Default gateway commands target the user service unless you pass --system.")
|
|
|
|
|
print_info(" Keep one of these:")
|
|
|
|
|
print_info(" hermes gateway uninstall")
|
|
|
|
|
print_info(" sudo hermes gateway uninstall --system")
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def _require_root_for_system_service(action: str) -> None:
|
|
|
|
|
if os.geteuid() != 0:
|
|
|
|
|
print(f"System gateway {action} requires root. Re-run with sudo.")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _system_service_identity(run_as_user: str | None = None) -> tuple[str, str, str]:
|
|
|
|
|
import getpass
|
|
|
|
|
import grp
|
|
|
|
|
import pwd
|
|
|
|
|
|
|
|
|
|
username = (run_as_user or os.getenv("SUDO_USER") or os.getenv("USER") or os.getenv("LOGNAME") or getpass.getuser()).strip()
|
|
|
|
|
if not username:
|
|
|
|
|
raise ValueError("Could not determine which user the gateway service should run as")
|
|
|
|
|
if username == "root":
|
|
|
|
|
raise ValueError("Refusing to install the gateway system service as root; pass --run-as USER")
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
user_info = pwd.getpwnam(username)
|
|
|
|
|
except KeyError as e:
|
|
|
|
|
raise ValueError(f"Unknown user: {username}") from e
|
|
|
|
|
|
|
|
|
|
group_name = grp.getgrgid(user_info.pw_gid).gr_name
|
|
|
|
|
return username, group_name, user_info.pw_dir
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _read_systemd_user_from_unit(unit_path: Path) -> str | None:
|
|
|
|
|
if not unit_path.exists():
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
for line in unit_path.read_text(encoding="utf-8").splitlines():
|
|
|
|
|
if line.startswith("User="):
|
|
|
|
|
value = line.split("=", 1)[1].strip()
|
|
|
|
|
return value or None
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 21:06:52 -07:00
|
|
|
def _default_system_service_user() -> str | None:
|
|
|
|
|
for candidate in (os.getenv("SUDO_USER"), os.getenv("USER"), os.getenv("LOGNAME")):
|
|
|
|
|
if candidate and candidate.strip() and candidate.strip() != "root":
|
|
|
|
|
return candidate.strip()
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def prompt_linux_gateway_install_scope() -> str | None:
|
|
|
|
|
choice = prompt_choice(
|
|
|
|
|
" Choose how the gateway should run in the background:",
|
|
|
|
|
[
|
|
|
|
|
"User service (no sudo; best for laptops/dev boxes; may need linger after logout)",
|
|
|
|
|
"System service (starts on boot; requires sudo; still runs as your user)",
|
|
|
|
|
"Skip service install for now",
|
|
|
|
|
],
|
|
|
|
|
default=0,
|
|
|
|
|
)
|
|
|
|
|
return {0: "user", 1: "system", 2: None}[choice]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def install_linux_gateway_from_setup(force: bool = False) -> tuple[str | None, bool]:
|
|
|
|
|
scope = prompt_linux_gateway_install_scope()
|
|
|
|
|
if scope is None:
|
|
|
|
|
return None, False
|
|
|
|
|
|
|
|
|
|
if scope == "system":
|
|
|
|
|
run_as_user = _default_system_service_user()
|
|
|
|
|
if os.geteuid() != 0:
|
|
|
|
|
print_warning(" System service install requires sudo, so Hermes can't create it from this user session.")
|
|
|
|
|
if run_as_user:
|
|
|
|
|
print_info(f" After setup, run: sudo hermes gateway install --system --run-as-user {run_as_user}")
|
|
|
|
|
else:
|
|
|
|
|
print_info(" After setup, run: sudo hermes gateway install --system --run-as-user <your-user>")
|
|
|
|
|
print_info(" Then start it with: sudo hermes gateway start --system")
|
|
|
|
|
return scope, False
|
|
|
|
|
|
|
|
|
|
if not run_as_user:
|
|
|
|
|
while True:
|
|
|
|
|
run_as_user = prompt(" Run the system gateway service as which user?", default="")
|
|
|
|
|
run_as_user = (run_as_user or "").strip()
|
|
|
|
|
if run_as_user and run_as_user != "root":
|
|
|
|
|
break
|
|
|
|
|
print_error(" Enter a non-root username.")
|
|
|
|
|
|
|
|
|
|
systemd_install(force=force, system=True, run_as_user=run_as_user)
|
|
|
|
|
return scope, True
|
|
|
|
|
|
|
|
|
|
systemd_install(force=force, system=False)
|
|
|
|
|
return scope, True
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 06:11:33 -07:00
|
|
|
def get_systemd_linger_status() -> tuple[bool | None, str]:
|
|
|
|
|
"""Return whether systemd user lingering is enabled for the current user.
|
|
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
|
(True, "") when linger is enabled.
|
|
|
|
|
(False, "") when linger is disabled.
|
|
|
|
|
(None, detail) when the status could not be determined.
|
|
|
|
|
"""
|
|
|
|
|
if not is_linux():
|
|
|
|
|
return None, "not supported on this platform"
|
|
|
|
|
|
|
|
|
|
import shutil
|
|
|
|
|
|
|
|
|
|
if not shutil.which("loginctl"):
|
|
|
|
|
return None, "loginctl not found"
|
|
|
|
|
|
|
|
|
|
username = os.getenv("USER") or os.getenv("LOGNAME")
|
|
|
|
|
if not username:
|
|
|
|
|
try:
|
|
|
|
|
import pwd
|
|
|
|
|
username = pwd.getpwuid(os.getuid()).pw_name
|
|
|
|
|
except Exception:
|
|
|
|
|
return None, "could not determine current user"
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
["loginctl", "show-user", username, "--property=Linger", "--value"],
|
|
|
|
|
capture_output=True,
|
|
|
|
|
text=True,
|
|
|
|
|
check=False,
|
|
|
|
|
)
|
|
|
|
|
except Exception as e:
|
|
|
|
|
return None, str(e)
|
|
|
|
|
|
|
|
|
|
if result.returncode != 0:
|
|
|
|
|
detail = (result.stderr or result.stdout or f"exit {result.returncode}").strip()
|
|
|
|
|
return None, detail or "loginctl query failed"
|
|
|
|
|
|
|
|
|
|
value = (result.stdout or "").strip().lower()
|
|
|
|
|
if value in {"yes", "true", "1"}:
|
|
|
|
|
return True, ""
|
|
|
|
|
if value in {"no", "false", "0"}:
|
|
|
|
|
return False, ""
|
|
|
|
|
|
|
|
|
|
rendered = value or "<empty>"
|
|
|
|
|
return None, f"unexpected loginctl output: {rendered}"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def print_systemd_linger_guidance() -> None:
|
|
|
|
|
"""Print the current linger status and the fix when it is disabled."""
|
|
|
|
|
linger_enabled, linger_detail = get_systemd_linger_status()
|
|
|
|
|
if linger_enabled is True:
|
|
|
|
|
print("✓ Systemd linger is enabled (service survives logout)")
|
|
|
|
|
elif linger_enabled is False:
|
|
|
|
|
print("⚠ Systemd linger is disabled (gateway may stop when you log out)")
|
|
|
|
|
print(" Run: sudo loginctl enable-linger $USER")
|
|
|
|
|
else:
|
|
|
|
|
print(f"⚠ Could not verify systemd linger ({linger_detail})")
|
|
|
|
|
print(" If you want the gateway user service to survive logout, run:")
|
|
|
|
|
print(" sudo loginctl enable-linger $USER")
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
def get_launchd_plist_path() -> Path:
|
|
|
|
|
return Path.home() / "Library" / "LaunchAgents" / "ai.hermes.gateway.plist"
|
|
|
|
|
|
|
|
|
|
def get_python_path() -> str:
|
2026-03-02 22:03:29 -08:00
|
|
|
if is_windows():
|
|
|
|
|
venv_python = PROJECT_ROOT / "venv" / "Scripts" / "python.exe"
|
|
|
|
|
else:
|
|
|
|
|
venv_python = PROJECT_ROOT / "venv" / "bin" / "python"
|
2026-02-02 19:01:51 -08:00
|
|
|
if venv_python.exists():
|
|
|
|
|
return str(venv_python)
|
|
|
|
|
return sys.executable
|
|
|
|
|
|
|
|
|
|
def get_hermes_cli_path() -> str:
|
|
|
|
|
"""Get the path to the hermes CLI."""
|
|
|
|
|
# Check if installed via pip
|
|
|
|
|
import shutil
|
|
|
|
|
hermes_bin = shutil.which("hermes")
|
|
|
|
|
if hermes_bin:
|
|
|
|
|
return hermes_bin
|
|
|
|
|
|
|
|
|
|
# Fallback to direct module execution
|
|
|
|
|
return f"{get_python_path()} -m hermes_cli.main"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
# Systemd (Linux)
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def generate_systemd_unit(system: bool = False, run_as_user: str | None = None) -> str:
|
2026-02-02 19:01:51 -08:00
|
|
|
python_path = get_python_path()
|
|
|
|
|
working_dir = str(PROJECT_ROOT)
|
2026-03-08 04:36:23 -07:00
|
|
|
venv_dir = str(PROJECT_ROOT / "venv")
|
|
|
|
|
venv_bin = str(PROJECT_ROOT / "venv" / "bin")
|
|
|
|
|
node_bin = str(PROJECT_ROOT / "node_modules" / ".bin")
|
|
|
|
|
|
|
|
|
|
# Build a PATH that includes the venv, node_modules, and standard system dirs
|
|
|
|
|
sane_path = f"{venv_bin}:{node_bin}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
2026-03-14 20:54:51 -07:00
|
|
|
|
2026-03-16 04:42:46 -07:00
|
|
|
hermes_home = str(Path(os.getenv("HERMES_HOME", Path.home() / ".hermes")).resolve())
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if system:
|
|
|
|
|
username, group_name, home_dir = _system_service_identity(run_as_user)
|
|
|
|
|
return f"""[Unit]
|
|
|
|
|
Description={SERVICE_DESCRIPTION}
|
|
|
|
|
After=network-online.target
|
|
|
|
|
Wants=network-online.target
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
Type=simple
|
|
|
|
|
User={username}
|
|
|
|
|
Group={group_name}
|
|
|
|
|
ExecStart={python_path} -m hermes_cli.main gateway run --replace
|
|
|
|
|
WorkingDirectory={working_dir}
|
|
|
|
|
Environment="HOME={home_dir}"
|
|
|
|
|
Environment="USER={username}"
|
|
|
|
|
Environment="LOGNAME={username}"
|
|
|
|
|
Environment="PATH={sane_path}"
|
|
|
|
|
Environment="VIRTUAL_ENV={venv_dir}"
|
2026-03-16 04:42:46 -07:00
|
|
|
Environment="HERMES_HOME={hermes_home}"
|
2026-03-14 20:54:51 -07:00
|
|
|
Restart=on-failure
|
|
|
|
|
RestartSec=10
|
|
|
|
|
KillMode=mixed
|
|
|
|
|
KillSignal=SIGTERM
|
2026-03-16 05:03:11 -07:00
|
|
|
TimeoutStopSec=60
|
2026-03-14 20:54:51 -07:00
|
|
|
StandardOutput=journal
|
|
|
|
|
StandardError=journal
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
|
"""
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
return f"""[Unit]
|
|
|
|
|
Description={SERVICE_DESCRIPTION}
|
|
|
|
|
After=network.target
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
Type=simple
|
2026-03-07 18:08:12 +00:00
|
|
|
ExecStart={python_path} -m hermes_cli.main gateway run --replace
|
2026-02-02 19:01:51 -08:00
|
|
|
WorkingDirectory={working_dir}
|
2026-03-08 04:36:23 -07:00
|
|
|
Environment="PATH={sane_path}"
|
|
|
|
|
Environment="VIRTUAL_ENV={venv_dir}"
|
2026-03-16 04:42:46 -07:00
|
|
|
Environment="HERMES_HOME={hermes_home}"
|
2026-02-02 19:01:51 -08:00
|
|
|
Restart=on-failure
|
|
|
|
|
RestartSec=10
|
2026-03-07 18:08:12 +00:00
|
|
|
KillMode=mixed
|
|
|
|
|
KillSignal=SIGTERM
|
2026-03-16 05:03:11 -07:00
|
|
|
TimeoutStopSec=60
|
2026-02-02 19:01:51 -08:00
|
|
|
StandardOutput=journal
|
|
|
|
|
StandardError=journal
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=default.target
|
|
|
|
|
"""
|
|
|
|
|
|
2026-03-14 07:42:31 -07:00
|
|
|
def _normalize_service_definition(text: str) -> str:
|
|
|
|
|
return "\n".join(line.rstrip() for line in text.strip().splitlines())
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def systemd_unit_is_current(system: bool = False) -> bool:
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
2026-03-14 07:42:31 -07:00
|
|
|
if not unit_path.exists():
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
installed = unit_path.read_text(encoding="utf-8")
|
2026-03-14 20:54:51 -07:00
|
|
|
expected_user = _read_systemd_user_from_unit(unit_path) if system else None
|
|
|
|
|
expected = generate_systemd_unit(system=system, run_as_user=expected_user)
|
2026-03-14 07:42:31 -07:00
|
|
|
return _normalize_service_definition(installed) == _normalize_service_definition(expected)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def refresh_systemd_unit_if_needed(system: bool = False) -> bool:
|
|
|
|
|
"""Rewrite the installed systemd unit when the generated definition has changed."""
