Add Cloudflare keepalive worker and restyle dashboard

README.md

@@ -21,14 +21,12 @@ secrets:
   - name: HF_TOKEN
     description: "Hugging Face token with write access for private Dataset backup."
   - name: CLOUDFLARE_WORKERS_TOKEN
-    description: "Cloudflare API token for automatic Worker proxy setup."
-  - name: UPTIMEROBOT_API_KEY
-    description: "UptimeRobot Main API key for automatic keep-awake monitor setup."
+    description: "Cloudflare API token for automatic Telegram proxy and keep-awake Worker setup."
 ---
 
 # HuggingMess
 
-HuggingMess runs [Nous Research Hermes Agent](https://github.com/NousResearch/hermes-agent) as a Hugging Face Docker Space. It follows the same practical shape as HuggingClaw: one public Space port, Telegram gateway support, Cloudflare Worker proxy setup, UptimeRobot keep-awake, and private HF Dataset backup for Hermes state.
+HuggingMess runs [Nous Research Hermes Agent](https://github.com/NousResearch/hermes-agent) as a Hugging Face Docker Space. It follows the same practical shape as HuggingClaw: one public Space port, Telegram gateway support, Cloudflare Worker proxy setup, Cloudflare cron keep-awake, and private HF Dataset backup for Hermes state.
 
 ## Quick Start
 
@@ -43,8 +41,7 @@ HuggingMess runs [Nous Research Hermes Agent](https://github.com/NousResearch/he
 | `TELEGRAM_ALLOWED_USERS` | Recommended | Comma-separated numeric Telegram user IDs |
 | `GATEWAY_TOKEN` | Recommended | Bearer token for `/v1/*` API routes |
 | `HF_TOKEN` | Optional | Enables private Dataset backup named `huggingmess-backup` |
-| `CLOUDFLARE_WORKERS_TOKEN` | Optional | Auto-creates a Worker proxy for Telegram Bot API traffic |
-| `UPTIMEROBOT_API_KEY` | Optional | Auto-creates a monitor for `/health` |
+| `CLOUDFLARE_WORKERS_TOKEN` | Optional | Auto-creates Workers for Telegram proxy and `/health` keep-awake |
 
 ## Access Control
 
@@ -124,14 +121,15 @@ TELEGRAM_MODE=polling
 
 Hermes requires numeric Telegram IDs for allowlists. You can use either Hermes-native `TELEGRAM_ALLOWED_USERS` or the HuggingClaw-style aliases `TELEGRAM_USER_ID` / `TELEGRAM_USER_IDS`.
 
-## Cloudflare Proxy
+## Cloudflare Workers
 
 Hugging Face Spaces can be restrictive for outbound bot API traffic. Add `CLOUDFLARE_WORKERS_TOKEN`, and HuggingMess will:
 
-1. create a Cloudflare Worker,
+1. create a Telegram proxy Worker,
 2. generate a shared proxy secret,
 3. set Hermes Telegram `base_url` to `https://worker.example.workers.dev/bot`,
-4. set `base_file_url` to `https://worker.example.workers.dev/file/bot`.
+4. set `base_file_url` to `https://worker.example.workers.dev/file/bot`,
+5. create a second scheduled keep-awake Worker that pings your Space `/health` route.
 
 Manual mode is also supported:
 
@@ -142,6 +140,29 @@ CLOUDFLARE_PROXY_SECRET=optional-shared-secret
 
 The manual Worker source is included in `cloudflare-worker.js`.
 
+### Keep Awake
+
+When `CLOUDFLARE_WORKERS_TOKEN` and `SPACE_HOST` are present, HuggingMess creates a scheduled Worker that pings:
+
+```text
+https://your-space.hf.space/health
+```
+
+Default schedule:
+
+```text
+*/10 * * * *
+```
+
+Optional variables:
+
+| Variable | Default | Description |
+| :--- | :--- | :--- |
+| `CLOUDFLARE_KEEPALIVE_ENABLED` | `true` | Set `false` to skip keep-awake Worker setup |
+| `CLOUDFLARE_KEEPALIVE_CRON` | `*/10 * * * *` | Cloudflare cron expression |
+| `CLOUDFLARE_KEEPALIVE_URL` | `https://<SPACE_HOST>/health` | URL to ping |
+| `CLOUDFLARE_KEEPALIVE_WORKER_NAME` | derived from `SPACE_HOST` | Custom Worker name |
+
 ## Backup
 
 Set `HF_TOKEN` with write access to enable backup. HuggingMess syncs `/opt/data` to a private Dataset named `huggingmess-backup` every 180 seconds by default.
@@ -154,22 +175,6 @@ Set `HF_TOKEN` with write access to enable backup. HuggingMess syncs `/opt/data`
 
 By default `.env` is excluded from backups because HF Space secrets are already injected at runtime.
 
