HuggingMes

Running

somratpro Claude Sonnet 4.6 commited on 3 days ago

Commit

aa128fa

1 Parent(s): 8e5610b

fix(health-server): resolve iframe redirect causing 'refused to connect' (#11)

- health-server.js: guard private-space redirect behind iframe detection
(window.top !== window.self) — fixes X-Frame-Options DENY on huggingface.co
blocking iframe navigation
- health-server.js: add privacyDetectionReady Promise to eliminate race
condition where fail-secure default triggered false redirects on public spaces
- health-server.js: add /api/is-private endpoint + client-side syncPrivacy()
- health-server.js: add SPACE_PRIVACY env var override to skip HF API detection
- health-server.js: add isFromHFApp referer guard to skip redirect inside HF UI
- cloudflare-proxy-setup.py: remove AI provider domains from DEFAULT_ALLOWED
to prevent routing API keys through worker without explicit opt-in
- env-builder.js: add tag badge system (critical/credential/feature/optional/
advanced/build) with per-field tags; add SPACE_PRIVACY field
- env-builder.js: split bundle generation — explicit generateBundle() button
vs auto refresh() for summary/counts only
- env-builder.html: add tag legend, ⚡ Required button, # Generate Bundle
button, toolbar hint; fix body overflow for proper scroll
- Dockerfile: add dbus/dbus-x11 for Chromium stability; fix libasound2
fallback for Debian bookworm rename

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Files changed (5) hide show

Dockerfile +2 -0
cloudflare-proxy-setup.py +13 -1
env-builder.html +88 -12
env-builder.js +65 -43
health-server.js +163 -47

Dockerfile CHANGED Viewed

@@ -14,6 +14,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     python3-venv \
     python3-pip \
     chromium \
     libnss3 \
     libatk1.0-0 \
     libatk-bridge2.0-0 \

     python3-venv \
     python3-pip \
     chromium \
+    dbus \
+    dbus-x11 \
     libnss3 \
     libatk1.0-0 \
     libatk-bridge2.0-0 \

cloudflare-proxy-setup.py CHANGED Viewed

@@ -16,6 +16,8 @@ API_BASE = "https://api.cloudflare.com/client/v4"
 ENV_FILE = Path("/tmp/huggingmes-cloudflare-proxy.env")
 ENV_FILE = Path("/tmp/huggingmes-cloudflare-proxy.env")
 DEFAULT_ALLOWED = [
     "api.telegram.org",
     "discord.com",
     "discordapp.com",
@@ -24,13 +26,23 @@ DEFAULT_ALLOWED = [
     "slack.com",
     "api.slack.com",
     "web.whatsapp.com",
     "graph.facebook.com",
     "graph.instagram.com",
-    "api.openai.com",
     "googleapis.com",
     "google.com",
     "googleusercontent.com",
     "gstatic.com",
 ]

 ENV_FILE = Path("/tmp/huggingmes-cloudflare-proxy.env")
 ENV_FILE = Path("/tmp/huggingmes-cloudflare-proxy.env")
 DEFAULT_ALLOWED = [
+    # Messaging & social — primary use-case for Cloudflare proxy on HF Spaces
+    # (geo-restrictions on Telegram, Discord, WhatsApp, etc.)
     "api.telegram.org",
     "discord.com",
     "discordapp.com",
     "slack.com",
     "api.slack.com",
     "web.whatsapp.com",
+    # Social — confirmed/likely blocked by HF firewall
     "graph.facebook.com",
     "graph.instagram.com",
+    "api.twitter.com",
+    "api.x.com",
+    # Google
     "googleapis.com",
     "google.com",
     "googleusercontent.com",
     "gstatic.com",
+    # Email HTTP APIs (SMTP ports are blocked)
+    "api.resend.com",
+    "api.sendgrid.com",
+    # NOTE: AI-provider domains (api.openai.com, api.anthropic.com, etc.) are
+    # intentionally NOT included here. Proxying AI calls routes API keys through
+    # the Cloudflare Worker without explicit opt-in. Users who need AI API calls
+    # proxied can add specific domains via CLOUDFLARE_PROXY_DOMAINS env var.
 ]

env-builder.html CHANGED Viewed

@@ -36,16 +36,16 @@
   --panel-w:   340px;
 }
-html { scroll-behavior: smooth; }
 body {
   font-family: var(--sans);
   background: var(--bg);
   color: var(--text);
-  min-height: 100vh;
   display: flex;
   flex-direction: column;
-  overflow-x: hidden;
 }
 .topbar {
@@ -396,17 +396,64 @@ body {
   border-radius: 20px;
 }
-.badge-s {
-  background: rgba(240,95,95,.12);
-  color: var(--red);
-  border: 1px solid rgba(240,95,95,.25);
 }
-.badge-f {
-  background: rgba(61,214,140,.1);
-  color: var(--green);
-  border: 1px solid rgba(61,214,140,.2);
 }
 .card-input { position: relative; }
@@ -696,6 +743,7 @@ body {
   <main class="main">
     <div class="toolbar">
       <div class="search-wrap">
         <span class="search-icon">⌕</span>
         <input id="search" type="text" placeholder="Search variables…" autocomplete="off" spellcheck="false">
@@ -703,6 +751,7 @@ body {
       <div class="tb-sep"></div>
       <button id="selectCommon" class="btn">★ Common</button>
       <button id="selectVisible" class="btn">☑ Visible</button>
       <button id="clearAll" class="btn btn-ghost">✕ Clear</button>
@@ -711,6 +760,30 @@ body {
     <div class="content-wrap">
       <div class="sections-scroll">
         <div id="sections"></div>
         <div id="customSec" class="sec" data-section="Custom Env">
@@ -741,8 +814,11 @@ body {
               <span class="pblock-title">📦 Bundle Output</span>
             </div>
             <div class="pblock-body">
-              <textarea id="bundleOut" placeholder="Your encoded bundle will appear here…" readonly spellcheck="false"></textarea>
               <input type="text" id="envLineOut" placeholder="HUGGINGMES_ENV_BUNDLE=…" readonly spellcheck="false">
               <div class="row-btns">
                 <button id="copyBundle" class="btn btn-amber">⎘ Bundle</button>
                 <button id="copyEnvLine" class="btn">⎘ Env Line</button>