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
|
|
|
|
if not unit_path.exists() or systemd_unit_is_current(system=system):
|
2026-03-14 07:42:31 -07:00
|
|
|
return False
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
expected_user = _read_systemd_user_from_unit(unit_path) if system else None
|
|
|
|
|
unit_path.write_text(generate_systemd_unit(system=system, run_as_user=expected_user), encoding="utf-8")
|
|
|
|
|
subprocess.run(_systemctl_cmd(system) + ["daemon-reload"], check=True)
|
|
|
|
|
print(f"↻ Updated gateway {_service_scope_label(system)} service definition to match the current Hermes install")
|
2026-03-14 07:42:31 -07:00
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2026-03-12 12:35:43 +03:00
|
|
|
|
|
|
|
|
def _print_linger_enable_warning(username: str, detail: str | None = None) -> None:
|
|
|
|
|
print()
|
|
|
|
|
print("⚠ Linger not enabled — gateway may stop when you close this terminal.")
|
|
|
|
|
if detail:
|
|
|
|
|
print(f" Auto-enable failed: {detail}")
|
|
|
|
|
print()
|
|
|
|
|
print(" On headless servers (VPS, cloud instances) run:")
|
|
|
|
|
print(f" sudo loginctl enable-linger {username}")
|
|
|
|
|
print()
|
|
|
|
|
print(" Then restart the gateway:")
|
2026-03-16 04:42:46 -07:00
|
|
|
print(f" systemctl --user restart {get_service_name()}.service")
|
2026-03-12 12:35:43 +03:00
|
|
|
print()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _ensure_linger_enabled() -> None:
|
|
|
|
|
"""Enable linger when possible so the user gateway survives logout."""
|
|
|
|
|
if not is_linux():
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
import getpass
|
|
|
|
|
import shutil
|
|
|
|
|
|
|
|
|
|
username = getpass.getuser()
|
|
|
|
|
linger_file = Path(f"/var/lib/systemd/linger/{username}")
|
|
|
|
|
if linger_file.exists():
|
|
|
|
|
print("✓ Systemd linger is enabled (service survives logout)")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
linger_enabled, linger_detail = get_systemd_linger_status()
|
|
|
|
|
if linger_enabled is True:
|
|
|
|
|
print("✓ Systemd linger is enabled (service survives logout)")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
if not shutil.which("loginctl"):
|
|
|
|
|
_print_linger_enable_warning(username, linger_detail or "loginctl not found")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
print("Enabling linger so the gateway survives SSH logout...")
|
|
|
|
|
try:
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
["loginctl", "enable-linger", username],
|
|
|
|
|
capture_output=True,
|
|
|
|
|
text=True,
|
|
|
|
|
check=False,
|
|
|
|
|
)
|
|
|
|
|
except Exception as e:
|
|
|
|
|
_print_linger_enable_warning(username, str(e))
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
if result.returncode == 0:
|
|
|
|
|
print("✓ Linger enabled — gateway will persist after logout")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
detail = (result.stderr or result.stdout or f"exit {result.returncode}").strip()
|
|
|
|
|
_print_linger_enable_warning(username, detail or linger_detail)
|
|
|
|
|
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def _select_systemd_scope(system: bool = False) -> bool:
|
|
|
|
|
if system:
|
|
|
|
|
return True
|
|
|
|
|
return get_systemd_unit_path(system=True).exists() and not get_systemd_unit_path(system=False).exists()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def systemd_install(force: bool = False, system: bool = False, run_as_user: str | None = None):
|
|
|
|
|
if system:
|
|
|
|
|
_require_root_for_system_service("install")
|
|
|
|
|
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
|
|
|
|
scope_flag = " --system" if system else ""
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
if unit_path.exists() and not force:
|
2026-03-17 11:05:28 +08:00
|
|
|
if not systemd_unit_is_current(system=system):
|
|
|
|
|
print(f"↻ Repairing outdated {_service_scope_label(system)} systemd service at: {unit_path}")
|
|
|
|
|
refresh_systemd_unit_if_needed(system=system)
|
|
|
|
|
subprocess.run(_systemctl_cmd(system) + ["enable", get_service_name()], check=True)
|
|
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service definition updated")
|
|
|
|
|
return
|
2026-02-02 19:01:51 -08:00
|
|
|
print(f"Service already installed at: {unit_path}")
|
|
|
|
|
print("Use --force to reinstall")
|
|
|
|
|
return
|
2026-03-14 20:54:51 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
unit_path.parent.mkdir(parents=True, exist_ok=True)
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"Installing {_service_scope_label(system)} systemd service to: {unit_path}")
|
|
|
|
|
unit_path.write_text(generate_systemd_unit(system=system, run_as_user=run_as_user), encoding="utf-8")
|
|
|
|
|
|
|
|
|
|
subprocess.run(_systemctl_cmd(system) + ["daemon-reload"], check=True)
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["enable", get_service_name()], check=True)
|
2026-03-14 20:54:51 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
print()
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service installed and enabled!")
|
2026-02-02 19:01:51 -08:00
|
|
|
print()
|
|
|
|
|
print("Next steps:")
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f" {'sudo ' if system else ''}hermes gateway start{scope_flag} # Start the service")
|
|
|
|
|
print(f" {'sudo ' if system else ''}hermes gateway status{scope_flag} # Check status")
|
2026-03-16 04:42:46 -07:00
|
|
|
print(f" {'journalctl' if system else 'journalctl --user'} -u {get_service_name()} -f # View logs")
|
2026-02-02 19:01:51 -08:00
|
|
|
print()
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if system:
|
|
|
|
|
configured_user = _read_systemd_user_from_unit(unit_path)
|
|
|
|
|
if configured_user:
|
|
|
|
|
print(f"Configured to run as: {configured_user}")
|
|
|
|
|
else:
|
|
|
|
|
_ensure_linger_enabled()
|
|
|
|
|
|
2026-03-14 21:06:52 -07:00
|
|
|
print_systemd_scope_conflict_warning()
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
|
|
|
|
|
def systemd_uninstall(system: bool = False):
|
|
|
|
|
system = _select_systemd_scope(system)
|
|
|
|
|
if system:
|
|
|
|
|
_require_root_for_system_service("uninstall")
|
|
|
|
|
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["stop", get_service_name()], check=False)
|
|
|
|
|
subprocess.run(_systemctl_cmd(system) + ["disable", get_service_name()], check=False)
|
2026-03-14 20:54:51 -07:00
|
|
|
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
2026-02-02 19:01:51 -08:00
|
|
|
if unit_path.exists():
|
|
|
|
|
unit_path.unlink()
|
|
|
|
|
print(f"✓ Removed {unit_path}")
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["daemon-reload"], check=True)
|
|
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service uninstalled")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
2026-03-14 07:42:31 -07:00
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def systemd_start(system: bool = False):
|
|
|
|
|
system = _select_systemd_scope(system)
|
|
|
|
|
if system:
|
|
|
|
|
_require_root_for_system_service("start")
|
|
|
|
|
refresh_systemd_unit_if_needed(system=system)
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["start", get_service_name()], check=True)
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service started")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
2026-03-14 07:42:31 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
def systemd_stop(system: bool = False):
|
|
|
|
|
system = _select_systemd_scope(system)
|
|
|
|
|
if system:
|
|
|
|
|
_require_root_for_system_service("stop")
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["stop", get_service_name()], check=True)
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service stopped")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def systemd_restart(system: bool = False):
|
|
|
|
|
system = _select_systemd_scope(system)
|
|
|
|
|
if system:
|
|
|
|
|
_require_root_for_system_service("restart")
|
|
|
|
|
refresh_systemd_unit_if_needed(system=system)
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_systemctl_cmd(system) + ["restart", get_service_name()], check=True)
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} service restarted")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def systemd_status(deep: bool = False, system: bool = False):
|
|
|
|
|
system = _select_systemd_scope(system)
|
|
|
|
|
unit_path = get_systemd_unit_path(system=system)
|
|
|
|
|
scope_flag = " --system" if system else ""
|
2026-03-14 07:42:31 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
if not unit_path.exists():
|
|
|
|
|
print("✗ Gateway service is not installed")
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f" Run: {'sudo ' if system else ''}hermes gateway install{scope_flag}")
|
2026-02-02 19:01:51 -08:00
|
|
|
return
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-03-14 21:06:52 -07:00
|
|
|
if has_conflicting_systemd_units():
|
|
|
|
|
print_systemd_scope_conflict_warning()
|
|
|
|
|
print()
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if not systemd_unit_is_current(system=system):
|
2026-03-14 07:42:31 -07:00
|
|
|
print("⚠ Installed gateway service definition is outdated")
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f" Run: {'sudo ' if system else ''}hermes gateway restart{scope_flag} # auto-refreshes the unit")
|
2026-03-14 07:42:31 -07:00
|
|
|
print()
|
2026-03-14 20:54:51 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
subprocess.run(
|
2026-03-16 04:42:46 -07:00
|
|
|
_systemctl_cmd(system) + ["status", get_service_name(), "--no-pager"],
|
2026-03-14 20:54:51 -07:00
|
|
|
capture_output=False,
|
2026-02-02 19:01:51 -08:00
|
|
|
)
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
result = subprocess.run(
|
2026-03-16 04:42:46 -07:00
|
|
|
_systemctl_cmd(system) + ["is-active", get_service_name()],
|
2026-02-02 19:01:51 -08:00
|
|
|
capture_output=True,
|
2026-03-14 20:54:51 -07:00
|
|
|
text=True,
|
2026-02-02 19:01:51 -08:00
|
|
|
)
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
status = result.stdout.strip()
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
if status == "active":
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✓ {_service_scope_label(system).capitalize()} gateway service is running")
|
2026-02-02 19:01:51 -08:00
|
|
|
else:
|
2026-03-14 20:54:51 -07:00
|
|
|
print(f"✗ {_service_scope_label(system).capitalize()} gateway service is stopped")
|
|
|
|
|
print(f" Run: {'sudo ' if system else ''}hermes gateway start{scope_flag}")
|
|
|
|
|
|
|
|
|
|
configured_user = _read_systemd_user_from_unit(unit_path) if system else None
|
|
|
|
|
if configured_user:
|
|
|
|
|
print(f"Configured to run as: {configured_user}")
|
2026-03-14 06:11:33 -07:00
|
|
|
|
2026-03-14 12:11:23 -07:00
|
|
|
runtime_lines = _runtime_health_lines()
|
|
|
|
|
if runtime_lines:
|
|
|
|
|
print()
|
|
|
|
|
print("Recent gateway health:")
|
|
|
|
|
for line in runtime_lines:
|
|
|
|
|
print(f" {line}")
|
|
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if system:
|
|
|
|
|
print("✓ System service starts at boot without requiring systemd linger")
|
|
|
|
|
elif deep:
|
2026-03-14 06:11:33 -07:00
|
|
|
print_systemd_linger_guidance()
|
|
|
|
|
else:
|
|
|
|
|
linger_enabled, _ = get_systemd_linger_status()
|
|
|
|
|
if linger_enabled is True:
|
|
|
|
|
print("✓ Systemd linger is enabled (service survives logout)")
|
|
|
|
|
elif linger_enabled is False:
|
|
|
|
|
print("⚠ Systemd linger is disabled (gateway may stop when you log out)")
|
|
|
|
|
print(" Run: sudo loginctl enable-linger $USER")
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
if deep:
|
|
|
|
|
print()
|
|
|
|
|
print("Recent logs:")
|
2026-03-16 04:42:46 -07:00
|
|
|
subprocess.run(_journalctl_cmd(system) + ["-u", get_service_name(), "-n", "20", "--no-pager"])
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
# Launchd (macOS)
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
|
|
|
|
def generate_launchd_plist() -> str:
|
|
|
|
|
python_path = get_python_path()
|
|
|
|
|
working_dir = str(PROJECT_ROOT)
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
log_dir = get_hermes_home() / "logs"
|
2026-02-02 19:01:51 -08:00
|
|
|
log_dir.mkdir(parents=True, exist_ok=True)
|
|
|
|
|
|
|
|
|
|
return f"""<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
|
|
|
<plist version="1.0">
|
|
|
|
|
<dict>
|
|
|
|
|
<key>Label</key>
|
|
|
|
|
<string>ai.hermes.gateway</string>
|
|
|
|
|
|
|
|
|
|
<key>ProgramArguments</key>
|
|
|
|
|
<array>
|
|
|
|
|
<string>{python_path}</string>
|
|
|
|
|
<string>-m</string>
|
|
|
|
|
<string>hermes_cli.main</string>
|
|
|
|
|
<string>gateway</string>
|
|
|
|
|
<string>run</string>
|
fix: hermes update causes dual gateways on macOS (launchd) (#1567)
* feat: add optional smart model routing
Add a conservative cheap-vs-strong routing option that can send very short/simple turns to a cheaper model across providers while keeping the primary model for complex work. Wire it through CLI, gateway, and cron, and document the config.yaml workflow.
* fix(gateway): remove recursive ExecStop from systemd units, extend TimeoutStopSec to 60s
* fix(gateway): avoid recursive ExecStop in user systemd unit
* fix: extend ExecStop removal and TimeoutStopSec=60 to system unit
The cherry-picked PR #1448 fix only covered the user systemd unit.
The system unit had the same TimeoutStopSec=15 and could benefit
from the same 60s timeout for clean shutdown. Also adds a regression
test for the system unit.
---------
Co-authored-by: Ninja <ninja@local>
* feat(skills): add blender-mcp optional skill for 3D modeling
Control a running Blender instance from Hermes via socket connection
to the blender-mcp addon (port 9876). Supports creating 3D objects,
materials, animations, and running arbitrary bpy code.
Placed in optional-skills/ since it requires Blender 4.3+ desktop
with a third-party addon manually started each session.
* feat(acp): support slash commands in ACP adapter (#1532)
Adds /help, /model, /tools, /context, /reset, /compact, /version
to the ACP adapter (VS Code, Zed, JetBrains). Commands are handled
directly in the server without instantiating the TUI — each command
queries agent/session state and returns plain text.
Unrecognized /commands fall through to the LLM as normal messages.
/model uses detect_provider_for_model() for auto-detection when
switching models, matching the CLI and gateway behavior.
Fixes #1402
* fix(logging): improve error logging in session search tool (#1533)
* fix(gateway): restart on retryable startup failures (#1517)
* feat(email): add skip_attachments option via config.yaml
* feat(email): add skip_attachments option via config.yaml
Adds a config.yaml-driven option to skip email attachments in the
gateway email adapter. Useful for malware protection and bandwidth
savings.
Configure in config.yaml:
platforms:
email:
skip_attachments: true
Based on PR #1521 by @an420eth, changed from env var to config.yaml
(via PlatformConfig.extra) to match the project's config-first pattern.
* docs: document skip_attachments option for email adapter
* fix(telegram): retry on transient TLS failures during connect and send
Add exponential-backoff retry (3 attempts) around initialize() to
handle transient TLS resets during gateway startup. Also catches
TimedOut and OSError in addition to NetworkError.
Add exponential-backoff retry (3 attempts) around send_message() for
NetworkError during message delivery, wrapping the existing Markdown
fallback logic.
Both imports are guarded with try/except ImportError for test
environments where telegram is mocked.
Based on PR #1527 by cmd8. Closes #1526.
* feat: permissive block_anchor thresholds and unicode normalization (#1539)
Salvaged from PR #1528 by an420eth. Closes #517.
Improves _strategy_block_anchor in fuzzy_match.py:
- Add unicode normalization (smart quotes, em/en-dashes, ellipsis,
non-breaking spaces → ASCII) so LLM-produced unicode artifacts
don't break anchor line matching
- Lower thresholds: 0.10 for unique matches (was 0.70), 0.30 for
multiple candidates — if first/last lines match exactly, the
block is almost certainly correct
- Use original (non-normalized) content for offset calculation to
preserve correct character positions
Tested: 3 new scenarios fixed (em-dash anchors, non-breaking space
anchors, very-low-similarity unique matches), zero regressions on
all 9 existing fuzzy match tests.
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
* feat(cli): add file path autocomplete in the input prompt (#1545)
When typing a path-like token (./ ../ ~/ / or containing /),
the CLI now shows filesystem completions in the dropdown menu.
Directories show a trailing slash and 'dir' label; files show
their size. Completions are case-insensitive and capped at 30
entries.
Triggered by tokens like:
edit ./src/ma → shows ./src/main.py, ./src/manifest.json, ...
check ~/doc → shows ~/docs/, ~/documents/, ...
read /etc/hos → shows /etc/hosts, /etc/hostname, ...
open tools/reg → shows tools/registry.py
Slash command autocomplete (/help, /model, etc.) is unaffected —
it still triggers when the input starts with /.
Inspired by OpenCode PR #145 (file path completion menu).
Implementation:
- hermes_cli/commands.py: _extract_path_word() detects path-like
tokens, _path_completions() yields filesystem Completions with
size labels, get_completions() routes to paths vs slash commands
- tests/hermes_cli/test_path_completion.py: 26 tests covering
path extraction, prefix filtering, directory markers, home
expansion, case-insensitivity, integration with slash commands
* feat(privacy): redact PII from LLM context when privacy.redact_pii is enabled
Add privacy.redact_pii config option (boolean, default false). When
enabled, the gateway redacts personally identifiable information from
the system prompt before sending it to the LLM provider:
- Phone numbers (user IDs on WhatsApp/Signal) → hashed to user_<sha256>
- User IDs → hashed to user_<sha256>
- Chat IDs → numeric portion hashed, platform prefix preserved
- Home channel IDs → hashed
- Names/usernames → NOT affected (user-chosen, publicly visible)
Hashes are deterministic (same user → same hash) so the model can
still distinguish users in group chats. Routing and delivery use
the original values internally — redaction only affects LLM context.
