Spaces:

Jibbalit
/

dtgfdhgd

Paused

App Files Files Community

Jibbalit commited on Mar 13

Commit

f4bfc02

0 Parent(s):

Set up HF Spaces external bridge with Docker dev mode.

Browse files

Files changed (20) hide show

.env +6 -0
.gitignore +2 -0
Dockerfile +25 -0
Dockerfile.dev +44 -0
Dockerfile.external +27 -0
README.md +143 -0
app.py +178 -0
bridge_client.py +60 -0
dev-start.sh +20 -0
docker-compose.dev.yml +36 -0
docker-compose.yml +17 -0
external_server.py +36 -0
model_configs.json +17 -0
requirements.txt +17 -0
security_config.json +14 -0
security_manager.py +69 -0
ssh-setup.sh +7 -0
start.sh +11 -0
streamlit_app.py +638 -0
voice_handler.py +57 -0

.env ADDED Viewed

	@@ -0,0 +1,6 @@

+# External bridge endpoint (local machine side)
+LOCAL_BRIDGE_URL=ws://localhost:8765
+# Optional controls
+SECURITY_LEVEL=high
+LOG_LEVEL=INFO

.gitignore ADDED Viewed

	@@ -0,0 +1,2 @@


1	+ __pycache__/
2	+ *.pyc

Dockerfile ADDED Viewed

	@@ -0,0 +1,25 @@

+FROM python:3.11-slim
+WORKDIR /app
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    portaudio19-dev \
+    ffmpeg \
+    wget \
+    curl \
+    git \
+    build-essential \
+    && rm -rf /var/lib/apt/lists/*
+COPY requirements.txt /app/requirements.txt
+RUN pip install --no-cache-dir -r /app/requirements.txt
+COPY . /app
+RUN mkdir -p /app/logs /app/temp /app/data
+EXPOSE 7860
+HEALTHCHECK --interval=30s --timeout=30s --start-period=20s --retries=3 \
+    CMD curl -f http://localhost:7860/ || exit 1
+CMD ["streamlit", "run", "app.py", "--server.port=7860", "--server.address=0.0.0.0"]

Dockerfile.dev ADDED Viewed

	@@ -0,0 +1,44 @@

+FROM python:3.11-slim
+ENV PYTHONUNBUFFERED=1
+ENV DEV_MODE=true
+ENV SSH_ENABLED=true
+ENV DISPLAY=:99
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    openssh-server \
+    sudo \
+    curl \
+    wget \
+    git \
+    vim \
+    xvfb \
+    x11vnc \
+    ffmpeg \
+    && rm -rf /var/lib/apt/lists/*
+RUN mkdir /var/run/sshd \
+    && useradd -m -s /bin/bash devuser \
+    && echo "devuser:devpass" | chpasswd \
+    && echo "devuser ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/devuser \
+    && chmod 440 /etc/sudoers.d/devuser \
+    && echo "Port 22" >> /etc/ssh/sshd_config \
+    && echo "PermitRootLogin no" >> /etc/ssh/sshd_config \
+    && echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
+WORKDIR /app
+COPY requirements.txt /app/requirements.txt
+RUN pip install --no-cache-dir -r /app/requirements.txt \
+    && pip install --no-cache-dir jupyter jupyterlab ipython black flake8 pytest
+COPY . /app
+RUN mkdir -p /app/logs /app/temp /app/data /home/devuser/.ssh \
+    && chown -R devuser:devuser /home/devuser /app
+EXPOSE 22 7860 5900 8888
+COPY dev-start.sh /dev-start.sh
+RUN chmod +x /dev-start.sh
+CMD ["/dev-start.sh"]

Dockerfile.external ADDED Viewed

	@@ -0,0 +1,27 @@

+FROM python:3.10-slim
+ENV PYTHONUNBUFFERED=1
+ENV DISPLAY=:99
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    wget \
+    ffmpeg \
+    xvfb \
+    && rm -rf /var/lib/apt/lists/*
+WORKDIR /app
+COPY requirements.txt /app/requirements.txt
+RUN pip install --no-cache-dir -r /app/requirements.txt
+COPY . /app
+RUN mkdir -p /logs /downloads /audio
+EXPOSE 8501 8765 8000
+COPY start.sh /start.sh
+RUN chmod +x /start.sh
+CMD ["/start.sh"]

