@devalade/shipnode 2.0.0

package/dist/cli/commands/backup.d.ts

@@ -0,0 +1,14 @@
+export declare function scheduleToSystemd(schedule: 'hourly' | 'daily' | 'weekly'): string;
+export declare function cmdBackupSetup(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdBackupRun(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdBackupStatus(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdBackupList(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+//# sourceMappingURL=backup.d.ts.map

package/dist/cli/commands/backup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"backup.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/backup.ts"],"names":[],"mappings":"AAoDA,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,MAAM,CAOjF;AAED,wBAAsB,cAAc,CAClC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CA4Ef;AAED,wBAAsB,YAAY,CAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAkBf;AAED,wBAAsB,eAAe,CACnC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAgBf;AAED,wBAAsB,aAAa,CACjC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAwBf"}

package/dist/cli/commands/backup.js

@@ -0,0 +1,144 @@
+import { runRemoteCommand } from '../runner.js';
+import { ui } from '../ui.js';
+const BACKUP_SCRIPT_PATH = '/usr/local/bin/shipnode-backup.sh';
+const TIMER_NAME = 'shipnode-backup';
+function buildBackupScript(config) {
+    const prefix = config.s3Prefix ? config.s3Prefix.replace(/\/$/, '') + '/' : '';
+    const endpointFlag = config.s3Endpoint ? `--endpoint-url "${config.s3Endpoint}"` : '';
+    const ts = '$(date +%Y%m%d_%H%M%S)';
+    const dbDump = config.dbType && config.dbType !== 'sqlite'
+        ? `
+# Database backup
+DB_FILE="/tmp/db_${ts}.sql"
+${config.dbType === 'postgres' ? `PGPASSWORD="$DB_PASSWORD" pg_dump -h "${config.dbHost}" -p "${config.dbPort ?? 5432}" -U "${config.dbUser}" "${config.dbName}" > "$DB_FILE"` : ''}
+${config.dbType === 'mysql' ? `mysqldump -h "${config.dbHost}" -P "${config.dbPort ?? 3306}" -u "${config.dbUser}" -p"$DB_PASSWORD" "${config.dbName}" > "$DB_FILE"` : ''}
+aws s3 cp "$DB_FILE" "s3://${config.s3Bucket}/${prefix}db/$DB_FILE" ${endpointFlag}
+rm -f "$DB_FILE"
+`
+        : '';
+    return `#!/bin/bash
+set -euo pipefail
+
+TIMESTAMP="${ts}"
+DEPLOY_PATH="${config.remotePath}"
+S3_BUCKET="${config.s3Bucket}"
+S3_PREFIX="${prefix}"
+
+echo "[shipnode-backup] Starting backup at $TIMESTAMP"
+
+# Shared files backup
+SHARED_ARCHIVE="/tmp/shared_${ts}.tar.gz"
+tar -czf "$SHARED_ARCHIVE" -C "$DEPLOY_PATH/shared" . 2>/dev/null || true
+aws s3 cp "$SHARED_ARCHIVE" "s3://$S3_BUCKET/${prefix}shared/shared_$TIMESTAMP.tar.gz" ${endpointFlag}
+rm -f "$SHARED_ARCHIVE"
+${dbDump}
+echo "[shipnode-backup] Done"
+`;
+}
+export function scheduleToSystemd(schedule) {
+    const map = {
+        hourly: '*:00:00',
+        daily: '*-*-* 02:00:00',
+        weekly: 'Mon *-*-* 02:00:00',
+    };
+    return map[schedule] ?? map.daily;
+}
+export async function cmdBackupSetup(cwd, options) {
+    await runRemoteCommand(cwd, async ({ config, executor }) => {
+        if (!config.backup) {
+            ui.error('No backup config found. Add a backup block to shipnode.config.ts');
+            process.exit(1);
+        }
+        const { s3Bucket, s3Prefix, s3Endpoint, schedule = 'daily', retentionDays = 14 } = config.backup;
+        ui.info('Setting up backup...');
+        // Check awscli present
+        const awsCheck = await executor.exec('command -v aws 2>/dev/null || echo MISSING');
+        if (awsCheck.stdout.trim() === 'MISSING') {
+            ui.error('aws CLI not found on server. Install it first: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html');
+            process.exit(1);
+        }
+        const script = buildBackupScript({
