Auth + subdomain-forwarding plugin for mngr
Project description
mngr_forward
Auth + subdomain-forwarding plugin for mngr.
mngr forward runs a local proxy that serves
<agent-id>.localhost:<port>/* and byte-forwards each request to a service
URL discovered for that agent (--service NAME, the default workflow) or
a fixed remote port (--forward-port REMOTE_PORT, manual mode). Remote agents are
reached via a per-host SSH tunnel (Unix-domain socket on the local side,
paramiko direct-tcpip channel on the SSH side).
The plugin is opt-in:
mngr plugin enable forward
mngr forward --service system_interface
Quick start (browser user)
mngr forward --service system_interface --open-browser
This:
- Spawns
mngr observe --discovery-onlyand per-agentmngr event --followsubprocesses. Their lines pass through to stdout as a merged JSONL stream wrapped in a{stream, agent_id?, payload}envelope so consumers can drive their own state from a single stream. - Listens on
127.0.0.1:8421and prints a one-time login URL to stderr (or emits alogin_urlJSONL event on stdout in--format jsonl). - After the browser visits the login URL, future navigations to
agent-<hex>.localhost:8421/are byte-forwarded to that agent's resolvedsystem_interfaceURL through an SSH tunnel.
Reverse tunnels
--reverse <remote-port>:<local-port> (repeatable) auto-sets up reverse SSH
tunnels for every known agent on a remote host. The <remote-port> may be
0 to ask sshd for a dynamic assignment; the actual bound port is reported
in a forward.reverse_tunnel_established envelope event.
Manual mode
--no-observe --forward-port REMOTE_PORT runs mngr list --format json once and
forwards a fixed snapshot. --no-observe is invalid with --service NAME.
Sub-process integration
Consumers (notably minds run) can spawn mngr forward --format jsonl --preauth-cookie <opaque-token>, parse the envelope JSONL stream off
stdout, and pre-set the mngr_forward_session cookie in their browser
session so the OTP flow is bypassed.
SIGHUP bounces only the mngr observe child subprocess; SSH tunnels,
per-agent event subprocesses, browser sessions, and the FastAPI app stay
alive. Used by minds run to make a freshly-written
[providers.imbue_cloud_<slug>] block in settings.toml take effect.
On-disk state
$MNGR_HOST_DIR/plugin/forward/signing_key (cookie HMAC key, generated once
on first run, persisted across restarts so previously-issued cookies still
verify).
OTPs are kept in-memory only and do not survive a restart.
Status
Experimental. See specs/mngr-forward-plugin/spec.md.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file imbue_mngr_forward-0.1.4.tar.gz.
File metadata
- Download URL: imbue_mngr_forward-0.1.4.tar.gz
- Upload date:
- Size: 88.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5c8044d4f2f8066dc2e4ef0af9073b5ab04aaa4678409d505473c8309df0033f
|
|
| MD5 |
8ecbf2a145bc64f6c082abea12719928
|
|
| BLAKE2b-256 |
8708fce2837ebaa8ceedb7acaad0ddf93df2ece4830b25322db914d450cd6c04
|
Provenance
The following attestation bundles were made for imbue_mngr_forward-0.1.4.tar.gz:
Publisher:
publish.yml on imbue-ai/mngr
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
imbue_mngr_forward-0.1.4.tar.gz -
Subject digest:
5c8044d4f2f8066dc2e4ef0af9073b5ab04aaa4678409d505473c8309df0033f - Sigstore transparency entry: 1835035292
- Sigstore integration time:
-
Permalink:
imbue-ai/mngr@007398deb560be6724a62ba6692b089df0671a03 -
Branch / Tag:
refs/tags/v0.2.15 - Owner: https://github.com/imbue-ai
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@007398deb560be6724a62ba6692b089df0671a03 -
Trigger Event:
push
-
Statement type:
File details
Details for the file imbue_mngr_forward-0.1.4-py3-none-any.whl.
File metadata
- Download URL: imbue_mngr_forward-0.1.4-py3-none-any.whl
- Upload date:
- Size: 59.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
10f5b5a9c24f065281bb80582c5fb8ee0154a8054f01d36b3e1e7bf29b7a822b
|
|
| MD5 |
dec008bf55b198e3000450323d58e3b6
|
|
| BLAKE2b-256 |
5fd2e94d23ad82ae710bd4c53d9b8a90279c3827b099c5002cb296d95ee9aab8
|
Provenance
The following attestation bundles were made for imbue_mngr_forward-0.1.4-py3-none-any.whl:
Publisher:
publish.yml on imbue-ai/mngr
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
imbue_mngr_forward-0.1.4-py3-none-any.whl -
Subject digest:
10f5b5a9c24f065281bb80582c5fb8ee0154a8054f01d36b3e1e7bf29b7a822b - Sigstore transparency entry: 1835037292
- Sigstore integration time:
-
Permalink:
imbue-ai/mngr@007398deb560be6724a62ba6692b089df0671a03 -
Branch / Tag:
refs/tags/v0.2.15 - Owner: https://github.com/imbue-ai
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@007398deb560be6724a62ba6692b089df0671a03 -
Trigger Event:
push
-
Statement type: