Add admin capsule management, fix file browser for special files, normalize dialog styles

- Admin capsule CRUD: list, create (platform templates), get detail with
  terminal/files/metrics, snapshot, destroy
- First signup auto-promotes to platform admin
- JWT auth via query param for WebSocket connections
- File browser: handle non-regular files (devices, pipes, sockets) gracefully
  instead of showing raw backend errors
- Normalize admin template dialogs to match established dialog patterns:
  remove accent bars, unify animation/shadow/button styles

internal/api/handlers_admin_capsules.go

@@ -0,0 +1,247 @@
+package api
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"log/slog"
+	"net/http"
+	"time"
+
+	"connectrpc.com/connect"
+	"github.com/go-chi/chi/v5"
+
+	"git.omukk.dev/wrenn/wrenn/internal/audit"
+	"git.omukk.dev/wrenn/wrenn/internal/auth"
+	"git.omukk.dev/wrenn/wrenn/internal/db"
+	"git.omukk.dev/wrenn/wrenn/internal/id"
+	"git.omukk.dev/wrenn/wrenn/internal/lifecycle"
+	"git.omukk.dev/wrenn/wrenn/internal/service"
+	"git.omukk.dev/wrenn/wrenn/internal/validate"
+	pb "git.omukk.dev/wrenn/wrenn/proto/hostagent/gen"
+)
+
+type adminCapsuleHandler struct {
+	svc   *service.SandboxService
+	db    *db.Queries
+	pool  *lifecycle.HostClientPool
+	audit *audit.AuditLogger
+}
+
+func newAdminCapsuleHandler(svc *service.SandboxService, db *db.Queries, pool *lifecycle.HostClientPool, al *audit.AuditLogger) *adminCapsuleHandler {
+	return &adminCapsuleHandler{svc: svc, db: db, pool: pool, audit: al}
+}
+
+// Create handles POST /v1/admin/capsules.
+func (h *adminCapsuleHandler) Create(w http.ResponseWriter, r *http.Request) {
+	var req createSandboxRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", "invalid JSON body")
+		return
+	}
+
+	ac := auth.MustFromContext(r.Context())
+
+	sb, err := h.svc.Create(r.Context(), service.SandboxCreateParams{
+		TeamID:     id.PlatformTeamID,
+		Template:   req.Template,
+		VCPUs:      req.VCPUs,
+		MemoryMB:   req.MemoryMB,
+		TimeoutSec: req.TimeoutSec,
+	})
+	if err != nil {
+		status, code, msg := serviceErrToHTTP(err)
+		writeError(w, status, code, msg)
+		return
+	}
+
+	h.audit.LogSandboxCreate(r.Context(), ac, sb.ID, sb.Template)
+	writeJSON(w, http.StatusCreated, sandboxToResponse(sb))
+}
+
+// List handles GET /v1/admin/capsules.
+func (h *adminCapsuleHandler) List(w http.ResponseWriter, r *http.Request) {
+	sandboxes, err := h.svc.List(r.Context(), id.PlatformTeamID)
+	if err != nil {
+		writeError(w, http.StatusInternalServerError, "db_error", "failed to list sandboxes")
+		return
+	}
+
+	resp := make([]sandboxResponse, len(sandboxes))
+	for i, sb := range sandboxes {
+		resp[i] = sandboxToResponse(sb)
+	}
+
+	writeJSON(w, http.StatusOK, resp)
+}
+
+// Get handles GET /v1/admin/capsules/{id}.
+func (h *adminCapsuleHandler) Get(w http.ResponseWriter, r *http.Request) {
+	sandboxIDStr := chi.URLParam(r, "id")
+
+	sandboxID, err := id.ParseSandboxID(sandboxIDStr)
+	if err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", "invalid sandbox ID")
+		return
+	}
+
+	sb, err := h.svc.Get(r.Context(), sandboxID, id.PlatformTeamID)
+	if err != nil {
+		writeError(w, http.StatusNotFound, "not_found", "sandbox not found")
+		return
+	}
+
+	writeJSON(w, http.StatusOK, sandboxToResponse(sb))
+}
+
+// Destroy handles DELETE /v1/admin/capsules/{id}.
+func (h *adminCapsuleHandler) Destroy(w http.ResponseWriter, r *http.Request) {
+	sandboxIDStr := chi.URLParam(r, "id")
+	ac := auth.MustFromContext(r.Context())
+
+	sandboxID, err := id.ParseSandboxID(sandboxIDStr)
+	if err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", "invalid sandbox ID")
+		return
+	}
+
+	if err := h.svc.Destroy(r.Context(), sandboxID, id.PlatformTeamID); err != nil {
+		status, code, msg := serviceErrToHTTP(err)
+		writeError(w, status, code, msg)
+		return
+	}
+
+	h.audit.LogSandboxDestroy(r.Context(), ac, sandboxID)
+	w.WriteHeader(http.StatusNoContent)
+}
+
+type adminSnapshotRequest struct {
+	Name string `json:"name"`
+}
+
+// Snapshot handles POST /v1/admin/capsules/{id}/snapshot.
+// Pauses the capsule, takes a snapshot as a platform template, then destroys the capsule.
+func (h *adminCapsuleHandler) Snapshot(w http.ResponseWriter, r *http.Request) {
+	sandboxIDStr := chi.URLParam(r, "id")
+	ac := auth.MustFromContext(r.Context())
+
