npm - @cardelli/ambit - Versions diffs - 0.1.4 → 0.2.0 - Mend

@cardelli/ambit 0.1.4 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (141) hide show

package/esm/cli/commands/create/index.d.ts +2 -0
package/esm/cli/commands/create/index.d.ts.map +1 -0
package/esm/cli/commands/create/index.js +292 -0
package/esm/cli/commands/create/machine.d.ts +33 -0
package/esm/cli/commands/create/machine.d.ts.map +1 -0
package/esm/cli/commands/create/machine.js +162 -0
package/esm/cli/commands/deploy/index.d.ts +2 -0
package/esm/cli/commands/deploy/index.d.ts.map +1 -0
package/esm/cli/commands/deploy/index.js +290 -0
package/esm/cli/commands/deploy/machine.d.ts +52 -0
package/esm/cli/commands/deploy/machine.d.ts.map +1 -0
package/esm/cli/commands/deploy/machine.js +116 -0
package/esm/cli/commands/deploy/modes.d.ts +18 -0
package/esm/cli/commands/deploy/modes.d.ts.map +1 -0
package/esm/cli/commands/deploy/modes.js +152 -0
package/esm/cli/commands/destroy/app.d.ts +2 -0
package/esm/cli/commands/destroy/app.d.ts.map +1 -0
package/esm/cli/commands/destroy/app.js +173 -0
package/esm/cli/commands/destroy/index.d.ts +2 -0
package/esm/cli/commands/destroy/index.d.ts.map +1 -0
package/esm/cli/commands/destroy/index.js +63 -0
package/esm/cli/commands/destroy/network.d.ts +2 -0
package/esm/cli/commands/destroy/network.d.ts.map +1 -0
package/esm/cli/commands/destroy/network.js +210 -0
package/esm/cli/commands/doctor.d.ts.map +1 -0
package/esm/cli/commands/doctor.js +295 -0
package/esm/{src/cli → cli}/commands/list.d.ts.map +1 -1
package/esm/{src/cli → cli}/commands/list.js +39 -54
package/esm/cli/commands/status.d.ts.map +1 -0
package/esm/cli/commands/status.js +331 -0
package/esm/cli/mod.d.ts.map +1 -0
package/esm/{src/cli → cli}/mod.js +4 -4
package/esm/deno.d.ts +4 -18
package/esm/deno.js +5 -19
package/esm/deps/jsr.io/@std/path/1.1.4/constants.d.ts +1 -1
package/esm/deps/jsr.io/@zod/zod/4.3.6/src/v4/core/json-schema-generator.d.ts +1 -1
package/esm/lib/args.d.ts +11 -0
package/esm/lib/args.d.ts.map +1 -0
package/esm/lib/args.js +28 -0
package/esm/lib/cli.d.ts +0 -2
package/esm/lib/cli.d.ts.map +1 -1
package/esm/lib/cli.js +41 -27
package/esm/lib/command.d.ts +21 -49
package/esm/lib/command.d.ts.map +1 -1
package/esm/lib/command.js +55 -95
package/esm/lib/machine.d.ts +11 -0
package/esm/lib/machine.d.ts.map +1 -0
package/esm/lib/machine.js +15 -0
package/esm/lib/output.d.ts +3 -2
package/esm/lib/output.d.ts.map +1 -1
package/esm/lib/output.js +25 -11
package/esm/lib/result.d.ts +18 -7
package/esm/lib/result.d.ts.map +1 -1
package/esm/lib/result.js +46 -1
package/esm/main.d.ts +6 -6
package/esm/main.d.ts.map +1 -1
package/esm/main.js +7 -9
package/esm/providers/fly.d.ts +81 -0
package/esm/providers/fly.d.ts.map +1 -0
package/esm/providers/fly.js +372 -0
package/esm/providers/tailscale.d.ts +31 -0
package/esm/providers/tailscale.d.ts.map +1 -0
package/esm/providers/tailscale.js +150 -0
package/esm/{src/schemas → schemas}/fly.d.ts +1 -11
package/esm/schemas/fly.d.ts.map +1 -0
package/esm/{src/schemas → schemas}/fly.js +14 -56
package/esm/{src/schemas → schemas}/tailscale.d.ts +1 -2
package/esm/schemas/tailscale.d.ts.map +1 -0
package/esm/{src/schemas → schemas}/tailscale.js +2 -3
package/esm/src/{docker/router → router}/Dockerfile +0 -11
package/esm/src/router/start.sh +101 -0
package/esm/util/constants.d.ts +13 -0
package/esm/util/constants.d.ts.map +1 -0
package/esm/util/constants.js +34 -0
package/esm/{src → util}/credentials.d.ts +0 -1
package/esm/util/credentials.d.ts.map +1 -0
package/esm/{src → util}/credentials.js +3 -5
package/esm/{src → util}/discovery.d.ts +20 -4
package/esm/util/discovery.d.ts.map +1 -0
package/esm/{src → util}/discovery.js +38 -15
package/esm/util/fly-transforms.d.ts +27 -0
package/esm/util/fly-transforms.d.ts.map +1 -0
package/esm/util/fly-transforms.js +87 -0
package/esm/{src → util}/guard.d.ts +1 -2
package/esm/util/guard.d.ts.map +1 -0
package/esm/{src → util}/guard.js +27 -27
package/esm/util/naming.d.ts +5 -0
package/esm/util/naming.d.ts.map +1 -0
package/esm/util/naming.js +12 -0
