Serve a local web UI from bangerd

Add a localhost-only web console so VM and image management no longer depends on the CLI for every inspection and lifecycle action. Wire bangerd up to a configurable web listener, expose dashboard and async image-build state through the daemon, and serve CSRF-protected HTML pages with host-path picking, VM/image detail views, logs, ports, and progress polling for long-running operations. Keep the browser path aligned with the existing sudo and host-owned artifact model: surface sudo readiness, print the web URL in daemon status, and document the new workflow. Polish the UI with resource usage cards, clearer clickable affordances, cancel paths, confirmation prompts, image-name links, and HTTP port links. Validation: GOCACHE=/tmp/banger-gocache go test ./...
2026-03-21 16:47:47 -03:00 · 2026-03-21 16:47:47 -03:00 · 2362d0ae39
commit 2362d0ae39
parent 30f0c0b54a
24 changed files with 3308 additions and 52 deletions
--- a/internal/daemon/daemon.go
+++ b/internal/daemon/daemon.go
@ -9,6 +9,7 @@ import (
 	"fmt"
 	"log/slog"
 	"net"
+	"net/http"
 	"os"
 	"path/filepath"
 	"strings"
@ -26,27 +27,32 @@ import (
 )

 type Daemon struct {
-	layout         paths.Layout
-	config         model.DaemonConfig
-	store          *store.Store
-	runner         system.CommandRunner
-	logger         *slog.Logger
-	mu             sync.Mutex
-	createOpsMu    sync.Mutex
-	createOps      map[string]*vmCreateOperationState
-	vmLocksMu      sync.Mutex
-	vmLocks        map[string]*sync.Mutex
-	tapPoolMu      sync.Mutex
-	tapPool        []string
-	tapPoolNext    int
-	closing        chan struct{}
-	once           sync.Once
-	pid            int
-	listener       net.Listener
-	vmDNS          *vmdns.Server
-	vmCaps         []vmCapability
-	imageBuild     func(context.Context, imageBuildSpec) error
-	requestHandler func(context.Context, rpc.Request) rpc.Response
+	layout          paths.Layout
+	config          model.DaemonConfig
+	store           *store.Store
+	runner          system.CommandRunner
+	logger          *slog.Logger
+	mu              sync.Mutex
+	createOpsMu     sync.Mutex
+	createOps       map[string]*vmCreateOperationState
+	imageBuildOpsMu sync.Mutex
+	imageBuildOps   map[string]*imageBuildOperationState
+	vmLocksMu       sync.Mutex
+	vmLocks         map[string]*sync.Mutex
+	tapPoolMu       sync.Mutex
+	tapPool         []string
+	tapPoolNext     int
+	closing         chan struct{}
+	once            sync.Once
+	pid             int
+	listener        net.Listener
+	webListener     net.Listener
+	webServer       *http.Server
+	webURL          string
+	vmDNS           *vmdns.Server
+	vmCaps          []vmCapability
+	imageBuild      func(context.Context, imageBuildSpec) error
+	requestHandler  func(context.Context, rpc.Request) rpc.Response
 }

 func Open(ctx context.Context) (d *Daemon, err error) {
@ -115,6 +121,12 @@ func (d *Daemon) Close() error {
 		if d.listener != nil {
 			_ = d.listener.Close()
 		}
+		if d.webServer != nil {
+			_ = d.webServer.Close()
+		}
+		if d.webListener != nil {
+			_ = d.webListener.Close()
+		}
 		err = errors.Join(d.stopVMDNS(), d.store.Close())
 	})
 	return err
@ -138,6 +150,9 @@ func (d *Daemon) Serve(ctx context.Context) error {
 	if d.logger != nil {
 		d.logger.Info("daemon serving", "socket", d.layout.SocketPath, "pid", d.pid)
 	}
