@factiii/stack 0.1.200 → 0.1.203
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -21
- package/README.md +403 -403
- package/bin/stack +334 -334
- package/dist/cli/dev-sync.js +16 -16
- package/dist/plugins/addons/auth/index.js +7 -7
- package/dist/plugins/addons/vercel/index.js +9 -9
- package/dist/plugins/addons/vercel/scanfix/config.js +10 -10
- package/dist/plugins/addons/vercel/scanfix/token.js +15 -15
- package/dist/plugins/approved.json +13 -13
- package/dist/plugins/pipelines/aws/index.js +12 -12
- package/dist/plugins/pipelines/aws/policies/bootstrap-policy.json +135 -135
- package/dist/plugins/pipelines/aws/prod.js +1 -1
- package/dist/plugins/pipelines/factiii/index.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/index.js +2 -14
- package/dist/plugins/pipelines/factiii/index.js.map +1 -1
- package/dist/plugins/pipelines/factiii/prod.js +21 -21
- package/dist/plugins/pipelines/factiii/scanfix/port-convention.d.ts.map +1 -1
- package/dist/plugins/pipelines/factiii/scanfix/port-convention.js +2 -4
- package/dist/plugins/pipelines/factiii/scanfix/port-convention.js.map +1 -1
- package/dist/plugins/pipelines/factiii/staging.js +23 -23
- package/dist/plugins/pipelines/factiii/workflows/stack-ci.yml +75 -75
- package/dist/plugins/pipelines/factiii/workflows/stack-cicd-prod.yml +73 -73
- package/dist/plugins/servers/amazon-linux/index.js +16 -16
- package/dist/plugins/servers/mac/index.js +12 -12
- package/dist/plugins/servers/mac/staging.js +2 -2
- package/dist/plugins/servers/ubuntu/index.js +23 -23
- package/dist/plugins/servers/windows/index.js +15 -15
- package/dist/scanfix/commands/mac.d.ts.map +1 -1
- package/dist/scanfix/commands/mac.js +5 -4
- package/dist/scanfix/commands/mac.js.map +1 -1
- package/dist/scanfix/fixes/certbot.d.ts.map +1 -1
- package/dist/scanfix/fixes/certbot.js +4 -18
- package/dist/scanfix/fixes/certbot.js.map +1 -1
- package/dist/scanfix/fixes/docker.d.ts.map +1 -1
- package/dist/scanfix/fixes/docker.js +5 -14
- package/dist/scanfix/fixes/docker.js.map +1 -1
- package/dist/scanfix/ssl-cert-helper.d.ts.map +1 -1
- package/dist/scanfix/ssl-cert-helper.js +18 -4
- package/dist/scanfix/ssl-cert-helper.js.map +1 -1
- package/dist/scripts/generate-all.js +73 -73
- package/dist/utils/deployment-report.js +2 -2
- package/dist/utils/secret-prompts.js +34 -34
- package/dist/utils/template-generator.js +74 -74
- package/package.json +100 -114
- package/dist/plugins/pipelines/factiii/scanfix/docker.d.ts +0 -20
- package/dist/plugins/pipelines/factiii/scanfix/docker.d.ts.map +0 -1
- package/dist/plugins/pipelines/factiii/scanfix/docker.js +0 -131
- package/dist/plugins/pipelines/factiii/scanfix/docker.js.map +0 -1
|
@@ -1,73 +1,73 @@
|
|
|
1
|
-
name: Stack CI Prod
|
|
2
|
-
|
|
3
|
-
# Generated by @factiii/stack v{VERSION}
|
|
4
|
-
# Runs builds and tests on push to prod branch.
|
|
5
|
-
# No deployment - deploy via SSH from dev machine.
|
|
6
|
-
|
|
7
|
-
on:
|
|
8
|
-
push:
|
|
9
|
-
branches: [prod]
|
|
10
|
-
|
|
11
|
-
jobs:
|
|
12
|
-
ci:
|
|
13
|
-
runs-on: ubuntu-latest
|
|
14
|
-
env:
|
|
15
|
-
CI: true
|
|
16
|
-
ENV: test
|
|
17
|
-
NODE_ENV: test
|
|
18
|
-
DATABASE_URL: "postgresql://postgres:password@localhost:5440/factiii-test?connect_timeout=300"
|
|
19
|
-
TEST_DATABASE_URL: "postgresql://postgres:password@localhost:5440/factiii-test?connect_timeout=300"
|
|
20
|
-
TEST_ADMIN_IP: "::ffff:127.0.0.1"
|
|
21
|
-
SITE_URL: http://localhost:3000
|
|
22
|
-
ALLOWED_ORIGINS: http://localhost:3000,http://localhost:5001
|
|
23
|
-
ACCESS_TOKEN_SECRET: test-secret-key
|
|
24
|
-
GOOGLE_CLIENT_ID: test-google-id
|
|
25
|
-
APPLE_CLIENT_ID: com.factiii.test
|
|
26
|
-
NEXT_PUBLIC_SITE_URL: http://localhost:3000
|
|
27
|
-
NEXT_PUBLIC_API_URL: http://localhost:5001
|
|
28
|
-
|
|
29
|
-
steps:
|
|
30
|
-
- name: Checkout
|
|
31
|
-
uses: actions/checkout@v4
|
|
32
|
-
|
|
33
|
-
- name: Setup pnpm
|
|
34
|
-
uses: pnpm/action-setup@v4
|
|
35
|
-
|
|
36
|
-
- name: Setup Node.js
|
|
37
|
-
uses: actions/setup-node@v4
|
|
38
|
-
with:
|
|
39
|
-
node-version: '24'
|
|
40
|
-
cache: 'pnpm'
|
|
41
|
-
|
|
42
|
-
- name: Install dependencies
|
|
43
|
-
run: pnpm install
|
|
44
|
-
|
|
45
|
-
- name: Build server
|
|
46
|
-
run: pnpm build
|
|
47
|
-
working-directory: apps/server
|
|
48
|
-
|
|
49
|
-
- name: Build client
|
|
50
|
-
run: pnpm build
|
|
51
|
-
working-directory: client
|
|
52
|
-
if: hashFiles('client/package.json') != ''
|
|
53
|
-
|
|
54
|
-
- name: Setup Java (for Android)
|
|
55
|
-
uses: actions/setup-java@v4
|
|
56
|
-
with:
|
|
57
|
-
distribution: 'temurin'
|
|
58
|
-
java-version: '17'
|
|
59
|
-
if: hashFiles('apps/mobile/android/build.gradle') != ''
|
|
60
|
-
|
|
61
|
-
- name: Build Android
|
|
62
|
-
run: |
|
|
63
|
-
cd apps/mobile/android
|
|
64
|
-
./gradlew assembleRelease
|
|
65
|
-
if: hashFiles('apps/mobile/android/build.gradle') != ''
|
|
66
|
-
|
|
67
|
-
- name: Start Docker containers
|
|
68
|
-
run: |
|
|
69
|
-
chmod +x ./start.sh
|
|
70
|
-
./start.sh
|
|
71
|
-
|
|
72
|
-
- name: Run tests
|
|
73
|
-
run: pnpm test:server
|
|
1
|
+
name: Stack CI Prod
|
|
2
|
+
|
|
3
|
+
# Generated by @factiii/stack v{VERSION}
|
|
4
|
+
# Runs builds and tests on push to prod branch.
|
|
5
|
+
# No deployment - deploy via SSH from dev machine.
|
|
6
|
+
|
|
7
|
+
on:
|
|
8
|
+
push:
|
|
9
|
+
branches: [prod]
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
ci:
|
|
13
|
+
runs-on: ubuntu-latest
|
|
14
|
+
env:
|
|
15
|
+
CI: true
|
|
16
|
+
ENV: test
|
|
17
|
+
NODE_ENV: test
|
|
18
|
+
DATABASE_URL: "postgresql://postgres:password@localhost:5440/factiii-test?connect_timeout=300"
|
|
19
|
+
TEST_DATABASE_URL: "postgresql://postgres:password@localhost:5440/factiii-test?connect_timeout=300"
|
|
20
|
+
TEST_ADMIN_IP: "::ffff:127.0.0.1"
|
|
21
|
+
SITE_URL: http://localhost:3000
|
|
22
|
+
ALLOWED_ORIGINS: http://localhost:3000,http://localhost:5001
|
|
23
|
+
ACCESS_TOKEN_SECRET: test-secret-key
|
|
24
|
+
GOOGLE_CLIENT_ID: test-google-id
|
|
25
|
+
APPLE_CLIENT_ID: com.factiii.test
|
|
26
|
+
NEXT_PUBLIC_SITE_URL: http://localhost:3000
|
|
27
|
+
NEXT_PUBLIC_API_URL: http://localhost:5001
|
|
28
|
+
|
|
29
|
+
steps:
|
|
30
|
+
- name: Checkout
|
|
31
|
+
uses: actions/checkout@v4
|
|
32
|
+
|
|
33
|
+
- name: Setup pnpm
|
|
34
|
+
uses: pnpm/action-setup@v4
|
|
35
|
+
|
|
36
|
+
- name: Setup Node.js
|
|
37
|
+
uses: actions/setup-node@v4
|
|
38
|
+
with:
|
|
39
|
+
node-version: '24'
|
|
40
|
+
cache: 'pnpm'
|
|
41
|
+
|
|
42
|
+
- name: Install dependencies
|
|
43
|
+
run: pnpm install
|
|
44
|
+
|
|
45
|
+
- name: Build server
|
|
46
|
+
run: pnpm build
|
|
47
|
+
working-directory: apps/server
|
|
48
|
+
|
|
49
|
+
- name: Build client
|
|
50
|
+
run: pnpm build
|
|
51
|
+
working-directory: client
|
|
52
|
+
if: hashFiles('client/package.json') != ''
|
|
53
|
+
|
|
54
|
+
- name: Setup Java (for Android)
|
|
55
|
+
uses: actions/setup-java@v4
|
|
56
|
+
with:
|
|
57
|
+
distribution: 'temurin'
|
|
58
|
+
java-version: '17'
|
|
59
|
+
if: hashFiles('apps/mobile/android/build.gradle') != ''
|
|
60
|
+
|
|
61
|
+
- name: Build Android
|
|
62
|
+
run: |
|
|
63
|
+
cd apps/mobile/android
|
|
64
|
+
./gradlew assembleRelease
|
|
65
|
+
if: hashFiles('apps/mobile/android/build.gradle') != ''
|
|
66
|
+
|
|
67
|
+
- name: Start Docker containers
|
|
68
|
+
run: |
|
|
69
|
+
chmod +x ./start.sh
|
|
70
|
+
./start.sh
|
|
71
|
+
|
|
72
|
+
- name: Run tests
|
|
73
|
+
run: pnpm test:server
|
|
@@ -99,13 +99,13 @@ class AmazonLinuxPlugin {
|
|
|
99
99
|
return false;
|
|
100
100
|
}
|
|
101
101
|
static helpText = {
|
|
102
|
-
SSH: `
|
|
103
|
-
SSH private key for accessing the Amazon Linux server.
|
|
104
|
-
|
|
105
|
-
For AWS EC2:
|
|
106
|
-
- Use the key pair you created when launching the instance
|
|
107
|
-
- Download the .pem file from AWS Console
|
|
108
|
-
|
|
102
|
+
SSH: `
|
|
103
|
+
SSH private key for accessing the Amazon Linux server.
|
|
104
|
+
|
|
105
|
+
For AWS EC2:
|
|
106
|
+
- Use the key pair you created when launching the instance
|
|
107
|
+
- Download the .pem file from AWS Console
|
|
108
|
+
|
|
109
109
|
Default user for Amazon Linux: ec2-user`,
|
|
110
110
|
};
|
|
111
111
|
// ============================================================
|
|
@@ -152,21 +152,21 @@ class AmazonLinuxPlugin {
|
|
|
152
152
|
* Get the command to install Docker on Amazon Linux 2023
|
|
153
153
|
*/
|
|
154
154
|
static getDockerInstallCommand() {
|
|
155
|
-
return `
|
|
156
|
-
sudo dnf update -y && \
|
|
157
|
-
sudo dnf install -y docker && \
|
|
158
|
-
sudo systemctl start docker && \
|
|
159
|
-
sudo systemctl enable docker && \
|
|
160
|
-
sudo usermod -aG docker $USER
|
|
155
|
+
return `
|
|
156
|
+
sudo dnf update -y && \
|
|
157
|
+
sudo dnf install -y docker && \
|
|
158
|
+
sudo systemctl start docker && \
|
|
159
|
+
sudo systemctl enable docker && \
|
|
160
|
+
sudo usermod -aG docker $USER
|
|
161
161
|
`;
|
|
162
162
|
}
|
|
163
163
|
/**
|
|
164
164
|
* Get the command to install Node.js on Amazon Linux
|
|
165
165
|
*/
|
|
166
166
|
static getNodeInstallCommand() {
|
|
167
|
-
return `
|
|
168
|
-
curl -fsSL https://rpm.nodesource.com/setup_20.x | sudo bash - && \
|
|
169
|
-
sudo dnf install -y nodejs
|
|
167
|
+
return `
|
|
168
|
+
curl -fsSL https://rpm.nodesource.com/setup_20.x | sudo bash - && \
|
|
169
|
+
sudo dnf install -y nodejs
|
|
170
170
|
`;
|
|
171
171
|
}
|
|
172
172
|
/**
|
|
@@ -138,16 +138,16 @@ class MacPlugin {
|
|
|
138
138
|
return Object.keys(config).length === 0;
|
|
139
139
|
}
|
|
140
140
|
static helpText = {
|
|
141
|
-
SSH: `
|
|
142
|
-
SSH private key for accessing the server.
