fix: resolve 9 infrastructure bugs from stability audit

Shell Scripts:
- dream-restore.sh: Replace hardcoded config list with dynamic glob for
  compose overlays (.base.yml, .nvidia.yml, etc.) (Light-Heart-Labs#4)
- dream-update.sh: Use resolve-compose-stack.sh for container restart
  instead of hardcoded docker-compose.yml (Light-Heart-Labs#7)
- dream-update.sh: Enable dotglob in rollback to restore hidden files
  like .env and .version (Light-Heart-Labs#6)
- dream-backup.sh: Include .tar.gz archives in retention/list queries
  to prevent infinite disk accumulation (Light-Heart-Labs#9)
- dream-backup.sh: Dynamic glob for config backup (compose overlays)

Token Spy:
- compose.yaml: Add persistent volume mount for data/ directory to
  prevent SQLite data loss on container restart (#2)
- main.py: Offload blocking SSH subprocess to thread pool via
  asyncio.to_thread() to prevent event loop deadlock (#3)
- main.py: Add finally blocks in streaming generators to guarantee
  billing metrics are logged on asyncio.CancelledError (Light-Heart-Labs#8)
- db_postgres.py: Add conn.rollback() on failed SQL to prevent
  connection pool poisoning (Light-Heart-Labs#10)

Installer:
- detection.sh: Run systemd auto-resume service as root instead of
  $USER to prevent sudo password hang and permission errors (Light-Heart-Labs#11)

Author: igorls

dream-server/dream-backup.sh

@@ -68,7 +68,7 @@ list_backups() {
     local backups=()
     while IFS= read -r -d '' backup; do
         backups+=("$backup")
-    done < <(find "$BACKUP_ROOT" -maxdepth 1 -type d -name "*-*-*" -print0 2>/dev/null | sort -z -r)
+    done < <(find "$BACKUP_ROOT" -maxdepth 1 \( -type d -o -name "*.tar.gz" \) -name "*-*-*" -print0 2>/dev/null | sort -z -r)
 
     if [[ ${#backups[@]} -eq 0 ]]; then
         log_info "No backups found"
@@ -199,21 +199,11 @@ backup_config() {
     local backup_dir="$1"
     log_info "Backing up configuration..."
 
-    # Essential config files
-    local config_files=(
-        ".env"
-        "docker-compose.yml"
-        ".version"
-        "dream-preflight.sh"
-        "dream-update.sh"
-    )
-
-    for file in "${config_files[@]}"; do
-        if [[ -f "$DREAM_DIR/$file" ]]; then
-            cp "$DREAM_DIR/$file" "$backup_dir/"
-            log_success "Backed up: $file"
-        else
-            log_warn "Skipped (not found): $file"
+    # Essential config files: discover compose overlays + dotfiles dynamically
+    for file in "$DREAM_DIR"/.env "$DREAM_DIR"/.version "$DREAM_DIR"/docker-compose*.y*ml "$DREAM_DIR"/dream-preflight.sh "$DREAM_DIR"/dream-update.sh; do
+        if [[ -f "$file" ]]; then
+            cp "$file" "$backup_dir/"
+            log_success "Backed up: $(basename "$file")"
         fi
     done
 
@@ -257,7 +247,7 @@ apply_retention() {
     local backups=()
     while IFS= read -r -d '' backup; do
         backups+=("$backup")
-    done < <(find "$BACKUP_ROOT" -maxdepth 1 -type d -name "*-*-*" -print0 2>/dev/null | sort -z -r)
+    done < <(find "$BACKUP_ROOT" -maxdepth 1 \( -type d -o -name "*.tar.gz" \) -name "*-*-*" -print0 2>/dev/null | sort -z -r)
 
     local count=${#backups[@]}
     if [[ $count -gt $RETENTION_COUNT ]]; then
@@ -409,7 +399,11 @@ main() {
     fi
 
