diff --git a/ct/happier.sh b/ct/happier.sh index 2671bed6473..cce5fdb9ead 100644 --- a/ct/happier.sh +++ b/ct/happier.sh @@ -55,6 +55,7 @@ function app_questions() { HAPPIER_PVE_REMOTE_ACCESS="none" HAPPIER_PVE_TAILSCALE_AUTHKEY="" HAPPIER_PVE_PUBLIC_URL="" + HAPPIER_PVE_DAEMON_AUTH="0" HAPPIER_PVE_HSTACK_CHANNEL="${HAPPIER_PVE_HSTACK_CHANNEL:-stable}" HAPPIER_PVE_HSTACK_PACKAGE="${HAPPIER_PVE_HSTACK_PACKAGE:-}" @@ -109,6 +110,15 @@ function app_questions() { fi fi + if [[ "$HAPPIER_PVE_INSTALL_TYPE" == "devbox" && "$HAPPIER_PVE_SERVE_UI" == "1" ]]; then + if (whiptail --backtitle "$BACKTITLE" --title "DAEMON AUTH" --yesno \ + "\nAuthenticate daemon during install?\n\nAfter setup completes, you'll see a QR code.\nScan it with the Happier mobile app to authenticate the daemon.\n\nSelect No to skip and authenticate manually later.\n" 15 72); then + HAPPIER_PVE_DAEMON_AUTH="1" + else + HAPPIER_PVE_DAEMON_AUTH="0" + fi + fi + # HStack release channel selection (controls which npm dist-tag/version is installed via npx). local hstack_default="stable" if [[ -n "${HAPPIER_PVE_HSTACK_PACKAGE}" ]]; then @@ -159,6 +169,7 @@ function app_questions() { export HAPPIER_PVE_REMOTE_ACCESS export HAPPIER_PVE_TAILSCALE_AUTHKEY export HAPPIER_PVE_PUBLIC_URL + export HAPPIER_PVE_DAEMON_AUTH export HAPPIER_PVE_HSTACK_CHANNEL export HAPPIER_PVE_HSTACK_PACKAGE } diff --git a/install/happier-install.sh b/install/happier-install.sh index f8fd55505d5..263eea51e43 100644 --- a/install/happier-install.sh +++ b/install/happier-install.sh @@ -47,6 +47,8 @@ TAILSCALE_AUTHKEY="${HAPPIER_PVE_TAILSCALE_AUTHKEY:-}" # optional PUBLIC_URL_RAW="${HAPPIER_PVE_PUBLIC_URL:-}" # required when REMOTE_ACCESS=proxy HSTACK_CHANNEL_RAW="${HAPPIER_PVE_HSTACK_CHANNEL:-stable}" # stable | preview | custom HSTACK_PACKAGE_RAW="${HAPPIER_PVE_HSTACK_PACKAGE:-}" # e.g. @happier-dev/stack@latest +DAEMON_AUTH="${HAPPIER_PVE_DAEMON_AUTH:-0}" # 1 | 0 +DAEMON_AUTH_DONE="0" TAILSCALE_ENABLE_SERVE="0" TAILSCALE_HTTPS_URL="" TAILSCALE_NEEDS_LOGIN="0" @@ -486,6 +488,42 @@ fi msg_ok "Install complete" +if [[ "${INSTALL_TYPE}" == "devbox" && "${SERVE_UI}" == "1" && "${DAEMON_AUTH}" == "1" ]]; then + AUTH_SERVER_URL="" + if [[ -n "${TAILSCALE_HTTPS_URL}" ]]; then + AUTH_SERVER_URL="${TAILSCALE_HTTPS_URL}" + elif [[ -n "${PUBLIC_URL}" ]]; then + AUTH_SERVER_URL="${PUBLIC_URL}" + else + AUTH_SERVER_URL="http://${LOCAL_IP}:3005" + fi + + echo "" + echo -e "${INFO}${YW} Authenticate your daemon now.${CL}" + echo -e "${TAB}A QR code will appear — scan it with the Happier mobile app." + echo -e "${TAB}The app needs to reach: ${BGN}${AUTH_SERVER_URL}${CL}" + echo -e "${TAB}Press Ctrl+C to skip and do this later." + echo "" + + if timeout 300 sudo -u happier -H "$HSTACK_BIN" auth login \ + --method=mobile --no-open --start-if-needed /dev/null 2>&1 || true + fi + msg_ok "Daemon authenticated" + else + DAEMON_AUTH_DONE="0" + msg_warn "Daemon auth skipped (you can do it later)" + fi +fi + if [[ "${SETUP_BIND}" == "loopback" ]]; then echo -e "${INFO}${YW} Access (HTTP, inside container): ${CL}${TAB}${GATEWAY}${BGN}http://127.0.0.1:3005${CL}" echo -e "${INFO}${YW} Note:${CL} bind=loopback is not reachable from your LAN." @@ -591,7 +629,9 @@ if [[ "${REMOTE_ACCESS}" == "tailscale" && -z "${TAILSCALE_HTTPS_URL}" ]]; then echo -e "${TAB}${TAB}${TAB}${GATEWAY}${BGN}su - happier -c \"${HSTACK_BIN} auth login --print\"${CL}" fi -if [[ "${INSTALL_TYPE}" == "devbox" ]]; then +if [[ "${INSTALL_TYPE}" == "devbox" && "${DAEMON_AUTH_DONE}" == "1" ]]; then + echo -e "${TAB}${YW}2)${CL} Daemon is authenticated and running." +elif [[ "${INSTALL_TYPE}" == "devbox" ]]; then echo -e "${TAB}${YW}2)${CL} Connect the daemon running in this devbox (run inside the container):" echo -e "${TAB}${TAB}${GATEWAY}${BGN}sudo -u happier -H ${HSTACK_BIN} auth login --method=mobile --no-open${CL}" echo -e "${TAB}${YW}3)${CL} After login, restart the stack to start the daemon:"