refactor: move UptimeRobot configuration from client-side UI to server-side environment secret

.env.example

@@ -73,6 +73,11 @@ OPENCODE_ALLOW_ALL_MODELS=true
 # Get it from: https://dash.cloudflare.com/profile/api-tokens
 # CLOUDFLARE_WORKERS_TOKEN=xxx
 
+# Extra domains to proxy, merged with built-in defaults (Telegram, Discord, WhatsApp,
+# Facebook, Google). Comma-separated. Set to "*" to proxy ALL external traffic.
+# Leave unset to proxy only the built-in default domains.
+# CLOUDFLARE_PROXY_DOMAINS=api.sendgrid.com,slack.com
+
 # ============================================================================
 # Database Backup Configuration
 # ============================================================================
@@ -104,8 +109,11 @@ BETTER_AUTH_SECRET=your-random-secret-here-minimum-32-characters
 # Monitoring & Uptime
 # ============================================================================
 
+# UptimeRobot keep-alive: add your Main API key (NOT Read-only or Monitor-specific).
+# Monitor is created automatically at boot. Status shown on the dashboard.
+# UPTIMEROBOT_API_KEY=ur_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+
 # Optional: Webhook URL for restart/failure alerts
-# Useful for UptimeRobot or similar monitoring services
 # WEBHOOK_URL=https://uptime-robot-webhook-url
 
 # ============================================================================

README.md

@@ -16,6 +16,8 @@ secrets:
     description: Google Gemini API key for Gemini-powered agents.
   - name: OPENAI_API_KEY
     description: OpenAI API key for GPT-powered agents.
+  - name: UPTIMEROBOT_API_KEY
+    description: UptimeRobot API key for automatic monitor setup.
 ---
 
 <!-- Badges -->
@@ -48,7 +50,7 @@ secrets:
 - ⚡ **One-click deploy:** Duplicate the Space and add your API key — nothing else needed to get started.
 - 💾 **Persistent Database:** PostgreSQL database auto-backed up to a private HF Dataset and restored on every restart — no data loss.
 - 📊 **Visual Dashboard:** Real-time status dashboard at `/` with Paperclip service health, backup status, and uptime.
-- ⏰ **Keep-Alive:** Set up a one-time UptimeRobot monitor from the dashboard to prevent free Spaces from sleeping.
+- ⏰ **Keep-Alive:** Add `UPTIMEROBOT_API_KEY` as a Space secret and the monitor is created automatically at boot — no manual setup.
 - 🌐 **Cloudflare Proxy:** Auto-provisions a Cloudflare Worker proxy for blocked outbound connections.
 - 🔒 **Secure by Default:** Auth secrets randomly generated on first boot and persisted across restarts.
 - 🏠 **100% HF-Native:** Runs entirely on Hugging Face's free infrastructure.
@@ -141,7 +143,7 @@ HuggingClip will:
 | :--- | :--- | :--- |
 | `CLOUDFLARE_WORKERS_TOKEN` | — | Cloudflare API token |
 | `CLOUDFLARE_ACCOUNT_ID` | auto | Optional account ID override |
-| `CLOUDFLARE_PROXY_DOMAINS` | `*` | Domains to proxy (or `*` for all external) |
+| `CLOUDFLARE_PROXY_DOMAINS` | — | Extra domains to proxy, merged with built-in defaults. Set to `*` to proxy all external traffic. |
 
 ## 💾 Database Backup *(Optional)*
 
@@ -160,21 +162,7 @@ HuggingClip automatically backs up your Paperclip PostgreSQL database to a priva
 
 ## 💓 Staying Alive *(Recommended on Free HF Spaces)*
 
-Free Hugging Face Spaces can sleep after inactivity. Set up an external UptimeRobot monitor from the dashboard to keep your Space awake.
-
-Use the **Main API key** from UptimeRobot — not the Read-only key or a Monitor-specific key.
-
-**Setup:**
-
-1. Open the dashboard at `/`.
-2. Find **Keep Space Awake**.
-3. Paste your UptimeRobot **Main API key**.
-4. Click **Create Monitor**.
-
-HuggingClip creates a monitor for `https://your-space.hf.space/health`. UptimeRobot pings it from outside HF every 5 minutes.
-
-> [!NOTE]
-> This works for **public** Spaces only. Private Spaces cannot be reached by external monitors.
+Add your [UptimeRobot](https://uptimerobot.com/) **Main API key** (not the Read-only or Monitor-specific key) as a Space secret named `UPTIMEROBOT_API_KEY`. HuggingClip will automatically create a monitor for `https://your-space.hf.space/health` at boot. The dashboard shows the current status (configured, setting up, or failed).
 