     # Check if running in Dream Server directory
-    if [[ ! -f "$DREAM_DIR/docker-compose.yml" && ! -d "$DREAM_DIR/data" ]]; then
+    local has_compose=false
+    for f in "$DREAM_DIR"/docker-compose*.y*ml; do
+        [[ -f "$f" ]] && has_compose=true && break
+    done
+    if [[ "$has_compose" == "false" && ! -d "$DREAM_DIR/data" ]]; then
         log_warn "This doesn't appear to be a Dream Server directory"
         log_warn "Expected: docker-compose.yml or data/ directory"
         read -rp "Continue anyway? [y/N] " confirm

dream-server/dream-restore.sh

@@ -229,10 +229,10 @@ dry_run_preview() {
     if [[ "$restore_config" == "true" ]]; then
         echo "Config Files to Restore:"
         echo "───────────────────────────────────────────────────────────────────"
-        local config_files=(".env" "docker-compose.yml" ".version")
-        for file in "${config_files[@]}"; do
-            if [[ -f "$backup_dir/$file" ]]; then
-                echo "  ✓ $file"
+        # Dynamically discover config files (dotfiles + compose overlays + scripts)
+        for file in "$backup_dir"/.env "$backup_dir"/.version "$backup_dir"/docker-compose*.y*ml "$backup_dir"/dream-*.sh; do
+            if [[ -f "$file" ]]; then
+                echo "  ✓ $(basename "$file")"
             fi
         done
         if [[ -d "$backup_dir/config" ]]; then
@@ -284,12 +284,11 @@ restore_config() {
     local backup_dir="$1"
     log_step "Restoring configuration..."
 
-    local config_files=(".env" "docker-compose.yml" ".version" "dream-preflight.sh" "dream-update.sh")
-
-    for file in "${config_files[@]}"; do
-        if [[ -f "$backup_dir/$file" ]]; then
-            cp "$backup_dir/$file" "$DREAM_DIR/"
-            log_success "Restored: $file"
+    # Dynamically discover config files (dotfiles + compose overlays + scripts)
+    for file in "$backup_dir"/.env "$backup_dir"/.version "$backup_dir"/docker-compose*.y*ml "$backup_dir"/dream-*.sh; do
+        if [[ -f "$file" ]]; then
+            cp "$file" "$DREAM_DIR/"
+            log_success "Restored: $(basename "$file")"
         fi
     done
 
@@ -309,13 +308,19 @@ verify_restore() {
     local all_good=true
 
     # Check critical paths
-    local critical_paths=("data/open-webui" "docker-compose.yml")
-    for path in "${critical_paths[@]}"; do
-        if [[ ! -e "$DREAM_DIR/$path" ]]; then
-            log_warn "Missing after restore: $path"
-            all_good=false
-        fi
+    # Check that at least one compose file exists (base or standalone)
+    local has_compose=false
+    for f in "$DREAM_DIR"/docker-compose*.y*ml; do
+        [[ -f "$f" ]] && has_compose=true && break
     done
+    if [[ "$has_compose" == "false" ]]; then
+        log_warn "Missing after restore: no docker-compose*.yml files found"
+        all_good=false
+    fi
+    if [[ ! -d "$DREAM_DIR/data/open-webui" ]]; then
+        log_warn "Missing after restore: data/open-webui"
+        all_good=false
+    fi
 
     if [[ "$all_good" == "true" ]]; then
         log_success "Restore verification passed"
@@ -457,7 +462,12 @@ main() {
     fi
 
     # Check if running in Dream Server directory
-    if [[ ! -f "$DREAM_DIR/docker-compose.yml" && ! -d "$DREAM_DIR/data" ]]; then
+    # Check for any compose file (standalone or overlay) or data directory
+    local has_compose=false
+    for f in "$DREAM_DIR"/docker-compose*.y*ml; do
+        [[ -f "$f" ]] && has_compose=true && break
+    done
+    if [[ "$has_compose" == "false" && ! -d "$DREAM_DIR/data" ]]; then
         log_warn "This doesn't appear to be a Dream Server directory"
         log_warn "Expected: docker-compose.yml or data/ directory"
         read -rp "Continue anyway? [y/N] " confirm

dream-server/dream-update.sh

@@ -294,11 +294,20 @@ cmd_update() {
 
     # Restart services
     log_info "Restarting services..."
-    local compose_file="${INSTALL_DIR}/docker-compose.yml"
-    if [[ -f "$compose_file" ]]; then
+    local compose_flags
+    if [[ -x "${INSTALL_DIR}/scripts/resolve-compose-stack.sh" ]]; then
+        compose_flags=$(bash "${INSTALL_DIR}/scripts/resolve-compose-stack.sh" --script-dir "$INSTALL_DIR" 2>/dev/null | tail -1)
+    fi
+    if [[ -n "${compose_flags:-}" ]]; then
+        cd "$INSTALL_DIR"
+        docker compose $compose_flags down --remove-orphans 2>/dev/null || docker-compose $compose_flags down --remove-orphans
+        docker compose $compose_flags up -d 2>/dev/null || docker-compose $compose_flags up -d
+    elif [[ -f "${INSTALL_DIR}/docker-compose.yml" ]]; then
         cd "$INSTALL_DIR"
         docker compose down --remove-orphans 2>/dev/null || docker-compose down --remove-orphans
         docker compose up -d 2>/dev/null || docker-compose up -d
+    else
+        log_warn "No compose files found. Skipping container restart."
     fi
 
