2025-12-19 22:13:13 +01:00
---
summary: "Bundled bun gateway: packaging, launchd, signing, and bytecode"
read_when:
2026-01-04 14:32:47 +00:00
- Packaging Clawdbot.app
2025-12-19 22:13:13 +01:00
- Debugging the bundled gateway binary
- Changing bun build flags or codesigning
---
# Bundled bun Gateway (macOS)
2026-01-04 14:32:47 +00:00
Goal: ship **Clawdbot.app** with a self-contained relay binary that can run both the CLI and the Gateway daemon. No global `npm install -g clawdbot` , no system Node requirement.
2025-12-19 22:13:13 +01:00
## What gets bundled
App bundle layout:
2026-01-04 14:32:47 +00:00
- `Clawdbot.app/Contents/Resources/Relay/clawdbot`
2026-01-08 23:06:56 +01:00
- bun `--compile` relay executable built from `dist/macos/relay.js`
2025-12-20 19:35:33 +00:00
- Supports:
2026-01-04 14:32:47 +00:00
- `clawdbot …` (CLI)
2026-01-08 07:16:05 +01:00
- `clawdbot gateway …` (LaunchAgent daemon)
2026-01-04 14:32:47 +00:00
- `Clawdbot.app/Contents/Resources/Relay/package.json`
2025-12-22 21:02:48 +00:00
- tiny “p runtime compatibility” file (see below)
2026-01-04 14:32:47 +00:00
- `Clawdbot.app/Contents/Resources/Relay/theme/`
2025-12-22 21:02:48 +00:00
- p TUI theme payload (optional, but strongly recommended)
2025-12-19 22:13:13 +01:00
Why the sidecar files matter:
2026-01-04 14:32:47 +00:00
- The embedded p runtime detects “bun binary mode” and then looks for `package.json` + `theme/` **next to `process.execPath`** (i.e. next to `clawdbot` ).
2025-12-22 21:02:48 +00:00
- So even if bun can embed assets, the runtime expects filesystem paths. Keep the sidecar files.
2025-12-19 22:13:13 +01:00
## Build pipeline
Packaging script:
2026-01-06 20:25:08 +00:00
- [`scripts/package-mac-app.sh` ](https://github.com/clawdbot/clawdbot/blob/main/scripts/package-mac-app.sh )
2025-12-19 22:13:13 +01:00
It builds:
- TS: `pnpm exec tsc`
- Swift app + helper: `swift build …`
2025-12-20 19:35:33 +00:00
- bun relay: `bun build dist/macos/relay.js --compile --bytecode …`
2025-12-19 22:13:13 +01:00
Important bundler flags:
- `--compile` : produces a standalone executable
- `--bytecode` : reduces startup time / parsing overhead (works here)
- externals:
2025-12-20 19:35:33 +00:00
- `-e electron`
- Reason: avoid bundling Electron stubs in the relay binary
2025-12-19 22:13:13 +01:00
Version injection:
2026-01-04 14:32:47 +00:00
- `--define "__CLAWDBOT_VERSION__=\"<pkg version>\""`
2026-01-08 23:06:56 +01:00
- The relay honors `__CLAWDBOT_VERSION__` / `CLAWDBOT_BUNDLED_VERSION` so `--version` doesn’ `package.json` at runtime.
2025-12-19 22:13:13 +01:00
## Launchd (Gateway as LaunchAgent)
Label:
2026-01-04 14:32:47 +00:00
- `com.clawdbot.gateway`
2025-12-19 22:13:13 +01:00
Plist location (per-user):
2026-01-04 14:32:47 +00:00
- `~/Library/LaunchAgents/com.clawdbot.gateway.plist`
2025-12-19 22:13:13 +01:00
Manager:
2026-01-08 23:06:56 +01:00
- The macOS app owns LaunchAgent install/update for the bundled gateway.
2025-12-19 22:13:13 +01:00
Behavior:
2026-01-04 14:32:47 +00:00
- “Clawdbot Active” enables/disables the LaunchAgent.
2025-12-19 22:13:13 +01:00
- App quit does **not** stop the gateway (launchd keeps it alive).
2026-01-08 21:34:28 +01:00
- CLI install (`clawdbot daemon install` ) writes the same LaunchAgent; `clawdbot daemon install --force` rewrites it.
- `clawdbot doctor` audits the LaunchAgent config and can update it to current defaults.
2025-12-19 22:13:13 +01:00
Logging:
2026-01-04 14:32:47 +00:00
- launchd stdout/err: `/tmp/clawdbot/clawdbot-gateway.log`
2025-12-19 22:13:13 +01:00
Default LaunchAgent env:
2026-01-04 14:32:47 +00:00
- `CLAWDBOT_IMAGE_BACKEND=sips` (avoid sharp native addon under bun)
2025-12-19 22:13:13 +01:00
## Codesigning (hardened runtime + bun)
Symptom (when mis-signed):
- `Ran out of executable memory …` on launch
Fix:
- The bun executable needs JIT-ish permissions under hardened runtime.
2026-01-08 23:06:56 +01:00
- `scripts/codesign-mac-app.sh` signs `Relay/clawdbot` with:
2025-12-19 22:13:13 +01:00
- `com.apple.security.cs.allow-jit`
- `com.apple.security.cs.allow-unsigned-executable-memory`
## Image processing under bun
Problem:
- bun can’ `sharp` (and we don’
Solution:
2026-01-08 23:06:56 +01:00
- Image operations prefer `/usr/bin/sips` on macOS (especially under bun).
- When running in Node/dev, `sharp` is used when available.
- This affects inbound/outbound media, screenshots, and tool image sanitization.
2025-12-19 22:13:13 +01:00
2025-12-20 19:35:33 +00:00
## Browser control server
2025-12-19 22:13:13 +01:00
2026-01-08 23:06:56 +01:00
The Gateway starts the browser control server (loopback only) from the relay daemon process,
so the relay binary includes Playwright deps.
2025-12-19 22:13:13 +01:00
## Tests / smoke checks
From a packaged app (local build):
```bash
2026-01-04 14:32:47 +00:00
dist/Clawdbot.app/Contents/Resources/Relay/clawdbot --version
2025-12-19 22:13:13 +01:00
2026-01-04 14:32:47 +00:00
CLAWDBOT_SKIP_PROVIDERS=1 \
CLAWDBOT_SKIP_CANVAS_HOST=1 \
2026-01-08 07:16:05 +01:00
dist/Clawdbot.app/Contents/Resources/Relay/clawdbot gateway --port 18999 --bind loopback
2025-12-19 22:13:13 +01:00
```
Then, in another shell:
```bash
2026-01-04 14:32:47 +00:00
pnpm -s clawdbot gateway call health --url ws://127.0.0.1:18999 --timeout 3000
2025-12-19 22:13:13 +01:00
```
## Repo hygiene
Bun may leave dotfiles like `*.bun-build` in the repo root or subfolders.
- These are ignored via `.gitignore` (`*.bun-build` ).
2025-12-19 22:39:30 +01:00
## DMG styling (human installer)
2026-01-08 23:06:56 +01:00
`scripts/create-dmg.sh` styles the DMG via Finder AppleScript.
2025-12-19 22:39:30 +01:00
Rules of thumb:
- Use a **72dpi** background image that matches the Finder window size in points.
- Preferred asset: `assets/dmg-background-small.png` (**500×
- Default icon positions: app `{125,160}` , Applications `{375,160}` .
