lean-host-mcp 0.4.0

MCP server hosting Lean 4 via a supervised lean-rs-worker child
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257

//! Optional TOML config file holding every tunable knob.
//!
//! One file can set the runtime/worker, broker/pool, and server/transport
//! knobs that are otherwise `LEAN_HOST_MCP_*` env vars, plus the existing
//! `primary_project`. Discovery prefers a project-local `lean-host-mcp.toml`
//! (found by walking up from the invocation cwd, like the lakefile) and falls
//! back to the home file `<config-dir>/lean-host-mcp/config.toml`. When both
//! exist they merge **per key** (local overlays home), so a project file need
//! only restate the knobs it changes.
//!
//! The file is one layer in the precedence stack `CLI > env > file > default`:
//! every field here is `Option`, and a present env var still wins over a file
//! value (see `ProjectRuntimeConfig::from_env_with_file` /
//! `BrokerConfig::pool_from_env_with_file`). Missing files and parse failures
//! are non-fatal — a malformed file is logged and ignored, leaving env + the
//! built-in defaults in charge.

use std::path::{Path, PathBuf};

use serde::Deserialize;

/// Project-local file name, discovered by walking up from the cwd. Also the
/// default destination `config init` writes to.
pub(crate) const LOCAL_FILE_NAME: &str = "lean-host-mcp.toml";

/// Merged view of the config file(s). All fields optional: an absent field
/// defers to the env var, then the built-in default.
#[derive(Debug, Default, Deserialize)]
pub struct ConfigFile {
    /// Default Lake project for calls without a `project=` argument. Kept for
    /// backward compatibility with the original `primary_project`-only file.
    pub primary_project: Option<PathBuf>,
    #[serde(default)]
    pub runtime: RuntimeFileConfig,
    #[serde(default)]
    pub broker: BrokerFileConfig,
    #[serde(default)]
    pub server: ServerFileConfig,
    #[serde(default)]
    pub telemetry: TelemetryFileConfig,
    #[serde(default)]
    pub output: OutputFileConfig,
}

/// `[runtime]` — worker policy knobs (mirrors `ProjectRuntimeConfig`).
#[derive(Debug, Default, Deserialize)]
pub struct RuntimeFileConfig {
    pub worker_rss_post_job_restart_kib: Option<u64>,
    pub worker_rss_hard_kill_kib: Option<u64>,
    pub worker_rss_sample_millis: Option<u64>,
    pub import_switch_rss_soft_kib: Option<u64>,
    pub module_cache_rss_guard_kib: Option<u64>,
    pub module_cache_max_bytes: Option<u64>,
    pub request_timeout_millis: Option<u64>,
    pub project_mailbox_capacity: Option<usize>,
    pub worker_restart_limit: Option<usize>,
    pub worker_restart_window_secs: Option<u64>,
}

/// `[broker]` — project-pool and semantic-admission knobs.
#[derive(Debug, Default, Deserialize)]
pub struct BrokerFileConfig {
    pub max_projects: Option<usize>,
    pub idle_timeout_secs: Option<u64>,
    pub semantic_permits: Option<usize>,
    pub semantic_waiters: Option<usize>,
    pub semantic_admission_timeout_millis: Option<u64>,
    pub semantic_lock_dir: Option<PathBuf>,
}

/// `[server]` — transport knobs.
///
/// `lake_root` is intentionally absent: the project default lives in the
/// top-level `primary_project` key. `bind` is a raw string (e.g.
/// `"127.0.0.1:8765"`); the binary parses and validates it as a `SocketAddr`,
/// so this library schema stays free of transport types.
#[derive(Debug, Default, Deserialize)]
pub struct ServerFileConfig {
    pub bind: Option<String>,
    pub http_path: Option<String>,
    /// Which field of the tool result carries the envelope: `text` (default),
    /// `structured`, or `both`. See `crate::tools::ResponseCarrier`.
    pub response_carrier: Option<String>,
}

/// `[telemetry]` — how much operational telemetry the model-facing envelope
/// carries (`quiet` default, or `full`). See `crate::tools::TelemetryVerbosity`.
#[derive(Debug, Default, Deserialize)]
pub struct TelemetryFileConfig {
    pub verbosity: Option<String>,
}

/// `[output]` — server-wide output budget overrides.
///
/// These replace the former per-call `max_field_bytes` / `max_total_bytes` /
/// `heartbeat_limit` request arguments. Each is optional: unset keeps the
/// per-tool built-in default.
#[derive(Debug, Default, Deserialize)]
pub struct OutputFileConfig {
    pub max_field_bytes: Option<u32>,
    pub max_total_bytes: Option<u32>,
    pub heartbeat_limit: Option<u64>,
}

impl ConfigFile {
    /// Load and merge the home and project-local files. Home is the base; the
    /// nearest `lean-host-mcp.toml` at or above `cwd` overlays it per key. A
    /// missing file contributes nothing; a malformed file is logged and
    /// skipped. Never fails: the worst case is an empty config (env + defaults).
    #[must_use]
    pub fn load(cwd: &Path) -> Self {
        let mut merged = toml::Value::Table(toml::Table::new());
        if let Some(home) = home_config_path()
            && let Some(value) = read_toml(&home)
        {
            merge_toml(&mut merged, value);
        }
        if let Some(local) = walk_up_for(cwd, LOCAL_FILE_NAME)
            && let Some(value) = read_toml(&local)
        {
            merge_toml(&mut merged, value);
        }
        match merged.try_into() {
            Ok(config) => config,
            Err(err) => {
                tracing::warn!(error = %err, "merged config did not match the schema; ignoring it");
                Self::default()
            }
        }
    }
}