+	sandboxID, err := id.ParseSandboxID(sandboxIDStr)
+	if err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", "invalid sandbox ID")
+		return
+	}
+
+	var req adminSnapshotRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", "invalid JSON body")
+		return
+	}
+
+	if req.Name == "" {
+		req.Name = id.NewSnapshotName()
+	}
+	if err := validate.SafeName(req.Name); err != nil {
+		writeError(w, http.StatusBadRequest, "invalid_request", fmt.Sprintf("invalid snapshot name: %s", err))
+		return
+	}
+
+	ctx := r.Context()
+
+	// Verify sandbox exists and belongs to platform team BEFORE any
+	// destructive operations (template overwrite).
+	sb, err := h.db.GetSandboxByTeam(ctx, db.GetSandboxByTeamParams{ID: sandboxID, TeamID: id.PlatformTeamID})
+	if err != nil {
+		writeError(w, http.StatusNotFound, "not_found", "sandbox not found")
+		return
+	}
+	if sb.Status != "running" && sb.Status != "paused" {
+		writeError(w, http.StatusConflict, "invalid_state", "sandbox must be running or paused")
+		return
+	}
+
+	// Check if name already exists as a platform template.
+	if existing, err := h.db.GetPlatformTemplateByName(ctx, req.Name); err == nil {
+		// Delete old snapshot files from all hosts before removing the DB record.
+		if err := deleteSnapshotBroadcast(ctx, h.db, h.pool, existing.TeamID, existing.ID); err != nil {
+			writeError(w, http.StatusInternalServerError, "agent_error", "failed to delete existing snapshot files")
+			return
+		}
+		if err := h.db.DeleteTemplateByTeam(ctx, db.DeleteTemplateByTeamParams{Name: req.Name, TeamID: id.PlatformTeamID}); err != nil {
+			writeError(w, http.StatusInternalServerError, "db_error", "failed to remove existing template record")
+			return
+		}
+	}
+
+	agent, err := agentForHost(ctx, h.db, h.pool, sb.HostID)
+	if err != nil {
+		writeError(w, http.StatusServiceUnavailable, "host_unavailable", "sandbox host is not reachable")
+		return
+	}
+
+	// Pre-mark sandbox as "paused" to prevent the reconciler from racing.
+	if sb.Status == "running" {
+		if _, err := h.db.UpdateSandboxStatus(ctx, db.UpdateSandboxStatusParams{
+			ID: sandboxID, Status: "paused",
+		}); err != nil {
+			writeError(w, http.StatusInternalServerError, "db_error", "failed to update sandbox status")
+			return
+		}
+	}
+
+	// Use a detached context so the snapshot completes even if the client disconnects.
+	snapCtx, snapCancel := context.WithTimeout(context.Background(), 5*time.Minute)
+	defer snapCancel()
+
+	newTemplateID := id.NewTemplateID()
+
+	resp, err := agent.CreateSnapshot(snapCtx, connect.NewRequest(&pb.CreateSnapshotRequest{
+		SandboxId:  sandboxIDStr,
+		Name:       req.Name,
+		TeamId:     formatUUIDForRPC(id.PlatformTeamID),
+		TemplateId: formatUUIDForRPC(newTemplateID),
+	}))
+	if err != nil {
+		// Snapshot failed — revert status.
+		if sb.Status == "running" {
+			if _, dbErr := h.db.UpdateSandboxStatus(snapCtx, db.UpdateSandboxStatusParams{
+				ID: sandboxID, Status: "running",
+			}); dbErr != nil {
+				slog.Error("failed to revert sandbox status after snapshot error", "sandbox_id", sandboxIDStr, "error", dbErr)
+			}
+		}
+		status, code, msg := agentErrToHTTP(err)
+		writeError(w, status, code, msg)
+		return
+	}
+
+	tmpl, err := h.db.InsertTemplate(snapCtx, db.InsertTemplateParams{
+		ID:          newTemplateID,
+		Name:        req.Name,
+		Type:        "snapshot",
+		Vcpus:       sb.Vcpus,
+		MemoryMb:    sb.MemoryMb,
+		SizeBytes:   resp.Msg.SizeBytes,
+		TeamID:      id.PlatformTeamID,
+		DefaultUser: "root",
+		DefaultEnv:  []byte("{}"),
+	})
+	if err != nil {
+		slog.Error("failed to insert template record", "name", req.Name, "error", err)
+		writeError(w, http.StatusInternalServerError, "db_error", "snapshot created but failed to record in database")
+		return
+	}
+
+	// Destroy the ephemeral capsule after successful snapshot.
+	if err := h.svc.Destroy(snapCtx, sandboxID, id.PlatformTeamID); err != nil {
+		slog.Error("failed to destroy capsule after snapshot", "sandbox_id", sandboxIDStr, "error", err)
+		// Don't fail the response — the snapshot was created successfully.
+	}
+
+	h.audit.LogSnapshotCreate(snapCtx, ac, req.Name)
+
+	if ctx.Err() != nil {
+		slog.Info("snapshot created but client disconnected before response", "name", req.Name)
+		return
+	}
+	writeJSON(w, http.StatusCreated, templateToResponse(tmpl))
+}