+	if err := d.startWebServer(); err != nil {
+		return err
+	}

 	go d.backgroundLoop()

@ -238,7 +253,7 @@ func (d *Daemon) dispatch(ctx context.Context, req rpc.Request) rpc.Response {
 	}
 	switch req.Method {
 	case "ping":
-		result, _ := rpc.NewResult(api.PingResult{Status: "ok", PID: d.pid})
+		result, _ := rpc.NewResult(api.PingResult{Status: "ok", PID: d.pid, WebURL: d.webURL})
 		return result
 	case "shutdown":
 		go d.Close()
@ -392,6 +407,27 @@ func (d *Daemon) dispatch(ctx context.Context, req rpc.Request) rpc.Response {
 		}
 		image, err := d.BuildImage(ctx, params)
 		return marshalResultOrError(api.ImageShowResult{Image: image}, err)
+	case "image.build.begin":
+		params, err := rpc.DecodeParams[api.ImageBuildParams](req)
+		if err != nil {
+			return rpc.NewError("bad_request", err.Error())
+		}
+		op, err := d.BeginImageBuild(ctx, params)
+		return marshalResultOrError(api.ImageBuildBeginResult{Operation: op}, err)
+	case "image.build.status":
+		params, err := rpc.DecodeParams[api.ImageBuildStatusParams](req)
+		if err != nil {
+			return rpc.NewError("bad_request", err.Error())
+		}
+		op, err := d.ImageBuildStatus(ctx, params.ID)
+		return marshalResultOrError(api.ImageBuildStatusResult{Operation: op}, err)
+	case "image.build.cancel":
+		params, err := rpc.DecodeParams[api.ImageBuildStatusParams](req)
+		if err != nil {
+			return rpc.NewError("bad_request", err.Error())
+		}
+		err = d.CancelImageBuild(ctx, params.ID)
+		return marshalResultOrError(api.Empty{}, err)
 	case "image.register":
 		params, err := rpc.DecodeParams[api.ImageRegisterParams](req)
 		if err != nil {
@ -436,6 +472,7 @@ func (d *Daemon) backgroundLoop() {
 				d.logger.Error("background stale sweep failed", "error", err.Error())
 			}
 			d.pruneVMCreateOperations(time.Now().Add(-10 * time.Minute))
+			d.pruneImageBuildOperations(time.Now().Add(-10 * time.Minute))
 		}
 	}
 }
--- a/internal/daemon/dashboard.go
+++ b/internal/daemon/dashboard.go
@ -0,0 +1,63 @@
+package daemon
+
+import (
+	"context"
+
+	"banger/internal/api"
+	"banger/internal/model"
+	"banger/internal/system"
+)
+
+func (d *Daemon) DashboardSummary(ctx context.Context) (api.DashboardSummary, error) {
+	summary := api.DashboardSummary{
+		GeneratedAt: model.Now(),
+		Sudo: api.SudoStatus{
+			Command: "sudo -v",
+		},
+	}
+	if err := system.CheckSudo(ctx); err != nil {
+		summary.Sudo.Error = err.Error()
+	} else {
+		summary.Sudo.Available = true
+	}
+
+	if host, err := system.ReadHostResources(); err == nil {
+		summary.Host.CPUCount = host.CPUCount
+		summary.Host.TotalMemoryBytes = host.TotalMemoryBytes
+	}
+	if usage, err := system.ReadFilesystemUsage(d.layout.StateDir); err == nil {
+		summary.Host.StateFilesystemTotalBytes = usage.TotalBytes
+		summary.Host.StateFilesystemFreeBytes = usage.FreeBytes
+	}
+
+	images, err := d.store.ListImages(ctx)
+	if err != nil {
+		return api.DashboardSummary{}, err
+	}
+	for _, image := range images {
+		summary.Banger.ImageCount++
+		if image.Managed {
+			summary.Banger.ManagedImageCount++
+		}
+	}
+
+	vms, err := d.store.ListVMs(ctx)
+	if err != nil {
+		return api.DashboardSummary{}, err
+	}
+	for _, vm := range vms {
+		summary.Banger.VMCount++
+		summary.Banger.ConfiguredVCPUCount += vm.Spec.VCPUCount
+		summary.Banger.ConfiguredMemoryBytes += int64(vm.Spec.MemoryMiB) * 1024 * 1024