+            remotePath: config.remotePath,
+            s3Bucket,
+            s3Prefix,
+            s3Endpoint,
+            dbType: config.database?.type,
+            dbName: config.database?.name,
+            dbUser: config.database?.user,
+            dbHost: config.database?.host,
+            dbPort: config.database?.port,
+        });
+        const b64 = Buffer.from(script).toString('base64');
+        await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+            `printf '%s' '${b64}' | base64 -d | $SUDO tee ${BACKUP_SCRIPT_PATH} > /dev/null && ` +
+            `$SUDO chmod +x ${BACKUP_SCRIPT_PATH}`);
+        const onCalendar = scheduleToSystemd(schedule);
+        const serviceUnit = `[Unit]
+Description=ShipNode backup
+
+[Service]
+Type=oneshot
+ExecStart=${BACKUP_SCRIPT_PATH}
+`;
+        const timerUnit = `[Unit]
+Description=ShipNode backup timer
+
+[Timer]
+OnCalendar=${onCalendar}
+Persistent=true
+
+[Install]
+WantedBy=timers.target
+`;
+        const svcB64 = Buffer.from(serviceUnit).toString('base64');
+        const timerB64 = Buffer.from(timerUnit).toString('base64');
+        await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+            `printf '%s' '${svcB64}' | base64 -d | $SUDO tee /etc/systemd/system/${TIMER_NAME}.service > /dev/null && ` +
+            `printf '%s' '${timerB64}' | base64 -d | $SUDO tee /etc/systemd/system/${TIMER_NAME}.timer > /dev/null && ` +
+            `$SUDO systemctl daemon-reload && ` +
+            `$SUDO systemctl enable --now ${TIMER_NAME}.timer`);
+        ui.success(`Backup scheduled (${schedule}, retain ${retentionDays} days).`);
+        ui.info(`Script: ${BACKUP_SCRIPT_PATH}`);
+    }, { configPath: options.config });
+}
+export async function cmdBackupRun(cwd, options) {
+    await runRemoteCommand(cwd, async ({ executor }) => {
+        const check = await executor.exec(`[ -f "${BACKUP_SCRIPT_PATH}" ] && echo EXISTS || echo MISSING`);
+        if (check.stdout.trim() === 'MISSING') {
+            ui.error('Backup not set up. Run: shipnode backup setup');
+            process.exit(1);
+        }
+        ui.info('Running backup now...');
+        const result = await executor.exec(BACKUP_SCRIPT_PATH, { timeout: 300_000 });
+        console.log(result.stdout);
+        if (result.stderr)
+            console.error(result.stderr);
+        ui.success('Backup complete.');
+    }, { configPath: options.config });
+}
+export async function cmdBackupStatus(cwd, options) {
+    await runRemoteCommand(cwd, async ({ executor }) => {
+        const timerResult = await executor.exec(`systemctl status ${TIMER_NAME}.timer 2>&1 || echo "Timer not found"`);
+        console.log(timerResult.stdout);
+        const lastResult = await executor.exec(`journalctl -u ${TIMER_NAME}.service -n 20 --no-pager 2>/dev/null || echo "No logs"`);
+        console.log(lastResult.stdout);
+    }, { configPath: options.config });
+}
+export async function cmdBackupList(cwd, options) {
+    await runRemoteCommand(cwd, async ({ config, executor }) => {
+        if (!config.backup) {
+            ui.error('No backup config found.');
+            process.exit(1);
+        }
+        const { s3Bucket, s3Prefix, s3Endpoint } = config.backup;
+        const prefix = s3Prefix ? s3Prefix.replace(/\/$/, '') + '/' : '';
+        const endpointFlag = s3Endpoint ? `--endpoint-url "${s3Endpoint}"` : '';
+        const result = await executor.exec(`aws s3 ls "s3://${s3Bucket}/${prefix}" --recursive ${endpointFlag} | sort -r | head -30`);
+        if (!result.stdout.trim()) {
+            ui.info('No backups found.');
+            return;
+        }
+        console.log(result.stdout);
+    }, { configPath: options.config });
+}
+//# sourceMappingURL=backup.js.map