Inspired by OpenClaw PR #47959.
* fix(privacy): skip PII redaction on Discord/Slack (mentions need real IDs)
Discord uses <@user_id> for mentions and Slack uses <@U12345> — the LLM
needs the real ID to tag users. Redaction now only applies to WhatsApp,
Signal, and Telegram where IDs are pure routing metadata.
Add 4 platform-specific tests covering Discord, WhatsApp, Signal, Slack.
* feat: smart approvals + /stop command (inspired by OpenAI Codex)
* feat: smart approvals — LLM-based risk assessment for dangerous commands
Adds a 'smart' approval mode that uses the auxiliary LLM to assess
whether a flagged command is genuinely dangerous or a false positive,
auto-approving low-risk commands without prompting the user.
Inspired by OpenAI Codex's Smart Approvals guardian subagent
(openai/codex#13860).
Config (config.yaml):
approvals:
mode: manual # manual (default), smart, off
Modes:
- manual — current behavior, always prompt the user
- smart — aux LLM evaluates risk: APPROVE (auto-allow), DENY (block),
or ESCALATE (fall through to manual prompt)
- off — skip all approval prompts (equivalent to --yolo)
When smart mode auto-approves, the pattern gets session-level approval
so subsequent uses of the same pattern don't trigger another LLM call.
When it denies, the command is blocked without user prompt. When
uncertain, it escalates to the normal manual approval flow.
The LLM prompt is carefully scoped: it sees only the command text and
the flagged reason, assesses actual risk vs false positive, and returns
a single-word verdict.
* feat: make smart approval model configurable via config.yaml
Adds auxiliary.approval section to config.yaml with the same
provider/model/base_url/api_key pattern as other aux tasks (vision,
web_extract, compression, etc.).
Config:
auxiliary:
approval:
provider: auto
model: '' # fast/cheap model recommended
base_url: ''
api_key: ''
Bridged to env vars in both CLI and gateway paths so the aux client
picks them up automatically.
* feat: add /stop command to kill all background processes
Adds a /stop slash command that kills all running background processes
at once. Currently users have to process(list) then process(kill) for
each one individually.
Inspired by OpenAI Codex's separation of interrupt (Ctrl+C stops current
turn) from /stop (cleans up background processes). See openai/codex#14602.
Ctrl+C continues to only interrupt the active agent turn — background
dev servers, watchers, etc. are preserved. /stop is the explicit way
to clean them all up.
* feat: first-class plugin architecture + hide status bar cost by default (#1544)
The persistent status bar now shows context %, token counts, and
duration but NOT $ cost by default. Cost display is opt-in via:
display:
show_cost: true
in config.yaml, or: hermes config set display.show_cost true
The /usage command still shows full cost breakdown since the user
explicitly asked for it — this only affects the always-visible bar.
Status bar without cost:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ 15m
Status bar with show_cost: true:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ $0.06 │ 15m
* feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
* feat: improve memory prioritization — user preferences over procedural knowledge
Inspired by OpenAI Codex's memory prompt improvements (openai/codex#14493)
which focus memory writes on user preferences and recurring patterns
rather than procedural task details.
Key insight: 'Optimize for reducing future user steering — the most
valuable memory prevents the user from having to repeat themselves.'
Changes:
- MEMORY_GUIDANCE (prompt_builder.py): added prioritization hierarchy
and the core principle about reducing user steering
- MEMORY_SCHEMA (memory_tool.py): reordered WHEN TO SAVE list to put
corrections first, added explicit PRIORITY guidance
- Memory nudge (run_agent.py): now asks specifically about preferences,
corrections, and workflow patterns instead of generic 'anything'
- Memory flush (run_agent.py): now instructs to prioritize user
preferences and corrections over task-specific details
* feat: more aggressive skill creation and update prompting
Press harder on skill updates — the agent should proactively patch
skills when it encounters issues during use, not wait to be asked.
Changes:
- SKILLS_GUIDANCE: 'consider saving' → 'save'; added explicit instruction
to patch skills immediately when found outdated/wrong
- Skills header: added instruction to update loaded skills before finishing
if they had missing steps or wrong commands
- Skill nudge: more assertive ('save the approach' not 'consider saving'),
now also prompts for updating existing skills used in the task
- Skill nudge interval: lowered default from 15 to 10 iterations
- skill_manage schema: added 'patch it immediately' to update triggers
* feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
* fix: hermes update causes dual gateways on macOS (launchd)
Three bugs worked together to create the dual-gateway problem:
1. cmd_update only checked systemd for gateway restart, completely
ignoring launchd on macOS. After killing the PID it would print
'Restart it with: hermes gateway run' even when launchd was about
to auto-respawn the process.
2. launchd's KeepAlive.SuccessfulExit=false respawns the gateway
after SIGTERM (non-zero exit), so the user's manual restart
created a second instance.
3. The launchd plist lacked --replace (systemd had it), so the
respawned gateway didn't kill stale instances on startup.
Fixes:
- Add --replace to launchd ProgramArguments (matches systemd)
- Add launchd detection to cmd_update's auto-restart logic
- Print 'auto-restart via launchd' instead of manual restart hint
* fix: add launchd plist auto-refresh + explicit restart in cmd_update
Two integration issues with the initial fix:
1. Existing macOS users with old plist (no --replace) would never
get the fix until manual uninstall/reinstall. Added
refresh_launchd_plist_if_needed() — mirrors the existing
refresh_systemd_unit_if_needed(). Called from launchd_start(),
launchd_restart(), and cmd_update.
2. cmd_update relied on KeepAlive respawn after SIGTERM rather than
explicit launchctl stop/start. This caused races: launchd would
respawn the old process before the PID file was cleaned up.
Now does explicit stop+start (matching how systemd gets an
explicit systemctl restart), with plist refresh first so the
new --replace flag is picked up.
---------
Co-authored-by: Ninja <ninja@local>
Co-authored-by: alireza78a <alireza78a@users.noreply.github.com>
Co-authored-by: Oktay Aydin <113846926+aydnOktay@users.noreply.github.com>
Co-authored-by: JP Lew <polydegen@protonmail.com>
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
2026-03-16 12:36:29 -07:00
|
|
|
<string>--replace</string>
|
2026-02-02 19:01:51 -08:00
|
|
|
</array>
|
|
|
|
|
|
|
|
|
|
<key>WorkingDirectory</key>
|
|
|
|
|
<string>{working_dir}</string>
|
|
|
|
|
|
|
|
|
|
<key>RunAtLoad</key>
|
|
|
|
|
<true/>
|
|
|
|
|
|
|
|
|
|
<key>KeepAlive</key>
|
|
|
|
|
<dict>
|
|
|
|
|
<key>SuccessfulExit</key>
|
|
|
|
|
<false/>
|
|
|
|
|
</dict>
|
|
|
|
|
|
|
|
|
|
<key>StandardOutPath</key>
|
|
|
|
|
<string>{log_dir}/gateway.log</string>
|
|
|
|
|
|
|
|
|
|
<key>StandardErrorPath</key>
|
|
|
|
|
<string>{log_dir}/gateway.error.log</string>
|
|
|
|
|
</dict>
|
|
|
|
|
</plist>
|
|
|
|
|
"""
|
|
|
|
|
|
fix: hermes update causes dual gateways on macOS (launchd) (#1567)
* feat: add optional smart model routing
Add a conservative cheap-vs-strong routing option that can send very short/simple turns to a cheaper model across providers while keeping the primary model for complex work. Wire it through CLI, gateway, and cron, and document the config.yaml workflow.
* fix(gateway): remove recursive ExecStop from systemd units, extend TimeoutStopSec to 60s
* fix(gateway): avoid recursive ExecStop in user systemd unit
* fix: extend ExecStop removal and TimeoutStopSec=60 to system unit
The cherry-picked PR #1448 fix only covered the user systemd unit.
The system unit had the same TimeoutStopSec=15 and could benefit
from the same 60s timeout for clean shutdown. Also adds a regression
test for the system unit.
---------
Co-authored-by: Ninja <ninja@local>
* feat(skills): add blender-mcp optional skill for 3D modeling
Control a running Blender instance from Hermes via socket connection
to the blender-mcp addon (port 9876). Supports creating 3D objects,
materials, animations, and running arbitrary bpy code.
Placed in optional-skills/ since it requires Blender 4.3+ desktop
with a third-party addon manually started each session.
* feat(acp): support slash commands in ACP adapter (#1532)
Adds /help, /model, /tools, /context, /reset, /compact, /version
to the ACP adapter (VS Code, Zed, JetBrains). Commands are handled
directly in the server without instantiating the TUI — each command
queries agent/session state and returns plain text.
Unrecognized /commands fall through to the LLM as normal messages.
/model uses detect_provider_for_model() for auto-detection when
switching models, matching the CLI and gateway behavior.
Fixes #1402
* fix(logging): improve error logging in session search tool (#1533)
* fix(gateway): restart on retryable startup failures (#1517)
* feat(email): add skip_attachments option via config.yaml
* feat(email): add skip_attachments option via config.yaml
Adds a config.yaml-driven option to skip email attachments in the
gateway email adapter. Useful for malware protection and bandwidth
savings.
Configure in config.yaml:
platforms:
email:
skip_attachments: true
Based on PR #1521 by @an420eth, changed from env var to config.yaml
(via PlatformConfig.extra) to match the project's config-first pattern.
* docs: document skip_attachments option for email adapter
* fix(telegram): retry on transient TLS failures during connect and send
Add exponential-backoff retry (3 attempts) around initialize() to
handle transient TLS resets during gateway startup. Also catches
TimedOut and OSError in addition to NetworkError.
Add exponential-backoff retry (3 attempts) around send_message() for
NetworkError during message delivery, wrapping the existing Markdown
fallback logic.
Both imports are guarded with try/except ImportError for test
environments where telegram is mocked.
Based on PR #1527 by cmd8. Closes #1526.
* feat: permissive block_anchor thresholds and unicode normalization (#1539)
Salvaged from PR #1528 by an420eth. Closes #517.
Improves _strategy_block_anchor in fuzzy_match.py:
- Add unicode normalization (smart quotes, em/en-dashes, ellipsis,
non-breaking spaces → ASCII) so LLM-produced unicode artifacts
don't break anchor line matching
- Lower thresholds: 0.10 for unique matches (was 0.70), 0.30 for
multiple candidates — if first/last lines match exactly, the
block is almost certainly correct
- Use original (non-normalized) content for offset calculation to
preserve correct character positions
Tested: 3 new scenarios fixed (em-dash anchors, non-breaking space
anchors, very-low-similarity unique matches), zero regressions on
all 9 existing fuzzy match tests.
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
* feat(cli): add file path autocomplete in the input prompt (#1545)
When typing a path-like token (./ ../ ~/ / or containing /),
the CLI now shows filesystem completions in the dropdown menu.
Directories show a trailing slash and 'dir' label; files show
their size. Completions are case-insensitive and capped at 30
entries.
Triggered by tokens like:
edit ./src/ma → shows ./src/main.py, ./src/manifest.json, ...
check ~/doc → shows ~/docs/, ~/documents/, ...
read /etc/hos → shows /etc/hosts, /etc/hostname, ...
open tools/reg → shows tools/registry.py
Slash command autocomplete (/help, /model, etc.) is unaffected —
it still triggers when the input starts with /.
Inspired by OpenCode PR #145 (file path completion menu).
Implementation:
- hermes_cli/commands.py: _extract_path_word() detects path-like
tokens, _path_completions() yields filesystem Completions with
size labels, get_completions() routes to paths vs slash commands
- tests/hermes_cli/test_path_completion.py: 26 tests covering
path extraction, prefix filtering, directory markers, home
expansion, case-insensitivity, integration with slash commands
* feat(privacy): redact PII from LLM context when privacy.redact_pii is enabled
Add privacy.redact_pii config option (boolean, default false). When
enabled, the gateway redacts personally identifiable information from
the system prompt before sending it to the LLM provider:
- Phone numbers (user IDs on WhatsApp/Signal) → hashed to user_<sha256>
- User IDs → hashed to user_<sha256>
- Chat IDs → numeric portion hashed, platform prefix preserved
- Home channel IDs → hashed
- Names/usernames → NOT affected (user-chosen, publicly visible)
Hashes are deterministic (same user → same hash) so the model can
still distinguish users in group chats. Routing and delivery use
the original values internally — redaction only affects LLM context.
Inspired by OpenClaw PR #47959.
* fix(privacy): skip PII redaction on Discord/Slack (mentions need real IDs)
Discord uses <@user_id> for mentions and Slack uses <@U12345> — the LLM
needs the real ID to tag users. Redaction now only applies to WhatsApp,
Signal, and Telegram where IDs are pure routing metadata.
Add 4 platform-specific tests covering Discord, WhatsApp, Signal, Slack.
* feat: smart approvals + /stop command (inspired by OpenAI Codex)
* feat: smart approvals — LLM-based risk assessment for dangerous commands
Adds a 'smart' approval mode that uses the auxiliary LLM to assess
whether a flagged command is genuinely dangerous or a false positive,
auto-approving low-risk commands without prompting the user.
Inspired by OpenAI Codex's Smart Approvals guardian subagent
(openai/codex#13860).
Config (config.yaml):
approvals:
mode: manual # manual (default), smart, off
Modes:
- manual — current behavior, always prompt the user
- smart — aux LLM evaluates risk: APPROVE (auto-allow), DENY (block),
or ESCALATE (fall through to manual prompt)
- off — skip all approval prompts (equivalent to --yolo)
When smart mode auto-approves, the pattern gets session-level approval
so subsequent uses of the same pattern don't trigger another LLM call.
When it denies, the command is blocked without user prompt. When
uncertain, it escalates to the normal manual approval flow.
The LLM prompt is carefully scoped: it sees only the command text and
the flagged reason, assesses actual risk vs false positive, and returns
a single-word verdict.
* feat: make smart approval model configurable via config.yaml
Adds auxiliary.approval section to config.yaml with the same
provider/model/base_url/api_key pattern as other aux tasks (vision,
web_extract, compression, etc.).
Config:
auxiliary:
approval:
provider: auto
model: '' # fast/cheap model recommended
base_url: ''
api_key: ''
Bridged to env vars in both CLI and gateway paths so the aux client
picks them up automatically.
* feat: add /stop command to kill all background processes
Adds a /stop slash command that kills all running background processes
at once. Currently users have to process(list) then process(kill) for
each one individually.
Inspired by OpenAI Codex's separation of interrupt (Ctrl+C stops current
turn) from /stop (cleans up background processes). See openai/codex#14602.
Ctrl+C continues to only interrupt the active agent turn — background
dev servers, watchers, etc. are preserved. /stop is the explicit way
to clean them all up.
* feat: first-class plugin architecture + hide status bar cost by default (#1544)
The persistent status bar now shows context %, token counts, and
duration but NOT $ cost by default. Cost display is opt-in via:
display:
show_cost: true
in config.yaml, or: hermes config set display.show_cost true
The /usage command still shows full cost breakdown since the user
explicitly asked for it — this only affects the always-visible bar.
Status bar without cost:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ 15m
Status bar with show_cost: true:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ $0.06 │ 15m
* feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
* feat: improve memory prioritization — user preferences over procedural knowledge
Inspired by OpenAI Codex's memory prompt improvements (openai/codex#14493)
which focus memory writes on user preferences and recurring patterns
rather than procedural task details.