+		summary.Banger.ConfiguredDiskBytes += vm.Spec.WorkDiskSizeBytes
+		summary.Banger.UsedSystemOverlayBytes += vm.Stats.SystemOverlayBytes
+		summary.Banger.UsedWorkDiskBytes += vm.Stats.WorkDiskBytes
+		if vm.State == model.VMStateRunning && system.ProcessRunning(vm.Runtime.PID, vm.Runtime.APISockPath) {
+			summary.Banger.RunningVMCount++
+			summary.Banger.RunningCPUPercent += vm.Stats.CPUPercent
+			summary.Banger.RunningRSSBytes += vm.Stats.RSSBytes
+			summary.Banger.RunningVSZBytes += vm.Stats.VSZBytes
+		}
+	}
+	return summary, nil
+}
--- a/internal/daemon/image_build_ops.go
+++ b/internal/daemon/image_build_ops.go
@ -0,0 +1,218 @@
+package daemon
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"sync"
+	"time"
+
+	"banger/internal/api"
+	"banger/internal/model"
+)
+
+type imageBuildProgressKey struct{}
+
+type imageBuildOperationState struct {
+	mu     sync.Mutex
+	cancel context.CancelFunc
+	op     api.ImageBuildOperation
+}
+
+func newImageBuildOperationState() (*imageBuildOperationState, error) {
+	id, err := model.NewID()
+	if err != nil {
+		return nil, err
+	}
+	now := model.Now()
+	return &imageBuildOperationState{
+		op: api.ImageBuildOperation{
+			ID:        id,
+			Stage:     "queued",
+			Detail:    "waiting to start",
+			StartedAt: now,
+			UpdatedAt: now,
+		},
+	}, nil
+}
+
+func withImageBuildProgress(ctx context.Context, op *imageBuildOperationState) context.Context {
+	if op == nil {
+		return ctx
+	}
+	return context.WithValue(ctx, imageBuildProgressKey{}, op)
+}
+
+func imageBuildProgressFromContext(ctx context.Context) *imageBuildOperationState {
+	if ctx == nil {
+		return nil
+	}
+	op, _ := ctx.Value(imageBuildProgressKey{}).(*imageBuildOperationState)
+	return op
+}
+
+func imageBuildStage(ctx context.Context, stage, detail string) {
+	if op := imageBuildProgressFromContext(ctx); op != nil {
+		op.stage(stage, detail)
+	}
+}
+
+func imageBuildBindImage(ctx context.Context, image model.Image) {
+	if op := imageBuildProgressFromContext(ctx); op != nil {
+		op.bindImage(image)
+	}
+}
+
+func imageBuildSetLogPath(ctx context.Context, path string) {
+	if op := imageBuildProgressFromContext(ctx); op != nil {
+		op.setLogPath(path)
+	}
+}
+
+func (op *imageBuildOperationState) setCancel(cancel context.CancelFunc) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	op.cancel = cancel
+}
+
+func (op *imageBuildOperationState) setLogPath(path string) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	op.op.BuildLogPath = strings.TrimSpace(path)
+	op.op.UpdatedAt = model.Now()
+}
+
+func (op *imageBuildOperationState) bindImage(image model.Image) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	op.op.ImageID = image.ID
+	op.op.ImageName = image.Name
+}
+
+func (op *imageBuildOperationState) stage(stage, detail string) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	stage = strings.TrimSpace(stage)
+	detail = strings.TrimSpace(detail)
+	if stage == "" {
+		stage = op.op.Stage
+	}
+	if stage == op.op.Stage && detail == op.op.Detail {
+		return
+	}
+	op.op.Stage = stage
+	op.op.Detail = detail
+	op.op.UpdatedAt = model.Now()
+}
+
+func (op *imageBuildOperationState) done(image model.Image) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	imageCopy := image
+	op.op.ImageID = image.ID
+	op.op.ImageName = image.Name
+	op.op.Stage = "ready"
+	op.op.Detail = "image is ready"