-## Keep Awake
-
-Add `UPTIMEROBOT_API_KEY`, and HuggingMess creates or reuses a monitor for:
-
-```text
-https://your-space.hf.space/health
-```
-
-Optional UptimeRobot variables:
-
-| Variable | Default | Description |
-| :--- | :--- | :--- |
-| `UPTIMEROBOT_MONITOR_NAME` | `HuggingMess <space>` | Friendly monitor name |
-| `UPTIMEROBOT_INTERVAL` | `300` | Monitor interval in seconds |
-| `UPTIMEROBOT_ALERT_CONTACTS` | unset | Dash-separated alert contact IDs |
-
 ## Local Development
 
 ```bash
@@ -187,7 +192,7 @@ http://localhost:7861
 | Route | Purpose |
 | :--- | :--- |
 | `/` | HuggingMess dashboard |
-| `/health` | Health check for HF and UptimeRobot |
+| `/health` | Health check for HF and Cloudflare keep-awake |
 | `/status` | JSON status |
 | `/app/` | Proxied Hermes dashboard/app |
 | `/v1/*` | Proxied Hermes OpenAI-compatible API routes |

cloudflare-proxy-setup.py

@@ -1,16 +1,20 @@
 #!/usr/bin/env python3
-"""Create or reuse a Cloudflare Worker that proxies Telegram Bot API calls."""
+from __future__ import annotations
+
+"""Create or reuse Cloudflare Workers for Telegram proxy and Space keep-awake."""
 
 import json
 import os
 import re
 import secrets
 import sys
+import time
 import urllib.request
 from pathlib import Path
 
 API_BASE = "https://api.cloudflare.com/client/v4"
 ENV_FILE = Path("/tmp/huggingmess-cloudflare-proxy.env")
+KEEPALIVE_STATUS_FILE = Path("/tmp/huggingmess-cloudflare-keepalive-status.json")
 DEFAULT_ALLOWED = [
     "api.telegram.org",
     "discord.com",
@@ -61,6 +65,16 @@ def derive_worker_name() -> str:
     return "huggingmess-proxy"
 
 
+def derive_keepalive_worker_name() -> str:
+    explicit = os.environ.get("CLOUDFLARE_KEEPALIVE_WORKER_NAME", "").strip()
+    if explicit:
+        return slugify(explicit)
+    space_host = os.environ.get("SPACE_HOST", "").strip()
+    if space_host:
+        return slugify(f"{space_host.replace('.hf.space', '')}-keepalive")
+    return "huggingmess-keepalive"
+
+
 def render_worker(secret_value: str, allowed_targets: list[str], allow_proxy_all: bool) -> str:
     return f"""addEventListener("fetch", (event) => {{
   event.respondWith(handleRequest(event.request));
@@ -127,6 +141,61 @@ async function handleRequest(request) {{
 """
 
 
+def render_keepalive_worker(target_url: str) -> str:
+    return f"""addEventListener("fetch", (event) => {{
+  event.respondWith(handleRequest(event.request));
+}});
+
+addEventListener("scheduled", (event) => {{
+  event.waitUntil(ping("cron"));
+}});
+
+const TARGET_URL = {json.dumps(target_url)};
+
+async function ping(source) {{
+  const startedAt = new Date().toISOString();
+  try {{
+    const response = await fetch(TARGET_URL, {{
+      method: "GET",
+      headers: {{
+        "user-agent": "HuggingMess Cloudflare KeepAlive",
+        "cache-control": "no-cache"
+      }},
+      cf: {{ cacheTtl: 0, cacheEverything: false }}
+    }});
+    return {{
+      ok: response.ok,
+      status: response.status,
+      source,
+      target: TARGET_URL,
+      timestamp: startedAt
+    }};
+  }} catch (error) {{
+    return {{
+      ok: false,
+      status: 0,
+      source,
+      target: TARGET_URL,
+      timestamp: startedAt,
+      error: error.message
+    }};
+  }}
+}}
+
+async function handleRequest(request) {{
+  const url = new URL(request.url);
+  if (url.pathname === "/" || url.pathname === "/health" || url.pathname === "/ping") {{
+    const result = await ping("manual");
+    return new Response(JSON.stringify(result, null, 2), {{
+      status: result.ok ? 200 : 502,
+      headers: {{ "content-type": "application/json; charset=utf-8" }}
+    }});
+  }}
+  return new Response("Not found", {{ status: 404 }});
+}}
+"""
+
+
 def write_env(proxy_url: str, proxy_secret: str) -> None:
     ENV_FILE.write_text(
         f'export CLOUDFLARE_PROXY_URL="{proxy_url}"\nexport CLOUDFLARE_PROXY_SECRET="{proxy_secret}"\n',
@@ -135,6 +204,84 @@ def write_env(proxy_url: str, proxy_secret: str) -> None:
     ENV_FILE.chmod(0o600)
 
 
+def write_keepalive_status(payload: dict) -> None:
+    payload = {
+        **payload,
+        "timestamp": payload.get("timestamp") or time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()),
+    }
+    KEEPALIVE_STATUS_FILE.write_text(json.dumps(payload), encoding="utf-8")
+    try:
+        KEEPALIVE_STATUS_FILE.chmod(0o600)
+    except OSError:
+        pass
+
+
+def resolve_account_and_subdomain(api_token: str) -> tuple[str, str]:
+    account_id = os.environ.get("CLOUDFLARE_ACCOUNT_ID", "").strip()
+    if not account_id:
+        accounts = cf_request("GET", "/accounts", api_token)
+        if not accounts:
+            raise RuntimeError("No Cloudflare account is available for this token.")
+        account_id = accounts[0]["id"]
+
+    subdomain_info = cf_request("GET", f"/accounts/{account_id}/workers/subdomain", api_token)
+    subdomain = (subdomain_info or {}).get("subdomain", "").strip()
+    if not subdomain:
+        raise RuntimeError("Cloudflare Workers subdomain is not configured. Enable workers.dev first.")
+    return account_id, subdomain
+
+
+def setup_keepalive_worker(api_token: str, account_id: str, subdomain: str) -> None:
+    enabled = os.environ.get("CLOUDFLARE_KEEPALIVE_ENABLED", "true").strip().lower()
+    if enabled in {"0", "false", "no", "off"}:
+        write_keepalive_status({"configured": False, "status": "disabled", "message": "Cloudflare keep-awake is disabled."})
+        return
+
+    space_host = os.environ.get("SPACE_HOST", "").strip()
+    if not space_host:
+        write_keepalive_status({"configured": False, "status": "skipped", "message": "SPACE_HOST is not set."})
+        return
+
+    cron = os.environ.get("CLOUDFLARE_KEEPALIVE_CRON", "*/10 * * * *").strip()
+    space_host = space_host.removeprefix("https://").removeprefix("http://").split("/")[0]
+    target_url = os.environ.get("CLOUDFLARE_KEEPALIVE_URL", f"https://{space_host}/health").strip()
+    worker_name = derive_keepalive_worker_name()
+    worker_source = render_keepalive_worker(target_url)
+
+    cf_request(
+        "PUT",
+        f"/accounts/{account_id}/workers/scripts/{worker_name}",
+        api_token,
+        body=worker_source.encode("utf-8"),
+        content_type="application/javascript",
+    )
+    cf_request(
+        "POST",
+        f"/accounts/{account_id}/workers/scripts/{worker_name}/subdomain",
+        api_token,
+        body=json.dumps({"enabled": True, "previews_enabled": True}).encode("utf-8"),
+    )
+    cf_request(
+        "PUT",
+        f"/accounts/{account_id}/workers/scripts/{worker_name}/schedules",
+        api_token,
+        body=json.dumps([{"cron": cron}]).encode("utf-8"),
+    )
+
+    worker_url = f"https://{worker_name}.{subdomain}.workers.dev"
+    write_keepalive_status(
+        {
+            "configured": True,
+            "status": "configured",
+            "workerName": worker_name,
+            "workerUrl": worker_url,
+            "targetUrl": target_url,
+            "cron": cron,
+            "message": f"Cloudflare Worker cron pings {target_url} on {cron}.",
+        }
+    )
+
+
 def main() -> int:
     existing_url = os.environ.get("CLOUDFLARE_PROXY_URL", "").strip()
     existing_secret = os.environ.get("CLOUDFLARE_PROXY_SECRET", "").strip()
@@ -142,48 +289,41 @@ def main() -> int:
 
     if existing_url:
         write_env(existing_url, existing_secret)
-        return 0
 
     if not api_token:
         return 0
 
     try:
-        account_id = os.environ.get("CLOUDFLARE_ACCOUNT_ID", "").strip()
-        if not account_id:
-            accounts = cf_request("GET", "/accounts", api_token)
-            if not accounts:
-                raise RuntimeError("No Cloudflare account is available for this token.")
-            account_id = accounts[0]["id"]
-
-        subdomain_info = cf_request("GET", f"/accounts/{account_id}/workers/subdomain", api_token)
-        subdomain = (subdomain_info or {}).get("subdomain", "").strip()
