gib/spoon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workspace Terminal tab: xterm front end + short-lived token route

Browse Source 
- New Terminal tab in the workspace shell, backed by xterm.js, that connects
  to the worker's PTY WebSocket using a short-lived token minted by
  /api/agent-jobs/:id/terminal-token (owner-auth'd, never exposes the worker
  secret to the browser)
- Site-matched xterm theme (light/dark, live theme switching), Victor Mono,
  binary stdin + JSON resize protocol, reconnect, graceful 'not configured'
  state when NEXT_PUBLIC_SPOON_AGENT_WORKER_WS_URL is unset
- env: NEXT_PUBLIC_SPOON_AGENT_WORKER_WS_URL (client), SPOON_AGENT_TERMINAL_SECRET
This commit is contained in:
Gabriel Brown
2026-06-24 08:23:58 -04:00
parent c1263b2e69
commit 15407e7e9c
7 changed files with 335 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/next/src/env.ts
+10
View File
@@ -22,6 +22,9 @@ export const env = createEnv({
SPOON_AGENT_WORKER_URL: z.url().default('http://localhost:3921'),
SPOON_AGENT_WORKER_INTERNAL_TOKEN: z.string().optional(),
SPOON_WORKER_TOKEN: z.string().optional(),
// Secret shared with the worker for signing short-lived terminal tokens.
// Falls back (in code) to the worker internal token.
SPOON_AGENT_TERMINAL_SECRET: z.string().optional(),
},
/**
@@ -36,6 +39,10 @@ export const env = createEnv({
NEXT_PUBLIC_SENTRY_URL: z.string(),
NEXT_PUBLIC_SENTRY_ORG: z.string(),
NEXT_PUBLIC_SENTRY_PROJECT_NAME: z.string(),
// Browser-facing WebSocket base URL of the agent worker, e.g.
// `wss://worker.spoon.gbrown.org` (prod) or `ws://localhost:3921` (dev).
// When unset, the workspace Terminal tab is disabled.
NEXT_PUBLIC_SPOON_AGENT_WORKER_WS_URL: z.string().optional(),
},
/**
* Destructure all variables from `process.env` to make sure they aren't tree-shaken away.
@@ -59,6 +66,9 @@ export const env = createEnv({
SPOON_AGENT_WORKER_INTERNAL_TOKEN:
process.env.SPOON_AGENT_WORKER_INTERNAL_TOKEN,
SPOON_WORKER_TOKEN: process.env.SPOON_WORKER_TOKEN,
SPOON_AGENT_TERMINAL_SECRET: process.env.SPOON_AGENT_TERMINAL_SECRET,
NEXT_PUBLIC_SPOON_AGENT_WORKER_WS_URL:
process.env.NEXT_PUBLIC_SPOON_AGENT_WORKER_WS_URL,
NEXT_PUBLIC_SITE_URL: process.env.NEXT_PUBLIC_SITE_URL,
NEXT_PUBLIC_CONVEX_URL: process.env.NEXT_PUBLIC_CONVEX_URL,
NEXT_PUBLIC_PLAUSIBLE_URL: process.env.NEXT_PUBLIC_PLAUSIBLE_URL,