   --panel-w:   340px;
 }
+html { scroll-behavior: smooth; height: 100%; }
 body {
   font-family: var(--sans);
   background: var(--bg);
   color: var(--text);
+  height: 100vh;
+  overflow: hidden;
   display: flex;
   flex-direction: column;
 }
 .topbar {
   border-radius: 20px;
 }
+/* Tag badge styles */
+.badge-critical  { background: rgba(240,80,80,.14);  color: #f05f5f; border: 1px solid rgba(240,80,80,.3); }
+.badge-credential{ background: rgba(220,140,60,.13); color: #e09040; border: 1px solid rgba(220,140,60,.28); }
+.badge-feature   { background: rgba(70,140,250,.12); color: #5a9eff; border: 1px solid rgba(70,140,250,.25); }
+.badge-optional  { background: rgba(61,214,140,.10); color: #3dd68c; border: 1px solid rgba(61,214,140,.22); }
+.badge-advanced  { background: rgba(160,100,230,.12);color: #b07ae0; border: 1px solid rgba(160,100,230,.25); }
+.badge-build     { background: rgba(240,185,60,.12); color: #e0b030; border: 1px solid rgba(240,185,60,.28); }
+/* Card left-border accents */
+.env-card:has(.badge-critical)  { border-left: 3px solid rgba(240,80,80,.4); }
+.env-card:has(.badge-critical):hover { border-left-color: rgba(240,80,80,.7); }
+.env-card:has(.badge-critical).selected { border-left-color: #f05f5f; }
+.env-card:has(.badge-credential){ border-left: 3px solid rgba(220,140,60,.3); }
+/* Section count badge */
+.sec-count {
+  font-family: var(--mono);
+  font-size: 10px;
+  color: var(--text3);
+  background: var(--bg3);
+  border: 1px solid var(--border);
+  border-radius: 10px;
+  padding: 1px 7px;
 }
+/* Tag legend */
+.tag-legend {
+  margin-bottom: 14px;
+  background: var(--bg2);
+  border: 1px solid var(--border);
+  border-radius: var(--r);
+  overflow: hidden;
+}
+.legend-summary {
+  display: flex;
+  align-items: center;
+  gap: 10px;
+  padding: 7px 12px;
+  cursor: pointer;
+  list-style: none;
+  user-select: none;
+  outline: none;
 }
+.legend-summary::-webkit-details-marker { display: none; }
+.legend-chips { display: flex; gap: 5px; flex-wrap: wrap; flex: 1; }
+.legend-hint { font-size: 10px; color: var(--text3); white-space: nowrap; flex-shrink: 0; }
+.tag-legend[open] .legend-hint { opacity: 0; }
+.legend-body {
+  padding: 8px 12px 10px;
+  border-top: 1px solid var(--border);
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
+}
+.legend-row { display: flex; align-items: center; gap: 10px; font-size: 11px; color: var(--text2); }
+.legend-row .badge { flex-shrink: 0; width: 74px; text-align: center; }
+.legend-tip { font-size: 9.5px; color: var(--text3); margin-top: 4px; padding-top: 6px; border-top: 1px solid var(--border); }
+.toolbar-hint { color: var(--text3); font-size: 12px; margin-right: 6px; white-space: nowrap; }
 .card-input { position: relative; }
   <main class="main">
     <div class="toolbar">
+      <span class="toolbar-hint">Tip: Start with <strong>⚡ Required</strong>, then fill keys and click <strong># Generate Bundle</strong>.</span>
       <div class="search-wrap">
         <span class="search-icon">⌕</span>
         <input id="search" type="text" placeholder="Search variables…" autocomplete="off" spellcheck="false">
       <div class="tb-sep"></div>
+      <button id="selectRequired" class="btn">⚡ Required</button>
       <button id="selectCommon" class="btn">★ Common</button>
       <button id="selectVisible" class="btn">☑ Visible</button>
       <button id="clearAll" class="btn btn-ghost">✕ Clear</button>
     <div class="content-wrap">
       <div class="sections-scroll">
+        <details class="tag-legend">
+          <summary class="legend-summary">
+            <div class="legend-chips">
+              <span class="badge badge-critical">critical</span>
+              <span class="badge badge-credential">credential</span>
+              <span class="badge badge-feature">feature</span>
+              <span class="badge badge-optional">optional</span>
+              <span class="badge badge-advanced">advanced</span>
+              <span class="badge badge-build">build</span>
+            </div>
+            <span class="legend-hint">▸ Tag legend</span>
+          </summary>
+          <div class="legend-body">
+            <div class="legend-row"><span class="badge badge-critical">critical</span> Required for the space to function at all</div>
+            <div class="legend-row"><span class="badge badge-credential">credential</span> API keys, tokens, secrets — keep private</div>
+            <div class="legend-row"><span class="badge badge-feature">feature</span> Unlocks an optional feature or integration</div>
+            <div class="legend-row"><span class="badge badge-optional">optional</span> Useful but not required; has a default</div>
+            <div class="legend-row"><span class="badge badge-advanced">advanced</span> Fine-tuning for specific deployments</div>
+            <div class="legend-row"><span class="badge badge-build">build</span> Affects Docker build, not runtime</div>
+            <div class="legend-tip">Use <strong>⚡ Required</strong> to auto-select all critical fields, then fill in credential keys.</div>
+          </div>
+        </details>
         <div id="sections"></div>
         <div id="customSec" class="sec" data-section="Custom Env">
               <span class="pblock-title">📦 Bundle Output</span>
             </div>
             <div class="pblock-body">
+              <textarea id="bundleOut" placeholder="Select variables and click # Generate Bundle…" readonly spellcheck="false"></textarea>
               <input type="text" id="envLineOut" placeholder="HUGGINGMES_ENV_BUNDLE=…" readonly spellcheck="false">
+              <div class="row-btns">
+                <button id="generateBundle" class="btn btn-amber" style="width:100%;"># Generate Bundle</button>
+              </div>
               <div class="row-btns">
                 <button id="copyBundle" class="btn btn-amber">⎘ Bundle</button>
                 <button id="copyEnvLine" class="btn">⎘ Env Line</button>