 ## 💻 Local Development
 
@@ -253,7 +241,7 @@ Verify `HF_TOKEN` is set and has write access. Check the dashboard backup status
 `HF_TOKEN` is not set. Add it and the next restart will restore from backup. The backup also needs to have been run at least once before the restart.
 
 **Space keeps sleeping**
-Open `/` and use **Keep Space Awake** to create an external UptimeRobot monitor. Requires a public Space.
+Add `UPTIMEROBOT_API_KEY` as a Space secret to enable automatic keep-awake monitoring.
 
 **Paperclip unreachable (502 errors)**
 Wait 60–90s after boot for Paperclip to initialize. If it stays unreachable, check logs for PostgreSQL connection errors or memory issues.

cloudflare-proxy-setup.py

@@ -12,13 +12,33 @@ from pathlib import Path
 API_BASE = "https://api.cloudflare.com/client/v4"
 ENV_FILE = Path("/tmp/huggingclaw-cloudflare-proxy.env")
 DEFAULT_ALLOWED = [
+    # Messaging
     "api.telegram.org",
     "discord.com",
     "discordapp.com",
     "gateway.discord.gg",
     "status.discord.com",
     "web.whatsapp.com",
+    # Social — confirmed/likely blocked by HF firewall
     "graph.facebook.com",
+    "graph.instagram.com",
+    "api.twitter.com",
+    "api.x.com",
+    "upload.twitter.com",
+    "api.linkedin.com",
+    "www.linkedin.com",
+    "open.tiktokapis.com",
+    "oauth.reddit.com",
+    # Video
+    "youtube.com",
+    "www.youtube.com",
+    # AI APIs
+    "api.openai.com",
+    # Email HTTP APIs (SMTP ports are blocked; use these instead)
+    "api.resend.com",
+    "api.sendgrid.com",
+    "api.mailgun.net",
+    # Google
     "googleapis.com",
     "google.com",
     "googleusercontent.com",
@@ -207,10 +227,17 @@ def main() -> int:
 
         worker_name = derive_worker_name()
         allowed_raw = os.environ.get("CLOUDFLARE_PROXY_DOMAINS", "").strip()
-        allow_proxy_all = not allowed_raw or allowed_raw == "*"
-        allowed_targets = DEFAULT_ALLOWED if not allowed_raw or allow_proxy_all else [
-            value.strip() for value in allowed_raw.split(",") if value.strip()
-        ]
+        allow_proxy_all = allowed_raw == "*"
+        if allow_proxy_all:
+            allowed_targets = DEFAULT_ALLOWED
+        else:
+            extra = [v.strip() for v in allowed_raw.split(",") if v.strip()]
+            seen = set(DEFAULT_ALLOWED)
+            allowed_targets = list(DEFAULT_ALLOWED)
+            for domain in extra:
+                if domain not in seen:
+                    allowed_targets.append(domain)
+                    seen.add(domain)
         proxy_secret = existing_secret or secrets.token_urlsafe(24)
         worker_source = render_worker(proxy_secret, allowed_targets, allow_proxy_all)
 

