agent: add CLI session shim and remote install/repair with Tailscale

[AndreyMay]

What

This PR delivers two major operator/runtime improvements:

• Adds CLI-backed dev-agent support with a session-control compatibility shim so control-agent can keep using send_to_session/list_sessions semantics.
• Adds a new baudbot remote module for checkpointed remote install/repair workflows (Hetzner + existing hosts), including optional Tailscale setup for secure instance access.

Included changes

• CLI dev-agent parity layer

  • pi/extensions/cli-session-shim.mjs
  • control-agent runner/update helpers under pi/skills/control-agent/scripts/
  • CLI persona templates under pi/skills/dev-agent-cli/
  • control-agent docs/heartbeat/architecture updates for backend selection + shim behavior

• Remote operations module

  • baudbot remote command wired through bin/baudbot
  • new scripts:
    • bin/remote.sh
    • bin/lib/remote-common.sh
    • bin/lib/remote-ssh.sh
    • bin/lib/remote-hetzner.sh
  • checkpointed state + resume at ~/.baudbot/remote/targets/<target>.json
  • guided repair flow with safe and explicit advanced actions
  • Tailscale support:
    • install checkpoint tailscale_connected
    • flags: --tailscale, --no-tailscale, --tailscale-auth-key
    • status output includes Tailscale state/IP

• Test coverage and docs

  • Added shell tests for new remote helpers/CLI
  • Added CLI dispatch regression tests
  • Updated docs in README.md, docs/operations.md, CONFIGURATION.md

Checklist

• Tests pass (npm test)
• Lint passes (npm run lint)
• Docs updated (if behavior changed)
• Security audit passes (bin/security-audit.sh --deep) — if touching security code

[greptile-apps]

Greptile Summary

This PR delivers CLI-backed dev-agent support and remote install/repair workflows, enabling control-agent to spawn ephemeral dev agents using Claude Code or Codex CLIs instead of only the pi runtime.

Major changes include CLI session shim providing Unix socket RPC compatibility, remote operations module with checkpointed workflows for Hetzner and existing hosts, optional Tailscale integration, control-agent scripts for CLI backend lifecycle, and comprehensive test coverage with 500+ new test lines.

Implementation uses curl with bash pattern for remote bootstrap (hardcoded to trusted sources), SSH with StrictHostKeyChecking accept-new for automated provisioning, and state files stored with restrictive permissions.

Confidence Score: 4/5

• Safe to merge with minor security considerations around remote script execution
• Well-tested implementation with comprehensive test coverage. The code follows security best practices (SSH key permissions, state file permissions, input validation). Remote script execution (curl | bash) is used appropriately for install workflows with hardcoded trusted URLs. Some caution needed around operator environment security (API tokens, SSH keys stored locally)
• Pay attention to bin/remote.sh lines 126 and 220-221 which execute remote scripts - ensure URLs remain pointed at trusted sources

Important Files Changed

Filename	Overview
pi/extensions/cli-session-shim.mjs	Adds Unix socket RPC server that bridges control-agent's session protocol to CLI-backed dev agents, handling send/get_message/abort/subscribe commands
bin/remote.sh	Main orchestration script for remote install/repair workflows with checkpoint-based resume, Tailscale integration, and interactive/dry-run modes
bin/lib/remote-common.sh	Shared state management and utilities for remote workflows, handles JSON checkpoint persistence and target validation
bin/lib/remote-ssh.sh	SSH/SCP wrappers with consistent options (accept-new host keys, timeouts, keepalives) for remote operations
bin/lib/remote-hetzner.sh	Hetzner API integration for server/SSH key provisioning with JSON response parsing and cleanup operations
pi/skills/control-agent/scripts/run-cli-agent.sh	Launch wrapper for CLI-backed dev agents (claude-code/codex), handles tmux session creation, persona templating, and shim coordination

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[baudbot remote install] --> B{Mode?}
    B -->|hetzner| C[Provision Hetzner Server]
    B -->|host| D[Use Existing Host]
    
    C --> E[Create SSH Key]
    D --> E
    
    E --> F[Wait SSH Reachable]
    F --> G[Run Bootstrap Script]
    G --> H[Run baudbot install]
    H --> I[Run Doctor Check]
    
    I --> J{Tailscale?}
    J -->|enabled| K[Install Tailscale]
    K --> L[Tailscale Up]
    L --> M[Wait for Running State]
    J -->|skip| N[Mark Complete]
    M --> N
    
    N --> O[Save Checkpoint]
    
    P[control-agent] --> Q[Spawn CLI Dev Agent]
    Q --> R[Launch tmux Session]
    R --> S[Start CLI Session Shim]
    S --> T[Create Unix Socket]
    
    P --> U[send_to_session RPC]
    U --> T
    T --> V[Forward to tmux via send-keys]
    V --> W[CLI Agent Processes]
    W --> X[Capture tmux Output]
    X --> Y[Return via turn_end Event]
    Y --> P

Loading

_{Last reviewed commit: 216220d}