env-builder.js CHANGED Viewed

@@ -103,26 +103,27 @@ const ICONS = {
 };
 // ── Field definitions ──
 const FIELDS = [
   // ── Core ──
   {
     "g": "Core", "icon": "⚡",
     "k": "GATEWAY_TOKEN",
     "lbl": "Gateway token — protects the Hermes web UI",
-    "type": "password", "secret": 1, "common": 1
   },
   {
     "g": "Core", "icon": "⚡",
     "k": "LLM_MODEL",
     "lbl": "Default model (provider/model-name format)",
     "type": "model", "options_key": "LLM_MODEL",
-    "ph": "gemini/gemini-2.5-flash", "common": 1
   },
   {
     "g": "Core", "icon": "⚡",
     "k": "LLM_API_KEY",
     "lbl": "API key for the chosen provider",
-    "type": "password", "secret": 1, "common": 1
   },
   // ── Backup ──
@@ -130,19 +131,19 @@ const FIELDS = [
     "g": "Backup", "icon": "💾",
     "k": "HF_TOKEN",
     "lbl": "HuggingFace token — enables state backup to a private dataset",
-    "type": "password", "secret": 1, "common": 1
   },
   {
     "g": "Backup", "icon": "💾",
     "k": "BACKUP_DATASET_NAME",
     "lbl": "Name of the HF dataset used for backups",
-    "type": "text", "ph": "huggingmes-backup", "common": 1
   },
   {
     "g": "Backup", "icon": "💾",
     "k": "SYNC_INTERVAL",
     "lbl": "Backup sync interval (seconds)",
-    "type": "number", "ph": "600"
   },
   // ── Telegram ──
@@ -150,13 +151,13 @@ const FIELDS = [
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_BOT_TOKEN",
     "lbl": "Telegram bot token from @BotFather",
-    "type": "password", "secret": 1, "common": 1
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_ALLOWED_USERS",
     "lbl": "Allowed Telegram user IDs (comma-separated)",
-    "type": "text", "ph": "123456789,987654321", "common": 1
   },
   {
     "g": "Telegram", "icon": "📱",
@@ -164,19 +165,19 @@ const FIELDS = [
     "lbl": "Telegram update mode",
     "type": "select",
     "options": ["webhook", "polling"],
-    "ph": "webhook"
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_WEBHOOK_URL",
     "lbl": "Override webhook URL (auto-detected from SPACE_HOST if blank)",
-    "type": "text", "ph": "https://your-space.hf.space/telegram"
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_BASE_URL",
     "lbl": "Custom Telegram API base URL (for proxies)",
-    "type": "text", "ph": "https://proxy.example.com/bot"
   },
   // ── Terminal ──
@@ -184,19 +185,19 @@ const FIELDS = [
     "g": "Terminal", "icon": "💻",
     "k": "DEV_MODE",
     "lbl": "Enable JupyterLab terminal (on by default)",
-    "type": "toggle", "ph": "true", "common": 1
   },
   {
     "g": "Terminal", "icon": "💻",
     "k": "JUPYTER_TOKEN",
     "lbl": "Override terminal password (defaults to GATEWAY_TOKEN)",
-    "type": "password", "secret": 1
   },
   {
     "g": "Terminal", "icon": "💻",
     "k": "JUPYTER_ROOT_DIR",
     "lbl": "JupyterLab root directory",
-    "type": "text", "ph": "/opt/data/workspace"
   },
   // ── Providers ──
@@ -204,43 +205,43 @@ const FIELDS = [
     "g": "Providers", "icon": "🔑",
     "k": "ANTHROPIC_API_KEY",
     "lbl": "Anthropic API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "OPENAI_API_KEY",
     "lbl": "OpenAI API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "GOOGLE_API_KEY",
     "lbl": "Google / Gemini API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "GEMINI_API_KEY",
     "lbl": "Gemini API key (alias for GOOGLE_API_KEY)",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "OPENROUTER_API_KEY",
     "lbl": "OpenRouter API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "DEEPSEEK_API_KEY",
     "lbl": "DeepSeek API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "XAI_API_KEY",
     "lbl": "xAI (Grok) API key",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
@@ -248,37 +249,37 @@ const FIELDS = [
     "lbl": "Force Hermes inference provider (overrides auto-detect)",
     "type": "select",
     "options": ["auto", "anthropic", "openai", "gemini", "openrouter", "huggingface", "custom", "deepseek", "xai"],
-    "ph": "auto"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_BASE_URL",
     "lbl": "Custom OpenAI-compatible base URL",
-    "type": "text", "ph": "https://your-api.example.com/v1"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_API_KEY",
     "lbl": "API key for the custom provider",
-    "type": "password", "secret": 1
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_PROVIDER",
     "lbl": "Provider name for custom endpoints",
-    "type": "text", "ph": "custom"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_MODEL_CONTEXT_LENGTH",
     "lbl": "Context length for custom model",
-    "type": "number", "ph": "131072"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_MODEL_MAX_TOKENS",
     "lbl": "Max output tokens for custom model",
-    "type": "number", "ph": "8192"
   },
   // ── Cloudflare ──
@@ -286,19 +287,19 @@ const FIELDS = [
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_WORKERS_TOKEN",
     "lbl": "Cloudflare Workers API token (for Telegram proxy setup)",
-    "type": "password", "secret": 1
   },
   {
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_PROXY_URL",
     "lbl": "Cloudflare proxy URL for Telegram (if already deployed)",
-    "type": "text", "ph": "https://your-worker.your-subdomain.workers.dev"
   },
   {
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_PROXY_DEBUG",
     "lbl": "Enable Cloudflare proxy debug logging",
-    "type": "toggle", "ph": "false"
   },
   // ── Advanced ──
@@ -306,25 +307,31 @@ const FIELDS = [
     "g": "Advanced", "icon": "⚙️",
     "k": "WEBHOOK_URL",
     "lbl": "URL to POST a JSON notification on gateway (re)start",
-    "type": "text", "ph": "https://..."
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "GATEWAY_READY_TIMEOUT",
     "lbl": "Seconds to wait for gateway API port before failing",
-    "type": "number", "ph": "120"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "API_SERVER_PORT",
     "lbl": "Hermes gateway internal API port",
-    "type": "number", "ph": "8642"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "DASHBOARD_PORT",
     "lbl": "Hermes dashboard internal port",
-    "type": "number", "ph": "9119"
   },
   {
     "g": "Advanced", "icon": "⚙️",
@@ -332,13 +339,13 @@ const FIELDS = [
     "lbl": "Background process notification level",
     "type": "select",
     "options": ["result", "progress", "none"],
-    "ph": "result"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "TELEGRAM_WEBHOOK_SECRET",
     "lbl": "Secret token for Telegram webhook validation (auto-generated if blank)",
-    "type": "password", "secret": 1
   }
 ];
@@ -478,18 +485,21 @@ function valueControlHTML(field) {
   </div>`;
 }
 function cardHTML(f) {
-  const badge = f.secret
-    ? '<span class="badge badge-s">secret</span>'
-    : '<span class="badge badge-f">safe</span>';
-  return `<div class="env-card" data-row data-group="${esc(f.g)}" data-search="${esc((f.g + ' ' + f.k + ' ' + (f.lbl || '')).toLowerCase())}">
     <div class="card-top">
-      <input type="checkbox" class="card-check" data-check="${esc(f.k)}" ${f.common ? 'data-common="1"' : ''}>
       <div class="card-info">
         <div class="card-key">${esc(f.k)}</div>
         <div class="card-lbl">${esc(f.lbl || '')}</div>
       </div>
-      ${badge}
     </div>
     <div class="card-input">${valueControlHTML(f)}</div>
   </div>`;
@@ -550,12 +560,18 @@ function collect() {
   return obj;
 }
-function refresh() {
   const obj = collect();
   const keys = Object.keys(obj).sort();
   const bundle = keys.length ? encodeBundle(Object.fromEntries(keys.map(k => [k, obj[k]]))) : '';
   $('bundleOut').value = bundle;
   $('envLineOut').value = bundle ? `${BUNDLE_KEY}=${bundle}` : '';
   const s = $('summary');
   if (keys.length) {
     s.innerHTML = `<strong>${keys.length}</strong> variable${keys.length > 1 ? 's' : ''} selected<div class="sum-keys">${keys.map(k => `<span class="sum-key">${esc(k)}</span>`).join('')}</div>`;
@@ -755,6 +771,11 @@ refresh();
 // ── Events ──
 $('search').oninput = filter;
 $('selectCommon').onclick = () => {
   document.querySelectorAll('[data-common="1"]').forEach(c => c.checked = true);
   markSelected(); refresh();
@@ -764,6 +785,7 @@ $('selectVisible').onclick = () => {
   markSelected(); refresh();
 };
 $('clearAll').onclick = () => { clearForm(); markSelected(); filter(); refresh(); };
 $('applyImport').onclick = () => {
   try { applyObj(parseEnv($('importText').value), true); showToast('Imported ✓'); }
   catch (e) { showToast('Import failed'); alert(e.message); }