package/esm/{src → util}/resolve.d.ts +2 -3
package/esm/util/resolve.d.ts.map +1 -0
package/esm/{src → util}/resolve.js +1 -2
package/esm/util/session.d.ts +16 -0
package/esm/util/session.d.ts.map +1 -0
package/esm/util/session.js +19 -0
package/esm/util/tailscale-local.d.ts +13 -0
package/esm/util/tailscale-local.d.ts.map +1 -0
package/esm/util/tailscale-local.js +63 -0
package/esm/{src → util}/template.d.ts +2 -4
package/esm/util/template.d.ts.map +1 -0
package/esm/{src → util}/template.js +14 -17
package/package.json +1 -43
package/esm/lib/paths.d.ts +0 -3
package/esm/lib/paths.d.ts.map +0 -1
package/esm/lib/paths.js +0 -5
package/esm/src/cli/commands/create.d.ts +0 -2
package/esm/src/cli/commands/create.d.ts.map +0 -1
package/esm/src/cli/commands/create.js +0 -294
package/esm/src/cli/commands/deploy.d.ts +0 -2
package/esm/src/cli/commands/deploy.d.ts.map +0 -1
package/esm/src/cli/commands/deploy.js +0 -426
package/esm/src/cli/commands/destroy.d.ts +0 -2
package/esm/src/cli/commands/destroy.d.ts.map +0 -1
package/esm/src/cli/commands/destroy.js +0 -340
package/esm/src/cli/commands/doctor.d.ts.map +0 -1
package/esm/src/cli/commands/doctor.js +0 -141
package/esm/src/cli/commands/status.d.ts.map +0 -1
package/esm/src/cli/commands/status.js +0 -152
package/esm/src/cli/mod.d.ts.map +0 -1
package/esm/src/credentials.d.ts.map +0 -1
package/esm/src/discovery.d.ts.map +0 -1
package/esm/src/docker/router/start.sh +0 -146
package/esm/src/guard.d.ts.map +0 -1
package/esm/src/providers/fly.d.ts +0 -70
package/esm/src/providers/fly.d.ts.map +0 -1
package/esm/src/providers/fly.js +0 -411
package/esm/src/providers/tailscale.d.ts +0 -31
package/esm/src/providers/tailscale.d.ts.map +0 -1
package/esm/src/providers/tailscale.js +0 -195
package/esm/src/resolve.d.ts.map +0 -1
package/esm/src/schemas/config.d.ts +0 -5
package/esm/src/schemas/config.d.ts.map +0 -1
package/esm/src/schemas/config.js +0 -22
package/esm/src/schemas/fly.d.ts.map +0 -1
package/esm/src/schemas/tailscale.d.ts.map +0 -1
package/esm/src/template.d.ts.map +0 -1
/package/esm/{src/cli → cli}/commands/doctor.d.ts +0 -0
/package/esm/{src/cli → cli}/commands/list.d.ts +0 -0
/package/esm/{src/cli → cli}/commands/status.d.ts +0 -0
/package/esm/{src/cli → cli}/mod.d.ts +0 -0
/package/esm/src/{docker/router → router}/fly.toml +0 -0

package/esm/src/cli/commands/create.js DELETED Viewed

@@ -1,294 +0,0 @@
-// =============================================================================
-// Create Command - Create Tailscale Subnet Router on Fly.io Custom Network
-// =============================================================================
-import { parseArgs } from "../../../deps/jsr.io/@std/cli/1.0.28/mod.js";
-import { bold, randomId, readSecret } from "../../../lib/cli.js";
-import { createOutput } from "../../../lib/output.js";
-import { registerCommand } from "../mod.js";
-import { extractSubnet, getRouterTag } from "../../schemas/config.js";
-import { isPublicTld } from "../../guard.js";
-import { createFlyProvider, FlyDeployError, getRouterAppName, } from "../../providers/fly.js";
-import { createTailscaleProvider, enableAcceptRoutes, isAcceptRoutesEnabled, isTailscaleInstalled, waitForDevice, } from "../../providers/tailscale.js";
-import { getCredentialStore } from "../../credentials.js";
-import { resolveOrg } from "../../resolve.js";
-// =============================================================================
-// Create Command
-// =============================================================================
-const create = async (argv) => {
-    const args = parseArgs(argv, {
-        string: ["org", "region", "api-key", "tag"],
-        boolean: ["help", "yes", "json", "self-approve"],
-        alias: { y: "yes" },
-    });
-    if (args.help) {
-        console.log(`
-${bold("ambit create")} - Create Tailscale Subnet Router
-${bold("USAGE")}
-  ambit create <network> [options]
-${bold("OPTIONS")}
-  --org <org>         Fly.io organization slug
-  --region <region>   Fly.io region (default: iad)
-  --api-key <key>     Tailscale API access token (tskey-api-...)