cloudflare-proxy.js

@@ -23,11 +23,31 @@ if (
 
 const DEBUG = process.env.CLOUDFLARE_PROXY_DEBUG === "true";
 const PROXY_SHARED_SECRET = (process.env.CLOUDFLARE_PROXY_SECRET || "").trim();
-const PROXY_DOMAINS = process.env.CLOUDFLARE_PROXY_DOMAINS || "*";
-const BLOCKED_DOMAINS = PROXY_DOMAINS.split(",")
-  .map((domain) => domain.trim())
-  .filter(Boolean);
-const PROXY_ALL = PROXY_DOMAINS === "*";
+const DEFAULT_PROXY_DOMAINS = [
+  "api.telegram.org", "discord.com", "discordapp.com",
+  "gateway.discord.gg", "status.discord.com", "web.whatsapp.com",
+  "graph.facebook.com", "graph.instagram.com",
+  "api.twitter.com", "api.x.com", "upload.twitter.com",
+  "api.linkedin.com", "www.linkedin.com",
+  "open.tiktokapis.com", "oauth.reddit.com",
+  "youtube.com", "www.youtube.com",
+  "api.openai.com",
+  "api.resend.com", "api.sendgrid.com", "api.mailgun.net",
+  "googleapis.com", "google.com", "googleusercontent.com", "gstatic.com",
+];
+const PROXY_DOMAINS_RAW = (process.env.CLOUDFLARE_PROXY_DOMAINS || "").trim();
+const PROXY_ALL = PROXY_DOMAINS_RAW === "*";
+let BLOCKED_DOMAINS;
+if (PROXY_ALL) {
+  BLOCKED_DOMAINS = [];
+} else {
+  const extra = PROXY_DOMAINS_RAW.split(",").map((d) => d.trim()).filter(Boolean);
+  const seen = new Set(DEFAULT_PROXY_DOMAINS);
+  BLOCKED_DOMAINS = [...DEFAULT_PROXY_DOMAINS];
+  for (const d of extra) {
+    if (!seen.has(d)) { BLOCKED_DOMAINS.push(d); seen.add(d); }
+  }
+}
 
 if (PROXY_URL) {
   try {

health-server.js

@@ -1,6 +1,5 @@
 // Single public entrypoint for HF Spaces: local dashboard + reverse proxy to Paperclip.
 const http = require("http");
-const https = require("https");
 const fs = require("fs");
 const net = require("net");
 
@@ -12,13 +11,8 @@ const startTime = Date.now();
 const HF_BACKUP_ENABLED = !!process.env.HF_TOKEN;
 const SYNC_INTERVAL = process.env.SYNC_INTERVAL || "86400";
 
-const UPTIMEROBOT_SETUP_ENABLED =
-  String(process.env.UPTIMEROBOT_SETUP_ENABLED || "true").toLowerCase() === "true";
-const UPTIMEROBOT_RATE_WINDOW_MS = 60 * 1000;
-const UPTIMEROBOT_RATE_MAX = Number(process.env.UPTIMEROBOT_RATE_LIMIT_PER_MINUTE || 5);
-const SPACE_VISIBILITY_TTL_MS = 10 * 60 * 1000;
-const spaceVisibilityCache = new Map();
-const uptimerobotRateMap = new Map();
+const UPTIMEROBOT_STATUS_FILE = "/tmp/huggingclip-uptimerobot-status.json";
+const UPTIMEROBOT_API_KEY_SET = !!process.env.UPTIMEROBOT_API_KEY;
 
 // ============================================================================
 // URL helpers
@@ -33,169 +27,20 @@ function parseRequestUrl(url) {
 }
 
 function isLocalRoute(pathname) {
-  return (
-    pathname === "/health" ||
-    pathname === "/status" ||
-    pathname === "/uptimerobot/setup"
-  );
+  return pathname === "/health" || pathname === "/status";
 }
 
 // ============================================================================
 // UptimeRobot helpers
 // ============================================================================
 
