docs: rewrite README and add architecture docs

2026-03-20 20:46:36 +08:00 · 2026-03-20 20:46:36 +08:00 · 54267f1842
parent 63a879046b
commit 54267f1842
2 changed files with 175 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,9 @@
 # pi-remote-control
 ## Disclaimer
 This project is for personal use and research only. It is provided as-is, and the author accepts no liability for any damage, loss, misuse, or operational consequences that result from installing or using it. Do not use it for safety-critical, multi-user, or untrusted-network deployments.
 ## Install
 ```bash
@ -11,7 +15,34 @@ pi install https://github.com/goofansu/pi-remote-control
 Run `/remote-control` to open the menu:
 - **Turn on / Turn off** — start or stop the server
- **Configure URL** — set the public base URL your proxy/tunnel exposes (saved to `~/.pi/agent/remote-control.json`)
+- **Configure URL** — set the base URL exposed by your local tunnel or proxy, saved to `~/.pi/agent/remote-control.json`
 - **Status** — show the QR code and connection URL (only when server is running)
-On first use, you'll be prompted to configure the URL before the server starts.
+On first use, configure the URL before the server can start.
 To start the server automatically on launch:
 ```bash
 pi --remote-control
 ```
 ## Use case
 The remote-control server binds to `127.0.0.1` on the host running `pi` and is reached through a local tunnel or proxy — in this case [Surge Ponte](https://kb.nssurge.com/surge-knowledge-base/guidelines/ponte), which provides an end-to-end encrypted device-to-device tunnel without exposing the server to the LAN.
 The setup is:
 1. Install this extension on the Mac that runs `pi`.
 2. Enable Surge Ponte on that Mac and give it a device name such as `pi`.
 3. On the same Mac, open `pi` and run the `/remote-control` command.
 4. Choose `Configure URL` and set the base URL to your Surge Ponte hostname, for example `http://pi.sgponte`.
 5. Choose `Turn on`.
 6. Open `Status` to get the QR code and one-time connection URL.
 7. On another device on the same Surge Ponte network, open that URL in a browser.
 In this setup, the browser URL is `http://pi.sgponte:<dynamic-port>`, but the traffic is still routed through Surge Ponte's tunnel between your devices.
 ## Security notes
 - The server only listens on localhost. Remote access depends on whatever local tunnel or proxy you configure.
 - If you use a reverse proxy instead of Surge Ponte, configure it to terminate TLS at a fixed `https://` endpoint and forward to the server's dynamic backend port. Do not expose the dynamic port directly over a public network, as the server does not support HTTPS and any token or session cookie would be transmitted in cleartext.
--- a/docs/ARCHITECTURE.md
+++ b/docs/ARCHITECTURE.md
@ -0,0 +1,142 @@
 # Architecture
 ## Overview
 `pi-remote-control` is a pi extension that exposes a running pi session over
 HTTP/WebSocket. The machine running pi is the **host**; any browser that
 connects is a **guest**.
 The server binds to `127.0.0.1` only (never the LAN). A local proxy or tunnel
 (e.g. Surge Ponte) forwards external traffic to it. The guest interacts
 through a self-contained single-page app served inline — no CDN, no external
 assets.
 ```mermaid
 graph LR
    subgraph Host["Host machine"]
        PI["pi process"]
        EXT["remote-control extension"]
        SRV["HTTP + WS server — 127.0.0.1:port"]
        PI -->|events| EXT
        EXT -->|broadcast| SRV
        SRV -->|sendUserMessage / abort| PI
    end
    PROXY["Surge Ponte"]
    SRV <-->|localhost| PROXY
    subgraph Guest["Guest browser"]
        UI["Single-page app"]
    end
    PROXY <-->|HTTPS / WSS| UI
 ```
 ## Files
 | File | Purpose |
 |------|---------|
 | `extensions/pi-remote-control/index.ts` | Extension entry point — registers flag, command, and event bridge |
 | `extensions/pi-remote-control/server.ts` | HTTP + WebSocket server, auth enforcement, client management |
 | `extensions/pi-remote-control/messages.ts` | Wire protocol: serialize session entries → `RenderMsg`, build `sync` payloads |
 | `extensions/pi-remote-control/html.ts` | Inline single-page web UI (self-contained, no external deps) |
 | `extensions/pi-remote-control/auth.ts` | One-time token generation/validation, session cookie helpers |
 | `extensions/pi-remote-control/config.ts` | Read/write `remote-control.json`, public URL normalization and config UI |
 ## Authentication Flow
 First-visit authentication exchanges the one-time token for a 24-hour session
 cookie, keeping the token out of browser history and subsequent requests.