package/dist/cli/commands/backup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"backup.js","sourceRoot":"","sources":["../../../src/cli/commands/backup.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAE9B,MAAM,kBAAkB,GAAG,mCAAmC,CAAC;AAC/D,MAAM,UAAU,GAAG,iBAAiB,CAAC;AAErC,SAAS,iBAAiB,CAAC,MAU1B;IACC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC/E,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,mBAAmB,MAAM,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACtF,MAAM,EAAE,GAAG,wBAAwB,CAAC;IAEpC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ;QACxD,CAAC,CAAC;;mBAEa,EAAE;EACnB,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,yCAAyC,MAAM,CAAC,MAAM,SAAS,MAAM,CAAC,MAAM,IAAI,IAAI,SAAS,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,MAAM,gBAAgB,CAAC,CAAC,CAAC,EAAE;EACjL,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,iBAAiB,MAAM,CAAC,MAAM,SAAS,MAAM,CAAC,MAAM,IAAI,IAAI,SAAS,MAAM,CAAC,MAAM,uBAAuB,MAAM,CAAC,MAAM,gBAAgB,CAAC,CAAC,CAAC,EAAE;6BAC5I,MAAM,CAAC,QAAQ,IAAI,MAAM,gBAAgB,YAAY;;CAEjF;QACG,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO;;;aAGI,EAAE;eACA,MAAM,CAAC,UAAU;aACnB,MAAM,CAAC,QAAQ;aACf,MAAM;;;;;8BAKW,EAAE;;+CAEe,MAAM,oCAAoC,YAAY;;EAEnG,MAAM;;CAEP,CAAC;AACF,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,QAAuC;IACvE,MAAM,GAAG,GAA2B;QAClC,MAAM,EAAE,SAAS;QACjB,KAAK,EAAE,gBAAgB;QACvB,MAAM,EAAE,oBAAoB;KAC7B,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC;AACpC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,EAAE,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;YAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,GAAG,OAAO,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC;QAEjG,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAEhC,uBAAuB;QACvB,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QACnF,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;YACzC,EAAE,CAAC,KAAK,CAAC,8HAA8H,CAAC,CAAC;YACzI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,iBAAiB,CAAC;YAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ;YACR,QAAQ;YACR,UAAU;YACV,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI;SAC9B,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACnD,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;YAC7C,gBAAgB,GAAG,6BAA6B,kBAAkB,kBAAkB;YACpF,kBAAkB,kBAAkB,EAAE,CACvC,CAAC;QAEF,MAAM,UAAU,GAAG,iBAAiB,CAAC,QAAyC,CAAC,CAAC;QAEhF,MAAM,WAAW,GAAG;;;;;YAKd,kBAAkB;CAC7B,CAAC;QAEI,MAAM,SAAS,GAAG;;;;aAIX,UAAU;;;;;CAKtB,CAAC;QAEI,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE3D,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;YAC7C,gBAAgB,MAAM,iDAAiD,UAAU,0BAA0B;YAC3G,gBAAgB,QAAQ,iDAAiD,UAAU,wBAAwB;YAC3G,mCAAmC;YACnC,gCAAgC,UAAU,QAAQ,CACnD,CAAC;QAEF,EAAE,CAAC,OAAO,CAAC,qBAAqB,QAAQ,YAAY,aAAa,SAAS,CAAC,CAAC;QAC5E,EAAE,CAAC,IAAI,CAAC,WAAW,kBAAkB,EAAE,CAAC,CAAC;IAC3C,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACrB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,SAAS,kBAAkB,oCAAoC,CAAC,CAAC;QACnG,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;YACtC,EAAE,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,EAAE,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;QAC7E,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3B,IAAI,MAAM,CAAC,MAAM;YAAE,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACjC,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACrB,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,CACrC,oBAAoB,UAAU,uCAAuC,CACtE,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,IAAI,CACpC,iBAAiB,UAAU,yDAAyD,CACrF,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,EAAE,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACpC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC;QACzD,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,mBAAmB,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAExE,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAChC,mBAAmB,QAAQ,IAAI,MAAM,iBAAiB,YAAY,uBAAuB,CAC1F,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAC1B,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC7B,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC"}