-  --tag <tag>         Tailscale ACL tag for the router (default: tag:ambit-<network>)
-  --self-approve      Approve subnet routes via API (when autoApprovers not configured)
-  -y, --yes           Skip confirmation prompts
-  --json              Output as JSON
-${bold("DESCRIPTION")}
-  Deploys a Tailscale subnet router onto a Fly.io custom private network.
-  The network name becomes a TLD on your tailnet:
-    my-app.${args._[0] || "<network>"} resolves to my-app.flycast
-${bold("EXAMPLES")}
-  ambit create browsers
-  ambit create browsers --org my-org --region sea
-  ambit create browsers --self-approve
-`);
-        return;
-    }
-    const out = createOutput(args.json);
-    const networkArg = args._[0];
-    if (!networkArg || typeof networkArg !== "string") {
-        return out.die("Network Name Required. Usage: ambit create <network>");
-    }
-    const network = networkArg;
-    if (isPublicTld(network)) {
-        return out.die(`"${network}" Is a Public TLD and Cannot Be Used as a Network Name`);
-    }
-    const tag = args.tag || getRouterTag(network);
-    const selfApprove = args["self-approve"] ?? false;
-    out.blank()
-        .header("=".repeat(50))
-        .header(`  ambit Create: ${network}`)
-        .header("=".repeat(50))
-        .blank();
-    // ==========================================================================
-    // Step 1: Fly.io Authentication
-    // ==========================================================================
-    out.header("Step 1: Fly.io Configuration").blank();
-    const fly = createFlyProvider();
-    await fly.ensureInstalled();
-    const email = await fly.ensureAuth({ interactive: !args.json });
-    out.ok(`Authenticated as ${email}`);
-    const org = await resolveOrg(fly, args, out);
-    const region = args.region || "iad";
-    out.ok(`Using Region: ${region}`).blank();
-    // ==========================================================================
-    // Step 2: Tailscale Configuration
-    // ==========================================================================
-    out.header("Step 2: Tailscale Configuration").blank();
-    const credentials = getCredentialStore();
-    let apiKey = args["api-key"] || (await credentials.getTailscaleApiKey());
-    if (!apiKey) {
-        if (args.json) {
-            return out.die("--api-key Is Required in JSON Mode");
-        }
-        out.dim("ambit needs an API access token (not an auth key) to manage your tailnet.")
-            .dim("Create one at: https://login.tailscale.com/admin/settings/keys")
-            .blank();
-        apiKey = await readSecret("API access token (tskey-api-...): ");
-        if (!apiKey) {
-            return out.die("Tailscale API Access Token Required");
-        }
-    }
-    if (!apiKey.startsWith("tskey-api-")) {
-        return out.die("Invalid Token Format. Expected 'tskey-api-...' (API access token, not auth key)");
-    }
-    const tailscale = createTailscaleProvider("-", apiKey);
-    const validateSpinner = out.spinner("Validating API Access Token");
-    const isValid = await tailscale.validateApiKey();
-    if (!isValid) {
-        validateSpinner.fail("Invalid API Access Token");
-        return out.die("Failed to Validate Tailscale API Access Token");
-    }
-    validateSpinner.success("API Access Token Validated");
-    await credentials.setTailscaleApiKey(apiKey);
-    // ==========================================================================
-    // Step 2.5: Check tagOwners
-    // ==========================================================================
-    const tagOwnerSpinner = out.spinner(`Checking tagOwners for ${tag}`);
-    const hasTagOwner = await tailscale.isTagOwnerConfigured(tag);
-    if (!hasTagOwner) {
-        tagOwnerSpinner.fail(`Tag ${tag} Not Configured in tagOwners`);
-        out.blank()
-            .text(`  The tag ${tag} does not exist in your Tailscale ACL tagOwners.`)
-            .text("  Tailscale will reject auth keys for undefined tags.")