README.md ADDED Viewed

	@@ -0,0 +1,143 @@

+# Abliterated Agency Hub
+Streamlit + Docker setup for Hugging Face Spaces with an external bridge and SSH-enabled development mode.
+## Project Structure
+```text
+abliterated-agency/
+├── Dockerfile
+├── Dockerfile.dev
+├── Dockerfile.external
+├── docker-compose.yml
+├── docker-compose.dev.yml
+├── app.py
+├── bridge_client.py
+├── security_manager.py
+├── voice_handler.py
+├── model_configs.json
+├── security_config.json
+├── requirements.txt
+├── .env
+├── external_server.py
+├── dev-start.sh
+├── start.sh
+└── ssh-setup.sh
+```
+## HF Spaces Deploy (One Shot)
+1. Use `app.py` and `requirements.txt` at repo root.
+2. Push to your Space:
+```bash
+git init
+git add .
+git commit -m "Abliterated agency hub setup"
+git remote add origin https://huggingface.co/spaces/YOUR_USERNAME/YOUR_SPACE_NAME
+git push -u origin main
+```
+For token auth:
+```bash
+git remote set-url origin https://USER:TOKEN@huggingface.co/spaces/YOUR_USERNAME/YOUR_SPACE_NAME
+git push -u origin main
+```
+## Docker Pile Breakdown
+- `Dockerfile`
+  Primary runtime image for Streamlit on port `7860` (HF-compatible).
+- `docker-compose.yml`
+  Standard local container run for the same app.
+- `Dockerfile.dev`
+  Dev container with SSH, VNC, and Jupyter installed.
+- `docker-compose.dev.yml`
+  Development mode stack with local source mount and extra dev ports.
+- `Dockerfile.external`
+  Alternate external bridge image (kept for compatibility with earlier flow).
+## Standard Docker Run
+```bash
+docker compose up --build
+```
+App URL: `http://localhost:7860`
+## Dev Mode + SSH
+Start dev stack:
+```bash
+docker compose -f docker-compose.dev.yml up --build -d
+```
+Access points:
+- Streamlit: `http://localhost:7860`
+- SSH: `ssh devuser@localhost -p 2222` (password: `devpass`)
+- VNC: `localhost:5900`
+- Jupyter: `http://localhost:8888`
+Quick SSH startup helper:
+```bash
+bash ssh-setup.sh
+```
+## SSH Notes
+Docker dev image includes:
+- `openssh-server`
+- `sudo`
+- user `devuser` / `devpass`
+- `PermitRootLogin no`
+- `PasswordAuthentication yes`
+X11 forwarding:
+```bash
+ssh -X devuser@localhost -p 2222
+```
+Tunnel from container to local bridge:
+```bash
+ssh -L 8765:localhost:8765 user@host
+```
+## Streamlit Dev Mode Flags
+Dev startup uses:
+```bash
+streamlit run app.py \
+  --server.runOnSave=true \
+  --server.headless=false \
+  --server.address=0.0.0.0 \
+  --server.port=7860
+```
+## External Bridge Server (Your Machine)
+Run external bridge:
+```bash
+pip install websockets
+python external_server.py
+```
+Default bridge endpoint: `ws://localhost:8765`
+## Security Website Access
+Defaults now allow:
+- `youtube.com`
+- `instagram.com`
+- `tiktok.com`
+Configured in `security_config.json` and exposed in the Streamlit sidebar controls.

app.py ADDED Viewed

	@@ -0,0 +1,178 @@

+#!/usr/bin/env python3
+from __future__ import annotations
+import json
+from datetime import datetime
+from pathlib import Path
+import streamlit as st
+from bridge_client import BridgeClient
+from security_manager import SecurityManager
+from voice_handler import VoiceHandler
+st.set_page_config(
+    page_title="Abliterated Agency Hub",
+    page_icon="🤖",
+    layout="wide",
+    initial_sidebar_state="expanded",
+)
+@st.cache_data
+def load_model_configs() -> dict:
+    path = Path("model_configs.json")
+    if not path.exists():
+        return {}
+    return json.loads(path.read_text(encoding="utf-8"))
+def init_state() -> None:
+    if "messages" not in st.session_state:
+        st.session_state.messages = []
+    if "security_state" not in st.session_state:
+        st.session_state.security_state = {
+            "browser_access": False,
+            "file_system_access": False,
+            "cursor_access": False,
+            "voice_enabled": True,
+            "current_voice_model": "kimi_k2_5_q8",
+        }
+    if "bridge_connected" not in st.session_state:
+        st.session_state.bridge_connected = False
+    if "voice_mode" not in st.session_state:
+        st.session_state.voice_mode = "text"
+    if "bridge_client" not in st.session_state:
+        st.session_state.bridge_client = BridgeClient()
+    if "security_manager" not in st.session_state:
+        st.session_state.security_manager = SecurityManager()
+    if "voice_handler" not in st.session_state:
+        st.session_state.voice_handler = VoiceHandler()
+def main() -> None:
+    init_state()
+    model_configs = load_model_configs()
+    with st.sidebar:
+        st.title("Security Control Panel")
+        st.subheader("Access Controls")
+        st.session_state.security_state["browser_access"] = st.toggle(
+            "Browser Access", value=st.session_state.security_state["browser_access"]
+        )
+        st.session_state.security_state["file_system_access"] = st.toggle(
+            "File System Access", value=st.session_state.security_state["file_system_access"]
+        )
+        st.session_state.security_state["cursor_access"] = st.toggle(
+            "Cursor Control", value=st.session_state.security_state["cursor_access"]
+        )
+        st.subheader("Website Gate")
+        blocked_sites = st.text_area(
+            "Blocked Websites",
+            value="",
+        )
+        allowed_sites = st.text_area(
+            "Allowed Websites",
+            value="google.com,github.com,huggingface.co,youtube.com,instagram.com,tiktok.com",
+        )
+        sm = st.session_state.security_manager
+        sm.blocked_domains = {x.strip() for x in blocked_sites.split(",") if x.strip()}
+        sm.allowed_domains = {x.strip() for x in allowed_sites.split(",") if x.strip()}
+        sm.save_config()
+        st.subheader("Voice Settings")
+        st.session_state.voice_mode = st.selectbox(
+            "Voice Mode",
+            options=["text", "voice", "hybrid"],
+            index=["text", "voice", "hybrid"].index(st.session_state.voice_mode),
+        )
+        st.session_state.security_state["current_voice_model"] = st.selectbox(
+            "Voice Model",
+            options=["kimi_k2_5_q8", "whisper_speech", "granite_speech"],
+            index=["kimi_k2_5_q8", "whisper_speech", "granite_speech"].index(
+                st.session_state.security_state["current_voice_model"]
+            ),
+        )
+        st.subheader("Bridge Connection")
+        if st.button("Connect to Local Bridge"):
+            st.session_state.bridge_connected = st.session_state.bridge_client.connect()
+            if st.session_state.bridge_connected:
+                st.success("Bridge connected.")
+            else:
+                st.error("Bridge unavailable.")
+        st.subheader("Model Status")
+        for cfg in model_configs.values():
+            online = cfg.get("available", False)
+            st.text(f"{cfg.get('name', 'unknown')}: {'Online' if online else 'Offline'}")
+    st.title("Abliterated Agency Hub")
+    st.markdown("### AI coordinator with external bridge and security gates")
+    for message in st.session_state.messages:
+        with st.chat_message(message["role"]):
+            st.write(message["content"])
+            st.caption(message["timestamp"])
+    if st.session_state.voice_mode != "text":
+        if st.button("Start Voice Input"):
+            heard = st.session_state.voice_handler.listen()
+            if heard:
+                st.session_state.messages.append(
+                    {
+                        "role": "user",
+                        "content": heard,
+                        "timestamp": datetime.now().strftime("%H:%M:%S"),
+                    }
+                )
+                st.rerun()
+    prompt = st.chat_input("Message your agent...")
+    if prompt:
+        st.session_state.messages.append(
+            {"role": "user", "content": prompt, "timestamp": datetime.now().strftime("%H:%M:%S")}
+        )
+        if "video" in prompt.lower() or "generate" in prompt.lower():
+            model_name = "minimax_video"
+        elif "image" in prompt.lower() or "picture" in prompt.lower():
+            model_name = "phi4_analysis"
+        else:
+            model_name = "kimi_k2_5_q8"
+        with st.spinner("Processing..."):
+            response = st.session_state.bridge_client.send_request(
+                model=model_name,
+                prompt=prompt,
+                security_context=st.session_state.security_state,
+            )
+        st.session_state.messages.append(
+            {
+                "role": "assistant",
+                "content": response,
+                "timestamp": datetime.now().strftime("%H:%M:%S"),
+            }
+        )
+        if st.session_state.voice_mode in {"voice", "hybrid"}:
+            st.session_state.voice_handler.speak(response)
+        st.rerun()
+    st.divider()
+    c1, c2, c3, c4 = st.columns(4)
+    c1.metric("Bridge", "Connected" if st.session_state.bridge_connected else "Disconnected")
+    c2.metric("Security", "Custom")
+    c3.metric("Voice Mode", st.session_state.voice_mode.title())
+    c4.metric(
+        "Active Models",
+        len([m for m in model_configs.values() if m.get("available", False)]),
+    )
+if __name__ == "__main__":
+    main()