 };
 // ── Field definitions ──
+// tag: "critical" | "credential" | "feature" | "optional" | "advanced" | "build"
 const FIELDS = [
   // ── Core ──
   {
     "g": "Core", "icon": "⚡",
     "k": "GATEWAY_TOKEN",
     "lbl": "Gateway token — protects the Hermes web UI",
+    "type": "password", "secret": 1, "common": 1, "tag": "critical"
   },
   {
     "g": "Core", "icon": "⚡",
     "k": "LLM_MODEL",
     "lbl": "Default model (provider/model-name format)",
     "type": "model", "options_key": "LLM_MODEL",
+    "ph": "gemini/gemini-2.5-flash", "common": 1, "tag": "critical"
   },
   {
     "g": "Core", "icon": "⚡",
     "k": "LLM_API_KEY",
     "lbl": "API key for the chosen provider",
+    "type": "password", "secret": 1, "common": 1, "tag": "credential"
   },
   // ── Backup ──
     "g": "Backup", "icon": "💾",
     "k": "HF_TOKEN",
     "lbl": "HuggingFace token — enables state backup to a private dataset",
+    "type": "password", "secret": 1, "common": 1, "tag": "credential"
   },
   {
     "g": "Backup", "icon": "💾",
     "k": "BACKUP_DATASET_NAME",
     "lbl": "Name of the HF dataset used for backups",
+    "type": "text", "ph": "huggingmes-backup", "common": 1, "tag": "optional"
   },
   {
     "g": "Backup", "icon": "💾",
     "k": "SYNC_INTERVAL",
     "lbl": "Backup sync interval (seconds)",
+    "type": "number", "ph": "600", "tag": "optional"
   },
   // ── Telegram ──
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_BOT_TOKEN",
     "lbl": "Telegram bot token from @BotFather",
+    "type": "password", "secret": 1, "common": 1, "tag": "credential"
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_ALLOWED_USERS",
     "lbl": "Allowed Telegram user IDs (comma-separated)",
+    "type": "text", "ph": "123456789,987654321", "common": 1, "tag": "feature"
   },
   {
     "g": "Telegram", "icon": "📱",
     "lbl": "Telegram update mode",
     "type": "select",
     "options": ["webhook", "polling"],
+    "ph": "webhook", "tag": "optional"
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_WEBHOOK_URL",
     "lbl": "Override webhook URL (auto-detected from SPACE_HOST if blank)",
+    "type": "text", "ph": "https://your-space.hf.space/telegram", "tag": "optional"
   },
   {
     "g": "Telegram", "icon": "📱",
     "k": "TELEGRAM_BASE_URL",
     "lbl": "Custom Telegram API base URL (for proxies)",
+    "type": "text", "ph": "https://proxy.example.com/bot", "tag": "optional"
   },
   // ── Terminal ──
     "g": "Terminal", "icon": "💻",
     "k": "DEV_MODE",
     "lbl": "Enable JupyterLab terminal (on by default)",
+    "type": "toggle", "ph": "true", "common": 1, "tag": "feature"
   },
   {
     "g": "Terminal", "icon": "💻",
     "k": "JUPYTER_TOKEN",
     "lbl": "Override terminal password (defaults to GATEWAY_TOKEN)",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Terminal", "icon": "💻",
     "k": "JUPYTER_ROOT_DIR",
     "lbl": "JupyterLab root directory",
+    "type": "text", "ph": "/opt/data/workspace", "tag": "optional"
   },
   // ── Providers ──
     "g": "Providers", "icon": "🔑",
     "k": "ANTHROPIC_API_KEY",
     "lbl": "Anthropic API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "OPENAI_API_KEY",
     "lbl": "OpenAI API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "GOOGLE_API_KEY",
     "lbl": "Google / Gemini API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "GEMINI_API_KEY",
     "lbl": "Gemini API key (alias for GOOGLE_API_KEY)",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "OPENROUTER_API_KEY",
     "lbl": "OpenRouter API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "DEEPSEEK_API_KEY",
     "lbl": "DeepSeek API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "XAI_API_KEY",
     "lbl": "xAI (Grok) API key",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "lbl": "Force Hermes inference provider (overrides auto-detect)",
     "type": "select",
     "options": ["auto", "anthropic", "openai", "gemini", "openrouter", "huggingface", "custom", "deepseek", "xai"],
+    "ph": "auto", "tag": "advanced"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_BASE_URL",
     "lbl": "Custom OpenAI-compatible base URL",
+    "type": "text", "ph": "https://your-api.example.com/v1", "tag": "feature"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_API_KEY",
     "lbl": "API key for the custom provider",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_PROVIDER",
     "lbl": "Provider name for custom endpoints",
+    "type": "text", "ph": "custom", "tag": "advanced"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_MODEL_CONTEXT_LENGTH",
     "lbl": "Context length for custom model",
+    "type": "number", "ph": "131072", "tag": "advanced"
   },
   {
     "g": "Providers", "icon": "🔑",