|
|
143
|
-
|
|
144
|
-
Step 1: Generate a new SSH key pair (if needed):
|
|
145
|
-
ssh-keygen -t ed25519 -C "deploy-key" -f ~/.ssh/deploy_key
|
|
146
|
-
|
|
147
|
-
Step 2: Add PUBLIC key to server:
|
|
148
|
-
ssh-copy-id -i ~/.ssh/deploy_key.pub ubuntu@YOUR_HOST
|
|
149
|
-
|
|
150
|
-
Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
|
|
141
|
+
SSH: `
|
|
142
|
+
SSH private key for accessing the server.
|
|
143
|
+
|
|
144
|
+
Step 1: Generate a new SSH key pair (if needed):
|
|
145
|
+
ssh-keygen -t ed25519 -C "deploy-key" -f ~/.ssh/deploy_key
|
|
146
|
+
|
|
147
|
+
Step 2: Add PUBLIC key to server:
|
|
148
|
+
ssh-copy-id -i ~/.ssh/deploy_key.pub ubuntu@YOUR_HOST
|
|
149
|
+
|
|
150
|
+
Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
|
|
151
151
|
cat ~/.ssh/deploy_key`,
|
|
152
152
|
};
|
|
153
153
|
// ============================================================
|
|
@@ -238,8 +238,8 @@ class MacPlugin {
|
|
|
238
238
|
}
|
|
239
239
|
try {
|
|
240
240
|
const repoName = config.name ?? 'app';
|
|
241
|
-
await MacPlugin.sshExec(envConfig, `
|
|
242
|
-
cd ~/.factiii && docker compose stop ${repoName}-staging
|
|
241
|
+
await MacPlugin.sshExec(envConfig, `
|
|
242
|
+
cd ~/.factiii && docker compose stop ${repoName}-staging
|
|
243
243
|
`);
|
|
244
244
|
return { success: true, message: 'Staging containers stopped' };
|
|
245
245
|
}
|
|
@@ -291,7 +291,7 @@ async function writeEnvFile(envConfig, repoDir, environment, envVarsString) {
|
|
|
291
291
|
const escapedContent = envFileContent
|
|
292
292
|
.replace(/'/g, "'\\''")
|
|
293
293
|
.replace(/\n/g, '\\n');
|
|
294
|
-
await sshExecCommand(envConfig, `cat > ${repoDir}/${envFileName} << 'ENVEOF'
|
|
294
|
+
await sshExecCommand(envConfig, `cat > ${repoDir}/${envFileName} << 'ENVEOF'
|
|
295
295
|
${envFileContent}ENVEOF`);
|
|
296
296
|
}
|
|
297
297
|
}
|
|
@@ -347,7 +347,7 @@ async function createEnvFromStaging(envConfig, repoDir) {
|
|
|
347
347
|
console.log(' 📝 Created .env from .env.staging (with host port replacement)');
|
|
348
348
|
}
|
|
349
349
|
else {
|
|
350
|
-
await sshExecCommand(envConfig, `cat > ${envPath} << 'ENVEOF'
|
|
350
|
+
await sshExecCommand(envConfig, `cat > ${envPath} << 'ENVEOF'
|
|
351
351
|
${updatedContent}ENVEOF`);
|
|
352
352
|
console.log(' 📝 Created .env from .env.staging on remote server (with host port replacement)');
|
|
353
353
|
}
|
|
@@ -99,16 +99,16 @@ class UbuntuPlugin {
|
|
|
99
99
|
return false;
|
|
100
100
|
}
|
|
101
101
|
static helpText = {
|
|
102
|
-
SSH: `
|
|
103
|
-
SSH private key for accessing the Ubuntu server.
|
|
104
|
-
|
|
105
|
-
Step 1: Generate a new SSH key pair (if needed):
|
|
106
|
-
ssh-keygen -t ed25519 -C "deploy-key" -f ~/.ssh/deploy_key
|
|
107
|
-
|
|
108
|
-
Step 2: Add PUBLIC key to server:
|
|
109
|
-
ssh-copy-id -i ~/.ssh/deploy_key.pub ubuntu@YOUR_HOST
|
|
110
|
-
|
|
111
|
-
Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
|
|
102
|
+
SSH: `
|
|
103
|
+
SSH private key for accessing the Ubuntu server.
|
|
104
|
+
|
|
105
|
+
Step 1: Generate a new SSH key pair (if needed):
|
|
106
|
+
ssh-keygen -t ed25519 -C "deploy-key" -f ~/.ssh/deploy_key
|
|
107
|
+
|
|
108
|
+
Step 2: Add PUBLIC key to server:
|
|
109
|
+
ssh-copy-id -i ~/.ssh/deploy_key.pub ubuntu@YOUR_HOST
|
|
110
|
+
|
|
111
|
+
Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
|
|
112
112
|
cat ~/.ssh/deploy_key`,
|
|
113
113
|
};
|
|
114
114
|
// ============================================================
|
|
@@ -155,25 +155,25 @@ class UbuntuPlugin {
|
|
|
155
155
|
* Get the command to install Docker on Ubuntu
|
|
156
156
|
*/
|
|
157
157
|
static getDockerInstallCommand() {
|
|
158
|
-
return `
|
|
159
|
-
sudo apt-get update && \
|
|
160
|
-
sudo apt-get install -y ca-certificates curl gnupg && \
|
|
161
|
-
sudo install -m 0755 -d /etc/apt/keyrings && \
|
|
162
|
-
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
|
|
163
|
-
sudo chmod a+r /etc/apt/keyrings/docker.gpg && \
|
|
164
|
-
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null && \
|
|
165
|
-
sudo apt-get update && \
|
|
166
|
-
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin && \
|
|
167
|
-
sudo usermod -aG docker $USER
|
|
158
|
+
return `
|
|
159
|
+
sudo apt-get update && \
|
|
160
|
+
sudo apt-get install -y ca-certificates curl gnupg && \
|
|
161
|
+
sudo install -m 0755 -d /etc/apt/keyrings && \
|
|
162
|
+
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
|
|
163
|
+
sudo chmod a+r /etc/apt/keyrings/docker.gpg && \
|
|
164
|
+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null && \
|
|
165
|
+
sudo apt-get update && \
|
|
166
|
+
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin && \
|
|
167
|
+
sudo usermod -aG docker $USER
|
|
168
168
|
`;
|
|
169
169
|
}
|
|
170
170
|
/**
|
|
171
171
|
* Get the command to install Node.js on Ubuntu
|
|
172
172
|
*/
|
|
173
173
|
static getNodeInstallCommand() {
|
|
174
|
-
return `
|
|
175
|
-
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && \
|
|
176
|
-
sudo apt-get install -y nodejs
|
|
174
|
+
return `
|
|
175
|
+
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && \
|
|
176
|
+
sudo apt-get install -y nodejs
|
|
177
177
|
`;
|
|
178
178
|
}
|
|
179
179
|
/**
|
|
@@ -99,12 +99,12 @@ class WindowsPlugin {
|
|
|
99
99
|
return false;
|
|
100
100
|
}
|
|
101
101
|
static helpText = {
|
|
102
|
-
SSH: `
|
|
103
|
-
SSH/RDP credentials for accessing the Windows server.
|
|
104
|
-
|
|
105
|
-
For SSH access, ensure OpenSSH Server is installed on Windows:
|
|
106
|
-
- Settings > Apps > Optional Features > Add a feature > OpenSSH Server
|
|
107
|
-
|
|
102
|
+
SSH: `
|
|
103
|
+
SSH/RDP credentials for accessing the Windows server.
|
|
104
|
+
|
|
105
|
+
For SSH access, ensure OpenSSH Server is installed on Windows:
|
|
106
|
+
- Settings > Apps > Optional Features > Add a feature > OpenSSH Server
|
|
107
|
+
|
|
108
108
|
For RDP access, use Remote Desktop Connection.`,
|
|
109
109
|
};
|
|
110
110
|
// ============================================================
|
|
@@ -182,11 +182,11 @@ class WindowsPlugin {
|
|
|
182
182
|
* Requires Docker Desktop or WSL2 with Docker
|
|
183
183
|
*/
|
|
184
184
|
static getDockerInstallCommand() {
|
|
185
|
-
return `
|
|
186
|
-
# Install Docker Desktop via Chocolatey
|
|
187
|
-
choco install docker-desktop -y
|
|
188
|
-
# Or install via winget
|
|
189
|
-
# winget install Docker.DockerDesktop
|
|
185
|
+
return `
|
|
186
|
+
# Install Docker Desktop via Chocolatey
|
|
187
|
+
choco install docker-desktop -y
|
|
188
|
+
# Or install via winget
|
|
189
|
+
# winget install Docker.DockerDesktop
|
|
190
190
|
`;
|
|
191
191
|
}
|
|
192
192
|
/**
|
|
@@ -205,10 +205,10 @@ class WindowsPlugin {
|
|
|
205
205
|
* Get the command to install Chocolatey (package manager)
|
|
206
206
|
*/
|
|
207
207
|
static getChocoInstallCommand() {
|
|
208
|
-
return `
|
|
209
|
-
Set-ExecutionPolicy Bypass -Scope Process -Force
|
|
210
|
-
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
|
|
211
|
-
iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
|
|
208
|
+
return `
|
|
209
|
+
Set-ExecutionPolicy Bypass -Scope Process -Force
|
|
210
|
+
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
|
|
211
|
+
iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
|
|
212
212
|
`;
|
|
213
213
|
}
|
|
214
214
|
// ============================================================
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mac.d.ts","sourceRoot":"","sources":["../../../src/scanfix/commands/mac.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"mac.d.ts","sourceRoot":"","sources":["../../../src/scanfix/commands/mac.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,cAAc,EAAE,gBAM5B,CAAC;AAEF,eAAO,MAAM,YAAY,EAAE,gBAI1B,CAAC;AAEF,eAAO,MAAM,WAAW,EAAE,gBAIzB,CAAC;AAEF,eAAO,MAAM,YAAY,EAAE,gBAI1B,CAAC"}
|
|
@@ -7,10 +7,11 @@
|
|
|
7
7
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
8
8
|
exports.pnpmCommands = exports.gitCommands = exports.nodeCommands = exports.dockerCommands = void 0;
|
|
9
9
|
exports.dockerCommands = {
|
|
10
|
-
check: '
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
10
|
+
check: 'which docker',
|
|
11
|
+
// Docker Desktop must be installed manually on Mac
|
|
12
|
+
install: undefined,
|
|
13
|
+
start: 'open -a Docker',
|
|
14
|
+
manualFix: 'Install Docker Desktop: https://www.docker.com/products/docker-desktop/',
|
|
14
15
|
};
|
|
15
16
|
exports.nodeCommands = {
|
|
16
17
|
