fix(ci): pin npm for publish workflow

## Summary

- add a server-backed HTTPS proxy flow for Tauri remote windows so
self-signed remote HTTPS works with the local CLI TLS assets and desktop
auth/cookie handling
- manage remote proxy sessions through `packages/server` with
per-session bootstrap, local-only cleanup, and explicit session
lifecycle handling
- support the Tauri desktop flow across environments, including packaged
Windows builds, `tauri dev`, and updated Linux/macOS handling for the
new local HTTPS proxy path

## Testing

- `npm run build --workspace @neuralnomads/codenomad`
- `cargo check`
- `npm run build --workspace @codenomad/tauri-app`
- Windows smoke test for concurrent remote proxy bootstrap sessions
- Windows manual validation of packaged Tauri remote connection flow

## Notes

- Windows was validated end-to-end.
- Linux and macOS code paths were updated for the new proxy flow, but
runtime validation on those platforms is still pending.

---------

Co-authored-by: Shantur Rathore <i@shantur.com>

.github/workflows/build-and-upload.yml

@@ -53,7 +53,7 @@ on:
 # least-privilege (e.g. dev CI uses read-only; releases grant write).
 
 env:
-  NODE_VERSION: 20
+  NODE_VERSION: 22
 
 jobs:
   build-macos:
@@ -372,7 +372,7 @@ jobs:
             if [ "$attempt" -gt 1 ]; then
               echo "Retrying Tauri CLI install (attempt $attempt)..."
             fi
-            npm install @tauri-apps/cli@2.9.4 @tauri-apps/cli-darwin-x64@2.9.4 --no-save --no-audit --no-fund --workspaces=false
+            npm install @tauri-apps/cli@2.10.1 @tauri-apps/cli-darwin-x64@2.10.1 --no-save --no-audit --no-fund --workspaces=false
             node -e "require('@tauri-apps/cli'); console.log('Tauri CLI loaded')" && exit 0
           done
           echo "Tauri CLI failed to load after retries" >&2
@@ -456,7 +456,7 @@ jobs:
             if [ "$attempt" -gt 1 ]; then
               echo "Retrying Tauri CLI install (attempt $attempt)..."
             fi
-            npm install @tauri-apps/cli@2.9.4 @tauri-apps/cli-darwin-arm64@2.9.4 --no-save --no-audit --no-fund --workspaces=false
+            npm install @tauri-apps/cli@2.10.1 @tauri-apps/cli-darwin-arm64@2.10.1 --no-save --no-audit --no-fund --workspaces=false
             node -e "require('@tauri-apps/cli'); console.log('Tauri CLI loaded')" && exit 0
           done
           echo "Tauri CLI failed to load after retries" >&2
@@ -542,7 +542,7 @@ jobs:
             if [ "$attempt" -gt 1 ]; then
               echo "Retrying Tauri CLI install (attempt $attempt)..."
             fi
-            npm install @tauri-apps/cli@2.9.4 @tauri-apps/cli-win32-x64-msvc@2.9.4 --no-save --no-audit --no-fund --workspaces=false
+            npm install @tauri-apps/cli@2.10.1 @tauri-apps/cli-win32-x64-msvc@2.10.1 --no-save --no-audit --no-fund --workspaces=false
             node -e "require('@tauri-apps/cli'); console.log('Tauri CLI loaded')" && exit 0
           done
           echo "Tauri CLI failed to load after retries" >&2
@@ -614,6 +614,7 @@ jobs:
           sudo apt-get install -y \
             build-essential \
             pkg-config \
+            xdg-utils \
             libgtk-3-dev \
             libglib2.0-dev \
             libwebkit2gtk-4.1-dev \
@@ -642,6 +643,7 @@ jobs:
             if [ "$attempt" -gt 1 ]; then
               echo "Retrying Tauri CLI install (attempt $attempt)..."
             fi
+            # Tauri CLI 2.10.1 regresses Linux AppImage bundling in CI; keep Linux on the last known-good CLI.
             npm install @tauri-apps/cli@2.9.4 @tauri-apps/cli-linux-x64-gnu@2.9.4 --no-save --no-audit --no-fund --workspaces=false
             node -e "require('@tauri-apps/cli'); console.log('Tauri CLI loaded')" && exit 0
           done
@@ -741,6 +743,7 @@ jobs:
           sudo apt-get install -y \
             build-essential \
             pkg-config \
+            xdg-utils \
             gcc-aarch64-linux-gnu \
             g++-aarch64-linux-gnu \
             libgtk-3-dev:arm64 \

.github/workflows/manual-npm-publish.yml

@@ -46,7 +46,8 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     env:
-      NODE_VERSION: 20
+      NODE_VERSION: 22
+      PUBLISH_NPM_VERSION: 11.5.1
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -59,8 +60,15 @@ jobs:
           node-version: ${{ env.NODE_VERSION }}
           registry-url: https://registry.npmjs.org
 
-      - name: Ensure npm >=11.5.1
-        run: npm install -g npm@latest
+      - name: Prepare pinned npm CLI
+        shell: bash
+        run: |
+          set -euo pipefail
+          tool_dir="$RUNNER_TEMP/publish-npm"
+          mkdir -p "$tool_dir"
+          npm install --prefix "$tool_dir" "npm@${PUBLISH_NPM_VERSION}" --no-audit --no-fund
+          echo "$tool_dir/node_modules/npm/bin" >> "$GITHUB_PATH"
+          "$tool_dir/node_modules/npm/bin/npm-cli.js" --version
 
       - name: Install dependencies
         run: npm ci --workspaces

.github/workflows/release-ui.yml

@@ -14,7 +14,7 @@ permissions:
   contents: read
 
 env:
-  NODE_VERSION: 20
+  NODE_VERSION: 22
 
 jobs:
   release-ui:

.github/workflows/reusable-release.yml

@@ -39,7 +39,7 @@ permissions:
   contents: write
 
 env:
-  NODE_VERSION: 20
+  NODE_VERSION: 22
 
 jobs:
   prepare-release:

package.json

@@ -30,5 +30,13 @@
   },
   "devDependencies": {
     "baseline-browser-mapping": "^2.9.11"
+  },
+  "optionalDependencies": {
+    "@rollup/rollup-darwin-arm64": "4.52.5",
+    "@rollup/rollup-darwin-x64": "4.52.5",
+    "@rollup/rollup-linux-arm64-gnu": "4.52.5",
+    "@rollup/rollup-linux-x64-gnu": "4.52.5",
+    "@rollup/rollup-win32-arm64-msvc": "4.52.5",
+    "@rollup/rollup-win32-x64-msvc": "4.52.5"
   }
 }

packages/electron-app/electron/main/main.ts

@@ -118,6 +118,8 @@ function loadLoadingScreen(window: BrowserWindow) {
   loader.catch((error) => {
     console.error("[cli] failed to load loading screen:", error)
   })
+
+  return loader
 }
 
 function getAllowedRendererOrigins(window?: BrowserWindow | null): string[] {
@@ -291,7 +293,7 @@ function createWindow() {
   showingLoadingScreen = true
   currentCliUrl = null
   clearWindowAllowedOrigin(window)
-  loadLoadingScreen(window)
+  const loadingReady = loadLoadingScreen(window)
 
   if (process.env.NODE_ENV === "development") {
     window.webContents.openDevTools({ mode: "detach" })
@@ -310,11 +312,7 @@ function createWindow() {
     showingLoadingScreen = false
   })
 
-  if (pendingCliUrl) {
-    const url = pendingCliUrl
-    pendingCliUrl = null
-    startCliPreload(url)
-  }
+  return loadingReady
 }
 
 function showLoadingScreen(force = false) {
@@ -620,7 +618,8 @@ app.whenReady().then(() => {
     // ignore
   }
 
-  startCli()
+  const loadingReady = createWindow()
+  ;(mainWindow as BrowserWindow & { __codenomadOpenRemoteWindow?: typeof openRemoteWindow }).__codenomadOpenRemoteWindow = openRemoteWindow
 
   if (isMac) {
     session.defaultSession.setSpellCheckerEnabled(false)
@@ -637,8 +636,11 @@ app.whenReady().then(() => {
     }
   }
 
-  createWindow()
-  ;(mainWindow as BrowserWindow & { __codenomadOpenRemoteWindow?: typeof openRemoteWindow }).__codenomadOpenRemoteWindow = openRemoteWindow
+  void loadingReady.finally(() => {
+    setTimeout(() => {
+      void startCli()
+    }, 0)
+  })
 
   app.on("certificate-error", (event, _webContents, url, error, _certificate, callback) => {
     if (isInsecureOriginAllowed(url)) {

packages/electron-app/electron/main/process-manager.ts

@@ -38,7 +38,7 @@ interface StartOptions {
 
 interface CliEntryResolution {
   entry: string
-  runner: "node" | "tsx"
+  runner: "node" | "tsx" | "standalone"
   runnerPath?: string
 }
 
@@ -148,15 +148,15 @@ export class CliProcessManager extends EventEmitter {
     const listeningMode = this.resolveListeningMode()
     const host = resolveHostForMode(listeningMode)
     const args = this.buildCliArgs(options, host)
+    const cliEntry = this.resolveCliEntry(options)
 
     let child: ManagedChild
 
-    if (this.shouldUsePackagedShellSupervisor(options)) {
-      const runtimePath = this.resolveShellNodeCommand()
-      const entryPath = this.resolveBundledProdEntry()
+    if (this.shouldUsePackagedShellSupervisor(options, cliEntry)) {
       const supervisorPath = this.resolveCliSupervisorPath()
       const shellEnv = supportsUserShell() ? getUserShellEnv() : { ...process.env }
-      const shellCommand = buildUserShellCommand(`exec ${this.buildExecutableCommand(runtimePath, [entryPath, ...args])}`)
+      const shellTarget = cliEntry.runner === "standalone" ? this.buildExecutableCommand(cliEntry.entry, args) : this.buildCommand(cliEntry, args)
+      const shellCommand = buildUserShellCommand(`exec ${shellTarget}`)
       const supervisorPayload = JSON.stringify({
         command: shellCommand.command,
         args: shellCommand.args,
@@ -164,28 +164,33 @@ export class CliProcessManager extends EventEmitter {
       })
 
       console.info(
-        `[cli] launching CodeNomad CLI (${options.dev ? "dev" : "prod"}) via utility supervisor using node at ${runtimePath} (host=${host})`,
+        `[cli] launching CodeNomad CLI (${options.dev ? "dev" : "prod"}) via utility supervisor using ${cliEntry.runner} at ${cliEntry.entry} (host=${host})`,
       )
       console.info(`[cli] utility supervisor: ${supervisorPath}`)
       console.info(`[cli] shell command: ${shellCommand.command} ${shellCommand.args.join(" ")}`)
 
       child = utilityProcess.fork(supervisorPath, [supervisorPayload], {
-        env: shellEnv,
+        env: cliEntry.runner === "standalone" ? shellEnv : { ...shellEnv, ELECTRON_RUN_AS_NODE: "1" },
         stdio: "pipe",
         serviceName: "CodeNomad CLI Supervisor",
       })
       this.childLaunchMode = "utility"
     } else {
-      const cliEntry = this.resolveCliEntry(options)
       console.info(
         `[cli] launching CodeNomad CLI (${options.dev ? "dev" : "prod"}) using ${cliEntry.runner} at ${cliEntry.entry} (host=${host})`,
       )
 
       const env = supportsUserShell() ? getUserShellEnv() : { ...process.env }
-      env.ELECTRON_RUN_AS_NODE = "1"
+      if (cliEntry.runner !== "standalone") {
+        env.ELECTRON_RUN_AS_NODE = "1"
+      }
 
       const spawnDetails = supportsUserShell()
-        ? buildUserShellCommand(`ELECTRON_RUN_AS_NODE=1 exec ${this.buildCommand(cliEntry, args)}`)
+        ? buildUserShellCommand(
+            `${cliEntry.runner === "standalone" ? "" : "ELECTRON_RUN_AS_NODE=1 "}exec ${
+              cliEntry.runner === "standalone" ? this.buildExecutableCommand(cliEntry.entry, args) : this.buildCommand(cliEntry, args)
+            }`,
+          )
         : this.buildDirectSpawn(cliEntry, args)
 
       const detached = process.platform !== "win32"
@@ -563,6 +568,10 @@ export class CliProcessManager extends EventEmitter {
   }
 
   private buildCommand(cliEntry: CliEntryResolution, args: string[]): string {
+    if (cliEntry.runner === "standalone") {
+      return this.buildExecutableCommand(cliEntry.entry, args)
+    }
+
     const parts = [JSON.stringify(process.execPath)]
     if (cliEntry.runner === "tsx" && cliEntry.runnerPath) {
       parts.push(JSON.stringify(cliEntry.runnerPath))
@@ -577,6 +586,10 @@ export class CliProcessManager extends EventEmitter {
   }
 
   private buildDirectSpawn(cliEntry: CliEntryResolution, args: string[]) {
+    if (cliEntry.runner === "standalone") {
+      return { command: cliEntry.entry, args }
+    }
+
     if (cliEntry.runner === "tsx") {
       return { command: process.execPath, args: [cliEntry.runnerPath!, cliEntry.entry, ...args] }
     }
@@ -593,9 +606,8 @@ export class CliProcessManager extends EventEmitter {
       const devEntry = this.resolveDevEntry()
       return { entry: devEntry, runner: "tsx", runnerPath: tsxPath }
     }
- 
-    const distEntry = this.resolveProdEntry()
-    return { entry: distEntry, runner: "node" }
+
+    return { entry: this.resolveStandaloneProdEntry(), runner: "standalone" }
   }
  
   private resolveTsx(): string | null {
@@ -635,20 +647,25 @@ export class CliProcessManager extends EventEmitter {
     return entry
   }
  
-  private resolveProdEntry(): string {
-    try {
-      const entry = nodeRequire.resolve("@neuralnomads/codenomad/dist/bin.js")
-      if (existsSync(entry)) {
-        return entry
+  private resolveStandaloneProdEntry(): string {
+    const executableName = process.platform === "win32" ? "codenomad-server.exe" : "codenomad-server"
+    const candidates = [
+      path.join(process.resourcesPath, "server", "dist", executableName),
+      path.join(mainDirname, "../resources/server/dist", executableName),
+      path.resolve(process.cwd(), "..", "server", "dist", executableName),
+    ]
+
+    for (const candidate of candidates) {
+      if (existsSync(candidate)) {
+        return candidate
       }
-    } catch {
-      // fall through to error below
     }
-    throw new Error("Unable to locate CodeNomad CLI build (dist/bin.js). Run npm run build --workspace @neuralnomads/codenomad.")
+
+    throw new Error(`Unable to locate standalone CodeNomad server executable (${executableName}). Run npm run build:standalone --workspace @neuralnomads/codenomad.`)
   }
 
-  private shouldUsePackagedShellSupervisor(options: StartOptions): boolean {
-    return !options.dev && app.isPackaged && process.platform === "darwin"
+  private shouldUsePackagedShellSupervisor(options: StartOptions, cliEntry: CliEntryResolution): boolean {
+    return !options.dev && app.isPackaged && process.platform === "darwin" && cliEntry.runner !== "standalone"
   }
 
   private resolveCliSupervisorPath(): string {
@@ -666,26 +683,6 @@ export class CliProcessManager extends EventEmitter {
     throw new Error("Unable to locate CodeNomad CLI supervisor script.")
   }
 
-  private resolveShellNodeCommand(): string {
-    const configured = process.env.NODE_BINARY?.trim()
-    return configured && configured.length > 0 ? configured : "node"
-  }
-
-  private resolveBundledProdEntry(): string {
-    const candidates = [
-      path.join(process.resourcesPath, "server", "dist", "bin.js"),
-      path.join(mainDirname, "../resources/server/dist/bin.js"),
-    ]
-
-    for (const candidate of candidates) {
-      if (existsSync(candidate)) {
-        return candidate
-      }
-    }
-
-    throw new Error("Unable to locate bundled CodeNomad CLI build in app resources.")
-  }
-
   private describeUtilityProcessError(error: unknown): string {
     if (error instanceof Error && error.message) {
       return error.message

packages/electron-app/electron/main/user-shell.ts

@@ -20,10 +20,24 @@ function getDefaultShellPath(): string {
   return "/bin/bash"
 }
 
+function wrapCommandForShell(command: string, shellPath: string): string {
+  const shellName = path.basename(shellPath)
+
+  if (shellName.includes("bash")) {
+    return 'if [ -f ~/.bashrc ]; then source ~/.bashrc >/dev/null 2>&1; fi; ' + command
+  }
+
+  if (shellName.includes("zsh")) {
+    return 'if [ -f ~/.zshrc ]; then source ~/.zshrc >/dev/null 2>&1; fi; ' + command
+  }
+
+  return command
+}
+
 function buildShellArgs(shellPath: string): string[] {
   const shellName = path.basename(shellPath)
-  if (shellName.includes("zsh") || shellName.includes("bash")) {
-    return ["-i", "-l", "-c"]
+  if (shellName.includes("zsh")) {
+    return ["-l", "-i", "-c"]
   }
   return ["-l", "-c"]
 }
@@ -45,11 +59,12 @@ export function buildUserShellCommand(userCommand: string): ShellCommand {
   }
 
   const shellPath = getDefaultShellPath()
+  const script = wrapCommandForShell(userCommand, shellPath)
   const args = buildShellArgs(shellPath)
 
   return {
     command: shellPath,
-    args: [...args, userCommand],
+    args: [...args, script],
   }
 }
 

packages/electron-app/scripts/build.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 
 import { spawn } from "child_process"
-import { existsSync } from "fs"
+import { existsSync, readFileSync } from "fs"
 import path, { join } from "path"
 import { fileURLToPath } from "url"
 
@@ -14,6 +14,46 @@ const npxCmd = process.platform === "win32" ? "npx.cmd" : "npx"
 const nodeModulesPath = join(appDir, "node_modules")
 const workspaceNodeModulesPath = join(workspaceRoot, "node_modules")
 
+function getPlatformEsbuildPackage() {
+  const platformKey = `${process.platform}-${process.arch}`
+  const platformPackages = {
+    "linux-x64": "@esbuild/linux-x64",
+    "linux-arm64": "@esbuild/linux-arm64",
+    "darwin-arm64": "@esbuild/darwin-arm64",
+    "darwin-x64": "@esbuild/darwin-x64",
+    "win32-arm64": "@esbuild/win32-arm64",
+    "win32-x64": "@esbuild/win32-x64",
+  }
+
+  return platformPackages[platformKey] ?? null
+}
+
+async function ensureEsbuildPlatformBinary() {
+  const pkgName = getPlatformEsbuildPackage()
+  if (!pkgName) {
+    return
+  }
+
+  const platformPackagePath = join(workspaceNodeModulesPath, ...pkgName.split("/"))
+  if (existsSync(platformPackagePath)) {
+    return
+  }
+
+  let esbuildVersion = ""
+  try {
+    esbuildVersion = JSON.parse(readFileSync(join(workspaceNodeModulesPath, "esbuild", "package.json"), "utf-8")).version ?? ""
+  } catch {
+    // leave version empty; fallback install will use latest compatible
+  }
+
+  const packageSpec = esbuildVersion ? `${pkgName}@${esbuildVersion}` : pkgName
+  console.log("📦 Step 0/3: Restoring esbuild platform binary...\n")
+  await run(npmCmd, ["install", packageSpec, "--no-save", "--ignore-scripts", "--fund=false", "--audit=false"], {
+    cwd: workspaceRoot,
+    env: { NODE_PATH: workspaceNodeModulesPath },
+  })
+}
+
 const platforms = {
   mac: {
     args: ["--mac", "--x64", "--arm64"],
@@ -105,6 +145,8 @@ async function build(platform) {
   console.log(`\n🔨 Building for: ${config.description}\n`)
 
   try {
+    await ensureEsbuildPlatformBinary()
+
     console.log("📦 Step 1/3: Building CLI dependency...\n")
     await run(npmCmd, ["run", "build", "--workspace", "@neuralnomads/codenomad"], {
       cwd: workspaceRoot,

packages/electron-app/scripts/prepare-resources.js

@@ -16,6 +16,7 @@ const npmNodeExecPath = process.env.npm_node_execpath
 
 const serverSources = ["dist", "public", "node_modules", "package.json"]
 const serverDepsMarker = join(serverRoot, "node_modules", "fastify", "package.json")
+const standaloneMarker = join(serverRoot, "dist", process.platform === "win32" ? "codenomad-server.exe" : "codenomad-server")
 
 function log(message) {
   console.log(`[prepare-resources] ${message}`)
@@ -29,6 +30,34 @@ function ensureServerBuild() {
   }
 }
 
+function ensureStandaloneServerBuild() {
+  log("building standalone server executable")
+  const result = spawnSync(
+    "npm",
+    ["run", "build:standalone", "--workspace", "@neuralnomads/codenomad"],
+    {
+      cwd: workspaceRoot,
+      stdio: "inherit",
+      env: {
+        ...process.env,
+        PATH: `${join(workspaceRoot, "node_modules", ".bin")}${path.delimiter}${process.env.PATH ?? ""}`,
+      },
+      shell: process.platform === "win32",
+    },
+  )
+
+  if (result.status !== 0) {
+    if (result.error) {
+      throw result.error
+    }
+    throw new Error(`standalone server build exited with code ${result.status ?? 1}`)
+  }
+
+  if (!fs.existsSync(standaloneMarker)) {
+    throw new Error(`Standalone server executable missing after build: ${standaloneMarker}`)
+  }
+}
+
 function ensureServerDependencies() {
   if (fs.existsSync(serverDepsMarker)) {
     return
@@ -65,6 +94,51 @@ function ensureServerDependencies() {
   }
 }
 