-function getRequesterIp(req) {
-  const forwarded = req.headers["x-forwarded-for"];
-  if (typeof forwarded === "string") return forwarded.split(",")[0].trim();
-  if (Array.isArray(forwarded) && forwarded.length > 0) return String(forwarded[0]).split(",")[0].trim();
-  return req.socket.remoteAddress || "unknown";
-}
-
-function isRateLimited(req) {
-  const now = Date.now();
-  const ip = getRequesterIp(req);
-  const bucket = uptimerobotRateMap.get(ip) || [];
-  const recent = bucket.filter((ts) => now - ts < UPTIMEROBOT_RATE_WINDOW_MS);
-  recent.push(now);
-  uptimerobotRateMap.set(ip, recent);
-  return recent.length > UPTIMEROBOT_RATE_MAX;
-}
-
-setInterval(() => {
-  const cutoff = Date.now() - UPTIMEROBOT_RATE_WINDOW_MS;
-  for (const [ip, timestamps] of uptimerobotRateMap) {
-    if (timestamps.every((ts) => ts < cutoff)) uptimerobotRateMap.delete(ip);
-  }
-}, 5 * 60 * 1000).unref();
-
-function isAllowedUptimeSetupOrigin(req) {
-  const host = String(req.headers.host || "").toLowerCase();
-  const origin = String(req.headers.origin || "").toLowerCase();
-  const referer = String(req.headers.referer || "").toLowerCase();
-  if (!host) return false;
-  if (origin && !origin.includes(host)) return false;
-  if (referer && !referer.includes(host)) return false;
-  return true;
-}
-
-function isValidUptimeApiKey(key) {
-  return /^[A-Za-z0-9_-]{20,128}$/.test(String(key || ""));
-}
-
-function decodeJwtPayload(token) {
-  try {
-    const parts = String(token || "").split(".");
-    if (parts.length < 2) return null;
-    const normalized = parts[1].replace(/-/g, "+").replace(/_/g, "/");
-    const padded = normalized + "=".repeat((4 - (normalized.length % 4)) % 4);
-    return JSON.parse(Buffer.from(padded, "base64").toString("utf8"));
-  } catch {
-    return null;
-  }
-}
-
-function getSpaceRef(parsedUrl) {
-  const signedToken = parsedUrl.searchParams.get("__sign");
-  if (!signedToken) return null;
-  const payload = decodeJwtPayload(signedToken);
-  const subject = payload && payload.sub;
-  const match =
-    typeof subject === "string"
-      ? subject.match(/^\/spaces\/([^/]+)\/([^/]+)$/)
-      : null;
-  if (!match) return null;
-  return { owner: match[1], repo: match[2] };
-}
-
-function fetchStatusCode(url) {
-  return new Promise((resolve, reject) => {
-    const req = https.get(
-      url,
-      { headers: { "user-agent": "HuggingClip/1.0", accept: "application/json" } },
-      (res) => { res.resume(); resolve(res.statusCode || 0); },
-    );
-    req.on("error", reject);
-    req.setTimeout(5000, () => req.destroy(new Error("timeout")));
-  });
-}
-
-async function resolveSpaceIsPrivate(parsedUrl) {
-  const ref = getSpaceRef(parsedUrl);
-  if (!ref) return false;
-  const cacheKey = `${ref.owner}/${ref.repo}`;
-  const cached = spaceVisibilityCache.get(cacheKey);
-  if (cached && Date.now() - cached.timestamp < SPACE_VISIBILITY_TTL_MS) return cached.isPrivate;
+function getUptimeRobotStatus() {
   try {
-    const statusCode = await fetchStatusCode(`https://huggingface.co/api/spaces/${ref.owner}/${ref.repo}`);
-    const isPrivate = statusCode === 401 || statusCode === 403 || statusCode === 404;
-    spaceVisibilityCache.set(cacheKey, { isPrivate, timestamp: Date.now() });
-    return isPrivate;
-  } catch {
-    if (cached) return cached.isPrivate;
-    return false;
-  }
-}
-
-function postUptimeRobot(path, form) {
-  const body = new URLSearchParams(form).toString();
-  return new Promise((resolve, reject) => {
-    const request = https.request(
-      {
-        hostname: "api.uptimerobot.com",
-        port: 443,
-        method: "POST",
-        path,
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded",
-          "Content-Length": Buffer.byteLength(body),
-        },
-      },
-      (response) => {
-        let raw = "";
-        response.setEncoding("utf8");
-        response.on("data", (chunk) => { raw += chunk; });
-        response.on("end", () => {
-          try { resolve(JSON.parse(raw)); }
-          catch { reject(new Error("Unexpected response from UptimeRobot")); }
-        });
-      },
-    );
-    request.on("error", reject);
-    request.write(body);
-    request.end();
-  });
-}
-
-async function createUptimeRobotMonitor(apiKey, host) {
-  const cleanHost = String(host || "").replace(/^https?:\/\//, "").replace(/\/.*$/, "");
-  if (!cleanHost) throw new Error("Missing Space host.");
-
-  const monitorUrl = `https://${cleanHost}/health`;
-  const existing = await postUptimeRobot("/v2/getMonitors", {
-    api_key: apiKey, format: "json", logs: "0",
-    response_times: "0", response_times_limit: "1",
-  });
-
-  const existingMonitor = Array.isArray(existing.monitors)
-    ? existing.monitors.find((m) => m.url === monitorUrl)
-    : null;
-
-  if (existingMonitor) {
-    return { created: false, message: `Monitor already exists for ${monitorUrl}` };
-  }
-
-  const created = await postUptimeRobot("/v2/newMonitor", {
-    api_key: apiKey, format: "json", type: "1",
-    friendly_name: `HuggingClip ${cleanHost}`,
-    url: monitorUrl, interval: "300",
-  });
-
-  if (created.stat !== "ok") {
-    const message = created?.error?.message || created?.message || "Failed to create UptimeRobot monitor.";
-    throw new Error(message);
-  }
-
-  return { created: true, message: `Monitor created for ${monitorUrl}` };
+    if (fs.existsSync(UPTIMEROBOT_STATUS_FILE)) {
+      return JSON.parse(fs.readFileSync(UPTIMEROBOT_STATUS_FILE, "utf8"));
+    }
+  } catch {}
+  return null;
 }
 
