@naisys/supervisor
v3.0.3
Published
NAISYS Supervisor - Web UI for monitoring agents, logs, and messaging
Readme
@naisys/supervisor (server)
← Back to Supervisor | ← Back to main README
Fastify server for the NAISYS Supervisor. Connects to the hub over Socket.IO for live data, serves the bundled React client, and exposes a permission-aware REST API that's also callable by agents via ns-api thanks to HATEOAS action gating.
This is the npm-published half of @naisys/supervisor — the bundled client lives in ../client/ at dev time and gets copied into client-dist/ for publish. Data lives in the hub (@naisys/hub-database); the supervisor owns only auth/session/passkey state in @naisys/supervisor-database.
Running
Standalone (against an existing hub):
npm install @naisys/supervisor
npx naisys-supervisorSee the Supervisor README for full configuration (NAISYS_FOLDER, HUB_URL, SERVER_PORT, PUBLIC_READ) and feature list.
Dev mode (from monorepo):
npm run dev --workspace=@naisys/supervisorStructure
supervisorServer.ts— Fastify bootstrap, hub Socket.IO client, static client, swagger/scalar API referenceroutes/— per-resource routes (agents, users, mail, hosts, runs, costs, variables, etc.) with co-located HATEOAS action/link buildersservices/— business logic kept out of routesdatabase/— supervisor DB wiring, schema-version checks, migration deployhateoas.ts/schemaRegistry.ts/routeHelpers.ts— generic HATEOAS helpers, per-endpoint schema discovery, response helpersauthMiddleware.ts— session + API-key authentication, permission gating (permGate)paging.ts— forward/backward paginationtests/— Vitest unit/integration tests
API design
- HATEOAS-driven REST API — see doc 012. The same permission system gates both UI buttons and API endpoints
- Disabled actions include a reason
- Scalar UI for API reference (gated behind auth); OpenAPI spec hidden from agents
Auth (doc 007)
- Passkey-first WebAuthn login, optional bcrypt password
- One-time registration tokens (QR-code-friendly), step-up auth on sensitive operations
- Multi-session support; cookie sharing with co-hosted ERP
- Bootstrap superadmin via printed registration URL on first run
- Per-user/agent API keys with rotation
Live data
Heartbeat-driven agent/host status, live mail/chat, run logs with attachments — all pushed from the hub over Socket.IO. The supervisor is a thin UI + API layer; the hub is the source of truth.
Scripts
npm run dev—tsx watchagainstsrc/supervisorServer.tsnpm run build—tscnpm run bundle— copy the built client intoclient-dist/for publishnpm run start— rundist/supervisorServer.jsnpm test— Vitest
License
MIT