-        if not subdomain:
-            raise RuntimeError("Cloudflare Workers subdomain is not configured. Enable workers.dev first.")
-
-        allowed_raw = os.environ.get("CLOUDFLARE_PROXY_DOMAINS", "").strip()
-        allow_proxy_all = allowed_raw == "*"
-        extra = [] if allow_proxy_all else [v.strip() for v in allowed_raw.split(",") if v.strip()]
-        allowed = list(dict.fromkeys(DEFAULT_ALLOWED + extra))
-        worker_name = derive_worker_name()
-        proxy_secret = existing_secret or secrets.token_urlsafe(24)
-
-        cf_request(
-            "PUT",
-            f"/accounts/{account_id}/workers/scripts/{worker_name}",
-            api_token,
-            body=render_worker(proxy_secret, allowed, allow_proxy_all).encode("utf-8"),
-            content_type="application/javascript",
-        )
-        cf_request(
-            "POST",
-            f"/accounts/{account_id}/workers/scripts/{worker_name}/subdomain",
-            api_token,
-            body=json.dumps({"enabled": True, "previews_enabled": True}).encode("utf-8"),
-        )
-        write_env(f"https://{worker_name}.{subdomain}.workers.dev", proxy_secret)
+        account_id, subdomain = resolve_account_and_subdomain(api_token)
+
+        if not existing_url:
+            allowed_raw = os.environ.get("CLOUDFLARE_PROXY_DOMAINS", "").strip()
+            allow_proxy_all = allowed_raw == "*"
+            extra = [] if allow_proxy_all else [v.strip() for v in allowed_raw.split(",") if v.strip()]
+            allowed = list(dict.fromkeys(DEFAULT_ALLOWED + extra))
+            worker_name = derive_worker_name()
+            proxy_secret = existing_secret or secrets.token_urlsafe(24)
+
+            cf_request(
+                "PUT",
+                f"/accounts/{account_id}/workers/scripts/{worker_name}",
+                api_token,
+                body=render_worker(proxy_secret, allowed, allow_proxy_all).encode("utf-8"),
+                content_type="application/javascript",
+            )
+            cf_request(
+                "POST",
+                f"/accounts/{account_id}/workers/scripts/{worker_name}/subdomain",
+                api_token,
+                body=json.dumps({"enabled": True, "previews_enabled": True}).encode("utf-8"),
+            )
+            write_env(f"https://{worker_name}.{subdomain}.workers.dev", proxy_secret)
+
+        setup_keepalive_worker(api_token, account_id, subdomain)
         return 0
     except Exception as exc:
         print(f"Cloudflare proxy setup failed: {exc}", file=sys.stderr)
+        write_keepalive_status({"configured": False, "status": "error", "message": str(exc)})
         return 1
 
 

health-server.js

@@ -17,7 +17,7 @@ const LOGIN_PATH = "/login";
 const SESSION_COOKIE = "huggingmess_session";
 
 const SYNC_STATUS_FILE = "/tmp/huggingmess-sync-status.json";
-const UPTIMEROBOT_STATUS_FILE = "/tmp/huggingmess-uptimerobot-status.json";
+const CLOUDFLARE_KEEPALIVE_STATUS_FILE = "/tmp/huggingmess-cloudflare-keepalive-status.json";
 
 function canConnect(port, host = GATEWAY_HOST, timeoutMs = 600) {
   return new Promise((resolve) => {
@@ -314,7 +314,7 @@ async function statusPayload() {
     model: process.env.MODEL_FOR_CONFIG || process.env.HERMES_MODEL || process.env.LLM_MODEL || "",
     provider: process.env.PROVIDER_FOR_CONFIG || process.env.HERMES_INFERENCE_PROVIDER || "auto",
     backup: sync,
-    uptimerobot: readJson(UPTIMEROBOT_STATUS_FILE, null),
+    keepalive: readJson(CLOUDFLARE_KEEPALIVE_STATUS_FILE, null),
   };
 }
 
@@ -346,61 +346,46 @@ function renderDashboard(data) {
   const syncStatus = String(data.backup?.status || "unknown");
   const syncTone = ["success", "restored", "synced", "configured"].includes(syncStatus) ? "ok" : syncStatus === "disabled" ? "warn" : "neutral";
   const telegramTone = data.telegram.configured ? (data.telegram.webhookListening || !data.telegram.webhook ? "ok" : "warn") : "warn";
