SD Panel

ShellDesktop

Overview

Versiones

Módulos

Infra

Roadmap

Deuda

Cerrar sesión

Estado General

Versión

2.5.0

HEAD: 9ea3a13

MCP Tools

Master MCP v4.0.0

Bundle

223 KB

IIFE production

Fases WM

7/7

+ v2.4 A-D + v2.5

Auth

JWT

PBKDF2 · HS256 · 7d

Backups

rclone

GDrive + OneDrive · 2x/día

Puntuaciones de Madurez

Window Manager

Auth & Security

MCP Integration

Infrastructure

GitHub Installer

Multi-LLM Router

Arquitectura

┌─────────────────────────────────────────────────────────────┐ │ app.shelldesktop.com (nginx :443) │ │ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌────────────┐ │ │ │ Frontend │ │ Backend │ │ sd_mcp │ │ PostgreSQL │ │ │ │ nginx │ │ FastAPI │ │ MCP v4 │ │ 16+pgvec │ │ │ │ :80 int │ │ :8000 │ │ :9000 │ │ :5432 │ │ │ └──────────┘ └──────────┘ └──────────┘ └────────────┘ │ │ ↕ Docker network (shelldesktop_default) │ ├─────────────────────────────────────────────────────────────┤ │ VPS 217.76.158.49 · Ubuntu 24.04 · Docker 27 │ │ Repo: /opt/base-kit/ → github:culturajoven/shelldesktop │ │ Bind: /opt/shelldesktop/mcp → /app (sd_mcp container) │ │ Backups: rclone → GDrive + OneDrive (02:00 + 17:00 UTC) │ └─────────────────────────────────────────────────────────────┘

Timeline de Versiones

✓
v1.0.0 Shipped
CSS/JS modular, Window Manager v1 (drag, resize, snap, z-index, animaciones), backend conectado, frontend en producción.
✓
v2.0.0 Shipped
Sidebar Workspace (Docker), SidePanel controller, Sidebar Admin/SuperAdmin, backend /superadmin, Topbar proyecto activo.
✓
v2.3.0 Shipped
Badge clicable workspace, smoke test 6 Playwright tools.
✓
WM v2.0 — Fases 1-7 Shipped
React Window Manager completo: groups (tabs+stack+tiling), snap 8 zonas, drag&drop, atajos, legacy shim, WM v1 retirado. Bundle 223KB.
✓
v2.4-A — Auth JWT Shipped
AUTH_ENABLED, login email+password, PBKDF2, JWT HS256 7d, require_role().
✓
v2.4-B — Login Frontend Shipped
Auth module JS, Bearer auto, auth-modal, superadmin JWT, WM_ENABLED.
✓
v2.4-C — MCP Integration Shipped
Backend módulo MCP, httpx → sd_mcp real, 59 tools, RENDER_HINTS 26 tools, panel MCP frontend, mcp-client.js self-contained.
✓
v2.4-D — HTTP Adapter + E2E Shipped
Patch /tools-list + /invoke en server.py, test browser E2E completo.
✓
v2.5.0 Shipped
Docker tools curl+unix-socket, 59 tools (3 MCP security), fix _pg() commit, PBKDF2 password, git remote SSH, email-validator. HEAD: 9ea3a13.
→
v2.6 — GitHub Installer Next
POST /apps/install, tabla apps, frontend installer, nginx dynamic routing.

Módulos Backend

Módulo	Estado	Endpoints clave
auth	Activo	/auth/login, /auth/me, /auth/verify
wm	Activo	/wm/state, /wm/windows, /wm/groups, /wm/sync
mcp	Activo	/mcp/health, /mcp/tools, /mcp/invoke
ip_security	Activo	Middleware IP filtering
supervisor	Activo	/supervisor/status
workspaces	Activo	/workspaces (Docker projects)
superadmin	Activo	/superadmin (host stats)
apps (installer)	Pendiente	/apps/install — v2.6
llm_router	Pendiente	Multi-LLM proxy — v3.0

MCP Tools — 59 total

Categoría	Cant.	Tools
File system	5	file_read, file_write, file_list, file_find, file_diff
Git	5	git_status, git_log, git_diff, git_branch, compare_branches
Docker	5	docker_ps, docker_logs, docker_action, service_health, process_status
Database	4	db_schema_summary, db_table_stats, db_query_safe, postgres_query
Browser	9	browser_open, browser_screenshot, browser_click, browser_type, browser_eval, browser_wait_for, browser_close, browser_console_logs, browser_network_errors, browser_page_errors
Code quality	4	run_lint, run_typecheck, find_dead_code, scan_security
Infrastructure	6	shell_exec, http_request, ssl_check, nginx_reload, memory_cpu_snapshot, tail_logs
Memory	4	memory_read, memory_write, decision_log_write, recent_errors
Workspace	3	workspace_list, workspace_create, workspace_delete
Project	3	project_detect_stack, project_install, architecture_summary
Review	1	review_changed_files
Notifications	3	notify_slack, notify_telegram, notify_webhook
MCP Security	3	mcp_ip_log, mcp_allowlist_toggle, mcp_origin_add
Supervisor	3	supervisor_status, supervisor_execute, supervisor_propagate
SLE (Knowledge)	8	sle_write_observation, sle_write_signal, sle_search_content, sle_search_similar, sle_query_nodes, sle_query_composite, sle_get_context, sle_get_stats, sle_create_prediction, sle_close_prediction, sle_get_predictions, sle_compound_log, sle_compound_status