+function ensureEsbuildPlatformBinary() {
+  const platformKey = `${process.platform}-${process.arch}`
+  const platformPackages = {
+    "linux-x64": "@esbuild/linux-x64",
+    "linux-arm64": "@esbuild/linux-arm64",
+    "darwin-arm64": "@esbuild/darwin-arm64",
+    "darwin-x64": "@esbuild/darwin-x64",
+    "win32-arm64": "@esbuild/win32-arm64",
+    "win32-x64": "@esbuild/win32-x64",
+  }
+
+  const pkgName = platformPackages[platformKey]
+  if (!pkgName) {
+    return
+  }
+
+  const platformPackagePath = join(workspaceRoot, "node_modules", ...pkgName.split("/"))
+  if (fs.existsSync(platformPackagePath)) {
+    return
+  }
+
+  let esbuildVersion = ""
+  try {
+    esbuildVersion = JSON.parse(fs.readFileSync(join(workspaceRoot, "node_modules", "esbuild", "package.json"), "utf-8")).version ?? ""
+  } catch {
+    // leave version empty; fallback install will use latest compatible
+  }
+
+  const packageSpec = esbuildVersion ? `${pkgName}@${esbuildVersion}` : pkgName
+  log("installing esbuild platform binary (optional dep workaround)")
+
+  const result = spawnSync("npm", ["install", packageSpec, "--no-save", "--ignore-scripts", "--fund=false", "--audit=false"], {
+    cwd: workspaceRoot,
+    stdio: "inherit",
+    shell: process.platform === "win32",
+  })
+
+  if (result.status !== 0) {
+    if (result.error) {
+      throw result.error
+    }
+    throw new Error(`esbuild platform install exited with code ${result.status ?? 1}`)
+  }
+}
+
 function copyServerArtifacts() {
   fs.rmSync(serverDest, { recursive: true, force: true })
   fs.mkdirSync(serverDest, { recursive: true })
@@ -121,7 +195,9 @@ function stripNodeModuleBins() {
 
 async function main() {
   ensureServerBuild()
+  ensureStandaloneServerBuild()
   ensureServerDependencies()
+  ensureEsbuildPlatformBinary()
   copyServerArtifacts()
   stripNodeModuleBins()
 }

packages/opencode-config/package.json

@@ -4,6 +4,6 @@
   "private": true,
   "license": "MIT",
   "dependencies": {
-    "@opencode-ai/plugin": "1.3.7"
+    "@opencode-ai/plugin": "1.14.19"
   }
-}
+}

packages/server/package.json

@@ -18,6 +18,7 @@
   },
   "scripts": {
     "build": "npm run build:ui && npm run prepare-ui && tsc -p tsconfig.json && node ./scripts/copy-auth-pages.mjs && npm run prepare-config",
+    "build:standalone": "node ./scripts/build-standalone.mjs",
     "build:ui": "npm run build --prefix ../ui",
     "prepare-ui": "node ./scripts/copy-ui-dist.mjs",
     "prepare-config": "node ./scripts/copy-opencode-config.mjs",
@@ -25,16 +26,16 @@
     "typecheck": "tsc --noEmit -p tsconfig.json"
   },
   "dependencies": {
-    "@fastify/cors": "^8.5.0",
-    "@fastify/reply-from": "^9.8.0",
-    "@fastify/static": "^7.0.4",
+    "@fastify/cors": "^11.2.0",
+    "@fastify/reply-from": "^12.6.2",
+    "@fastify/static": "^9.1.1",
     "commander": "^12.1.0",
-    "fastify": "^4.28.1",
+    "fastify": "^5.8.5",
     "fuzzysort": "^2.0.4",
     "node-forge": "^1.3.3",
     "openai": "^6.27.0",
     "pino": "^9.4.0",
-    "undici": "^6.19.8",
+    "undici": "^8.1.0",
     "yaml": "^2.4.2",
     "yauzl": "^2.10.0",
     "zod": "^3.23.8"
@@ -42,6 +43,7 @@
   "devDependencies": {
     "@types/node-forge": "^1.3.14",
     "@types/yauzl": "^2.10.0",
+    "bun": "^1.3.13",
     "cross-env": "^7.0.3",
     "ts-node": "^10.9.2",
     "tsx": "^4.20.6",

packages/server/scripts/build-standalone.mjs

@@ -0,0 +1,99 @@
+#!/usr/bin/env node
+import fs from "fs"
+import path from "path"
+import { spawnSync } from "child_process"
+import { fileURLToPath } from "url"
+
+const __filename = fileURLToPath(import.meta.url)
+const __dirname = path.dirname(__filename)
+const cliRoot = path.resolve(__dirname, "..")
+const distDir = path.join(cliRoot, "dist")
+const publicDir = path.join(cliRoot, "public")
+const authPagesSourceDir = path.join(distDir, "server", "routes", "auth-pages")
+const authPagesTargetDir = path.join(distDir, "auth-pages")
+const explicitTarget = process.env.CODENOMAD_STANDALONE_TARGET?.trim()
+const outputName = (explicitTarget?.includes("windows") || process.platform === "win32") ? "codenomad-server.exe" : "codenomad-server"
+const outputPath = path.join(distDir, outputName)
+const packageJsonPath = path.join(cliRoot, "package.json")
+
+function resolveBunCommand() {
+  const executableName = process.platform === "win32" ? "bun.exe" : "bun"
+  const localBinName = process.platform === "win32" ? "bun.cmd" : "bun"
+  const candidates = [
+    path.join(cliRoot, "node_modules", ".bin", localBinName),
+    path.join(cliRoot, "..", "..", "node_modules", ".bin", localBinName),
+    path.join(cliRoot, "node_modules", "bun", "bin", executableName),
+    path.join(cliRoot, "..", "..", "node_modules", "bun", "bin", executableName),
+  ]
+
+  for (const candidate of candidates) {
+    if (fs.existsSync(candidate)) {
+      return candidate
+    }
+  }
+
+  return "bun"
+}
+
+function fail(message) {
+  console.error(`[build-standalone] ${message}`)
+  process.exit(1)
+}
+
+function ensureArtifacts() {
+  const requiredPaths = [distDir, publicDir, authPagesSourceDir, packageJsonPath]
+  const missing = requiredPaths.filter((filePath) => !fs.existsSync(filePath))
+  if (missing.length > 0) {
+    fail(`Missing required build artifacts: ${missing.join(", ")}. Run npm run build first.`)
+  }
+
+  const bunResult = spawnSync(resolveBunCommand(), ["-v"], { cwd: cliRoot, encoding: "utf-8", shell: process.platform === "win32" })
+  if (bunResult.status !== 0) {
+    fail("Bun is required to build the standalone server executable. Install dependencies so the local Bun binary is available.")
+  }
+}
+
+function syncStandaloneAuthPages() {
+  fs.rmSync(authPagesTargetDir, { recursive: true, force: true })
+  fs.mkdirSync(path.dirname(authPagesTargetDir), { recursive: true })
+  fs.cpSync(authPagesSourceDir, authPagesTargetDir, { recursive: true })
+}
+
+function buildStandaloneExecutable() {
+  fs.rmSync(outputPath, { force: true })
+  const bunCommand = resolveBunCommand()
+
+  const args = ["build", "--compile"]
+  if (explicitTarget) {
+    args.push(`--target=${explicitTarget}`)
+  }
+  args.push(path.join(cliRoot, "src", "index.ts"), "--outfile", outputPath)
+
+  const result = spawnSync(bunCommand, args, {
+    cwd: cliRoot,
+    stdio: "inherit",
+    shell: process.platform === "win32",
+  })
+
+  if (result.status !== 0) {
+    if (result.error) {
+      throw result.error
+    }
+    throw new Error(`bun build --compile exited with code ${result.status ?? 1}`)
+  }
+}
+
+function main() {
+  ensureArtifacts()
+  syncStandaloneAuthPages()
+
+  buildStandaloneExecutable()
+  console.log(`[build-standalone] built ${outputPath}`)
+}
+
+try {
+  main()
+} catch (error) {
+  console.error("[build-standalone] failed:", error)
+  process.exit(1)
+}

packages/server/scripts/copy-opencode-config.mjs

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import { spawnSync } from "child_process"
-import { cpSync, existsSync, mkdirSync, rmSync } from "fs"
+import { cpSync, existsSync, mkdirSync, readdirSync, rmSync } from "fs"
 import path from "path"
 import { fileURLToPath } from "url"
 
@@ -14,6 +14,67 @@ const selfLinkDir = path.resolve(nodeModulesDir, "@codenomad", "opencode-config"
 const npmExecPath = process.env.npm_execpath
 const npmNodeExecPath = process.env.npm_node_execpath
 
+function stripNodeModuleBins(rootDir) {
+  const root = path.join(rootDir, "node_modules")
+  if (!existsSync(root)) {
+    return 0
+  }
+
+  const stack = [root]
+  let removed = 0
+
+  while (stack.length > 0) {
+    const current = stack.pop()
+    if (!current) break
+
+    let entries
+    try {
+      entries = readdirSync(current, { withFileTypes: true })
+    } catch {
+      continue
+    }
+
+    for (const entry of entries) {
+      const full = path.join(current, entry.name)
+      if (entry.name === ".bin") {
+        rmSync(full, { recursive: true, force: true })
+        removed += 1
+        continue
+      }
+
+      if (entry.isDirectory()) {
+        stack.push(full)
+      }
+    }
+  }
+
+  return removed
+}
+
+function stripOptionalNativeAddons(rootDir) {
+  const nodeModulesRoot = path.join(rootDir, "node_modules")
+  if (!existsSync(nodeModulesRoot)) {
+    return 0
+  }
+
+  const removablePaths = [
+    path.join(nodeModulesRoot, "@msgpackr-extract"),
+    path.join(nodeModulesRoot, "msgpackr-extract"),
+  ]
+
+  let removed = 0
+  for (const targetPath of removablePaths) {
+    if (!existsSync(targetPath)) {
+      continue
+    }
+
+    rmSync(targetPath, { recursive: true, force: true })
+    removed += 1
+  }
+
+  return removed
+}
+
 if (!existsSync(sourceDir)) {
   console.error(`[copy-opencode-config] Missing source directory at ${sourceDir}`)
   process.exit(1)
@@ -58,4 +119,14 @@ rmSync(targetDir, { recursive: true, force: true })
 mkdirSync(path.dirname(targetDir), { recursive: true })
 cpSync(sourceDir, targetDir, { recursive: true })
 
+const removedBins = stripNodeModuleBins(targetDir)
+if (removedBins > 0) {
+  console.log(`[copy-opencode-config] Removed ${removedBins} node_modules/.bin directories`)
+}
+
+const removedNativeAddons = stripOptionalNativeAddons(targetDir)
+if (removedNativeAddons > 0) {
+  console.log(`[copy-opencode-config] Removed ${removedNativeAddons} optional native addon package paths`)
+}
+
 console.log(`[copy-opencode-config] Copied ${sourceDir} -> ${targetDir}`)

packages/server/src/api-types.ts

@@ -337,6 +337,16 @@ export interface RemoteServerProbeResponse {
   errorCode?: string
 }
 
+export interface RemoteProxySessionCreateRequest {
+  baseUrl: string
+  skipTlsVerify?: boolean
+}
+
+export interface RemoteProxySessionCreateResponse {
+  sessionId: string
+  windowUrl: string
+}
+
 export type WorkspaceEventType =
   | "workspace.created"
   | "workspace.started"

packages/server/src/index.ts

@@ -21,6 +21,7 @@ import { launchInBrowser } from "./launcher"
 import { resolveUi } from "./ui/remote-ui"
 import { AuthManager, BOOTSTRAP_TOKEN_STDOUT_PREFIX, DEFAULT_AUTH_COOKIE_NAME, DEFAULT_AUTH_USERNAME } from "./auth/manager"
 import { resolveHttpsOptions } from "./server/tls"
+import { RemoteProxySessionManager } from "./server/remote-proxy"
 import { resolveNetworkAddresses, resolveRemoteAddresses } from "./server/network-addresses"
 import { startDevReleaseMonitor } from "./releases/dev-release-monitor"
 import { SpeechService } from "./speech/service"
@@ -28,13 +29,14 @@ import { SideCarManager } from "./sidecars/manager"
 import { ClientConnectionManager } from "./clients/connection-manager"
 import { PluginChannelManager } from "./plugins/channel"
 import { VoiceModeManager } from "./plugins/voice-mode"
+import { readServerPackageVersion, resolveServerPublicDir } from "./runtime-paths"
 
 const require = createRequire(import.meta.url)
 
-const packageJson = require("../package.json") as { version: string }
+const packageJson = { version: readServerPackageVersion(import.meta.url) }
 const __filename = fileURLToPath(import.meta.url)
 const __dirname = path.dirname(__filename)
-const DEFAULT_UI_STATIC_DIR = path.resolve(__dirname, "../public")
+const DEFAULT_UI_STATIC_DIR = resolveServerPublicDir(import.meta.url)
 
 interface CliOptions {
   host: string
@@ -375,14 +377,15 @@ async function main() {
       })
     : null
 
-  if (uiResolution.uiDevServerUrl && options.https) {
-    throw new InvalidArgumentError("UI dev proxy is only supported with --https=false --http=true")
-  }
-
   const remoteAccessEnabled = options.host === "0.0.0.0" || !isLoopbackHost(options.host)
 
   const clientConnectionManager = new ClientConnectionManager(logger.child({ component: "client-connections" }))
   const pluginChannel = new PluginChannelManager(logger.child({ component: "plugin-channel" }))
+  const remoteProxySessionManager = new RemoteProxySessionManager({
+    authManager,
+    logger: logger.child({ component: "remote-proxy" }),
+    httpsOptions: tlsResolution?.httpsOptions,
+  })
   const voiceModeManager = new VoiceModeManager({
     connections: clientConnectionManager,
     channel: pluginChannel,
@@ -422,6 +425,7 @@ async function main() {
         clientConnectionManager,
         pluginChannel,
         voiceModeManager,
+        remoteProxySessionManager,
         uiStaticDir: uiResolution.uiStaticDir ?? DEFAULT_UI_STATIC_DIR,
         uiDevServerUrl: uiResolution.uiDevServerUrl,
         logger,
@@ -447,6 +451,7 @@ async function main() {
         clientConnectionManager,
         pluginChannel,
         voiceModeManager,
+        remoteProxySessionManager,
         uiStaticDir: uiResolution.uiStaticDir ?? DEFAULT_UI_STATIC_DIR,
         uiDevServerUrl: undefined,
         logger,

packages/server/src/opencode-config.ts

@@ -1,22 +1,11 @@
 import { existsSync } from "fs"
-import path from "path"
-import { fileURLToPath } from "url"
 import { createLogger } from "./logger"
+import { resolveOpencodeTemplateDir } from "./runtime-paths"
 
 const log = createLogger({ component: "opencode-config" })
-const __filename = fileURLToPath(import.meta.url)
-const __dirname = path.dirname(__filename)
-const devTemplateDir = path.resolve(__dirname, "../../opencode-config")
-const resourcesPath = (process as NodeJS.Process & { resourcesPath?: string }).resourcesPath
-const prodTemplateDirs = [
-  resourcesPath ? path.resolve(resourcesPath, "opencode-config") : undefined,
-  path.resolve(__dirname, "opencode-config"),
-].filter((dir): dir is string => Boolean(dir))
+const templateDir = resolveOpencodeTemplateDir(import.meta.url)
 
-const isDevBuild = Boolean(process.env.CODENOMAD_DEV ?? process.env.CLI_UI_DEV_SERVER) || existsSync(devTemplateDir)
-const templateDir = isDevBuild
-  ? devTemplateDir
-  : prodTemplateDirs.find((dir) => existsSync(dir)) ?? prodTemplateDirs[0]
+const isDevBuild = Boolean(process.env.CODENOMAD_DEV ?? process.env.CLI_UI_DEV_SERVER)
 
 export function getOpencodeConfigDir(): string {
   if (!existsSync(templateDir)) {

packages/server/src/runtime-paths.ts

@@ -0,0 +1,79 @@
+import fs from "fs"
+import path from "path"
+import { fileURLToPath } from "url"
+
+function safeModuleDir(importMetaUrl: string): string | null {
+  try {
+    return path.dirname(fileURLToPath(importMetaUrl))
+  } catch {
+    return null
+  }
+}
+
+function firstExistingPath(candidates: Array<string | null | undefined>, predicate: (value: string) => boolean): string | null {
+  for (const candidate of candidates) {
+    if (!candidate) continue
+    if (predicate(candidate)) {
+      return candidate
+    }
+  }
+  return null
+}
+
+export function getPackagedDistDir(): string {
+  return path.dirname(process.execPath)
+}
+
+export function resolveServerPackageRoot(importMetaUrl: string): string {
+  const moduleDir = safeModuleDir(importMetaUrl)
+  const configuredRoot = process.env.CODENOMAD_SERVER_ROOT?.trim()
+  const candidates = [
+    configuredRoot ? path.resolve(configuredRoot) : null,
+    moduleDir ? path.resolve(moduleDir, "..") : null,
+    path.resolve(getPackagedDistDir(), ".."),
+  ]
+
+  return (
+    firstExistingPath(candidates, (value) => fs.existsSync(path.join(value, "package.json"))) ??
+    candidates.find((value): value is string => Boolean(value)) ??
+    process.cwd()
+  )
+}
+
+export function resolveServerPublicDir(importMetaUrl: string): string {
+  const moduleDir = safeModuleDir(importMetaUrl)
+  const candidates = [moduleDir ? path.resolve(moduleDir, "../public") : null, path.join(resolveServerPackageRoot(importMetaUrl), "public")]
+
+  return firstExistingPath(candidates, (value) => fs.existsSync(value)) ?? candidates[candidates.length - 1]!
+}
+
+export function resolveAuthTemplatePath(importMetaUrl: string, fileName: string): string {
+  const moduleDir = safeModuleDir(importMetaUrl)
+  const distDir = getPackagedDistDir()
+  const candidates = [
+    moduleDir ? path.join(moduleDir, "auth-pages", fileName) : null,
+    path.join(distDir, "auth-pages", fileName),
+    path.join(distDir, "server", "routes", "auth-pages", fileName),
+  ]
+
+  return firstExistingPath(candidates, (value) => fs.existsSync(value)) ?? candidates[0]!
+}
+
+export function resolveOpencodeTemplateDir(importMetaUrl: string): string {
+  const moduleDir = safeModuleDir(importMetaUrl)
+  const resourcesPath = (process as NodeJS.Process & { resourcesPath?: string }).resourcesPath
+  const candidates = [
+    moduleDir ? path.resolve(moduleDir, "../../opencode-config") : null,
+    resourcesPath ? path.resolve(resourcesPath, "opencode-config") : null,
+    moduleDir ? path.resolve(moduleDir, "opencode-config") : null,
+    path.join(getPackagedDistDir(), "opencode-config"),
+  ]
+
+  return firstExistingPath(candidates, (value) => fs.existsSync(value)) ?? candidates[candidates.length - 1]!
+}
+
+export function readServerPackageVersion(importMetaUrl: string): string {
+  const packageJsonPath = path.join(resolveServerPackageRoot(importMetaUrl), "package.json")
+  const parsed = JSON.parse(fs.readFileSync(packageJsonPath, "utf-8")) as { version?: unknown }
+  return typeof parsed.version === "string" && parsed.version.trim().length > 0 ? parsed.version : "0.0.0"
+}