     "k": "CUSTOM_MODEL_MAX_TOKENS",
     "lbl": "Max output tokens for custom model",
+    "type": "number", "ph": "8192", "tag": "advanced"
   },
   // ── Cloudflare ──
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_WORKERS_TOKEN",
     "lbl": "Cloudflare Workers API token (for Telegram proxy setup)",
+    "type": "password", "secret": 1, "tag": "credential"
   },
   {
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_PROXY_URL",
     "lbl": "Cloudflare proxy URL for Telegram (if already deployed)",
+    "type": "text", "ph": "https://your-worker.your-subdomain.workers.dev", "tag": "feature"
   },
   {
     "g": "Cloudflare", "icon": "☁️",
     "k": "CLOUDFLARE_PROXY_DEBUG",
     "lbl": "Enable Cloudflare proxy debug logging",
+    "type": "toggle", "ph": "false", "tag": "advanced"
   },
   // ── Advanced ──
     "g": "Advanced", "icon": "⚙️",
     "k": "WEBHOOK_URL",
     "lbl": "URL to POST a JSON notification on gateway (re)start",
+    "type": "text", "ph": "https://...", "tag": "optional"
+  },
+  {
+    "g": "Advanced", "icon": "⚙️",
+    "k": "SPACE_PRIVACY",
+    "lbl": "Override Space privacy detection (public/private) — skips HF API call",
+    "type": "select", "options": ["public", "private"], "ph": "public", "tag": "advanced"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "GATEWAY_READY_TIMEOUT",
     "lbl": "Seconds to wait for gateway API port before failing",
+    "type": "number", "ph": "120", "tag": "advanced"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "API_SERVER_PORT",
     "lbl": "Hermes gateway internal API port",
+    "type": "number", "ph": "8642", "tag": "advanced"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "DASHBOARD_PORT",
     "lbl": "Hermes dashboard internal port",
+    "type": "number", "ph": "9119", "tag": "advanced"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "lbl": "Background process notification level",
     "type": "select",
     "options": ["result", "progress", "none"],
+    "ph": "result", "tag": "optional"
   },
   {
     "g": "Advanced", "icon": "⚙️",
     "k": "TELEGRAM_WEBHOOK_SECRET",
     "lbl": "Secret token for Telegram webhook validation (auto-generated if blank)",
+    "type": "password", "secret": 1, "tag": "credential"
   }
 ];
   </div>`;
 }
+function tagBadgeHTML(f) {
+  const t = f.tag || (f.secret ? 'credential' : 'optional');
+  return `<span class="badge badge-${t}">${t}</span>`;
+}
 function cardHTML(f) {
+  const tagStr = (f.tag || '') + ' ' + (f.secret ? 'credential' : '') + ' ' + (f.g + ' ' + f.k + ' ' + (f.lbl || '')).toLowerCase();
+  return `<div class="env-card" data-row data-group="${esc(f.g)}" data-tag="${esc(f.tag || '')}" data-search="${esc(tagStr.toLowerCase())}">
     <div class="card-top">
+      <input type="checkbox" class="card-check" data-check="${esc(f.k)}" ${f.common ? 'data-common="1"' : ''} ${f.tag === 'critical' ? 'data-critical="1"' : ''}>
       <div class="card-info">
         <div class="card-key">${esc(f.k)}</div>
         <div class="card-lbl">${esc(f.lbl || '')}</div>
       </div>
+      ${tagBadgeHTML(f)}
     </div>
     <div class="card-input">${valueControlHTML(f)}</div>
   </div>`;
   return obj;
 }
+function generateBundle() {
   const obj = collect();
   const keys = Object.keys(obj).sort();
   const bundle = keys.length ? encodeBundle(Object.fromEntries(keys.map(k => [k, obj[k]]))) : '';
   $('bundleOut').value = bundle;
   $('envLineOut').value = bundle ? `${BUNDLE_KEY}=${bundle}` : '';
+}
+function refresh() {
+  // Refresh summary + counts — does NOT auto-regenerate bundle (requires explicit button click)
+  const obj = collect();
+  const keys = Object.keys(obj).sort();
   const s = $('summary');
   if (keys.length) {
     s.innerHTML = `<strong>${keys.length}</strong> variable${keys.length > 1 ? 's' : ''} selected<div class="sum-keys">${keys.map(k => `<span class="sum-key">${esc(k)}</span>`).join('')}</div>`;
 // ── Events ──
 $('search').oninput = filter;
+$('selectRequired').onclick = () => {
+  document.querySelectorAll('[data-critical="1"]').forEach(c => c.checked = true);
+  markSelected(); refresh();
+  showToast('Critical fields selected ✓');
+};
 $('selectCommon').onclick = () => {
   document.querySelectorAll('[data-common="1"]').forEach(c => c.checked = true);
   markSelected(); refresh();
   markSelected(); refresh();
 };
 $('clearAll').onclick = () => { clearForm(); markSelected(); filter(); refresh(); };
+$('generateBundle').onclick = () => { generateBundle(); showToast('Bundle generated ✓'); };
 $('applyImport').onclick = () => {
   try { applyObj(parseEnv($('importText').value), true); showToast('Imported ✓'); }
   catch (e) { showToast('Import failed'); alert(e.message); }