internal/api/handlers_auth.go

@@ -126,6 +126,14 @@ func (h *authHandler) Signup(w http.ResponseWriter, r *http.Request) {
 
 	qtx := h.db.WithTx(tx)
 
+	// The first user to sign up becomes a platform admin.
+	userCount, err := qtx.CountUsers(ctx)
+	if err != nil {
+		writeError(w, http.StatusInternalServerError, "db_error", "failed to check user count")
+		return
+	}
+	isFirstUser := userCount == 0
+
 	userID := id.NewUserID()
 	_, err = qtx.InsertUser(ctx, db.InsertUserParams{
 		ID:           userID,
@@ -143,6 +151,13 @@ func (h *authHandler) Signup(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if isFirstUser {
+		if err := qtx.SetUserAdmin(ctx, db.SetUserAdminParams{ID: userID, IsAdmin: true}); err != nil {
+			writeError(w, http.StatusInternalServerError, "db_error", "failed to set admin status")
+			return
+		}
+	}
+
 	// Create default team.
 	teamID := id.NewTeamID()
 	if _, err := qtx.InsertTeam(ctx, db.InsertTeamParams{
@@ -169,7 +184,7 @@ func (h *authHandler) Signup(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token, err := auth.SignJWT(h.jwtSecret, userID, teamID, req.Email, req.Name, "owner", false)
+	token, err := auth.SignJWT(h.jwtSecret, userID, teamID, req.Email, req.Name, "owner", isFirstUser)
 	if err != nil {
 		writeError(w, http.StatusInternalServerError, "internal_error", "failed to generate token")
 		return

internal/api/handlers_snapshots.go

@@ -38,8 +38,8 @@ func newSnapshotHandler(svc *service.TemplateService, db *db.Queries, pool *life
 // deleteSnapshotBroadcast attempts to delete snapshot files on all online hosts.
 // Snapshots aren't currently host-tracked in the DB, so we broadcast to all hosts
 // and ignore NotFound errors.
-func (h *snapshotHandler) deleteSnapshotBroadcast(ctx context.Context, teamID, templateID pgtype.UUID) error {
-	hosts, err := h.db.ListActiveHosts(ctx)
+func deleteSnapshotBroadcast(ctx context.Context, queries *db.Queries, pool *lifecycle.HostClientPool, teamID, templateID pgtype.UUID) error {
+	hosts, err := queries.ListActiveHosts(ctx)
 	if err != nil {
 		return fmt.Errorf("list hosts: %w", err)
 	}
@@ -47,7 +47,7 @@ func (h *snapshotHandler) deleteSnapshotBroadcast(ctx context.Context, teamID, t
 		if host.Status != "online" {
 			continue
 		}
-		agent, err := h.pool.GetForHost(host)
+		agent, err := pool.GetForHost(host)
 		if err != nil {
 			continue
 		}
@@ -141,7 +141,7 @@ func (h *snapshotHandler) Create(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		// Delete old snapshot files from all hosts before removing the DB record.
-		if err := h.deleteSnapshotBroadcast(ctx, existing.TeamID, existing.ID); err != nil {
+		if err := deleteSnapshotBroadcast(ctx, h.db, h.pool, existing.TeamID, existing.ID); err != nil {
 			writeError(w, http.StatusInternalServerError, "agent_error", "failed to delete existing snapshot files")
 			return
 		}
@@ -279,7 +279,7 @@ func (h *snapshotHandler) Delete(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if err := h.deleteSnapshotBroadcast(ctx, tmpl.TeamID, tmpl.ID); err != nil {
+	if err := deleteSnapshotBroadcast(ctx, h.db, h.pool, tmpl.TeamID, tmpl.ID); err != nil {
 		writeError(w, http.StatusInternalServerError, "agent_error", "failed to delete snapshot files")
 		return
 	}

internal/api/middleware_admin.go

@@ -5,8 +5,23 @@ import (
 
 	"git.omukk.dev/wrenn/wrenn/internal/auth"
 	"git.omukk.dev/wrenn/wrenn/internal/db"
+	"git.omukk.dev/wrenn/wrenn/internal/id"
 )
 