packages/server/src/server/__tests__/remote-proxy.test.ts

@@ -0,0 +1,248 @@
+import assert from "node:assert/strict"
+import { after, afterEach, describe, it } from "node:test"
+import fs from "node:fs"
+import http, { type IncomingMessage, type ServerResponse } from "node:http"
+import os from "node:os"
+import path from "node:path"
+
+import { Agent, fetch } from "undici"
+
+import type { AuthManager } from "../../auth/manager"
+import type { Logger } from "../../logger"
+import { RemoteProxySessionManager } from "../remote-proxy"
+import { resolveHttpsOptions } from "../tls"
+
+const sharedTempDir = fs.mkdtempSync(path.join(os.tmpdir(), "codenomad-remote-proxy-test-"))
+const sharedTls = resolveHttpsOptions({
+  enabled: true,
+  configDir: sharedTempDir,
+  host: "127.0.0.1",
+  logger: createStubLogger(),
+})
+
+if (!sharedTls) {
+  throw new Error("Failed to generate HTTPS options for remote proxy tests")
+}
+
+const sharedHttpsOptions = sharedTls.httpsOptions
+
+const httpsDispatcher = new Agent({ connect: { rejectUnauthorized: false } })
+const managers = new Set<RemoteProxySessionManager>()
+
+afterEach(async () => {
+  for (const manager of managers) {
+    await disposeManager(manager)
+  }
+  managers.clear()
+})
+
+after(() => {
+  fs.rmSync(sharedTempDir, { recursive: true, force: true })
+  httpsDispatcher.close().catch(() => {})
+})
+
+describe("RemoteProxySessionManager", () => {
+  it("blocks proxying before activation and keeps bootstrap tokens scoped per session", async () => {
+    await withUpstreamServer(async (upstreamBaseUrl) => {
+      const manager = createSessionManager()
+      const session1 = await createSession(manager, `${upstreamBaseUrl}/base`)
+      const session2 = await createSession(manager, `${upstreamBaseUrl}/base`)
+
+      const blocked = await proxyFetch(`${session1.proxyOrigin}/status`)
+      assert.equal(blocked.status, 403)
+
+      const wrongTokenResponse = await proxyFetch(`${session1.proxyOrigin}/__codenomad/api/auth/token`, {
+        method: "POST",
+        headers: { "content-type": "application/json" },
+        body: JSON.stringify({ token: session2.token }),
+      })
+      assert.equal(wrongTokenResponse.status, 401)
+
+      assert.equal(await activateSession(session1), true)
+      assert.equal(await activateSession(session2), true)
+    }, (req, res) => {
+      res.writeHead(200, { "content-type": "text/plain" })
+      res.end(req.url ?? "")
+    })
+  })
+
+  it("preserves remote base paths and rewrites same-origin redirects to the local proxy origin", async () => {
+    await withUpstreamServer(async (upstreamBaseUrl) => {
+      const manager = createSessionManager()
+      const session = await createSession(manager, `${upstreamBaseUrl}/base`)
+
+      await activateSession(session)
+
+      const apiResponse = await proxyFetch(`${session.proxyOrigin}/api/auth/status?foo=bar`)
+      assert.equal(apiResponse.status, 200)
+      assert.equal(await apiResponse.text(), "/base/api/auth/status?foo=bar")
+
+      const redirectResponse = await proxyFetch(`${session.proxyOrigin}/redirect`, { redirect: "manual" })
+      assert.equal(redirectResponse.status, 302)
+      assert.equal(redirectResponse.headers.get("location"), `${session.proxyOrigin}/base/after?ok=1`)
+    }, (req, res) => {
+      const requestUrl = req.url ?? ""
+      if (requestUrl === "/base/redirect") {
+        res.writeHead(302, { location: "/base/after?ok=1" })
+        res.end()
+        return
+      }
+
+      res.writeHead(200, { "content-type": "text/plain" })
+      res.end(requestUrl)
+    })
+  })
+
+  it("rewrites set-cookie names for the proxy and restores cookie names on proxied requests", async () => {
+    await withUpstreamServer(async (upstreamBaseUrl) => {
+      const manager = createSessionManager()
+      const session = await createSession(manager, `${upstreamBaseUrl}/base`)
+
+      await activateSession(session)
+
+      const loginResponse = await proxyFetch(`${session.proxyOrigin}/login`)
+      assert.equal(loginResponse.status, 200)
+      const setCookie = getSetCookie(loginResponse)[0]
+
+      assert.match(setCookie, /^cnrp_[0-9a-f]+_session=abc123/i)
+      assert.doesNotMatch(setCookie, /domain=/i)
+
+      const cookieHeader = setCookie.split(";", 1)[0]
+      const whoamiResponse = await proxyFetch(`${session.proxyOrigin}/whoami`, {
+        headers: { cookie: cookieHeader },
+      })
+
+      assert.equal(await whoamiResponse.text(), "session=abc123")
+    }, (req, res) => {
+      const requestUrl = req.url ?? ""
+      if (requestUrl === "/base/login") {
+        res.writeHead(200, {
+          "content-type": "text/plain",
+          "set-cookie": "session=abc123; Path=/; Secure; HttpOnly; Domain=127.0.0.1",
+        })
+        res.end("ok")
+        return
+      }
+
+      if (requestUrl === "/base/whoami") {
+        res.writeHead(200, { "content-type": "text/plain" })
+        res.end(req.headers.cookie ?? "")
+        return
+      }
+
+      res.writeHead(404, { "content-type": "text/plain" })
+      res.end(requestUrl)
+    })
+  })
+
+  it("supports explicit deletion and idle cleanup of sessions", async () => {
+    await withUpstreamServer(async (upstreamBaseUrl) => {
+      const manager = createSessionManager()
+      const session = await createSession(manager, `${upstreamBaseUrl}/base`)
+
+      assert.equal(await manager.deleteSession(session.sessionId), true)
+      assert.equal(await manager.deleteSession(session.sessionId), false)
+
+      const session3 = await createSession(manager, `${upstreamBaseUrl}/base`)
+      const internalSessions = (manager as any).sessions as Map<string, { lastAccessAt: number }>
+      const internalCleanup = (manager as any).cleanupExpiredSessions as () => Promise<void>
+
+      internalSessions.get(session3.sessionId)!.lastAccessAt = Date.now() - 31 * 60_000
+      await internalCleanup.call(manager)
+
+      assert.equal(internalSessions.has(session3.sessionId), false)
+      assert.equal(await manager.deleteSession(session3.sessionId), false)
+    }, (_req, res) => {
+      res.writeHead(200, { "content-type": "text/plain" })
+      res.end("ok")
+    })
+  })
+})
+
+function createSessionManager() {
+  const manager = new RemoteProxySessionManager({
+    authManager: {
+      isLoopbackRequest: () => true,
+    } as unknown as AuthManager,
+    logger: createStubLogger(),
+    httpsOptions: sharedHttpsOptions,
+  })
+  managers.add(manager)
+  return manager
+}
+
+async function createSession(manager: RemoteProxySessionManager, baseUrl: string) {
+  const created = await manager.createSession(baseUrl, false)
+  const windowUrl = new URL(created.windowUrl)
+  return {
+    sessionId: created.sessionId,
+    windowUrl,
+    proxyOrigin: windowUrl.origin,
+    token: decodeURIComponent(windowUrl.hash.replace(/^#/, "")),
+  }
+}
+
+async function activateSession(session: { proxyOrigin: string; token: string }) {
+  const response = await proxyFetch(`${session.proxyOrigin}/__codenomad/api/auth/token`, {
+    method: "POST",
+    headers: { "content-type": "application/json" },
+    body: JSON.stringify({ token: session.token }),
+  })
+  if (!response.ok) {
+    return false
+  }
+  const body = (await response.json()) as { ok?: boolean }
+  return body.ok === true
+}
+
+function getSetCookie(response: Awaited<ReturnType<typeof fetch>>): string[] {
+  const values = (response.headers as any).getSetCookie?.() as string[] | undefined
+  if (Array.isArray(values) && values.length > 0) {
+    return values
+  }
+  const fallback = response.headers.get("set-cookie")
+  return fallback ? [fallback] : []
+}
+
+async function proxyFetch(url: string, init?: Parameters<typeof fetch>[1]) {
+  return fetch(url, { dispatcher: httpsDispatcher, ...init })
+}
+
+async function disposeManager(manager: RemoteProxySessionManager) {
+  const sessions = Array.from(((manager as any).sessions as Map<string, unknown>).keys())
+  for (const sessionId of sessions) {
+    await manager.deleteSession(sessionId)
+  }
+  clearInterval((manager as any).cleanupTimer as NodeJS.Timeout)
+}
+
+async function withUpstreamServer(
+  callback: (baseUrl: string) => Promise<void>,
+  handler: (req: IncomingMessage, res: ServerResponse<IncomingMessage>) => void,
+) {
+  const server = http.createServer(handler)
+  await new Promise<void>((resolve) => server.listen(0, "127.0.0.1", () => resolve()))
+
+  try {
+    const address = server.address()
+    if (!address || typeof address === "string") {
+      throw new Error("Failed to resolve upstream server address")
+    }
+    await callback(`http://127.0.0.1:${address.port}`)
+  } finally {
+    await new Promise<void>((resolve, reject) => server.close((error) => (error ? reject(error) : resolve())))
+  }
+}
+
+function createStubLogger(): Logger {
+  const logger = {
+    info() {},
+    warn() {},
+    error() {},
+    child() {
+      return logger
+    },
+  }
+
+  return logger as unknown as Logger
+}

packages/server/src/server/http-server.ts

@@ -5,6 +5,8 @@ import replyFrom from "@fastify/reply-from"
 import fs from "fs"
 import { connect as connectTcp, type Socket } from "net"
 import path from "path"
+import { Readable } from "stream"
+import { pipeline } from "stream/promises"
 import { connect as connectTls, type TLSSocket } from "tls"
 import { fetch } from "undici"
 import type { Logger } from "../logger"
@@ -26,6 +28,7 @@ import { registerBackgroundProcessRoutes } from "./routes/background-processes"
 import { registerWorktreeRoutes } from "./routes/worktrees"
 import { registerSpeechRoutes } from "./routes/speech"
 import { registerRemoteServerRoutes } from "./routes/remote-servers"
+import { registerRemoteProxyRoutes } from "./routes/remote-proxy"
 import { registerSideCarRoutes } from "./routes/sidecars"
 import { ServerMeta } from "../api-types"
 import { InstanceStore } from "../storage/instance-store"
@@ -38,6 +41,7 @@ import { ClientConnectionManager } from "../clients/connection-manager"
 import { PluginChannelManager } from "../plugins/channel"
 import { VoiceModeManager } from "../plugins/voice-mode"
 import type { SideCarManager } from "../sidecars/manager"
+import type { RemoteProxySessionManager } from "./remote-proxy"
 
 interface HttpServerDeps {
   bindHost: string
@@ -58,6 +62,7 @@ interface HttpServerDeps {
   clientConnectionManager: ClientConnectionManager
   pluginChannel: PluginChannelManager
   voiceModeManager: VoiceModeManager
+  remoteProxySessionManager: RemoteProxySessionManager
   uiStaticDir: string
   uiDevServerUrl?: string
   logger: Logger
@@ -199,7 +204,12 @@ export function createHttpServer(deps: HttpServerDeps) {
       publicPagePaths.add("/auth/token")
     }
 
-    if (publicApiPaths.has(pathname) || publicPagePaths.has(pathname)) {
+    const isLoopbackRemoteProxyDelete =
+      request.method === "DELETE" &&
+      pathname.startsWith("/api/remote-proxy/sessions/") &&
+      deps.authManager.isLoopbackRequest(request)
+
+    if (publicApiPaths.has(pathname) || publicPagePaths.has(pathname) || isLoopbackRemoteProxyDelete) {
       done()
       return
     }
@@ -274,6 +284,7 @@ export function createHttpServer(deps: HttpServerDeps) {
     workspaceManager: deps.workspaceManager,
   })
   registerRemoteServerRoutes(app, { logger: apiLogger })
+  registerRemoteProxyRoutes(app, { logger: proxyLogger, sessionManager: deps.remoteProxySessionManager })
   registerSpeechRoutes(app, { speechService: deps.speechService })
   registerSideCarRoutes(app, { sidecarManager: deps.sidecarManager })
   registerSideCarProxyRoutes(app, { sidecarManager: deps.sidecarManager, logger: proxyLogger })
@@ -617,57 +628,57 @@ async function proxyWorkspaceRequest(args: {
     logger.trace({ workspaceId, targetUrl, body: request.body }, "Instance proxy payload")
   }
 
-  return reply.from(targetUrl, {
-    rewriteRequestHeaders: (_originalRequest, headers) => {
-      if (instanceAuthHeader) {
-        headers.authorization = instanceAuthHeader
-      }
+  const headers = buildWorkspaceInstanceProxyHeaders(request.headers, instanceAuthHeader, directory)
 
-      // OpenCode expects the *full* path; we send it via header to avoid query tampering.
-      const isNonASCII = /[^\x00-\x7F]/.test(directory)
-      const encodedDirectory = isNonASCII ? encodeURIComponent(directory) : directory
+  if (logger.isLevelEnabled("trace")) {
+    logger.trace(
+      {
+        workspaceId,
+        method: request.method,
+        targetUrl,
+        worktreeSlug,
+        directory,
+        contentType: request.headers["content-type"],
+        body: bodyToJson(request.body),
+        headers: redactProxyHeadersForLogs(headers),
+      },
+      "Proxy -> OpenCode request",
+    )
+  }
 
-      // Overwrite any client-provided value (case-insensitive headers are normalized by Node).
-      ;(headers as Record<string, unknown>)["x-opencode-directory"] = encodedDirectory
+  const init: any = {
+    method: request.method,
+    headers,
+    redirect: "manual",
+  }
 
-      if (logger.isLevelEnabled("trace")) {
-        const outgoing: Record<string, unknown> = {}
-        for (const [key, value] of Object.entries(headers as Record<string, unknown>)) {
-          outgoing[key] = value
-        }
+  if (request.method !== "GET" && request.method !== "HEAD") {
+    const body = toProxyRequestBody(request.body)
+    if (body !== undefined) {
+      init.body = body
+      init.duplex = "half"
+    }
+  }
 
-        // Redact sensitive headers.
-        for (const key of Object.keys(outgoing)) {
-          const lower = key.toLowerCase()
-          if (lower === "authorization" || lower === "cookie" || lower === "set-cookie") {
-            outgoing[key] = "<redacted>"
-          }
-        }
+  try {
+    const response = await fetch(targetUrl, init)
+    reply.code(response.status)
+    applyInstanceProxyResponseHeaders(reply, response)
 
-        logger.trace(
-          {
-            workspaceId,
-            method: request.method,
-            targetUrl,
-            worktreeSlug,
-            directory,
-            contentType: request.headers["content-type"],
-            body: bodyToJson(request.body),
-            headers: outgoing,
-          },
-          "Proxy -> OpenCode request",
-        )
-      }
+    if (!response.body || request.method === "HEAD") {
+      reply.send()
+      return
+    }
 
-      return headers
-    },
-    onError: (proxyReply, { error }) => {
-      logger.error({ err: error, workspaceId, targetUrl }, "Failed to proxy workspace request")
-      if (!proxyReply.sent) {
-        proxyReply.code(502).send({ error: "Workspace instance proxy failed" })
-      }
-    },
-  })
+    reply.hijack()
+    reply.raw.writeHead(reply.statusCode, toOutgoingHeaders(reply.getHeaders()))
+    await pipeline(Readable.fromWeb(response.body as any), reply.raw)
+  } catch (error) {
+    logger.error({ err: error, workspaceId, targetUrl }, "Failed to proxy workspace request")
+    if (!reply.sent) {
+      reply.code(502).send({ error: "Workspace instance proxy failed" })
+    }
+  }
 }
 
 function extractOpencodeDirectoryOverride(pathSuffix: string | undefined): {
@@ -858,12 +869,90 @@ function isApiRequest(rawUrl: string | null | undefined) {
 function buildProxyHeaders(headers: FastifyRequest["headers"]): Record<string, string> {
   const result: Record<string, string> = {}
   for (const [key, value] of Object.entries(headers ?? {})) {
-    if (!value || key.toLowerCase() === "host") continue
+    const lower = key.toLowerCase()
+    if (!value || lower === "host" || isHopByHopHeader(lower)) continue
     result[key] = Array.isArray(value) ? value.join(",") : value
   }
   return result
 }
 
+function toProxyRequestBody(body: unknown): any {
+  if (body == null) {
+    return undefined
+  }
+  if (typeof (body as { pipe?: unknown }).pipe === "function") {
+    return body
+  }
+  if (typeof (body as { [Symbol.asyncIterator]?: unknown })[Symbol.asyncIterator] === "function") {
+    return body
+  }
+  if (Buffer.isBuffer(body) || typeof body === "string" || body instanceof Uint8Array) {
+    return body
+  }
+  return JSON.stringify(body)
+}
+
+function buildWorkspaceInstanceProxyHeaders(
+  headers: FastifyRequest["headers"],
+  instanceAuthHeader: string | undefined,
+  directory: string,
+): Record<string, string> {
+  const next = buildProxyHeaders(headers)
+  if (instanceAuthHeader) {
+    next.authorization = instanceAuthHeader
+  }
+
+  const isNonASCII = /[^\x00-\x7F]/.test(directory)
+  next["x-opencode-directory"] = isNonASCII ? encodeURIComponent(directory) : directory
+  return next
+}
+
+function redactProxyHeadersForLogs(headers: Record<string, string>): Record<string, string> {
+  const outgoing = { ...headers }
+  for (const key of Object.keys(outgoing)) {
+    const lower = key.toLowerCase()
+    if (lower === "authorization" || lower === "cookie" || lower === "set-cookie") {
+      outgoing[key] = "<redacted>"
+    }
+  }
+  return outgoing
+}
+
+function applyInstanceProxyResponseHeaders(reply: FastifyReply, response: any) {
+  response.headers.forEach((value: string, key: string) => {
+    const lower = key.toLowerCase()
+    if (isHopByHopHeader(lower) || lower === "content-length" || lower === "content-encoding") {
+      return
+    }
+
+    reply.header(key, value)
+  })
+}
+
+function toOutgoingHeaders(headers: ReturnType<FastifyReply["getHeaders"]>): Record<string, string | string[]> {
+  const next: Record<string, string | string[]> = {}
+  for (const [key, value] of Object.entries(headers)) {
+    if (value === undefined) {
+      continue
+    }
+    next[key] = Array.isArray(value) ? value.map(String) : String(value)
+  }
+  return next
+}
+
+function isHopByHopHeader(name: string): boolean {
+  return new Set([
+    "connection",
+    "keep-alive",
+    "proxy-authenticate",
+    "proxy-authorization",
+    "te",
+    "trailer",
+    "transfer-encoding",
+    "upgrade",
+  ]).has(name)
+}
+
 async function proxySideCarRequest(args: {
   request: FastifyRequest
   reply: FastifyReply