 // ============================================================================
@@ -255,27 +100,25 @@ function formatUptime(seconds) {
 // ============================================================================
 
 function renderDashboard(initialData) {
-  const keepAwakeHtml = !UPTIMEROBOT_SETUP_ENABLED
-    ? `<div class="helper-summary">UptimeRobot setup is disabled for this Space.</div>`
-    : initialData.spacePrivate
-    ? `<div class="helper-summary"><strong>Space is private.</strong> External monitors cannot access private HF health URLs. Switch to a public Space to use keep-awake.</div>`
-    : `
-        <div id="uptimerobot-summary" class="helper-summary">
-            One-time setup for public Spaces. Paste your UptimeRobot <strong>Main API key</strong> to create the monitor.
-        </div>
-        <button id="uptimerobot-toggle" class="helper-toggle" type="button">Set Up Monitor</button>
-        <div id="uptimerobot-shell" class="helper-shell hidden">
-            <div class="helper-copy">
-                Do <strong>not</strong> use the Read-only API key or a Monitor-specific API key.
-            </div>
-            <div class="helper-row">
-                <input id="uptimerobot-key" class="helper-input" type="password"
-                    placeholder="Paste your UptimeRobot Main API key" autocomplete="off" />
-                <button id="uptimerobot-btn" class="helper-button" type="button">Create Monitor</button>
-            </div>
-            <div class="helper-note">One-time setup. Your key is only used to create the monitor for this Space.</div>
-        </div>
-        <div id="uptimerobot-result" class="helper-result"></div>`;
+  const uptimerobotStatus = getUptimeRobotStatus();
+  let keepAwakeHtml;
+  if (uptimerobotStatus?.configured) {
+    keepAwakeHtml = `<div class="helper-summary success">
+      <span class="status-badge status-online"><div class="pulse"></div>Configured</span>
+      <span>UptimeRobot monitor active for <code>${uptimerobotStatus.url || "your /health endpoint"}</code>.</span>
+    </div>`;
+  } else if (uptimerobotStatus?.configured === false) {
+    keepAwakeHtml = `<div class="helper-summary error">
+      <span class="status-badge status-error">Failed</span>
+      <span>Monitor setup failed. Check Space logs.</span>
+    </div>`;
+  } else if (UPTIMEROBOT_API_KEY_SET) {
+    keepAwakeHtml = `<div class="helper-summary"><span class="status-badge status-syncing"><div class="pulse" style="background:#3b82f6"></div>Setting up</span> Setting up UptimeRobot monitor...</div>`;
+  } else {
+    keepAwakeHtml = `<div class="helper-summary">
+      <strong>Not configured.</strong> Add <code>UPTIMEROBOT_API_KEY</code> to Space secrets to enable keep-awake monitoring.
+    </div>`;
+  }
 