package/dist/cli/commands/ci.d.ts

@@ -0,0 +1,5 @@
+export declare function cmdCiGithub(cwd: string): Promise<void>;
+export declare function cmdCiEnvSync(cwd: string, options: {
+    all?: boolean;
+}): Promise<void>;
+//# sourceMappingURL=ci.d.ts.map

package/dist/cli/commands/ci.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ci.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/ci.ts"],"names":[],"mappings":"AAsHA,wBAAsB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAmC5D;AAsCD,wBAAsB,YAAY,CAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,OAAO,CAAA;CAAE,GACzB,OAAO,CAAC,IAAI,CAAC,CA+Df"}

package/dist/cli/commands/ci.js

@@ -0,0 +1,222 @@
+import { resolve } from 'path';
+import { readFile, writeFile, pathExists, ensureDir } from 'fs-extra';
+import { execa } from 'execa';
+import { loadConfig } from '../../config/loader.js';
+import { confirm } from '../prompt.js';
+import { ui } from '../ui.js';
+async function detectPkgManager(cwd) {
+    if (await pathExists(resolve(cwd, 'pnpm-lock.yaml'))) {
+        return {
+            id: 'pnpm',
+            cacheKey: 'pnpm',
+            setupAction: 'pnpm/action-setup@v4',
+            installCmd: 'pnpm install --frozen-lockfile',
+        };
+    }
+    if (await pathExists(resolve(cwd, 'yarn.lock'))) {
+        return {
+            id: 'yarn',
+            cacheKey: 'yarn',
+            setupAction: '',
+            installCmd: 'yarn install --frozen-lockfile',
+        };
+    }
+    if (await pathExists(resolve(cwd, 'bun.lockb'))) {
+        return {
+            id: 'bun',
+            cacheKey: 'bun',
+            setupAction: 'oven-sh/setup-bun@v2',
+            installCmd: 'bun install',
+        };
+    }
+    return {
+        id: 'npm',
+        cacheKey: 'npm',
+        setupAction: '',
+        installCmd: 'npm ci',
+    };
+}
+async function hasBuildScript(cwd) {
+    const pkgPath = resolve(cwd, 'package.json');
+    if (!(await pathExists(pkgPath)))
+        return false;
+    try {
+        const raw = await readFile(pkgPath, 'utf8');
+        const pkg = JSON.parse(raw);
+        return Boolean(pkg.scripts?.build);
+    }
+    catch {
+        return false;
+    }
+}
+function generateWorkflow(pm, withBuild) {
+    const setupPmStep = pm.setupAction
+        ? `      - name: Setup ${pm.id}\n        uses: ${pm.setupAction}\n\n`
+        : '';
+    const buildStep = withBuild
+        ? `\n      - name: Build\n        run: ${pm.id} run build\n`
+        : '';
+    return `name: Deploy via Shipnode
+
+on:
+  push:
+    branches:
+      - main
+      - master
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: '${pm.cacheKey}'
+
+${setupPmStep}      - name: Install dependencies
+        run: ${pm.installCmd}
+${buildStep}
+      - name: Setup SSH agent
+        uses: webfactory/ssh-agent@v0.9.0
+        with:
+          ssh-private-key: \${{ secrets.SHIPNODE_SSH_KEY }}
+
+      - name: Add server to known hosts
+        run: |
+          mkdir -p ~/.ssh
+          echo "\${{ secrets.SHIPNODE_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
+
+      - name: Install Shipnode
+        run: npm install -g shipnode
+
+      - name: Deploy
+        run: shipnode deploy
+`;
+}
+// ── cmdCiGithub ───────────────────────────────────────────────────────────────
+export async function cmdCiGithub(cwd) {
+    const pm = await detectPkgManager(cwd);
+    const withBuild = await hasBuildScript(cwd);
+    ui.info(`Detected package manager: ${pm.id}`);
+    if (withBuild) {
+        ui.info('Found scripts.build in package.json — build step will be included.');
+    }
+    const workflowDir = resolve(cwd, '.github', 'workflows');
+    const workflowPath = resolve(workflowDir, 'shipnode-deploy.yml');
+    if (await pathExists(workflowPath)) {
+        const overwrite = await confirm(`${workflowPath} already exists. Overwrite?`);
+        if (!overwrite) {
+            ui.info('Aborted — existing workflow file kept.');
+            return;
+        }
+    }
+    await ensureDir(workflowDir);
+    const content = generateWorkflow(pm, withBuild);
+    await writeFile(workflowPath, content, 'utf8');
+    ui.success(`Workflow written to .github/workflows/shipnode-deploy.yml`);
+    ui.heading('Required GitHub Secrets');
+    console.log('  Add the following secrets in your GitHub repository settings:');
+    console.log('  (Settings → Secrets and variables → Actions → New repository secret)');
+    console.log('');
+    console.log('  SHIPNODE_SSH_KEY        Your SSH private key for server access');
+    console.log('  SHIPNODE_KNOWN_HOSTS    Known hosts entry for your server');
+    console.log('                          (run: ssh-keyscan -H YOUR_HOST)');
+    console.log('');
+    console.log('  Note: Host, user, and port are read from shipnode.config.ts (committed to repo).');
+    console.log('  Only the private key must be kept as a secret.');
+}
+function parseEnvFile(content) {
+    const vars = [];
+    for (const line of content.split('\n')) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith('#'))
+            continue;
+        const eqIdx = trimmed.indexOf('=');
+        if (eqIdx === -1)
+            continue;
+        const key = trimmed.slice(0, eqIdx).trim();
+        const value = trimmed.slice(eqIdx + 1).trim();
+        if (key)
+            vars.push({ key, value });
+    }
+    return vars;
+}
+async function setGhSecret(key, value) {
+    try {
+        await execa('gh', ['secret', 'set', key, '--body', value]);
+        return true;
+    }
+    catch (error) {
+        const msg = error instanceof Error ? error.message : String(error);
+        if (msg.includes('command not found') || msg.includes('ENOENT')) {
+            throw new Error('GitHub CLI (gh) not found. Install it from https://cli.github.com/ and authenticate with `gh auth login`.');
+        }
+        return false;
+    }
+}
+export async function cmdCiEnvSync(cwd, options) {
+    const config = await loadConfig(cwd, undefined);
+    const envPath = resolve(cwd, config.envFile);
+    if (!(await pathExists(envPath))) {
+        ui.error(`Env file not found: ${config.envFile}`);
+        process.exit(1);
+    }
+    const content = await readFile(envPath, 'utf8');
+    const envVars = parseEnvFile(content);
+    if (envVars.length === 0) {
+        ui.warn('No variables found in env file.');
+    }
+    else if (!options.all) {
+        console.log('\nVariables to sync from env file:');
+        for (const { key } of envVars) {
+            console.log(`  ${key}`);
+        }
+        console.log('');
+        const proceed = await confirm(`Sync ${envVars.length} variable(s) to GitHub Secrets?`);
+        if (!proceed) {
+            ui.info('Sync cancelled.');
+            return;
+        }
+    }
+    let set = 0;
+    let failed = 0;
+    // Sync env file vars
+    for (const { key, value } of envVars) {
+        const ok = await setGhSecret(key, value);
+        if (ok) {
+            ui.success(`Set: ${key}`);
+            set++;
+        }
+        else {
+            ui.warn(`Failed: ${key}`);
+            failed++;
+        }
+    }
+    // Sync Shipnode connection vars from config
+    const shipnodeSecrets = [
+        { key: 'SHIPNODE_SSH_HOST', value: config.ssh.host },
+        { key: 'SHIPNODE_SSH_USER', value: config.ssh.user },
+        { key: 'SHIPNODE_SSH_PORT', value: String(config.ssh.port) },
+    ];
+    ui.info('Syncing Shipnode connection secrets...');
+    for (const { key, value } of shipnodeSecrets) {
+        const ok = await setGhSecret(key, value);
+        if (ok) {
+            ui.success(`Set: ${key}`);
+            set++;
+        }
+        else {
+            ui.warn(`Failed: ${key}`);
+            failed++;
+        }
+    }
+    ui.heading('Sync Summary');
+    ui.info(`Set: ${set}  Skipped: 0  Failed: ${failed}`);
+}
+//# sourceMappingURL=ci.js.map