bridge_client.py ADDED Viewed

	@@ -0,0 +1,60 @@

+from __future__ import annotations
+import asyncio
+import json
+import logging
+from datetime import datetime
+from typing import Any, Dict, Optional
+import websockets
+logger = logging.getLogger(__name__)
+class BridgeClient:
+    def __init__(self, bridge_url: str = "ws://localhost:8765") -> None:
+        self.bridge_url = bridge_url
+        self.connected = False
+    async def _connect_async(self) -> bool:
+        """Probe external bridge by opening/closing a websocket."""
+        try:
+            async with websockets.connect(self.bridge_url, open_timeout=3):
+                self.connected = True
+            return True
+        except Exception as exc:
+            logger.warning("Bridge connect failed: %s", exc)
+            self.connected = False
+            return False
+    async def _send_request_async(
+        self, model: str, prompt: str, security_context: Dict[str, Any]
+    ) -> str:
+        payload = {
+            "model": model,
+            "prompt": prompt,
+            "security_context": security_context,
+            "timestamp": datetime.utcnow().isoformat(),
+        }
+        try:
+            async with websockets.connect(self.bridge_url, open_timeout=4) as ws:
+                await ws.send(json.dumps(payload))
+                raw = await ws.recv()
+                data = json.loads(raw)
+                self.connected = True
+                return data.get("response", "No response received.")
+        except Exception as exc:
+            self.connected = False
+            return (
+                f"[Bridge unavailable] {exc}. "
+                "No external system response was received."
+            )
+    def connect(self) -> bool:
+        return asyncio.run(self._connect_async())
+    def send_request(
+        self, model: str, prompt: str, security_context: Dict[str, Any]
+    ) -> str:
+        return asyncio.run(self._send_request_async(model, prompt, security_context))

dev-start.sh ADDED Viewed

	@@ -0,0 +1,20 @@

+#!/usr/bin/env bash
+set -euo pipefail
+echo "Starting development services..."
+service ssh start
+Xvfb :99 -screen 0 1280x800x24 >/tmp/xvfb.log 2>&1 &
+x11vnc -display :99 -forever -nopw -rfbport 5900 >/tmp/x11vnc.log 2>&1 &
+jupyter lab --ip=0.0.0.0 --port=8888 --no-browser --allow-root --ServerApp.token='' >/tmp/jupyter.log 2>&1 &
+cd /app
+streamlit run app.py \
+  --server.port=7860 \
+  --server.address=0.0.0.0 \
+  --server.runOnSave=true \
+  --server.headless=false >/tmp/streamlit.log 2>&1 &
+tail -f /tmp/streamlit.log

docker-compose.dev.yml ADDED Viewed

	@@ -0,0 +1,36 @@

+version: "3.8"
+services:
+  agency-dev:
+    build:
+      context: .
+      dockerfile: Dockerfile.dev
+    container_name: abliterated-agency-dev
+    ports:
+      - "7860:7860"
+      - "2222:22"
+      - "5900:5900"
+      - "8888:8888"
+    volumes:
+      - ./:/app
+      - ./logs:/app/logs
+      - ./ssh:/root/.ssh
+      - ./vscode:/root/.vscode
+    environment:
+      - DEVELOPMENT_MODE=true
+      - SSH_ENABLE=true
+      - VNC_ENABLE=true
+      - JUPYTER_ENABLE=true
+      - DISPLAY=:99
+      - PYTHONUNBUFFERED=1
+    env_file:
+      - .env
+    stdin_open: true
+    tty: true
+    networks:
+      - dev-net
+    restart: unless-stopped
+networks:
+  dev-net:
+    driver: bridge