packages/server/src/server/remote-proxy.ts

@@ -0,0 +1,566 @@
+import Fastify, { type FastifyInstance, type FastifyReply, type FastifyRequest } from "fastify"
+import { randomBytes, randomUUID } from "crypto"
+import { Readable } from "stream"
+import { pipeline } from "stream/promises"
+import { Agent, fetch } from "undici"
+import type { AuthManager } from "../auth/manager"
+import type { Logger } from "../logger"
+
+const LOOPBACK_HOST = "127.0.0.1"
+const BOOTSTRAP_PAGE_PATH = "/__codenomad/auth/token"
+const BOOTSTRAP_EXCHANGE_PATH = "/__codenomad/api/auth/token"
+const SESSION_IDLE_TTL_MS = 30 * 60_000
+
+interface RemoteProxySession {
+  id: string
+  bootstrapToken: string
+  targetBaseUrl: URL
+  skipTlsVerify: boolean
+  localBaseUrl: URL
+  entryUrl: URL
+  bootstrapUrl: string
+  activated: boolean
+  cookiePrefix: string
+  app: FastifyInstance
+  dispatcher?: Agent
+  createdAt: number
+  lastAccessAt: number
+}
+
+export interface RemoteProxySessionManagerOptions {
+  authManager: AuthManager
+  logger: Logger
+  httpsOptions?: { key: string | Buffer; cert: string | Buffer; ca?: string | Buffer }
+}
+
+export interface RemoteProxySessionCreateResult {
+  sessionId: string
+  windowUrl: string
+}
+
+export class RemoteProxySessionManager {
+  private readonly sessions = new Map<string, RemoteProxySession>()
+  private readonly cleanupTimer: NodeJS.Timeout
+
+  constructor(private readonly options: RemoteProxySessionManagerOptions) {
+    this.cleanupTimer = setInterval(() => {
+      void this.cleanupExpiredSessions()
+    }, 60_000)
+    this.cleanupTimer.unref()
+  }
+
+  async createSession(baseUrl: string, skipTlsVerify: boolean): Promise<RemoteProxySessionCreateResult> {
+    if (!this.options.httpsOptions) {
+      throw new Error("Local HTTPS is required for remote proxy sessions")
+    }
+
+    const targetBaseUrl = normalizeBaseUrl(baseUrl)
+    const sessionId = randomUUID()
+    const bootstrapToken = randomBytes(32).toString("base64url")
+    const dispatcher = skipTlsVerify ? new Agent({ connect: { rejectUnauthorized: false } }) : undefined
+    const app = Fastify({ logger: false, https: this.options.httpsOptions })
+    let session: RemoteProxySession | null = null
+
+    app.removeAllContentTypeParsers()
+    // Preserve raw request bodies for proxying while still letting token JSON parse from Buffer.
+    app.addContentTypeParser("*", { parseAs: "buffer" }, (_req, body, done) => done(null, body))
+
+    app.get(BOOTSTRAP_PAGE_PATH, async (request, reply) => {
+      if (!this.options.authManager.isLoopbackRequest(request)) {
+        reply.code(404).send({ error: "Not found" })
+        return
+      }
+
+      reply.header("Cache-Control", "no-store")
+      reply.header("Pragma", "no-cache")
+      reply.header("Expires", "0")
+      reply.type("text/html").send(buildBootstrapPageHtml())
+    })
+
+    app.post(BOOTSTRAP_EXCHANGE_PATH, async (request, reply) => {
+      if (!this.options.authManager.isLoopbackRequest(request)) {
+        reply.code(404).send({ error: "Not found" })
+        return
+      }
+
+      if (!session) {
+        reply.code(503).send({ error: "Remote proxy session is unavailable" })
+        return
+      }
+
+      const body = parseTokenBody(request.body)
+      if (body.token !== session.bootstrapToken) {
+        reply.code(401).send({ error: "Invalid token" })
+        return
+      }
+
+      session.activated = true
+      session.lastAccessAt = Date.now()
+      reply.send({ ok: true })
+    })
+
+    app.all("/*", async (request, reply) => {
+      if (!session) {
+        reply.code(503).send({ error: "Remote proxy session is unavailable" })
+        return
+      }
+
+      if (!session.activated) {
+        reply.code(403).send({ error: "Remote proxy session is not activated" })
+        return
+      }
+
+      session.lastAccessAt = Date.now()
+      await proxyRequest({ request, reply, session, logger: this.options.logger })
+    })
+
+    app.setNotFoundHandler(async (request, reply) => {
+      if (!session) {
+        reply.code(503).send({ error: "Remote proxy session is unavailable" })
+        return
+      }
+
+      if (!session.activated) {
+        reply.code(403).send({ error: "Remote proxy session is not activated" })
+        return
+      }
+
+      session.lastAccessAt = Date.now()
+      await proxyRequest({ request, reply, session, logger: this.options.logger })
+    })
+
+    const addressInfo = await app.listen({ host: LOOPBACK_HOST, port: 0 })
+    const address = new URL(addressInfo)
+    const localBaseUrl = new URL(`https://${LOOPBACK_HOST}:${address.port}`)
+    const entryUrl = new URL(targetBaseUrl.pathname || "/", localBaseUrl)
+    const returnTo = buildReturnToTarget(entryUrl)
+
+    session = {
+      id: sessionId,
+      bootstrapToken,
+      targetBaseUrl,
+      skipTlsVerify,
+      localBaseUrl,
+      entryUrl,
+      bootstrapUrl: `${localBaseUrl.origin}${BOOTSTRAP_PAGE_PATH}?returnTo=${encodeURIComponent(returnTo)}#${encodeURIComponent(bootstrapToken)}`,
+      activated: false,
+      cookiePrefix: `cnrp_${randomBytes(6).toString("hex")}_`,
+      app,
+      dispatcher,
+      createdAt: Date.now(),
+      lastAccessAt: Date.now(),
+    }
+
+    this.sessions.set(sessionId, session)
+    this.options.logger.info(
+      { sessionId, targetBaseUrl: targetBaseUrl.toString(), localBaseUrl: localBaseUrl.toString() },
+      "Created remote proxy session",
+    )
+
+    return { sessionId, windowUrl: session.bootstrapUrl }
+  }
+
+  async deleteSession(sessionId: string): Promise<boolean> {
+    return this.disposeSession(sessionId)
+  }
+
+  private async cleanupExpiredSessions() {
+    const now = Date.now()
+    for (const session of Array.from(this.sessions.values())) {
+      if (now - session.lastAccessAt <= SESSION_IDLE_TTL_MS) {
+        continue
+      }
+      await this.disposeSession(session.id)
+    }
+  }
+
+  private async disposeSession(sessionId: string): Promise<boolean> {
+    const session = this.sessions.get(sessionId)
+    if (!session) {
+      return false
+    }
+
+    this.sessions.delete(sessionId)
+    session.dispatcher?.close().catch(() => {})
+    await session.app.close().catch(() => {})
+    this.options.logger.info({ sessionId }, "Disposed remote proxy session")
+    return true
+  }
+}
+
+function normalizeBaseUrl(input: string): URL {
+  const parsed = new URL(input.trim())
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw new Error("Server URL must use http:// or https://")
+  }
+
+  parsed.hash = ""
+  parsed.search = ""
+  parsed.pathname = parsed.pathname === "/" ? "/" : parsed.pathname.replace(/\/+$/, "") || "/"
+  return parsed
+}
+
+function buildReturnToTarget(entryUrl: URL): string {
+  const query = entryUrl.search ? entryUrl.search : ""
+  return `${entryUrl.pathname || "/"}${query}`
+}
+
+function buildBootstrapPageHtml(): string {
+  return `<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <title>CodeNomad</title>
+    <style>
+      body { font-family: ui-sans-serif, system-ui, -apple-system, Segoe UI, Roboto, Helvetica, Arial; background: #0b0b0f; color: #fff; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; }
+      .card { width: 420px; max-width: calc(100vw - 32px); background: #14141c; border: 1px solid rgba(255,255,255,0.08); border-radius: 14px; padding: 24px; }
+      h1 { font-size: 18px; margin: 0 0 12px; }
+      p { margin: 0; color: rgba(255,255,255,0.7); font-size: 13px; line-height: 1.4; }
+      .error { margin-top: 12px; color: #ff6b6b; font-size: 13px; display: none; }
+    </style>
+  </head>
+  <body>
+    <div class="card">
+      <h1>Connecting...</h1>
+      <p>Finalizing local authentication.</p>
+      <div id="error" class="error"></div>
+    </div>
+    <script>
+      const token = decodeURIComponent((location.hash || "").replace(/^#/, "").trim())
+      const params = new URLSearchParams(location.search)
+      const returnTo = sanitizeReturnTo(params.get("returnTo"))
+      const errorEl = document.getElementById("error")
+
+      function sanitizeReturnTo(value) {
+        if (!value || typeof value !== "string") return "/"
+        if (!value.startsWith("/")) return "/"
+        if (value.startsWith("//")) return "/"
+        return value
+      }
+
+      function showError(message) {
+        errorEl.textContent = message
+        errorEl.style.display = "block"
+      }
+
+      async function run() {
+        if (!token) {
+          showError("Missing bootstrap token.")
+          return
+        }
+
+        try {
+          const res = await fetch("${BOOTSTRAP_EXCHANGE_PATH}", {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({ token }),
+            credentials: "include",
+          })
+
+          if (!res.ok) {
+            let message = ""
+            try {
+              const json = await res.json()
+              message = json && json.error ? String(json.error) : ""
+            } catch {
+              message = ""
+            }
+            showError(message || "Token exchange failed (" + res.status + ")")
+            return
+          }
+
+          window.location.replace(returnTo)
+        } catch (error) {
+          showError(error && error.message ? error.message : String(error))
+        }
+      }
+
+      run()
+    </script>
+  </body>
+</html>`
+}
+
+function parseTokenBody(body: unknown): { token: string } {
+  const value = normalizeJsonBody(body) as { token?: unknown } | null | undefined
+  const token = typeof value?.token === "string" ? value.token.trim() : ""
+  if (!token) {
+    throw new Error("Missing bootstrap token")
+  }
+  return { token }
+}
+
+function normalizeJsonBody(body: unknown): unknown {
+  if (Buffer.isBuffer(body)) {
+    return JSON.parse(body.toString("utf-8"))
+  }
+  if (typeof body === "string") {
+    return JSON.parse(body)
+  }
+  return body
+}
+
+function toRequestBody(body: unknown): any {
+  if (body == null) {
+    return undefined
+  }
+  if (Buffer.isBuffer(body) || typeof body === "string" || body instanceof Uint8Array) {
+    return body
+  }
+  return JSON.stringify(body)
+}
+
+async function proxyRequest(args: {
+  request: FastifyRequest
+  reply: FastifyReply
+  session: RemoteProxySession
+  logger: Logger
+}) {
+  const { request, reply, session, logger } = args
+  const upstreamUrl = buildUpstreamUrl(session.targetBaseUrl, request.raw.url ?? request.url)
+  const headers = filterRequestHeaders(request.headers, session)
+
+  const init: any = {
+    method: request.method,
+    headers,
+    dispatcher: session.dispatcher,
+    redirect: "manual",
+  }
+
+  if (request.method !== "GET" && request.method !== "HEAD") {
+    const body = toRequestBody(request.body)
+    if (body !== undefined) {
+      init.body = body
+      init.duplex = "half"
+    }
+  }
+
+  try {
+    const response = await fetch(upstreamUrl, init as any)
+    reply.code(response.status)
+    applyResponseHeaders(reply, response, session)
+
+    if (!response.body || request.method === "HEAD") {
+      reply.send()
+      return
+    }
+
+    reply.hijack()
+    reply.raw.writeHead(reply.statusCode, toOutgoingHeaders(reply.getHeaders()))
+    await pipeline(Readable.fromWeb(response.body as any), reply.raw)
+  } catch (error) {
+    logger.error({ err: error, upstreamUrl }, "Failed to proxy remote session request")
+    if (!reply.sent) {
+      reply.code(502).send({ error: "Remote proxy request failed" })
+    }
+  }
+}
+
+function buildUpstreamUrl(baseUrl: URL, rawUrl: string): string {
+  const parsed = new URL(rawUrl, "https://localhost")
+  const url = new URL(baseUrl.toString())
+  url.pathname = rewriteRequestPath(baseUrl, parsed.pathname)
+  url.search = stripInternalQuery(parsed.search)
+  url.hash = ""
+  return url.toString()
+}
+
+function rewriteRequestPath(baseUrl: URL, requestPath: string): string {
+  const basePath = normalizedBasePath(baseUrl)
+  if (basePath === "/") {
+    return requestPath
+  }
+
+  if (requestPath === "/") {
+    return basePath
+  }
+
+  if (pathHasBasePrefix(basePath, requestPath)) {
+    return requestPath
+  }
+
+  return `${basePath}${requestPath}`
+}
+
+function normalizedBasePath(baseUrl: URL): string {
+  return baseUrl.pathname || "/"
+}
+
+function pathHasBasePrefix(basePath: string, requestPath: string): boolean {
+  return requestPath === basePath || requestPath.startsWith(`${basePath}/`)
+}
+
+function stripInternalQuery(search: string): string {
+  if (!search || search === "?") {
+    return ""
+  }
+  return search
+}
+
+function filterRequestHeaders(
+  headers: FastifyRequest["headers"],
+  session: RemoteProxySession,
+): Record<string, string> {
+  const next: Record<string, string> = {}
+  for (const [key, value] of Object.entries(headers ?? {})) {
+    if (!value) continue
+    const lower = key.toLowerCase()
+    if (
+      isHopByHopHeader(lower) ||
+      lower === "host" ||
+      lower === "content-length" ||
+      lower === "accept-encoding"
+    ) {
+      continue
+    }
+    if (lower === "origin") {
+      next[key] = session.targetBaseUrl.origin
+      continue
+    }
+    if (lower === "referer") {
+      const rewritten = rewriteRefererHeader(Array.isArray(value) ? value[0] : value, session.targetBaseUrl)
+      if (rewritten) {
+        next[key] = rewritten
+      }
+      continue
+    }
+    if (lower === "cookie") {
+      const rewritten = rewriteRequestCookieHeader(Array.isArray(value) ? value.join("; ") : value, session.cookiePrefix)
+      if (rewritten) {
+        next[key] = rewritten
+      }
+      continue
+    }
+    next[key] = Array.isArray(value) ? value.join(",") : value
+  }
+
+  next.host = session.targetBaseUrl.port ? `${session.targetBaseUrl.hostname}:${session.targetBaseUrl.port}` : session.targetBaseUrl.hostname
+  if (!next.origin) {
+    next.origin = session.targetBaseUrl.origin
+  }
+  return next
+}
+
+function rewriteRefererHeader(referer: string | undefined, targetBaseUrl: URL): string | null {
+  if (!referer) {
+    return null
+  }
+
+  try {
+    const parsed = new URL(referer)
+    const rewritten = new URL(targetBaseUrl.toString())
+    rewritten.pathname = rewriteRequestPath(targetBaseUrl, parsed.pathname)
+    rewritten.search = parsed.search
+    rewritten.hash = parsed.hash
+    return rewritten.toString()
+  } catch {
+    return null
+  }
+}
+
+function applyResponseHeaders(reply: FastifyReply, response: any, session: RemoteProxySession) {
+  const setCookie = (response.headers as any).getSetCookie?.() as string[] | undefined
+  if (Array.isArray(setCookie)) {
+    for (const cookie of setCookie) {
+      reply.header("set-cookie", rewriteSetCookie(cookie, session.cookiePrefix))
+    }
+  }
+
+  response.headers.forEach((value: string, key: string) => {
+    const lower = key.toLowerCase()
+    if (
+      isHopByHopHeader(lower) ||
+      lower === "set-cookie" ||
+      lower === "content-length" ||
+      lower === "content-encoding"
+    ) {
+      return
+    }
+
+    if (lower === "location") {
+      reply.header(key, rewriteLocation(value, session.targetBaseUrl, session.localBaseUrl))
+      return
+    }
+
+    reply.header(key, value)
+  })
+}
+
+function toOutgoingHeaders(headers: ReturnType<FastifyReply["getHeaders"]>): Record<string, string | string[]> {
+  const next: Record<string, string | string[]> = {}
+  for (const [key, value] of Object.entries(headers)) {
+    if (value === undefined) {
+      continue
+    }
+    next[key] = Array.isArray(value) ? value.map(String) : String(value)
+  }
+  return next
+}
+
+function rewriteSetCookie(cookie: string, cookiePrefix: string): string {
+  const parts = cookie.split(";").map((part) => part.trim())
+  const first = parts.shift() ?? ""
+  const separator = first.indexOf("=")
+  if (separator <= 0) {
+    return cookie
+  }
+
+  const name = first.slice(0, separator).trim()
+  const value = first.slice(separator + 1)
+  const rewritten = [`${cookiePrefix}${name}=${value}`]
+  for (const part of parts) {
+    if (part.slice(0, 7).toLowerCase().startsWith("domain=")) {
+      continue
+    }
+    rewritten.push(part)
+  }
+  return rewritten.join("; ")
+}
+
+function rewriteRequestCookieHeader(cookieHeader: string, cookiePrefix: string): string {
+  const next: string[] = []
+  for (const rawPart of cookieHeader.split(";")) {
+    const part = rawPart.trim()
+    if (!part) continue
+    const separator = part.indexOf("=")
+    if (separator <= 0) continue
+    const name = part.slice(0, separator).trim()
+    const value = part.slice(separator + 1)
+    if (!name.startsWith(cookiePrefix)) {
+      continue
+    }
+    next.push(`${name.slice(cookiePrefix.length)}=${value}`)
+  }
+  return next.join("; ")
+}
+
+function rewriteLocation(location: string, targetBaseUrl: URL, localBaseUrl: URL): string {
+  try {
+    const parsed = new URL(location, targetBaseUrl)
+    if (parsed.origin !== targetBaseUrl.origin) {
+      return location
+    }
+
+    const rewritten = new URL(localBaseUrl.toString())
+    rewritten.pathname = parsed.pathname
+    rewritten.search = parsed.search
+    rewritten.hash = parsed.hash
+    return rewritten.toString()
+  } catch {
+    return location
+  }
+}
+
+function isHopByHopHeader(name: string): boolean {
+  return new Set([
+    "connection",
+    "keep-alive",
+    "proxy-authenticate",
+    "proxy-authorization",
+    "te",
+    "trailer",
+    "transfer-encoding",
+    "upgrade",
+  ]).has(name)
+}

packages/server/src/server/routes/auth.ts

@@ -3,6 +3,7 @@ import fs from "fs"
 import { z } from "zod"
 import type { AuthManager } from "../../auth/manager"
 import { isLoopbackAddress } from "../../auth/http-auth"
+import { resolveAuthTemplatePath } from "../../runtime-paths"
 
 interface RouteDeps {
   authManager: AuthManager
@@ -21,21 +22,21 @@ const PasswordSchema = z.object({
   password: z.string().min(8),
 })
 
-const LOGIN_TEMPLATE_URL = new URL("./auth-pages/login.html", import.meta.url)
-const TOKEN_TEMPLATE_URL = new URL("./auth-pages/token.html", import.meta.url)
+const LOGIN_TEMPLATE_PATH = resolveAuthTemplatePath(import.meta.url, "login.html")
+const TOKEN_TEMPLATE_PATH = resolveAuthTemplatePath(import.meta.url, "token.html")
 
 let cachedLoginTemplate: string | null = null
 let cachedTokenTemplate: string | null = null
 
-function readTemplate(url: URL, cache: string | null): string {
+function readTemplate(filePath: string, cache: string | null): string {
   if (cache) return cache
-  const content = fs.readFileSync(url, "utf-8")
+  const content = fs.readFileSync(filePath, "utf-8")
   return content
 }
 
 function getLoginHtml(defaultUsername: string): string {
   if (!cachedLoginTemplate) {
-    cachedLoginTemplate = readTemplate(LOGIN_TEMPLATE_URL, null)
+    cachedLoginTemplate = readTemplate(LOGIN_TEMPLATE_PATH, null)
   }
 
   const escapedUsername = escapeHtml(defaultUsername)
@@ -44,7 +45,7 @@ function getLoginHtml(defaultUsername: string): string {
 
 function getTokenHtml(): string {
   if (!cachedTokenTemplate) {
-    cachedTokenTemplate = readTemplate(TOKEN_TEMPLATE_URL, null)
+    cachedTokenTemplate = readTemplate(TOKEN_TEMPLATE_PATH, null)
   }
 
   return cachedTokenTemplate

packages/server/src/server/routes/remote-proxy.ts

@@ -0,0 +1,54 @@
+import type { FastifyInstance } from "fastify"
+import { z } from "zod"
+import type { RemoteProxySessionCreateResponse } from "../../api-types"
+import { isLoopbackAddress } from "../../auth/http-auth"
+import type { Logger } from "../../logger"
+import type { RemoteProxySessionManager } from "../remote-proxy"
+
+interface RouteDeps {
+  logger: Logger
+  sessionManager: RemoteProxySessionManager
+}
+
+const CreateSessionSchema = z.object({
+  baseUrl: z.string().min(1),
+  skipTlsVerify: z.boolean().optional(),
+})
+
+const SessionParamsSchema = z.object({
+  id: z.string().uuid(),
+})
+
+export function registerRemoteProxyRoutes(app: FastifyInstance, deps: RouteDeps) {
+  app.post("/api/remote-proxy/sessions", async (request, reply): Promise<RemoteProxySessionCreateResponse | { error: string }> => {
+    try {
+      const body = CreateSessionSchema.parse(request.body ?? {})
+      return await deps.sessionManager.createSession(body.baseUrl, Boolean(body.skipTlsVerify))
+    } catch (error) {
+      deps.logger.warn({ err: error }, "Failed to create remote proxy session")
+      reply.code(400)
+      return { error: error instanceof Error ? error.message : "Failed to create remote proxy session" }
+    }
+  })
+
+  app.delete("/api/remote-proxy/sessions/:id", async (request, reply): Promise<{ ok: boolean } | { error: string }> => {
+    if (!isLoopbackAddress(request.socket.remoteAddress)) {
+      reply.code(404)
+      return { error: "Not found" }
+    }
+
+    try {
+      const params = SessionParamsSchema.parse(request.params ?? {})
+      const deleted = await deps.sessionManager.deleteSession(params.id)
+      if (!deleted) {
+        reply.code(404)
+        return { error: "Remote proxy session not found" }
+      }
+      return { ok: true }
+    } catch (error) {
+      deps.logger.warn({ err: error }, "Failed to delete remote proxy session")
+      reply.code(400)
+      return { error: error instanceof Error ? error.message : "Failed to delete remote proxy session" }
+    }
+  })
+}

packages/server/src/workspaces/manager.ts

@@ -21,6 +21,70 @@ import {
 
 const STARTUP_STABILITY_DELAY_MS = 1500
 
+function defaultShellPath(): string {
+  const configured = process.env.SHELL?.trim()
+  if (configured) {
+    return configured
+  }
+
+  return process.platform === "darwin" ? "/bin/zsh" : "/bin/bash"
+}
+
+function shellEscape(input: string): string {
+  if (!input) return "''"
+  return `'${input.replace(/'/g, `'\\''`)}'`
+}
+
+function wrapCommandForShell(command: string, shellPath: string): string {
+  const shellName = path.basename(shellPath).toLowerCase()
+
+  if (shellName.includes("bash")) {
+    return `if [ -f ~/.bashrc ]; then source ~/.bashrc >/dev/null 2>&1; fi; ${command}`
+  }
+
+  if (shellName.includes("zsh")) {
+    return `if [ -f ~/.zshrc ]; then source ~/.zshrc >/dev/null 2>&1; fi; ${command}`
+  }
+
+  return command
+}
+
+function buildShellArgs(shellPath: string, command: string): string[] {
+  const shellName = path.basename(shellPath).toLowerCase()
+  if (shellName.includes("zsh")) {
+    return ["-l", "-i", "-c", command]
+  }
+  return ["-l", "-c", command]
+}
+
+function resolveBinaryPathFromUserShell(identifier: string): string | null {
+  if (process.platform === "win32") {
+    return null
+  }
+
+  const shellPath = defaultShellPath()
+  const lookupCommand = wrapCommandForShell(`command -v ${shellEscape(identifier)}`, shellPath)
+  const result = spawnSync(shellPath, buildShellArgs(shellPath, lookupCommand), {
+    encoding: "utf8",
+    env: {
+      ...process.env,
+      npm_config_prefix: undefined,
+      NPM_CONFIG_PREFIX: undefined,
+    },
+  })
+
+  if (result.status !== 0) {
+    return null
+  }
+
+  const resolved = String(result.stdout ?? "")
+    .split(/\r?\n/)
+    .map((line) => line.trim())
+    .find((line) => line.length > 0)
+
+  return resolved ?? null
+}
+
 interface WorkspaceManagerOptions {
   rootDir: string
   settings: SettingsService
@@ -266,6 +330,12 @@ export class WorkspaceManager {
       this.options.logger.warn({ identifier, err: error }, "Failed to resolve binary path from system PATH")
     }
 
