2026-05-16 13:11:59 +08:00
|
|
|
import { readFile } from 'fs/promises'
|
2026-05-19 16:09:59 +08:00
|
|
|
import { getActiveConfigPath, getActiveEnvPath, getActiveProfileName } from '../../services/hermes/hermes-profile'
|
|
|
|
|
import { AgentBridgeClient } from '../../services/hermes/agent-bridge'
|
|
|
|
|
import { restartGateway } from '../../services/hermes/hermes-cli'
|
2026-04-21 12:35:48 +08:00
|
|
|
import { saveEnvValue } from '../../services/config-helpers'
|
2026-05-11 20:08:13 +08:00
|
|
|
import { logger } from '../../services/logger'
|
2026-05-16 13:11:59 +08:00
|
|
|
import { safeFileStore } from '../../services/safe-file-store'
|
2026-04-21 12:35:48 +08:00
|
|
|
|
|
|
|
|
const PLATFORM_SECTIONS = new Set([
|
|
|
|
|
'telegram', 'discord', 'slack', 'whatsapp', 'matrix',
|
2026-05-16 13:54:38 +08:00
|
|
|
'weixin', 'wecom', 'feishu', 'dingtalk', 'qqbot',
|
2026-05-04 21:29:39 +08:00
|
|
|
'approvals',
|
2026-04-21 12:35:48 +08:00
|
|
|
])
|
|
|
|
|
|
|
|
|
|
const configPath = () => getActiveConfigPath()
|
|
|
|
|
const envPath = () => getActiveEnvPath()
|
|
|
|
|
|
|
|
|
|
const envPlatformMap: Record<string, [string, string]> = {
|
|
|
|
|
TELEGRAM_BOT_TOKEN: ['telegram', 'token'],
|
|
|
|
|
DISCORD_BOT_TOKEN: ['discord', 'token'],
|
|
|
|
|
SLACK_BOT_TOKEN: ['slack', 'token'],
|
|
|
|
|
MATRIX_ACCESS_TOKEN: ['matrix', 'token'],
|
|
|
|
|
MATRIX_HOMESERVER: ['matrix', 'extra.homeserver'],
|
|
|
|
|
FEISHU_APP_ID: ['feishu', 'extra.app_id'],
|
|
|
|
|
FEISHU_APP_SECRET: ['feishu', 'extra.app_secret'],
|
|
|
|
|
DINGTALK_CLIENT_ID: ['dingtalk', 'extra.client_id'],
|
|
|
|
|
DINGTALK_CLIENT_SECRET: ['dingtalk', 'extra.client_secret'],
|
|
|
|
|
DINGTALK_APP_KEY: ['dingtalk', 'extra.app_key'],
|
2026-05-16 13:54:38 +08:00
|
|
|
DINGTALK_ALLOWED_USERS: ['dingtalk', 'allowed_users'],
|
|
|
|
|
DINGTALK_ALLOW_ALL_USERS: ['dingtalk', 'allow_all_users'],
|
|
|
|
|
QQ_APP_ID: ['qqbot', 'extra.app_id'],
|
|
|
|
|
QQ_CLIENT_SECRET: ['qqbot', 'extra.client_secret'],
|
|
|
|
|
QQ_ALLOWED_USERS: ['qqbot', 'allowed_users'],
|
|
|
|
|
QQ_ALLOW_ALL_USERS: ['qqbot', 'allow_all_users'],
|
2026-04-21 12:35:48 +08:00
|
|
|
WECOM_BOT_ID: ['wecom', 'extra.bot_id'],
|
|
|
|
|
WECOM_SECRET: ['wecom', 'extra.secret'],
|
|
|
|
|
WEIXIN_TOKEN: ['weixin', 'token'],
|
|
|
|
|
WEIXIN_ACCOUNT_ID: ['weixin', 'extra.account_id'],
|
|
|
|
|
WEIXIN_BASE_URL: ['weixin', 'extra.base_url'],
|
|
|
|
|
WHATSAPP_ENABLED: ['whatsapp', 'enabled'],
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const platformEnvMap: Record<string, Record<string, string>> = {}
|
|
|
|
|
for (const [envVar, [platform, cfgPath]] of Object.entries(envPlatformMap)) {
|
|
|
|
|
if (!platformEnvMap[platform]) platformEnvMap[platform] = {}
|
|
|
|
|
platformEnvMap[platform][cfgPath] = envVar
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function parseEnv(raw: string): Record<string, string> {
|
|
|
|
|
const env: Record<string, string> = {}
|
|
|
|
|
for (const line of raw.split('\n')) {