docker-compose.yml ADDED Viewed

	@@ -0,0 +1,17 @@

+version: "3.8"
+services:
+  agency-hub:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: abliterated-agency
+    ports:
+      - "7860:7860"
+    env_file:
+      - .env
+    volumes:
+      - ./logs:/app/logs
+      - ./data:/app/data
+      - ./temp:/app/temp
+    restart: unless-stopped

external_server.py ADDED Viewed

	@@ -0,0 +1,36 @@

+#!/usr/bin/env python3
+"""External system server running on your own machine."""
+from __future__ import annotations
+import asyncio
+import json
+import logging
+import websockets
+logging.basicConfig(level=logging.INFO, format="%(asctime)s - external: %(message)s")
+logger = logging.getLogger(__name__)
+async def handle_client(websocket):
+    async for message in websocket:
+        data = json.loads(message)
+        logger.info("Received: %s", data)
+        response = {
+            "type": "response",
+            "command": data.get("command"),
+            "success": True,
+            "data": {"message": "External system processed command"},
+        }
+        await websocket.send(json.dumps(response))
+async def main() -> None:
+    async with websockets.serve(handle_client, "0.0.0.0", 8765):
+        logger.info("External system server started on ws://0.0.0.0:8765")
+        await asyncio.Future()
+if __name__ == "__main__":
+    asyncio.run(main())

model_configs.json ADDED Viewed

	@@ -0,0 +1,17 @@

+{
+  "kimi_k2_5_q8": {
+    "name": "Kimi-K2.5-Q8",
+    "available": true,
+    "role": "general_planner"
+  },
+  "phi4_analysis": {
+    "name": "Phi-4 Analysis",
+    "available": true,
+    "role": "analysis"
+  },
+  "minimax_video": {
+    "name": "MiniMax Video",
+    "available": false,
+    "role": "video_generation"
+  }
+}

requirements.txt ADDED Viewed

	@@ -0,0 +1,17 @@

+streamlit==1.41.0
+streamlit-webrtc>=0.47.0
+requests>=2.31.0
+websockets>=12.0
+aiohttp>=3.9.0
+numpy>=1.24.0
+pandas>=2.0.0
+pytrends>=4.9.0
+GoogleNews>=1.6.0
+feedparser>=6.0.0
+python-dotenv>=1.0.0
+pydantic>=2.5.0
+cryptography>=41.0.0
+httpx>=0.25.0
+psutil>=5.9.0
+SpeechRecognition>=3.10.0
+pyttsx3>=2.90

security_config.json ADDED Viewed

	@@ -0,0 +1,14 @@

+{
+  "blocked_domains": [],
+  "allowed_domains": [
+    "google.com",
+    "github.com",
+    "huggingface.co",
+    "youtube.com",
+    "instagram.com",
+    "tiktok.com"
+  ],
+  "policies": {
+    "default_deny_when_allowlist_set": true
+  }
+}

security_manager.py ADDED Viewed

	@@ -0,0 +1,69 @@

+from __future__ import annotations
+import json
+from pathlib import Path
+from typing import Any, Dict, Set
+from urllib.parse import urlparse
+class SecurityManager:
+    def __init__(self, config_file: str = "security_config.json") -> None:
+        self.config_file = Path(config_file)
+        self.blocked_domains: Set[str] = set()
+        self.allowed_domains: Set[str] = set()
+        self.policies: Dict[str, Any] = {}
+        self.load_config()
+    def load_config(self) -> None:
+        if self.config_file.exists():
+            data = json.loads(self.config_file.read_text(encoding="utf-8"))
+            self.blocked_domains = set(data.get("blocked_domains", []))
+            self.allowed_domains = set(data.get("allowed_domains", []))
+            self.policies = data.get("policies", {})
+            return
+        self.blocked_domains = set()
+        self.allowed_domains = {
+            "google.com",
+            "github.com",
+            "huggingface.co",
+            "youtube.com",
+            "instagram.com",
+            "tiktok.com",
+        }
+        self.policies = {"default_deny_when_allowlist_set": True}
+        self.save_config()
+    def save_config(self) -> None:
+        data = {
+            "blocked_domains": sorted(self.blocked_domains),
+            "allowed_domains": sorted(self.allowed_domains),
+            "policies": self.policies,
+        }
+        self.config_file.write_text(json.dumps(data, indent=2), encoding="utf-8")
+    def is_website_allowed(self, url: str) -> bool:
+        try:
+            host = urlparse(url).netloc.lower().replace("www.", "")
+            if any(d in host for d in self.blocked_domains):
+                return False
+            if self.allowed_domains:
+                return any(d in host for d in self.allowed_domains)
+            return True
+        except Exception:
+            return False
+    def validate_action(self, action: str, context: Dict[str, Any]) -> bool:
+        """Simple policy gate; expandable."""
+        if action == "browser_navigate":
+            url = context.get("url", "")
+            return self.is_website_allowed(url)
+        return True
+    def get_security_report(self) -> Dict[str, Any]:
+        return {
+            "blocked_domains_count": len(self.blocked_domains),
+            "allowed_domains_count": len(self.allowed_domains),
+            "policies_active": bool(self.policies),
+            "security_level": "high",
+        }

ssh-setup.sh ADDED Viewed

	@@ -0,0 +1,7 @@

+#!/usr/bin/env bash
+set -euo pipefail
+CONTAINER_NAME="${1:-abliterated-agency-dev}"
+docker exec -it "$CONTAINER_NAME" /etc/init.d/ssh start
+echo "SSH ready on port 2222 (host mapping)."
+echo "Login: devuser/devpass"