   const syncStatus = initialData.sync;
   const hasBackup = HF_BACKUP_ENABLED;
@@ -443,9 +286,12 @@ function renderDashboard(initialData) {
             margin-top: 14px; padding: 12px 14px; border-radius: 12px;
             background: rgba(255,255,255,0.03); color: var(--text-dim);
             font-size: 0.9rem; line-height: 1.5;
+            display: flex; align-items: center; gap: 10px; flex-wrap: wrap;
         }
         .helper-summary strong { color: var(--text); }
+        .helper-summary code { background: rgba(255,255,255,0.07); padding: 1px 6px; border-radius: 4px; font-size: 0.85em; color: var(--text); }
         .helper-summary.success { background: rgba(16,185,129,0.08); }
+        .helper-summary.error { background: rgba(239,68,68,0.08); }
         .helper-toggle {
             margin-top: 14px; display: inline-flex; align-items: center; justify-content: center;
             background: rgba(255,255,255,0.04); color: var(--text);
@@ -549,10 +395,6 @@ function renderDashboard(initialData) {
     </div>
 
     <script>
-        const KEEP_AWAKE_PRIVATE = ${initialData.spacePrivate ? "true" : "false"};
-        const KEEP_AWAKE_SETUP_ENABLED = ${UPTIMEROBOT_SETUP_ENABLED ? "true" : "false"};
-        const monitorStateKey = 'huggingclip_uptimerobot_v1';
-
         function getCurrentSearch() { return window.location.search || ''; }
 
         function renderSyncBadge(status, lastSyncTime, lastError) {
@@ -599,98 +441,13 @@ function renderDashboard(initialData) {
             }
         }
 
-        function setMonitorUiState(isConfigured) {
-            const summary = document.getElementById('uptimerobot-summary');
-            const shell = document.getElementById('uptimerobot-shell');
-            const toggle = document.getElementById('uptimerobot-toggle');
-            if (!summary || !shell || !toggle) return;
-            if (isConfigured) {
-                summary.classList.add('success');
-                summary.innerHTML = '<strong>Already set up.</strong> Your UptimeRobot monitor should keep this public Space awake.';
-                shell.classList.add('hidden');
-                toggle.textContent = 'Set Up Again';
-            } else {
-                summary.classList.remove('success');
-                summary.innerHTML = 'One-time setup for public Spaces. Paste your UptimeRobot <strong>Main API key</strong> to create the monitor.';
-                toggle.textContent = 'Set Up Monitor';
-            }
-        }
-
-        function restoreMonitorUiState() {
-            try { setMonitorUiState(window.localStorage.getItem(monitorStateKey) === 'done'); }
-            catch { setMonitorUiState(false); }
-        }
-
-        async function setupUptimeRobot() {
-            const input = document.getElementById('uptimerobot-key');
-            const button = document.getElementById('uptimerobot-btn');
-            const result = document.getElementById('uptimerobot-result');
-            const apiKey = input.value.trim();
-            if (!apiKey) {
-                result.className = 'helper-result error';
-                result.textContent = 'Paste your UptimeRobot Main API key first.';
-                return;
-            }
-            button.disabled = true;
-            button.textContent = 'Creating...';
-            result.className = 'helper-result';
-            result.textContent = '';
-            try {
-                const res = await fetch('/uptimerobot/setup' + getCurrentSearch(), {
-                    method: 'POST',
-                    headers: { 'Content-Type': 'application/json' },
-                    body: JSON.stringify({ apiKey }),
-                });
-                const data = await res.json();
-                if (!res.ok) throw new Error(data.message || 'Failed to create monitor.');
-                result.className = 'helper-result ok';
-                result.textContent = data.message || 'UptimeRobot monitor is ready.';
-                input.value = '';
-                try { window.localStorage.setItem(monitorStateKey, 'done'); } catch {}
-                setMonitorUiState(true);
-                document.getElementById('uptimerobot-shell').classList.add('hidden');
-            } catch (error) {
-                result.className = 'helper-result error';
-                result.textContent = error.message || 'Failed to create monitor.';
-            } finally {
-                button.disabled = false;
-                button.textContent = 'Create Monitor';
-            }
-        }
-
         updateStatus();
         setInterval(updateStatus, 30000);
-
-        if (KEEP_AWAKE_SETUP_ENABLED && !KEEP_AWAKE_PRIVATE) {
-            restoreMonitorUiState();
-            const toggleBtn = document.getElementById('uptimerobot-toggle');
-            const createBtn = document.getElementById('uptimerobot-btn');
-            if (toggleBtn) toggleBtn.addEventListener('click', () => {
-                document.getElementById('uptimerobot-shell').classList.toggle('hidden');
-            });
-            if (createBtn) createBtn.addEventListener('click', setupUptimeRobot);
-        }
     </script>
 </body>
 </html>`;
 }
 