+	op.op.Done = true
+	op.op.Success = true
+	op.op.Error = ""
+	op.op.Image = &imageCopy
+	op.op.UpdatedAt = model.Now()
+}
+
+func (op *imageBuildOperationState) fail(err error) {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	op.op.Done = true
+	op.op.Success = false
+	if err != nil {
+		op.op.Error = err.Error()
+	}
+	if strings.TrimSpace(op.op.Detail) == "" {
+		op.op.Detail = "image build failed"
+	}
+	op.op.UpdatedAt = model.Now()
+}
+
+func (op *imageBuildOperationState) snapshot() api.ImageBuildOperation {
+	op.mu.Lock()
+	defer op.mu.Unlock()
+	snapshot := op.op
+	if snapshot.Image != nil {
+		imageCopy := *snapshot.Image
+		snapshot.Image = &imageCopy
+	}
+	return snapshot
+}
+
+func (op *imageBuildOperationState) cancelOperation() {
+	op.mu.Lock()
+	cancel := op.cancel
+	op.mu.Unlock()
+	if cancel != nil {
+		cancel()
+	}
+}
+
+func (d *Daemon) BeginImageBuild(_ context.Context, params api.ImageBuildParams) (api.ImageBuildOperation, error) {
+	op, err := newImageBuildOperationState()
+	if err != nil {
+		return api.ImageBuildOperation{}, err
+	}
+	buildCtx, cancel := context.WithCancel(context.Background())
+	op.setCancel(cancel)
+
+	d.imageBuildOpsMu.Lock()
+	if d.imageBuildOps == nil {
+		d.imageBuildOps = map[string]*imageBuildOperationState{}
+	}
+	d.imageBuildOps[op.op.ID] = op
+	d.imageBuildOpsMu.Unlock()
+
+	go d.runImageBuildOperation(withImageBuildProgress(buildCtx, op), op, params)
+	return op.snapshot(), nil
+}
+
+func (d *Daemon) runImageBuildOperation(ctx context.Context, op *imageBuildOperationState, params api.ImageBuildParams) {
+	image, err := d.BuildImage(ctx, params)
+	if err != nil {
+		op.fail(err)
+		return
+	}
+	op.done(image)
+}
+
+func (d *Daemon) ImageBuildStatus(_ context.Context, id string) (api.ImageBuildOperation, error) {
+	d.imageBuildOpsMu.Lock()
+	op, ok := d.imageBuildOps[strings.TrimSpace(id)]
+	d.imageBuildOpsMu.Unlock()
+	if !ok {
+		return api.ImageBuildOperation{}, fmt.Errorf("image build operation not found: %s", id)
+	}
+	return op.snapshot(), nil
+}
+
+func (d *Daemon) CancelImageBuild(_ context.Context, id string) error {
+	d.imageBuildOpsMu.Lock()
+	op, ok := d.imageBuildOps[strings.TrimSpace(id)]
+	d.imageBuildOpsMu.Unlock()
+	if !ok {
+		return fmt.Errorf("image build operation not found: %s", id)
+	}
+	op.cancelOperation()
+	return nil
+}
+
+func (d *Daemon) pruneImageBuildOperations(olderThan time.Time) {
+	d.imageBuildOpsMu.Lock()
+	defer d.imageBuildOpsMu.Unlock()
+	for id, op := range d.imageBuildOps {
+		snapshot := op.snapshot()
+		if !snapshot.Done {
+			continue
+		}
+		if snapshot.UpdatedAt.Before(olderThan) {
+			delete(d.imageBuildOps, id)
+		}
+	}
+}
--- a/internal/daemon/images.go
+++ b/internal/daemon/images.go
@ -30,6 +30,7 @@ func (d *Daemon) BuildImage(ctx context.Context, params api.ImageBuildParams) (i
 	}()

 	name := params.Name
+	imageBuildStage(ctx, "resolve_image", "resolving image build inputs")
 	if name == "" {
 		name = fmt.Sprintf("image-%d", model.Now().Unix())
 	}
@ -57,6 +58,7 @@ func (d *Daemon) BuildImage(ctx context.Context, params api.ImageBuildParams) (i
 		return model.Image{}, err
 	}
 	buildLogPath = filepath.Join(buildLogDir, id+".log")
+	imageBuildSetLogPath(ctx, buildLogPath)
 	logFile, err := os.OpenFile(buildLogPath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0o644)
 	if err != nil {