start.sh ADDED Viewed

	@@ -0,0 +1,11 @@

+#!/usr/bin/env bash
+set -euo pipefail
+echo "Starting HF Spaces external bridge..."
+cd /app
+if [ -f "app.py" ]; then
+  exec streamlit run app.py --server.port=8501 --server.address=0.0.0.0
+else
+  exec streamlit run streamlit_app.py --server.port=8501 --server.address=0.0.0.0
+fi

streamlit_app.py ADDED Viewed

	@@ -0,0 +1,638 @@

+"""
+Apex OmniAgent — Streamlit UI
+==============================
+A Streamlit-based interface that mirrors the React UI layout:
+  - Top toolbar with security toggles and status indicators
+  - Three-pane layout: File Explorer | Workspace Canvas | Tools Panel
+  - Bottom terminal pane with log viewer and command input
+Connects to the same Python gateway API at http://localhost:7860.
+Usage:
+  streamlit run streamlit_app.py
+  streamlit run streamlit_app.py -- --gateway http://localhost:7860
+"""
+from __future__ import annotations
+import argparse
+import json
+import sys
+import requests
+import streamlit as st
+# ---------------------------------------------------------------------------
+# Configuration
+# ---------------------------------------------------------------------------
+GATEWAY_URL = "http://localhost:7860"
+# Parse --gateway flag when launched via: streamlit run streamlit_app.py -- --gateway URL
+_parser = argparse.ArgumentParser(add_help=False)
+_parser.add_argument("--gateway", default=GATEWAY_URL)
+_args, _ = _parser.parse_known_args(sys.argv[1:])
+GATEWAY_URL = _args.gateway.rstrip("/")
+# ---------------------------------------------------------------------------
+# Page config
+# ---------------------------------------------------------------------------
+st.set_page_config(
+    page_title="Apex OmniAgent",
+    page_icon="⬡",
+    layout="wide",
+    initial_sidebar_state="collapsed",
+)
+# ---------------------------------------------------------------------------
+# Custom CSS — matches the React/Tailwind dark theme
+# ---------------------------------------------------------------------------
+# Color tokens (from tailwind.config.js):
+#   apex-bg:           #0d0d0d
+#   apex-panel:        #141420
+#   apex-border:       #2a2a4a
+#   apex-accent:       #7060e0
+#   apex-accent-light: #a090ff
+_CUSTOM_CSS = """
+<style>
+/* ── Root theme ───────────────────────────────────────────────── */
+:root {
+    color-scheme: dark;
+}
+[data-testid="stAppViewContainer"],
+[data-testid="stApp"],
+[data-testid="stHeader"],
+section[data-testid="stSidebar"] {
+    background-color: #0d0d0d !important;
+    color: #e0e0f0 !important;
+}
+[data-testid="stAppViewBlockContainer"] {
+    padding-top: 0.5rem !important;
+}
+/* ── Panel cards ──────────────────────────────────────────────── */
+.panel-card {
+    background: #141420;
+    border: 1px solid #2a2a4a;
+    border-radius: 6px;
+    padding: 0;
+    overflow: hidden;
+    height: 100%;
+}
+.panel-header {
+    padding: 8px 12px;
+    font-size: 11px;
+    font-weight: 600;
+    text-transform: uppercase;
+    letter-spacing: 0.12em;
+    color: #a090ff;
+    border-bottom: 1px solid #2a2a4a;
+}
+.panel-body {
+    padding: 8px 12px;
+}
+/* ── Toolbar ──────────────────────────────────────────────────── */
+.toolbar {
+    display: flex;
+    align-items: center;
+    gap: 16px;
+    padding: 8px 16px;
+    background: #0a0a1a;
+    border-bottom: 1px solid #2a2a4a;
+    margin-bottom: 8px;
+    border-radius: 6px;
+}
+.toolbar-title {
+    color: #a090ff;
+    font-weight: 700;
+    font-size: 13px;
+    letter-spacing: 0.05em;
+    white-space: nowrap;
+}
+.toolbar-divider {
+    width: 1px;
+    height: 20px;
+    background: #2a2a4a;
+}
+.toolbar-label {
+    font-size: 11px;
+    color: #6b7280;
+    margin-right: 4px;
+}
+.status-dot {
+    display: inline-block;
+    width: 8px;
+    height: 8px;
+    border-radius: 50%;
+    margin-right: 4px;
+}
+.status-dot.green  { background: #22c55e; }
+.status-dot.blue   { background: #60a5fa; }
+.status-dot.gray   { background: #4b5563; }
+.status-dot.red    { background: #ef4444; }
+.status-text {
+    font-size: 11px;
+    color: #6b7280;
+}
+/* ── File tree ────────────────────────────────────────────────── */
+.file-tree-folder {
+    display: flex;
+    align-items: center;
+    gap: 4px;
+    padding: 3px 0;
+    font-size: 12px;
+    color: #d1d5db;
+    cursor: pointer;
+    user-select: none;
+}
+.file-tree-file {
+    display: flex;
+    align-items: center;
+    gap: 6px;
+    padding: 3px 0;
+    font-size: 12px;
+    color: #9ca3af;
+}
+.file-tree-file:hover {
+    color: #ffffff;
+}
+/* ── Node palette ─────────────────────────────────────────────── */
+.node-card {
+    display: flex;
+    align-items: flex-start;
+    gap: 8px;
+    padding: 8px;
+    border: 1px solid #2a2a4a;
+    border-radius: 6px;
+    margin-bottom: 6px;
+    background: transparent;
+}
+.node-card:hover {
+    background: rgba(255,255,255,0.03);
+}
+.node-icon {
+    font-size: 16px;
+    flex-shrink: 0;
+}
+.node-label {
+    font-size: 12px;
+    font-weight: 500;
+    color: #d1d5db;
+}
+.node-desc {
+    font-size: 10px;
+    color: #6b7280;
+}
+/* ── Connection status ────────────────────────────────────────── */
+.conn-item {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    padding: 3px 0;
+    font-size: 12px;
+    color: #9ca3af;
+}
+/* ── Settings row ─────────────────────────────────────────────── */
+.settings-row {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 3px 0;
+    font-size: 12px;
+    color: #9ca3af;
+}
+.settings-value {
+    font-size: 10px;
+}
+.settings-value.enabled  { color: #22c55e; }
+.settings-value.disabled { color: #6b7280; font-style: italic; }
+/* ── Terminal ─────────────────────────────────────────────────── */
+.terminal-wrap {
+    background: rgba(0,0,0,0.9);
+    border: 1px solid #2a2a4a;
+    border-radius: 6px 6px 0 0;
+    overflow: hidden;
+}
+.terminal-header {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 4px 12px;
+    border-bottom: 1px solid #2a2a4a;
+}
+.terminal-title {
+    font-family: monospace;
+    font-size: 10px;
+    color: #a090ff;
+    letter-spacing: 0.1em;
+}
+.terminal-body {
+    padding: 8px 12px;
+    max-height: 180px;
+    overflow-y: auto;
+    font-family: monospace;
+    font-size: 10px;
+    line-height: 1.7;
+}
+.log-normal  { color: #9ca3af; }
+.log-error   { color: #f87171; }