 Note that the initial `GET /?token=TOKEN` may still be recorded by any proxy
 or tunnel sitting in front of the server before the 302 redirect issues the cookie.
 ```mermaid
 sequenceDiagram
    actor Guest
    participant Server
    Note over Guest: Has URL with ?token=TOKEN
    Guest->>Server: GET /?token=TOKEN
    Server->>Server: validateToken() - timing-safe compare
    Server-->>Guest: 302 to / + Set-Cookie pi_rc_session=ID HttpOnly
    Guest->>Server: GET / (cookie only)
    Server-->>Guest: 200 HTML with CSP nonce
    Guest->>Server: GET /ws (cookie in header)
    Server->>Server: isAuthenticated() - checks session map
    Server-->>Guest: 101 Switching Protocols
    Note over Server,Guest: WebSocket open, full sync sent immediately
 ```
 **Security headers on every HTML response:**
 - `Content-Security-Policy` with a per-request nonce (no `unsafe-inline`)
 - `X-Frame-Options: DENY`
 - `X-Content-Type-Options: nosniff`
 - `Referrer-Policy: no-referrer`
 ## Wire Protocol (WebSocket)
 ### Host → Guest
 | Message type | Payload fields | When sent |
 |---|---|---|
 | `sync` | `messages[]`, `state` (`isStreaming`, `model`, `cwd`, `sessionName`) | On connect, session switch, model change |
 | `message_update` | `message: RenderMsg` | Streaming assistant turn (partial) |
 | `message_end` | `message: RenderMsg` | Assistant turn finalized |
 | `tool_start` | `toolCallId`, `toolName`, `args` | Tool execution begins |
 | `tool_end` | `toolCallId`, `result`, `isError` | Tool execution completes |
 | `agent_start` | — | Agent turn starts |
 | `agent_end` | — | Agent turn ends |
 | `status` | `clientCount` | Client disconnects |
 ### Guest → Host
 | Message type | Payload | Effect |
 |---|---|---|
 | `prompt` | `text: string` | `pi.sendUserMessage(text)` — as normal message when idle, as follow-up when busy |
 | `stop` | — | `ctx.abort()` — cancels the current agent turn |
 **Per-connection server-side rate limit:** max 30 prompt messages per 60-second
 sliding window; messages over 64 KB are silently dropped. The limit applies
 per WebSocket connection — opening multiple connections multiplies it.
 ### RenderMsg shape
 ```typescript
 interface RenderMsg {
  id: string;               // SessionEntry id, or "pending" while streaming
  role: "user" | "assistant" | "tool_result";
  text: string;
  toolCalls?: Array<{ id: string; name: string; args: string }>;
  toolName?: string;        // tool_result only
  toolCallId?: string;      // tool_result only
  isError?: boolean;        // tool_result only
  model?: string;           // assistant only
 }
 ```
 ## Session Lifecycle Events
 ```mermaid
 flowchart TD
    SS["session_start"] -->|--remote-control flag| START["startServer()"]
    START --> SYNC0["sync all clients"]
    SW["session_switch"] --> SYNC1["scheduleSync()"]
    MS["model_select"] -->|when idle| SYNC1
    AGs["agent_start"] --> B1["broadcast agent_start"]
    AGe["agent_end"]   --> B2["broadcast agent_end"]
    MU["message_update"] --> B3["broadcast message_update"]
    ME["message_end"]    --> B4["broadcast message_end"]
    TS["tool_execution_start"] --> B5["broadcast tool_start"]
    TE["tool_execution_end"]   --> B6["broadcast tool_end"]
    SD["session_shutdown"] --> STOP["server.stop()"]
 ```