-  const keepAliveTone = data.uptimerobot?.configured ? "ok" : process.env.UPTIMEROBOT_API_KEY ? "warn" : "neutral";
-  const gatewayDetail = data.gateway
-    ? `OpenAI-compatible API is listening on internal port <code>${data.ports.gateway}</code>.`
-    : `Gateway API is not reachable on internal port <code>${data.ports.gateway}</code>.`;
-  const appDetail = data.dashboard
-    ? `Hermes dashboard is listening on internal port <code>${data.ports.dashboard}</code>.`
-    : `Hermes dashboard is not reachable on internal port <code>${data.ports.dashboard}</code>.`;
-  const authDetail = data.authConfigured
-    ? `Protected by <code>GATEWAY_TOKEN</code> with a token-only login page.`
-    : `No <code>GATEWAY_TOKEN</code> is set; public app routes are unlocked.`;
+  const keepaliveConfigured = data.keepalive?.configured === true;
+  const keepaliveStatus = String(data.keepalive?.status || (process.env.CLOUDFLARE_WORKERS_TOKEN ? "pending" : "not configured"));
+  const keepAliveTone = keepaliveConfigured ? "ok" : process.env.CLOUDFLARE_WORKERS_TOKEN ? "warn" : "neutral";
   const telegramDetail = data.telegram.configured
     ? `${data.telegram.webhook ? "Webhook mode" : "Polling mode"}${data.telegram.proxy ? ` through Cloudflare proxy` : ""}.`
     : "Add TELEGRAM_BOT_TOKEN to enable Telegram.";
   const backupDetail = data.backup?.message ? escapeHtml(data.backup.message) : "No backup status has been written yet.";
   const backupMeta = data.backup?.timestamp ? `Last update ${escapeHtml(data.backup.timestamp)}` : "";
-  const keepAliveDetail = data.uptimerobot?.configured
-    ? `Monitoring <code>${escapeHtml(data.uptimerobot.url || "/health")}</code>.`
-    : process.env.UPTIMEROBOT_API_KEY
-      ? "UptimeRobot setup is pending or failed; check Space logs."
-      : "Add UPTIMEROBOT_API_KEY to create a keep-awake monitor.";
+  const keepAliveDetail = keepaliveConfigured
+    ? `Worker <code>${escapeHtml(data.keepalive.workerName || "keepalive")}</code> pings <code>${escapeHtml(data.keepalive.targetUrl || "/health")}</code>.`
+    : process.env.CLOUDFLARE_WORKERS_TOKEN
+      ? "Cloudflare keep-awake Worker is pending or failed; check Space logs."
+      : "Add CLOUDFLARE_WORKERS_TOKEN to create a scheduled keep-awake Worker.";
+  const serviceOk = data.gateway && data.dashboard;
+  const topCards = [
+    `<div class="mini-card"><span class="mini-label">Service</span>${toneBadge(serviceOk ? "Running" : "Starting", serviceOk ? "ok" : "warn")}</div>`,
+    `<div class="mini-card"><span class="mini-label">Uptime</span><strong>${escapeHtml(data.uptime)}</strong></div>`,
+    `<div class="mini-card"><span class="mini-label">Backup</span>${toneBadge(syncStatus.toUpperCase(), syncTone)}</div>`,
+  ].join("");
   const tiles = [
     renderTile({
       title: "Gateway",
       value: toneBadge(data.gateway ? "Online" : "Offline", data.gateway ? "ok" : "off"),
-      detail: gatewayDetail,
+      detail: data.gateway ? `OpenAI-compatible API on port <code>${data.ports.gateway}</code>.` : `Gateway API is not reachable on port <code>${data.ports.gateway}</code>.`,
       tone: data.gateway ? "ok" : "off",
-      meta: `API routes are protected by <code>GATEWAY_TOKEN</code>.`,
-    }),
-    renderTile({
-      title: "Hermes App",
-      value: toneBadge(data.dashboard ? "Ready" : "Starting", data.dashboard ? "ok" : "warn"),
-      detail: appDetail,
-      tone: data.dashboard ? "ok" : "warn",
-      meta: `<code>/app/</code> opens in a new window.`,
+      meta: data.authConfigured ? `Protected by <code>GATEWAY_TOKEN</code>.` : `Set <code>GATEWAY_TOKEN</code> before sharing.`,
     }),
     renderTile({
-      title: "Auth",
-      value: toneBadge(data.authConfigured ? "Token set" : "Unlocked", data.authConfigured ? "ok" : "warn"),
-      detail: authDetail,
-      tone: data.authConfigured ? "ok" : "warn",
-      meta: data.authConfigured ? "Browser visits use the login page; API clients use Bearer auth." : "Set GATEWAY_TOKEN before sharing this Space.",