Key insight: 'Optimize for reducing future user steering — the most
valuable memory prevents the user from having to repeat themselves.'
Changes:
- MEMORY_GUIDANCE (prompt_builder.py): added prioritization hierarchy
and the core principle about reducing user steering
- MEMORY_SCHEMA (memory_tool.py): reordered WHEN TO SAVE list to put
corrections first, added explicit PRIORITY guidance
- Memory nudge (run_agent.py): now asks specifically about preferences,
corrections, and workflow patterns instead of generic 'anything'
- Memory flush (run_agent.py): now instructs to prioritize user
preferences and corrections over task-specific details
* feat: more aggressive skill creation and update prompting
Press harder on skill updates — the agent should proactively patch
skills when it encounters issues during use, not wait to be asked.
Changes:
- SKILLS_GUIDANCE: 'consider saving' → 'save'; added explicit instruction
to patch skills immediately when found outdated/wrong
- Skills header: added instruction to update loaded skills before finishing
if they had missing steps or wrong commands
- Skill nudge: more assertive ('save the approach' not 'consider saving'),
now also prompts for updating existing skills used in the task
- Skill nudge interval: lowered default from 15 to 10 iterations
- skill_manage schema: added 'patch it immediately' to update triggers
* feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
* fix: hermes update causes dual gateways on macOS (launchd)
Three bugs worked together to create the dual-gateway problem:
1. cmd_update only checked systemd for gateway restart, completely
ignoring launchd on macOS. After killing the PID it would print
'Restart it with: hermes gateway run' even when launchd was about
to auto-respawn the process.
2. launchd's KeepAlive.SuccessfulExit=false respawns the gateway
after SIGTERM (non-zero exit), so the user's manual restart
created a second instance.
3. The launchd plist lacked --replace (systemd had it), so the
respawned gateway didn't kill stale instances on startup.
Fixes:
- Add --replace to launchd ProgramArguments (matches systemd)
- Add launchd detection to cmd_update's auto-restart logic
- Print 'auto-restart via launchd' instead of manual restart hint
* fix: add launchd plist auto-refresh + explicit restart in cmd_update
Two integration issues with the initial fix:
1. Existing macOS users with old plist (no --replace) would never
get the fix until manual uninstall/reinstall. Added
refresh_launchd_plist_if_needed() — mirrors the existing
refresh_systemd_unit_if_needed(). Called from launchd_start(),
launchd_restart(), and cmd_update.
2. cmd_update relied on KeepAlive respawn after SIGTERM rather than
explicit launchctl stop/start. This caused races: launchd would
respawn the old process before the PID file was cleaned up.
Now does explicit stop+start (matching how systemd gets an
explicit systemctl restart), with plist refresh first so the
new --replace flag is picked up.
---------
Co-authored-by: Ninja <ninja@local>
Co-authored-by: alireza78a <alireza78a@users.noreply.github.com>
Co-authored-by: Oktay Aydin <113846926+aydnOktay@users.noreply.github.com>
Co-authored-by: JP Lew <polydegen@protonmail.com>
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
2026-03-16 12:36:29 -07:00
|
|
|
def launchd_plist_is_current() -> bool:
|
|
|
|
|
"""Check if the installed launchd plist matches the currently generated one."""
|
|
|
|
|
plist_path = get_launchd_plist_path()
|
|
|
|
|
if not plist_path.exists():
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
installed = plist_path.read_text(encoding="utf-8")
|
|
|
|
|
expected = generate_launchd_plist()
|
|
|
|
|
return _normalize_service_definition(installed) == _normalize_service_definition(expected)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def refresh_launchd_plist_if_needed() -> bool:
|
|
|
|
|
"""Rewrite the installed launchd plist when the generated definition has changed.
|
|
|
|
|
|
|
|
|
|
Unlike systemd, launchd picks up plist changes on the next ``launchctl stop``/
|
|
|
|
|
``launchctl start`` cycle — no daemon-reload is needed. We still unload/reload
|
|
|
|
|
to make launchd re-read the updated plist immediately.
|
|
|
|
|
"""
|
|
|
|
|
plist_path = get_launchd_plist_path()
|
|
|
|
|
if not plist_path.exists() or launchd_plist_is_current():
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
plist_path.write_text(generate_launchd_plist(), encoding="utf-8")
|
|
|
|
|
# Unload/reload so launchd picks up the new definition
|
|
|
|
|
subprocess.run(["launchctl", "unload", str(plist_path)], check=False)
|
|
|
|
|
subprocess.run(["launchctl", "load", str(plist_path)], check=False)
|
|
|
|
|
print("↻ Updated gateway launchd service definition to match the current Hermes install")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
def launchd_install(force: bool = False):
|
|
|
|
|
plist_path = get_launchd_plist_path()
|
|
|
|
|
|
|
|
|
|
if plist_path.exists() and not force:
|
2026-03-17 11:05:28 +08:00
|
|
|
if not launchd_plist_is_current():
|
|
|
|
|
print(f"↻ Repairing outdated launchd service at: {plist_path}")
|
|
|
|
|
refresh_launchd_plist_if_needed()
|
|
|
|
|
print("✓ Service definition updated")
|
|
|
|
|
return
|
2026-02-02 19:01:51 -08:00
|
|
|
print(f"Service already installed at: {plist_path}")
|
|
|
|
|
print("Use --force to reinstall")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
plist_path.parent.mkdir(parents=True, exist_ok=True)
|
|
|
|
|
print(f"Installing launchd service to: {plist_path}")
|
|
|
|
|
plist_path.write_text(generate_launchd_plist())
|
|
|
|
|
|
|
|
|
|
subprocess.run(["launchctl", "load", str(plist_path)], check=True)
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print("✓ Service installed and loaded!")
|
|
|
|
|
print()
|
|
|
|
|
print("Next steps:")
|
|
|
|
|
print(" hermes gateway status # Check status")
|
|
|
|
|
print(" tail -f ~/.hermes/logs/gateway.log # View logs")
|
|
|
|
|
|
|
|
|
|
def launchd_uninstall():
|
|
|
|
|
plist_path = get_launchd_plist_path()
|
|
|
|
|
subprocess.run(["launchctl", "unload", str(plist_path)], check=False)
|
|
|
|
|
|
|
|
|
|
if plist_path.exists():
|
|
|
|
|
plist_path.unlink()
|
|
|
|
|
print(f"✓ Removed {plist_path}")
|
|
|
|
|
|
|
|
|
|
print("✓ Service uninstalled")
|
|
|
|
|
|
|
|
|
|
def launchd_start():
|
fix: hermes update causes dual gateways on macOS (launchd) (#1567)
* feat: add optional smart model routing
Add a conservative cheap-vs-strong routing option that can send very short/simple turns to a cheaper model across providers while keeping the primary model for complex work. Wire it through CLI, gateway, and cron, and document the config.yaml workflow.
* fix(gateway): remove recursive ExecStop from systemd units, extend TimeoutStopSec to 60s
* fix(gateway): avoid recursive ExecStop in user systemd unit
* fix: extend ExecStop removal and TimeoutStopSec=60 to system unit
The cherry-picked PR #1448 fix only covered the user systemd unit.
The system unit had the same TimeoutStopSec=15 and could benefit
from the same 60s timeout for clean shutdown. Also adds a regression
test for the system unit.
---------
Co-authored-by: Ninja <ninja@local>
* feat(skills): add blender-mcp optional skill for 3D modeling
Control a running Blender instance from Hermes via socket connection
to the blender-mcp addon (port 9876). Supports creating 3D objects,
materials, animations, and running arbitrary bpy code.
Placed in optional-skills/ since it requires Blender 4.3+ desktop
with a third-party addon manually started each session.
* feat(acp): support slash commands in ACP adapter (#1532)
Adds /help, /model, /tools, /context, /reset, /compact, /version
to the ACP adapter (VS Code, Zed, JetBrains). Commands are handled
directly in the server without instantiating the TUI — each command
queries agent/session state and returns plain text.
Unrecognized /commands fall through to the LLM as normal messages.
/model uses detect_provider_for_model() for auto-detection when
switching models, matching the CLI and gateway behavior.
Fixes #1402
* fix(logging): improve error logging in session search tool (#1533)
* fix(gateway): restart on retryable startup failures (#1517)
* feat(email): add skip_attachments option via config.yaml
* feat(email): add skip_attachments option via config.yaml
Adds a config.yaml-driven option to skip email attachments in the
gateway email adapter. Useful for malware protection and bandwidth
savings.
Configure in config.yaml:
platforms:
email:
skip_attachments: true
Based on PR #1521 by @an420eth, changed from env var to config.yaml
(via PlatformConfig.extra) to match the project's config-first pattern.
* docs: document skip_attachments option for email adapter
* fix(telegram): retry on transient TLS failures during connect and send
Add exponential-backoff retry (3 attempts) around initialize() to
handle transient TLS resets during gateway startup. Also catches
TimedOut and OSError in addition to NetworkError.
Add exponential-backoff retry (3 attempts) around send_message() for
NetworkError during message delivery, wrapping the existing Markdown
fallback logic.
Both imports are guarded with try/except ImportError for test
environments where telegram is mocked.
Based on PR #1527 by cmd8. Closes #1526.
* feat: permissive block_anchor thresholds and unicode normalization (#1539)
Salvaged from PR #1528 by an420eth. Closes #517.
Improves _strategy_block_anchor in fuzzy_match.py:
- Add unicode normalization (smart quotes, em/en-dashes, ellipsis,
non-breaking spaces → ASCII) so LLM-produced unicode artifacts
don't break anchor line matching
- Lower thresholds: 0.10 for unique matches (was 0.70), 0.30 for
multiple candidates — if first/last lines match exactly, the
block is almost certainly correct
- Use original (non-normalized) content for offset calculation to
preserve correct character positions
Tested: 3 new scenarios fixed (em-dash anchors, non-breaking space
anchors, very-low-similarity unique matches), zero regressions on
all 9 existing fuzzy match tests.
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
* feat(cli): add file path autocomplete in the input prompt (#1545)
When typing a path-like token (./ ../ ~/ / or containing /),
the CLI now shows filesystem completions in the dropdown menu.
Directories show a trailing slash and 'dir' label; files show
their size. Completions are case-insensitive and capped at 30
entries.
Triggered by tokens like:
edit ./src/ma → shows ./src/main.py, ./src/manifest.json, ...
check ~/doc → shows ~/docs/, ~/documents/, ...
read /etc/hos → shows /etc/hosts, /etc/hostname, ...
open tools/reg → shows tools/registry.py
Slash command autocomplete (/help, /model, etc.) is unaffected —
it still triggers when the input starts with /.
Inspired by OpenCode PR #145 (file path completion menu).
Implementation:
- hermes_cli/commands.py: _extract_path_word() detects path-like
tokens, _path_completions() yields filesystem Completions with
size labels, get_completions() routes to paths vs slash commands
- tests/hermes_cli/test_path_completion.py: 26 tests covering
path extraction, prefix filtering, directory markers, home
expansion, case-insensitivity, integration with slash commands
* feat(privacy): redact PII from LLM context when privacy.redact_pii is enabled
Add privacy.redact_pii config option (boolean, default false). When
enabled, the gateway redacts personally identifiable information from
the system prompt before sending it to the LLM provider:
- Phone numbers (user IDs on WhatsApp/Signal) → hashed to user_<sha256>
- User IDs → hashed to user_<sha256>
- Chat IDs → numeric portion hashed, platform prefix preserved
- Home channel IDs → hashed
- Names/usernames → NOT affected (user-chosen, publicly visible)
Hashes are deterministic (same user → same hash) so the model can
still distinguish users in group chats. Routing and delivery use
the original values internally — redaction only affects LLM context.
Inspired by OpenClaw PR #47959.
* fix(privacy): skip PII redaction on Discord/Slack (mentions need real IDs)
Discord uses <@user_id> for mentions and Slack uses <@U12345> — the LLM
needs the real ID to tag users. Redaction now only applies to WhatsApp,
Signal, and Telegram where IDs are pure routing metadata.
Add 4 platform-specific tests covering Discord, WhatsApp, Signal, Slack.
* feat: smart approvals + /stop command (inspired by OpenAI Codex)
* feat: smart approvals — LLM-based risk assessment for dangerous commands
Adds a 'smart' approval mode that uses the auxiliary LLM to assess
whether a flagged command is genuinely dangerous or a false positive,
auto-approving low-risk commands without prompting the user.
Inspired by OpenAI Codex's Smart Approvals guardian subagent
(openai/codex#13860).
Config (config.yaml):
approvals:
mode: manual # manual (default), smart, off
Modes:
- manual — current behavior, always prompt the user
- smart — aux LLM evaluates risk: APPROVE (auto-allow), DENY (block),
or ESCALATE (fall through to manual prompt)
- off — skip all approval prompts (equivalent to --yolo)
When smart mode auto-approves, the pattern gets session-level approval
so subsequent uses of the same pattern don't trigger another LLM call.
When it denies, the command is blocked without user prompt. When
uncertain, it escalates to the normal manual approval flow.
The LLM prompt is carefully scoped: it sees only the command text and
the flagged reason, assesses actual risk vs false positive, and returns
a single-word verdict.
* feat: make smart approval model configurable via config.yaml
Adds auxiliary.approval section to config.yaml with the same
provider/model/base_url/api_key pattern as other aux tasks (vision,
web_extract, compression, etc.).
Config:
auxiliary:
approval:
provider: auto
model: '' # fast/cheap model recommended
base_url: ''
api_key: ''
Bridged to env vars in both CLI and gateway paths so the aux client
picks them up automatically.
* feat: add /stop command to kill all background processes
Adds a /stop slash command that kills all running background processes
at once. Currently users have to process(list) then process(kill) for
each one individually.
Inspired by OpenAI Codex's separation of interrupt (Ctrl+C stops current
turn) from /stop (cleans up background processes). See openai/codex#14602.
Ctrl+C continues to only interrupt the active agent turn — background
dev servers, watchers, etc. are preserved. /stop is the explicit way
to clean them all up.
* feat: first-class plugin architecture + hide status bar cost by default (#1544)
The persistent status bar now shows context %, token counts, and
duration but NOT $ cost by default. Cost display is opt-in via:
display:
show_cost: true
in config.yaml, or: hermes config set display.show_cost true
The /usage command still shows full cost breakdown since the user
explicitly asked for it — this only affects the always-visible bar.
Status bar without cost:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ 15m
Status bar with show_cost: true:
⚕ claude-sonnet-4 │ 12K/200K │ 6% │ $0.06 │ 15m
* feat: improve memory prioritization + aggressive skill updates (inspired by OpenAI Codex)
* feat: improve memory prioritization — user preferences over procedural knowledge
Inspired by OpenAI Codex's memory prompt improvements (openai/codex#14493)
which focus memory writes on user preferences and recurring patterns
rather than procedural task details.
Key insight: 'Optimize for reducing future user steering — the most
valuable memory prevents the user from having to repeat themselves.'
Changes:
- MEMORY_GUIDANCE (prompt_builder.py): added prioritization hierarchy
and the core principle about reducing user steering
- MEMORY_SCHEMA (memory_tool.py): reordered WHEN TO SAVE list to put
corrections first, added explicit PRIORITY guidance
- Memory nudge (run_agent.py): now asks specifically about preferences,
corrections, and workflow patterns instead of generic 'anything'
- Memory flush (run_agent.py): now instructs to prioritize user
preferences and corrections over task-specific details
* feat: more aggressive skill creation and update prompting
Press harder on skill updates — the agent should proactively patch
skills when it encounters issues during use, not wait to be asked.