check: 'which node',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mac.js","sourceRoot":"","sources":["../../../src/scanfix/commands/mac.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAIU,QAAA,cAAc,GAAqB;IAC9C,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"mac.js","sourceRoot":"","sources":["../../../src/scanfix/commands/mac.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAIU,QAAA,cAAc,GAAqB;IAC9C,KAAK,EAAE,cAAc;IACrB,mDAAmD;IACnD,OAAO,EAAE,SAAS;IAClB,KAAK,EAAE,gBAAgB;IACvB,SAAS,EAAE,yEAAyE;CACrF,CAAC;AAEW,QAAA,YAAY,GAAqB;IAC5C,KAAK,EAAE,YAAY;IACnB,OAAO,EAAE,mBAAmB;IAC5B,SAAS,EAAE,oCAAoC;CAChD,CAAC;AAEW,QAAA,WAAW,GAAqB;IAC3C,KAAK,EAAE,WAAW;IAClB,OAAO,EAAE,kBAAkB;IAC3B,SAAS,EAAE,+BAA+B;CAC3C,CAAC;AAEW,QAAA,YAAY,GAAqB;IAC5C,KAAK,EAAE,YAAY;IACnB,OAAO,EAAE,qBAAqB;IAC9B,SAAS,EAAE,mCAAmC;CAC/C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certbot.d.ts","sourceRoot":"","sources":["../../../src/scanfix/fixes/certbot.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,GAAG,EAAE,KAAK,EAAiB,MAAM,sBAAsB,CAAC;AAGtE,KAAK,MAAM,GAAG,SAAS,GAAG,MAAM,GAAG,YAAY,CAAC;AAEhD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,GAAG,GAAG,
|
|
1
|
+
{"version":3,"file":"certbot.d.ts","sourceRoot":"","sources":["../../../src/scanfix/fixes/certbot.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,GAAG,EAAE,KAAK,EAAiB,MAAM,sBAAsB,CAAC;AAGtE,KAAK,MAAM,GAAG,SAAS,GAAG,MAAM,GAAG,YAAY,CAAC;AAEhD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,GAAG,GAAG,CA4KlE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,GAAG,CAE1C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,GAAG,CAEvC"}
|
|
@@ -37,10 +37,6 @@ function createCertbotFix(stage, envKey) {
|
|
|
37
37
|
// Skip SSL for IP addresses (certs only work with domain names)
|
|
38
38
|
if (/^\d+\.\d+\.\d+\.\d+$/.test(domain))
|
|
39
39
|
return false;
|
|
40
|
-
// Skip SSL if explicitly disabled in config (e.g. staging behind NAT)
|
|
41
|
-
const envObj = config[envKey];
|
|
42
|
-
if (envObj?.ssl === false || envObj?.ssl === 'false')
|
|
43
|
-
return false;
|
|
44
40
|
const result = (0, ssl_cert_helper_js_1.checkCertificate)(domain, 7);
|
|
45
41
|
if (!result.exists) {
|
|
46
42
|
console.log(' No SSL certificate for ' + domain);
|
|
@@ -67,17 +63,9 @@ function createCertbotFix(stage, envKey) {
|
|
|
67
63
|
console.log(' Add ssl_email: your@email.com to your environment config in stack.yml');
|
|
68
64
|
return false;
|
|
69
65
|
}
|
|
70
|
-
// Certbot runs via Docker — skip if Docker isn't
|
|
71
|
-
try {
|
|
72
|
-
(0, child_process_1.execSync)('export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && command -v docker', { stdio: 'pipe', timeout: 5000 });
|
|
73
|
-
}
|
|
74
|
-
catch {
|
|
75
|
-
console.log(' Docker is not installed — skipping SSL certificate fix');
|
|
76
|
-
console.log(' Run the Docker fix first, then retry: npx stack fix --' + stage);
|
|
77
|
-
return false;
|
|
78
|
-
}
|
|
66
|
+
// Certbot runs via Docker — skip if Docker isn't running
|
|
79
67
|
try {
|
|
80
|
-
(0, child_process_1.execSync)('
|
|
68
|
+
(0, child_process_1.execSync)('docker info', { stdio: 'pipe' });
|
|
81
69
|
}
|
|
82
70
|
catch {
|
|
83
71
|
console.log(' Docker is not running — skipping SSL certificate fix');
|
|
@@ -117,12 +105,10 @@ function createCertbotFix(stage, envKey) {
|
|
|
117
105
|
'--non-interactive',
|
|
118
106
|
].join(' ');
|
|
119
107
|
}
|
|
120
|
-
// Prepend PATH for Homebrew Docker on macOS
|
|
121
|
-
certbotCmd = 'export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && ' + certbotCmd;
|
|
122
108
|
// Capture both stdout AND stderr (certbot writes renewal info to stderr)
|
|
123
109
|
let fullOutput = '';
|
|
124
110
|
try {
|
|
125
|
-
fullOutput = (0, child_process_1.execSync)(certbotCmd + ' 2>&1', { encoding: 'utf8'
|
|
111
|
+
fullOutput = (0, child_process_1.execSync)(certbotCmd + ' 2>&1', { encoding: 'utf8' }) || '';
|
|
126
112
|
}
|
|
127
113
|
catch (cmdErr) {
|
|
128
114
|
// execSync throws on non-zero exit, but output may still be useful
|
|
@@ -165,7 +151,7 @@ function createCertbotFix(stage, envKey) {
|
|
|
165
151
|
if (nginxRunning) {
|
|
166
152
|
console.log(' Reloading nginx...');
|
|
167
153
|
try {
|
|
168
|
-
(0, child_process_1.execSync)('
|
|
154
|
+
(0, child_process_1.execSync)('docker exec factiii_nginx nginx -s reload', { stdio: 'inherit' });
|
|
169
155
|
console.log(' Nginx reloaded with new certificate');
|
|
170
156
|
}
|
|
171
157
|
catch {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certbot.js","sourceRoot":"","sources":["../../../src/scanfix/fixes/certbot.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAcH,
|
|
1
|
+
{"version":3,"file":"certbot.js","sourceRoot":"","sources":["../../../src/scanfix/fixes/certbot.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAcH,4CA4KC;AAKD,oDAEC;AAKD,8CAEC;AAtMD,iDAAyC;AAEzC,8DAAyE;AAIzE;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,KAAY,EAAE,MAAc;IAC3D,MAAM,UAAU,GAAG,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC;IAElE,OAAO;QACL,EAAE,EAAE,KAAK,GAAG,gCAAgC;QAC5C,KAAK;QACL,QAAQ,EAAE,SAAS;QACnB,WAAW,EAAE,gDAAgD,GAAG,UAAU,GAAG,SAAS;QAEtF,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,QAAgB,EAAoB,EAAE;YACxE,2EAA2E;YAC3E,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,MAAM,CAAC;YACrG,IAAI,CAAC,UAAU;gBAAE,OAAO,KAAK,CAAC;YAE9B,MAAM,MAAM,GAAG,MAAM,KAAK,YAAY;gBACpC,CAAC,CAAG,MAAkC,CAAC,UAAkD,EAAE,MAA4B;gBACvH,CAAC,CAAG,MAAkC,CAAC,MAAM,CAAyC,EAAE,MAA4B,CAAC;YAEvH,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAE,OAAO,KAAK,CAAC;YAExE,gEAAgE;YAChE,IAAI,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;YAEtD,MAAM,MAAM,GAAG,IAAA,qCAAgB,EAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,MAAM,CAAC,CAAC;gBACnD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,yBAAyB,GAAG,MAAM,GAAG,cAAc,GAAG,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC,CAAC;gBAClG,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,GAAG,EAAE,KAAK,EAAE,MAAqB,EAAE,QAAgB,EAAoB,EAAE;YACvE,MAAM,MAAM,GAAG,MAAM,KAAK,YAAY;gBACpC,CAAC,CAAG,MAAkC,CAAC,UAAkD,EAAE,MAA4B;gBACvH,CAAC,CAAG,MAAkC,CAAC,MAAM,CAAyC,EAAE,MAA4B,CAAC;YACvH,MAAM,MAAM,GAAI,MAAkC