+      title: "Model",
+      value: `<code>${valueOrUnset(data.model)}</code>`,
+      detail: `Provider <code>${valueOrUnset(data.provider || "auto")}</code>.`,
+      tone: data.model ? "ok" : "warn",
+      meta: "Gemini example: google/gemini-2.5-flash",
     }),
     renderTile({
       title: "Runtime",
       value: escapeHtml(data.uptime),
-      detail: `Public port <code>${data.ports.public}</code>. Started <code>${escapeHtml(data.startedAt)}</code>.`,
+      detail: `Public port <code>${data.ports.public}</code>; health at <code>/health</code>.`,
       tone: "neutral",
-      meta: `Health endpoint: <code>/health</code>`,
-    }),
-    renderTile({
-      title: "Model",
-      value: `<code>${valueOrUnset(data.model)}</code>`,
-      detail: `Provider <code>${valueOrUnset(data.provider || "auto")}</code>.`,
-      tone: data.model ? "ok" : "warn",
-      meta: "For Gemini: LLM_MODEL=google/gemini-2.5-flash",
+      meta: `Started <code>${escapeHtml(data.startedAt)}</code>.`,
     }),
     renderTile({
       title: "Telegram",
@@ -418,10 +403,10 @@ function renderDashboard(data) {
     }),
     renderTile({
       title: "Keep Awake",
-      value: toneBadge(data.uptimerobot?.configured ? "Monitor active" : "Not configured", keepAliveTone),
+      value: toneBadge(keepaliveConfigured ? "Cloudflare cron" : keepaliveStatus.toUpperCase(), keepAliveTone),
       detail: keepAliveDetail,
       tone: keepAliveTone,
-      meta: process.env.UPTIMEROBOT_API_KEY ? "UPTIMEROBOT_API_KEY detected." : "",
+      meta: keepaliveConfigured ? `Schedule <code>${escapeHtml(data.keepalive.cron || "*/10 * * * *")}</code>.` : "",
     }),
   ].join("");
 
@@ -432,61 +417,61 @@ function renderDashboard(data) {
   <meta name="viewport" content="width=device-width, initial-scale=1" />
   <title>HuggingMess</title>
   <style>
-    :root { color-scheme: dark; --bg:#101010; --panel:#171717; --panel2:#1e1e1e; --line:#303030; --text:#f3f4f6; --muted:#a1a1aa; --soft:#d4d4d8; --good:#4ade80; --warn:#fbbf24; --bad:#fb7185; --accent:#67e8f9; }
+    :root { color-scheme: dark; --bg:#08080f; --panel:#12111b; --panel2:#151421; --line:#26243a; --text:#f6f4ff; --muted:#7f7a9e; --soft:#b8b3d7; --good:#22c55e; --warn:#f5c542; --bad:#fb7185; --accent:#6557df; --accent2:#7c6cf2; }
     * { box-sizing:border-box; }
-    body { margin:0; min-height:100vh; font-family:Inter, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; background:var(--bg); color:var(--text); font-size:14px; }
-    main { width:min(1180px, calc(100% - 32px)); margin:0 auto; padding:24px 0 32px; }
-    header { display:flex; justify-content:space-between; gap:24px; align-items:flex-start; margin-bottom:18px; border-bottom:1px solid var(--line); padding-bottom:18px; }
-    h1 { margin:0; font-size:clamp(2rem, 4vw, 3.2rem); line-height:1; letter-spacing:0; }
-    .subtitle { margin-top:10px; color:var(--muted); max-width:700px; line-height:1.45; font-size:.95rem; }
-    .top-actions { display:flex; flex-wrap:wrap; gap:8px; justify-content:flex-end; min-width:300px; }
-    .overview { display:grid; grid-template-columns:repeat(4, minmax(0, 1fr)); gap:10px; margin-bottom:10px; }
-    .tile { border:1px solid var(--line); background:var(--panel); border-radius:8px; padding:14px; min-height:142px; display:flex; flex-direction:column; gap:10px; }
-    .tile.ok { border-color:rgba(74,222,128,.28); }
-    .tile.warn { border-color:rgba(251,191,36,.28); }
-    .tile.off { border-color:rgba(251,113,133,.32); }
+    body { margin:0; min-height:100vh; font-family:Inter, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; background:var(--bg); color:var(--text); font-size:13px; }
+    main { width:min(720px, calc(100% - 32px)); margin:0 auto; padding:36px 0 44px; }
+    header { text-align:center; margin-bottom:22px; }
+    h1 { margin:0; font-size:1.65rem; line-height:1; letter-spacing:0; }
+    .subtitle { margin-top:12px; color:var(--muted); font-size:.72rem; text-transform:uppercase; letter-spacing:.14em; font-weight:800; }
