@cicore/cli 1.0.0

package/dist/lib/ops/nginx.d.ts

@@ -0,0 +1,114 @@
+/**
+ * CiCore CLI — Nginx domain map primitives
+ *
+ * VuCore's multi-core architecture routes incoming requests to a specific
+ * core via nginx `map` blocks in `vucore-global-router.conf`. Two maps
+ * matter for per-core onboarding:
+ *
+ *   map $host $target_core {
+ *       # {{DOMAIN_CORE_MAP}} - Placeholder for dynamic domain entries
+ *       default core1;
+ *   }
+ *
+ *   map $target_core $core_path {
+ *       default /var/www/cores/core1;
+ *       # {{CORE_PATH_MAP}} - Placeholder for dynamic core entries
+ *   }
+ *
+ * Each `vu setup <core>` invocation needs to:
+ *   1. Add `"<domain>"  "<core>";` to DOMAIN_CORE_MAP
+ *   2. Add `"<core>" /var/www/cores/<core>;` to CORE_PATH_MAP
+ *   3. Reload nginx (no restart — bind-mounted config picks up SIGHUP)
+ *
+ * Edits insert *above* the placeholder comment so the marker stays
+ * visible for the next edit. Idempotent — re-running with the same
+ * domain is a no-op. Atomic — config is written to a temp file then
+ * `mv`'d, so nginx never sees a partial file mid-edit.
+ *
+ * After every config change `nginx -t` validates syntax before reload
+ * is attempted; an invalid config rolls back via the temp-file pattern.
+ */
+import type { HostConfig } from '../hosts.js';
+import { type ExecResult } from './ssh.js';
+/**
+ * Add (or confirm) `<domain> → <core>` routing in the global router.
+ *
+ * Two-part operation:
+ *   1. Insert `"<domain>"  "<core>";` into the DOMAIN_CORE_MAP block
+ *   2. Ensure the core's path entry exists in CORE_PATH_MAP (idempotent)
+ *
+ * Both inserts are skipped if their target line already exists, so a
+ * repeated `vu setup` against the same core+domain is a no-op for nginx.
+ *
+ * Returns `{ success, errorMessage }` from the worst step. On success,
+ * the caller should follow up with {@link nginxReload}.
+ */
+export declare function nginxDomainAdd(cfg: HostConfig, domain: string, core: string): Promise<ExecResult>;
+/**
+ * Ensure a core has a CORE_PATH_MAP entry, regardless of whether any
+ * domain points at it. Useful for prepping a core (e.g. `vu setup core2`
+ * without `--domain`) before its public domain is decided.
+ */
+export declare function nginxEnsureCorePath(cfg: HostConfig, core: string): Promise<ExecResult>;
+/**
+ * Remove a domain → core entry from DOMAIN_CORE_MAP. Idempotent: if the
+ * entry isn't there, the op succeeds without writing. Does not touch
+ * CORE_PATH_MAP because other domains may still point at the core.
+ */
+export declare function nginxDomainRemove(cfg: HostConfig, domain: string): Promise<ExecResult>;
+/**
+ * List the domains currently mapped to `core` in the DOMAIN_CORE_MAP block.
+ * Reconcile uses this to find orphans: a domain nginx still routes to a brand's
+ * core but that the control-plane no longer lists (e.g. a detached domain whose
+ * cp_domains row is gone). Parsing is scoped to the DOMAIN_CORE_MAP block so a
+ * `"<core>" /var/www/...` line in CORE_PATH_MAP or a token in an unrelated map
+ * (CORS, tenant→brand) can't be mistaken for a routing entry.
+ */
+export declare function nginxListDomainsForCore(cfg: HostConfig, core: string): Promise<string[]>;
+/**
+ * Remove a per-domain vhost file (`<domain_underscored>.conf`). Idempotent —
+ * `rm -f` succeeds whether or not the file is there. The map entry is removed
+ * separately via {@link nginxDomainRemove}; caller reloads after.
+ */
+export declare function nginxRemoveVhost(cfg: HostConfig, domain: string): Promise<ExecResult>;
+/**
+ * Validate nginx configuration syntax inside the nginx container.
+ * Returns the typical `nginx: configuration file ... test is successful`
+ * output on success, error message on failure.
+ */
+export declare function nginxValidate(cfg: HostConfig): Promise<ExecResult>;
+/**
+ * Trigger a hot reload of nginx (`nginx -s reload`). Existing connections
+ * drain on the old worker; new ones use the new config.
+ *
+ * Always validates with `nginx -t` first — a syntax error during reload
+ * could leave the master process in a degraded state.
+ */
+export declare function nginxReload(cfg: HostConfig): Promise<ExecResult>;
+/**
+ * Render the bundled vhost template for a given core+domain and write it
+ * atomically to `${cfg.nginxConfigDir}/${domain_underscored}.conf`.
+ *
+ * Placeholder substitution:
+ *   {{DOMAIN}}        → e.g. `cicore.com.tr`
+ *   {{DOMAIN_REGEX}}  → dots regex-escaped, for nginx `server_name ~^…$`
+ *   {{CORE}}          → e.g. `vucore`
+ *   {{SSL_CERT_NAME}} → basename in `/etc/nginx/ssl/` (caller's choice;
+ *                       behind a Cloudflare Tunnel the cert CN need not
+ *                       match the served domain, so a shared cert works)
+ *
+ * The rendered vhost uses `$target_core` / `$core_path` map lookups
+ * defined in `vucore-global-router.conf` — there are no hardcoded core
+ * paths in the output, so adding a new core only requires (1) a global
+ * router map entry (handled by {@link nginxDomainAdd}) and (2) a vhost
+ * generated by this function.