+.log-warning { color: #facc15; }
+.log-cmd     { color: #86efac; }
+/* ── Canvas workspace (Graphviz) ──────────────────────────────── */
+.canvas-wrap {
+    background: #0d0d14;
+    border: 1px solid #2a2a4a;
+    border-radius: 6px;
+    padding: 12px;
+    min-height: 360px;
+    display: flex;
+    flex-direction: column;
+}
+/* ── Kill switch button ───────────────────────────────────────── */
+.kill-btn {
+    font-size: 10px;
+    padding: 2px 8px;
+    border-radius: 4px;
+    border: 1px solid #991b1b;
+    color: #f87171;
+    background: transparent;
+    cursor: pointer;
+}
+.kill-btn:hover { background: rgba(127,29,29,0.3); }
+.kill-btn.armed {
+    border-color: #ef4444;
+    background: rgba(127,29,29,0.4);
+    color: #fca5a5;
+    cursor: not-allowed;
+}
+/* ── Toggle pills (matching React toggle-on / toggle-off) ───── */
+.toggle-pill {
+    display: inline-flex;
+    align-items: center;
+    gap: 6px;
+    padding: 4px 8px;
+    border-radius: 4px;
+    font-size: 11px;
+    cursor: pointer;
+    user-select: none;
+}
+.toggle-pill.on  { background: #7060e0; color: #fff; }
+.toggle-pill.off { background: #141420; border: 1px solid #2a2a4a; color: #9ca3af; }
+/* ── Utility ──────────────────────────────────────────────────── */
+.spacer { flex: 1; }
+/* ── Hide Streamlit default padding / branding ────────────────── */
+#MainMenu { visibility: hidden; }
+footer    { visibility: hidden; }
+header    { visibility: hidden !important; }
+[data-testid="stDecoration"] { display: none; }
+</style>
+"""
+st.markdown(_CUSTOM_CSS, unsafe_allow_html=True)
+# ---------------------------------------------------------------------------
+# Session state defaults
+# ---------------------------------------------------------------------------
+if "logs" not in st.session_state:
+    st.session_state.logs = [
+        "[gateway] Starting Apex OmniAgent gateway on :7860",
+        "[gateway] PolicyEnforcer loaded — suggest_only=True",
+        "[gateway] HotwordDetector ready (Porcupine)",
+        "[capture] ScreenCapture initialized (mss)",
+        "[audit]   Audit log → ~/.apex-agent/audit.log",
+        "[info]    Waiting for hotword…",
+    ]
+if "kill_switch" not in st.session_state:
+    st.session_state.kill_switch = False
+if "suggest_only" not in st.session_state:
+    st.session_state.suggest_only = True
+if "allow_execute" not in st.session_state:
+    st.session_state.allow_execute = False
+if "allow_network" not in st.session_state:
+    st.session_state.allow_network = False
+# ---------------------------------------------------------------------------
+# Gateway helpers
+# ---------------------------------------------------------------------------
+def _gw_get(path: str) -> dict | None:
+    """GET from gateway; returns parsed JSON or None on error."""
+    try:
+        r = requests.get(f"{GATEWAY_URL}{path}", timeout=5)
+        return r.json()
+    except Exception:
+        return None
+def _gw_post(path: str, body: dict | None = None) -> dict | None:
+    """POST to gateway; returns parsed JSON or None on error."""
+    try:
+        r = requests.post(f"{GATEWAY_URL}{path}", json=body, timeout=10)
+        return r.json()
+    except Exception:
+        return None
+def _check_gateway() -> bool:
+    data = _gw_get("/health")
+    return data is not None and data.get("status") == "ok"
+# ---------------------------------------------------------------------------
+# Toolbar
+# ---------------------------------------------------------------------------
+gateway_ok = _check_gateway()
+_toolbar_toggles_html = ""
+for key, label, state_key in [
+    ("suggest_only",  "Suggest Only",  "suggest_only"),
+    ("allow_execute", "Allow Execute", "allow_execute"),
+    ("allow_network", "Allow Network", "allow_network"),
+]:
+    on = st.session_state[state_key]
+    cls = "on" if on else "off"
+    dot = "background:#fff" if on else "background:#4b5563"
+    _toolbar_toggles_html += (
+        f'<span class="toggle-pill {cls}">'
+        f'<span style="display:inline-block;width:8px;height:8px;border-radius:50%;{dot}"></span>'
+        f"{label}</span> "
+    )
+gw_dot = "green" if gateway_ok else "gray"
+st.markdown(
+    f"""<div class="toolbar">
+  <div class="toolbar-title">⬡ Apex OmniAgent</div>
+  <div class="toolbar-divider"></div>
+  <span class="toolbar-label">Security:</span>
+  {_toolbar_toggles_html}
+  <div class="spacer"></div>
+  <span class="status-text"><span class="status-dot {gw_dot}"></span>Gateway</span>
+  <span class="status-text"><span class="status-dot blue"></span>HuggingFace</span>
+</div>""",
+    unsafe_allow_html=True,
+)
+# Interactive toggle controls (using Streamlit columns for actual interactivity)
+tog_cols = st.columns([1, 1, 1, 4])
+with tog_cols[0]:
+    st.session_state.suggest_only = st.checkbox(
+        "Suggest Only", value=st.session_state.suggest_only, label_visibility="collapsed"
+    )
+with tog_cols[1]:
+    st.session_state.allow_execute = st.checkbox(
+        "Allow Execute", value=st.session_state.allow_execute, label_visibility="collapsed"
+    )
+with tog_cols[2]:
+    st.session_state.allow_network = st.checkbox(
+        "Allow Network", value=st.session_state.allow_network, label_visibility="collapsed"
+    )
+# ---------------------------------------------------------------------------
+# Three-pane layout
+# ---------------------------------------------------------------------------
+col_left, col_center, col_right = st.columns([2, 5, 2], gap="small")
+# ── Left: File Explorer ───────────────────────────────────────────────────────
+PROJECT_TREE = {
+    "Project": {
+        "icon": "📁",
+        "children": {
+            "pipeline.flow": "🔷",
+            "settings.json": "📄",
+        },
+    },
+    "Nodes": {
+        "icon": "📁",
+        "children": {
+            "AudioInputNode.tsx": "⚛️",
+            "ScreenCaptureNode.tsx": "⚛️",
+            "LLMQueryNode.tsx": "⚛️",
+            "PythonRunnerNode.tsx": "⚛️",
+        },
+    },
+    "Configs": {
+        "icon": "📁",
+        "children": {
+            "policy.json": "📄",
+            ".env.example": "🔑",
+        },
+    },
+    "Logs": {
+        "icon": "📁",
+        "children": {
+            "audit.log": "📋",
+        },
+    },
+}
+with col_left:
+    st.markdown('<div class="panel-card">', unsafe_allow_html=True)
