let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(mac): serve webchat locally in remote mode

Browse Source
This commit is contained in:
Peter Steinberger
2025-12-12 18:41:38 +00:00
parent 241cf10bdb
commit 7d37195c1a
4 changed files with 128 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/mac/remote.md
View File

@@ -28,8 +28,8 @@ This flow lets the macOS app act as a full remote control for a Clawdis gateway
4) Health checks and Web Chat will now run through this SSH tunnel automatically.
## Web Chat over SSH
- The gateway hosts a loopback-only HTTP server (default 18788, see `webchat.port`).
- The mac app forwards `127.0.0.1:<port>` over SSH (`ssh -L <ephemeral>:127.0.0.1:<port>`), then loads `/webchat/?session=<key>` in-app. Sends go in-process on the gateway (no CLI spawn/PATH issues).
- The mac app serves the WebChat assets locally (from the app bundle) and connects to the gateway over the forwarded WebSocket control port (default 18789).
- The gateways own loopback WebChat HTTP server (default 18788, see `webchat.port`) is not required in remote mode.
- Keep the feature enabled in *Settings → Config → Web chat*. Disable it to hide the menu entry entirely.
## Permissions

7
docs/mac/webchat.md
View File

@@ -5,7 +5,10 @@ read_when:
---
# Web Chat (macOS app)
The macOS menu bar app opens the gateways loopback web chat server in a WKWebView. It reuses the **primary Clawd session** (`main` by default, configurable via `inbound.reply.session.mainKey`). The server is started by the Node gateway (default port 18788, see `webchat.port`).
The macOS menu bar app embeds the WebChat UI in a WKWebView and reuses the **primary Clawd session** (`main` by default, configurable via `inbound.reply.session.mainKey`).
- **Local mode**: loads the gateways loopback WebChat HTTP server (default port 18788, see `webchat.port`).
- **Remote mode**: serves the WebChat assets locally from the mac app bundle (via `WebChatServer`) and only forwards the gateway WebSocket control port over SSH.
## Launch & debugging
- Manual: Lobster menu → “Open Chat”.
@@ -20,7 +23,7 @@ The macOS menu bar app opens the gateways loopback web chat server in a WKWeb
- Debug-only: a native SwiftUI “glass” chat UI (same WS transport, attachments + thinking selector) can replace the WKWebView. Enable it via Debug → “Use SwiftUI web chat (glass, gateway WS)” (default off).
## Security / surface area
- Loopback server only; remote mode uses SSH port-forwarding from the gateway host to the Mac. CSP is set to `default-src 'self' 'unsafe-inline' data: blob:`.
- Loopback server only; remote mode forwards only the gateway WebSocket control port over SSH. CSP is set to `default-src 'self' 'unsafe-inline' data: blob:`.
- Web Inspector is opt-in via right-click; otherwise WKWebView stays in the app sandbox.
## Known limitations