+ *
+ * Atomic: writes to `<file>.tmp.$$`, chmod 644, then `sudo -n mv` into
+ * place. Idempotent: a re-run with identical inputs is a no-op (we read
+ * the current file first; if it byte-matches the rendered output we
+ * skip the write so file mtime stays meaningful for backups).
+ *
+ * Caller follows up with {@link nginxValidate} + {@link nginxReload}.
+ */
+export declare function nginxWriteVhost(cfg: HostConfig, core: string, domain: string, sslCertName: string): Promise<ExecResult>;
+//# sourceMappingURL=nginx.d.ts.map

package/dist/lib/ops/nginx.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nginx.d.ts","sourceRoot":"","sources":["../../../src/lib/ops/nginx.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAMH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE7C,OAAO,EAA8B,KAAK,UAAU,EAAE,MAAM,UAAU,CAAA;AAmCtE;;;;;;;;;;;;GAYG;AACH,wBAAsB,cAAc,CAClC,GAAG,EAAE,UAAU,EACf,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,UAAU,CAAC,CA0CrB;AAED;;;;GAIG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAM5F;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAO5F;AAED;;;;;;;GAOG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAsB9F;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAM3F;AAED;;;;GAIG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAExE;AAED;;;;;;GAMG;AACH,wBAAsB,WAAW,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAYtE;AA8JD;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,wBAAsB,eAAe,CACnC,GAAG,EAAE,UAAU,EACf,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,UAAU,CAAC,CAgErB"}

package/dist/lib/ops/nginx.js

@@ -0,0 +1,388 @@
+/**
+ * CiCore CLI — Nginx domain map primitives
+ *
+ * VuCore's multi-core architecture routes incoming requests to a specific
+ * core via nginx `map` blocks in `vucore-global-router.conf`. Two maps
+ * matter for per-core onboarding:
+ *
+ *   map $host $target_core {
+ *       # {{DOMAIN_CORE_MAP}} - Placeholder for dynamic domain entries
+ *       default core1;
+ *   }
+ *
+ *   map $target_core $core_path {
+ *       default /var/www/cores/core1;
+ *       # {{CORE_PATH_MAP}} - Placeholder for dynamic core entries
+ *   }
+ *
+ * Each `vu setup <core>` invocation needs to:
+ *   1. Add `"<domain>"  "<core>";` to DOMAIN_CORE_MAP
+ *   2. Add `"<core>" /var/www/cores/<core>;` to CORE_PATH_MAP
+ *   3. Reload nginx (no restart — bind-mounted config picks up SIGHUP)
+ *
+ * Edits insert *above* the placeholder comment so the marker stays
+ * visible for the next edit. Idempotent — re-running with the same
+ * domain is a no-op. Atomic — config is written to a temp file then
+ * `mv`'d, so nginx never sees a partial file mid-edit.
+ *
+ * After every config change `nginx -t` validates syntax before reload
+ * is attempted; an invalid config rolls back via the temp-file pattern.
+ */
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { log } from '../logger.js';
+import { runRemote, runRemoteScript } from './ssh.js';
+const GLOBAL_ROUTER_FILE = 'vucore-global-router.conf';
+/**
+ * Per-domain vhost template. Bundled under `cli/templates/` and shipped
+ * via the package.json `files` whitelist. From a compiled `dist/lib/ops/
+ * nginx.js` we walk up three levels to the package root, then into
+ * `templates/`. Resolved once at module load so we don't re-stat on
+ * every call.
+ */
+const VHOST_TEMPLATE_PATH = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..', '..', '..', 'templates', 'vhost.conf.tmpl');
+// Placeholder comments inserted by the original setup; we anchor inserts
+// to these. If a host's config has had the placeholders stripped, the ops
+// fail loudly rather than silently appending to the wrong location.
+const PH_DOMAIN_CORE_MAP = '# {{DOMAIN_CORE_MAP}}';
+const PH_CORE_PATH_MAP = '# {{CORE_PATH_MAP}}';
+/** Identifier rule for core names — same as Postgres (a–z, A–Z, 0–9, _). */
+const CORE_NAME_RE = /^[a-zA-Z_][a-zA-Z0-9_-]{0,62}$/;
+/** Domain rule — letters, digits, dots, hyphens. Disallows shell metas. */
+const DOMAIN_RE = /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+$/;
+// ─────────────────────────────────────────────────────────────────────────
+// Public primitives
+// ─────────────────────────────────────────────────────────────────────────
+/**
+ * Add (or confirm) `<domain> → <core>` routing in the global router.
+ *
+ * Two-part operation:
+ *   1. Insert `"<domain>"  "<core>";` into the DOMAIN_CORE_MAP block
+ *   2. Ensure the core's path entry exists in CORE_PATH_MAP (idempotent)
+ *
+ * Both inserts are skipped if their target line already exists, so a
+ * repeated `vu setup` against the same core+domain is a no-op for nginx.
+ *
+ * Returns `{ success, errorMessage }` from the worst step. On success,
+ * the caller should follow up with {@link nginxReload}.
+ */
+export async function nginxDomainAdd(cfg, domain, core) {
+    assertDomain(domain);
+    assertCoreName(core);
+    log.info(`[nginx] map ${domain} → ${core} on ${cfg.brandName}`);
+    // Step 1: DOMAIN_CORE_MAP entry — insert above the placeholder.