,CAAC,MAAM,CAAwC,CAAC;YAClG,MAAM,QAAQ,GAAI,MAAM,EAAE,SAAgC,IAAI,MAAM,CAAC,SAAS,CAAC;YAE/E,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,UAAU,GAAG,oBAAoB,CAAC,CAAC;gBAC1D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;gBACvD,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;gBACxF,OAAO,KAAK,CAAC;YACf,CAAC;YAED,yDAAyD;YACzD,IAAI,CAAC;gBACH,IAAA,wBAAQ,EAAC,aAAa,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;YAC7C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;gBACvE,OAAO,KAAK,CAAC;YACf,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,IAAA,mCAAc,GAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,mCAAmC,GAAG,MAAM,GAAG,gBAAgB,CAAC,CAAC;gBAE7E,IAAI,UAAkB,CAAC;gBAEvB,IAAI,YAAY,EAAE,CAAC;oBACjB,4DAA4D;oBAC5D,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;oBACxD,UAAU,GAAG;wBACX,iBAAiB;wBACjB,sCAAsC;wBACtC,sCAAsC;wBACtC,0BAA0B;wBAC1B,+BAA+B;wBAC/B,KAAK,GAAG,MAAM;wBACd,UAAU,GAAG,QAAQ;wBACrB,aAAa;wBACb,mBAAmB;qBACpB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC;qBAAM,CAAC;oBACN,8DAA8D;oBAC9D,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;oBAC5D,UAAU,GAAG;wBACX,iBAAiB;wBACjB,sCAAsC;wBACtC,UAAU;wBACV,0BAA0B;wBAC1B,cAAc;wBACd,KAAK,GAAG,MAAM;wBACd,UAAU,GAAG,QAAQ;wBACrB,aAAa;wBACb,mBAAmB;qBACpB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACd,CAAC;gBAED,yEAAyE;gBACzE,IAAI,UAAU,GAAG,EAAE,CAAC;gBACpB,IAAI,CAAC;oBACH,UAAU,GAAG,IAAA,wBAAQ,EAAC,UAAU,GAAG,OAAO,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC;gBAC1E,CAAC;gBAAC,OAAO,MAAM,EAAE,CAAC;oBAChB,mEAAmE;oBACnE,MAAM,MAAM,GAAG,MAAM,YAAY,KAAK,CAAC,CAAC,CAAE,MAAc,CAAC,MAAM,IAAK,MAAc,CAAC,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAC7H,IAAI,OAAO,MAAM,KAAK,QAAQ;wBAC1B,CAAC,MAAM,CAAC,QAAQ,CAAC,yBAAyB,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC;wBACvF,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;wBAC5E,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,UAAU,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxD,CAAC;gBAED,+EAA+E;gBAC/E,IAAI,UAAU,CAAC,QAAQ,CAAC,yBAAyB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,yBAAyB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBAC/I,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;oBAC5E,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,8CAA8C;gBAC9C,MAAM,UAAU,GAAG,IAAA,qCAAgB,EAAC,MAAM,CAAC,CAAC;gBAC5C,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;oBAC5C,0FAA0F;oBAC1F,MAAM,OAAO,GAAG,IAAA,qCAAgB,EAAC,MAAM,EAAE,CAAC,CAAC,CAAC;oBAC5C,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;wBACpC,OAAO,CAAC,GAAG,CAAC,+CAA+C,GAAG,OAAO,CAAC,aAAa,GAAG,QAAQ,CAAC,CAAC;wBAChG,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,uEAAuE;oBACvE,IAAI,CAAC;wBACH,MAAM,QAAQ,GAAG,IAAA,wBAAQ,EACvB,mCAAmC,GAAG,MAAM,GAAG,mBAAmB,GAAG,MAAM,GAAG,uDAAuD,EACrI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CACrC,CAAC;wBACF,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,CAAC,GAAG,CAAC,kDAAkD,GAAG,MAAM,CAAC,CAAC;4BACzE,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC,CAAC,0CAA0C,CAAC,CAAC;oBACtD,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;oBAC5D,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAE7D,sDAAsD;gBACtD,IAAI,YAAY,EAAE,CAAC;oBACjB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;oBACrC,IAAI,CAAC;wBACH,IAAA,wBAAQ,EAAC,2CAA2C,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;wBAC5E,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;oBACxD,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;wBACjE,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBACtD,CAAC;gBACH,CAAC;gBAED,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAChE,2FAA2F;gBAC3F,IAAI,YAAY,CAAC,QAAQ,CAAC,yBAAyB,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACjG,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;oBAC5E,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,mCAAmC,GAAG,YAAY,CAAC,CAAC;gBAChE,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;gBACjE,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QAED,SAAS,EAAE,wKAAwK;KACpL,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB;IAClC,OAAO,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB;IAC/B,OAAO,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/scanfix/fixes/docker.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,GAAG,EAAE,KAAK,EAAiB,MAAM,sBAAsB,CAAC;AAItE;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,CA4C3E;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,
|
|
1
|
+
{"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../../src/scanfix/fixes/docker.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,GAAG,EAAE,KAAK,EAAiB,MAAM,sBAAsB,CAAC;AAItE;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,CA4C3E;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,CAkF3E;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,EAAE,CAKrE"}
|
|
@@ -94,7 +94,7 @@ function createDockerRunningFix(stage, idPrefix) {
|
|
|
94
94
|
return false;
|
|
95
95
|
}
|
|
96
96
|
try {
|
|
97
|
-
(0, child_process_1.execSync)('
|
|
97
|
+
(0, child_process_1.execSync)('docker info', { stdio: 'pipe' });
|
|
98
98
|
return false; // Docker is running
|
|
99
99
|
}
|
|
100
100
|
catch {
|
|
@@ -105,7 +105,7 @@ function createDockerRunningFix(stage, idPrefix) {
|
|
|
105
105
|
? async (_config, _rootDir) => {
|
|
106
106
|
// Double-check Docker isn't already running
|
|
107
107
|
try {
|
|
108
|
-
(0, child_process_1.execSync)('
|
|
108
|
+
(0, child_process_1.execSync)('docker info', { stdio: 'pipe' });
|
|
109
109
|
console.log(' Docker is already running');
|
|
110
110
|
return true;
|
|
111
111
|
}
|
|
@@ -113,21 +113,12 @@ function createDockerRunningFix(stage, idPrefix) {
|
|
|
113
113
|
// Docker not running, proceed to start it
|
|
114
114
|
}
|
|
115
115
|
// On macOS over SSH, `open -a Docker` won't work (no GUI session).