+    const shellResolved = resolveBinaryPathFromUserShell(identifier)
+    if (shellResolved) {
+      this.options.logger.debug({ identifier, resolved: shellResolved }, "Resolved binary path from user shell")
+      return shellResolved
+    }
+
     return identifier
   }
 

packages/tauri-app/Cargo.lock

@@ -213,6 +213,28 @@ version = "1.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
 
+[[package]]
+name = "aws-lc-rs"
+version = "1.16.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a054912289d18629dc78375ba2c3726a3afe3ff71b4edba9dedfca0e3446d1fc"
+dependencies = [
+ "aws-lc-sys",
+ "zeroize",
+]
+
+[[package]]
+name = "aws-lc-sys"
+version = "0.39.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "83a25cf98105baa966497416dbd42565ce3a8cf8dbfd59803ec9ad46f3126399"
+dependencies = [
+ "cc",
+ "cmake",
+ "dunce",
+ "fs_extra",
+]
+
 [[package]]
 name = "base64"
 version = "0.21.7"
@@ -408,6 +430,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7a0dd1ca384932ff3641c8718a02769f1698e7563dc6974ffd03346116310423"
 dependencies = [
  "find-msvc-tools",
+ "jobserver",
+ "libc",
  "shlex",
 ]
 
@@ -444,6 +468,12 @@ version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
 
+[[package]]
+name = "cfg_aliases"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
+
 [[package]]
 name = "chrono"
 version = "0.4.44"
@@ -456,17 +486,28 @@ dependencies = [
  "windows-link 0.2.1",
 ]
 
+[[package]]
+name = "cmake"
+version = "0.1.58"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0f78a02292a74a88ac736019ab962ece0bc380e3f977bf72e376c5d78ff0678"
+dependencies = [
+ "cc",
+]
+
 [[package]]
 name = "codenomad-tauri"
 version = "0.14.0"
 dependencies = [
  "anyhow",
+ "base64 0.22.1",
  "dirs 5.0.1",
  "keepawake",
  "libc",
- "once_cell",
  "parking_lot",
  "regex",
+ "reqwest 0.12.28",
+ "rustls",
  "serde",
  "serde_json",
  "serde_yaml",
@@ -476,8 +517,8 @@ dependencies = [
  "tauri-plugin-global-shortcut",
  "tauri-plugin-notification",
  "tauri-plugin-opener",
- "thiserror 1.0.69",
  "url",
+ "webkit2gtk",
  "which",
  "windows-sys 0.59.0",
 ]
@@ -969,6 +1010,15 @@ version = "1.2.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4ef6b89e5b37196644d8796de5268852ff179b44e96276cf4290264843743bb7"
 
+[[package]]
+name = "encoding_rs"
+version = "0.8.35"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3"
+dependencies = [
+ "cfg-if",
+]
+
 [[package]]
 name = "endi"
 version = "1.1.1"
@@ -1139,6 +1189,12 @@ dependencies = [
  "percent-encoding",
 ]
 
+[[package]]
+name = "fs_extra"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c"
+
 [[package]]
 name = "futf"
 version = "0.1.5"
@@ -1379,8 +1435,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ff2abc00be7fca6ebc474524697ae276ad847ad0a6b3faa4bcb027e9a4614ad0"
 dependencies = [
  "cfg-if",
+ "js-sys",
  "libc",
  "wasi 0.11.1+wasi-snapshot-preview1",
+ "wasm-bindgen",
 ]
 
 [[package]]
@@ -1390,9 +1448,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd"
 dependencies = [
  "cfg-if",
+ "js-sys",
  "libc",
  "r-efi 5.3.0",
  "wasip2",
+ "wasm-bindgen",
 ]
 
 [[package]]
@@ -1574,6 +1634,25 @@ dependencies = [
  "syn 2.0.117",
 ]
 
+[[package]]
+name = "h2"
+version = "0.4.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f44da3a8150a6703ed5d34e164b875fd14c2cdab9af1252a9a1020bde2bdc54"
+dependencies = [
+ "atomic-waker",
+ "bytes",
+ "fnv",
+ "futures-core",
+ "futures-sink",
+ "http",
+ "indexmap 2.13.0",
+ "slab",
+ "tokio",
+ "tokio-util",
+ "tracing",
+]
+
 [[package]]
 name = "hashbrown"
 version = "0.12.3"
@@ -1699,6 +1778,7 @@ dependencies = [
  "bytes",
  "futures-channel",
  "futures-core",
+ "h2",
  "http",
  "http-body",
  "httparse",
@@ -1710,6 +1790,23 @@ dependencies = [
  "want",
 ]
 
+[[package]]
+name = "hyper-rustls"
+version = "0.27.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
+dependencies = [
+ "http",
+ "hyper",
+ "hyper-util",
+ "rustls",
+ "rustls-pki-types",
+ "tokio",
+ "tokio-rustls",
+ "tower-service",
+ "webpki-roots",
+]
+
 [[package]]
 name = "hyper-util"
 version = "0.1.20"
@@ -1999,6 +2096,16 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130"
 
+[[package]]
+name = "jobserver"
+version = "0.1.34"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9afb3de4395d6b3e67a780b6de64b51c978ecf11cb9a462c66be7d4ca9039d33"
+dependencies = [
+ "getrandom 0.3.4",
+ "libc",
+]
+
 [[package]]
 name = "js-sys"
 version = "0.3.91"
@@ -2157,6 +2264,12 @@ version = "0.4.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897"
 
+[[package]]
+name = "lru-slab"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154"
+
 [[package]]
 name = "mac"
 version = "0.1.1"
@@ -2995,6 +3108,61 @@ dependencies = [
  "memchr",
 ]
 
+[[package]]
+name = "quinn"
+version = "0.11.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b9e20a958963c291dc322d98411f541009df2ced7b5a4f2bd52337638cfccf20"
+dependencies = [
+ "bytes",
+ "cfg_aliases",
+ "pin-project-lite",
+ "quinn-proto",
+ "quinn-udp",
+ "rustc-hash",
+ "rustls",
+ "socket2",
+ "thiserror 2.0.18",
+ "tokio",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-proto"
+version = "0.11.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "434b42fec591c96ef50e21e886936e66d3cc3f737104fdb9b737c40ffb94c098"
+dependencies = [
+ "bytes",
+ "getrandom 0.3.4",
+ "lru-slab",
+ "rand 0.9.2",
+ "ring",
+ "rustc-hash",
+ "rustls",
+ "rustls-pki-types",
+ "slab",
+ "thiserror 2.0.18",
+ "tinyvec",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-udp"
+version = "0.5.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "addec6a0dcad8a8d96a771f815f0eaf55f9d1805756410b39f5fa81332574cbd"
+dependencies = [
+ "cfg_aliases",
+ "libc",
+ "once_cell",
+ "socket2",
+ "tracing",
+ "windows-sys 0.60.2",
+]
+
 [[package]]
 name = "quote"
 version = "1.0.45"
@@ -3212,6 +3380,50 @@ version = "0.8.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
 
+[[package]]
+name = "reqwest"
+version = "0.12.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eddd3ca559203180a307f12d114c268abf583f59b03cb906fd0b3ff8646c1147"
+dependencies = [
+ "base64 0.22.1",
+ "bytes",
+ "encoding_rs",
+ "futures-core",
+ "futures-util",
+ "h2",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-rustls",
+ "hyper-util",
+ "js-sys",
+ "log",
+ "mime",
+ "percent-encoding",
+ "pin-project-lite",
+ "quinn",
+ "rustls",
+ "rustls-pki-types",
+ "serde",
+ "serde_json",
+ "serde_urlencoded",
+ "sync_wrapper",
+ "tokio",
+ "tokio-rustls",
+ "tokio-util",
+ "tower",
+ "tower-http",
+ "tower-service",
+ "url",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "wasm-streams 0.4.2",
+ "web-sys",
+ "webpki-roots",
+]
+
 [[package]]
 name = "reqwest"
 version = "0.13.2"
@@ -3242,7 +3454,7 @@ dependencies = [
  "url",
  "wasm-bindgen",
  "wasm-bindgen-futures",
- "wasm-streams",
+ "wasm-streams 0.5.0",
  "web-sys",
 ]
 
@@ -3270,6 +3482,20 @@ dependencies = [
  "windows-sys 0.60.2",
 ]
 
+[[package]]
+name = "ring"
+version = "0.17.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7"
+dependencies = [
+ "cc",
+ "cfg-if",
+ "getrandom 0.2.17",
+ "libc",
+ "untrusted",
+ "windows-sys 0.52.0",
+]
+
 [[package]]
 name = "rustc-hash"
 version = "2.1.1"
@@ -3311,6 +3537,44 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "rustls"
+version = "0.23.37"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "758025cb5fccfd3bc2fd74708fd4682be41d99e5dff73c377c0646c6012c73a4"
+dependencies = [
+ "aws-lc-rs",
+ "log",
+ "once_cell",
+ "ring",
+ "rustls-pki-types",
+ "rustls-webpki",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-pki-types"
+version = "1.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be040f8b0a225e40375822a563fa9524378b9d63112f53e19ffff34df5d33fdd"
+dependencies = [
+ "web-time",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-webpki"
+version = "0.103.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df33b2b81ac578cabaf06b89b0631153a3f416b0a886e8a7a1707fb51abbd1ef"
+dependencies = [
+ "aws-lc-rs",
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.22"
@@ -3531,6 +3795,18 @@ dependencies = [
  "serde_core",
 ]
 
+[[package]]
+name = "serde_urlencoded"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd"
+dependencies = [
+ "form_urlencoded",
+ "itoa",
+ "ryu",
+ "serde",
+]
+
 [[package]]
 name = "serde_with"
 version = "3.18.0"
@@ -3792,6 +4068,12 @@ version = "0.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
 
+[[package]]
+name = "subtle"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
+
 [[package]]
 name = "swift-rs"
 version = "1.0.7"
@@ -3943,7 +4225,7 @@ dependencies = [
  "percent-encoding",
  "plist",
  "raw-window-handle",
- "reqwest",
+ "reqwest 0.13.2",
  "serde",
  "serde_json",
  "serde_repr",
@@ -4367,6 +4649,21 @@ dependencies = [
  "zerovec",
 ]
 
+[[package]]
+name = "tinyvec"
+version = "1.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3e61e67053d25a4e82c844e8424039d9745781b3fc4f32b8d55ed50f5f667ef3"
+dependencies = [
+ "tinyvec_macros",
+]
+
+[[package]]
+name = "tinyvec_macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+
 [[package]]
 name = "tokio"
 version = "1.50.0"
@@ -4381,6 +4678,16 @@ dependencies = [
  "windows-sys 0.61.2",
 ]
 
+[[package]]
+name = "tokio-rustls"
+version = "0.26.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61"
+dependencies = [
+ "rustls",
+ "tokio",
+]
+
 [[package]]
 name = "tokio-util"
 version = "0.7.18"
@@ -4691,6 +4998,12 @@ version = "0.2.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
 
+[[package]]
+name = "untrusted"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
+
 [[package]]
 name = "url"
 version = "2.5.8"
@@ -4902,6 +5215,19 @@ dependencies = [
  "wasmparser",
 ]
 
+[[package]]
+name = "wasm-streams"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "15053d8d85c7eccdbefef60f06769760a563c7f0a9d6902a13d35c7800b0ad65"
+dependencies = [
+ "futures-util",
+ "js-sys",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "web-sys",
+]
+
 [[package]]
 name = "wasm-streams"
 version = "0.5.0"
@@ -4937,6 +5263,16 @@ dependencies = [
  "wasm-bindgen",
 ]
 
+[[package]]
+name = "web-time"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "web_atoms"
 version = "0.2.3"
@@ -4993,6 +5329,15 @@ dependencies = [
  "system-deps",
 ]
 
+[[package]]
+name = "webpki-roots"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "22cfaf3c063993ff62e73cb4311efde4db1efb31ab78a3e5c457939ad5cc0bed"
+dependencies = [
+ "rustls-pki-types",
+]
+
 [[package]]
 name = "webview2-com"
 version = "0.38.2"
@@ -5286,6 +5631,15 @@ dependencies = [
  "windows-targets 0.48.5",
 ]
 
+[[package]]
+name = "windows-sys"
+version = "0.52.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d"
+dependencies = [
+ "windows-targets 0.52.6",
+]
+
 [[package]]
 name = "windows-sys"
 version = "0.59.0"
@@ -5927,6 +6281,12 @@ dependencies = [
  "synstructure",
 ]
 
+[[package]]
+name = "zeroize"
+version = "1.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
+
 [[package]]
 name = "zerotrie"
 version = "0.2.3"

packages/tauri-app/package.json

@@ -14,6 +14,6 @@
     "build": "tauri build"
   },
   "devDependencies": {
-    "@tauri-apps/cli": "^2.9.4"
+    "@tauri-apps/cli": "^2.10.1"
   }
 }

packages/tauri-app/scripts/prebuild.js

@@ -21,6 +21,7 @@ const serverDevInstallCommand =
 const uiDevInstallCommand =
   "npm install --workspace @codenomad/ui --include-workspace-root=false --install-strategy=nested --fund=false --audit=false"
 const serverPrepareUiCommand = "npm run prepare-ui --workspace @neuralnomads/codenomad"
+const serverStandaloneBuildCommand = "npm run build:standalone --workspace @neuralnomads/codenomad"
 
 const envWithRootBin = {
   ...process.env,
@@ -37,6 +38,12 @@ const braceExpansionPath = path.join(
   "package.json",
 )
 
+const serverBuildDependencyPaths = [
+  path.join(serverRoot, "node_modules", "typescript", "package.json"),
+  path.join(serverRoot, "node_modules", "@types", "node-forge", "package.json"),
+  path.join(serverRoot, "node_modules", "@types", "yauzl", "package.json"),
+]
+
 const viteBinPath = path.join(uiRoot, "node_modules", ".bin", "vite")
 
 async function ensureMonacoAssets() {
@@ -71,6 +78,15 @@ function ensureServerBuild() {
   }
 }
 
+function ensureStandaloneServerBuild() {
+  console.log("[prebuild] building standalone server executable...")
+  execSync(serverStandaloneBuildCommand, {
+    cwd: workspaceRoot,
+    stdio: "inherit",
+    env: envWithRootBin,
+  })
+}
+
 function ensureUiBuild() {
   const loadingHtml = path.join(uiDist, "loading.html")
   if (fs.existsSync(loadingHtml)) {
@@ -98,7 +114,7 @@ function syncServerUiBundle() {
 }
 
 function ensureServerDevDependencies() {
-  if (fs.existsSync(braceExpansionPath)) {
+  if (serverBuildDependencyPaths.every((filePath) => fs.existsSync(filePath))) {
     return
   }
 
@@ -111,15 +127,19 @@ function ensureServerDevDependencies() {
 }
 
 function ensureServerDependencies() {
-  if (fs.existsSync(braceExpansionPath)) {
-    return
-  }
-
-  console.log("[prebuild] ensuring server production dependencies...")
-  execSync(serverInstallCommand, {
+  console.log("[prebuild] pruning server to production dependencies...")
+  execSync("npm prune --omit=dev --ignore-scripts --workspaces=false --fund=false --audit=false", {
     cwd: serverRoot,
     stdio: "inherit",
   })
+
+  if (!fs.existsSync(braceExpansionPath)) {
+    console.log("[prebuild] restoring missing server production dependencies...")
+    execSync(serverInstallCommand, {
+      cwd: serverRoot,
+      stdio: "inherit",
+    })
+  }
 }
 
 function ensureUiDevDependencies() {
@@ -142,6 +162,7 @@ function ensureRollupPlatformBinary() {
     "linux-arm64": "@rollup/rollup-linux-arm64-gnu",
     "darwin-arm64": "@rollup/rollup-darwin-arm64",
     "darwin-x64": "@rollup/rollup-darwin-x64",
+    "win32-arm64": "@rollup/rollup-win32-arm64-msvc",
     "win32-x64": "@rollup/rollup-win32-x64-msvc",
   }
 
@@ -171,6 +192,47 @@ function ensureRollupPlatformBinary() {
   })
 }
 
+function ensureEsbuildPlatformBinary() {
+  const platformKey = `${process.platform}-${process.arch}`
+  const platformPackages = {
+    "linux-x64": "@esbuild/linux-x64",
+    "linux-arm64": "@esbuild/linux-arm64",
+    "darwin-arm64": "@esbuild/darwin-arm64",
+    "darwin-x64": "@esbuild/darwin-x64",
+    "win32-arm64": "@esbuild/win32-arm64",
+    "win32-x64": "@esbuild/win32-x64",
+  }
+
+  const pkgName = platformPackages[platformKey]
+  if (!pkgName) {
+    return
+  }
+
+  const platformPackagePath = path.join(workspaceRoot, "node_modules", ...pkgName.split("/"))
+  if (fs.existsSync(platformPackagePath)) {
+    return
+  }
+
+  let esbuildVersion = ""
+  try {
+    esbuildVersion = require(path.join(workspaceRoot, "node_modules", "esbuild", "package.json")).version
+  } catch {
+    try {
+      esbuildVersion = require(path.join(workspaceRoot, "node_modules", "vite", "node_modules", "esbuild", "package.json")).version
+    } catch {
+      // leave version empty; fallback install will use latest compatible
+    }
+  }
+
+  const packageSpec = esbuildVersion ? `${pkgName}@${esbuildVersion}` : pkgName
+
+  console.log("[prebuild] installing esbuild platform binary (optional dep workaround)...")
+  execSync(`npm install ${packageSpec} --no-save --ignore-scripts --fund=false --audit=false`, {
+    cwd: workspaceRoot,
+    stdio: "inherit",
+  })
+}
+
 function copyServerArtifacts() {
   fs.rmSync(serverDest, { recursive: true, force: true })
   fs.mkdirSync(serverDest, { recursive: true })
@@ -249,8 +311,10 @@ function copyUiLoadingAssets() {
   ensureUiDevDependencies()
   await ensureMonacoAssets()
   ensureRollupPlatformBinary()
-  ensureServerDependencies()
+  ensureEsbuildPlatformBinary()
   ensureServerBuild()
+  ensureStandaloneServerBuild()
+  ensureServerDependencies()
   ensureUiBuild()
   syncServerUiBundle()
   copyServerArtifacts()

packages/tauri-app/src-tauri/Cargo.toml

@@ -5,17 +5,18 @@ edition = "2021"
 license = "MIT"
 
 [build-dependencies]
-tauri-build = { version = "2.5.2", features = [] }
+tauri-build = { version = "2.5.6", features = [] }
 
 [dependencies]
-tauri = { version = "2.5.2", features = [ "devtools"] }
+tauri = { version = "2.10.1", features = [ "devtools"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 serde_yaml = "0.9"
+base64 = "0.22"
+rustls = { version = "0.23", features = ["ring"] }
+reqwest = { version = "0.12", default-features = false, features = ["http2", "charset", "json", "stream", "rustls-tls"] }
 regex = "1"
-once_cell = "1"
 parking_lot = "0.12"
-thiserror = "1"
 anyhow = "1"
 which = "4"
 libc = "0.2"
@@ -28,4 +29,7 @@ url = "2"
 tauri-plugin-notification = "2"
 