 		return model.Image{}, err
@ -93,22 +95,26 @@ func (d *Daemon) BuildImage(ctx context.Context, params api.ImageBuildParams) (i
 		Size:          params.Size,
 	}
 	op.stage("launch_builder", "build_log_path", buildLogPath, "artifact_dir", artifactDir)
+	imageBuildStage(ctx, "launch_builder", "building rootfs from base image")
 	if err := d.runImageBuild(ctx, spec); err != nil {
 		_ = logFile.Sync()
 		_ = os.RemoveAll(artifactDir)
 		return model.Image{}, err
 	}
+	imageBuildStage(ctx, "prepare_work_seed", "building reusable work seed")
 	if err := system.BuildWorkSeedImage(ctx, d.runner, rootfsPath, workSeedPath); err != nil {
 		_ = logFile.Sync()
 		_ = os.RemoveAll(artifactDir)
 		return model.Image{}, err
 	}
+	imageBuildStage(ctx, "seed_ssh", "seeding runtime SSH access")
 	seededSSHPublicKeyFingerprint, err := d.seedAuthorizedKeyOnExt4Image(ctx, workSeedPath)
 	if err != nil {
 		_ = logFile.Sync()
 		_ = os.RemoveAll(artifactDir)
 		return model.Image{}, err
 	}
+	imageBuildStage(ctx, "write_metadata", "writing image metadata")
 	if err := writePackagesMetadata(rootfsPath, d.config.DefaultPackagesFile); err != nil {
 		_ = logFile.Sync()
 		_ = os.RemoveAll(artifactDir)
@ -131,10 +137,12 @@ func (d *Daemon) BuildImage(ctx context.Context, params api.ImageBuildParams) (i
 		CreatedAt:                     now,
 		UpdatedAt:                     now,
 	}
+	imageBuildBindImage(ctx, image)
 	if err := d.store.UpsertImage(ctx, image); err != nil {
 		return model.Image{}, err
 	}
 	op.stage("persisted", "build_log_path", buildLogPath)
+	imageBuildStage(ctx, "persisted", "image metadata saved")
 	if d.logger != nil {
 		d.logger.Info("image build log preserved", append(imageLogAttrs(image), "build_log_path", buildLogPath)...)
 	}
--- a/internal/daemon/web.go
+++ b/internal/daemon/web.go
@ -0,0 +1,65 @@
+package daemon
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"strings"
+	"time"
+
+	"banger/internal/model"
+	"banger/internal/paths"
+	"banger/internal/webui"
+)
+
+func (d *Daemon) startWebServer() error {
+	listenAddr := strings.TrimSpace(d.config.WebListenAddr)
+	if listenAddr == "" {
+		d.webURL = ""
+		return nil
+	}
+	listener, err := net.Listen("tcp", listenAddr)
+	if err != nil {
+		if d.logger != nil {
+			d.logger.Error("web ui listen failed", "addr", listenAddr, "error", err.Error())
+		}
+		return fmt.Errorf("web ui listen on %s: %w", listenAddr, err)
+	}
+	d.webListener = listener
+	d.webURL = "http://" + listener.Addr().String()
+	d.webServer = &http.Server{
+		Handler:           webui.NewHandler(d),
+		ReadHeaderTimeout: 5 * time.Second,
+	}
+	if d.logger != nil {
+		d.logger.Info("web ui serving", "addr", listener.Addr().String(), "url", d.webURL)
+	}
+	go func() {
+		err := d.webServer.Serve(listener)
+		if err == nil || errors.Is(err, http.ErrServerClosed) {
+			return
+		}
+		if d.logger != nil {
+			d.logger.Error("web ui serve failed", "addr", listener.Addr().String(), "error", err.Error())
+		}
+	}()
+	return nil
+}
+
+func (d *Daemon) Layout() paths.Layout {
+	return d.layout
+}
+
+func (d *Daemon) Config() model.DaemonConfig {
+	return d.config
+}
+
+func (d *Daemon) ListVMs(ctx context.Context) ([]model.VMRecord, error) {
+	return d.store.ListVMs(ctx)
+}
+
+func (d *Daemon) ListImages(ctx context.Context) ([]model.Image, error) {
+	return d.store.ListImages(ctx)
+}