package/dist/cli/commands/ci.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ci.js","sourceRoot":"","sources":["../../../src/cli/commands/ci.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACtE,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAa9B,KAAK,UAAU,gBAAgB,CAAC,GAAW;IACzC,IAAI,MAAM,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,EAAE,EAAE,MAAM;YACV,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,sBAAsB;YACnC,UAAU,EAAE,gCAAgC;SAC7C,CAAC;IACJ,CAAC;IACD,IAAI,MAAM,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC;QAChD,OAAO;YACL,EAAE,EAAE,MAAM;YACV,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,EAAE;YACf,UAAU,EAAE,gCAAgC;SAC7C,CAAC;IACJ,CAAC;IACD,IAAI,MAAM,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC;QAChD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,sBAAsB;YACnC,UAAU,EAAE,aAAa;SAC1B,CAAC;IACJ,CAAC;IACD,OAAO;QACL,EAAE,EAAE,KAAK;QACT,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,EAAE;QACf,UAAU,EAAE,QAAQ;KACrB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,GAAW;IACvC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAC7C,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAyC,CAAC;QACpE,OAAO,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,EAAkB,EAAE,SAAkB;IAC9D,MAAM,WAAW,GAAG,EAAE,CAAC,WAAW;QAChC,CAAC,CAAC,uBAAuB,EAAE,CAAC,EAAE,mBAAmB,EAAE,CAAC,WAAW,MAAM;QACrE,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,SAAS,GAAG,SAAS;QACzB,CAAC,CAAC,uCAAuC,EAAE,CAAC,EAAE,cAAc;QAC5D,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO;;;;;;;;;;;;;;;;;;;;;oBAqBW,EAAE,CAAC,QAAQ;;EAE7B,WAAW;eACE,EAAE,CAAC,UAAU;EAC1B,SAAS;;;;;;;;;;;;;;;;CAgBV,CAAC;AACF,CAAC;AAED,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAW;IAC3C,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;IAE5C,EAAE,CAAC,IAAI,CAAC,6BAA6B,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAC9C,IAAI,SAAS,EAAE,CAAC;QACd,EAAE,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IAChF,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACzD,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,EAAE,qBAAqB,CAAC,CAAC;IAEjE,IAAI,MAAM,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACnC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,YAAY,6BAA6B,CAAC,CAAC;QAC9E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,EAAE,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;YAClD,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,SAAS,CAAC,WAAW,CAAC,CAAC;IAC7B,MAAM,OAAO,GAAG,gBAAgB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAChD,MAAM,SAAS,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IAE/C,EAAE,CAAC,OAAO,CAAC,2DAA2D,CAAC,CAAC;IACxE,EAAE,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;IACtC,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;IACtF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;IAChF,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,oFAAoF,CAAC,CAAC;IAClG,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;AAClE,CAAC;AASD,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAClD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,KAAK,KAAK,CAAC,CAAC;YAAE,SAAS;QAC3B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC9C,IAAI,GAAG;YAAE,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;IACrC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,KAAa;IACnD,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnE,IAAI,GAAG,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CACb,2GAA2G,CAC5G,CAAC;QACJ,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,GAAW,EACX,OAA0B;IAE1B,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAEhD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACjC,EAAE,CAAC,KAAK,CAAC,uBAAuB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAEtC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,EAAE,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IAC7C,CAAC;SAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QAC1B,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,QAAQ,OAAO,CAAC,MAAM,iCAAiC,CAAC,CAAC;QACvF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC3B,OAAO;QACT,CAAC;IACH,CAAC;IAED,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,qBAAqB;IACrB,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,OAAO,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,EAAE,CAAC,OAAO,CAAC,QAAQ,GAAG,EAAE,CAAC,CAAC;YAC1B,GAAG,EAAE,CAAC;QACR,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC;YAC1B,MAAM,EAAE,CAAC;QACX,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,MAAM,eAAe,GAAa;QAChC,EAAE,GAAG,EAAE,mBAAmB,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE;QACpD,EAAE,GAAG,EAAE,mBAAmB,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE;QACpD,EAAE,GAAG,EAAE,mBAAmB,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;KAC7D,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IAClD,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,eAAe,EAAE,CAAC;QAC7C,MAAM,EAAE,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,EAAE,CAAC,OAAO,CAAC,QAAQ,GAAG,EAAE,CAAC,CAAC;YAC1B,GAAG,EAAE,CAAC;QACR,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC;YAC1B,MAAM,EAAE,CAAC;QACX,CAAC;IACH,CAAC;IAED,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IAC3B,EAAE,CAAC,IAAI,CAAC,QAAQ,GAAG,yBAAyB,MAAM,EAAE,CAAC,CAAC;AACxD,CAAC"}

package/dist/cli/commands/cloudflare.d.ts

@@ -0,0 +1,10 @@
+export declare function cmdCloudflareInit(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdCloudflareAudit(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdCloudflareStatus(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+//# sourceMappingURL=cloudflare.d.ts.map