Changes:
- SKILLS_GUIDANCE: 'consider saving' → 'save'; added explicit instruction
to patch skills immediately when found outdated/wrong
- Skills header: added instruction to update loaded skills before finishing
if they had missing steps or wrong commands
- Skill nudge: more assertive ('save the approach' not 'consider saving'),
now also prompts for updating existing skills used in the task
- Skill nudge interval: lowered default from 15 to 10 iterations
- skill_manage schema: added 'patch it immediately' to update triggers
* feat: first-class plugin architecture (#1555)
Plugin system for extending Hermes with custom tools, hooks, and
integrations — no source code changes required.
Core system (hermes_cli/plugins.py):
- Plugin discovery from ~/.hermes/plugins/, .hermes/plugins/, and
pip entry_points (hermes_agent.plugins group)
- PluginContext with register_tool() and register_hook()
- 6 lifecycle hooks: pre/post tool_call, pre/post llm_call,
on_session_start/end
- Namespace package handling for relative imports in plugins
- Graceful error isolation — broken plugins never crash the agent
Integration (model_tools.py):
- Plugin discovery runs after built-in + MCP tools
- Plugin tools bypass toolset filter via get_plugin_tool_names()
- Pre/post tool call hooks fire in handle_function_call()
CLI:
- /plugins command shows loaded plugins, tool counts, status
- Added to COMMANDS dict for autocomplete
Docs:
- Getting started guide (build-a-hermes-plugin.md) — full tutorial
building a calculator plugin step by step
- Reference page (features/plugins.md) — quick overview + tables
- Covers: file structure, schemas, handlers, hooks, data files,
bundled skills, env var gating, pip distribution, common mistakes
Tests: 16 tests covering discovery, loading, hooks, tool visibility.
* fix: hermes update causes dual gateways on macOS (launchd)
Three bugs worked together to create the dual-gateway problem:
1. cmd_update only checked systemd for gateway restart, completely
ignoring launchd on macOS. After killing the PID it would print
'Restart it with: hermes gateway run' even when launchd was about
to auto-respawn the process.
2. launchd's KeepAlive.SuccessfulExit=false respawns the gateway
after SIGTERM (non-zero exit), so the user's manual restart
created a second instance.
3. The launchd plist lacked --replace (systemd had it), so the
respawned gateway didn't kill stale instances on startup.
Fixes:
- Add --replace to launchd ProgramArguments (matches systemd)
- Add launchd detection to cmd_update's auto-restart logic
- Print 'auto-restart via launchd' instead of manual restart hint
* fix: add launchd plist auto-refresh + explicit restart in cmd_update
Two integration issues with the initial fix:
1. Existing macOS users with old plist (no --replace) would never
get the fix until manual uninstall/reinstall. Added
refresh_launchd_plist_if_needed() — mirrors the existing
refresh_systemd_unit_if_needed(). Called from launchd_start(),
launchd_restart(), and cmd_update.
2. cmd_update relied on KeepAlive respawn after SIGTERM rather than
explicit launchctl stop/start. This caused races: launchd would
respawn the old process before the PID file was cleaned up.
Now does explicit stop+start (matching how systemd gets an
explicit systemctl restart), with plist refresh first so the
new --replace flag is picked up.
---------
Co-authored-by: Ninja <ninja@local>
Co-authored-by: alireza78a <alireza78a@users.noreply.github.com>
Co-authored-by: Oktay Aydin <113846926+aydnOktay@users.noreply.github.com>
Co-authored-by: JP Lew <polydegen@protonmail.com>
Co-authored-by: an420eth <an420eth@users.noreply.github.com>
2026-03-16 12:36:29 -07:00
|
|
|
refresh_launchd_plist_if_needed()
|
2026-03-17 11:05:28 +08:00
|
|
|
plist_path = get_launchd_plist_path()
|
|
|
|
|
try:
|
|
|
|
|
subprocess.run(["launchctl", "start", "ai.hermes.gateway"], check=True)
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
if e.returncode != 3 or not plist_path.exists():
|
|
|
|
|
raise
|
|
|
|
|
print("↻ launchd job was unloaded; reloading service definition")
|
|
|
|
|
subprocess.run(["launchctl", "load", str(plist_path)], check=True)
|
|
|
|
|
subprocess.run(["launchctl", "start", "ai.hermes.gateway"], check=True)
|
2026-02-02 19:01:51 -08:00
|
|
|
print("✓ Service started")
|
|
|
|
|
|
|
|
|
|
def launchd_stop():
|
|
|
|
|
subprocess.run(["launchctl", "stop", "ai.hermes.gateway"], check=True)
|
|
|
|
|
print("✓ Service stopped")
|
|
|
|
|
|
|
|
|
|
def launchd_restart():
|
2026-03-17 11:05:28 +08:00
|
|
|
try:
|
|
|
|
|
launchd_stop()
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
if e.returncode != 3:
|
|
|
|
|
raise
|
|
|
|
|
print("↻ launchd job was unloaded; skipping stop")
|
2026-02-02 19:01:51 -08:00
|
|
|
launchd_start()
|
|
|
|
|
|
|
|
|
|
def launchd_status(deep: bool = False):
|
2026-03-17 11:05:28 +08:00
|
|
|
plist_path = get_launchd_plist_path()
|
2026-02-02 19:01:51 -08:00
|
|
|
result = subprocess.run(
|
|
|
|
|
["launchctl", "list", "ai.hermes.gateway"],
|
|
|
|
|
capture_output=True,
|
|
|
|
|
text=True
|
|
|
|
|
)
|
2026-03-17 11:05:28 +08:00
|
|
|
|
|
|
|
|
print(f"Launchd plist: {plist_path}")
|
|
|
|
|
if launchd_plist_is_current():
|
|
|
|
|
print("✓ Service definition matches the current Hermes install")
|
|
|
|
|
else:
|
|
|
|
|
print("⚠ Service definition is stale relative to the current Hermes install")
|
|
|
|
|
print(" Run: hermes gateway start")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
if result.returncode == 0:
|
|
|
|
|
print("✓ Gateway service is loaded")
|
|
|
|
|
print(result.stdout)
|
|
|
|
|
else:
|
|
|
|
|
print("✗ Gateway service is not loaded")
|
2026-03-17 11:05:28 +08:00
|
|
|
print(" Service definition exists locally but launchd has not loaded it.")
|
|
|
|
|
print(" Run: hermes gateway start")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
if deep:
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
log_file = get_hermes_home() / "logs" / "gateway.log"
|
2026-02-02 19:01:51 -08:00
|
|
|
if log_file.exists():
|
|
|
|
|
print()
|
|
|
|
|
print("Recent logs:")
|
|
|
|
|
subprocess.run(["tail", "-20", str(log_file)])
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
# Gateway Runner
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
2026-03-07 18:08:12 +00:00
|
|
|
def run_gateway(verbose: bool = False, replace: bool = False):
|
|
|
|
|
"""Run the gateway in foreground.
|
|
|
|
|
|
|
|
|
|
Args:
|
|
|
|
|
verbose: Enable verbose logging output.
|
|
|
|
|
replace: If True, kill any existing gateway instance before starting.
|
|
|
|
|
This prevents systemd restart loops when the old process
|
|
|
|
|
hasn't fully exited yet.
|
|
|
|
|
"""
|
2026-02-02 19:01:51 -08:00
|
|
|
sys.path.insert(0, str(PROJECT_ROOT))
|
|
|
|
|
|
|
|
|
|
from gateway.run import start_gateway
|
|
|
|
|
|
|
|
|
|
print("┌─────────────────────────────────────────────────────────┐")
|
2026-02-20 21:25:04 -08:00
|
|
|
print("│ ⚕ Hermes Gateway Starting... │")
|
2026-02-02 19:01:51 -08:00
|
|
|
print("├─────────────────────────────────────────────────────────┤")
|
2026-02-21 16:21:19 -08:00
|
|
|
print("│ Messaging platforms + cron scheduler │")
|
2026-02-02 19:01:51 -08:00
|
|
|
print("│ Press Ctrl+C to stop │")
|
|
|
|
|
print("└─────────────────────────────────────────────────────────┘")
|
|
|
|
|
print()
|
|
|
|
|
|
2026-02-10 16:01:00 -08:00
|
|
|
# Exit with code 1 if gateway fails to connect any platform,
|
|
|
|
|
# so systemd Restart=on-failure will retry on transient errors
|
2026-03-07 18:08:12 +00:00
|
|
|
success = asyncio.run(start_gateway(replace=replace))
|
2026-02-10 16:01:00 -08:00
|
|
|
if not success:
|
|
|
|
|
sys.exit(1)
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Gateway Setup (Interactive Messaging Platform Configuration)
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
|
|
|
|
# Per-platform config: each entry defines the env vars, setup instructions,
|
|
|
|
|
# and prompts needed to configure a messaging platform.
|
|
|
|
|
_PLATFORMS = [
|
|
|
|
|
{
|
|
|
|
|
"key": "telegram",
|
|
|
|
|
"label": "Telegram",
|
|
|
|
|
"emoji": "📱",
|
|
|
|
|
"token_var": "TELEGRAM_BOT_TOKEN",
|
2026-03-03 20:05:15 -08:00
|
|
|
"setup_instructions": [
|
|
|
|
|
"1. Open Telegram and message @BotFather",
|
|
|
|
|
"2. Send /newbot and follow the prompts to create your bot",
|
|
|
|
|
"3. Copy the bot token BotFather gives you",
|
|
|
|
|
"4. To find your user ID: message @userinfobot — it replies with your numeric ID",
|
|
|
|
|
],
|
2026-03-03 18:57:33 -08:00
|
|
|
"vars": [
|
|
|
|
|
{"name": "TELEGRAM_BOT_TOKEN", "prompt": "Bot token", "password": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste the token from @BotFather (step 3 above)."},
|
2026-03-03 19:55:06 -08:00
|
|
|
{"name": "TELEGRAM_ALLOWED_USERS", "prompt": "Allowed user IDs (comma-separated)", "password": False,
|
|
|
|
|
"is_allowlist": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste your user ID from step 4 above."},
|
2026-03-03 18:57:33 -08:00
|
|
|
{"name": "TELEGRAM_HOME_CHANNEL", "prompt": "Home channel ID (for cron/notification delivery, or empty to set later with /set-home)", "password": False,
|
|
|
|
|
"help": "For DMs, this is your user ID. You can set it later by typing /set-home in chat."},
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"key": "discord",
|
|
|
|
|
"label": "Discord",
|
|
|
|
|
"emoji": "💬",
|
|
|
|
|
"token_var": "DISCORD_BOT_TOKEN",
|
2026-03-03 20:05:15 -08:00
|
|
|
"setup_instructions": [
|
|
|
|
|
"1. Go to https://discord.com/developers/applications → New Application",
|
|
|
|
|
"2. Go to Bot → Reset Token → copy the bot token",
|
|
|
|
|
"3. Enable: Bot → Privileged Gateway Intents → Message Content Intent",
|
|
|
|
|
"4. Invite the bot to your server:",
|
|
|
|
|
" OAuth2 → URL Generator → check BOTH scopes:",
|
|
|
|
|
" - bot",
|
|
|
|
|
" - applications.commands (required for slash commands!)",
|
|
|
|
|
" Bot Permissions: Send Messages, Read Message History, Attach Files",
|
|
|
|
|
" Copy the URL and open it in your browser to invite.",
|
|
|
|
|
"5. Get your user ID: enable Developer Mode in Discord settings,",
|
|
|
|
|
" then right-click your name → Copy ID",
|
|
|
|
|
],
|
2026-03-03 18:57:33 -08:00
|
|
|
"vars": [
|
|
|
|
|
{"name": "DISCORD_BOT_TOKEN", "prompt": "Bot token", "password": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste the token from step 2 above."},
|
2026-03-03 19:55:06 -08:00
|
|
|
{"name": "DISCORD_ALLOWED_USERS", "prompt": "Allowed user IDs or usernames (comma-separated)", "password": False,
|
|
|
|
|
"is_allowlist": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste your user ID from step 5 above."},
|
2026-03-03 18:57:33 -08:00
|
|
|
{"name": "DISCORD_HOME_CHANNEL", "prompt": "Home channel ID (for cron/notification delivery, or empty to set later with /set-home)", "password": False,
|
|
|
|
|
"help": "Right-click a channel → Copy Channel ID (requires Developer Mode)."},
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"key": "slack",
|
|
|
|
|
"label": "Slack",
|
|
|
|
|
"emoji": "💼",
|
|
|
|
|
"token_var": "SLACK_BOT_TOKEN",
|
2026-03-03 20:05:15 -08:00
|
|
|
"setup_instructions": [
|
|
|
|
|
"1. Go to https://api.slack.com/apps → Create New App → From Scratch",
|
2026-03-09 14:31:19 -07:00
|
|
|
"2. Enable Socket Mode: Settings → Socket Mode → Enable",
|
|
|
|
|
" Create an App-Level Token with scope: connections:write → copy xapp-... token",
|
|
|
|
|
"3. Add Bot Token Scopes: Features → OAuth & Permissions → Scopes",
|
|
|
|
|
" Required: chat:write, app_mentions:read, channels:history, channels:read,",
|
|
|
|
|
" groups:history, im:history, im:read, im:write, users:read, files:write",
|
|
|
|
|
"4. Subscribe to Events: Features → Event Subscriptions → Enable",
|
|
|
|
|
" Required events: message.im, message.channels, app_mention",
|
|
|
|
|
" Optional: message.groups (for private channels)",
|
|
|
|
|
" ⚠ Without message.channels the bot will ONLY work in DMs!",
|
|
|
|
|
"5. Install to Workspace: Settings → Install App → copy xoxb-... token",
|
|
|
|
|
"6. Reinstall the app after any scope or event changes",
|
2026-03-03 20:05:15 -08:00
|
|
|
"7. Find your user ID: click your profile → three dots → Copy member ID",
|
2026-03-09 14:31:19 -07:00
|
|
|
"8. Invite the bot to channels: /invite @YourBot",
|
2026-03-03 20:05:15 -08:00
|
|
|
],
|
2026-03-03 18:57:33 -08:00
|
|
|
"vars": [
|
|
|
|
|
{"name": "SLACK_BOT_TOKEN", "prompt": "Bot Token (xoxb-...)", "password": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste the bot token from step 3 above."},
|
2026-03-03 18:57:33 -08:00
|
|
|
{"name": "SLACK_APP_TOKEN", "prompt": "App Token (xapp-...)", "password": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste the app-level token from step 4 above."},
|
2026-03-03 19:55:06 -08:00
|
|
|
{"name": "SLACK_ALLOWED_USERS", "prompt": "Allowed user IDs (comma-separated)", "password": False,
|
|
|
|
|
"is_allowlist": True,
|
2026-03-03 20:05:15 -08:00
|
|
|
"help": "Paste your member ID from step 7 above."},
|
2026-03-03 18:57:33 -08:00
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"key": "whatsapp",
|
|
|
|
|
"label": "WhatsApp",
|
|
|
|
|
"emoji": "📲",
|
|
|
|
|
"token_var": "WHATSAPP_ENABLED",
|
|
|
|
|
},
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
{
|
|
|
|
|
"key": "signal",
|
|
|
|
|
"label": "Signal",
|
|
|
|
|
"emoji": "📡",
|
|
|
|
|
"token_var": "SIGNAL_HTTP_URL",
|
|
|
|
|
},
|
feat: add email gateway platform (IMAP/SMTP)
Allow users to interact with Hermes by sending and receiving emails.