health-server.js CHANGED Viewed

@@ -33,44 +33,94 @@ function deriveHfSpaceUrl() {
 }
 const HF_SPACE_URL = deriveHfSpaceUrl();
-let SPACE_IS_PRIVATE = false;
 async function detectSpacePrivacy() {
-  if (!SPACE_ID) return;
-  try {
-    const token = (process.env.HF_TOKEN || "").trim();
-    const reqOptions = {
-      hostname: "huggingface.co",
-      path: `/api/spaces/${SPACE_ID}`,
-      method: "GET",
-      headers: Object.assign(
-        { "User-Agent": "HuggingMes/health-server" },
-        token ? { Authorization: `Bearer ${token}` } : {}
-      ),
-    };
-    await new Promise((resolve) => {
-      const r = https.request(reqOptions, (res) => {
-        let body = "";
-        res.on("data", (chunk) => { body += chunk; });
-        res.on("end", () => {
-          try {
-            if (res.statusCode === 200) {
-              const data = JSON.parse(body);
-              SPACE_IS_PRIVATE = data.private === true;
-            } else if (res.statusCode === 404 && !token) {
-              SPACE_IS_PRIVATE = true;
-            }
-          } catch {}
-          resolve();
         });
       });
-      r.on("error", resolve);
-      r.setTimeout(5000, () => { r.destroy(); resolve(); });
-      r.end();
-    });
-    console.log(`[health-server] Space privacy: ${SPACE_IS_PRIVATE ? "private" : "public"}`);
-  } catch {}
 }
-detectSpacePrivacy();
 const SYNC_STATUS_FILE = "/tmp/huggingmes-sync-status.json";
 const CLOUDFLARE_KEEPALIVE_STATUS_FILE =
@@ -427,7 +477,14 @@ function renderPrivateRedirect(targetUrl) {
     <a class="btn" href="${safeUrl}">Open on Hugging Face →</a>
     <div class="sub">Redirecting in 3 seconds&hellip;</div>
   </div>
-  <script>setTimeout(() => { window.location.replace(${JSON.stringify(targetUrl)}); }, 100);</script>
 </body></html>`;
 }
@@ -632,7 +689,46 @@ function renderDashboard(data) {
     const inEmbeddedApp = (() => { try { return window.top !== window.self; } catch { return true; } })();
     const isDirectHfSpaceHost = /\.hf\.space$/i.test(window.location.hostname);
     const HF_SPACE_URL = ${JSON.stringify(HF_SPACE_URL)};
-    const SPACE_IS_PRIVATE = ${JSON.stringify(SPACE_IS_PRIVATE)};
     if (SPACE_IS_PRIVATE && isDirectHfSpaceHost && !inEmbeddedApp && HF_SPACE_URL) {
       const notice = document.createElement('div');
       notice.style.cssText = 'position:fixed;inset:0;display:flex;align-items:center;justify-content:center;background:#08080f;color:#f6f4ff;font-family:sans-serif;flex-direction:column;gap:16px;z-index:9999';
@@ -640,17 +736,6 @@ function renderDashboard(data) {
       document.body.appendChild(notice);
       setTimeout(() => { window.location.replace(HF_SPACE_URL); }, 300);
     }
-    // Force new-tab navigation when running inside the HF App iframe or on a raw .hf.space link
-    const openInNewTab = inEmbeddedApp || isDirectHfSpaceHost;
-    document.querySelectorAll('a[data-space-link]').forEach((a) => {
-      if (openInNewTab) {
-        a.setAttribute('target', '_blank');
-        a.setAttribute('rel', 'noopener noreferrer');
-      } else {
-        a.removeAttribute('target');
-        a.removeAttribute('rel');
-      }
-    });
   </script>
 </body>
 </html>`;
@@ -660,6 +745,15 @@ const server = http.createServer(async (req, res) => {
   const parsed = new URL(req.url, "http://localhost");
   const path = parsed.pathname;
   if (path === LOGIN_PATH) {
     await handleLogin(req, res, parsed);
     return;
@@ -669,9 +763,31 @@ const server = http.createServer(async (req, res) => {
   // Intercepts browser HTML requests from raw .hf.space hosts when the Space is private.
   // /health and /status are always exempt so uptime monitors keep working.
   const isHtmlReq = (req.headers.accept || "").includes("text/html");
   const isDirectHfSpaceReq = SPACE_IS_PRIVATE &&
     HF_SPACE_URL &&
     isHtmlReq &&
     typeof req.headers.host === "string" &&
     req.headers.host.endsWith(".hf.space");