+    .hero-action { display:flex; width:100%; min-height:46px; align-items:center; justify-content:center; border-radius:8px; background:var(--accent); color:#fff; text-decoration:none; font-weight:850; font-size:.98rem; margin:24px 0 20px; }
+    .hero-action:hover { background:var(--accent2); }
+    .mini-grid { display:grid; grid-template-columns:repeat(3, minmax(0, 1fr)); gap:10px; margin-bottom:18px; }
+    .mini-card { min-height:68px; border:1px solid var(--line); background:var(--panel); border-radius:8px; padding:13px; display:flex; flex-direction:column; justify-content:center; gap:9px; }
+    .mini-label { color:var(--muted); font-size:.66rem; letter-spacing:.16em; text-transform:uppercase; font-weight:850; }
+    .mini-card strong { font-size:1.02rem; }
+    .overview { display:grid; grid-template-columns:repeat(2, minmax(0, 1fr)); gap:10px; margin-bottom:10px; }
+    .tile { border:1px solid var(--line); background:var(--panel); border-radius:11px; padding:18px; min-height:124px; display:flex; flex-direction:column; gap:10px; position:relative; }
+    .tile.ok { border-color:rgba(34,197,94,.22); }
+    .tile.warn { border-color:rgba(245,197,66,.24); }
+    .tile.off { border-color:rgba(251,113,133,.28); }
     .tile-head { display:flex; align-items:center; justify-content:space-between; gap:12px; }
-    .tile-title { color:var(--muted); font-size:.72rem; letter-spacing:.12em; text-transform:uppercase; font-weight:800; }
+    .tile-title { color:var(--muted); font-size:.67rem; letter-spacing:.18em; text-transform:uppercase; font-weight:850; }
     .tile-dot { width:7px; height:7px; border-radius:50%; background:var(--line); }
     .tile.ok .tile-dot { background:var(--good); }
     .tile.warn .tile-dot { background:var(--warn); }
     .tile.off .tile-dot { background:var(--bad); }
-    .tile-value { font-size:1.05rem; font-weight:760; overflow-wrap:anywhere; }
-    .tile-detail { color:var(--soft); line-height:1.45; font-size:.86rem; }
-    .tile-meta { color:var(--muted); line-height:1.4; font-size:.78rem; margin-top:auto; overflow-wrap:anywhere; }
-    .panel { border:1px solid var(--line); background:var(--panel2); border-radius:8px; padding:14px; margin-top:10px; }
-    .launch-panel { display:flex; align-items:center; justify-content:space-between; gap:18px; }
-    .panel-title { color:var(--muted); font-size:.72rem; letter-spacing:.12em; text-transform:uppercase; font-weight:800; margin-bottom:7px; }
-    .panel-copy { color:var(--soft); line-height:1.45; font-size:.9rem; margin:0; }
-    code { background:#0d0d0d; border:1px solid var(--line); border-radius:6px; padding:2px 5px; color:var(--text); font-size:.9em; }
+    .tile-value { font-size:1.12rem; font-weight:850; overflow-wrap:anywhere; }
+    .tile-detail { color:var(--soft); line-height:1.45; font-size:.83rem; }
+    .tile-meta { color:var(--muted); line-height:1.4; font-size:.75rem; margin-top:auto; overflow-wrap:anywhere; }
+    .panel { border:1px solid var(--line); background:var(--panel2); border-radius:11px; padding:16px; margin-top:18px; }
+    .launch-panel { text-align:center; }
+    .panel-title { color:var(--muted); font-size:.7rem; letter-spacing:.16em; text-transform:uppercase; font-weight:850; margin-bottom:8px; }
+    .panel-copy { color:var(--soft); line-height:1.5; font-size:.86rem; margin:0 auto 14px; max-width:560px; }
+    code { background:#232234; border:1px solid #34324c; border-radius:6px; padding:2px 6px; color:var(--text); font-size:.9em; }
     pre { margin:0; white-space:pre-wrap; overflow-wrap:anywhere; background:#0d0d0d; border:1px solid var(--line); border-radius:7px; padding:10px; color:var(--soft); font-size:.82rem; line-height:1.45; }
     .row { display:flex; flex-wrap:wrap; gap:8px; align-items:center; }
-    .badge { display:inline-flex; align-items:center; border:1px solid var(--line); border-radius:999px; padding:4px 9px; font-size:.75rem; font-weight:800; line-height:1; }