package/dist/cli/commands/cloudflare.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/cloudflare.ts"],"names":[],"mappings":"AAmCA,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAiIf;AAED,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAmDf;AAED,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAC3B,OAAO,CAAC,IAAI,CAAC,CAWf"}

package/dist/cli/commands/cloudflare.js

@@ -0,0 +1,166 @@
+import { runRemoteCommand } from '../runner.js';
+import { ui } from '../ui.js';
+const CF_API = 'https://api.cloudflare.com/client/v4';
+async function cfFetch(path, opts, init = {}) {
+    const res = await fetch(`${CF_API}${path}`, {
+        ...init,
+        headers: {
+            'Authorization': `Bearer ${opts.apiToken}`,
+            'Content-Type': 'application/json',
+            ...(init.headers ?? {}),
+        },
+    });
+    const json = await res.json();
+    if (!json.success) {
+        const msg = json.errors?.map((e) => e.message).join(', ') ?? 'Unknown error';
+        throw new Error(`Cloudflare API error: ${msg}`);
+    }
+    return json.result;
+}
+function requireToken() {
+    const token = process.env['CLOUDFLARE_API_TOKEN'] ?? process.env['CF_API_TOKEN'];
+    if (!token) {
+        ui.error('CLOUDFLARE_API_TOKEN env var required');
+        process.exit(1);
+    }
+    return token;
+}
+export async function cmdCloudflareInit(cwd, options) {
+    await runRemoteCommand(cwd, async ({ config, executor }) => {
+        if (!config.cloudflare) {
+            ui.error('No cloudflare config found. Add a cloudflare block to shipnode.config.ts');
+            process.exit(1);
+        }
+        const cf = config.cloudflare;
+        const apiToken = requireToken();
+        ui.info('Installing cloudflared...');
+        const installCheck = await executor.exec('command -v cloudflared 2>/dev/null || echo MISSING');
+        if (installCheck.stdout.trim() === 'MISSING') {
+            await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+                `curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | $SUDO tee /usr/share/keyrings/cloudflare-main.gpg > /dev/null && ` +
+                `echo "deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared $(lsb_release -cs) main" | ` +
+                `$SUDO tee /etc/apt/sources.list.d/cloudflared.list && ` +
+                `$SUDO apt-get update -qq && $SUDO apt-get install -y -qq cloudflared`);
+            ui.success('cloudflared installed');
+        }
+        else {
+            ui.info('cloudflared already installed');
+        }
+        const tunnelName = cf.tunnelName ?? `shipnode-${config.ssh.host.replace(/\./g, '-')}`;
+        ui.info(`Creating tunnel: ${tunnelName}`);
+        // Create tunnel via API to get ID, then install on server
+        const cfApiOpts = { apiToken };
+        // Get zone ID
+        const zones = await cfFetch(`/zones?name=${cf.zone}`, cfApiOpts);
+        if (!zones.length)
+            throw new Error(`Zone "${cf.zone}" not found`);
+        const zoneId = zones[0].id;
+        // Create tunnel (remote execution: cloudflared tunnel create)
+        const createResult = await executor.exec(`cloudflared tunnel create "${tunnelName}" 2>&1`);
+        ui.info(createResult.stdout.trim());
+        // Get tunnel UUID from list
+        const listResult = await executor.exec(`cloudflared tunnel list --output json 2>/dev/null | grep -o '"id":"[^"]*"' | head -1 | cut -d'"' -f4`);
+        const tunnelId = listResult.stdout.trim();
+        if (!tunnelId) {
+            ui.error('Could not determine tunnel ID. Check: cloudflared tunnel list');
+            process.exit(1);
+        }
+        // Create DNS records if appHostname set
+        if (cf.appHostname) {
+            await executor.exec(`cloudflared tunnel route dns "${tunnelName}" "${cf.appHostname}"`);
+            ui.success(`DNS: ${cf.appHostname} → tunnel`);
+        }
+        if (cf.sshHostname) {
+            await executor.exec(`cloudflared tunnel route dns "${tunnelName}" "${cf.sshHostname}"`);
+            ui.success(`DNS: ${cf.sshHostname} → tunnel`);
+        }
+        // Generate config and start as systemd service
+        const appIngress = cf.appHostname
+            ? `  - hostname: ${cf.appHostname}\n    service: http://localhost:${config.backend?.port ?? 3000}`