|
|
|
|
|
const trimmed = line.trim()
|
|
|
|
|
if (!trimmed || trimmed.startsWith('#')) continue
|
|
|
|
|
const eqIdx = trimmed.indexOf('=')
|
|
|
|
|
if (eqIdx === -1) continue
|
|
|
|
|
const key = trimmed.slice(0, eqIdx).trim()
|
|
|
|
|
const val = trimmed.slice(eqIdx + 1).trim()
|
|
|
|
|
if (val) env[key] = val
|
|
|
|
|
}
|
|
|
|
|
return env
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function setNested(obj: Record<string, any>, path: string, value: any) {
|
|
|
|
|
const parts = path.split('.')
|
|
|
|
|
let cur = obj
|
|
|
|
|
for (let i = 0; i < parts.length - 1; i++) { if (!cur[parts[i]]) cur[parts[i]] = {}; cur = cur[parts[i]] }
|
|
|
|
|
cur[parts[parts.length - 1]] = value
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function deepMerge(target: Record<string, any>, source: Record<string, any>): Record<string, any> {
|
|
|
|
|
for (const key of Object.keys(source)) {
|
|
|
|
|
if (source[key] && typeof source[key] === 'object' && !Array.isArray(source[key]) &&
|
|
|
|
|
target[key] && typeof target[key] === 'object' && !Array.isArray(target[key])) {
|
|
|
|
|
target[key] = deepMerge(target[key], source[key])
|
|
|
|
|
} else {
|
|
|
|
|
target[key] = source[key]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return target
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-19 16:09:59 +08:00
|
|
|
async function destroyBridgeProfile(profile: string): Promise<void> {
|
|
|
|
|
try {
|
|
|
|
|
const result = await new AgentBridgeClient().destroyProfile(profile)
|
|
|
|
|
logger.info('[config] destroyed bridge sessions after gateway restart profile=%s destroyed=%s', profile, result.destroyed)
|
|
|
|
|
} catch (err) {
|
|
|
|
|
logger.warn(err, '[config] failed to destroy bridge sessions after gateway restart profile=%s', profile)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-21 12:35:48 +08:00
|
|
|
async function readEnvPlatforms(): Promise<Record<string, any>> {
|
|
|
|
|
try {
|
|
|
|
|
const raw = await readFile(envPath(), 'utf-8')
|
|
|
|
|
const env = parseEnv(raw)
|
|
|
|
|
const platforms: Record<string, any> = {}
|
|
|
|
|
for (const [envKey, [platform, cfgPath]] of Object.entries(envPlatformMap)) {
|
|
|
|
|
const val = env[envKey]
|
|
|
|
|
if (val === undefined || val === '') continue
|
|
|
|
|
if (!platforms[platform]) platforms[platform] = {}
|
|
|
|
|
let finalVal: any = val
|
2026-05-16 13:54:38 +08:00
|
|
|
if (cfgPath === 'enabled' || cfgPath === 'allow_all_users') finalVal = val === 'true'
|
2026-04-21 12:35:48 +08:00
|
|
|
setNested(platforms[platform], cfgPath, finalVal)
|
|
|
|
|
}
|
|
|
|
|
return platforms
|
|
|
|
|
} catch { return {} }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function readConfig(): Promise<Record<string, any>> {
|
2026-05-16 13:11:59 +08:00
|
|
|
return safeFileStore.readYaml(configPath())
|
2026-04-21 12:35:48 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function getConfig(ctx: any) {
|
|
|
|
|
try {
|
|
|
|
|