+    const domainEntry = `    "${domain}"    "${core}";`;
+    const domainStep = await insertAboveMarker(cfg, GLOBAL_ROUTER_FILE, PH_DOMAIN_CORE_MAP, domainEntry, {
+        // Skip if any existing line maps this exact domain (regardless of core)
+        // — caller should remove first if remapping is intended.
+        skipIfPresent: new RegExp(`^\\s*"${escapeRegex(domain)}"\\s+"[^"]+";`, 'm'),
+    });
+    if (!domainStep.success)
+        return domainStep;
+    // Step 1b: the API subdomain (api.<domain>) routes to the SAME core. The
+    // frontend's apiBase is https://api.<domain>; without this map entry the api
+    // host falls through to the default core and every API call hits the wrong
+    // (or missing) core → app errors. (Surfaced 2026-05-24 on multinodex + lab;
+    // was being added by hand. Now automatic so `ci setup` is reproducible.)
+    const apiDomain = `api.${domain}`;
+    const apiStep = await insertAboveMarker(cfg, GLOBAL_ROUTER_FILE, PH_DOMAIN_CORE_MAP, `    "${apiDomain}"    "${core}";`, { skipIfPresent: new RegExp(`^\\s*"${escapeRegex(apiDomain)}"\\s+"[^"]+";`, 'm') });
+    if (!apiStep.success)
+        return apiStep;
+    // Step 2: CORE_PATH_MAP entry for this core, if not already there.
+    // Same insertion pattern.
+    const pathEntry = `    "${core}" /var/www/cores/${core};`;
+    return insertAboveMarker(cfg, GLOBAL_ROUTER_FILE, PH_CORE_PATH_MAP, pathEntry, {
+        skipIfPresent: new RegExp(`^\\s*"${escapeRegex(core)}"\\s+/var/www/cores/`, 'm'),
+    });
+}
+/**
+ * Ensure a core has a CORE_PATH_MAP entry, regardless of whether any
+ * domain points at it. Useful for prepping a core (e.g. `vu setup core2`
+ * without `--domain`) before its public domain is decided.
+ */
+export async function nginxEnsureCorePath(cfg, core) {
+    assertCoreName(core);
+    const pathEntry = `    "${core}" /var/www/cores/${core};`;
+    return insertAboveMarker(cfg, GLOBAL_ROUTER_FILE, PH_CORE_PATH_MAP, pathEntry, {
+        skipIfPresent: new RegExp(`^\\s*"${escapeRegex(core)}"\\s+/var/www/cores/`, 'm'),
+    });
+}
+/**
+ * Remove a domain → core entry from DOMAIN_CORE_MAP. Idempotent: if the
+ * entry isn't there, the op succeeds without writing. Does not touch
+ * CORE_PATH_MAP because other domains may still point at the core.
+ */
+export async function nginxDomainRemove(cfg, domain) {
+    assertDomain(domain);
+    log.info(`[nginx] unmap ${domain} on ${cfg.brandName}`);
+    // Match the whole line (with optional leading whitespace) and the trailing
+    // newline so removal leaves no blank line behind.
+    const pattern = new RegExp(`^\\s*"${escapeRegex(domain)}"\\s+"[^"]+";\\s*\\n?`, 'gm');
+    return rewriteFile(cfg, GLOBAL_ROUTER_FILE, content => content.replace(pattern, ''));
+}
+/**
+ * List the domains currently mapped to `core` in the DOMAIN_CORE_MAP block.
+ * Reconcile uses this to find orphans: a domain nginx still routes to a brand's
+ * core but that the control-plane no longer lists (e.g. a detached domain whose
+ * cp_domains row is gone). Parsing is scoped to the DOMAIN_CORE_MAP block so a
+ * `"<core>" /var/www/...` line in CORE_PATH_MAP or a token in an unrelated map
+ * (CORS, tenant→brand) can't be mistaken for a routing entry.
+ */
+export async function nginxListDomainsForCore(cfg, core) {
+    assertCoreName(core);
+    const fullPath = `${cfg.nginxConfigDir}/${GLOBAL_ROUTER_FILE}`;
+    const read = await runRemote(cfg, `cat ${shellQuote(fullPath)}`, { silent: true });
+    if (!read.success) {
+        log.warn(`[nginx] could not read ${GLOBAL_ROUTER_FILE} to list domains for ${core}: ${read.stderr.trim()}`);
+        return [];
+    }
+    const content = read.stdout;
+    const markerIdx = content.indexOf(PH_DOMAIN_CORE_MAP);
+    if (markerIdx === -1)
+        return [];
+    const blockStart = content.lastIndexOf('{', markerIdx);
+    const blockEnd = content.indexOf('}', markerIdx);
+    const block = content.slice(blockStart === -1 ? 0 : blockStart, blockEnd === -1 ? content.length : blockEnd);
+    const domains = [];
+    const lineRe = /"([^"]+)"\s+"([^"]+)";/g;
+    let m;
+    while ((m = lineRe.exec(block)) !== null) {
+        if (m[2] === core)
+            domains.push(m[1]);
+    }
+    return domains;
+}
+/**
+ * Remove a per-domain vhost file (`<domain_underscored>.conf`). Idempotent —
+ * `rm -f` succeeds whether or not the file is there. The map entry is removed
+ * separately via {@link nginxDomainRemove}; caller reloads after.