Uses IMAP polling for incoming messages and SMTP for replies with
proper threading (In-Reply-To, References headers).
Integrates with all 14 gateway extension points: config, adapter
factory, authorization, send_message tool, cron delivery, toolsets,
prompt hints, channel directory, setup wizard, status display, and
env example.
65 tests covering config, parsing, dispatch, threading, IMAP fetch,
SMTP send, attachments, and all integration points.
2026-03-10 03:15:38 +03:00
|
|
|
{
|
|
|
|
|
"key": "email",
|
|
|
|
|
"label": "Email",
|
|
|
|
|
"emoji": "📧",
|
|
|
|
|
"token_var": "EMAIL_ADDRESS",
|
|
|
|
|
"setup_instructions": [
|
|
|
|
|
"1. Use a dedicated email account for your Hermes agent",
|
|
|
|
|
"2. For Gmail: enable 2FA, then create an App Password at",
|
|
|
|
|
" https://myaccount.google.com/apppasswords",
|
|
|
|
|
"3. For other providers: use your email password or app-specific password",
|
|
|
|
|
"4. IMAP must be enabled on your email account",
|
|
|
|
|
],
|
|
|
|
|
"vars": [
|
|
|
|
|
{"name": "EMAIL_ADDRESS", "prompt": "Email address", "password": False,
|
|
|
|
|
"help": "The email address Hermes will use (e.g., hermes@gmail.com)."},
|
|
|
|
|
{"name": "EMAIL_PASSWORD", "prompt": "Email password (or app password)", "password": True,
|
|
|
|
|
"help": "For Gmail, use an App Password (not your regular password)."},
|
|
|
|
|
{"name": "EMAIL_IMAP_HOST", "prompt": "IMAP host", "password": False,
|
|
|
|
|
"help": "e.g., imap.gmail.com for Gmail, outlook.office365.com for Outlook."},
|
|
|
|
|
{"name": "EMAIL_SMTP_HOST", "prompt": "SMTP host", "password": False,
|
|
|
|
|
"help": "e.g., smtp.gmail.com for Gmail, smtp.office365.com for Outlook."},
|
|
|
|
|
{"name": "EMAIL_ALLOWED_USERS", "prompt": "Allowed sender emails (comma-separated)", "password": False,
|
|
|
|
|
"is_allowlist": True,
|
|
|
|
|
"help": "Only emails from these addresses will be processed."},
|
|
|
|
|
],
|
|
|
|
|
},
|
2026-03-03 18:57:33 -08:00
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _platform_status(platform: dict) -> str:
|
2026-03-03 19:04:32 -08:00
|
|
|
"""Return a plain-text status string for a platform.
|
|
|
|
|
|
|
|
|
|
Returns uncolored text so it can safely be embedded in
|
|
|
|
|
simple_term_menu items (ANSI codes break width calculation).
|
|
|
|
|
"""
|
2026-03-03 18:57:33 -08:00
|
|
|
token_var = platform["token_var"]
|
|
|
|
|
val = get_env_value(token_var)
|
|
|
|
|
if token_var == "WHATSAPP_ENABLED":
|
|
|
|
|
if val and val.lower() == "true":
|
fix(cli): respect HERMES_HOME in all remaining hardcoded ~/.hermes paths
Several files resolved paths via Path.home() / ".hermes" or
os.path.expanduser("~/.hermes/..."), bypassing the HERMES_HOME
environment variable. This broke isolation when running multiple
Hermes instances with distinct HERMES_HOME directories.
Replace all hardcoded paths with calls to get_hermes_home() from
hermes_cli.config, consistent with the rest of the codebase.
Files fixed:
- tools/process_registry.py (processes.json)
- gateway/pairing.py (pairing/)
- gateway/sticker_cache.py (sticker_cache.json)
- gateway/channel_directory.py (channel_directory.json, sessions.json)
- gateway/config.py (gateway.json, config.yaml, sessions_dir)
- gateway/mirror.py (sessions/)
- gateway/hooks.py (hooks/)
- gateway/platforms/base.py (image_cache/, audio_cache/, document_cache/)
- gateway/platforms/whatsapp.py (whatsapp/session)
- gateway/delivery.py (cron/output)
- agent/auxiliary_client.py (auth.json)
- agent/prompt_builder.py (SOUL.md)
- cli.py (config.yaml, images/, pastes/, history)
- run_agent.py (logs/)
- tools/environments/base.py (sandboxes/)
- tools/environments/modal.py (modal_snapshots.json)
- tools/environments/singularity.py (singularity_snapshots.json)
- tools/tts_tool.py (audio_cache)
- hermes_cli/status.py (cron/jobs.json, sessions.json)
- hermes_cli/gateway.py (logs/, whatsapp session)
- hermes_cli/main.py (whatsapp/session)
Tests updated to use HERMES_HOME env var instead of patching Path.home().
Closes #892
(cherry picked from commit 78ac1bba43b8b74a934c6172f2c29bb4d03164b9)
2026-03-11 07:31:41 +01:00
|
|
|
session_file = get_hermes_home() / "whatsapp" / "session" / "creds.json"
|
2026-03-03 18:57:33 -08:00
|
|
|
if session_file.exists():
|
2026-03-03 19:04:32 -08:00
|
|
|
return "configured + paired"
|
|
|
|
|
return "enabled, not paired"
|
|
|
|
|
return "not configured"
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
if platform.get("key") == "signal":
|
|
|
|
|
account = get_env_value("SIGNAL_ACCOUNT")
|
|
|
|
|
if val and account:
|
|
|
|
|
return "configured"
|
|
|
|
|
if val or account:
|
|
|
|
|
return "partially configured"
|
|
|
|
|
return "not configured"
|
feat: add email gateway platform (IMAP/SMTP)
Allow users to interact with Hermes by sending and receiving emails.
Uses IMAP polling for incoming messages and SMTP for replies with
proper threading (In-Reply-To, References headers).
Integrates with all 14 gateway extension points: config, adapter
factory, authorization, send_message tool, cron delivery, toolsets,
prompt hints, channel directory, setup wizard, status display, and
env example.
65 tests covering config, parsing, dispatch, threading, IMAP fetch,
SMTP send, attachments, and all integration points.
2026-03-10 03:15:38 +03:00
|
|
|
if platform.get("key") == "email":
|
|
|
|
|
pwd = get_env_value("EMAIL_PASSWORD")
|
|
|
|
|
imap = get_env_value("EMAIL_IMAP_HOST")
|
|
|
|
|
smtp = get_env_value("EMAIL_SMTP_HOST")
|
|
|
|
|
if all([val, pwd, imap, smtp]):
|
|
|
|
|
return "configured"
|
|
|
|
|
if any([val, pwd, imap, smtp]):
|
|
|
|
|
return "partially configured"
|
|
|
|
|
return "not configured"
|
2026-03-03 18:57:33 -08:00
|
|
|
if val:
|
2026-03-03 19:04:32 -08:00
|
|
|
return "configured"
|
|
|
|
|
return "not configured"
|
2026-03-03 18:57:33 -08:00
|
|
|
|
|
|
|
|
|
2026-03-14 12:11:23 -07:00
|
|
|
def _runtime_health_lines() -> list[str]:
|
|
|
|
|
"""Summarize the latest persisted gateway runtime health state."""
|
|
|
|
|
try:
|
|
|
|
|
from gateway.status import read_runtime_status
|
|
|
|
|
except Exception:
|
|
|
|
|
return []
|
|
|
|
|
|
|
|
|
|
state = read_runtime_status()
|
|
|
|
|
if not state:
|
|
|
|
|
return []
|
|
|
|
|
|
|
|
|
|
lines: list[str] = []
|
|
|
|
|
gateway_state = state.get("gateway_state")
|
|
|
|
|
exit_reason = state.get("exit_reason")
|
|
|
|
|
platforms = state.get("platforms", {}) or {}
|
|
|
|
|
|
|
|
|
|
for platform, pdata in platforms.items():
|
|
|
|
|
if pdata.get("state") == "fatal":
|
|
|
|
|
message = pdata.get("error_message") or "unknown error"
|
|
|
|
|
lines.append(f"⚠ {platform}: {message}")
|
|
|
|
|
|
|
|
|
|
if gateway_state == "startup_failed" and exit_reason:
|
|
|
|
|
lines.append(f"⚠ Last startup issue: {exit_reason}")
|
|
|
|
|
elif gateway_state == "stopped" and exit_reason:
|
|
|
|
|
lines.append(f"⚠ Last shutdown reason: {exit_reason}")
|
|
|
|
|
|
|
|
|
|
return lines
|
|
|
|
|
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
def _setup_standard_platform(platform: dict):
|
|
|
|
|
"""Interactive setup for Telegram, Discord, or Slack."""
|
|
|
|
|
emoji = platform["emoji"]
|
|
|
|
|
label = platform["label"]
|
|
|
|
|
token_var = platform["token_var"]
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print(color(f" ─── {emoji} {label} Setup ───", Colors.CYAN))
|
|
|
|
|
|
2026-03-03 20:05:15 -08:00
|
|
|
# Show step-by-step setup instructions if this platform has them
|
|
|
|
|
instructions = platform.get("setup_instructions")
|
|
|
|
|
if instructions:
|
|
|
|
|
print()
|
|
|
|
|
for line in instructions:
|
|
|
|
|
print_info(f" {line}")
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
existing_token = get_env_value(token_var)
|
|
|
|
|
if existing_token:
|
|
|
|
|
print()
|
|
|
|
|
print_success(f"{label} is already configured.")
|
|
|
|
|
if not prompt_yes_no(f" Reconfigure {label}?", False):
|
|
|
|
|
return
|
|
|
|
|
|
2026-03-03 19:55:06 -08:00
|
|
|
allowed_val_set = None # Track if user set an allowlist (for home channel offer)
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
for var in platform["vars"]:
|
|
|
|
|
print()
|
|
|
|
|
print_info(f" {var['help']}")
|
|
|
|
|
existing = get_env_value(var["name"])
|
|
|
|
|
if existing and var["name"] != token_var:
|
|
|
|
|
print_info(f" Current: {existing}")
|
|
|
|
|
|
2026-03-03 19:55:06 -08:00
|
|
|
# Allowlist fields get special handling for the deny-by-default security model
|
|
|
|
|
if var.get("is_allowlist"):
|
|
|
|
|
print_info(f" The gateway DENIES all users by default for security.")
|
|
|
|
|
print_info(f" Enter user IDs to create an allowlist, or leave empty")
|
|
|
|
|
print_info(f" and you'll be asked about open access next.")
|
|
|
|
|
value = prompt(f" {var['prompt']}", password=False)
|
|
|
|
|
if value:
|
|
|
|
|
cleaned = value.replace(" ", "")
|
2026-03-13 09:35:39 -07:00
|
|
|
# For Discord, strip common prefixes (user:123, <@123>, <@!123>)
|
|
|
|
|
if "DISCORD" in var["name"]:
|
|
|
|
|
parts = []
|
|
|
|
|
for uid in cleaned.split(","):
|
|
|
|
|
uid = uid.strip()
|
|
|
|
|
if uid.startswith("<@") and uid.endswith(">"):
|
|
|
|
|
uid = uid.lstrip("<@!").rstrip(">")
|
|
|
|
|
if uid.lower().startswith("user:"):
|
|
|
|
|
uid = uid[5:]
|
|
|
|
|
if uid:
|
|
|
|
|
parts.append(uid)
|
|
|
|
|
cleaned = ",".join(parts)
|
2026-03-03 19:55:06 -08:00
|
|
|
save_env_value(var["name"], cleaned)
|
|
|
|
|
print_success(f" Saved — only these users can interact with the bot.")
|
|
|
|
|
allowed_val_set = cleaned
|
|
|
|
|
else:
|
|
|
|
|
# No allowlist — ask about open access vs DM pairing
|
|
|
|
|
print()
|
|
|
|
|
access_choices = [
|
|
|
|
|
"Enable open access (anyone can message the bot)",
|
|
|
|
|
"Use DM pairing (unknown users request access, you approve with 'hermes pairing approve')",
|
|
|
|
|
"Skip for now (bot will deny all users until configured)",
|
|
|
|
|
]
|
|
|
|
|
access_idx = prompt_choice(" How should unauthorized users be handled?", access_choices, 1)
|
|
|
|
|
if access_idx == 0:
|
|
|
|
|
save_env_value("GATEWAY_ALLOW_ALL_USERS", "true")
|
|
|
|
|
print_warning(" Open access enabled — anyone can use your bot!")
|
|
|
|
|
elif access_idx == 1:
|
|
|
|
|
print_success(" DM pairing mode — users will receive a code to request access.")
|
|
|
|
|
print_info(" Approve with: hermes pairing approve {platform} {code}")
|
|
|
|
|
else:
|
|
|
|
|
print_info(" Skipped — configure later with 'hermes gateway setup'")
|
|
|
|
|
continue
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
value = prompt(f" {var['prompt']}", password=var.get("password", False))
|
|
|
|
|
if value:
|
2026-03-03 19:55:06 -08:00
|
|
|
save_env_value(var["name"], value)
|
2026-03-03 18:57:33 -08:00
|
|
|
print_success(f" Saved {var['name']}")
|
|
|
|
|
elif var["name"] == token_var:
|
|
|
|
|
print_warning(f" Skipped — {label} won't work without this.")
|
|
|
|
|
return
|
|
|
|
|
else:
|
|
|
|
|
print_info(f" Skipped (can configure later)")
|
|
|
|
|
|
2026-03-03 19:55:06 -08:00
|
|
|
# If an allowlist was set and home channel wasn't, offer to reuse
|
|
|
|
|
# the first user ID (common for Telegram DMs).
|
2026-03-03 18:57:33 -08:00
|
|
|
home_var = f"{label.upper()}_HOME_CHANNEL"
|
|
|
|
|
home_val = get_env_value(home_var)
|
2026-03-03 19:55:06 -08:00
|
|
|
if allowed_val_set and not home_val and label == "Telegram":
|
|
|
|
|
first_id = allowed_val_set.split(",")[0].strip()
|
2026-03-03 18:57:33 -08:00
|
|
|
if first_id and prompt_yes_no(f" Use your user ID ({first_id}) as the home channel?", True):
|
|
|
|
|
save_env_value(home_var, first_id)
|
|
|
|
|
print_success(f" Home channel set to {first_id}")
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print_success(f"{emoji} {label} configured!")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _setup_whatsapp():
|
|
|
|
|
"""Delegate to the existing WhatsApp setup flow."""
|
|
|
|
|
from hermes_cli.main import cmd_whatsapp
|
|
|
|
|
import argparse
|
|
|
|
|
cmd_whatsapp(argparse.Namespace())
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _is_service_installed() -> bool:
|
|
|
|
|
"""Check if the gateway is installed as a system service."""
|
|
|
|
|
if is_linux():
|
2026-03-14 20:54:51 -07:00
|
|
|
return get_systemd_unit_path(system=False).exists() or get_systemd_unit_path(system=True).exists()
|
2026-03-03 18:57:33 -08:00
|
|
|
elif is_macos():
|
|
|
|
|
return get_launchd_plist_path().exists()
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _is_service_running() -> bool:
|
|
|
|
|
"""Check if the gateway service is currently running."""
