@camstack/addon-tailscale-ingress 0.1.4 → 0.1.5

package/dist/tailscale-ingress.addon.mjs

@@ -4617,7 +4617,7 @@ function _instanceof(cls, params = {}) {
 	return inst;
 }
 //#endregion
-//#region ../types/dist/index-Ce7RZWP4.mjs
+//#region ../types/dist/index-CWhQOnm9.mjs
 var MODEL_FORMATS = [
 	"onnx",
 	"coreml",
@@ -8226,42 +8226,6 @@ method(object({
 	username: string(),
 	password: string()
 }), AuthResultSchema.nullable(), { kind: "mutation" }), method(object({ state: string() }), string()), method(record(string(), string()), AuthResultSchema, { kind: "mutation" }), method(object({ token: string() }), AuthResultSchema.nullable());
-var AuthProviderInfoSchema = object({
-	/** Stable id matching the addon id (used for `getLoginUrl({addonId,…})`). */
-	addonId: string(),
-	/**
-	* Per-instance id when one addon registers multiple "logical"
-	* providers (e.g. OIDC with Google + Microsoft + custom). The login
-	* URL becomes `/addon/${addonId}/${instanceId}/start` — handler reads
-	* `:instanceId` from the route. Empty/unset means the addon is a
-	* single-instance provider; the URL is `/addon/${addonId}/start`.
-	*/
-	instanceId: string().optional(),
-	/** Display label shown on the login button + admin row. */
-	displayName: string(),
-	/** Optional iconography hint (lucide-react icon name OR emoji). */
-	icon: string().optional(),
-	/** When true, the provider exposes a redirect-based login flow
-	*  (`getLoginUrl` returns a URL the browser navigates to). */
-	hasRedirectFlow: boolean(),
-	/** When true, the provider exposes a credential-form login flow
-	*  (`validateCredentials` accepts username + password). */
-	hasCredentialFlow: boolean(),
-	/** Provider kind, drives admin-UI hint dispatch (oidc / saml / totp / …). */
-	kind: string().optional(),
-	/** Operator-facing status string (e.g. "Connected to https://login.acme.com"). */
-	status: string().optional(),
-	/** When false, the provider is registered but disabled by config; the
-	*  UI surfaces it as inactive without enumerating it for login. */
-	enabled: boolean()
-});
-method(_void(), array(AuthProviderInfoSchema).readonly()), method(object({
-	addonId: string(),
-	enabled: boolean()
-}), object({ success: literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var NetworkEndpointSchema = object({
 	url: string(),
 	hostname: string(),
@@ -8290,7 +8254,6 @@ var networkAccessCapability = {
 	name: "network-access",
 	scope: "system",
 	mode: "collection",
-	internal: true,
 	providerKind: "ingress",
 	methods: {
 		start: method(_void(), NetworkEndpointSchema, { kind: "mutation" }),
@@ -8298,40 +8261,13 @@ var networkAccessCapability = {
 		getEndpoint: method(_void(), NetworkEndpointSchema.nullable()),
 		getStatus: method(_void(), NetworkAccessStatusSchema),
 		/**
-		* Enumerate every active ingress entry. Default implementation (when
-		* the provider omits this method) is derived from `getEndpoint()` —
-		* see the remote-access orchestrator for the fallback path.
+		* Enumerate every active ingress entry. Providers that expose only a
+		* single endpoint may omit this method; callers fall back to
+		* `getEndpoint()` in that case.