+ */
+export async function nginxRemoveVhost(cfg, domain) {
+    assertDomain(domain);
+    const vhostFilename = `${domain.replace(/\./g, '_')}.conf`;
+    const fullPath = `${cfg.nginxConfigDir}/${vhostFilename}`;
+    log.info(`[nginx] remove vhost ${vhostFilename} on ${cfg.brandName}`);
+    return runRemoteScript(cfg, `set -e\nsudo -n rm -f ${shellQuote(fullPath)}\n`, { silent: true });
+}
+/**
+ * Validate nginx configuration syntax inside the nginx container.
+ * Returns the typical `nginx: configuration file ... test is successful`
+ * output on success, error message on failure.
+ */
+export async function nginxValidate(cfg) {
+    return runRemote(cfg, `docker exec ${cfg.containerNames.nginx} nginx -t`, { silent: true });
+}
+/**
+ * Trigger a hot reload of nginx (`nginx -s reload`). Existing connections
+ * drain on the old worker; new ones use the new config.
+ *
+ * Always validates with `nginx -t` first — a syntax error during reload
+ * could leave the master process in a degraded state.
+ */
+export async function nginxReload(cfg) {
+    log.info(`[nginx] validate + reload on ${cfg.brandName}`);
+    const validate = await nginxValidate(cfg);
+    if (!validate.success) {
+        return Object.freeze({
+            stdout: validate.stdout,
+            stderr: `nginx -t failed; refusing to reload:\n${validate.stderr}`,
+            exitCode: validate.exitCode,
+            success: false,
+        });
+    }
+    return runRemote(cfg, `docker exec ${cfg.containerNames.nginx} nginx -s reload`);
+}
+/**
+ * Read a config file, insert `entry` on the line immediately above the
+ * first occurrence of `marker`, write atomically. If `marker` isn't
+ * found, the op fails — never falls back to appending.
+ *
+ * Idempotent when `skipIfPresent` matches existing content.
+ */
+async function insertAboveMarker(cfg, filename, marker, entry, opts = {}) {
+    return rewriteFile(cfg, filename, content => {
+        const markerIdx = content.indexOf(marker);
+        if (markerIdx === -1) {
+            throw new Error(`Marker '${marker}' not found in ${filename}. ` +
+                `The global router config may have been hand-edited; restore it from git or re-run setup.`);
+        }
+        // Idempotency check is scoped to the block the marker lives in — from the
+        // enclosing `{` up to the marker — NOT the whole file. A domain/core token
+        // can legitimately appear in unrelated maps (CORS, tenant→brand, etc.); a
+        // whole-file test would false-positive there and skip the real insert into
+        // THIS block. (Bug surfaced 2026-05-24: multinodex.com present in the CORS
+        // map made the DOMAIN_CORE_MAP insert a silent no-op → broken routing.)
+        if (opts.skipIfPresent) {
+            const braceIdx = content.lastIndexOf('{', markerIdx);
+            const blockScope = content.slice(braceIdx === -1 ? 0 : braceIdx, markerIdx);
+            if (opts.skipIfPresent.test(blockScope)) {
+                log.debug(`[nginx] entry already present in target block — skip insert`);
+                return content; // no-op
+            }
+        }
+        // Find the start of the line containing the marker so we can insert
+        // entry+newline before the entire marker line.
+        let lineStart = markerIdx;
+        while (lineStart > 0 && content[lineStart - 1] !== '\n') {
+            lineStart--;
+        }
+        return content.slice(0, lineStart) + entry + '\n' + content.slice(lineStart);
+    });
+}
+/**
+ * Read the named config file from the server, apply `transform` to its
+ * contents, write atomically (temp file + mv) if changed. Skips the write
+ * when transform is a no-op so file mtime stays meaningful for backups.
+ *
+ * Atomicity: writes to `<file>.tmp.<pid>`, then `mv` into place. If the
+ * write or mv fails midway, the original file is untouched. The temp file
+ * is `chmod 644` (matching the original's typical mode).
+ *
+ * The transform runs locally on the file content — efficient for typical
+ * configs (<100KB) and avoids fragile in-place sed regex on the server.
+ */
+async function rewriteFile(cfg, filename, transform) {
+    const fullPath = `${cfg.nginxConfigDir}/${filename}`;
+    // Read current content.
+    const readResult = await runRemote(cfg, `cat ${shellQuote(fullPath)}`, { silent: true });
+    if (!readResult.success) {
+        return Object.freeze({
+            stdout: '',
+            stderr: `Failed to read ${fullPath}: ${readResult.stderr}`,
+            exitCode: readResult.exitCode,
+            success: false,
+        });
+    }
+    let nextContent;
+    try {
+        nextContent = transform(readResult.stdout);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return Object.freeze({
+            stdout: '',
+            stderr: message,
+            exitCode: 1,
+            success: false,
+        });
+    }
+    if (nextContent === readResult.stdout) {
+        log.debug(`[nginx] ${filename} unchanged — skip write`);
+        return Object.freeze({ stdout: '', stderr: '', exitCode: 0, success: true });
+    }
+    // Atomic write via temp file + mv. Sudo path is needed because nginx
+    // config files are typically owned by root (nginx container init).
+    // The "sudo -n" is non-interactive — relies on NOPASSWD sudoers setup.