 [target.'cfg(windows)'.dependencies]
-windows-sys = { version = "0.59", features = ["Win32_Foundation", "Win32_UI_Shell", "Win32_Security", "Win32_System_JobObjects"] }
+windows-sys = { version = "0.59", features = ["Win32_Foundation", "Win32_Security_Cryptography", "Win32_UI_Shell", "Win32_Security", "Win32_System_JobObjects"] }
+
+[target.'cfg(target_os = "linux")'.dependencies]
+webkit2gtk = "2.0.2"

packages/tauri-app/src-tauri/src/cert_manager.rs

@@ -0,0 +1,449 @@
+use base64::Engine;
+use std::env;
+use std::fs;
+use std::path::{Path, PathBuf};
+
+const DEFAULT_CONFIG_PATH: &str = "~/.config/codenomad/config.json";
+const TLS_DIR_NAME: &str = "tls";
+const CA_CERT_FILE: &str = "ca-cert.pem";
+const SERVER_CERT_FILE: &str = "server-cert.pem";
+const SERVER_KEY_FILE: &str = "server-key.pem";
+const TRUSTED_MARKER: &str = "server-ca.trusted";
+#[cfg(windows)]
+const WINDOWS_APP_USER_MODEL_ID: &str = "ai.neuralnomads.codenomad.client";
+
+/// Holds the PEM-encoded certificate/key pair used by the local HTTPS proxy,
+/// plus the CA certificate DER used for trust-store installation.
+pub struct LocalCert {
+    pub cert_pem: String,
+    pub key_pem: String,
+    pub ca_cert_der: Vec<u8>,
+}
+
+struct TlsAssetPaths {
+    cert_path: PathBuf,
+    key_path: PathBuf,
+    trust_path: PathBuf,
+    append_ca_to_cert: bool,
+}
+
+/// Loads the TLS assets already managed by `packages/server`.
+pub fn ensure_local_cert() -> Result<LocalCert, String> {
+    let assets = resolve_tls_asset_paths()?;
+    let mut cert_pem = read_pem_file(&assets.cert_path)?;
+    let key_pem = read_pem_file(&assets.key_path)?;
+    let trust_pem = read_pem_file(&assets.trust_path)?;
+
+    if assets.append_ca_to_cert {
+        cert_pem = format!("{}\n{}\n", cert_pem.trim(), trust_pem.trim());
+    }
+
+    let ca_cert_der = pem_to_der(&trust_pem)?;
+
+    Ok(LocalCert {
+        cert_pem,
+        key_pem,
+        ca_cert_der,
+    })
+}
+
+fn read_pem_file(path: &Path) -> Result<String, String> {
+    fs::read_to_string(path).map_err(|e| format!("Failed to read {}: {e}", path.display()))
+}
+
+fn server_tls_dir() -> Result<PathBuf, String> {
+    Ok(resolve_server_config_base_dir()?.join(TLS_DIR_NAME))
+}
+
+fn resolve_tls_asset_paths() -> Result<TlsAssetPaths, String> {
+    let tls_key_path = env::var("CLI_TLS_KEY")
+        .ok()
+        .filter(|value| !value.trim().is_empty())
+        .map(|value| resolve_path_like_server(&value))
+        .transpose()?;
+    let tls_cert_path = env::var("CLI_TLS_CERT")
+        .ok()
+        .filter(|value| !value.trim().is_empty())
+        .map(|value| resolve_path_like_server(&value))
+        .transpose()?;
+    let tls_ca_path = env::var("CLI_TLS_CA")
+        .ok()
+        .filter(|value| !value.trim().is_empty())
+        .map(|value| resolve_path_like_server(&value))
+        .transpose()?;
+
+    match (tls_key_path, tls_cert_path) {
+        (Some(key_path), Some(cert_path)) => {
+            let append_ca_to_cert = tls_ca_path.is_some();
+            let trust_path = tls_ca_path.unwrap_or_else(|| cert_path.clone());
+            Ok(TlsAssetPaths {
+                cert_path,
+                key_path,
+                trust_path,
+                append_ca_to_cert,
+            })
+        }
+        (Some(_), None) | (None, Some(_)) => Err(
+            "CLI_TLS_KEY and CLI_TLS_CERT must both be set when using custom TLS files"
+                .to_string(),
+        ),
+        (None, None) => {
+            let tls_dir = server_tls_dir()?;
+            Ok(TlsAssetPaths {
+                cert_path: tls_dir.join(SERVER_CERT_FILE),
+                key_path: tls_dir.join(SERVER_KEY_FILE),
+                trust_path: tls_dir.join(CA_CERT_FILE),
+                append_ca_to_cert: true,
+            })
+        }
+    }
+}
+
+fn resolve_server_config_base_dir() -> Result<PathBuf, String> {
+    let raw = env::var("CLI_CONFIG")
+        .ok()
+        .filter(|value| !value.trim().is_empty())
+        .unwrap_or_else(|| DEFAULT_CONFIG_PATH.to_string());
+    let expanded = resolve_path_like_server(&raw)?;
+    let lower = raw.trim().to_lowercase();
+
+    if lower.ends_with(".yaml") || lower.ends_with(".yml") || lower.ends_with(".json") {
+        return expanded
+            .parent()
+            .map(Path::to_path_buf)
+            .ok_or_else(|| format!("Failed to determine config base dir from {}", expanded.display()));
+    }
+
+    Ok(expanded)
+}
+
+fn resolve_path_like_server(path: &str) -> Result<PathBuf, String> {
+    if path.starts_with("~/") {
+        let home = dirs::home_dir().or_else(|| env::var("HOME").ok().map(PathBuf::from));
+        let home = home.ok_or_else(|| "Cannot determine home directory".to_string())?;
+        return Ok(home.join(path.trim_start_matches("~/")));
+    }
+
+    let path = PathBuf::from(path);
+    if path.is_absolute() {
+        return Ok(path);
+    }
+
+    let cwd = env::current_dir().map_err(|e| format!("Failed to read current dir: {e}"))?;
+    Ok(cwd.join(path))
+}
+
+fn trusted_marker_path() -> Result<PathBuf, String> {
+    let base = dirs::data_local_dir()
+        .ok_or_else(|| "Cannot determine local app data directory".to_string())?;
+
+    #[cfg(windows)]
+    {
+        return Ok(base.join(WINDOWS_APP_USER_MODEL_ID).join(TRUSTED_MARKER));
+    }
+
+    #[cfg(not(windows))]
+    {
+        Ok(base.join("codenomad").join(TRUSTED_MARKER))
+    }
+}
+
+fn trusted_marker_value(cert_der: &[u8]) -> String {
+    cert_der.iter().map(|byte| format!("{byte:02x}")).collect()
+}
+
+fn trusted_marker_file_suffix(cert_der: &[u8]) -> String {
+    trusted_marker_value(cert_der).chars().take(16).collect()
+}
+
+fn has_matching_trusted_marker(cert_der: &[u8]) -> bool {
+    trusted_marker_path()
+        .ok()
+        .and_then(|path| fs::read_to_string(path).ok())
+        .map(|value| value.trim() == trusted_marker_value(cert_der))
+        .unwrap_or(false)
+}
+
+fn write_trusted_marker(cert_der: &[u8]) -> Result<(), String> {
+    let path = trusted_marker_path()?;
+    if let Some(parent) = path.parent() {
+        fs::create_dir_all(parent)
+            .map_err(|e| format!("Failed to create trust state dir {}: {e}", parent.display()))?;
+    }
+    fs::write(path, trusted_marker_value(cert_der))
+        .map_err(|e| format!("Failed to write trust marker: {e}"))
+}
+
+#[cfg(windows)]
+pub fn needs_trust_in_store(cert_der: &[u8]) -> Result<bool, String> {
+    Ok(!windows_cert_is_trusted(cert_der)?)
+}
+
+#[cfg(windows)]
+pub fn trust_cert_in_store(cert_der: &[u8]) -> Result<(), String> {
+    use windows_sys::Win32::Security::Cryptography::{
+        CertAddEncodedCertificateToStore, CertCloseStore, CertOpenSystemStoreW,
+        CERT_STORE_ADD_REPLACE_EXISTING, PKCS_7_ASN_ENCODING, X509_ASN_ENCODING,
+    };
+
+    if !needs_trust_in_store(cert_der)? {
+        return Ok(());
+    }
+
+    let store_name: Vec<u16> = "Root\0".encode_utf16().collect();
+
+    unsafe {
+        let store = CertOpenSystemStoreW(0, store_name.as_ptr());
+        if store.is_null() {
+            return Err("Failed to open CurrentUser\\Root certificate store".into());
+        }
+
+        let encoding = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING;
+        let result = CertAddEncodedCertificateToStore(
+            store,
+            encoding,
+            cert_der.as_ptr(),
+            cert_der.len() as u32,
+            CERT_STORE_ADD_REPLACE_EXISTING,
+            std::ptr::null_mut(),
+        );
+
+        CertCloseStore(store, 0);
+
+        if result == 0 {
+            return Err(
+                "Failed to add certificate to trust store. The user may have declined the security dialog."
+                    .into(),
+            );
+        }
+    }
+
+    write_trusted_marker(cert_der)?;
+    Ok(())
+}
+
+#[cfg(target_os = "macos")]
+pub fn needs_trust_in_store(cert_der: &[u8]) -> Result<bool, String> {
+    Ok(!(has_matching_trusted_marker(cert_der) && macos_cert_is_trusted(cert_der)?))
+}
+
+#[cfg(target_os = "macos")]
+pub fn trust_cert_in_store(cert_der: &[u8]) -> Result<(), String> {
+    use std::process::Command;
+
+    if !needs_trust_in_store(cert_der)? {
+        return Ok(());
+    }
+
+    let temp_path = env::temp_dir().join(format!(
+        "codenomad-server-ca-{}.cer",
+        trusted_marker_file_suffix(cert_der)
+    ));
+    fs::write(&temp_path, cert_der)
+        .map_err(|e| format!("Failed to write temporary certificate {}: {e}", temp_path.display()))?;
+
+    let keychain_path = resolve_macos_user_keychain()?;
+
+    let mut command = Command::new("/usr/bin/security");
+    command.args(["add-trusted-cert", "-r", "trustRoot", "-k"]);
+    command.arg(&keychain_path);
+
+    let output = command.arg(&temp_path).output().map_err(|e| {
+        format!(
+            "Failed to launch macOS security tool to trust the local CA certificate: {e}"
+        )
+    })?;
+
+    let _ = fs::remove_file(&temp_path);
+
+    if !output.status.success() {
+        let stderr = String::from_utf8_lossy(&output.stderr).trim().to_string();
+        let detail = if stderr.is_empty() {
+            format!("security exited with status {}", output.status)
+        } else {
+            stderr
+        };
+        return Err(format!(
+            "Failed to add the local CodeNomad CA certificate to the macOS trust settings: {detail}"
+        ));
+    }
+
+    if !macos_cert_is_trusted(cert_der)? {
+        return Err(format!(
+            "Added the local CodeNomad CA certificate to {} but could not verify that macOS trusts it",
+            keychain_path.display()
+        ));
+    }
+
+    write_trusted_marker(cert_der)?;
+    Ok(())
+}
+
+#[cfg(windows)]
+fn windows_cert_is_trusted(cert_der: &[u8]) -> Result<bool, String> {
+    use windows_sys::Win32::Security::Cryptography::{
+        CertCloseStore, CertEnumCertificatesInStore, CertOpenSystemStoreW,
+    };
+
+    let store_name: Vec<u16> = "Root\0".encode_utf16().collect();
+
+    unsafe {
+        let store = CertOpenSystemStoreW(0, store_name.as_ptr());
+        if store.is_null() {
+            return Err("Failed to open CurrentUser\\Root certificate store".into());
+        }
+
+        let mut context = CertEnumCertificatesInStore(store, std::ptr::null());
+        while !context.is_null() {
+            let encoded = std::slice::from_raw_parts(
+                (*context).pbCertEncoded,
+                (*context).cbCertEncoded as usize,
+            );
+            if encoded == cert_der {
+                CertCloseStore(store, 0);
+                return Ok(true);
+            }
+
+            context = CertEnumCertificatesInStore(store, context);
+        }
+
+        CertCloseStore(store, 0);
+        Ok(false)
+    }
+}
+
+#[cfg(target_os = "macos")]
+fn resolve_macos_user_keychain() -> Result<PathBuf, String> {
+    let output = std::process::Command::new("/usr/bin/security")
+        .args(["default-keychain", "-d", "user"])
+        .output()
+        .map_err(|e| format!("Failed to resolve macOS default user keychain: {e}"))?;
+
+    if output.status.success() {
+        let stdout = String::from_utf8_lossy(&output.stdout);
+        let trimmed = stdout.trim().trim_matches('"');
+        if !trimmed.is_empty() {
+            return Ok(PathBuf::from(trimmed));
+        }
+    }
+
+    let home = dirs::home_dir().or_else(|| env::var("HOME").ok().map(PathBuf::from));
+    let home = home.ok_or_else(|| "Cannot determine home directory for macOS keychain lookup".to_string())?;
+    Ok(home.join("Library/Keychains/login.keychain-db"))
+}
+
+#[cfg(target_os = "macos")]
+fn macos_cert_is_trusted(cert_der: &[u8]) -> Result<bool, String> {
+    use std::process::Command;
+
+    let temp_path = env::temp_dir().join(format!(
+        "codenomad-server-ca-verify-{}.cer",
+        trusted_marker_file_suffix(cert_der)
+    ));
+    fs::write(&temp_path, cert_der)
+        .map_err(|e| format!("Failed to write temporary certificate {}: {e}", temp_path.display()))?;
+
+    let keychain_path = resolve_macos_user_keychain()?;
+    let fingerprint = macos_cert_sha256(&temp_path)?;
+    let find_output = Command::new("/usr/bin/security")
+        .args(["find-certificate", "-a", "-Z", "-c", "CodeNomad Local CA"])
+        .arg(&keychain_path)
+        .output()
+        .map_err(|e| format!("Failed to query macOS keychain certificates: {e}"))?;
+
+    if !find_output.status.success() {
+        let _ = fs::remove_file(&temp_path);
+        let stderr = String::from_utf8_lossy(&find_output.stderr).trim().to_string();
+        let detail = if stderr.is_empty() {
+            format!("security exited with status {}", find_output.status)
+        } else {
+            stderr
+        };
+        return Err(format!(
+            "Failed to inspect the macOS keychain for the local CodeNomad CA certificate: {detail}"
+        ));
+    }
+
+    let stdout = String::from_utf8_lossy(&find_output.stdout);
+    if !stdout.to_ascii_uppercase().contains(&fingerprint) {
+        let _ = fs::remove_file(&temp_path);
+        return Ok(false);
+    }
+
+    let verify_output = Command::new("/usr/bin/security")
+        .args(["verify-cert", "-q", "-L", "-l", "-p", "basic", "-c"])
+        .arg(&temp_path)
+        .args(["-k"])
+        .arg(&keychain_path)
+        .output()
+        .map_err(|e| format!("Failed to verify macOS trust for the local CodeNomad CA certificate: {e}"))?;
+
+    let _ = fs::remove_file(&temp_path);
+    Ok(verify_output.status.success())
+}
+
+#[cfg(target_os = "macos")]
+fn macos_cert_sha256(cert_path: &Path) -> Result<String, String> {
+    let output = std::process::Command::new("/usr/bin/shasum")
+        .args(["-a", "256"])
+        .arg(cert_path)
+        .output()
+        .map_err(|e| format!("Failed to compute SHA-256 for {}: {e}", cert_path.display()))?;
+
+    if !output.status.success() {
+        let stderr = String::from_utf8_lossy(&output.stderr).trim().to_string();
+        let detail = if stderr.is_empty() {
+            format!("shasum exited with status {}", output.status)
+        } else {
+            stderr
+        };
+        return Err(format!(
+            "Failed to compute SHA-256 for {}: {detail}",
+            cert_path.display()
+        ));
+    }
+
+    let stdout = String::from_utf8_lossy(&output.stdout);
+    let hash = stdout
+        .split_whitespace()
+        .next()
+        .ok_or_else(|| format!("Failed to parse SHA-256 output for {}", cert_path.display()))?;
+    Ok(hash.to_ascii_uppercase())
+}
+
+#[cfg(all(not(windows), not(target_os = "macos")))]
+pub fn needs_trust_in_store(_cert_der: &[u8]) -> Result<bool, String> {
+    Ok(false)
+}
+
+#[cfg(all(not(windows), not(target_os = "macos")))]
+pub fn trust_cert_in_store(_cert_der: &[u8]) -> Result<(), String> {
+    // Non-Windows platforms use native webview-specific handling instead of OS trust-store writes.
+    Ok(())
+}
+
+fn pem_to_der(pem: &str) -> Result<Vec<u8>, String> {
+    let mut body = String::new();
+    let mut in_block = false;
+
+    for line in pem.lines() {
+        if line.starts_with("-----BEGIN CERTIFICATE-----") {
+            in_block = true;
+            continue;
+        }
+        if line.starts_with("-----END CERTIFICATE-----") {
+            break;
+        }
+        if in_block {
+            body.push_str(line.trim());
+        }
+    }
+
+    if body.is_empty() {
+        return Err("No certificate found in PEM file".to_string());
+    }
+
+    base64::engine::general_purpose::STANDARD
+        .decode(body)
+        .map_err(|e| format!("Failed to decode certificate PEM: {e}"))
+}

packages/tauri-app/src-tauri/src/cli_manager.rs

@@ -136,6 +136,10 @@ fn workspace_root() -> Option<PathBuf> {
     })
 }
 
+fn launch_cwd() -> Option<PathBuf> {
+    std::env::current_dir().ok()
+}
+
 const SESSION_COOKIE_NAME_PREFIX: &str = "codenomad_session";
 
 const CLI_STOP_GRACE_SECS: u64 = 30;
@@ -624,16 +628,19 @@ impl CliProcessManager {
             log_line("development mode: will prefer tsx + source if present");
         }
 
-        let cwd = workspace_root();
+        let cwd = launch_cwd();
         if let Some(ref c) = cwd {
             log_line(&format!("using cwd={}", c.display()));
         }
 
         let use_user_shell = supports_user_shell();
 
-        if !use_user_shell && which::which(&resolution.node_binary).is_err() {
+        if resolution.runner == Runner::Tsx
+            && !use_user_shell
+            && which::which(&resolution.node_binary).is_err()
+        {
             return Err(anyhow::anyhow!(
-                "Node binary '{}' not found. CodeNomad desktop currently requires Node.js installed on the system, or set NODE_BINARY to a valid runtime path.",
+                "Node binary '{}' not found. CodeNomad development mode requires Node.js installed on the system, or set NODE_BINARY to a valid runtime path.",
                 resolution.node_binary
             ));
         }
@@ -642,9 +649,17 @@ impl CliProcessManager {
             log_line("spawning via user shell");
             ShellCommandType::UserShell(build_shell_command_string(&resolution, &args)?)
         } else {
-            log_line("spawning directly with node");
+            log_line(if resolution.runner == Runner::Standalone {
+                "spawning directly with standalone executable"
+            } else {
+                "spawning directly with node"
+            });
             ShellCommandType::Direct(DirectCommand {
-                program: resolution.node_binary.clone(),
+                program: if resolution.runner == Runner::Standalone {
+                    resolution.entry.clone()
+                } else {
+                    resolution.node_binary.clone()
+                },
                 args: resolution.runner_args(&args),
             })
         };
@@ -654,11 +669,13 @@ impl CliProcessManager {
                 log_line(&format!("spawn command: {} {:?}", cmd.shell, cmd.args));
                 let mut c = Command::new(&cmd.shell);
                 c.args(&cmd.args)
-                    .env("ELECTRON_RUN_AS_NODE", "1")
                     .env_remove("npm_config_prefix")
                     .env_remove("NPM_CONFIG_PREFIX")
                     .stdout(Stdio::piped())
                     .stderr(Stdio::piped());
+                if resolution.runner != Runner::Standalone {
+                    c.env("ELECTRON_RUN_AS_NODE", "1");
+                }
                 configure_spawn(&mut c);
                 if let Some(ref cwd) = cwd {
                     c.current_dir(cwd);
@@ -671,9 +688,11 @@ impl CliProcessManager {
                 log_line(&format!("spawn command: {} {:?}", cmd.program, cmd.args));
                 let mut c = Command::new(&cmd.program);
                 c.args(&cmd.args)
-                    .env("ELECTRON_RUN_AS_NODE", "1")
                     .stdout(Stdio::piped())
                     .stderr(Stdio::piped());
+                if resolution.runner != Runner::Standalone {
+                    c.env("ELECTRON_RUN_AS_NODE", "1");
+                }
                 configure_spawn(&mut c);
                 if let Some(ref cwd) = cwd {
                     c.current_dir(cwd);
@@ -924,7 +943,7 @@ impl CliProcessManager {
                             let mut locked = status.lock();
                             if locked.error.is_none() {
                                 locked.error = Some(format!(
-                                    "Node binary '{}' not found in the desktop shell environment. CodeNomad desktop currently requires Node.js installed on the system, or set NODE_BINARY to a valid runtime path.",
+                                    "Node binary '{}' not found in the desktop shell environment. CodeNomad development mode requires Node.js installed on the system, or set NODE_BINARY to a valid runtime path.",
                                     node_binary.trim()
                                 ));
                             }
@@ -1047,7 +1066,7 @@ struct CliEntry {
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]
 enum Runner {
-    Node,
+    Standalone,
     Tsx,
 }
 
@@ -1068,17 +1087,17 @@ impl CliEntry {
             }
         }
 
-        if let Some(entry) = resolve_dist_entry(app) {
+        if let Some(entry) = resolve_standalone_entry(app) {
             return Ok(Self {
                 entry,
-                runner: Runner::Node,
+                runner: Runner::Standalone,
                 runner_path: None,
-                node_binary,
+                node_binary: String::new(),
             });
         }
 
         Err(anyhow::anyhow!(
-            "Unable to locate CodeNomad CLI build (dist/bin.js). Please build @neuralnomads/codenomad."
+            "Unable to locate the packaged CodeNomad standalone server. Please rebuild the desktop bundle."
         ))
     }
 
@@ -1094,7 +1113,8 @@ impl CliEntry {
         ];
 
         if dev {
-            // Dev: plain HTTP + Vite dev server proxy.
+            // Dev: keep loopback HTTP for the Vite proxy, but also enable HTTPS so
+            // remote proxy sessions can still spin up secure local windows.
             let ui_dev_server = std::env::var("VITE_DEV_SERVER_URL")
                 .ok()
                 .filter(|value| !value.trim().is_empty())
@@ -1111,7 +1131,7 @@ impl CliEntry {
                 .unwrap_or_else(|| "info".to_string());
 
             args.push("--https".to_string());
-            args.push("false".to_string());
+            args.push("true".to_string());
             args.push("--http".to_string());
             args.push("true".to_string());
             args.push("--http-port".to_string());
@@ -1131,6 +1151,10 @@ impl CliEntry {
     }
 
     fn runner_args(&self, cli_args: &[String]) -> Vec<String> {
+        if self.runner == Runner::Standalone {
+            return cli_args.to_vec();
+        }
+
         let mut args = VecDeque::new();
         if self.runner == Runner::Tsx {
             if let Some(path) = &self.runner_path {
@@ -1203,45 +1227,37 @@ fn resolve_dev_entry(_app: &AppHandle) -> Option<String> {
     first_existing(candidates)
 }
 