+            : '';
+        const sshIngress = cf.sshHostname
+            ? `  - hostname: ${cf.sshHostname}\n    service: ssh://localhost:22`
+            : '';
+        const cfConfig = `tunnel: ${tunnelId}
+credentials-file: /root/.cloudflared/${tunnelId}.json
+
+ingress:
+${appIngress}
+${sshIngress}
+  - service: http_status:404
+`;
+        const b64 = Buffer.from(cfConfig).toString('base64');
+        await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+            `mkdir -p /etc/cloudflared && ` +
+            `printf '%s' '${b64}' | base64 -d | $SUDO tee /etc/cloudflared/config.yml > /dev/null`);
+        await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+            `$SUDO cloudflared service install && $SUDO systemctl start cloudflared`);
+        // Setup firewall lockdown if requested
+        if (cf.lockdownFirewall) {
+            ui.info('Locking down firewall to Cloudflare IPs only...');
+            const cfIpv4 = await cfFetch('/ips', cfApiOpts);
+            for (const cidr of cfIpv4.ipv4_cidrs ?? []) {
+                await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+                    `$SUDO ufw allow from ${cidr} to any port ${config.backend?.port ?? 3000} 2>/dev/null || true`);
+            }
+            await executor.exec(`SUDO=""; [ "$EUID" -ne 0 ] && SUDO="sudo"; ` +
+                `$SUDO ufw deny ${config.backend?.port ?? 3000} 2>/dev/null || true`);
+            ui.success('Firewall locked to Cloudflare IPs');
+        }
+        // Setup Access policy if accessEmails present
+        if (cf.accessEmails?.length && zoneId) {
+            ui.info('Setting up Cloudflare Access policy...');
+            await cfFetch(`/accounts`, cfApiOpts); // just to verify token works
+            ui.info(`Access policy: configure manually at dash.cloudflare.com for zone ${cf.zone}`);
+            ui.info(`Allowed emails: ${cf.accessEmails.join(', ')}`);
+        }
+        ui.success(`Cloudflare tunnel "${tunnelName}" initialized.`);
+    }, { configPath: options.config });
+}
+export async function cmdCloudflareAudit(cwd, options) {
+    await runRemoteCommand(cwd, async ({ config, executor }) => {
+        if (!config.cloudflare) {
+            ui.error('No cloudflare config found.');
+            process.exit(1);
+        }
+        const apiToken = requireToken();
+        const cf = config.cloudflare;
+        const cfApiOpts = { apiToken };
+        ui.info(`Auditing Cloudflare config for zone: ${cf.zone}`);
+        const zones = await cfFetch(`/zones?name=${cf.zone}`, cfApiOpts);
+        if (!zones.length) {
+            ui.error(`Zone "${cf.zone}" not found in account`);
+            return;
+        }
+        const zone = zones[0];
+        console.log(`  Zone: ${zone.name} (${zone.id}) — ${zone.status}`);
+        // Check DNS records
+        if (cf.appHostname) {
+            const records = await cfFetch(`/zones/${zone.id}/dns_records?name=${cf.appHostname}`, cfApiOpts);
+            if (records.length) {
+                console.log(`  DNS ${cf.appHostname}: ${records[0].type} → ${records[0].content}`);
+            }
+            else {
+                ui.warn(`  DNS ${cf.appHostname}: NOT FOUND`);
+            }
+        }
+        // Check tunnel on server
+        const tunnelCheck = await executor.exec('cloudflared tunnel list 2>/dev/null || echo MISSING');
+        if (tunnelCheck.stdout.includes('MISSING')) {
+            ui.warn('  cloudflared: not installed');
+        }
+        else {
+            console.log(`  cloudflared tunnels:\n${tunnelCheck.stdout.trim()}`);
+        }
+        // Check service
+        const svcCheck = await executor.exec('systemctl is-active cloudflared 2>/dev/null || echo inactive');
+        console.log(`  cloudflared service: ${svcCheck.stdout.trim()}`);
+    }, { configPath: options.config });
+}
+export async function cmdCloudflareStatus(cwd, options) {
+    await runRemoteCommand(cwd, async ({ executor }) => {
+        const result = await executor.exec(`systemctl status cloudflared 2>&1; echo "---"; cloudflared tunnel info 2>&1 || true`);
+        console.log(result.stdout);
+    }, { configPath: options.config });
+}
+//# sourceMappingURL=cloudflare.js.map