|
2026-03-14 20:54:51 -07:00
|
|
|
if is_linux():
|
2026-03-14 21:06:52 -07:00
|
|
|
user_unit_exists = get_systemd_unit_path(system=False).exists()
|
|
|
|
|
system_unit_exists = get_systemd_unit_path(system=True).exists()
|
|
|
|
|
|
|
|
|
|
if user_unit_exists:
|
2026-03-14 20:54:51 -07:00
|
|
|
result = subprocess.run(
|
2026-03-16 04:42:46 -07:00
|
|
|
_systemctl_cmd(False) + ["is-active", get_service_name()],
|
2026-03-14 20:54:51 -07:00
|
|
|
capture_output=True, text=True
|
|
|
|
|
)
|
2026-03-14 21:06:52 -07:00
|
|
|
if result.stdout.strip() == "active":
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
if system_unit_exists:
|
2026-03-14 20:54:51 -07:00
|
|
|
result = subprocess.run(
|
2026-03-16 04:42:46 -07:00
|
|
|
_systemctl_cmd(True) + ["is-active", get_service_name()],
|
2026-03-14 20:54:51 -07:00
|
|
|
capture_output=True, text=True
|
|
|
|
|
)
|
2026-03-14 21:06:52 -07:00
|
|
|
if result.stdout.strip() == "active":
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
return False
|
2026-03-03 18:57:33 -08:00
|
|
|
elif is_macos() and get_launchd_plist_path().exists():
|
|
|
|
|
result = subprocess.run(
|
|
|
|
|
["launchctl", "list", "ai.hermes.gateway"],
|
|
|
|
|
capture_output=True, text=True
|
|
|
|
|
)
|
|
|
|
|
return result.returncode == 0
|
|
|
|
|
# Check for manual processes
|
|
|
|
|
return len(find_gateway_pids()) > 0
|
|
|
|
|
|
|
|
|
|
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
def _setup_signal():
|
|
|
|
|
"""Interactive setup for Signal messenger."""
|
|
|
|
|
import shutil
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print(color(" ─── 📡 Signal Setup ───", Colors.CYAN))
|
|
|
|
|
|
|
|
|
|
existing_url = get_env_value("SIGNAL_HTTP_URL")
|
|
|
|
|
existing_account = get_env_value("SIGNAL_ACCOUNT")
|
|
|
|
|
if existing_url and existing_account:
|
|
|
|
|
print()
|
|
|
|
|
print_success("Signal is already configured.")
|
|
|
|
|
if not prompt_yes_no(" Reconfigure Signal?", False):
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
# Check if signal-cli is available
|
|
|
|
|
print()
|
|
|
|
|
if shutil.which("signal-cli"):
|
|
|
|
|
print_success("signal-cli found on PATH.")
|
|
|
|
|
else:
|
|
|
|
|
print_warning("signal-cli not found on PATH.")
|
|
|
|
|
print_info(" Signal requires signal-cli running as an HTTP daemon.")
|
|
|
|
|
print_info(" Install options:")
|
|
|
|
|
print_info(" Linux: sudo apt install signal-cli")
|
|
|
|
|
print_info(" or download from https://github.com/AsamK/signal-cli")
|
|
|
|
|
print_info(" macOS: brew install signal-cli")
|
|
|
|
|
print_info(" Docker: bbernhard/signal-cli-rest-api")
|
|
|
|
|
print()
|
|
|
|
|
print_info(" After installing, link your account and start the daemon:")
|
|
|
|
|
print_info(" signal-cli link -n \"HermesAgent\"")
|
|
|
|
|
print_info(" signal-cli --account +YOURNUMBER daemon --http 127.0.0.1:8080")
|
|
|
|
|
print()
|
|
|
|
|
|
|
|
|
|
# HTTP URL
|
|
|
|
|
print()
|
|
|
|
|
print_info(" Enter the URL where signal-cli HTTP daemon is running.")
|
|
|
|
|
default_url = existing_url or "http://127.0.0.1:8080"
|
|
|
|
|
try:
|
|
|
|
|
url = input(f" HTTP URL [{default_url}]: ").strip() or default_url
|
|
|
|
|
except (EOFError, KeyboardInterrupt):
|
|
|
|
|
print("\n Setup cancelled.")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
# Test connectivity
|
|
|
|
|
print_info(" Testing connection...")
|
|
|
|
|
try:
|
|
|
|
|
import httpx
|
|
|
|
|
resp = httpx.get(f"{url.rstrip('/')}/api/v1/check", timeout=10.0)
|
|
|
|
|
if resp.status_code == 200:
|
|
|
|
|
print_success(" signal-cli daemon is reachable!")
|
|
|
|
|
else:
|
|
|
|
|
print_warning(f" signal-cli responded with status {resp.status_code}.")
|
|
|
|
|
if not prompt_yes_no(" Continue anyway?", False):
|
|
|
|
|
return
|
|
|
|
|
except Exception as e:
|
|
|
|
|
print_warning(f" Could not reach signal-cli at {url}: {e}")
|
|
|
|
|
if not prompt_yes_no(" Save this URL anyway? (you can start signal-cli later)", True):
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
save_env_value("SIGNAL_HTTP_URL", url)
|
|
|
|
|
|
|
|
|
|
# Account phone number
|
|
|
|
|
print()
|
|
|
|
|
print_info(" Enter your Signal account phone number in E.164 format.")
|
|
|
|
|
print_info(" Example: +15551234567")
|
|
|
|
|
default_account = existing_account or ""
|
|
|
|
|
try:
|
|
|
|
|
account = input(f" Account number{f' [{default_account}]' if default_account else ''}: ").strip()
|
|
|
|
|
if not account:
|
|
|
|
|
account = default_account
|
|
|
|
|
except (EOFError, KeyboardInterrupt):
|
|
|
|
|
print("\n Setup cancelled.")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
if not account:
|
|
|
|
|
print_error(" Account number is required.")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
save_env_value("SIGNAL_ACCOUNT", account)
|
|
|
|
|
|
|
|
|
|
# Allowed users
|
|
|
|
|
print()
|
|
|
|
|
print_info(" The gateway DENIES all users by default for security.")
|
|
|
|
|
print_info(" Enter phone numbers or UUIDs of allowed users (comma-separated).")
|
|
|
|
|
existing_allowed = get_env_value("SIGNAL_ALLOWED_USERS") or ""
|
|
|
|
|
default_allowed = existing_allowed or account
|
|
|
|
|
try:
|
|
|
|
|
allowed = input(f" Allowed users [{default_allowed}]: ").strip() or default_allowed
|
|
|
|
|
except (EOFError, KeyboardInterrupt):
|
|
|
|
|
print("\n Setup cancelled.")
|
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
save_env_value("SIGNAL_ALLOWED_USERS", allowed)
|
|
|
|
|
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
# Group messaging
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
print()
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
if prompt_yes_no(" Enable group messaging? (disabled by default for security)", False):
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
print()
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
print_info(" Enter group IDs to allow, or * for all groups.")
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
existing_groups = get_env_value("SIGNAL_GROUP_ALLOWED_USERS") or ""
|
|
|
|
|
try:
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
groups = input(f" Group IDs [{existing_groups or '*'}]: ").strip() or existing_groups or "*"
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
except (EOFError, KeyboardInterrupt):
|
|
|
|
|
print("\n Setup cancelled.")
|
|
|
|
|
return
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
save_env_value("SIGNAL_GROUP_ALLOWED_USERS", groups)
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print_success("Signal configured!")
|
|
|
|
|
print_info(f" URL: {url}")
|
|
|
|
|
print_info(f" Account: {account}")
|
fix: Signal adapter parity pass — integration gaps, clawdbot features, env var simplification
Integration gaps fixed (7 files missing Signal):
- cron/scheduler.py: Signal in platform_map (cron delivery was broken)
- agent/prompt_builder.py: PLATFORM_HINTS for Signal (agent knows it's on Signal)
- toolsets.py: hermes-signal toolset + added to hermes-gateway composite
- hermes_cli/status.py: Signal + Slack in platform status display
- tools/send_message_tool.py: Signal example in target description
- tools/cronjob_tools.py: Signal in delivery option docs + schema
- gateway/channel_directory.py: Signal in session-based channel discovery
Clawdbot parity features added to signal.py:
- Self-message filtering: prevents reply loops by checking sender != account
- SyncMessage filtering: ignores sync envelopes (sent transcripts, read receipts)
- Edit message support: reads dataMessage from editMessage envelope
- Mention rendering: replaces \uFFFC placeholders with @identifier text
- Jitter in SSE reconnection backoff (20% randomization, prevents thundering herd)
Env var simplification (7 → 4):
- Removed SIGNAL_DM_POLICY (DM auth follows standard platform pattern via
SIGNAL_ALLOWED_USERS + DM pairing, same as Telegram/Discord)
- Removed SIGNAL_GROUP_POLICY (derived from SIGNAL_GROUP_ALLOWED_USERS:
not set = disabled, set with IDs = allowlist, set with * = open)
- Removed SIGNAL_DEBUG (was setting root logger, removed entirely)
- Remaining: SIGNAL_HTTP_URL, SIGNAL_ACCOUNT (required),
SIGNAL_ALLOWED_USERS, SIGNAL_GROUP_ALLOWED_USERS (optional)
Updated all docs (website, AGENTS.md, signal.md) to match.
2026-03-08 21:00:21 -07:00
|
|
|
print_info(f" DM auth: via SIGNAL_ALLOWED_USERS + DM pairing")
|
|
|
|
|
print_info(f" Groups: {'enabled' if get_env_value('SIGNAL_GROUP_ALLOWED_USERS') else 'disabled'}")
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
def gateway_setup():
|
|
|
|
|
"""Interactive setup for messaging platforms + gateway service."""
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
print(color("┌─────────────────────────────────────────────────────────┐", Colors.MAGENTA))
|
|
|
|
|
print(color("│ ⚕ Gateway Setup │", Colors.MAGENTA))
|
|
|
|
|
print(color("├─────────────────────────────────────────────────────────┤", Colors.MAGENTA))
|
|
|
|
|
print(color("│ Configure messaging platforms and the gateway service. │", Colors.MAGENTA))
|
|
|
|
|
print(color("│ Press Ctrl+C at any time to exit. │", Colors.MAGENTA))
|
|
|
|
|
print(color("└─────────────────────────────────────────────────────────┘", Colors.MAGENTA))
|
|
|
|
|
|
|
|
|
|
# ── Gateway service status ──
|
|
|
|
|
print()
|
|
|
|
|
service_installed = _is_service_installed()
|
|
|
|
|
service_running = _is_service_running()
|
|
|
|
|
|
2026-03-14 21:06:52 -07:00
|
|
|
if is_linux() and has_conflicting_systemd_units():
|
|
|
|
|
print_systemd_scope_conflict_warning()
|
|
|
|
|
print()
|
|
|
|
|
|
2026-03-03 18:57:33 -08:00
|
|
|
if service_installed and service_running:
|
|
|
|
|
print_success("Gateway service is installed and running.")
|
|
|
|
|
elif service_installed:
|
|
|
|
|
print_warning("Gateway service is installed but not running.")
|
|
|
|
|
if prompt_yes_no(" Start it now?", True):
|
|
|
|
|
try:
|
|
|
|
|
if is_linux():
|
|
|
|
|
systemd_start()
|
|
|
|
|
elif is_macos():
|
|
|
|
|
launchd_start()
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
print_error(f" Failed to start: {e}")
|
|
|
|
|
else:
|
2026-03-03 19:30:05 -08:00
|
|
|
print_info("Gateway service is not installed yet.")
|
|
|
|
|
print_info("You'll be offered to install it after configuring platforms.")
|
2026-03-03 18:57:33 -08:00
|
|
|
|
|
|
|
|
# ── Platform configuration loop ──
|
|
|
|
|
while True:
|
|
|
|
|
print()
|
|
|
|
|
print_header("Messaging Platforms")
|
|
|
|
|
|
|
|
|
|
menu_items = []
|
|
|
|
|
for plat in _PLATFORMS:
|
|
|
|
|
status = _platform_status(plat)
|
2026-03-03 19:04:32 -08:00
|
|
|
menu_items.append(f"{plat['label']} ({status})")
|
|
|
|
|
menu_items.append("Done")
|
2026-03-03 18:57:33 -08:00
|
|
|
|
|
|
|
|
choice = prompt_choice("Select a platform to configure:", menu_items, len(menu_items) - 1)
|
|
|
|
|
|
|
|
|
|
if choice == len(_PLATFORMS):
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
platform = _PLATFORMS[choice]
|
|
|
|
|
|
|
|
|
|
if platform["key"] == "whatsapp":
|
|
|
|
|
_setup_whatsapp()
|
feat: add Signal messenger gateway platform (#405)
Complete Signal adapter using signal-cli daemon HTTP API.
Based on PR #268 by ibhagwan, rebuilt on current main with bug fixes.
Architecture:
- SSE streaming for inbound messages with exponential backoff (2s→60s)
- JSON-RPC 2.0 for outbound (send, typing, attachments, contacts)
- Health monitor detects stale SSE connections (120s threshold)
- Phone number redaction in all logs and global redact.py
Features:
- DM and group message support with separate access policies
- DM policies: pairing (default), allowlist, open
- Group policies: disabled (default), allowlist, open
- Attachment download with magic-byte type detection
- Typing indicators (8s refresh interval)
- 100MB attachment size limit, 8000 char message limit
- E.164 phone + UUID allowlist support
Integration:
- Platform.SIGNAL enum in gateway/config.py
- Signal in _is_user_authorized() allowlist maps (gateway/run.py)
- Adapter factory in _create_adapter() (gateway/run.py)
- user_id_alt/chat_id_alt fields in SessionSource for UUIDs
- send_message tool support via httpx JSON-RPC (not aiohttp)
- Interactive setup wizard in 'hermes gateway setup'
- Connectivity testing during setup (pings /api/v1/check)
- signal-cli detection and install guidance
Bug fixes from PR #268:
- Timestamp reads from envelope_data (not outer wrapper)
- Uses httpx consistently (not aiohttp in send_message tool)
- SIGNAL_DEBUG scoped to signal logger (not root)
- extract_images regex NOT modified (preserves group numbering)
- pairing.py NOT modified (no cross-platform side effects)
- No dual authorization (adapter defers to run.py for user auth)
- Wildcard uses set membership ('*' in set, not list equality)
- .zip default for PK magic bytes (not .docx)
No new Python dependencies — uses httpx (already core).
External requirement: signal-cli daemon (user-installed).
Tests: 30 new tests covering config, init, helpers, session source,
phone redaction, authorization, and send_message integration.