-// ============================================================================
-// Request body reader
-// ============================================================================
-
-function readRequestBody(req) {
-  return new Promise((resolve, reject) => {
-    let body = "";
-    req.on("data", (chunk) => {
-      body += chunk;
-      if (body.length > 64 * 1024) { reject(new Error("Request too large")); req.destroy(); }
-    });
-    req.on("end", () => resolve(body));
-    req.on("error", reject);
-  });
-}
-
 // ============================================================================
 // HTTP Proxy helpers
 // ============================================================================
@@ -803,61 +560,14 @@ const server = http.createServer((req, res) => {
     return;
   }
 
-  // ── UptimeRobot setup endpoint ─────────────────────────────────────────────
-  if (pathname === "/uptimerobot/setup") {
-    if (req.method !== "POST") {
-      res.writeHead(405, { "Content-Type": "application/json" });
-      res.end(JSON.stringify({ message: "Method not allowed" }));
-      return;
-    }
-    void (async () => {
-      try {
-        if (!UPTIMEROBOT_SETUP_ENABLED) {
-          res.writeHead(403, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ message: "Uptime setup is disabled." }));
-          return;
-        }
-        if (isRateLimited(req)) {
-          res.writeHead(429, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ message: "Too many requests." }));
-          return;
-        }
-        if (!isAllowedUptimeSetupOrigin(req)) {
-          res.writeHead(403, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ message: "Invalid request origin." }));
-          return;
-        }
-        const body = await readRequestBody(req);
-        const parsed = JSON.parse(body || "{}");
-        const apiKey = String(parsed.apiKey || "").trim();
-        if (!isValidUptimeApiKey(apiKey)) {
-          res.writeHead(400, { "Content-Type": "application/json" });
-          res.end(JSON.stringify({ message: "A valid API key is required." }));
-          return;
-        }
-        const result = await createUptimeRobotMonitor(apiKey, req.headers.host);
-        res.writeHead(200, { "Content-Type": "application/json" });
-        res.end(JSON.stringify(result));
-      } catch (error) {
-        res.writeHead(400, { "Content-Type": "application/json" });
-        res.end(JSON.stringify({ message: error?.message || "Failed to create UptimeRobot monitor." }));
-      }
-    })();
-    return;
-  }
-
   // ── Dashboard (root) ───────────────────────────────────────────────────────
   if (pathname === "/" || pathname === "") {
     void (async () => {
-      const [paperclipStatus, spacePrivate] = await Promise.all([
-        checkPaperclipHealth(),
-        resolveSpaceIsPrivate(parsedUrl),
-      ]);
+      const paperclipStatus = await checkPaperclipHealth();
       const initialData = {
         paperclipRunning: paperclipStatus.status === "running",
         sync: readSyncStatus(),
         inviteUrl: readInviteUrl(),
-        spacePrivate,
       };
       res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
       res.end(renderDashboard(initialData));

setup-uptimerobot.sh

@@ -10,11 +10,12 @@ set -euo pipefail
 # Optional:
 # - UPTIMEROBOT_MONITOR_NAME: friendly name for the monitor
 # - UPTIMEROBOT_ALERT_CONTACTS: dash-separated alert contact IDs, e.g. "123456-789012"
-# - UPTIMEROBOT_INTERVAL: monitoring interval in minutes (subject to account limits)
+# - UPTIMEROBOT_INTERVAL: monitoring interval in seconds (default: 300 = 5 min; min: 30)
 
