New novelty shell emulating RoombaOS with cleaning, scheduling,
diagnostics, floor map, and humorous history entries. Bump version
to 0.16.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add a PostgreSQL psql interactive terminal shell with backslash
meta-commands, SQL statement handling with multi-line buffering, and
canned responses for common queries. Add username-based shell routing
via [shell.username_routes] config (second priority after credential-
specific shell, before random selection). Bump version to 0.13.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Regex-based output assembly: scan exec commands for known patterns
and return plausible fake values rather than interpreting shell
pipelines. Waiting on more real-world bot examples before implementing.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Bots often send commands via `ssh user@host <command>` (exec request)
rather than requesting an interactive shell. These were previously
rejected silently. Now exec commands are captured, stored on the session
record, and displayed in the web UI session detail page.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Embeds a DB-IP Lite country MMDB (~5MB) in the binary via go:embed,
keeping the single-binary deployment story clean. Country codes are
stored alongside login attempts and sessions, shown in the dashboard
(Top IPs, Top Countries card, Recent/Active Sessions, session detail).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add internal/metrics package with dedicated Prometheus registry exposing
SSH connection, auth attempt, session, and build info metrics. Wire into
SSH server (4 instrumentation points) and web server (/metrics endpoint).
Add dockerImage output to flake.nix via dockerTools.buildLayeredImage.
Bump version to 0.7.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Zork-style dungeon crawler set in an abandoned data center / medieval dungeon.
11 rooms, 6 items, 3 puzzles (dark room, locked door, maintenance panel),
standard text adventure parser with verb aliases and direction shortcuts.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implement Samsung FridgeOS-themed shell (PLAN.md §3.3) with inventory
management, temperature controls, diagnostics, alerts, and other
appliance commands. Add per-credential shell routing so static
credentials can specify which shell to use via the `shell` config field,
passed through ssh.Permissions.Extensions.
Also extract shared ReadLine helper from bash to the shell package so
both shells can reuse terminal input handling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implement phase 2.1 (human detection) and 2.2 (notifications):
- Detection scorer computes 0.0-1.0 human likelihood from keystroke
timing variance, special key usage, typing speed, command diversity,
and session duration
- Webhook notifier sends JSON POST to configured endpoints with
deduplication, custom headers, and event filtering
- RecordingChannel gains an event callback for feeding keystrokes
to the scorer without coupling shell and detection packages
- Server wires scorer into session lifecycle with periodic updates
and threshold-based notification triggers
- Web UI shows human score in session tables with highlighting
- New config sections: [detection] and [[notify.webhooks]]
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Implements Phase 1.5 — an embedded web UI using Go templates, Pico CSS
(dark theme), and htmx for auto-refreshing stats and active sessions.
Adds read query methods to the Store interface (GetDashboardStats,
GetTopUsernames, GetTopPasswords, GetTopIPs, GetRecentSessions) with
implementations for both SQLite and MemoryStore. Introduces the
internal/web package with server, handlers, templates, and tests.
Web server is opt-in via [web] config section and runs alongside
SSH with graceful shutdown. Bumps version to 0.2.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add session context, shell configuration, and transparent I/O recording
design notes based on exploration of available SSH library context and
forward-planning for session replay (phase 2.3).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds persistent storage using modernc.org/sqlite (pure Go). Login
attempts are deduplicated by (username, password, ip) with counts.
Sessions and session logs are tracked with UUID IDs. Includes embedded
SQL migrations, configurable retention with background pruning, and
an in-memory store for tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