 		*/
 		listEndpoints: method(_void(), array(NetworkEndpointEntrySchema).readonly())
 	}
 };
-var RemoteAccessEndpointSchema = object({
-	url: string(),
-	hostname: string(),
-	port: number(),
-	protocol: _enum(["http", "https"])
-});
-var RemoteAccessProviderInfoSchema = object({
-	/** Stable id matching the addon id. */
-	addonId: string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: string(),
-	/** When false, the provider is registered but disabled. */
-	enabled: boolean(),
-	/** True when the underlying tunnel/connection is up. */
-	connected: boolean(),
-	/** Public-facing endpoint, when connected. Null otherwise. */
-	endpoint: RemoteAccessEndpointSchema.nullable(),
-	/** Last error message (when connected=false), if available. */
-	error: string().optional()
-});
-method(_void(), array(RemoteAccessProviderInfoSchema).readonly()), method(object({ addonId: string() }), RemoteAccessEndpointSchema, {
-	kind: "mutation",
-	auth: "admin"
-}), method(object({ addonId: string() }), object({ success: literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var TurnServerSchema = object({
 	/** Single URL or list of URLs (e.g. "turn:turn.example.com:3478?transport=udp"). */
 	urls: union([string(), array(string())]),
@@ -8339,33 +8275,6 @@ var TurnServerSchema = object({
 	credential: string().optional()
 });
 method(_void(), array(TurnServerSchema).readonly());
-var TurnProviderInfoSchema = object({
-	/** Stable id matching the addon id. */
-	addonId: string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: string(),
-	/** When false, the provider is registered but disabled. */
-	enabled: boolean(),
-	/** Number of servers this provider is currently exposing. */
-	serverCount: number(),
-	/**
-	* Flat list of every TURN/STUN URL this provider currently exposes.
-	* One row per URL (multi-URL ICE server entries are flattened). The
-	* admin UI shows this in a compact per-provider list so operators
-	* can verify what's actually being negotiated without having to dig
-	* into the combined `getAllServers` output.
-	*/
-	urls: array(string()).readonly(),
-	/** Last fetch error (when serverCount=0 due to API failure), if any. */
-	error: string().optional()
-});
-method(_void(), array(TurnProviderInfoSchema).readonly()), method(_void(), array(TurnServerSchema).readonly()), method(object({
-	addonId: string(),
-	enabled: boolean()
-}), object({ success: literal(true) }), {
-	kind: "mutation",
-	auth: "admin"
-});
 var SnapshotImageSchema = object({
 	base64: string(),
 	contentType: string()
@@ -9459,7 +9368,7 @@ method(_void(), ListResultSchema), method(_void(), PreferredSchema), method(obje
 	*  tunnel always emits `https://` regardless. */
 	scheme: _enum(["http", "https"]).optional()
 }), GetConnectionEndpointsResultSchema), method(_void(), AllowedAddressesSchema), method(AllowedAddressesSchema, object({ success: literal(true) }), { kind: "mutation" }), method(_void(), AllowedAddressesSchema, { kind: "mutation" });
-var MeshEndpointSchema$1 = object({
+var MeshEndpointSchema = object({
 	/** Stable identifier within the provider (e.g. `mesh-ipv4`, `magicdns`, `funnel`). */
 	id: string(),
 	/** Operator-facing label (e.g. "Mesh IPv4", "MagicDNS"). */
@@ -9536,7 +9445,7 @@ var MeshStatusSchema = object({
 	/** Number of peers visible to this host (excluding self). */
 	peerCount: number(),
 	/** Every endpoint this provider exposes for the current host. */
-	endpoints: array(MeshEndpointSchema$1).readonly(),
+	endpoints: array(MeshEndpointSchema).readonly(),
 	/** Last error from the daemon, when not joined. */
 	error: string().optional(),
 	/**
@@ -9611,51 +9520,6 @@ authKey: string().optional() }), object({
 	/** Human-readable error when `ok: false`. */
 	error: string().optional()
 }), { kind: "mutation" });
-var MeshEndpointSchema = object({
-	id: string(),
-	label: string(),
-	scope: _enum(["mesh", "public"]),
-	url: string(),
-	hostname: string(),
-	port: number(),
-	protocol: _enum(["http", "https"])
-});
-var MeshProviderInfoSchema = object({
-	/** Stable id matching the addon id. */
-	addonId: string(),
-	/** Display label shown on the admin row — sourced from the addon manifest. */
-	displayName: string(),
-	/** True when the host is joined to this provider's mesh. */
-	joined: boolean(),
-	/** Local mesh IP (empty when not joined). */
-	meshIp: string(),
-	/** MagicDNS / mesh hostname (empty when not configured). */
