Commit graph

15 commits

Author SHA1 Message Date
Lachlan Donald
745f5090bb
feat: add Tailscale Serve integration with automatic authentication (#472)
* feat: add secure Tailscale Serve integration support

- Add --enable-tailscale-serve flag to bind server to localhost
- Implement Tailscale identity header authentication
- Add security validations for localhost origin and proxy headers
- Create TailscaleServeService to manage tailscale serve process
- Fix dev script to properly pass arguments through pnpm
- Add comprehensive auth middleware tests for all auth methods
- Ensure secure integration with Tailscale's reverse proxy

* refactor: use isFromLocalhostAddress helper for Tailscale auth

- Extract localhost checking logic into dedicated helper function
- Makes the code clearer and addresses review feedback
- Maintains the same security checks for Tailscale authentication

* feat(web): Add Tailscale Serve integration support

- Add TailscaleServeService to manage background tailscale serve process
- Add --enable-tailscale-serve and --use-tailscale-serve flags
- Force localhost binding when Tailscale Serve is enabled
- Enhance auth middleware to support Tailscale identity headers
- Add isFromLocalhostAddress helper for secure localhost validation
- Fix dev script to properly pass CLI arguments through pnpm
- Add comprehensive auth middleware tests (17 tests)
- Use 'tailscale serve reset' for thorough cleanup

The server now automatically manages the Tailscale Serve proxy process,
providing secure HTTPS access through Tailscale networks without manual
configuration.

* feat(mac): Add Tailscale Serve toggle in Remote Access settings

- Add 'Enable Tailscale Serve Integration' toggle in RemoteAccessSettingsView
- Pass --use-tailscale-serve flag from both BunServer and DevServerManager
- Show HTTPS URL when Tailscale Serve is enabled, HTTP when disabled
- Fix URL copy bug in ServerInfoSection for Tailscale addresses
- Update authentication documentation with new integration mode
- Server automatically restarts when toggle is changed

The macOS app now provides a user-friendly toggle to enable secure
Tailscale Serve integration without manual configuration.

* fix(security): Remove dangerous --allow-tailscale-auth flag

- Remove --allow-tailscale-auth flag that allowed header spoofing
- Remove --use-tailscale-serve alias for consistency
- Keep only --enable-tailscale-serve which safely manages everything
- Update all references in server.ts to use enableTailscaleServe
- Update macOS app to use --enable-tailscale-serve flag
- Update documentation to remove manual setup mode

The --allow-tailscale-auth flag was dangerous because it allowed users to
enable Tailscale header authentication while binding to network interfaces,
which would allow anyone on the network to spoof the Tailscale headers.

Now there's only one safe way to use Tailscale integration: --enable-tailscale-serve,
which forces localhost binding and manages the proxy automatically.

* fix: address PR feedback from Peter and Cursor

- Fix Promise hang bug in TailscaleServeService when process exits with code 0
- Move tailscaleServeEnabled string to AppConstants.UserDefaultsKeys
- Create TailscaleURLHelper for URL construction logic
- Add Linux support to TailscaleServeService with common Tailscale paths
- Update all references to use centralized constants
- Fix code formatting issues

* feat: Add Tailscale Serve status monitoring and error visibility

* fix: Correct pass-through argument logic for boolean flags and duplicates

- Track processed argument indices instead of checking if arg already exists in serverArgs
- Add set of known boolean flags that don't take values
- Allow duplicate arguments to be passed through
- Only treat non-dash arguments as values for non-boolean flags

This fixes issues where:
1. Boolean flags like --verbose were incorrectly consuming the next argument
2. Duplicate flags couldn't be passed through to the server

* fix: Resolve promise hanging and orphaned processes in Tailscale serve

- Add settled flag to prevent multiple promise resolutions
- Handle exit code 0 as a failure case during startup
- Properly terminate child process in cleanup method
- Add timeout for graceful shutdown before force killing

This fixes:
1. Promise hanging when tailscale serve exits with code 0
2. Orphaned processes when startup fails or cleanup is called

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2025-07-30 02:30:10 +02:00
Peter Steinberger
f3a98ee058
feat: add comprehensive Git worktree management with follow mode and enhanced UI (#452) 2025-07-26 15:06:18 +02:00
Jan Remeš
ac2f3da586
Better folder selection with git repo discovery (#274)
* added folder selection with git repo discovery

* Increase touch target for repository and folder selection buttons

---------

Co-authored-by: Peter Steinberger <steipete@gmail.com>
2025-07-09 09:24:30 +02:00
Peter Steinberger
85d9f3d17a
Unified control protocol and deferred screen recording permissions (#239) 2025-07-08 00:42:13 +01:00
Peter Steinberger
d3d0ce9dde
Add magic wand button to inject prompts into Claude sessions (#210) 2025-07-03 23:57:30 +01:00
Peter Steinberger
45d8f97a30
Improve release scripts and add git app integration (#208) 2025-07-03 12:40:09 +01:00
Peter Steinberger
a4619fb766
Add Git repository monitoring to VibeTunnel menu bar (#200) 2025-07-02 20:42:34 +01:00
Peter Steinberger
2a937eac4a
Make popover window sticky during new session creation (#194) 2025-07-02 16:49:34 +01:00
Jeff Hurray
dab2c6056d
Fix various SessionRow menu bugs (#196) 2025-07-02 13:28:15 +01:00
Peter Steinberger
42021bb514 Fix inconsistent button state management
- Remove all uses of deprecated highlight() method in CustomMenuWindow
- Consistently use state property for NSStatusBarButton management
- Update StatusBarMenuManager to reset button state when menu state is .none
- Fix concurrency issues in CustomMenuWindow frame observer
- Ensure button state is properly managed throughout menu lifecycle

This fixes the issue where the button could display inconsistent visual states
or get stuck due to conflicting approaches between highlight() and state.
2025-07-02 00:00:53 +01:00
Peter Steinberger
f60bd2d5a0 Implement side-rounded menu borders for macOS menu bar
- Create custom SideRoundedRectangle shape with flat top/bottom borders
- Apply custom shape to both SwiftUI background and NSWindow mask layer
- Update CustomMenuContainer to use the new shape for consistent styling
- Maintain rounded corners only on left and right sides as requested

This gives the menu bar dropdown a more integrated appearance with the
menu bar while keeping the modern rounded aesthetic on the sides.
2025-07-02 00:00:53 +01:00
Billy Irwin
852078d024
fix: simplify Tailscale integration using local API (#184) 2025-07-01 23:36:59 +01:00
Peter Steinberger
49a263d406
Mac menu bar UI improvements and Tailscale fixes (#180) 2025-07-01 18:53:46 +01:00
Peter Steinberger
b452251a47
Improve Mac menu bar UI with better form styling and animations (#179) 2025-07-01 17:46:46 +01:00
Peter Steinberger
a7d5648c78
feat: Powerful Mac menu bar with rich view and session tracking (#176) 2025-07-01 14:54:30 +01:00