     # Run health checks
@@ -372,14 +381,16 @@ cmd_rollback() {
     cd "$INSTALL_DIR"
     docker compose down 2>/dev/null || docker-compose down 2>/dev/null || true
 
-    # Restore files
+    # Restore files (enable dotglob to include .env, .version, etc.)
     log_info "Restoring configuration files..."
+    shopt -s dotglob
     for file in "$backup_path"/*; do
         if [[ -f "$file" && "$(basename "$file")" != "metadata.json" ]]; then
             cp "$file" "$INSTALL_DIR/"
             log_info "  Restored: $(basename "$file")"
         fi
     done
+    shopt -u dotglob
 
     # Restart services
     log_info "Restarting services..."

dream-server/extensions/services/token-spy/compose.yaml

@@ -10,6 +10,8 @@ services:
       - no-new-privileges:true
     ports:
       - "${TOKEN_SPY_PORT:-3005}:8080"
+    volumes:
+      - ./data/token-spy:/app/data
     environment:
       - OLLAMA_URL=${LLM_API_URL:-http://llama-server:8080}
     deploy:

dream-server/extensions/services/token-spy/db_postgres.py

@@ -135,6 +135,9 @@ def _get_or_create_agent(agent_name: str) -> UUID:
             conn.commit()
             _agent_cache[agent_name] = agent_id
             return agent_id
+    except Exception:
+        conn.rollback()
+        raise
     finally:
         _put_conn(conn)
 
@@ -205,6 +208,9 @@ def log_usage(entry: dict):
                 )
             )
             conn.commit()
+    except Exception:
+        conn.rollback()
+        raise
     finally:
         _put_conn(conn)
 

dream-server/extensions/services/token-spy/main.py

@@ -321,7 +321,7 @@ async def _poll_remote_agents():
         try:
             # Poll remote agents (SSH-based)
             for agent in REMOTE_AGENTS:
-                status = _get_remote_session_status(agent)
+                status = await asyncio.to_thread(_get_remote_session_status, agent)
                 chars = status.get("current_history_chars", 0)
                 limit = get_agent_setting(agent, "session_char_limit")
                 if limit is None or limit <= 0:
@@ -659,7 +659,9 @@ async def stream_and_capture():
             yield f"data: {json.dumps({'type': 'error', 'error': {'type': 'proxy_error', 'message': 'Upstream request failed'}})}\n\n"
         except Exception as e:
             log.error(f"Proxy stream error: {e}")
-            # Still try to log what we have
+        finally:
+            # Guarantee billing metrics are logged even on CancelledError
+            # (which is a BaseException and bypasses 'except Exception')
             if usage["input_tokens"] > 0:
                 _log_entry(
                     model, sys_analysis, msg_analysis, tools,
@@ -890,6 +892,8 @@ async def stream_and_capture():
             yield f"data: {json.dumps({'error': {'message': 'Upstream request failed', 'type': 'proxy_error'}})}\n\n"
         except Exception as e:
             log.error(f"Proxy stream error: {e}")
+        finally:
+            # Guarantee billing metrics are logged even on CancelledError
             if usage["input_tokens"] > 0:
                 _log_entry(model, sys_analysis, msg_analysis, tools, raw_body, usage, start_time, provider_name="openai", filter_result=filter_result)
 

dream-server/installers/lib/detection.sh

@@ -323,10 +323,12 @@ Wants=network-online.target
 
 [Service]
 Type=oneshot
-User=$USER
 ExecStart=/bin/bash ${SCRIPT_DIR}/install.sh ${resume_args}
 ExecStartPost=/bin/rm -f /etc/systemd/system/${svc_name}.service
 ExecStartPost=/bin/systemctl daemon-reload
+WorkingDirectory=${SCRIPT_DIR}
+Environment="HOME=${HOME}"
+Environment="USER=${USER}"
 StandardOutput=journal+console
 StandardError=journal+console