const config = await readConfig()
|
|
|
|
|
const envPlatforms = await readEnvPlatforms()
|
|
|
|
|
if (Object.keys(envPlatforms).length > 0) {
|
|
|
|
|
const existing = config.platforms || {}
|
|
|
|
|
for (const [platform, vals] of Object.entries(envPlatforms)) {
|
2026-05-16 13:54:38 +08:00
|
|
|
existing[platform] = deepMerge(existing[platform] || {}, vals as Record<string, any>)
|
2026-04-21 12:35:48 +08:00
|
|
|
}
|
|
|
|
|
config.platforms = existing
|
|
|
|
|
}
|
|
|
|
|
const { section, sections } = ctx.query
|
|
|
|
|
if (section) {
|
|
|
|
|
ctx.body = { [section as string]: config[section as string] || {} }
|
|
|
|
|
} else if (sections) {
|
|
|
|
|
const keys = (sections as string).split(',')
|
|
|
|
|
const result: Record<string, any> = {}
|
|
|
|
|
for (const key of keys) { result[key.trim()] = config[key.trim()] || {} }
|
|
|
|
|
ctx.body = result
|
|
|
|
|
} else {
|
|
|
|
|
ctx.body = config
|
|
|
|
|
}
|
|
|
|
|
} catch (err: any) {
|
|
|
|
|
ctx.status = 500; ctx.body = { error: err.message }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function updateConfig(ctx: any) {
|
2026-05-19 16:09:59 +08:00
|
|
|
const { section, values, restart } = ctx.request.body as { section: string; values: Record<string, any>; restart?: boolean }
|
2026-04-21 12:35:48 +08:00
|
|
|
if (!section || !values) {
|
|
|
|
|
ctx.status = 400; ctx.body = { error: 'Missing section or values' }; return
|
|
|
|
|
}
|
|
|
|
|
try {
|
2026-05-16 13:11:59 +08:00
|
|
|
await safeFileStore.updateYaml(configPath(), (config) => {
|
|
|
|
|
config[section] = deepMerge(config[section] || {}, values)
|
|
|
|
|
return config
|
|
|
|
|
}, {
|
|
|
|
|
backup: true,
|
|
|
|
|
dumpOptions: {
|
|
|
|
|
forceQuotes: true,
|
|
|
|
|
},
|
|
|
|
|
})
|
2026-05-11 20:08:13 +08:00
|
|
|
|
2026-05-19 16:09:59 +08:00
|
|
|
// Platform adapters still run through Hermes gateway; restart it so channel
|
|
|
|
|
// config changes (Feishu/Weixin/etc.) are applied, then refresh bridge sessions.
|
|
|
|
|
if (restart !== false && PLATFORM_SECTIONS.has(section)) {
|
|
|
|
|
const activeProfile = getActiveProfileName()
|
|
|
|
|
try {
|
|
|
|
|
const restartResult = await restartGateway()
|
|
|
|
|
logger.info('[config] gateway restarted after config update section=%s profile=%s result=%s', section, activeProfile, restartResult)
|
|
|
|
|
await destroyBridgeProfile(activeProfile)
|
|
|
|
|
} catch (err) {
|
|
|
|
|
logger.error(err, 'Gateway restart failed')
|
|
|
|
|
ctx.status = 500
|
|
|
|
|
ctx.body = { error: err instanceof Error ? err.message : 'Gateway restart failed' }
|
|
|
|
|
return
|
2026-05-11 20:08:13 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-21 12:35:48 +08:00
|
|
|
ctx.body = { success: true }
|
|
|
|
|
} catch (err: any) {
|
|
|
|
|
ctx.status = 500; ctx.body = { error: err.message }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function updateCredentials(ctx: any) {
|
|
|
|
|
const { platform, values } = ctx.request.body as { platform: string; values: Record<string, any> }