-fn resolve_dist_entry(_app: &AppHandle) -> Option<String> {
+fn resolve_standalone_entry(_app: &AppHandle) -> Option<String> {
+    let executable_name = if cfg!(windows) {
+        "codenomad-server.exe"
+    } else {
+        "codenomad-server"
+    };
     let base = workspace_root();
-    let mut candidates: Vec<Option<PathBuf>> = vec![
-        base.as_ref().map(|p| p.join("packages/server/dist/bin.js")),
-        base.as_ref()
-            .map(|p| p.join("packages/server/dist/index.js")),
-        base.as_ref().map(|p| p.join("server/dist/bin.js")),
-        base.as_ref().map(|p| p.join("server/dist/index.js")),
-    ];
+    let mut candidates = vec![base
+        .as_ref()
+        .map(|p| p.join("packages/server/dist").join(executable_name))];
 
     if let Ok(exe) = std::env::current_exe() {
         if let Some(dir) = exe.parent() {
-            candidates.push(Some(dir.join("resources/server/dist/bin.js")));
-            candidates.push(Some(dir.join("resources/server/dist/index.js")));
-            candidates.push(Some(dir.join("resources/server/dist/server/bin.js")));
-            candidates.push(Some(dir.join("resources/server/dist/server/index.js")));
+            candidates.push(Some(
+                dir.join("resources/server/dist").join(executable_name),
+            ));
 
             let resources = dir.join("../Resources");
-            candidates.push(Some(resources.join("server/dist/bin.js")));
-            candidates.push(Some(resources.join("server/dist/index.js")));
-            candidates.push(Some(resources.join("server/dist/server/bin.js")));
-            candidates.push(Some(resources.join("server/dist/server/index.js")));
-            candidates.push(Some(resources.join("resources/server/dist/bin.js")));
-            candidates.push(Some(resources.join("resources/server/dist/index.js")));
-            candidates.push(Some(resources.join("resources/server/dist/server/bin.js")));
+            candidates.push(Some(resources.join("server/dist").join(executable_name)));
             candidates.push(Some(
-                resources.join("resources/server/dist/server/index.js"),
+                resources
+                    .join("resources/server/dist")
+                    .join(executable_name),
             ));
 
             let linux_resource_roots = [dir.join("../lib/CodeNomad"), dir.join("../lib/codenomad")];
             for root in linux_resource_roots {
-                candidates.push(Some(root.join("server/dist/bin.js")));
-                candidates.push(Some(root.join("server/dist/index.js")));
-                candidates.push(Some(root.join("server/dist/server/bin.js")));
-                candidates.push(Some(root.join("server/dist/server/index.js")));
-                candidates.push(Some(root.join("resources/server/dist/bin.js")));
-                candidates.push(Some(root.join("resources/server/dist/index.js")));
-                candidates.push(Some(root.join("resources/server/dist/server/bin.js")));
-                candidates.push(Some(root.join("resources/server/dist/server/index.js")));
+                candidates.push(Some(root.join("server/dist").join(executable_name)));
+                candidates.push(Some(
+                    root.join("resources/server/dist").join(executable_name),
+                ));
             }
         }
     }
@@ -1255,22 +1271,55 @@ fn build_shell_command_string(
 ) -> anyhow::Result<ShellCommand> {
     let shell = default_shell();
     let mut quoted: Vec<String> = Vec::new();
-    quoted.push(shell_escape(&entry.node_binary));
-    for arg in entry.runner_args(cli_args) {
-        quoted.push(shell_escape(&arg));
-    }
-    let command = format!(
-        "if command -v {} >/dev/null 2>&1; then ELECTRON_RUN_AS_NODE=1 exec {}; else printf '%s%s\\n' '{}' {} >&2; exit 127; fi",
-        shell_escape(&entry.node_binary),
-        quoted.join(" "),
-        MISSING_NODE_PREFIX,
-        shell_escape(&entry.node_binary),
-    );
-    let args = build_shell_args(&shell, &command);
+    let command = if entry.runner == Runner::Standalone {
+        quoted.push(shell_escape(&entry.entry));
+        for arg in cli_args {
+            quoted.push(shell_escape(arg));
+        }
+        format!("exec {}", quoted.join(" "))
+    } else {
+        quoted.push(shell_escape(&entry.node_binary));
+        for arg in entry.runner_args(cli_args) {
+            quoted.push(shell_escape(&arg));
+        }
+        format!(
+            "if command -v {} >/dev/null 2>&1; then ELECTRON_RUN_AS_NODE=1 exec {}; else printf '%s%s\\n' '{}' {} >&2; exit 127; fi",
+            shell_escape(&entry.node_binary),
+            quoted.join(" "),
+            MISSING_NODE_PREFIX,
+            shell_escape(&entry.node_binary),
+        )
+    };
+    let wrapped_command = wrap_command_for_shell(&command, &shell);
+    let args = build_shell_args(&shell, &wrapped_command);
     log_line(&format!("user shell command: {} {:?}", shell, args));
     Ok(ShellCommand { shell, args })
 }
 
+fn wrap_command_for_shell(command: &str, shell: &str) -> String {
+    let shell_name = std::path::Path::new(shell)
+        .file_name()
+        .and_then(OsStr::to_str)
+        .unwrap_or("")
+        .to_lowercase();
+
+    if shell_name.contains("bash") {
+        return format!(
+            "if [ -f ~/.bashrc ]; then source ~/.bashrc >/dev/null 2>&1; fi; {}",
+            command
+        );
+    }
+
+    if shell_name.contains("zsh") {
+        return format!(
+            "if [ -f ~/.zshrc ]; then source ~/.zshrc >/dev/null 2>&1; fi; {}",
+            command
+        );
+    }
+
+    command.to_string()
+}
+
 fn default_shell() -> String {
     if let Ok(shell) = std::env::var("SHELL") {
         if !shell.trim().is_empty() {
@@ -1305,8 +1354,8 @@ fn build_shell_args(shell: &str, command: &str) -> Vec<String> {
         .unwrap_or("")
         .to_lowercase();
 
-    if shell_name.contains("zsh") || shell_name.contains("bash") {
-        vec!["-i".into(), "-l".into(), "-c".into(), command.into()]
+    if shell_name.contains("zsh") {
+        vec!["-l".into(), "-i".into(), "-c".into(), command.into()]
     } else {
         vec!["-l".into(), "-c".into(), command.into()]
     }

packages/tauri-app/src-tauri/src/linux_tls.rs

@@ -0,0 +1,88 @@
+use crate::AppState;
+use tauri::{AppHandle, Manager, WebviewWindow};
+use url::Url;
+use webkit2gtk::{WebContextExt, WebView, WebViewExt};
+
+pub fn should_bootstrap_tls_navigation(target_url: &Url, allow_tls_certificate: bool) -> bool {
+    allow_tls_certificate && target_url.scheme() == "https"
+}
+
+pub fn ensure_remote_window_tls_handler(
+    window: &WebviewWindow,
+    app_handle: &AppHandle,
+    window_label: &str,
+) -> Result<(), String> {
+    {
+        let state = app_handle.state::<AppState>();
+        let mut handlers = state
+            .remote_tls_handlers
+            .lock()
+            .map_err(|err| err.to_string())?;
+        if !handlers.insert(window_label.to_string()) {
+            return Ok(());
+        }
+    }
+
+    let app_handle = app_handle.clone();
+    let window_label = window_label.to_string();
+    window
+        .with_webview(move |platform_webview| {
+            let webview = platform_webview.inner();
+            let app_handle = app_handle.clone();
+            let window_label = window_label.clone();
+            webview.connect_load_failed_with_tls_errors(move |view, failing_uri, certificate, _| {
+                allow_remote_tls_certificate(
+                    &app_handle,
+                    &window_label,
+                    view,
+                    failing_uri,
+                    certificate,
+                )
+            });
+        })
+        .map_err(|err| err.to_string())
+}
+
+fn allow_remote_tls_certificate(
+    app_handle: &AppHandle,
+    window_label: &str,
+    view: &WebView,
+    failing_uri: &str,
+    certificate: &webkit2gtk::gio::TlsCertificate,
+) -> bool {
+    let Ok(parsed_uri) = Url::parse(failing_uri) else {
+        return false;
+    };
+    let Some(host) = parsed_uri.host_str() else {
+        return false;
+    };
+
+    let state = app_handle.state::<AppState>();
+    let skip_tls_verify = state
+        .remote_skip_tls_verify
+        .lock()
+        .ok()
+        .and_then(|values| values.get(window_label).copied())
+        .unwrap_or(false);
+    if !skip_tls_verify {
+        return false;
+    }
+
+    let expected_origin = state
+        .remote_origins
+        .lock()
+        .ok()
+        .and_then(|origins| origins.get(window_label).cloned());
+    let parsed_origin = parsed_uri.origin().ascii_serialization();
+    if expected_origin.as_deref() != Some(parsed_origin.as_str()) {
+        return false;
+    }
+
+    let Some(context) = view.context() else {
+        return false;
+    };
+
+    context.allow_tls_certificate_for_host(certificate, host);
+    view.load_uri(failing_uri);
+    true
+}

packages/tauri-app/src-tauri/src/main.rs

@@ -1,12 +1,16 @@
 #![cfg_attr(not(debug_assertions), windows_subsystem = "windows")]
 
+#[allow(dead_code)]
+mod cert_manager;
 mod cli_manager;
+#[cfg(target_os = "linux")]
+mod linux_tls;
 
 use cli_manager::{CliProcessManager, CliStatus};
 use keepawake::KeepAwake;
 use serde::Deserialize;
 use serde_json::json;
-use std::collections::HashMap;
+use std::collections::{HashMap, HashSet};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Mutex;
 use std::time::{SystemTime, UNIX_EPOCH};
@@ -45,6 +49,9 @@ pub struct AppState {
     pub wake_lock: Mutex<Option<KeepAwake>>,
     pub zoom_level: Mutex<f64>,
     pub remote_origins: Mutex<HashMap<String, String>>,
+    pub remote_proxy_sessions: Mutex<HashMap<String, String>>,
+    pub remote_skip_tls_verify: Mutex<HashMap<String, bool>>,
+    pub remote_tls_handlers: Mutex<HashSet<String>>,
 }
 
 #[derive(Debug, Deserialize)]
@@ -53,9 +60,59 @@ struct RemoteWindowPayload {
     id: String,
     name: String,
     base_url: String,
+    entry_url: Option<String>,
+    proxy_session_id: Option<String>,
+    #[allow(dead_code)]
     skip_tls_verify: bool,
 }
 
+fn schedule_remote_proxy_session_cleanup(app: AppHandle, session_id: String) {
+    tauri::async_runtime::spawn(async move {
+        if let Err(err) = cleanup_remote_proxy_session(&app, &session_id).await {
+            eprintln!(
+                "[tauri] failed to clean up remote proxy session {}: {}",
+                session_id, err
+            );
+        }
+    });
+}
+
+async fn cleanup_remote_proxy_session(app: &AppHandle, session_id: &str) -> Result<(), String> {
+    let status = app.state::<AppState>().manager.status();
+    let Some(base_url) = status.url else {
+        return Ok(());
+    };
+
+    let mut cleanup_url = Url::parse(&base_url).map_err(|err| err.to_string())?;
+    cleanup_url.set_path(&format!("/api/remote-proxy/sessions/{session_id}"));
+    cleanup_url.set_query(None);
+    cleanup_url.set_fragment(None);
+
+    let client = if cleanup_url.scheme() == "https" {
+        let local_cert = cert_manager::ensure_local_cert()?;
+        let ca_cert = reqwest::Certificate::from_der(&local_cert.ca_cert_der)
+            .map_err(|err| err.to_string())?;
+        reqwest::Client::builder()
+            .add_root_certificate(ca_cert)
+            .build()
+            .map_err(|err| err.to_string())?
+    } else {
+        reqwest::Client::new()
+    };
+
+    let response = client
+        .delete(cleanup_url.as_str())
+        .send()
+        .await
+        .map_err(|err| err.to_string())?;
+
+    if response.status().is_success() || response.status() == reqwest::StatusCode::NOT_FOUND {
+        return Ok(());
+    }
+
+    Err(format!("unexpected status {}", response.status()))
+}
+
 #[derive(Debug, Default, Deserialize)]
 #[serde(default, rename_all = "camelCase")]
 struct WakeLockConfig {
@@ -119,7 +176,7 @@ fn is_dev_mode() -> bool {
 
 fn should_allow_internal(url: &Url) -> bool {
     match url.scheme() {
-        "tauri" | "asset" | "file" => true,
+        "tauri" | "asset" | "file" | "about" => true,
         // On Windows/WebView2, Tauri serves the app assets from `tauri.localhost`.
         // This must be treated as an internal origin or the navigation guard will
         // redirect it to the system browser and the app will appear blank.
@@ -167,25 +224,61 @@ fn intercept_navigation<R: Runtime>(webview: &Webview<R>, url: &Url) -> bool {
     false
 }
 
-#[tauri::command]
-fn open_remote_window(app: AppHandle, payload: RemoteWindowPayload) -> Result<(), String> {
-    if payload.skip_tls_verify && payload.base_url.starts_with("https://") {
-        return Err(
-            "Tauri cannot bypass self-signed HTTPS certificates automatically yet. Trust the certificate in your OS first, then reconnect, or use the CodeNomad Electron app."
-                .to_string(),
-        );
-    }
-
-    let parsed = Url::parse(&payload.base_url).map_err(|err| err.to_string())?;
+async fn open_remote_window_impl(
+    app: AppHandle,
+    payload: RemoteWindowPayload,
+) -> Result<(), String> {
+    let entry_url = payload.entry_url.as_deref().unwrap_or(payload.base_url.as_str());
+    let parsed = Url::parse(entry_url).map_err(|err| err.to_string())?;
     let label = format!("remote-{}", payload.id);
     let title = format!(
         "{} - {}",
         payload.name,
-        parsed.host_str().unwrap_or(payload.base_url.as_str())
+        Url::parse(&payload.base_url)
+            .ok()
+            .and_then(|url| url.host_str().map(str::to_string))
+            .unwrap_or_else(|| payload.base_url.clone())
     );
 
+    let window_url = parsed.clone();
+
+    let allow_linux_tls_certificate =
+        parsed.scheme() == "https" && (payload.proxy_session_id.is_some() || payload.skip_tls_verify);
+
+    app.state::<AppState>()
+        .remote_origins
+        .lock()
+        .map_err(|err| err.to_string())?
+        .insert(label.clone(), window_url.origin().ascii_serialization());
+    app.state::<AppState>()
+        .remote_skip_tls_verify
+        .lock()
+        .map_err(|err| err.to_string())?
+        .insert(label.clone(), allow_linux_tls_certificate);
+
+    let replaced_session = {
+        let state = app.state::<AppState>();
+        let mut sessions = state
+            .remote_proxy_sessions
+            .lock()
+            .map_err(|err| err.to_string())?;
+        match payload.proxy_session_id.clone() {
+            Some(session_id) => sessions.insert(label.clone(), session_id),
+            None => sessions.remove(&label),
+        }
+    };
+
+    if let Some(previous) = replaced_session {
+        if payload.proxy_session_id.as_deref() != Some(previous.as_str()) {
+            schedule_remote_proxy_session_cleanup(app.clone(), previous);
+        }
+    }
+
     if let Some(existing) = app.get_webview_window(&label) {
-        let _ = existing.navigate(parsed.clone());
+        #[cfg(target_os = "linux")]
+        linux_tls::ensure_remote_window_tls_handler(&existing, &app, &label)?;
+
+        let _ = existing.navigate(window_url.clone());
         let _ = existing.set_title(&title);
         let _ = existing.show();
         let _ = existing.unminimize();
@@ -193,25 +286,51 @@ fn open_remote_window(app: AppHandle, payload: RemoteWindowPayload) -> Result<()
         return Ok(());
     }
 
-    app.state::<AppState>()
-        .remote_origins
-        .lock()
-        .map_err(|err| err.to_string())?
-        .insert(label.clone(), parsed.origin().ascii_serialization());
+    #[cfg(target_os = "linux")]
+    let initial_url = if linux_tls::should_bootstrap_tls_navigation(
+        &window_url,
+        allow_linux_tls_certificate,
+    ) {
+        Url::parse("about:blank").map_err(|err| err.to_string())?
+    } else {
+        window_url.clone()
+    };
 
-    let window =
-        WebviewWindowBuilder::new(&app, label.clone(), WebviewUrl::External(parsed.clone()))
-            .title(title)
-            .inner_size(1400.0, 900.0)
-            .min_inner_size(800.0, 600.0)
-            .build()
-            .map_err(|err| err.to_string())?;
+    #[cfg(not(target_os = "linux"))]
+    let initial_url = window_url.clone();
+
+    let window = WebviewWindowBuilder::new(&app, label.clone(), WebviewUrl::External(initial_url.clone()))
+        .title(title)
+        .inner_size(1400.0, 900.0)
+        .min_inner_size(800.0, 600.0)
+        .build()
+        .map_err(|err| err.to_string())?;
+
+    #[cfg(target_os = "linux")]
+    {
+        linux_tls::ensure_remote_window_tls_handler(&window, &app, &label)?;
+        if initial_url != window_url {
+            let _ = window.navigate(window_url.clone());
+        }
+    }
 
     let app_handle = app.clone();
+    let label_for_cleanup = label.clone();
     window.on_window_event(move |event| {
         if let WindowEvent::Destroyed = event {
             if let Ok(mut origins) = app_handle.state::<AppState>().remote_origins.lock() {
-                origins.remove(&label);
+                origins.remove(&label_for_cleanup);
+            }
+            if let Ok(mut sessions) = app_handle.state::<AppState>().remote_proxy_sessions.lock() {
+                if let Some(session_id) = sessions.remove(&label_for_cleanup) {
+                    schedule_remote_proxy_session_cleanup(app_handle.clone(), session_id);
+                }
+            }
+            if let Ok(mut values) = app_handle.state::<AppState>().remote_skip_tls_verify.lock() {
+                values.remove(&label_for_cleanup);
+            }
+            if let Ok(mut handlers) = app_handle.state::<AppState>().remote_tls_handlers.lock() {
+                handlers.remove(&label_for_cleanup);
             }
         }
     });
@@ -219,6 +338,47 @@ fn open_remote_window(app: AppHandle, payload: RemoteWindowPayload) -> Result<()
     Ok(())
 }
 
