[nightshift] idea-generator

[nightshift-micr]

Nightshift Idea Generator — Microck/tailstick

Analysis of the tailstick codebase for enhancement ideas, feature opportunities, and quality improvements.

---

💡 High-Value Ideas

1. Lease Status Dashboard / Web UI

Severity: P2 (Enhancement) | Effort: Medium

tailstick already has a gui subcommand with internal/gui/server.go for browser-based enrollment. Extend this to show a live lease dashboard — current leases, their status, expiration countdowns, and quick cleanup actions. The existing model.LocalState and state.Load() provide all the data needed.

Files: internal/gui/server.go, internal/gui/index.html

2. Lease History & Expiry Notifications

Severity: P2 (Enhancement) | Effort: Low

The agent (AgentRun) reconciles every minute but has no notification mechanism. Add optional desktop notifications (via notify-send on Linux, toast on Windows) when a lease is about to expire (e.g., 1 hour before) or when cleanup completes. This gives operators visibility without checking the CLI.

Files: internal/app/workflow.go (in AgentOnce)

3. Multi-Config Support / Named Profiles

Severity: P2 (Enhancement) | Effort: Medium

Currently a single tailstick.config.json is loaded. For operators managing multiple tailnets or environments (staging vs production), support named config profiles: --config-profile=production that resolves to a named config path. This avoids manual --config flag management.

Files: internal/config/config.go, internal/app/cli.go

4. tailstick status Command

Severity: P2 (Enhancement) | Effort: Low

Add a top-level status subcommand that shows active leases, their modes, expiration times, and the agent's last reconciliation result — without requiring elevated privileges. Currently, operators need to parse the state JSON file manually.

Files: internal/app/cli.go (add runStatus)

5. Lease Annotations / Tags

Severity: P3 (Nice-to-have) | Effort: Low

Add optional --tags and --note flags to enrollment. Store these in LeaseRecord and include them in audit entries. Useful for operators to annotate why a lease was created (e.g., --tags=incident-1234 --note="emergency remote access for vendor").

Files: internal/model/types.go (extend LeaseRecord and RuntimeOptions)

---

🔧 Quality & DX Improvements

6. Structured Logging Migration

Severity: P3 (Nice-to-have) | Effort: Low

The internal/logging/logger.go appears to use a custom format. Consider emitting structured JSON logs (or offering a --log-format=json flag) to integrate with log aggregation tools (Grafana Loki, Datadog).

Files: internal/logging/logger.go

7. Shell Completions

Severity: P3 (Nice-to-have) | Effort: Low

Generate bash/zsh/fish shell completions for the CLI. The flag package makes this straightforward, and it significantly improves operator experience for the many flags on run (preset, mode, channel, days, etc.).

Files: internal/app/cli.go (add completion subcommand)

8. Configuration Validation Command

Severity: P2 (Enhancement) | Effort: Low

Add tailstick validate-config that checks the config file for common errors: missing required fields, unresolved secret references, orphaned preset IDs, invalid lease durations. Catch misconfiguration before enrollment attempts.

Files: internal/config/config.go (add Validate function)

9. Retry Logic for Tailscale API Calls

Severity: P2 (Reliability) | Effort: Low

In cleanupRecord, tailscale.DeleteDevice is called once with a 10-second timeout. Network blips could cause permanent cleanup_failed status. Add simple retry logic (2-3 attempts with backoff) for the device deletion API call.

Files: internal/app/workflow.go:344-348, internal/tailscale/client.go

10. State File Locking

Severity: P2 (Reliability) | Effort: Medium

Multiple tailstick processes could race on the state file (e.g., operator runs enrollment while agent is reconciling). Add file-level locking (flock on Linux, LockFileEx on Windows) to prevent corruption.

Files: internal/state/store.go

---

🚀 Advanced / Strategic

11. Export Lease Metrics (Prometheus/OpenMetrics)

Severity: P3 (Nice-to-have) | Effort: Medium

Expose a /metrics endpoint (or write to a .prom textfile) with counters for active leases, cleanup successes/failures, and enrollment counts. Integrates with existing monitoring stacks.

Files: New internal/metrics/ package

12. Config Hot-Reload

Severity: P3 (Nice-to-have) | Effort: Medium

The agent reloads config on every reconciliation pass via resolveCleanupFromConfig/resolvePresetFromConfig. Make this explicit with fsnotify-based hot-reload — reload config when the file changes rather than on every tick. Reduces unnecessary disk I/O.

Files: internal/app/workflow.go (in AgentRun)

13. macOS Support

Severity: P3 (Nice-to-have) | Effort: High

tailstick currently supports Linux (systemd) and Windows (scheduled tasks). macOS is the obvious gap — use launchd for the agent and osascript for elevation prompts. The Go code already uses runtime.GOOS switches, making this architecturally clean to add.

Files: internal/platform/platform.go, internal/app/workflow.go (add macOS agent install/uninstall)

---

Summary

#	Idea	Impact	Effort	Priority
1	Lease Status Dashboard	High	Medium	P2
2	Expiry Notifications	Medium	Low	P2
3	Multi-Config Profiles	Medium	Medium	P2
4	tailstick status Command	High	Low	P2
5	Lease Annotations/Tags	Low	Low	P3
6	Structured Logging	Low	Low	P3
7	Shell Completions	Low	Low	P3
8	Config Validation	Medium	Low	P2
9	API Retry Logic	Medium	Low	P2
10	State File Locking	Medium	Medium	P2
11	Prometheus Metrics	Medium	Medium	P3
12	Config Hot-Reload	Low	Medium	P3
13	macOS Support	High	High	P3

Top 3 recommended next steps: tailstick status command (#4), API retry logic (#9), config validation (#8) — all low effort, high value, and directly improve operator reliability.

---

Generated by Nightshift v3 (GLM 5.1) — idea-generator task