 }
 const HF_SPACE_URL = deriveHfSpaceUrl();
+// Privacy detection priority:
+//   1. SPACE_PRIVACY env var ("public"/"private") — explicit override, skip API call
+//   2. HF API auto-detect with retry
+//   3. Fail-secure: treat as private if SPACE_ID set
+const _spacPrivacyEnv = (process.env.SPACE_PRIVACY || "").trim().toLowerCase();
+let SPACE_IS_PRIVATE;
+let _privacyDetectionDone = false;
+let _privacyDetectionResolve;
+const privacyDetectionReady = new Promise((res) => { _privacyDetectionResolve = res; });
+if (_spacPrivacyEnv === "public") {
+  SPACE_IS_PRIVATE = false;
+  _privacyDetectionDone = true;
+  console.log("[health-server] Space privacy: public (SPACE_PRIVACY env override)");
+  _privacyDetectionResolve();
+} else if (_spacPrivacyEnv === "private") {
+  SPACE_IS_PRIVATE = true;
+  _privacyDetectionDone = true;
+  console.log("[health-server] Space privacy: private (SPACE_PRIVACY env override)");
+  _privacyDetectionResolve();
+} else {
+  // Fail-secure default until API call resolves
+  SPACE_IS_PRIVATE = !!SPACE_ID;
+}
 async function detectSpacePrivacy() {
+  if (_spacPrivacyEnv === "public" || _spacPrivacyEnv === "private") return;
+  if (!SPACE_ID) {
+    SPACE_IS_PRIVATE = false;
+    _privacyDetectionDone = true;
+    _privacyDetectionResolve();
+    return;
+  }
+  const token = (process.env.HF_TOKEN || "").trim();
+  const reqOptions = {
+    hostname: "huggingface.co",
+    path: `/api/spaces/${SPACE_ID}`,
+    method: "GET",
+    headers: Object.assign(
+      { "User-Agent": "HuggingMes/health-server" },
+      token ? { Authorization: `Bearer ${token}` } : {}
+    ),
+  };
+  const MAX_ATTEMPTS = 5;
+  let detected = false;
+  for (let attempt = 1; attempt <= MAX_ATTEMPTS; attempt++) {
+    try {
+      const result = await new Promise((resolve) => {
+        const r = https.request(reqOptions, (apiRes) => {
+          let body = "";
+          apiRes.on("data", (chunk) => { body += chunk; });
+          apiRes.on("end", () => {
+            try {
+              if (apiRes.statusCode === 200) {
+                SPACE_IS_PRIVATE = JSON.parse(body).private === true;
+                resolve({ ok: true });
+              } else if (apiRes.statusCode === 401 || apiRes.statusCode === 403) {
+                SPACE_IS_PRIVATE = true;
+                resolve({ ok: true });
+              } else {
+                resolve({ ok: false });
+              }
+            } catch { resolve({ ok: false }); }
+          });
         });
+        r.on("error", () => resolve({ ok: false }));
+        r.setTimeout(8000, () => { r.destroy(); resolve({ ok: false }); });
+        r.end();
       });
+      console.log(`[health-server] Privacy detection attempt ${attempt}/${MAX_ATTEMPTS}: ok=${result.ok}`);
+      if (result.ok) { detected = true; break; }
+    } catch {}
+    const delay = Math.min(2000 * attempt, 10000);
+    if (attempt < MAX_ATTEMPTS) await new Promise((r) => setTimeout(r, delay));
+  }
+  if (!detected) {
+    console.warn(`[health-server] Privacy detection failed after ${MAX_ATTEMPTS} attempts — defaulting to ${SPACE_IS_PRIVATE ? "private" : "public"}. TIP: Set SPACE_PRIVACY=public in Space secrets to skip API detection.`);
+  } else {
+    console.log(`[health-server] Space privacy detected: ${SPACE_IS_PRIVATE ? "private" : "public"}`);
+  }
+  _privacyDetectionDone = true;
+  _privacyDetectionResolve();
+}
+if (_spacPrivacyEnv !== "public" && _spacPrivacyEnv !== "private") {
+  detectSpacePrivacy();
+  setInterval(detectSpacePrivacy, 5 * 60 * 1000);
 }
 const SYNC_STATUS_FILE = "/tmp/huggingmes-sync-status.json";
 const CLOUDFLARE_KEEPALIVE_STATUS_FILE =
     <a class="btn" href="${safeUrl}">Open on Hugging Face →</a>
     <div class="sub">Redirecting in 3 seconds&hellip;</div>
   </div>
+  <script>
+    // Only auto-redirect when NOT inside an iframe — navigating an iframe to
+    // huggingface.co is blocked by X-Frame-Options and causes "refused to connect".
+    const _inFrame = (() => { try { return window.top !== window.self; } catch { return true; } })();
+    if (!_inFrame) {