package/dist/cli/commands/cloudflare.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.js","sourceRoot":"","sources":["../../../src/cli/commands/cloudflare.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,EAAE,EAAE,MAAM,UAAU,CAAC;AAE9B,MAAM,MAAM,GAAG,sCAAsC,CAAC;AAMtD,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,IAAkB,EAAE,OAAoB,EAAE;IAC7E,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,MAAM,GAAG,IAAI,EAAE,EAAE;QAC1C,GAAG,IAAI;QACP,OAAO,EAAE;YACP,eAAe,EAAE,UAAU,IAAI,CAAC,QAAQ,EAAE;YAC1C,cAAc,EAAE,kBAAkB;YAClC,GAAG,CAAC,IAAI,CAAC,OAAiC,IAAI,EAAE,CAAC;SAClD;KACF,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAA2E,CAAC;IACvG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,eAAe,CAAC;QAC7E,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,EAAE,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC;AACrB,CAAC;AAED,SAAS,YAAY;IACnB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IACjF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,EAAE,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAClD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACvB,EAAE,CAAC,KAAK,CAAC,0EAA0E,CAAC,CAAC;YACrF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;QAC7B,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;QAEhC,EAAE,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAErC,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;QAC/F,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;YAC7C,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;gBAC7C,+HAA+H;gBAC/H,kIAAkI;gBAClI,wDAAwD;gBACxD,sEAAsE,CACvE,CAAC;YACF,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,IAAI,YAAY,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;QACtF,EAAE,CAAC,IAAI,CAAC,oBAAoB,UAAU,EAAE,CAAC,CAAC;QAE1C,0DAA0D;QAC1D,MAAM,SAAS,GAAiB,EAAE,QAAQ,EAAE,CAAC;QAE7C,cAAc;QACd,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,eAAe,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,CAAqB,CAAC;QACrF,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC,IAAI,aAAa,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAE3B,8DAA8D;QAC9D,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,CACtC,8BAA8B,UAAU,QAAQ,CACjD,CAAC;QACF,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAEpC,4BAA4B;QAC5B,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,IAAI,CACpC,sGAAsG,CACvG,CAAC;QACF,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAE1C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,EAAE,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;YAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,wCAAwC;QACxC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YACnB,MAAM,QAAQ,CAAC,IAAI,CACjB,iCAAiC,UAAU,MAAM,EAAE,CAAC,WAAW,GAAG,CACnE,CAAC;YACF,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,WAAW,WAAW,CAAC,CAAC;QAChD,CAAC;QAED,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YACnB,MAAM,QAAQ,CAAC,IAAI,CACjB,iCAAiC,UAAU,MAAM,EAAE,CAAC,WAAW,GAAG,CACnE,CAAC;YACF,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,WAAW,WAAW,CAAC,CAAC;QAChD,CAAC;QAED,+CAA+C;QAC/C,MAAM,UAAU,GAAG,EAAE,CAAC,WAAW;YAC/B,CAAC,CAAC,iBAAiB,EAAE,CAAC,WAAW,mCAAmC,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE;YAClG,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,UAAU,GAAG,EAAE,CAAC,WAAW;YAC/B,CAAC,CAAC,iBAAiB,EAAE,CAAC,WAAW,mCAAmC;YACpE,CAAC,CAAC,EAAE,CAAC;QAEP,MAAM,QAAQ,GAAG,WAAW,QAAQ;uCACH,QAAQ;;;EAG7C,UAAU;EACV,UAAU;;CAEX,CAAC;QAEI,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACrD,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;YAC7C,+BAA+B;YAC/B,gBAAgB,GAAG,mEAAmE,CACvF,CAAC;QAEF,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;YAC7C,wEAAwE,CACzE,CAAC;QAEF,uCAAuC;QACvC,IAAI,EAAE,CAAC,gBAAgB,EAAE,CAAC;YACxB,EAAE,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;YAC3D,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,EAAE,SAAS,CAA6B,CAAC;YAC5E,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;gBAC3C,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;oBAC7C,wBAAwB,IAAI,gBAAgB,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,IAAI,sBAAsB,CAC/F,CAAC;YACJ,CAAC;YACD,MAAM,QAAQ,CAAC,IAAI,CACjB,6CAA6C;gBAC7C,kBAAkB,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,IAAI,sBAAsB,CACrE,CAAC;YACF,EAAE,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC;QAClD,CAAC;QAED,8CAA8C;QAC9C,IAAI,EAAE,CAAC,YAAY,EAAE,MAAM,IAAI,MAAM,EAAE,CAAC;YACtC,EAAE,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;YAClD,MAAM,OAAO,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,6BAA6B;YACpE,EAAE,CAAC,IAAI,CAAC,qEAAqE,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;YACxF,EAAE,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,EAAE,CAAC,OAAO,CAAC,sBAAsB,UAAU,gBAAgB,CAAC,CAAC;IAC/D,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YACvB,EAAE,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;QAChC,MAAM,EAAE,GAAG,MAAM,CAAC,UAAU,CAAC;QAC7B,MAAM,SAAS,GAAiB,EAAE,QAAQ,EAAE,CAAC;QAE7C,EAAE,CAAC,IAAI,CAAC,wCAAwC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;QAE3D,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,eAAe,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,CAAmD,CAAC;QACnH,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAClB,EAAE,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,IAAI,wBAAwB,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAElE,oBAAoB;QACpB,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YACnB,MAAM,OAAO,GAAG,MAAM,OAAO,CAC3B,UAAU,IAAI,CAAC,EAAE,qBAAqB,EAAE,CAAC,WAAW,EAAE,EACtD,SAAS,CAC6B,CAAC;YACzC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,WAAW,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YACrF,CAAC;iBAAM,CAAC;gBACN,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,WAAW,aAAa,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;QAC/F,IAAI,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3C,EAAE,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,gBAAgB;QAChB,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;QACrG,OAAO,CAAC,GAAG,CAAC,0BAA0B,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAClE,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,GAAW,EACX,OAA4B;IAE5B,MAAM,gBAAgB,CACpB,GAAG,EACH,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACrB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAChC,qFAAqF,CACtF,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC,EACD,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,CAC/B,CAAC;AACJ,CAAC"}

package/dist/cli/commands/config.d.ts

@@ -0,0 +1,10 @@
+export declare function cmdConfigShow(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdConfigValidate(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+export declare function cmdConfigPath(cwd: string, options: {
+    config?: string;
+}): Promise<void>;
+//# sourceMappingURL=config.d.ts.map

package/dist/cli/commands/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/config.ts"],"names":[],"mappings":"AAMA,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAqE5F;AAED,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAShG;AAED,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAuB5F"}