+    st.markdown('<div class="panel-header">Explorer</div>', unsafe_allow_html=True)
+    st.markdown('<div class="panel-body">', unsafe_allow_html=True)
+    for folder, info in PROJECT_TREE.items():
+        with st.expander(f"📁 {folder}", expanded=True):
+            for fname, ficon in info["children"].items():
+                st.markdown(
+                    f'<div class="file-tree-file">{ficon} {fname}</div>',
+                    unsafe_allow_html=True,
+                )
+    st.markdown("</div></div>", unsafe_allow_html=True)
+# ── Center: Workspace Canvas ──────────────────────────────────────────────────
+with col_center:
+    st.markdown('<div class="panel-card">', unsafe_allow_html=True)
+    st.markdown('<div class="panel-header">Workspace Canvas</div>', unsafe_allow_html=True)
+    st.markdown('<div class="canvas-wrap">', unsafe_allow_html=True)
+    # Workflow graph using Graphviz (mirrors the React Flow default pipeline)
+    st.graphviz_chart(
+        """
+        digraph pipeline {
+            bgcolor="#0d0d14"
+            graph [rankdir=LR, pad="0.3", nodesep="0.6", ranksep="1.0"]
+            node  [
+                style="filled,rounded"
+                shape=box
+                fontname="Segoe UI"
+                fontsize=11
+                fontcolor="#e0e0f0"
+                color="#2a2a4a"
+                fillcolor="#141420"
+                penwidth=1.2
+            ]
+            edge [
+                color="#7060e0"
+                penwidth=1.5
+                arrowsize=0.7
+            ]
+            audio   [label="🎙  Audio Input"     fillcolor="#1a1028"]
+            screen  [label="📸  Screen Capture"  fillcolor="#0f1528"]
+            llm     [label="🤖  LLM Query"       fillcolor="#18102a"]
+            runner  [label="🐍  Python Runner"   fillcolor="#0f1a14"]
+            audio  -> llm
+            screen -> llm
+            llm    -> runner
+        }
+        """,
+        use_container_width=True,
+    )
+    st.markdown("</div></div>", unsafe_allow_html=True)
+# ── Right: Tools Panel ────────────────────────────────────────────────────────
+NODE_PALETTE = [
+    ("🎙", "Audio Input", "Hotword & PTT capture"),
+    ("📸", "Screen Capture", "Full-screen capture via mss"),
+    ("🤖", "LLM Query", "HuggingFace Inference API"),
+    ("🐍", "Python Runner", "Execute gateway script"),
+]
+CONNECTIONS = [
+    ("Python Gateway", "green" if gateway_ok else "gray"),
+    ("HuggingFace API", "gray"),
+]
+with col_right:
+    # ── Nodes palette ──
+    st.markdown('<div class="panel-card">', unsafe_allow_html=True)
+    st.markdown('<div class="panel-header">Nodes</div>', unsafe_allow_html=True)
+    st.markdown('<div class="panel-body">', unsafe_allow_html=True)
+    for icon, label, desc in NODE_PALETTE:
+        st.markdown(
+            f"""<div class="node-card">
+  <span class="node-icon">{icon}</span>
+  <div><div class="node-label">{label}</div><div class="node-desc">{desc}</div></div>
+</div>""",
+            unsafe_allow_html=True,
+        )
+    st.markdown("</div>", unsafe_allow_html=True)
+    # ── Settings ──
+    st.markdown('<div class="panel-header">Settings</div>', unsafe_allow_html=True)
+    st.markdown('<div class="panel-body">', unsafe_allow_html=True)
+    st.markdown(
+        """<div class="settings-row"><span>TTS Output</span>
+<span class="settings-value disabled">Silent (default)</span></div>""",
+        unsafe_allow_html=True,
+    )
+    st.markdown(
+        """<div class="settings-row"><span>Audit Log</span>
+<span class="settings-value enabled">Enabled</span></div>""",
+        unsafe_allow_html=True,
+    )
+    # Kill-switch
+    armed = st.session_state.kill_switch
+    if st.button(
+        "🔴 Armed" if armed else "Arm Kill-switch",
+        disabled=armed,
+        key="kill_btn",
+    ):
+        result = _gw_post("/kill")
+        st.session_state.kill_switch = True
+        st.session_state.logs.append("[gateway] 🔴 KILL SWITCH ACTIVATED")
+        st.rerun()
+    st.markdown("</div>", unsafe_allow_html=True)
+    # ── Connections ──
+    st.markdown('<div class="panel-header">Connections</div>', unsafe_allow_html=True)
+    st.markdown('<div class="panel-body">', unsafe_allow_html=True)
+    for name, color in CONNECTIONS:
+        st.markdown(
+            f'<div class="conn-item"><span class="status-dot {color}"></span>{name}</div>',
+            unsafe_allow_html=True,
+        )
+    st.markdown("</div></div>", unsafe_allow_html=True)
+# ---------------------------------------------------------------------------
+# Terminal Pane
+# ---------------------------------------------------------------------------
+st.markdown("---", unsafe_allow_html=True)
+st.markdown('<div class="terminal-wrap">', unsafe_allow_html=True)
+st.markdown(
+    '<div class="terminal-header">'
+    '<span class="terminal-title">⬡ Terminal</span>'
+    "</div>",
+    unsafe_allow_html=True,
+)
+# Log output
+log_html = ""
+for line in st.session_state.logs[-50:]:
+    if "[error]" in line:
+        cls = "log-error"
+    elif "[warn]" in line:
+        cls = "log-warning"
+    elif line.startswith(">"):
+        cls = "log-cmd"
+    else:
+        cls = "log-normal"
+    escaped = line.replace("<", "&lt;").replace(">", "&gt;")
+    log_html += f'<div class="{cls}">{escaped}</div>'
+st.markdown(
+    f'<div class="terminal-body">{log_html}</div>',
+    unsafe_allow_html=True,
+)
+st.markdown("</div>", unsafe_allow_html=True)
+# Command input
+with st.form("cmd_form", clear_on_submit=True):
+    cmd_cols = st.columns([10, 1])
+    with cmd_cols[0]:
+        cmd = st.text_input(
+            "command",
+            placeholder="Enter command…",
+            label_visibility="collapsed",
+        )
+    with cmd_cols[1]:
+        submitted = st.form_submit_button("▶")
+    if submitted and cmd.strip():
+        st.session_state.logs.append(f"> {cmd.strip()}")
+        result = _gw_post("/command", {"command": cmd.strip(), "payload": {}})
+        if result is None:
+            st.session_state.logs.append(
+                "[error] Gateway unreachable"
+            )
+        elif result.get("error"):
+            st.session_state.logs.append(f"[error] {result['error']}")
+        else:
+            st.session_state.logs.append(
+                f"[gateway] {json.dumps(result)}"
+            )
+        st.rerun()