+// injectPlatformTeam overwrites the AuthContext's TeamID with the platform
+// sentinel UUID. This lets existing team-scoped handlers (exec, files, pty,
+// metrics) work unchanged under admin routes. Must run after requireAdmin.
+func injectPlatformTeam() func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			ac := auth.MustFromContext(r.Context())
+			ac.TeamID = id.PlatformTeamID
+			ctx := auth.WithAuthContext(r.Context(), ac)
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
 // requireAdmin validates that the authenticated user is a platform admin.
 // Must run after requireJWT (depends on AuthContext being present).
 // Re-validates against the DB — the JWT is_admin claim is for UI only;

internal/api/middleware_jwt.go

@@ -8,18 +8,21 @@ import (
 	"git.omukk.dev/wrenn/wrenn/internal/id"
 )
 
-// requireJWT validates the Authorization: Bearer <token> header, verifies the JWT
-// signature and expiry, and stamps UserID + TeamID + Email into the request context.
+// requireJWT validates a JWT from the Authorization: Bearer header or the
+// ?token= query parameter (for WebSocket connections that cannot send headers).
 func requireJWT(secret []byte) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			header := r.Header.Get("Authorization")
-			if !strings.HasPrefix(header, "Bearer ") {
+			var tokenStr string
+			if header := r.Header.Get("Authorization"); strings.HasPrefix(header, "Bearer ") {
+				tokenStr = strings.TrimPrefix(header, "Bearer ")
+			} else if t := r.URL.Query().Get("token"); t != "" {
+				tokenStr = t
+			}
+			if tokenStr == "" {
 				writeError(w, http.StatusUnauthorized, "unauthorized", "Authorization: Bearer <token> required")
 				return
 			}
-
-			tokenStr := strings.TrimPrefix(header, "Bearer ")
 			claims, err := auth.VerifyJWT(secret, tokenStr)
 			if err != nil {
 				writeError(w, http.StatusUnauthorized, "unauthorized", "invalid or expired token")

internal/api/server.go

@@ -74,6 +74,7 @@ func New(
 	buildH := newBuildHandler(buildSvc, queries, pool)
 	channelH := newChannelHandler(channelSvc, al)
 	ptyH := newPtyHandler(queries, pool)
+	adminCapsules := newAdminCapsuleHandler(sandboxSvc, queries, pool, al)
 
 	// OpenAPI spec and docs.
 	r.Get("/openapi.yaml", serveOpenAPI)
@@ -207,6 +208,23 @@ func New(
 		r.Get("/builds", buildH.List)
 		r.Get("/builds/{id}", buildH.Get)
 		r.Post("/builds/{id}/cancel", buildH.Cancel)
+		r.Post("/capsules", adminCapsules.Create)
+		r.Get("/capsules", adminCapsules.List)
+		r.Route("/capsules/{id}", func(r chi.Router) {
+			r.Use(injectPlatformTeam())
+			r.Get("/", adminCapsules.Get)
+			r.Delete("/", adminCapsules.Destroy)
+			r.Post("/snapshot", adminCapsules.Snapshot)
+			r.Post("/exec", exec.Exec)
+			r.Get("/exec/stream", execStream.ExecStream)
+			r.Post("/files/write", files.Upload)
+			r.Post("/files/read", files.Download)
+			r.Post("/files/list", fsH.ListDir)
+			r.Post("/files/mkdir", fsH.MakeDir)
+			r.Post("/files/remove", fsH.Remove)
+			r.Get("/metrics", metricsH.GetMetrics)
+			r.Get("/pty", ptyH.PtySession)
+		})
 	})
 
 	return &Server{router: r, BuildSvc: buildSvc}

internal/db/users.sql.go

@@ -11,6 +11,17 @@ import (
 	"github.com/jackc/pgx/v5/pgtype"
 )
 
+const countUsers = `-- name: CountUsers :one
+SELECT COUNT(*) FROM users
+`
+
+func (q *Queries) CountUsers(ctx context.Context) (int64, error) {
+	row := q.db.QueryRow(ctx, countUsers)
+	var count int64
+	err := row.Scan(&count)
+	return count, err
+}
+
 const deleteAdminPermission = `-- name: DeleteAdminPermission :exec
 DELETE FROM admin_permissions WHERE user_id = $1 AND permission = $2
 `