System tray app, IPC server, and dark/light theme support

[jhd3197]

Introduces a cross-platform system tray application for the agent, accessible via the new 'tray' command. Implements a local IPC HTTP server for tray/agent communication, exposes agent status, metrics, logs, and restart functionality. Updates build scripts, configuration, and documentation to support the tray app and IPC integration.

[Copilot]

Pull request overview

Adds a cross-platform system tray UI and a local IPC HTTP API to let the tray communicate with the agent, plus packaging/build updates to ship and auto-start the tray on Windows.

Changes:

• Introduces a tray CLI command with a systray-based UI for status + basic controls.
• Adds a localhost IPC HTTP server exposing status/metrics/logs and a restart endpoint.
• Updates packaging/build/release tooling and defaults to enable IPC and start the tray on Windows login.

Reviewed changes

Copilot reviewed 15 out of 22 changed files in this pull request and generated 11 comments.

Show a summary per file

File	Description
agent/packaging/msi/build.ps1	Adds IPC config defaults to MSI-generated config.
agent/packaging/msi/Product.wxs	Adds HKCU Run key component to auto-start tray after login.
agent/internal/tray/tray.go	Implements systray UI, polling IPC, and service control helpers.
agent/internal/tray/client.go	Adds IPC HTTP client used by the tray app.
agent/internal/tray/icons.go	Embeds tray icon assets and selects by state.
agent/internal/tray/icons/connected.ico	Adds embedded icon asset.
agent/internal/tray/icons/disconnected.ico	Adds embedded icon asset.
agent/internal/tray/icons/error.ico	Adds embedded icon asset.
agent/internal/tray/icons/stopped.ico	Adds embedded icon asset.
agent/internal/ipc/server.go	Introduces IPC HTTP server with CORS middleware and route wiring.
agent/internal/ipc/handlers.go	Implements IPC endpoints for status/metrics/connection/logs/restart/health.
agent/internal/config/config.go	Adds IPC config struct + defaults.
agent/internal/agent/agent.go	Wires IPC server into agent lifecycle + exposes IPC provider methods.
agent/cmd/agent/main.go	Adds tray command and dashboard URL derivation helper.
agent/go.mod	Adds fyne.io/systray dependency.
agent/go.sum	Adds sums for systray and transitive deps.
agent/Makefile	Extends ldflags to set agent package version var.
.github/workflows/agent-release.yml	Updates release build ldflags and release notes mentioning tray.
.gitignore	Expands ignore patterns for build outputs, env files, IDEs, etc.
VERSION	Bumps version to 1.2.62.
EXPLORATIONS_AND_FUTURE.md	Adds a large roadmap/notes document (not tray/IPC-specific).

Comments suppressed due to low confidence (1)

agent/internal/agent/agent.go:209

• When a restart is requested, Agent.Run exits the select and then returns ctx.Err(). Since the context is not canceled on restart, ctx.Err() is nil, so the process exits cleanly rather than actually restarting. If the service manager is not configured to restart on clean exit, /restart will just stop the agent. Return a distinct restart signal/error and have the caller (runAgent/service wrapper) re-exec or loop, or implement an explicit restart strategy.

	// Wait for context cancellation or restart request
	select {
	case <-ctx.Done():
	case <-a.restartCh:
		a.log.Info("Restart requested")
	}

	// Cleanup
	a.cleanup()

	return ctx.Err()
}

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The IPC API is exposing sensitive operations (e.g., /logs and /restart) but there is no authentication/authorization layer applied to any route. Binding to localhost is not sufficient to prevent other local users/processes or browser-based localhost attacks from invoking these endpoints. Add an authentication mechanism (e.g., a random per-install token stored with restrictive permissions and required via Authorization header) or switch to an OS-permissioned transport (Unix domain socket / Windows named pipe).

[Copilot]

IPC is enabled by default. Given the IPC server exposes logs and restart functionality, enabling it by default increases the attack surface on every agent install. Consider defaulting IPC.Enabled to false (and enabling it explicitly for tray installs) or gating it behind a required auth token to make the default configuration safe.

Suggested change

	Enabled: true,
	Enabled: false,

[Copilot]

GetRecentLogs reads the entire log file into memory on every request and ignores scanner.Err(). This can become very slow/high-memory for large logs and can silently truncate/stop on long lines (bufio.Scanner token limit). Consider implementing a tail-style reader that only reads the last N lines (bounded memory), and handle scanner.Err()/increase buffer size if you keep Scanner.

[Copilot]

The Quit menu handler calls systray.Quit() directly and returns without closing quitCh. That leaves refreshLoop/handleMenuClicks relying on process teardown rather than clean shutdown. Prefer calling a.Quit() here so quitCh is closed and background goroutines exit deterministically.

Suggested change

	systray.Quit()
	a.Quit()

[Copilot]

startService/stopService/restartService assume systemctl for all non-Windows platforms. On darwin this will fail (no systemctl). Add a darwin-specific implementation (e.g., launchctl) or return a clear error stating service control is unsupported on that platform.

[Copilot]

This new document appears unrelated to the PR’s stated goal of adding the tray app + IPC server (it contains a broad product roadmap and WordPress environment discussion, and does not mention tray/IPC). Consider moving it to a separate PR to keep review scope and history focused.

[Copilot]

corsMiddleware currently only adds CORS headers for localhost origins but still serves requests from any Origin. A malicious website can POST to http://127.0.0.1:/restart from the browser (CORS blocks reading the response, not sending the request). Reject requests with a non-local Origin (e.g., 403) and avoid setting Access-Control-Allow-Origin to an empty string when Origin is missing.

[Copilot]

GetConnectionInfo reports lastConnected and reconnectCount, but these fields are never updated anywhere in Agent. As implemented, reconnectCount will always be 0 and lastConnected will always be omitted, which makes the IPC connection endpoint misleading. Either wire these values from the ws.Client (add exported getters/state) or update Agent on connect/disconnect events.

[Copilot]

Quit closes quitCh directly; if Quit is called more than once (e.g., signal handler + systray onExit path), this will panic with "close of closed channel". Guard the close with sync.Once or a non-blocking pattern, and consider closing quitCh in onExit so all goroutines reliably terminate.

[Copilot]

This MSI is Scope="perMachine" but the tray autostart is written to HKCU...\Run, which only applies to the user who performed the installation. If the intent is to start the tray for all users who log in, consider using HKLM...\Run, Active Setup, or an advertised shortcut in the Startup folder.