 API_URL="https://api.uptimerobot.com/v2"
 API_KEY="${UPTIMEROBOT_API_KEY:-}"
 SPACE_HOST_INPUT="${1:-${SPACE_HOST:-}}"
+STATUS_FILE="/tmp/huggingclip-uptimerobot-status.json"
 
 if [ -z "$API_KEY" ]; then
   echo "Missing UPTIMEROBOT_API_KEY."
@@ -34,8 +35,8 @@ SPACE_HOST_CLEAN="${SPACE_HOST_CLEAN#http://}"
 SPACE_HOST_CLEAN="${SPACE_HOST_CLEAN%%/*}"
 
 MONITOR_URL="https://${SPACE_HOST_CLEAN}/health"
-MONITOR_NAME="${UPTIMEROBOT_MONITOR_NAME:-HuggingClaw ${SPACE_HOST_CLEAN}}"
-INTERVAL="${UPTIMEROBOT_INTERVAL:-5}"
+MONITOR_NAME="${UPTIMEROBOT_MONITOR_NAME:-HuggingClip ${SPACE_HOST_CLEAN}}"
+INTERVAL="${UPTIMEROBOT_INTERVAL:-300}"
 
 echo "Checking existing UptimeRobot monitors for ${MONITOR_URL}..."
 MONITORS_RESPONSE=$(curl -sS -X POST "${API_URL}/getMonitors" \
@@ -50,6 +51,8 @@ MONITOR_ID=$(printf '%s' "$MONITORS_RESPONSE" | jq -r --arg url "$MONITOR_URL" '
 ')
 
 if [ -n "$MONITOR_ID" ]; then
+  printf '{"configured":true,"monitorId":"%s","url":"%s","alreadyExisted":true,"timestamp":"%s"}\n' \
+    "$MONITOR_ID" "$MONITOR_URL" "$(date -u +%Y-%m-%dT%H:%M:%SZ)" > "$STATUS_FILE"
   echo "Monitor already exists (id=${MONITOR_ID}) for ${MONITOR_URL}"
   exit 0
 fi
@@ -75,10 +78,14 @@ CREATE_RESPONSE=$(curl "${CURL_ARGS[@]}")
 CREATE_STATUS=$(printf '%s' "$CREATE_RESPONSE" | jq -r '.stat // "fail"')
 
 if [ "$CREATE_STATUS" != "ok" ]; then
+  printf '{"configured":false,"error":"creation failed","timestamp":"%s"}\n' \
+    "$(date -u +%Y-%m-%dT%H:%M:%SZ)" > "$STATUS_FILE"
   echo "Failed to create monitor."
   printf '%s\n' "$CREATE_RESPONSE"
   exit 1
 fi
 
 NEW_ID=$(printf '%s' "$CREATE_RESPONSE" | jq -r '.monitor.id // empty')
+printf '{"configured":true,"monitorId":"%s","url":"%s","timestamp":"%s"}\n' \
+  "${NEW_ID:-}" "$MONITOR_URL" "$(date -u +%Y-%m-%dT%H:%M:%SZ)" > "$STATUS_FILE"
 echo "Created UptimeRobot monitor ${NEW_ID:-"(id unavailable)"} for ${MONITOR_URL}"

start.sh

@@ -208,6 +208,12 @@ fi
 # ── Health server ─────────────────────────────────────────────────────────────
 node /app/health-server.js &
 HEALTH_PID=$!
+
+if [ -n "${UPTIMEROBOT_API_KEY:-}" ] && [ -n "${SPACE_HOST:-}" ]; then
+  echo "Setting up UptimeRobot monitor..."
+  bash /app/setup-uptimerobot.sh "${SPACE_HOST}" || true
+fi
+
 sleep 2
 
 # ── Paperclip instance config ─────────────────────────────────────────────────