/// `<config-dir>/lean-host-mcp/config.toml`. `LEAN_HOST_MCP_CONFIG_DIR`
/// overrides the base dir (used by the test suite to avoid the developer's
/// real config). Shared with `config init --home`, so discovery and
/// generation target the same path.
pub(crate) fn home_config_path() -> Option<PathBuf> {
    let base = std::env::var_os("LEAN_HOST_MCP_CONFIG_DIR")
        .map(PathBuf::from)
        .or_else(dirs::config_dir)?;
    Some(base.join("lean-host-mcp").join("config.toml"))
}

/// Walk upward from `start` looking for `filename`; return the first match.
fn walk_up_for(start: &Path, filename: &str) -> Option<PathBuf> {
    let mut cur: Option<&Path> = Some(start);
    while let Some(dir) = cur {
        let candidate = dir.join(filename);
        if candidate.is_file() {
            return Some(candidate);
        }
        cur = dir.parent();
    }
    None
}

/// Read and parse one TOML file. Missing file → `None` (silent); parse error
/// → `None` with a warning, so a typo in one file can't take down startup.
fn read_toml(path: &Path) -> Option<toml::Value> {
    let contents = std::fs::read_to_string(path).ok()?;
    match toml::from_str::<toml::Value>(&contents) {
        Ok(value) => Some(value),
        Err(err) => {
            tracing::warn!(path = %path.display(), error = %err, "config file parse failed; ignoring");
            None
        }
    }
}

/// Deep-merge `overlay` onto `base` in place: tables merge key-by-key
/// (recursing), any non-table value replaces wholesale. So `[runtime]` in a
/// local file overrides only the keys it sets, leaving sibling home keys.
fn merge_toml(base: &mut toml::Value, overlay: toml::Value) {
    match (base, overlay) {
        (toml::Value::Table(base_table), toml::Value::Table(overlay_table)) => {
            for (key, value) in overlay_table {
                match base_table.get_mut(&key) {
                    Some(existing) => merge_toml(existing, value),
                    None => {
                        base_table.insert(key, value);
                    }
                }
            }
        }
        (slot, value) => *slot = value,
    }
}

#[cfg(test)]
#[allow(
    clippy::unwrap_used,
    clippy::panic,
    reason = "tests assert the branch under test directly"
)]
mod tests {
    use super::*;

    #[test]
    fn merge_overlays_local_over_home_per_key() {
        let mut base = toml::from_str::<toml::Value>(
            "primary_project = \"/home/proj\"\n[runtime]\nworker_rss_post_job_restart_kib = 5\n[broker]\nmax_projects = 8\n",
        )
        .unwrap();
        let overlay = toml::from_str::<toml::Value>(
            "[runtime]\nworker_rss_post_job_restart_kib = 8\nworker_rss_hard_kill_kib = 16\n",
        )
        .unwrap();
        merge_toml(&mut base, overlay);
        let config: ConfigFile = base.try_into().unwrap();

        // Local overrode the one runtime key it set...
        assert_eq!(config.runtime.worker_rss_post_job_restart_kib, Some(8));
        // ...added its own...
        assert_eq!(config.runtime.worker_rss_hard_kill_kib, Some(16));
        // ...and left untouched home keys (runtime sibling + other sections) intact.
        assert_eq!(config.broker.max_projects, Some(8));
        assert_eq!(config.primary_project.as_deref(), Some(Path::new("/home/proj")));
    }

    #[test]
    fn full_example_parses() {
        let config: ConfigFile = toml::from_str::<toml::Value>(
            "[runtime]\nworker_rss_post_job_restart_kib = 8388608\nworker_restart_window_secs = 60\n\
             [broker]\nmax_projects = 4\nsemantic_permits = 1\n\
             [server]\nbind = \"127.0.0.1:8765\"\nhttp_path = \"/mcp\"\n",
        )
        .unwrap()
        .try_into()
        .unwrap();

        assert_eq!(config.runtime.worker_rss_post_job_restart_kib, Some(8_388_608));
        assert_eq!(config.broker.max_projects, Some(4));
        assert_eq!(config.server.bind.as_deref(), Some("127.0.0.1:8765"));
        assert_eq!(config.server.http_path.as_deref(), Some("/mcp"));
    }

    #[test]
    fn empty_config_is_all_none() {
        let config = ConfigFile::default();
        assert!(config.primary_project.is_none());
        assert!(config.runtime.worker_rss_post_job_restart_kib.is_none());
        assert!(config.broker.max_projects.is_none());
        assert!(config.server.bind.is_none());
    }

    #[test]
    fn walk_up_finds_nearest_then_ancestor() {
        let tmp = std::env::temp_dir().join(format!("lhm-cfg-walk-{}", std::process::id()));
        let nested = tmp.join("a").join("b");
        std::fs::create_dir_all(&nested).unwrap();
        std::fs::write(tmp.join(LOCAL_FILE_NAME), "max_projects_unused = 1\n").unwrap();
        // No file in nested or a/: walk-up should find the one at tmp.
        let found = walk_up_for(&nested, LOCAL_FILE_NAME).unwrap();
        assert_eq!(found, tmp.join(LOCAL_FILE_NAME));
        std::fs::remove_dir_all(&tmp).ok();
    }
}