Co-authored-by: ibhagwan <ibhagwan@users.noreply.github.com>
2026-03-08 20:20:35 -07:00
|
|
|
elif platform["key"] == "signal":
|
|
|
|
|
_setup_signal()
|
2026-03-03 18:57:33 -08:00
|
|
|
else:
|
|
|
|
|
_setup_standard_platform(platform)
|
|
|
|
|
|
|
|
|
|
# ── Post-setup: offer to install/restart gateway ──
|
|
|
|
|
any_configured = any(
|
|
|
|
|
bool(get_env_value(p["token_var"]))
|
|
|
|
|
for p in _PLATFORMS
|
|
|
|
|
if p["key"] != "whatsapp"
|
|
|
|
|
) or (get_env_value("WHATSAPP_ENABLED") or "").lower() == "true"
|
|
|
|
|
|
|
|
|
|
if any_configured:
|
|
|
|
|
print()
|
|
|
|
|
print(color("─" * 58, Colors.DIM))
|
|
|
|
|
service_installed = _is_service_installed()
|
|
|
|
|
service_running = _is_service_running()
|
|
|
|
|
|
|
|
|
|
if service_running:
|
|
|
|
|
if prompt_yes_no(" Restart the gateway to pick up changes?", True):
|
|
|
|
|
try:
|
|
|
|
|
if is_linux():
|
|
|
|
|
systemd_restart()
|
|
|
|
|
elif is_macos():
|
|
|
|
|
launchd_restart()
|
|
|
|
|
else:
|
|
|
|
|
kill_gateway_processes()
|
|
|
|
|
print_info("Start manually: hermes gateway")
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
print_error(f" Restart failed: {e}")
|
|
|
|
|
elif service_installed:
|
|
|
|
|
if prompt_yes_no(" Start the gateway service?", True):
|
|
|
|
|
try:
|
|
|
|
|
if is_linux():
|
|
|
|
|
systemd_start()
|
|
|
|
|
elif is_macos():
|
|
|
|
|
launchd_start()
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
print_error(f" Start failed: {e}")
|
|
|
|
|
else:
|
|
|
|
|
print()
|
2026-03-03 19:30:05 -08:00
|
|
|
if is_linux() or is_macos():
|
|
|
|
|
platform_name = "systemd" if is_linux() else "launchd"
|
|
|
|
|
if prompt_yes_no(f" Install the gateway as a {platform_name} service? (runs in background, starts on boot)", True):
|
|
|
|
|
try:
|
2026-03-14 21:06:52 -07:00
|
|
|
installed_scope = None
|
|
|
|
|
did_install = False
|
2026-03-03 19:30:05 -08:00
|
|
|
if is_linux():
|
2026-03-14 21:06:52 -07:00
|
|
|
installed_scope, did_install = install_linux_gateway_from_setup(force=False)
|
2026-03-03 19:30:05 -08:00
|
|
|
else:
|
2026-03-14 21:06:52 -07:00
|
|
|
launchd_install(force=False)
|
|
|
|
|
did_install = True
|
2026-03-03 19:30:05 -08:00
|
|
|
print()
|
2026-03-14 21:06:52 -07:00
|
|
|
if did_install and prompt_yes_no(" Start the service now?", True):
|
2026-03-03 19:30:05 -08:00
|
|
|
try:
|
|
|
|
|
if is_linux():
|
2026-03-14 21:06:52 -07:00
|
|
|
systemd_start(system=installed_scope == "system")
|
2026-03-03 19:30:05 -08:00
|
|
|
else:
|
|
|
|
|
launchd_start()
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
print_error(f" Start failed: {e}")
|
|
|
|
|
except subprocess.CalledProcessError as e:
|
|
|
|
|
print_error(f" Install failed: {e}")
|
|
|
|
|
print_info(" You can try manually: hermes gateway install")
|
|
|
|
|
else:
|
|
|
|
|
print_info(" You can install later: hermes gateway install")
|
2026-03-14 21:06:52 -07:00
|
|
|
if is_linux():
|
|
|
|
|
print_info(" Or as a boot-time service: sudo hermes gateway install --system")
|
2026-03-03 19:30:05 -08:00
|
|
|
print_info(" Or run in foreground: hermes gateway")
|
|
|
|
|
else:
|
|
|
|
|
print_info(" Service install not supported on this platform.")
|
|
|
|
|
print_info(" Run in foreground: hermes gateway")
|
2026-03-03 18:57:33 -08:00
|
|
|
else:
|
|
|
|
|
print()
|
|
|
|
|
print_info("No platforms configured. Run 'hermes gateway setup' when ready.")
|
|
|
|
|
|
|
|
|
|
print()
|
|
|
|
|
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
# =============================================================================
|
|
|
|
|
# Main Command Handler
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
|
|
|
|
def gateway_command(args):
|
|
|
|
|
"""Handle gateway subcommands."""
|
|
|
|
|
subcmd = getattr(args, 'gateway_command', None)
|
|
|
|
|
|
|
|
|
|
# Default to run if no subcommand
|
|
|
|
|
if subcmd is None or subcmd == "run":
|
|
|
|
|
verbose = getattr(args, 'verbose', False)
|
2026-03-07 18:08:12 +00:00
|
|
|
replace = getattr(args, 'replace', False)
|
|
|
|
|
run_gateway(verbose, replace=replace)
|
2026-02-02 19:01:51 -08:00
|
|
|
return
|
2026-03-03 18:57:33 -08:00
|
|
|
|
|
|
|
|
if subcmd == "setup":
|
|
|
|
|
gateway_setup()
|
|
|
|
|
return
|
|
|
|
|
|
2026-02-02 19:01:51 -08:00
|
|
|
# Service management commands
|
|
|
|
|
if subcmd == "install":
|
|
|
|
|
force = getattr(args, 'force', False)
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
|
|
|
|
run_as_user = getattr(args, 'run_as_user', None)
|
2026-02-02 19:01:51 -08:00
|
|
|
if is_linux():
|
2026-03-14 20:54:51 -07:00
|
|
|
systemd_install(force=force, system=system, run_as_user=run_as_user)
|
2026-02-02 19:01:51 -08:00
|
|
|
elif is_macos():
|
|
|
|
|
launchd_install(force)
|
|
|
|
|
else:
|
|
|
|
|
print("Service installation not supported on this platform.")
|
|
|
|
|
print("Run manually: hermes gateway run")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
elif subcmd == "uninstall":
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
2026-02-02 19:01:51 -08:00
|
|
|
if is_linux():
|
2026-03-14 20:54:51 -07:00
|
|
|
systemd_uninstall(system=system)
|
2026-02-02 19:01:51 -08:00
|
|
|
elif is_macos():
|
|
|
|
|
launchd_uninstall()
|
|
|
|
|
else:
|
|
|
|
|
print("Not supported on this platform.")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
elif subcmd == "start":
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
2026-02-02 19:01:51 -08:00
|
|
|
if is_linux():
|
2026-03-14 20:54:51 -07:00
|
|
|
systemd_start(system=system)
|
2026-02-02 19:01:51 -08:00
|
|
|
elif is_macos():
|
|
|
|
|
launchd_start()
|
|
|
|
|
else:
|
|
|
|
|
print("Not supported on this platform.")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
elif subcmd == "stop":
|
2026-03-14 07:42:31 -07:00
|
|
|
# Try service first, then sweep any stray/manual gateway processes.
|
2026-02-03 10:46:23 -08:00
|
|
|
service_available = False
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
2026-02-03 10:46:23 -08:00
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if is_linux() and (get_systemd_unit_path(system=False).exists() or get_systemd_unit_path(system=True).exists()):
|
2026-02-03 10:46:23 -08:00
|
|
|
try:
|
2026-03-14 20:54:51 -07:00
|
|
|
systemd_stop(system=system)
|
2026-02-03 10:46:23 -08:00
|
|
|
service_available = True
|
|
|
|
|
except subprocess.CalledProcessError:
|
|
|
|
|
pass # Fall through to process kill
|
|
|
|
|
elif is_macos() and get_launchd_plist_path().exists():
|
|
|
|
|
try:
|
|
|
|
|
launchd_stop()
|
|
|
|
|
service_available = True
|
|
|
|
|
except subprocess.CalledProcessError:
|
|
|
|
|
pass
|
2026-03-14 07:42:31 -07:00
|
|
|
|
|
|
|
|
killed = kill_gateway_processes()
|
2026-02-03 10:46:23 -08:00
|
|
|
if not service_available:
|
|
|
|
|
if killed:
|
|
|
|
|
print(f"✓ Stopped {killed} gateway process(es)")
|
|
|
|
|
else:
|
|
|
|
|
print("✗ No gateway processes found")
|
2026-03-14 07:42:31 -07:00
|
|
|
elif killed:
|
|
|
|
|
print(f"✓ Stopped {killed} additional manual gateway process(es)")
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
elif subcmd == "restart":
|
2026-02-03 10:46:23 -08:00
|
|
|
# Try service first, fall back to killing and restarting
|
|
|
|
|
service_available = False
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
2026-03-17 11:05:28 +08:00
|
|
|
service_configured = False
|
2026-02-03 10:46:23 -08:00
|
|
|
|
2026-03-14 20:54:51 -07:00
|
|
|
if is_linux() and (get_systemd_unit_path(system=False).exists() or get_systemd_unit_path(system=True).exists()):
|
2026-03-17 11:05:28 +08:00
|
|
|
service_configured = True
|
2026-02-03 10:46:23 -08:00
|
|
|
try:
|
2026-03-14 20:54:51 -07:00
|
|
|
systemd_restart(system=system)
|
2026-02-03 10:46:23 -08:00
|
|
|
service_available = True
|
|
|
|
|
except subprocess.CalledProcessError:
|
|
|
|
|
pass
|
|
|
|
|
elif is_macos() and get_launchd_plist_path().exists():
|
2026-03-17 11:05:28 +08:00
|
|
|
service_configured = True
|
2026-02-03 10:46:23 -08:00
|
|
|
try:
|
|
|
|
|
launchd_restart()
|
|
|
|
|
service_available = True
|
|
|
|
|
except subprocess.CalledProcessError:
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
if not service_available:
|
fix: auto-detect D-Bus session bus for systemctl --user on headless servers (#1601)
* fix: Anthropic OAuth compatibility — Claude Code identity fingerprinting
Anthropic routes OAuth/subscription requests based on Claude Code's
identity markers. Without them, requests get intermittent 500 errors
(~25% failure rate observed). This matches what pi-ai (clawdbot) and
OpenCode both implement for OAuth compatibility.
Changes (OAuth tokens only — API key users unaffected):
1. Headers: user-agent 'claude-cli/2.1.2 (external, cli)' + x-app 'cli'
2. System prompt: prepend 'You are Claude Code, Anthropic's official CLI'
3. System prompt sanitization: replace Hermes/Nous references
4. Tool names: prefix with 'mcp_' (Claude Code convention for non-native tools)
5. Tool name stripping: remove 'mcp_' prefix from response tool calls
Before: 9/12 OK, 1 hard fail, 4 needed retries (~25% error rate)
After: 16/16 OK, 0 failures, 0 retries (0% error rate)
* fix: auto-detect DBUS_SESSION_BUS_ADDRESS for systemctl --user on headless servers
On SSH sessions to headless servers, DBUS_SESSION_BUS_ADDRESS and
XDG_RUNTIME_DIR may not be set even when the user's systemd instance
is running via linger. This causes 'systemctl --user' to fail with
'Failed to connect to bus: No medium found', breaking gateway
restart/start/stop as a service and falling back to foreground mode.
Add _ensure_user_systemd_env() that detects the standard D-Bus socket
at /run/user/<UID>/bus and sets the env vars before any systemctl --user
call. Called from _systemctl_cmd() so all existing call sites benefit
automatically with zero changes.
Fixes: gateway restart falling back to foreground on headless servers
* fix: show linger guidance when gateway restart fails during update and gateway restart
When systemctl --user restart fails during 'hermes update' or
'hermes gateway restart', check linger status and tell the user
exactly what to run (sudo -S -p '' loginctl enable-linger) instead of
silently falling back to foreground mode.
Also applies _ensure_user_systemd_env() to the raw systemctl calls
in cmd_update so they work properly on SSH sessions where D-Bus
env vars are missing.
2026-03-16 17:45:48 -07:00
|
|
|
# systemd/launchd restart failed — check if linger is the issue
|
|
|
|
|
if is_linux():
|
|
|
|
|
linger_ok, _detail = get_systemd_linger_status()
|
|
|
|
|
if linger_ok is not True:
|
|
|
|
|
import getpass
|
|
|
|
|
_username = getpass.getuser()
|
|
|
|
|
print()
|
|
|
|
|
print("⚠ Cannot restart gateway as a service — linger is not enabled.")
|
|
|
|
|
print(" The gateway user service requires linger to function on headless servers.")
|
|
|
|
|
print()
|
|
|
|
|
print(f" Run: sudo loginctl enable-linger {_username}")
|
|
|
|
|
print()
|
|
|
|
|
print(" Then restart the gateway:")
|
|
|
|
|
print(" hermes gateway restart")
|
|
|
|
|
return
|
|
|
|
|
|
2026-03-17 11:05:28 +08:00
|
|
|
if service_configured:
|
|
|
|
|
print()
|
|
|
|
|
print("✗ Gateway service restart failed.")
|
|
|
|
|
print(" The service definition exists, but the service manager did not recover it.")
|
|
|
|
|
print(" Fix the service, then retry: hermes gateway start")
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
2026-02-03 10:46:23 -08:00
|
|
|
# Manual restart: kill existing processes
|
|
|
|
|
killed = kill_gateway_processes()
|
|
|
|
|
if killed:
|
|
|
|
|
print(f"✓ Stopped {killed} gateway process(es)")
|
|
|
|
|
|
|
|
|
|
import time
|
|
|
|
|
time.sleep(2)
|
|
|
|
|
|
|
|
|
|
# Start fresh
|
|
|
|
|
print("Starting gateway...")
|
|
|
|
|
run_gateway(verbose=False)
|
2026-02-02 19:01:51 -08:00
|
|
|
|
|
|
|
|
elif subcmd == "status":
|
|
|
|
|
deep = getattr(args, 'deep', False)
|
2026-03-14 20:54:51 -07:00
|
|
|
system = getattr(args, 'system', False)
|
2026-02-03 10:46:23 -08:00
|
|
|
|
|
|
|
|
# Check for service first
|
2026-03-14 20:54:51 -07:00
|
|
|
if is_linux() and (get_systemd_unit_path(system=False).exists() or get_systemd_unit_path(system=True).exists()):
|
|
|
|
|
systemd_status(deep, system=system)
|
2026-02-03 10:46:23 -08:00
|
|
|
elif is_macos() and get_launchd_plist_path().exists():
|
2026-02-02 19:01:51 -08:00
|
|
|
launchd_status(deep)
|
|
|
|
|
else:
|
2026-02-03 10:46:23 -08:00
|
|
|
# Check for manually running processes
|
|
|
|
|
pids = find_gateway_pids()
|
|
|
|
|
if pids:
|
|
|
|
|
print(f"✓ Gateway is running (PID: {', '.join(map(str, pids))})")
|
|
|
|
|
print(" (Running manually, not as a system service)")
|
2026-03-14 12:11:23 -07:00
|
|
|
runtime_lines = _runtime_health_lines()
|
|
|
|
|
if runtime_lines:
|
|
|
|
|
print()
|
|
|
|
|
print("Recent gateway health:")
|
|
|
|
|
for line in runtime_lines:
|
|
|
|
|
print(f" {line}")
|
2026-02-03 10:46:23 -08:00
|
|
|
print()
|
|
|
|
|
print("To install as a service:")
|
|
|
|
|
print(" hermes gateway install")
|
2026-03-14 20:54:51 -07:00
|
|
|
print(" sudo hermes gateway install --system")
|
2026-02-03 10:46:23 -08:00
|
|
|
else:
|
|
|
|
|
print("✗ Gateway is not running")
|
2026-03-14 12:11:23 -07:00
|
|
|
runtime_lines = _runtime_health_lines()
|
|
|
|
|
if runtime_lines:
|
|
|
|
|
print()
|
|
|
|
|
print("Recent gateway health:")
|
|
|
|
|
for line in runtime_lines:
|
|
|
|
|
print(f" {line}")
|
2026-02-03 10:46:23 -08:00
|
|
|
print()
|
|
|
|
|
print("To start:")
|
|
|
|
|
print(" hermes gateway # Run in foreground")
|
2026-03-14 20:54:51 -07:00
|
|
|
print(" hermes gateway install # Install as user service")
|
|
|
|
|
print(" sudo hermes gateway install --system # Install as boot-time system service")
|