-            .blank()
-            .text("  Add this tag in your Tailscale ACL settings:")
-            .dim("  https://login.tailscale.com/admin/acls/visual/tags")
-            .blank()
-            .dim(`    "tagOwners": { "${tag}": ["autogroup:admin"] }`)
-            .blank();
-        return out.die(`Add ${tag} to tagOwners Before Creating Router`);
-    }
-    tagOwnerSpinner.success(`Tag ${tag} Configured in tagOwners`);
-    // ==========================================================================
-    // Step 2.6: Check autoApprovers
-    // ==========================================================================
-    if (!selfApprove) {
-        const autoApproverSpinner = out.spinner("Checking autoApprovers Configuration");
-        const hasAutoApprover = await tailscale.isAutoApproverConfigured(tag);
-        if (!hasAutoApprover) {
-            autoApproverSpinner.fail("autoApprovers Not Configured");
-            out.blank()
-                .text(`  The tag ${tag} is not listed in your Tailscale ACL autoApprovers.`)
-                .text("  Routes advertised by the router will not be auto-approved.")
-                .blank()
-                .text("  Either configure autoApprovers in your Tailscale ACL policy:")
-                .dim(`    "autoApprovers": { "routes": { "fdaa:X:XXXX::/48": ["${tag}"] } }`)
-                .blank()
-                .text("  Or re-run with --self-approve to approve routes via API:")
-                .dim(`    ambit create ${network} --self-approve`)
-                .blank();
-            return out.die("Configure autoApprovers or Use --self-approve");
-        }
-        autoApproverSpinner.success("autoApprovers Configured");
-    }
-    else {
-        out.info("Self-Approve Mode: Routes Will Be Approved via API");
-    }
-    out.blank();
-    // ==========================================================================
-    // Step 3: Deploy Router on Custom 6PN
-    // ==========================================================================
-    out.header("Step 3: Deploy Subnet Router").blank();
-    const routerAppName = getRouterAppName(network, randomId(6));
-    out.info(`Creating Router App: ${routerAppName}`)
-        .info(`Custom Network: ${network}`)
-        .info(`Router Tag: ${tag}`);
-    await fly.createApp(routerAppName, org, { network });
-    out.ok(`Created App: ${routerAppName}`);
-    await fly.setSecrets(routerAppName, {
-        TAILSCALE_API_TOKEN: apiKey,
-        NETWORK_NAME: network,
-        TAILSCALE_TAGS: tag,
-    }, { stage: true });
-    out.ok("Set Router Secrets");
-    const dockerDir = new URL("../../docker/router", globalThis[Symbol.for("import-meta-ponyfill-esmodule")](import.meta).url).pathname;
-    out.blank().dim("Deploying Router...");
-    try {
-        await fly.routerDeploy(routerAppName, dockerDir, { region });
-    }
-    catch (e) {
-        if (e instanceof FlyDeployError) {
-            out.dim(`  ${e.detail}`);
-            return out.die(e.message);
-        }
-        throw e;
-    }
-    out.ok("Router Deployed");
-    out.blank();
-    const joinSpinner = out.spinner("Waiting for Router to Join Tailnet");
-    const device = await waitForDevice(tailscale, routerAppName, 180000);
-    joinSpinner.success(`Router Joined Tailnet: ${device.addresses[0]}`);
-    const machines = await fly.listMachines(routerAppName);
-    const routerMachine = machines.find((m) => m.private_ip);
-    const subnet = routerMachine?.private_ip
-        ? extractSubnet(routerMachine.private_ip)
-        : null;
-    if (subnet) {
-        out.ok(`Subnet: ${subnet}`);
-    }
-    if (selfApprove && subnet) {
-        const approveSpinner = out.spinner("Approving Subnet Routes via API");
-        await tailscale.approveSubnetRoutes(device.id, [subnet]);
-        approveSpinner.success("Subnet Routes Approved via API");
-    }
-    if (device.advertisedRoutes && device.advertisedRoutes.length > 0) {
-        out.ok(`Routes: ${device.advertisedRoutes.join(", ")}`);
-    }
-    const dnsSpinner = out.spinner("Configuring Split DNS");
-    await tailscale.setSplitDns(network, [device.addresses[0]]);
-    dnsSpinner.success(`Split DNS Configured: *.${network} -> Router`);