Contenedores Docker

Contenedor	Imagen	Puerto	Notas
shelldesktop-frontend	nginx:alpine	80 int	Manual (no compose). ID: 346b5eecb2d7
shelldesktop-backend	FastAPI custom	8000	Compose. Módulos: auth, wm, mcp, supervisor
shelldesktop-sd_mcp-1	Python custom	9000	Compose. Bind: /opt/shelldesktop/mcp → /app
shelldesktop-db-1	postgres:16	5432	Compose. pgvector enabled
shelldesktop-nginx-1	nginx	80/443	Compose. SSL termination, reverse proxy

Dominios

Dominio	Destino	Uso
app.shelldesktop.com	→ frontend	UI principal (/shell/)
api.shelldesktop.com	→ backend :8000	REST API (/wm/, /auth/)
mcp.shelldesktop.com	→ sd_mcp :9000	MCP SSE + /health + /invoke
dash.shelldesktop.com	→ nginx static	Este panel

Backups

✓
rclone → GDrive + OneDrive
Cron 02:00 + 17:00 UTC. Script: /opt/shelldesktop/scripts/make_backup.sh. Tipos: daily, milestone, manual.
✓
GitHub push
Repo privado culturajoven/shelldesktop (branch master). SSH deploy key ed25519.
!
Otros VPS sin backup
AwakeAILive, Axystant, SentimentCall — pendiente replicar kit.

Paths Clave

/opt/base-kit/ → repo git real /opt/shelldesktop/mcp/ → bind mount → /app en sd_mcp /opt/shelldesktop/memory/ → MEMORY.md, CHECKLIST.md /opt/shelldesktop/scripts/ → make_backup.sh, backup.env /root/.ssh/shelldesktop_deploy → SSH deploy key /root/.cron_secrets → GITHUB_PAT (chmod 600)

Roadmap

v1.0 – v2.3

Plataforma Base

CSS modular, WM v1, sidebars, backend, deploy

WM v2.0

React Window Manager

7 fases: schema → groups → snap → legacy shim → retire v1

v2.4-A/B

Auth JWT

v2.4-C/D

MCP Integration

Backend httpx, 59 tools, panel, E2E test

v2.5

Stabilization

Docker curl, _pg() fix, password, git SSH

v2.6

GitHub Installer

Clone → detect stack → build → assign port → register

v2.7

SUPERVISOR v1

Governance layer, role enforcement, audit trail

v3.0

Multi-LLM Router

Proxy inteligente a múltiples LLMs con fallback

v3.1

Ecosystem Deploy

MCP v4.x a AwakeAILive, Aladdin, SynapseLake, SentimentCall

Deuda Técnica Abierta

!
docker-compose.yml con placeholders
Crear script de instalación real que sustituya {{VAR}} por valores del .env.
!
nginx reconecta a demoapp_net tras restart
Fijar network en docker-compose para evitar reconexión errática.
△
APIs externas sin configurar
LLMs y Storage en .env — necesarios para v3.0 Multi-LLM Router.
△
Quitar glow en logotipos topbar
Efecto brillo/glow visual en logotipos del topbar y panel central.
△
Nginx rate limiting /mcp
Config redactada en MEMORY.md. Aplicar tras estabilizar v2.6.
○
Replicar backups en otros VPS
Kit portable axystant-backups-kit_v1.0 listo. Pendiente: AwakeAILive, Axystant.
○
Notificaciones Slack/Telegram backup
Añadir notify al final de make_backup.sh.
○
Revocar PAT + tokens compartidos
GitHub PAT y tokens GDrive/OneDrive expuestos en chat history.

Learnings Clave (Reglas MEMORY.md)

1
Docker lib 7.x + urllib3 2.x incompatibles
Usar curl --unix-socket + asyncio.to_thread() en vez de lib docker.
2
_pg() con RETURNING no hacía commit
Fix: conn.commit() siempre para non-readonly queries.
3
Repo git en /opt/base-kit/
Bind mount confunde ubicación real. Git ops via container temporal alpine.
4
sd_mcp solo expone /mcp y /health
/tools-list y /invoke son patch manual HTTP adapter.
5
NUNCA docker cp para re-deploy
Bytes corruptos. Usar PUT /containers/{id}/archive con tar en memoria.

ShellDesktop Panel