|
|
116
|
-
// Try
|
|
116
|
+
// Try the headless binary directly instead.
|
|
117
117
|
const isSSH = !!(process.env.SSH_CONNECTION || process.env.SSH_CLIENT || process.env.SSH_TTY);
|
|
118
118
|
const isMac = process.platform === 'darwin';
|
|
119
119
|
let startCmd = commands.start;
|
|
120
120
|
if (isMac && isSSH) {
|
|
121
|
-
|
|
122
|
-
startCmd = 'export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && ' +
|
|
123
|
-
'if command -v colima >/dev/null 2>&1; then ' +
|
|
124
|
-
' colima start --memory 4 --cpu 2 2>/dev/null; ' +
|
|
125
|
-
'elif [ -d "/Applications/Docker.app" ]; then ' +
|
|
126
|
-
' nohup /Applications/Docker.app/Contents/MacOS/Docker --unattended > /dev/null 2>&1 & ' +
|
|
127
|
-
' sleep 5; ' +
|
|
128
|
-
'else ' +
|
|
129
|
-
' echo "No Docker runtime found"; exit 1; ' +
|
|
130
|
-
'fi';
|
|
121
|
+
startCmd = 'nohup /Applications/Docker.app/Contents/MacOS/Docker --unattended > /dev/null 2>&1 &';
|
|
131
122
|
}
|
|
132
123
|
console.log(' Starting Docker...');
|
|
133
124
|
try {
|
|
@@ -138,7 +129,7 @@ function createDockerRunningFix(stage, idPrefix) {
|
|
|
138
129
|
for (let i = 0; i < timeout; i++) {
|
|
139
130
|
await new Promise(resolve => setTimeout(resolve, 1000));
|
|
140
131
|
try {
|
|
141
|
-
(0, child_process_1.execSync)('
|
|
132
|
+
(0, child_process_1.execSync)('docker info', { stdio: 'pipe' });
|
|
142
133
|
console.log(' Docker started successfully');
|
|
143
134
|
return true;
|
|
144
135
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"docker.js","sourceRoot":"","sources":["../../../src/scanfix/fixes/docker.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAaH,wDA4CC;AAQD,
|
|
1
|
+
{"version":3,"file":"docker.js","sourceRoot":"","sources":["../../../src/scanfix/fixes/docker.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAaH,wDA4CC;AAQD,wDAkFC;AAQD,wCAKC;AA9JD,iDAAyC;AAEzC,gDAAgD;AAChD,mDAAsD;AAEtD;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,KAAY,EAAE,QAAiB;IACpE,MAAM,QAAQ,GAAG,IAAA,4BAAc,GAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,yBAAc,CAAC,QAAQ,CAAC,CAAC;IAC1C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,GAAG,uBAAuB,CAAC,CAAC,CAAC,KAAK,GAAG,iBAAiB,CAAC;IACrF,MAAM,UAAU,GAAG,KAAK,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,GAAG,SAAS,CAAC;IAE3E,OAAO;QACL,EAAE;QACF,KAAK;QACL,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0BAA0B,GAAG,UAAU;QACpD,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,QAAgB,EAAoB,EAAE;YACxE,4EAA4E;YAC5E,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;gBACpB,MAAM,SAAS,GAAG,KAAK,KAAK,MAAM;oBAChC,CAAC,CAAC,CAAE,MAAkC,CAAC,IAAI,IAAK,MAAkC,CAAC,UAAU,CAAwC;oBACrI,CAAC,CAAE,MAAkC,CAAC,KAAK,CAAwC,CAAC;gBACtF,IAAI,CAAC,SAAS,EAAE,MAAM;oBAAE,OAAO,KAAK,CAAC;gBACrC,wCAAwC;gBACxC,IAAI,OAAO,SAAS,CAAC,MAAM,KAAK,QAAQ,IAAI,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;oBAAE,OAAO,KAAK,CAAC;YACjH,CAAC;YAED,IAAI,CAAC;gBACH,IAAA,wBAAQ,EAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC5C,OAAO,KAAK,CAAC,CAAC,sBAAsB;YACtC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC,CAAC,0BAA0B;YACzC,CAAC;QACH,CAAC;QACD,GAAG,EAAE,QAAQ,CAAC,OAAO;YACnB,CAAC,CAAC,KAAK,EAAE,OAAsB,EAAE,QAAgB,EAAoB,EAAE;gBACnE,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;gBACvC,IAAI,CAAC;oBACH,IAAA,wBAAQ,EAAC,QAAQ,CAAC,OAAQ,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;oBAClD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;oBAChE,OAAO,CAAC,GAAG,CAAC,aAAa,GAAG,YAAY,CAAC,CAAC;oBAC1C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACH,CAAC,CAAC,IAAI;QACR,SAAS,EAAE,QAAQ,CAAC,SAAS;KAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,KAAY,EAAE,QAAiB;IACpE,MAAM,QAAQ,GAAG,IAAA,4BAAc,GAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,yBAAc,CAAC,QAAQ,CAAC,CAAC;IAC1C,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,GAAG,qBAAqB,CAAC,CAAC,CAAC,KAAK,GAAG,qBAAqB,CAAC;IACvF,MAAM,UAAU,GAAG,KAAK,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,GAAG,KAAK,GAAG,SAAS,CAAC;IAE3E,OAAO;QACL,EAAE;QACF,KAAK;QACL,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wBAAwB,GAAG,UAAU;QAClD,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAE,QAAgB,EAAoB,EAAE;YACxE,4EAA4E;YAC5E,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;gBACpB,MAAM,SAAS,GAAG,KAAK,KAAK,MAAM;oBAChC,CAAC,CAAC,CAAE,MAAkC,CAAC,IAAI,IAAK,MAAkC,CAAC,UAAU,CAAwC;oBACrI,CAAC,CAAE,MAAkC,CAAC,KAAK,CAAwC,CAAC;gBACtF