-    .badge.ok { color:var(--good); border-color:rgba(74,222,128,.36); background:rgba(74,222,128,.08); }
-    .badge.warn { color:var(--warn); border-color:rgba(251,191,36,.34); background:rgba(251,191,36,.08); }
-    .badge.off { color:var(--bad); border-color:rgba(251,113,133,.36); background:rgba(251,113,133,.08); }
+    .badge { display:inline-flex; align-items:center; width:max-content; border:1px solid var(--line); border-radius:999px; padding:5px 10px; font-size:.72rem; font-weight:850; line-height:1; text-transform:uppercase; }
+    .badge.ok { color:var(--good); border-color:rgba(34,197,94,.34); background:rgba(34,197,94,.11); }
+    .badge.warn { color:var(--warn); border-color:rgba(245,197,66,.34); background:rgba(245,197,66,.11); }
+    .badge.off { color:var(--bad); border-color:rgba(251,113,133,.34); background:rgba(251,113,133,.11); }
     .badge.neutral { color:var(--soft); }
     .muted { color:var(--muted); }
-    .button { display:inline-flex; align-items:center; justify-content:center; min-height:34px; padding:0 11px; border-radius:7px; color:#081012; background:var(--accent); text-decoration:none; font-weight:800; font-size:.86rem; }
+    .button { display:inline-flex; align-items:center; justify-content:center; min-height:40px; padding:0 16px; border-radius:8px; color:#fff; background:var(--accent); text-decoration:none; font-weight:850; font-size:.9rem; }
     .button.secondary { color:var(--text); background:#242424; border:1px solid var(--line); }
-    .button.subtle { color:var(--soft); background:transparent; border:1px solid var(--line); }
-    @media (max-width: 980px) { .overview { grid-template-columns:repeat(2, minmax(0, 1fr)); } header { display:block; } .top-actions { justify-content:flex-start; margin-top:14px; min-width:0; } }
-    @media (max-width: 760px) { .launch-panel { display:block; } .launch-panel .button { margin-top:12px; width:100%; } }
-    @media (max-width: 620px) { main { width:min(100% - 20px, 1180px); padding-top:16px; } .overview { grid-template-columns:1fr; } h1 { font-size:2rem; } }
+    footer { color:var(--muted); text-align:center; font-size:.74rem; margin-top:18px; }
+    footer .live { color:var(--good); }
+    @media (max-width: 700px) { .mini-grid, .overview { grid-template-columns:1fr; } main { width:min(100% - 22px, 720px); padding-top:28px; } }
   </style>
 </head>
 <body>
   <main>
     <header>
-      <div>
-        <h1>HuggingMess</h1>
-        <div class="subtitle">Hermes Agent on Hugging Face Spaces: app gateway, OpenAI-compatible API, Telegram webhook, Cloudflare proxy, backup, and keep-awake state in one place.</div>
-      </div>
-      <div class="top-actions">
-        <a class="button" href="${APP_BASE}/" target="_blank" rel="noopener noreferrer">Open App</a>
-        <a class="button secondary" href="/status">Status JSON</a>
-      </div>
+      <h1>HuggingMess</h1>
+      <div class="subtitle">Self-hosted - Hugging Face Spaces - Hermes Agent</div>
     </header>
+    <a class="hero-action" href="${APP_BASE}/" target="_blank" rel="noopener noreferrer">Open Hermes Agent -></a>
+    <section class="mini-grid">${topCards}</section>
     <section class="overview">
       ${tiles}
     </section>
@@ -497,6 +482,7 @@ function renderDashboard(data) {
       </div>
       <a class="button" href="${APP_BASE}/" target="_blank" rel="noopener noreferrer">Open Hermes Agent</a>
     </section>
+    <footer><span class="live">Live</span> status - Health endpoint: <code>/health</code></footer>
   </main>
 </body>
 </html>`;

start.sh

@@ -278,7 +278,7 @@ trap graceful_shutdown SIGTERM SIGINT
 node "$APP_DIR/health-server.js" &
 HEALTH_PID=$!
 
-if [ -n "${UPTIMEROBOT_API_KEY:-}" ] && [ -n "${SPACE_HOST:-}" ]; then
+if [ "${UPTIMEROBOT_ENABLED:-false}" = "true" ] && [ -n "${UPTIMEROBOT_API_KEY:-}" ] && [ -n "${SPACE_HOST:-}" ]; then
   echo "Setting up UptimeRobot monitor..."
   bash "$APP_DIR/setup-uptimerobot.sh" "${SPACE_HOST}" || true
 fi