voice_handler.py ADDED Viewed

	@@ -0,0 +1,57 @@

+from __future__ import annotations
+import logging
+from typing import Optional
+logger = logging.getLogger(__name__)
+class VoiceHandler:
+    """Graceful voice helper with optional dependencies."""
+    def __init__(self) -> None:
+        self._recognizer = None
+        self._microphone = None
+        self._tts_engine = None
+        self._init_optional_backends()
+    def _init_optional_backends(self) -> None:
+        try:
+            import speech_recognition as sr
+            self._recognizer = sr.Recognizer()
+            self._microphone = sr.Microphone()
+        except Exception as exc:
+            logger.warning("SpeechRecognition unavailable: %s", exc)
+        try:
+            import pyttsx3
+            self._tts_engine = pyttsx3.init()
+        except Exception as exc:
+            logger.warning("TTS unavailable: %s", exc)
+    def listen(self, timeout: int = 4, phrase_time_limit: int = 8) -> Optional[str]:
+        if not self._recognizer or not self._microphone:
+            return None
+        try:
+            with self._microphone as source:
+                self._recognizer.adjust_for_ambient_noise(source, duration=0.5)
+                audio = self._recognizer.listen(
+                    source, timeout=timeout, phrase_time_limit=phrase_time_limit
+                )
+            return self._recognizer.recognize_google(audio).strip()
+        except Exception as exc:
+            logger.warning("Voice listen failed: %s", exc)
+            return None
+    def speak(self, text: str) -> bool:
+        if not self._tts_engine:
+            return False
+        try:
+            self._tts_engine.say(text)
+            self._tts_engine.runAndWait()
+            return True
+        except Exception as exc:
+            logger.warning("Voice speak failed: %s", exc)
+            return False