-	magicDnsHostname: string(),
-	/** Peer count (excluding self). */
-	peerCount: number(),
-	/** Active endpoints (mesh IP + MagicDNS + optional public Funnel). */
-	endpoints: array(MeshEndpointSchema).readonly(),
-	/** Last error reported by the provider. */
-	error: string().optional(),
-	/** Tenant / tailnet / network display name. Empty pre-join. */
-	tenantName: string(),
-	/** Mesh DNS suffix (e.g. tailXXXX.ts.net). Empty when not configured. */
-	magicDnsSuffix: string(),
-	/** Authenticated user / account login. Null for token-only providers. */
-	userLogin: string().nullable(),
-	/** Provider control-plane URL. */
-	controlPlaneUrl: string(),
-	/** Machine-key expiry (epoch ms). Null when keys don't rotate. */
-	keyExpiry: number().nullable()
-});
-method(_void(), array(MeshProviderInfoSchema).readonly()), method(object({
-	addonId: string(),
-	authKey: string().min(8),
-	hostname: string().optional()
-}), object({ joined: literal(true) }), { kind: "mutation" }), method(object({ addonId: string() }), object({ success: literal(true) }), { kind: "mutation" }), method(object({
-	addonId: string(),
-	hostname: string().optional()
-}), object({ loginUrl: string() }), { kind: "mutation" }), method(object({ addonId: string() }), object({ loggedOut: literal(true) }), { kind: "mutation" }), method(object({ addonId: string() }), object({ peers: array(MeshPeerSchema).readonly() }));
 var MethodAccessSchema = _enum([
 	"view",
 	"create",
@@ -10345,6 +10209,13 @@ method(_void(), array(AddonListItemSchema).readonly()), method(object({
 	mode: _enum(["singleton", "collection"]),
 	isActive: boolean()
 })).readonly()), method(object({
+	capName: string().min(1),
+	addonId: string().min(1),
+	enabled: boolean()
+}), object({ success: literal(true) }), {
+	kind: "mutation",
+	auth: "admin"
+}), method(object({
 	packageName: string().min(1),
 	version: string().optional()
 }), UpdateFrameworkPackageResultSchema, {
@@ -11030,6 +10901,12 @@ Object.freeze({
 		addonId: null,
 		access: "create"
 	},
+	"addons.setCapabilityProviderEnabled": {
+		capName: "addons",
+		capScope: "system",
+		addonId: null,
+		access: "create"
+	},
 	"addons.uninstallPackage": {
 		capName: "addons",
 		capScope: "system",
@@ -11282,18 +11159,6 @@ Object.freeze({
 		addonId: null,
 		access: "view"
 	},
-	"authentication.listProviders": {
-		capName: "authentication",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"authentication.setProviderEnabled": {
-		capName: "authentication",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
 	"authProvider.getLoginUrl": {
 		capName: "auth-provider",
 		capScope: "system",
@@ -12140,42 +12005,6 @@ Object.freeze({
 		addonId: null,
 		access: "create"
 	},
-	"meshOrchestrator.joinProvider": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
-	"meshOrchestrator.leaveProvider": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
-	"meshOrchestrator.listProviderPeers": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"meshOrchestrator.listProviders": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"meshOrchestrator.logoutProvider": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
-	"meshOrchestrator.startLoginProvider": {
-		capName: "mesh-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
 	"metricsProvider.collectSnapshot": {
 		capName: "metrics-provider",
 		capScope: "system",
@@ -13202,24 +13031,6 @@ Object.freeze({
 		addonId: null,
 		access: "create"
 	},
-	"remoteAccess.listProviders": {
-		capName: "remote-access",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"remoteAccess.startProvider": {
-		capName: "remote-access",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
-	"remoteAccess.stopProvider": {
-		capName: "remote-access",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
 	"restreamer.getExposedResources": {
 		capName: "restreamer",
 		capScope: "system",
@@ -13778,24 +13589,6 @@ Object.freeze({
 		addonId: null,
 		access: "view"
 	},
-	"turnOrchestrator.getAllServers": {
-		capName: "turn-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"turnOrchestrator.listProviders": {
-		capName: "turn-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "view"
-	},
-	"turnOrchestrator.setProviderEnabled": {
-		capName: "turn-orchestrator",
-		capScope: "system",
-		addonId: null,
-		access: "create"
-	},
 	"turnProvider.getTurnServers": {
 		capName: "turn-provider",
 		capScope: "system",