+    const script = `set -e\n` +
+        `tmp="${fullPath}.tmp.$$"\n` +
+        `cat > "$tmp" <<'__VU_NGINX_EOF__'\n` +
+        nextContent +
+        (nextContent.endsWith('\n') ? '' : '\n') +
+        `__VU_NGINX_EOF__\n` +
+        `sudo -n chmod 644 "$tmp"\n` +
+        `sudo -n mv "$tmp" ${shellQuote(fullPath)}\n`;
+    return runRemoteScript(cfg, script, { silent: true });
+}
+// ─────────────────────────────────────────────────────────────────────────
+// Validation helpers
+// ─────────────────────────────────────────────────────────────────────────
+function assertDomain(domain) {
+    if (!DOMAIN_RE.test(domain)) {
+        throw new Error(`Invalid domain '${domain}'. Must be a valid hostname (letters, digits, hyphens, dots).`);
+    }
+}
+function assertCoreName(core) {
+    if (!CORE_NAME_RE.test(core)) {
+        throw new Error(`Invalid core name '${core}'. Must match /^[a-zA-Z_][a-zA-Z0-9_-]{0,62}$/.`);
+    }
+}
+function escapeRegex(s) {
+    return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+function shellQuote(s) {
+    return `'${s.replace(/'/g, `'\\''`)}'`;
+}
+// ─────────────────────────────────────────────────────────────────────────
+// Per-domain vhost rendering
+// ─────────────────────────────────────────────────────────────────────────
+/**
+ * Render the bundled vhost template for a given core+domain and write it
+ * atomically to `${cfg.nginxConfigDir}/${domain_underscored}.conf`.
+ *
+ * Placeholder substitution:
+ *   {{DOMAIN}}        → e.g. `cicore.com.tr`
+ *   {{DOMAIN_REGEX}}  → dots regex-escaped, for nginx `server_name ~^…$`
+ *   {{CORE}}          → e.g. `vucore`
+ *   {{SSL_CERT_NAME}} → basename in `/etc/nginx/ssl/` (caller's choice;
+ *                       behind a Cloudflare Tunnel the cert CN need not
+ *                       match the served domain, so a shared cert works)
+ *
+ * The rendered vhost uses `$target_core` / `$core_path` map lookups
+ * defined in `vucore-global-router.conf` — there are no hardcoded core
+ * paths in the output, so adding a new core only requires (1) a global
+ * router map entry (handled by {@link nginxDomainAdd}) and (2) a vhost
+ * generated by this function.
+ *
+ * Atomic: writes to `<file>.tmp.$$`, chmod 644, then `sudo -n mv` into
+ * place. Idempotent: a re-run with identical inputs is a no-op (we read
+ * the current file first; if it byte-matches the rendered output we
+ * skip the write so file mtime stays meaningful for backups).
+ *
+ * Caller follows up with {@link nginxValidate} + {@link nginxReload}.
+ */
+export async function nginxWriteVhost(cfg, core, domain, sslCertName) {
+    assertCoreName(core);
+    assertDomain(domain);
+    if (!sslCertName || !/^[a-zA-Z0-9._-]+$/.test(sslCertName)) {
+        return Object.freeze({
+            stdout: '',
+            stderr: `Invalid sslCertName '${sslCertName}'. Must be a filename-safe basename.`,
+            exitCode: 1,
+            success: false,
+        });
+    }
+    log.info(`[nginx] write vhost ${domain} → core=${core} (ssl=${sslCertName}) on ${cfg.brandName}`);
+    // Load + render template.
+    let tmpl;
+    try {
+        tmpl = await fs.readFile(VHOST_TEMPLATE_PATH, 'utf8');
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return Object.freeze({
+            stdout: '',
+            stderr: `Failed to read vhost template at ${VHOST_TEMPLATE_PATH}: ${message}`,
+            exitCode: 1,
+            success: false,
+        });
+    }
+    const domainRegex = domain.replace(/\./g, '\\.');
+    const rendered = tmpl
+        .replace(/\{\{DOMAIN_REGEX\}\}/g, domainRegex)
+        .replace(/\{\{DOMAIN\}\}/g, domain)
+        .replace(/\{\{CORE\}\}/g, core)
+        .replace(/\{\{SSL_CERT_NAME\}\}/g, sslCertName);
+    const vhostFilename = `${domain.replace(/\./g, '_')}.conf`;
+    const fullPath = `${cfg.nginxConfigDir}/${vhostFilename}`;
+    // Idempotency check: read existing file (if any); skip write when
+    // contents match byte-for-byte. `cat || true` so a missing file
+    // doesn't fail the read step — we just treat absent as empty.
+    const readResult = await runRemote(cfg, `cat ${shellQuote(fullPath)} 2>/dev/null || true`, { silent: true });
+    if (readResult.success && readResult.stdout === rendered) {
+        log.debug(`[nginx] vhost ${vhostFilename} already up to date — skip`);
+        return Object.freeze({ stdout: '', stderr: '', exitCode: 0, success: true });
+    }
+    // Atomic write: heredoc into a `.tmp.$$` file, chmod, then mv. Uses
+    // `sudo -n` (NOPASSWD) because nginx conf.d is typically root-owned.