,IAAI,CAAC,SAAS,EAAE,MAAM;oBAAE,OAAO,KAAK,CAAC;gBACrC,wCAAwC;gBACxC,IAAI,OAAO,SAAS,CAAC,MAAM,KAAK,QAAQ,IAAI,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;oBAAE,OAAO,KAAK,CAAC;YACjH,CAAC;YAED,IAAI,CAAC;gBACH,IAAA,wBAAQ,EAAC,aAAa,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC3C,OAAO,KAAK,CAAC,CAAC,oBAAoB;YACpC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC,CAAC,wBAAwB;YACvC,CAAC;QACH,CAAC;QACD,GAAG,EAAE,QAAQ,CAAC,KAAK;YACjB,CAAC,CAAC,KAAK,EAAE,OAAsB,EAAE,QAAgB,EAAoB,EAAE;gBACnE,4CAA4C;gBAC5C,IAAI,CAAC;oBACH,IAAA,wBAAQ,EAAC,aAAa,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC3C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;oBAC5C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAAC,MAAM,CAAC;oBACP,0CAA0C;gBAC5C,CAAC;gBAED,mEAAmE;gBACnE,4CAA4C;gBAC5C,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC9F,MAAM,KAAK,GAAG,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC;gBAC5C,IAAI,QAAQ,GAAG,QAAQ,CAAC,KAAM,CAAC;gBAC/B,IAAI,KAAK,IAAI,KAAK,EAAE,CAAC;oBACnB,QAAQ,GAAG,sFAAsF,CAAC;gBACpG,CAAC;gBAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;gBACrC,IAAI,CAAC;oBACH,IAAA,wBAAQ,EAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;oBAEjF,iFAAiF;oBACjF,MAAM,QAAQ,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;oBACjF,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;wBACjC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;wBACxD,IAAI,CAAC;4BACH,IAAA,wBAAQ,EAAC,aAAa,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;4BAC3C,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;4BAC9C,OAAO,IAAI,CAAC;wBACd,CAAC;wBAAC,MAAM,CAAC;4BACP,oBAAoB;wBACtB,CAAC;oBACH,CAAC;oBAED,OAAO,CAAC,GAAG,CAAC,mCAAmC,GAAG,OAAO,GAAG,UAAU,CAAC,CAAC;oBACxE,OAAO,KAAK,CAAC;gBACf,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;oBAChE,OAAO,CAAC,GAAG,CAAC,6BAA6B,GAAG,YAAY,CAAC,CAAC;oBAC1D,IAAI,KAAK,IAAI,KAAK,EAAE,CAAC;wBACnB,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;wBAC3E,OAAO,CAAC,GAAG,CAAC,kJAAkJ,CAAC,CAAC;oBAClK,CAAC;oBACD,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACH,CAAC,CAAC,IAAI;QACR,SAAS,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS;KACnF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,cAAc,CAAC,KAAY,EAAE,QAAiB;IAC5D,OAAO;QACL,sBAAsB,CAAC,KAAK,EAAE,QAAQ,CAAC;QACvC,sBAAsB,CAAC,KAAK,EAAE,QAAQ,CAAC;KACxC,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ssl-cert-helper.d.ts","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,OAAO,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAU,GAAG,eAAe,
|
|
1
|
+
{"version":3,"file":"ssl-cert-helper.d.ts","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,OAAO,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAU,GAAG,eAAe,CA6FtF;AAED;;;;GAIG;AACH,wBAAgB,cAAc,IAAI,OAAO,CASxC"}
|
|
@@ -65,8 +65,23 @@ function checkCertificate(domain, warnDays = 7) {
|
|
|
65
65
|
}
|
|
66
66
|
}
|
|
67
67
|
if (!canReadFile) {
|
|
68
|
-
//
|
|
69
|
-
|
|
68
|
+
// Final fallback: check via openssl s_client (network-based, no file perms needed)
|
|
69
|
+
try {
|
|
70
|
+
const sslOutput = (0, child_process_1.execSync)('echo | openssl s_client -connect ' + domain + ':443 -servername ' + domain + ' 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null', { encoding: 'utf8', timeout: 10000 });
|
|
71
|
+
const match = sslOutput.match(/notAfter=(.+)/);
|
|
72
|
+
if (match && match[1]) {
|
|
73
|
+
const expiryDate = new Date(match[1]);
|
|
74
|
+
const daysUntilExpiry = Math.floor((expiryDate.getTime() - Date.now()) / (1000 * 60 * 60 * 24));
|
|
75
|
+
return {
|
|
76
|
+
exists: true,
|
|
77
|
+
valid: daysUntilExpiry > warnDays,
|
|
78
|
+
expiresInDays: daysUntilExpiry,
|
|
79
|
+
};
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
catch {
|
|
83
|
+
// SSL not serving — cert truly doesn't exist
|
|
84
|
+
}
|
|
70
85
|
return { exists: false, valid: false };
|
|
71
86
|
}
|
|
72
87
|
// Read cert with sudo if needed
|
|
@@ -124,9 +139,8 @@ function checkCertificate(domain, warnDays = 7) {
|
|
|
124
139
|
*/
|
|
125
140
|
function isNginxRunning() {
|
|
126
141
|
try {
|
|
127
|
-
const output = (0, child_process_1.execSync)('
|
|
142
|
+
const output = (0, child_process_1.execSync)('docker ps --filter name=factiii_nginx --format "{{.Names}}"', {
|
|
128
143
|
encoding: 'utf8',
|
|
129
|
-
timeout: 10000,
|
|
130
144
|
});
|
|
131
145
|
return output.trim() === 'factiii_nginx';
|
|
132
146
|
}
|