+#[tauri::command]
+fn needs_local_certificate_install() -> Result<bool, String> {
+    #[cfg(not(target_os = "linux"))]
+    {
+        let local_cert = cert_manager::ensure_local_cert().map_err(|err| {
+            format!("Failed to load the local HTTPS certificate for the remote proxy window: {err}")
+        })?;
+        return cert_manager::needs_trust_in_store(&local_cert.ca_cert_der).map_err(|err| {
+            format!("Failed to inspect the local CodeNomad certificate trust state: {err}")
+        });
+    }
+
+    #[cfg(target_os = "linux")]
+    {
+        Ok(false)
+    }
+}
+
+#[tauri::command]
+async fn open_remote_window(app: AppHandle, payload: RemoteWindowPayload) -> Result<(), String> {
+    #[cfg(not(target_os = "linux"))]
+    {
+        let entry_url = payload.entry_url.as_deref().unwrap_or(payload.base_url.as_str());
+        let parsed = Url::parse(entry_url).map_err(|err| err.to_string())?;
+        if payload.proxy_session_id.is_some() && parsed.scheme() == "https" {
+            let local_cert = cert_manager::ensure_local_cert().map_err(|err| {
+                format!(
+                    "Failed to load the local HTTPS certificate for the remote proxy window: {err}"
+                )
+            })?;
+            if let Err(err) = cert_manager::trust_cert_in_store(&local_cert.ca_cert_der) {
+                return Err(format!(
+                    "Failed to trust the local CodeNomad CA certificate. Accept the certificate installation prompt and try again: {err}"
+                ));
+            }
+        }
+    }
+
+    open_remote_window_impl(app, payload).await
+}
+
 fn collect_directory_paths(paths: &[std::path::PathBuf]) -> Vec<String> {
     paths
         .iter()
@@ -346,6 +506,8 @@ fn set_windows_app_user_model_id() {
 fn set_windows_app_user_model_id() {}
 
 fn main() {
+    let _ = rustls::crypto::ring::default_provider().install_default();
+
     let navigation_guard: TauriPlugin<Wry, ()> = PluginBuilder::new("external-link-guard")
         .on_navigation(|webview, url| intercept_navigation(webview, url))
         .build();
@@ -373,6 +535,9 @@ fn main() {
             wake_lock: Mutex::new(None),
             zoom_level: Mutex::new(DEFAULT_ZOOM_LEVEL),
             remote_origins: Mutex::new(HashMap::new()),
+            remote_proxy_sessions: Mutex::new(HashMap::new()),
+            remote_skip_tls_verify: Mutex::new(HashMap::new()),
+            remote_tls_handlers: Mutex::new(HashSet::new()),
         })
         .setup(|app| {
             set_windows_app_user_model_id();
@@ -411,6 +576,7 @@ fn main() {
             cli_restart,
             wake_lock_start,
             wake_lock_stop,
+            needs_local_certificate_install,
             open_remote_window
         ])
         .on_menu_event(|app_handle, event| {

packages/tauri-app/src-tauri/tauri.conf.json

@@ -43,11 +43,6 @@
   "bundle": {
     "active": true,
     "linux": {
-      "appimage": {
-        "files": {
-          "/usr/share/applications/ai.neuralnomads.codenomad.client.desktop": "icons/linux/ai.neuralnomads.codenomad.client.desktop"
-        }
-      },
       "deb": {
         "files": {
           "/usr/share/applications/ai.neuralnomads.codenomad.client.desktop": "icons/linux/ai.neuralnomads.codenomad.client.desktop",

packages/ui/src/components/folder-selection-view.tsx

@@ -16,6 +16,7 @@ import { showAlertDialog } from "../stores/alerts"
 import { openSettings, settingsOpen } from "../stores/settings-screen"
 import { openExternalUrl } from "../lib/external-url"
 import { serverApi } from "../lib/api-client"
+import { runtimeEnv } from "../lib/runtime-env"
 import { openRemoteServerWindow } from "../lib/native/remote-window"
 
 const codeNomadLogo = new URL("../images/CodeNomad-Icon.png", import.meta.url).href
@@ -332,7 +333,23 @@ const FolderSelectionView: Component<FolderSelectionViewProps> = (props) => {
     })
 
     if (openWindow) {
-      await openRemoteServerWindow(profile)
+      const remoteProxySession =
+        runtimeEnv.host === "tauri" && profile.skipTlsVerify && profile.baseUrl.startsWith("https://")
+          ? await serverApi.createRemoteProxySession({
+              baseUrl: profile.baseUrl,
+              skipTlsVerify: profile.skipTlsVerify,
+            })
+          : undefined
+
+      try {
+        await openRemoteServerWindow(profile, remoteProxySession?.windowUrl, remoteProxySession?.sessionId)
+      } catch (error) {
+        if (remoteProxySession) {
+          void serverApi.deleteRemoteProxySession(remoteProxySession.sessionId).catch(() => {})
+        }
+        throw error
+      }
+
       await markRemoteServerConnected(profile.id)
     }
 

packages/ui/src/components/message-section.tsx

@@ -638,18 +638,25 @@ export default function MessageSection(props: MessageSectionProps) {
   const autoPinHoldTargetKey = createMemo(() => {
     if (!holdLongAssistantRepliesEnabled()) return null
     const messageId = lastVisibleMessageId()
-    return isAssistantTextMessage(messageId) ? messageId : null
+    return isStreamingAssistantTextMessage(messageId) ? messageId : null
   })
 
   function toggleHoldLongAssistantReplies() {
     updatePreferences({ holdLongAssistantReplies: !holdLongAssistantRepliesEnabled() })
   }
 
-  function isAssistantTextMessage(messageId: string | null | undefined) {
+  function isStreamingAssistantTextMessage(messageId: string | null | undefined) {
     if (!messageId) return false
     const resolvedStore = store()
     const record = resolvedStore.getMessage(messageId)
     if (!record || record.role !== "assistant") return false
+    if (record.status !== "streaming") return false
+
+    const info = resolvedStore.getMessageInfo(messageId)
+    if (!info) return false
+    const timeInfo = info?.time as { end?: number } | undefined
+    const isStreaming = timeInfo?.end === undefined || timeInfo.end === 0
+    if (!isStreaming) return false
 
     const { orderedParts } = buildRecordDisplayData(props.instanceId, record)
     return orderedParts.some((part) => {

packages/ui/src/components/virtual-follow-list.tsx

@@ -161,8 +161,9 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
   const [showScrollTopButton, setShowScrollTopButton] = createSignal(false)
   const [showScrollBottomButton, setShowScrollBottomButton] = createSignal(false)
   const [activeKey, setActiveKey] = createSignal<string | null>(null)
-  const [heldItemCount, setHeldItemCount] = createSignal<number | null>(null)
-  const effectiveSuspendAutoPinToBottom = () => externalSuspendAutoPinToBottom() || heldItemCount() !== null
+  const [activeHoldTargetKey, setActiveHoldTargetKey] = createSignal<string | null>(null)
+  const [didTriggerHoldForCurrentTarget, setDidTriggerHoldForCurrentTarget] = createSignal(false)
+  const effectiveSuspendAutoPinToBottom = () => externalSuspendAutoPinToBottom() || activeHoldTargetKey() !== null
 
   const scrollButtonsCount = createMemo(() => (showScrollTopButton() ? 1 : 0) + (showScrollBottomButton() ? 1 : 0))
   const itemElements = new Map<string, HTMLDivElement>()
@@ -196,6 +197,17 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
     return performance.now() <= userScrollIntentUntil
   }
 
+  function clearAutoPinHold(options?: { resumeBottom?: boolean }) {
+    if (activeHoldTargetKey() === null) return
+    setActiveHoldTargetKey(null)
+    if (options?.resumeBottom && autoScroll()) {
+      requestAnimationFrame(() => {
+        if (!autoScroll() || activeHoldTargetKey() !== null) return
+        scrollToBottom(false)
+      })
+    }
+  }
+
   function attachScrollIntentListeners(element: HTMLDivElement | undefined) {
     if (detachScrollIntentListeners) {
       detachScrollIntentListeners()
@@ -257,7 +269,7 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
     // scrollbar). If follow mode stays enabled, the next render notification
     // snaps the list straight back to bottom. A real upward viewport move away
     // from bottom should always break follow unless a hold target is active.
-    if (wasPinnedAtBottom && scrolledUp && autoScroll() && !atBottom && heldItemCount() === null) {
+    if (wasPinnedAtBottom && scrolledUp && autoScroll() && !atBottom && activeHoldTargetKey() === null) {
       setAutoScroll(false)
       lastObservedPinnedAtBottom = false
       return
@@ -265,9 +277,7 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
 
     // Sync autoScroll state based on scroll position if it was a user scroll
     if (hasUserScrollIntent()) {
-      if (atBottom && heldItemCount() !== null) {
-        setHeldItemCount(null)
-      }
+      clearAutoPinHold()
       if (atBottom && !autoScroll()) {
         setAutoScroll(true)
       } else if (!atBottom && autoScroll()) {
@@ -303,7 +313,6 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
       }
     }
     updateScrollButtons()
-    updateAutoPinHold()
     props.onScroll?.()
 
     // Find active key (roughly the first visible item)
@@ -335,25 +344,14 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
 
   function updateAutoPinHold() {
     const element = scrollElement()
-    const itemCount = props.items().length
-    const heldCount = heldItemCount()
     if (!element) return
 
-    if (heldCount !== null) {
-      if (itemCount > heldCount) {
-        setHeldItemCount(null)
-        if (autoScroll()) {
-          requestAnimationFrame(() => {
-            if (!autoScroll()) return
-            scrollToBottom(false)
-          })
-        }
-        return
-      }
+    const targetKey = holdTargetKey()
+    const heldKey = activeHoldTargetKey()
 
-      if (itemCount < heldCount) {
-        setHeldItemCount(null)
-        return
+    if (heldKey !== null) {
+      if (targetKey !== heldKey) {
+        clearAutoPinHold({ resumeBottom: true })
       }
 
       return
@@ -361,9 +359,8 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
 
     if (!autoScroll()) return
     if (externalSuspendAutoPinToBottom()) return
-
-    const targetKey = holdTargetKey()
     if (!targetKey) return
+    if (didTriggerHoldForCurrentTarget()) return
 
     const itemWrapper = itemElements.get(targetKey)
     if (!itemWrapper) return
@@ -379,7 +376,8 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
       if (Math.abs(alignDelta) > 1) {
         element.scrollTop = Math.max(0, element.scrollTop + alignDelta)
       }
-      setHeldItemCount(itemCount)
+      setActiveHoldTargetKey(targetKey)
+      setDidTriggerHoldForCurrentTarget(true)
     }
   }
 
@@ -395,7 +393,7 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
     },
     notifyContentRendered: () => {
       updateAutoPinHold()
-      if (heldItemCount() !== null) return
+      if (activeHoldTargetKey() !== null) return
       if (autoScroll() && !effectiveSuspendAutoPinToBottom()) {
         scrollToBottom(true)
       }
@@ -411,14 +409,23 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
 
   createEffect(on(() => props.resetKey?.(), () => {
     itemElements.clear()
-    setHeldItemCount(null)
+    setActiveHoldTargetKey(null)
+    setDidTriggerHoldForCurrentTarget(false)
     lastObservedScrollOffset = 0
     lastObservedPinnedAtBottom = false
   }))
 
+  createEffect(on(holdTargetKey, (nextTargetKey, prevTargetKey) => {
+    if (nextTargetKey !== prevTargetKey && didTriggerHoldForCurrentTarget()) {
+      setDidTriggerHoldForCurrentTarget(false)
+    }
+    if (activeHoldTargetKey() === null) return
+    if (nextTargetKey === activeHoldTargetKey()) return
+    clearAutoPinHold({ resumeBottom: true })
+  }, { defer: true }))
+
   // Handle autoScroll (Follow) on items change
   createEffect(on(() => props.items().length, (len, prevLen) => {
-    updateAutoPinHold()
     if (len > (prevLen ?? 0) && autoScroll() && !effectiveSuspendAutoPinToBottom() && !suppressAutoScrollOnce) {
       requestAnimationFrame(() => scrollToBottom(true))
     }
@@ -427,16 +434,11 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
 
   // Handle followToken change
   createEffect(on(() => props.followToken?.(), () => {
-    updateAutoPinHold()
     if (autoScroll() && !effectiveSuspendAutoPinToBottom()) {
       scrollToBottom(true)
     }
   }, { defer: true }))
 
-  createEffect(on(() => holdTargetKey(), () => {
-    updateAutoPinHold()
-  }, { defer: true }))
-
   // Reset state on resetKey change
   createEffect(on(() => props.resetKey?.(), (nextKey) => {
     if (nextKey === lastResetKey) return
@@ -459,13 +461,6 @@ export default function VirtualFollowList<T>(props: VirtualFollowListProps<T>) {
     }
   })
 
-  createEffect(() => {
-    if (typeof window === "undefined") return
-    const handleResize = () => updateAutoPinHold()
-    window.addEventListener("resize", handleResize)
-    onCleanup(() => window.removeEventListener("resize", handleResize))
-  })
-
   return (
     <div class="virtual-follow-list-shell" ref={shellElement => {
       setShellElement(shellElement)

packages/ui/src/lib/api-client.ts

@@ -12,6 +12,8 @@ import type {
   SpeechTranscriptionResponse,
   SideCar,
   ServerMeta,
+  RemoteProxySessionCreateRequest,
+  RemoteProxySessionCreateResponse,
   RemoteServerProbeRequest,
   RemoteServerProbeResponse,
   VoiceModeStateResponse,
@@ -256,6 +258,15 @@ export const serverApi = {
       body: JSON.stringify(payload),
     })
   },
+  createRemoteProxySession(payload: RemoteProxySessionCreateRequest): Promise<RemoteProxySessionCreateResponse> {
+    return request<RemoteProxySessionCreateResponse>("/api/remote-proxy/sessions", {
+      method: "POST",
+      body: JSON.stringify(payload),
+    })
+  },
+  deleteRemoteProxySession(id: string): Promise<void> {
+    return request(`/api/remote-proxy/sessions/${encodeURIComponent(id)}`, { method: "DELETE" })
+  },
   fetchAuthStatus(): Promise<{ authenticated: boolean; username?: string; passwordUserProvided?: boolean }> {
     return request<{ authenticated: boolean; username?: string; passwordUserProvided?: boolean }>("/api/auth/status")
   },

packages/ui/src/lib/i18n/messages/en/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "Connecting...",
   "folderSelection.servers.dialog.errorRequired": "Server name and URL are required.",
   "folderSelection.servers.dialog.errorConnect": "Could not connect to the remote server.",
+  "folderSelection.servers.certificateInstall.title": "Install Local Certificate",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad needs to install a local certificate to open self-signed HTTPS remote windows. This certificate is only used for local desktop proxy traffic on your machine. Your operating system may show a second certificate prompt after this.",
+  "folderSelection.servers.certificateInstall.confirmLabel": "Continue",
+  "folderSelection.servers.certificateInstall.cancelLabel": "Cancel",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad needs the local certificate to be trusted before it can open self-signed HTTPS remote windows.",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/es/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "Conectando...",
   "folderSelection.servers.dialog.errorRequired": "El nombre y la URL del servidor son obligatorios.",
   "folderSelection.servers.dialog.errorConnect": "No se pudo conectar al servidor remoto.",
+  "folderSelection.servers.certificateInstall.title": "Instalar certificado local",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad necesita instalar un certificado local para abrir ventanas remotas HTTPS autofirmadas. Este certificado solo se usa para el trafico del proxy local de escritorio en tu equipo. Es posible que tu sistema operativo muestre un segundo aviso de certificado despues de esto.",
+  "folderSelection.servers.certificateInstall.confirmLabel": "Continuar",
+  "folderSelection.servers.certificateInstall.cancelLabel": "Cancelar",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad necesita que el certificado local sea de confianza antes de poder abrir ventanas remotas HTTPS autofirmadas.",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/fr/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "Connexion...",
   "folderSelection.servers.dialog.errorRequired": "Le nom du serveur et l'URL sont requis.",
   "folderSelection.servers.dialog.errorConnect": "Impossible de se connecter au serveur distant.",
+  "folderSelection.servers.certificateInstall.title": "Installer le certificat local",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad doit installer un certificat local pour ouvrir des fenetres distantes HTTPS auto-signees. Ce certificat est utilise uniquement pour le trafic du proxy local de bureau sur votre machine. Votre systeme d'exploitation peut afficher une seconde invite de certificat apres cela.",
+  "folderSelection.servers.certificateInstall.confirmLabel": "Continuer",
+  "folderSelection.servers.certificateInstall.cancelLabel": "Annuler",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad a besoin que le certificat local soit approuve avant de pouvoir ouvrir des fenetres distantes HTTPS auto-signees.",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/he/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "מתחבר...",
   "folderSelection.servers.dialog.errorRequired": "שם השרת והכתובת הם שדות חובה.",
   "folderSelection.servers.dialog.errorConnect": "לא ניתן היה להתחבר לשרת המרוחק.",
+  "folderSelection.servers.certificateInstall.title": "התקנת אישור מקומי",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad צריך להתקין אישור מקומי כדי לפתוח חלונות HTTPS מרוחקים עם אישור בחתימה עצמית. האישור הזה משמש רק לתעבורת ה-proxy המקומי של האפליקציה במחשב שלך. ייתכן שמערכת ההפעלה תציג לאחר מכן בקשת אישור נוספת.",
+  "folderSelection.servers.certificateInstall.confirmLabel": "המשך",
+  "folderSelection.servers.certificateInstall.cancelLabel": "ביטול",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad צריך שהאישור המקומי יהיה מהימן לפני שיוכל לפתוח חלונות HTTPS מרוחקים עם אישור בחתימה עצמית.",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/ja/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "接続中...",
   "folderSelection.servers.dialog.errorRequired": "サーバー名と URL は必須です。",
   "folderSelection.servers.dialog.errorConnect": "リモートサーバーに接続できませんでした。",
+  "folderSelection.servers.certificateInstall.title": "ローカル証明書をインストール",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad は自己署名 HTTPS のリモートウィンドウを開くために、ローカル証明書をインストールする必要があります。この証明書は、このマシン上のローカルデスクトッププロキシ通信にのみ使用されます。この後、OS が追加の証明書プロンプトを表示する場合があります。",
+  "folderSelection.servers.certificateInstall.confirmLabel": "続行",
+  "folderSelection.servers.certificateInstall.cancelLabel": "キャンセル",
+  "folderSelection.servers.certificateInstall.cancelled": "自己署名 HTTPS のリモートウィンドウを開くには、CodeNomad のローカル証明書を信頼する必要があります。",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/ru/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "Подключение...",
   "folderSelection.servers.dialog.errorRequired": "Имя сервера и URL обязательны.",
   "folderSelection.servers.dialog.errorConnect": "Не удалось подключиться к удаленному серверу.",
+  "folderSelection.servers.certificateInstall.title": "Установить локальный сертификат",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad должен установить локальный сертификат, чтобы открывать удаленные HTTPS-окна с самоподписанным сертификатом. Этот сертификат используется только для трафика локального настольного прокси на вашем устройстве. После этого ваша операционная система может показать второе предупреждение о сертификате.",
+  "folderSelection.servers.certificateInstall.confirmLabel": "Продолжить",
+  "folderSelection.servers.certificateInstall.cancelLabel": "Отмена",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad должен доверять локальному сертификату, прежде чем сможет открывать удаленные HTTPS-окна с самоподписанным сертификатом.",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/i18n/messages/zh-Hans/folderSelection.ts

@@ -69,5 +69,10 @@ export const folderSelectionMessages = {
   "folderSelection.servers.dialog.connecting": "连接中...",
   "folderSelection.servers.dialog.errorRequired": "服务器名称和 URL 为必填项。",
   "folderSelection.servers.dialog.errorConnect": "无法连接到远程服务器。",
+  "folderSelection.servers.certificateInstall.title": "安装本地证书",
+  "folderSelection.servers.certificateInstall.confirmMessage": "CodeNomad 需要安装本地证书，才能打开使用自签名 HTTPS 的远程窗口。此证书仅用于你这台设备上的本地桌面代理流量。之后你的操作系统可能还会显示第二个证书提示。",
+  "folderSelection.servers.certificateInstall.confirmLabel": "继续",
+  "folderSelection.servers.certificateInstall.cancelLabel": "取消",
+  "folderSelection.servers.certificateInstall.cancelled": "CodeNomad 需要先信任本地证书，才能打开使用自签名 HTTPS 的远程窗口。",
   "folderSelection.sidecars.button": "Open SideCar",
 } as const

packages/ui/src/lib/native/remote-window.ts

@@ -1,19 +1,29 @@
 import { invoke } from "@tauri-apps/api/core"
 import type { RemoteServerProfile } from "../../../../server/src/api-types"
+import { showConfirmDialog } from "../../stores/alerts"
+import { tGlobal } from "../i18n"
 import { runtimeEnv } from "../runtime-env"
 
 export interface RemoteWindowOpenPayload {
   id: string
   name: string
   baseUrl: string
+  entryUrl?: string
+  proxySessionId?: string
   skipTlsVerify: boolean
 }
 
-export async function openRemoteServerWindow(profile: Pick<RemoteServerProfile, "id" | "name" | "baseUrl" | "skipTlsVerify">): Promise<void> {
+export async function openRemoteServerWindow(
+  profile: Pick<RemoteServerProfile, "id" | "name" | "baseUrl" | "skipTlsVerify">,
+  entryUrl?: string,
+  proxySessionId?: string,
+): Promise<void> {
   const payload: RemoteWindowOpenPayload = {
     id: profile.id,
     name: profile.name,
     baseUrl: profile.baseUrl,
+    entryUrl,
+    proxySessionId,
     skipTlsVerify: profile.skipTlsVerify,
   }
 
@@ -26,6 +36,28 @@ export async function openRemoteServerWindow(profile: Pick<RemoteServerProfile,
   }
 
   if (runtimeEnv.host === "tauri") {
+    const requiresLocalCertificate =
+      proxySessionId !== undefined && (entryUrl ?? profile.baseUrl).startsWith("https://")
+
+    if (requiresLocalCertificate) {
+      const needsInstall = await invoke<boolean>("needs_local_certificate_install")
+      if (needsInstall) {
+        const accepted = await showConfirmDialog(
+          tGlobal("folderSelection.servers.certificateInstall.confirmMessage"),
+          {
+            title: tGlobal("folderSelection.servers.certificateInstall.title"),
+            variant: "warning",
+            confirmLabel: tGlobal("folderSelection.servers.certificateInstall.confirmLabel"),
+            cancelLabel: tGlobal("folderSelection.servers.certificateInstall.cancelLabel"),
+          },
+        )
+
+        if (!accepted) {
+          throw new Error(tGlobal("folderSelection.servers.certificateInstall.cancelled"))
+        }
+      }
+    }
+
     await invoke("open_remote_window", { payload })
     return
   }

packages/ui/src/stores/session-events.ts

@@ -397,7 +397,8 @@ function handleMessageUpdate(instanceId: string, event: MessageUpdateEvent | Mes
 
     const role: MessageRole = info.role === "user" ? "user" : "assistant"
     const hasError = Boolean((info as any).error)
-    const status: MessageStatus = hasError ? "error" : "complete"
+    const hasEnded = typeof timeInfo.end === "number" && timeInfo.end > 0
+    const status: MessageStatus = hasError ? "error" : hasEnded ? "complete" : "streaming"
 
     let record = store.getMessage(messageId)
     if (!record) {

packages/ui/src/types/global.d.ts

@@ -37,6 +37,8 @@ declare global {
       id: string
       name: string
       baseUrl: string
+      entryUrl?: string
+      proxySessionId?: string
       skipTlsVerify: boolean
     }) => Promise<{ ok: boolean }>
   }