+    const script = `set -e\n` +
+        `tmp="${fullPath}.tmp.$$"\n` +
+        `cat > "$tmp" <<'__VU_NGINX_VHOST_EOF__'\n` +
+        rendered +
+        (rendered.endsWith('\n') ? '' : '\n') +
+        `__VU_NGINX_VHOST_EOF__\n` +
+        `sudo -n chmod 644 "$tmp"\n` +
+        `sudo -n mv "$tmp" ${shellQuote(fullPath)}\n`;
+    return runRemoteScript(cfg, script, { silent: true });
+}
+//# sourceMappingURL=nginx.js.map

package/dist/lib/ops/nginx.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nginx.js","sourceRoot":"","sources":["../../../src/lib/ops/nginx.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAA;AACxC,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAGxC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAClC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAmB,MAAM,UAAU,CAAA;AAEtE,MAAM,kBAAkB,GAAG,2BAA2B,CAAA;AAEtD;;;;;;GAMG;AACH,MAAM,mBAAmB,GAAG,IAAI,CAAC,OAAO,CACtC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAC5C,IAAI,EACJ,IAAI,EACJ,IAAI,EACJ,WAAW,EACX,iBAAiB,CAClB,CAAA;AAED,yEAAyE;AACzE,0EAA0E;AAC1E,oEAAoE;AACpE,MAAM,kBAAkB,GAAG,uBAAuB,CAAA;AAClD,MAAM,gBAAgB,GAAG,qBAAqB,CAAA;AAE9C,4EAA4E;AAC5E,MAAM,YAAY,GAAG,gCAAgC,CAAA;AACrD,2EAA2E;AAC3E,MAAM,SAAS,GAAG,qGAAqG,CAAA;AAEvH,4EAA4E;AAC5E,oBAAoB;AACpB,4EAA4E;AAE5E;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,GAAe,EACf,MAAc,EACd,IAAY;IAEZ,YAAY,CAAC,MAAM,CAAC,CAAA;IACpB,cAAc,CAAC,IAAI,CAAC,CAAA;IAEpB,GAAG,CAAC,IAAI,CAAC,eAAe,MAAM,MAAM,IAAI,OAAO,GAAG,CAAC,SAAS,EAAE,CAAC,CAAA;IAE/D,gEAAgE;IAChE,MAAM,WAAW,GAAG,QAAQ,MAAM,SAAS,IAAI,IAAI,CAAA;IACnD,MAAM,UAAU,GAAG,MAAM,iBAAiB,CACxC,GAAG,EACH,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX;QACE,wEAAwE;QACxE,yDAAyD;QACzD,aAAa,EAAE,IAAI,MAAM,CAAC,SAAS,WAAW,CAAC,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC;KAC5E,CACF,CAAA;IACD,IAAI,CAAC,UAAU,CAAC,OAAO;QAAE,OAAO,UAAU,CAAA;IAE1C,yEAAyE;IACzE,6EAA6E;IAC7E,2EAA2E;IAC3E,4EAA4E;IAC5E,yEAAyE;IACzE,MAAM,SAAS,GAAG,OAAO,MAAM,EAAE,CAAA;IACjC,MAAM,OAAO,GAAG,MAAM,iBAAiB,CACrC,GAAG,EACH,kBAAkB,EAClB,kBAAkB,EAClB,QAAQ,SAAS,SAAS,IAAI,IAAI,EAClC,EAAE,aAAa,EAAE,IAAI,MAAM,CAAC,SAAS,WAAW,CAAC,SAAS,CAAC,eAAe,EAAE,GAAG,CAAC,EAAE,CACnF,CAAA;IACD,IAAI,CAAC,OAAO,CAAC,OAAO;QAAE,OAAO,OAAO,CAAA;IAEpC,mEAAmE;IACnE,0BAA0B;IAC1B,MAAM,SAAS,GAAG,QAAQ,IAAI,oBAAoB,IAAI,GAAG,CAAA;IACzD,OAAO,iBAAiB,CAAC,GAAG,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,SAAS,EAAE;QAC7E,aAAa,EAAE,IAAI,MAAM,CAAC,SAAS,WAAW,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,CAAC;KACjF,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,GAAe,EAAE,IAAY;IACrE,cAAc,CAAC,IAAI,CAAC,CAAA;IACpB,MAAM,SAAS,GAAG,QAAQ,IAAI,oBAAoB,IAAI,GAAG,CAAA;IACzD,OAAO,iBAAiB,CAAC,GAAG,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,SAAS,EAAE;QAC7E,aAAa,EAAE,IAAI,MAAM,CAAC,SAAS,WAAW,CAAC,IAAI,CAAC,sBAAsB,EAAE,GAAG,CAAC;KACjF,CAAC,CAAA;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAe,EAAE,MAAc;IACrE,YAAY,CAAC,MAAM,CAAC,CAAA;IACpB,GAAG,CAAC,IAAI,CAAC,iBAAiB,MAAM,OAAO,GAAG,CAAC,SAAS,EAAE,CAAC,CAAA;IACvD,2EAA2E;IAC3E,kDAAkD;IAClD,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,SAAS,WAAW,CAAC,MAAM,CAAC,uBAAuB,EAAE,IAAI,CAAC,CAAA;IACrF,OAAO,WAAW,CAAC,GAAG,EAAE,kBAAkB,EAAE,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAA;AACtF,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,GAAe,EAAE,IAAY;IACzE,cAAc,CAAC,IAAI,CAAC,CAAA;IACpB,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,cAAc,IAAI,kBAAkB,EAAE,CAAA;IAC9D,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,OAAO,UAAU,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;IAClF,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAClB,GAAG,CAAC,IAAI,CAAC,0BAA0B,kBAAkB,wBAAwB,IAAI,KAAK,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;QAC3G,OAAO,EAAE,CAAA;IACX,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAA;IAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAA;IACrD,IAAI,SAAS,KAAK,CAAC,CAAC;QAAE,OAAO,EAAE,CAAA;IAC/B,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;IACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IAE5G,MAAM,OAAO,GAAa,EAAE,CAAA;IAC5B,MAAM,MAAM,GAAG,yBAAyB,CAAA;IACxC,IAAI,CAAyB,CAAA;IAC7B,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACzC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IACvC,CAAC;IACD,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAe,EAAE,MAAc;IACpE,YAAY,CAAC,MAAM,CAAC,CAAA;IACpB,MAAM,aAAa,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAA;IAC1D,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,cAAc,IAAI,aAAa,EAAE,CAAA;IACzD,GAAG,CAAC,IAAI,CAAC,wBAAwB,aAAa,OAAO,GAAG,CAAC,SAAS,EAAE,CAAC,CAAA;IACrE,OAAO,eAAe,CAAC,GAAG,EAAE,yBAAyB,UAAU,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;AAClG,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAe;IACjD,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,GAAG,CAAC,cAAc,CAAC,KAAK,WAAW,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;AAC7F,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAe;IAC/C,GAAG,CAAC,IAAI,CAAC,gCAAgC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAA;IACzD,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