Skip to content

Dashboard

Web dashboard for system observability — Flask service, dev mode, remote access, development rules

Ports

  • 5127

Entry points

  • work_buddy.dashboard

Details

Web dashboard for system observability. Accessible remotely via Tailscale Serve.

Tabs: Overview, Tasks, Status, Chats, Contracts, Projects (static). Threads, Triage, and Notifications appear dynamically via workflow views, thread system, and notification log.

  • Dev mode: python -m work_buddy.dashboard --dev (auto-reloads). Not in sidecar config. Do not use with remote access — Werkzeug debugger exposes arbitrary code execution.
  • Frontend: Factorized package (frontend/) with html.py, styles.py, and per-tab script modules (script_main.py, script_notifications.py, script_palette.py, script_threads.py, script_triage.py, script_workflows.py).
  • Status tab: Component health tree with dependency nesting, live tool probes (60s refresh), expand/collapse state. Falls back to flat table if health API unavailable.
  • Chats tab: Full session browser with message search, commit navigation, repo filter.
  • Command palette: Ctrl+K shortcut. Discovery via /api/palette/commands, execution via /api/palette/execute. Gated by read-only mode.
  • Remote access: tailscale serve --bg 5127. Browser hits same-origin /api/... routes.
  • Read-only mode: dashboard.read_only: true in config.yaml gates mutating POST routes. Frontend hides mutation controls via _readOnly JS variable.
  • Telegram deep links: Set dashboard.external_url in config.yaml to Tailscale HTTPS URL. Expandable Telegram notifications include 'View full details' links.

API: 40+ routes in service.py spanning /api/state, /api/tasks, /api/chats/, /api/contracts, /api/projects/, /api/threads/, /api/workflow-views/, /api/notification-log, /api/palette/*, /api/deeplink. See service.py for the full list.

Adding a new tab: (1) Add tab button in frontend/html.py, (2) Add panel div, (3) Add fetch+render JS function in frontend/script_main.py and register in loaders map, (4) Optionally add API endpoint in service.py and data function in api.py.

Development rules (mandatory for all agents modifying dashboard code): 1. Same-origin only — never fetch sibling localhost ports (5123, 5124, 5125, 27124, 27125) from browser JS. Add server-side aggregation in api.py instead. 2. Gate mutating POST routes with _reject_read_only() at handler top. 3. Gate frontend mutation controls with _readOnly JS variable. 4. No obsidian:// links as primary navigation — they fail on mobile. 5. No --dev in production sidecar config. 6. Use config-driven values (load_config()) not hardcoded paths/ports.

Service management: Kill and let sidecar auto-restart via Get-NetTCPConnection -LocalPort 5127 | Stop-Process.