|
|
|
|
|
if (!platform || !values) {
|
|
|
|
|
ctx.status = 400; ctx.body = { error: 'Missing platform or values' }; return
|
|
|
|
|
}
|
|
|
|
|
try {
|
|
|
|
|
const envMap = platformEnvMap[platform]
|
|
|
|
|
if (!envMap) {
|
|
|
|
|
ctx.status = 400; ctx.body = { error: `Unknown platform: ${platform}` }; return
|
|
|
|
|
}
|
|
|
|
|
const flatValues: Record<string, any> = {}
|
|
|
|
|
for (const [key, val] of Object.entries(values)) {
|
|
|
|
|
if (key === 'extra' && val && typeof val === 'object') {
|
|
|
|
|
for (const [subKey, subVal] of Object.entries(val as Record<string, any>)) { flatValues[`extra.${subKey}`] = subVal }
|
|
|
|
|
} else { flatValues[key] = val }
|
|
|
|
|
}
|
2026-05-16 13:11:59 +08:00
|
|
|
await safeFileStore.updateYaml(configPath(), async (config) => {
|
|
|
|
|
for (const [cfgPath, val] of Object.entries(flatValues)) {
|
|
|
|
|
const envVar = envMap[cfgPath]
|
|
|
|
|
if (!envVar) continue
|
|
|
|
|
if (val === undefined || val === null || val === '') {
|
|
|
|
|
await saveEnvValue(envVar, '')
|
|
|
|
|
const parts = cfgPath.split('.')
|
|
|
|
|
let obj: any = config.platforms?.[platform]
|
|
|
|
|
if (obj) {
|
|
|
|
|
if (parts.length === 1) { delete obj[parts[0]] }
|
|
|
|
|
else {
|
|
|
|
|
let cur = obj
|
|
|
|
|
for (let i = 0; i < parts.length - 1; i++) { if (!cur[parts[i]]) break; cur = cur[parts[i]] }
|
|
|
|
|
delete cur[parts[parts.length - 1]]
|
|
|
|
|
if (obj.extra && Object.keys(obj.extra).length === 0) delete obj.extra
|
|
|
|
|
}
|
|
|
|
|
if (Object.keys(obj).length === 0) { if (!config.platforms) config.platforms = {}; delete config.platforms[platform] }
|
2026-04-21 12:35:48 +08:00
|
|
|
}
|
2026-05-16 13:11:59 +08:00
|
|
|
} else {
|
|
|
|
|
await saveEnvValue(envVar, String(val))
|
2026-04-21 12:35:48 +08:00
|
|
|
}
|
|
|
|
|
}
|
2026-05-16 13:11:59 +08:00
|
|
|
return config
|
|
|
|
|
}, {
|
|
|
|
|
backup: true,
|
|
|
|
|
dumpOptions: {
|
|
|
|
|
forceQuotes: true,
|
|
|
|
|
},
|
|
|
|
|
})
|
2026-05-11 20:08:13 +08:00
|
|
|
|
2026-05-19 16:09:59 +08:00
|
|
|
// Platform adapters still run through Hermes gateway; restart it so channel
|
|
|
|
|
// credentials are applied, then refresh bridge sessions.
|
|
|
|
|
const activeProfile = getActiveProfileName()
|
|
|
|
|
try {
|
|
|
|
|
const restartResult = await restartGateway()
|
|
|
|
|
logger.info('[config] gateway restarted after credentials update platform=%s profile=%s result=%s', platform, activeProfile, restartResult)
|
|
|
|
|
await destroyBridgeProfile(activeProfile)
|
|
|
|
|
} catch (err) {
|
|
|
|
|
logger.error(err, 'Gateway restart failed')
|
|
|
|
|
ctx.status = 500
|
|
|
|
|
ctx.body = { error: err instanceof Error ? err.message : 'Gateway restart failed' }
|
|
|
|
|
return
|
2026-05-11 20:08:13 +08:00
|
|
|
}
|
|
|
|
|
|
2026-04-21 12:35:48 +08:00
|
|
|
ctx.body = { success: true }
|
|
|
|
|
} catch (err: any) {
|
|
|
|
|
ctx.status = 500; ctx.body = { error: err.message }
|
|
|
|
|
}
|
|
|
|
|
}
|