;IACzC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtB,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,MAAM,EAAE,yCAAyC,QAAQ,CAAC,MAAM,EAAE;YAClE,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,SAAS,CAAC,GAAG,EAAE,eAAe,GAAG,CAAC,cAAc,CAAC,KAAK,kBAAkB,CAAC,CAAA;AAClF,CAAC;AAcD;;;;;;GAMG;AACH,KAAK,UAAU,iBAAiB,CAC9B,GAAe,EACf,QAAgB,EAChB,MAAc,EACd,KAAa,EACb,OAAsB,EAAE;IAExB,OAAO,WAAW,CAAC,GAAG,EAAE,QAAQ,EAAE,OAAO,CAAC,EAAE;QAC1C,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QACzC,IAAI,SAAS,KAAK,CAAC,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CACb,WAAW,MAAM,kBAAkB,QAAQ,IAAI;gBAC7C,0FAA0F,CAC7F,CAAA;QACH,CAAC;QAED,0EAA0E;QAC1E,2EAA2E;QAC3E,0EAA0E;QAC1E,2EAA2E;QAC3E,2EAA2E;QAC3E,wEAAwE;QACxE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;YACpD,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;YAC3E,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBACxC,GAAG,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAA;gBACxE,OAAO,OAAO,CAAA,CAAC,QAAQ;YACzB,CAAC;QACH,CAAC;QAED,oEAAoE;QACpE,+CAA+C;QAC/C,IAAI,SAAS,GAAG,SAAS,CAAA;QACzB,OAAO,SAAS,GAAG,CAAC,IAAI,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxD,SAAS,EAAE,CAAA;QACb,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAC9E,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,WAAW,CACxB,GAAe,EACf,QAAgB,EAChB,SAAsC;IAEtC,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,cAAc,IAAI,QAAQ,EAAE,CAAA;IAEpD,wBAAwB;IACxB,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,OAAO,UAAU,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;IACxF,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACxB,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,kBAAkB,QAAQ,KAAK,UAAU,CAAC,MAAM,EAAE;YAC1D,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,WAAmB,CAAA;IACvB,IAAI,CAAC;QACH,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;IAC5C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACtE,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,OAAO;YACf,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,WAAW,KAAK,UAAU,CAAC,MAAM,EAAE,CAAC;QACtC,GAAG,CAAC,KAAK,CAAC,WAAW,QAAQ,yBAAyB,CAAC,CAAA;QACvD,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;IAC9E,CAAC;IAED,qEAAqE;IACrE,mEAAmE;IACnE,uEAAuE;IACvE,MAAM,MAAM,GACV,UAAU;QACV,QAAQ,QAAQ,YAAY;QAC5B,qCAAqC;QACrC,WAAW;QACX,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACxC,oBAAoB;QACpB,4BAA4B;QAC5B,qBAAqB,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAA;IAE/C,OAAO,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;AACvD,CAAC;AAED,4EAA4E;AAC5E,qBAAqB;AACrB,4EAA4E;AAE5E,SAAS,YAAY,CAAC,MAAc;IAClC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CACb,mBAAmB,MAAM,+DAA+D,CACzF,CAAA;IACH,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CACb,sBAAsB,IAAI,iDAAiD,CAC5E,CAAA;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,OAAO,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAA;AACjD,CAAC;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAA;AACxC,CAAC;AAED,4EAA4E;AAC5E,6BAA6B;AAC7B,4EAA4E;AAE5E;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,GAAe,EACf,IAAY,EACZ,MAAc,EACd,WAAmB;IAEnB,cAAc,CAAC,IAAI,CAAC,CAAA;IACpB,YAAY,CAAC,MAAM,CAAC,CAAA;IACpB,IAAI,CAAC,WAAW,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3D,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,wBAAwB,WAAW,sCAAsC;YACjF,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IAED,GAAG,CAAC,IAAI,CAAC,uBAAuB,MAAM,WAAW,IAAI,SAAS,WAAW,QAAQ,GAAG,CAAC,SAAS,EAAE,CAAC,CAAA;IAEjG,0BAA0B;IAC1B,IAAI,IAAY,CAAA;IAChB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAA;IACvD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACtE,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,oCAAoC,mBAAmB,KAAK,OAAO,EAAE;YAC7E,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAChD,MAAM,QAAQ,GAAG,IAAI;SAClB,OAAO,CAAC,uBAAuB,EAAE,WAAW,CAAC;SAC7C,OAAO,CAAC,iBAAiB,EAAE,MAAM,CAAC;SAClC,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC;SAC9B,OAAO,CAAC,wBAAwB,EAAE,WAAW,CAAC,CAAA;IAEjD,MAAM,aAAa,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAA;IAC1D,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,cAAc,IAAI,aAAa,EAAE,CAAA;IAEzD,kEAAkE;IAClE,gEAAgE;IAChE,8DAA8D;IAC9D,MAAM,UAAU,GAAG,MAAM,SAAS,CAChC,GAAG,EACH,OAAO,UAAU,CAAC,QAAQ,CAAC,sBAAsB,EACjD,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB,CAAA;IACD,IAAI,UAAU,CAAC,OAAO,IAAI,UAAU,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACzD,GAAG,CAAC,KAAK,CAAC,iBAAiB,aAAa,4BAA4B,CAAC,CAAA;QACrE,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;IAC9E,CAAC;IAED,oEAAoE;IACpE,qEAAqE;IACrE,MAAM,MAAM,GACV,UAAU;QACV,QAAQ,QAAQ,YAAY;QAC5B,2CAA2C;QAC3C,QAAQ;QACR,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACrC,0BAA0B;QAC1B,4BAA4B;QAC5B,qBAAqB,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAA;IAE/C,OAAO,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;AACvD,CAAC"}

package/dist/lib/ops/redis.d.ts

@@ -0,0 +1,7 @@
+import type { HostConfig } from '../hosts.js';
+/**
+ * Bir brand'in paylaşımlı freeze-status Redis key'ini sil (F1 write-through).