-    // ==========================================================================
-    // Step 4: Local Client Configuration
-    // ==========================================================================
-    out.blank().header("Step 4: Local Client Configuration").blank();
-    if (await isTailscaleInstalled()) {
-        if (await isAcceptRoutesEnabled()) {
-            out.ok("Accept Routes Already Enabled");
-        }
-        else {
-            const routeSpinner = out.spinner("Enabling Accept Routes");
-            if (await enableAcceptRoutes()) {
-                routeSpinner.success("Accept Routes Enabled");
-            }
-            else {
-                routeSpinner.fail("Could Not Enable Accept Routes");
-                out.blank()
-                    .dim("Run Manually with Elevated Permissions:")
-                    .dim("  sudo tailscale set --accept-routes");
-            }
-        }
-    }
-    else {
-        out.warn("Tailscale CLI Not Found")
-            .dim("  Ensure Accept-Routes Is Enabled on This Device");
-    }
-    // ==========================================================================
-    // Done
-    // ==========================================================================
-    out.done({
-        network,
-        router: { appName: routerAppName, tailscaleIp: device.addresses[0] },
-        subnet: subnet || "unknown",
-        tag,
-    });
-    out.blank()
-        .header("=".repeat(50))
-        .header("  Router Created!")
-        .header("=".repeat(50))
-        .blank()
-        .text(`Any Flycast app on the "${network}" network is reachable as:`)
-        .text(`  <app-name>.${network}`)
-        .blank()
-        .text(`SOCKS5 proxy available at:`)
-        .text(`  socks5://[${routerMachine?.private_ip ?? "ROUTER_IP"}]:1080`)
-        .dim("Containers on this network can use it to reach your tailnet.")
-        .blank()
-        .dim("Deploy an app to this network:")
-        .dim(`  ambit deploy my-app --network ${network}`)
-        .blank()
-        .dim("Invite people to your tailnet:")
-        .dim("  https://login.tailscale.com/admin/users")
-        .dim("Control their access:")
-        .dim("  https://login.tailscale.com/admin/acls/visual/general-access-rules")
-        .blank();
-    if (subnet && selfApprove) {
-        out.header("Recommended Tailscale ACL Policy:")
-            .blank()
-            .dim("  Add these to your tailnet policy file at:")
-            .dim("  https://login.tailscale.com/admin/acls/file")
-            .blank()
-            .text(`  "tagOwners": { "${tag}": ["autogroup:admin"] }`)
-            .text(`  "autoApprovers": { "routes": { "${subnet}": ["${tag}"] } }`)
-            .blank()
-            .dim("  To restrict access, add ACL rules:")
-            .dim(`    {"action": "accept", "src": ["group:YOUR_GROUP"], "dst": ["${tag}:53"]}`)
-            .dim(`    {"action": "accept", "src": ["group:YOUR_GROUP"], "dst": ["${subnet}:*"]}`)
-            .blank();
-    }
-    else if (subnet) {
-        out.header("Recommended ACL Rules:")
-            .blank()
-            .dim("  To restrict access, add ACL rules to your policy file:")
-            .dim("  https://login.tailscale.com/admin/acls/file")
-            .blank()
-            .dim(`    {"action": "accept", "src": ["group:YOUR_GROUP"], "dst": ["${tag}:53"]}`)
-            .dim(`    {"action": "accept", "src": ["group:YOUR_GROUP"], "dst": ["${subnet}:*"]}`)
-            .blank();
-    }
-    out.print();
-};
-// =============================================================================
-// Register Command
-// =============================================================================
-registerCommand({
-    name: "create",
-    description: "Create a Tailscale subnet router on a Fly.io custom network",
-    usage: "ambit create <network> [--org <org>] [--region <region>]",
-    run: create,
-});

package/esm/src/cli/commands/deploy.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export {};
2	- //# sourceMappingURL=deploy.d.ts.map

package/esm/src/cli/commands/deploy.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../../src/src/cli/commands/deploy.ts"],"names":[],"mappings":""}