v0.9.0 Remote workbench MVP: AWS Lightsail, Telegram bridge, and safe edge

[Hmbown]

Problem

CodeWhale should have a practical remote path for a user who wants an always-on VM and phone control. Existing remote issues discuss Tencent/CNB/Feishu and a US-first AWS/Telegram lane, but the v0.9.0 milestone needs a concrete MVP issue agents can execute.

Scope

Build or document a minimal remote workbench path:

• Host:
  • default recommendation: AWS Lightsail Ubuntu VM for US users unless research proves a better default
  • compare briefly against DigitalOcean, GCP Compute Engine, Cloud Run, Railway/Fly/Render, and Tencent Lighthouse
• Runtime:
  • install/rebuild CodeWhale from source or release artifact
  • run CodeWhale HTTP/control surface bound to localhost/private interface by default
  • systemd service or tmux-based fallback with restart and logs
• Bridge:
  • Telegram bot bridge first, using allowlisted chat IDs
  • support status, resume/session select, interrupt, approval request/response, and tail/log snippets
  • separate Telegram token, runtime token, provider API keys, and webhook secrets
• Edge:
  • Cloudflare Tunnel or equivalent only exposes the narrow bridge/webhook, not raw runtime APIs
  • long polling is acceptable for first MVP if webhook/tunnel is not ready
• Docs:
  • setup, rollback, uninstall, cost cleanup, threat model, and secret redaction

Related

• Remote workbench: make CNB, Lighthouse, and Feishu feel like one flow #1984 remote workbench CNB/Lighthouse/Feishu flow
• Remote workbench: evaluate US-first Cloudflare/AWS/Telegram lane #1990 US-first Cloudflare/AWS/Telegram evaluation
• Feishu/Lark bot: chat-platform frontend over existing runtime API #757 Feishu/Lark bot
• Research: Feishu-first mobile companion; defer Replit-in-WeChat #758 mobile companion research
• EPIC: Web version (local web UI and share-link roadmap) #481 Web version / local web UI
• EPIC: Share-link mode (Option B, follow-up) #479 share-link mode

Acceptance criteria

• A fresh Lightsail Ubuntu VM can install and run CodeWhale from documented commands.
• A Telegram allowlisted chat can request status and send at least one control action without exposing secrets.
• Raw CodeWhale runtime APIs are not public by default.
• Docs include exact firewall/security group requirements.
• Docs include cost cleanup: stop/delete VM, snapshots, tunnels, tokens.
• The issue records whether Railway/Cloud Run/Render are unsuitable for the persistent runtime, suitable only for bridge/webhook, or worth follow-up.