+ * brandId UUID guard (shell'e yalnız hex+dash). Best-effort — hata yutulur.
+ */
+export declare function invalidateBrandStatus(cfg: HostConfig, brandId: string): Promise<void>;
+//# sourceMappingURL=redis.d.ts.map

package/dist/lib/ops/redis.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../../../src/lib/ops/redis.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAO7C;;;GAGG;AACH,wBAAsB,qBAAqB,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAY3F"}

package/dist/lib/ops/redis.js

@@ -0,0 +1,35 @@
+// ─────────────────────────────────────────────────────────────────────────
+// Redis ops — F1 freeze-status invalidation (izole, yol B).
+// Plan: docs/planning/2026-06-02-f1-redis-freeze-invalidation.md
+//
+// Orchestrator (relocate/promote-silo/rollback-silo) bir brand'in freeze
+// status'unu raw SQL ile değiştirdiğinde, PHP-FPM worker'larının paylaştığı
+// freeze-status Redis key'ini siler → anlık cross-worker invalidation (PHP
+// TenantDbResolver::brandStatusById ile AYNI key). Best-effort: asla throw
+// etmez — Redis hızlandırıcı, DB otorite; başarısızsa PHP TTL self-heal eder.
+// ─────────────────────────────────────────────────────────────────────────
+import { runRemoteScript } from './ssh.js';
+import { log } from '../logger.js';
+// PHP TenantDbResolver::FREEZE_REDIS_PREFIX + REDIS_DB_CACHE ile birebir aynı olmalı.
+const FREEZE_PREFIX = 'cp:brand_status:';
+const REDIS_CACHE_DB = 1;
+/**
+ * Bir brand'in paylaşımlı freeze-status Redis key'ini sil (F1 write-through).
+ * brandId UUID guard (shell'e yalnız hex+dash). Best-effort — hata yutulur.
+ */
+export async function invalidateBrandStatus(cfg, brandId) {
+    const container = cfg.containerNames?.redis;
+    if (!container)
+        return;
+    if (!/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(brandId))
+        return;
+    const script = `docker exec ${container} redis-cli -n ${REDIS_CACHE_DB} DEL '${FREEZE_PREFIX}${brandId}' >/dev/null 2>&1 || true`;
+    try {
+        // allowInDryRun YOK: dry-run'da status değişmediği için invalidation da gereksiz.
+        await runRemoteScript(cfg, script, { silent: true });
+    }
+    catch (e) {
+        log.debug?.('[redis] freeze invalidate skipped: ' + (e instanceof Error ? e.message : String(e)));
+    }
+}
+//# sourceMappingURL=redis.js.map

package/dist/lib/ops/redis.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.js","sourceRoot":"","sources":["../../../src/lib/ops/redis.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,4DAA4D;AAC5D,iEAAiE;AACjE,EAAE;AACF,yEAAyE;AACzE,4EAA4E;AAC5E,2EAA2E;AAC3E,2EAA2E;AAC3E,8EAA8E;AAC9E,4EAA4E;AAE5E,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAE1C,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAElC,sFAAsF;AACtF,MAAM,aAAa,GAAG,kBAAkB,CAAA;AACxC,MAAM,cAAc,GAAG,CAAC,CAAA;AAExB;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,GAAe,EAAE,OAAe;IAC1E,MAAM,SAAS,GAAG,GAAG,CAAC,cAAc,EAAE,KAAK,CAAA;IAC3C,IAAI,CAAC,SAAS;QAAE,OAAM;IACtB,IAAI,CAAC,iEAAiE,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAM;IAC5F,MAAM,MAAM,GACV,eAAe,SAAS,iBAAiB,cAAc,SAAS,aAAa,GAAG,OAAO,2BAA2B,CAAA;IACpH,IAAI,CAAC;QACH,kFAAkF;QAClF,MAAM,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;IACtD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,EAAE,CAAC,qCAAqC,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IACnG,CAAC;AACH,CAAC"}