+      setTimeout(() => { window.location.replace(${JSON.stringify(targetUrl)}); }, 100);
+    }
+  </script>
 </body></html>`;
 }
     const inEmbeddedApp = (() => { try { return window.top !== window.self; } catch { return true; } })();
     const isDirectHfSpaceHost = /\.hf\.space$/i.test(window.location.hostname);
     const HF_SPACE_URL = ${JSON.stringify(HF_SPACE_URL)};
+    // Server-side value may be stale if privacy detection raced — syncPrivacy() corrects it.
+    let SPACE_IS_PRIVATE = ${JSON.stringify(SPACE_IS_PRIVATE)};
+    function applyLinkTargets() {
+      const openInNewTab = !SPACE_IS_PRIVATE && (inEmbeddedApp || isDirectHfSpaceHost);
+      document.querySelectorAll('a[data-space-link]').forEach((a) => {
+        if (openInNewTab) {
+          a.setAttribute('target', '_blank');
+          a.setAttribute('rel', 'noopener noreferrer');
+        } else {
+          a.removeAttribute('target');
+          a.removeAttribute('rel');
+        }
+      });
+    }
+    applyLinkTargets();
+    function syncPrivacy() {
+      return fetch('/api/is-private', { cache: 'no-store' })
+        .then(r => r.json())
+        .then(d => {
+          if (d.isPrivate !== SPACE_IS_PRIVATE) {
+            SPACE_IS_PRIVATE = d.isPrivate;
+            applyLinkTargets();
+          }
+          return d.isPrivate;
+        })
+        .catch(() => SPACE_IS_PRIVATE);
+    }
+    if (isDirectHfSpaceHost) {
+      syncPrivacy().then(isPrivate => {
+        if (isPrivate) {
+          setTimeout(syncPrivacy, 8000);
+          setTimeout(syncPrivacy, 16000);
+        }
+      });
+    }
+    // Private redirect — only when NOT in iframe (huggingface.co has X-Frame-Options: DENY)
     if (SPACE_IS_PRIVATE && isDirectHfSpaceHost && !inEmbeddedApp && HF_SPACE_URL) {
       const notice = document.createElement('div');
       notice.style.cssText = 'position:fixed;inset:0;display:flex;align-items:center;justify-content:center;background:#08080f;color:#f6f4ff;font-family:sans-serif;flex-direction:column;gap:16px;z-index:9999';
       document.body.appendChild(notice);
       setTimeout(() => { window.location.replace(HF_SPACE_URL); }, 300);
     }
   </script>
 </body>
 </html>`;
   const parsed = new URL(req.url, "http://localhost");
   const path = parsed.pathname;
+  // Lightweight endpoint for client-side privacy fallback.
+  // Called by dashboard JS to correct stale server-rendered SPACE_IS_PRIVATE value.
+  // No auth required — not sensitive.
+  if (path === "/api/is-private") {
+    if (!_privacyDetectionDone) await privacyDetectionReady;
+    res.writeHead(200, { "content-type": "application/json", "cache-control": "no-store" });
+    return res.end(JSON.stringify({ isPrivate: SPACE_IS_PRIVATE }));
+  }
   if (path === LOGIN_PATH) {
     await handleLogin(req, res, parsed);
     return;
   // Intercepts browser HTML requests from raw .hf.space hosts when the Space is private.
   // /health and /status are always exempt so uptime monitors keep working.
   const isHtmlReq = (req.headers.accept || "").includes("text/html");
+  // RACE CONDITION FIX: await privacy detection before computing redirect logic.
+  // Without this, the fail-secure default (SPACE_IS_PRIVATE=true when SPACE_ID is set)
+  // causes public spaces to redirect during the brief window before API detection completes.
+  if (isHtmlReq && !_privacyDetectionDone) {
+    await Promise.race([
+      privacyDetectionReady,
+      new Promise((r) => setTimeout(r, 1500)),
+    ]);
+  }
+  // In-app navigation from same origin or HF App iframe — skip private redirect.
+  const referer = req.headers.referer || req.headers.referrer || "";
+  const isSameOriginNav = !!(referer && typeof req.headers.host === "string" &&
+    referer.startsWith(`https://${req.headers.host}`));
+  const isFromHFApp = !!(referer && (
+    referer.startsWith("https://huggingface.co") ||
+    referer.startsWith("https://hf.co")
+  ));
   const isDirectHfSpaceReq = SPACE_IS_PRIVATE &&
     HF_SPACE_URL &&
     isHtmlReq &&
+    !isSameOriginNav &&
+    !isFromHFApp &&
     typeof req.headers.host === "string" &&
     req.headers.host.endsWith(".hf.space");