@factiii/stack 0.1.201 → 0.1.203

package/dist/scanfix/ssl-cert-helper.js.map

@@ -1 +1 @@
-{"version":3,"file":"ssl-cert-helper.js","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmBH,4CA0EC;AAOD,wCAUC;AA5GD,iDAAyC;AACzC,uCAAyB;AASzB;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,MAAc,EAAE,WAAmB,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,GAAG,MAAM,GAAG,gBAAgB,CAAC;IAEtE,kEAAkE;IAClE,IAAI,WAAW,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1C,mEAAmE;IACnE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,GAAG,QAAQ,GAAG,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9E,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,kDAAkD;QAClD,8FAA8F;QAC9F,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,mBAAmB,CAAC;IACxB,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC;QACH,oDAAoD;QACpD,MAAM,YAAY,GAAG,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7C,IAAA,wBAAQ,EAAC,OAAO,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,GAAG,OAAO,EAAE;YACrE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;YACpE,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC;QACvE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,0DAA0D;QAC1D,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;gBACpE,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,KAAK;oBACZ,aAAa,EAAE,eAAe;oBAC9B,KAAK,EAAE,0BAA0B,GAAG,eAAe,GAAG,OAAO;iBAC9D,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;IACvF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,qHAAqH,EAAE;YAC7I,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,EAAE,KAAK,eAAe,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
+{"version":3,"file":"ssl-cert-helper.js","sourceRoot":"","sources":["../../src/scanfix/ssl-cert-helper.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmBH,4CA6FC;AAOD,wCASC;AA9HD,iDAAyC;AACzC,uCAAyB;AASzB;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,MAAc,EAAE,WAAmB,CAAC;IACnE,MAAM,QAAQ,GAAG,wBAAwB,GAAG,MAAM,GAAG,gBAAgB,CAAC;IAEtE,kEAAkE;IAClE,IAAI,WAAW,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE1C,mEAAmE;IACnE,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,GAAG,QAAQ,GAAG,GAAG,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9E,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,mFAAmF;QACnF,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAA,wBAAQ,EACxB,mCAAmC,GAAG,MAAM,GAAG,mBAAmB,GAAG,MAAM,GAAG,yDAAyD,EACvI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CACrC,CAAC;YACF,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC/C,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACtC,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,eAAe,GAAG,QAAQ;oBACjC,aAAa,EAAE,eAAe;iBAC/B,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,mBAAmB,CAAC;IACxB,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,GAAG,GAAG,CAAC;IAE1C,IAAI,CAAC;QACH,oDAAoD;QACpD,MAAM,YAAY,GAAG,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAC7C,IAAA,wBAAQ,EAAC,OAAO,GAAG,aAAa,GAAG,YAAY,GAAG,SAAS,GAAG,OAAO,EAAE;YACrE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;YACpE,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC;QACvE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,0DAA0D;QAC1D,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,IAAA,wBAAQ,EAAC,OAAO,GAAG,kBAAkB,GAAG,OAAO,EAAE;gBACpE,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YACxD,IAAI,WAAW,IAAI,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAChC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC5D,CAAC;gBACF,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,KAAK;oBACZ,aAAa,EAAE,eAAe;oBAC9B,KAAK,EAAE,0BAA0B,GAAG,eAAe,GAAG,OAAO;iBAC9D,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;IACvF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,cAAc;IAC5B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,6DAA6D,EAAE;YACrF,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,EAAE,KAAK,eAAe,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/scripts/generate-all.js

@@ -271,31 +271,31 @@ function generateNginx(allConfigs) {
         return 0;
     }
     // Generate nginx config
-    let nginxConf = `# Auto-generated nginx configuration
-# Generated by: npx stack (generate-all)
-# Do not edit directly - modify stack.yml files and run: npx stack deploy
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
-
-    sendfile on;
-    keepalive_timeout 65;
-    client_max_body_size 100M;
-
-    # Logging
-    access_log /var/log/nginx/access.log;
-    error_log /var/log/nginx/error.log;
-
-    # Gzip
-    gzip on;
-    gzip_vary on;
-    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
+    let nginxConf = `# Auto-generated nginx configuration
+# Generated by: npx stack (generate-all)
+# Do not edit directly - modify stack.yml files and run: npx stack deploy
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    sendfile on;
+    keepalive_timeout 65;
+    client_max_body_size 100M;
+
+    # Logging
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    # Gzip
+    gzip on;
+    gzip_vary on;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
 `;
     // ============================================================
     // CRITICAL: HTTPS Certificate Paths
@@ -308,54 +308,54 @@ http {
     for (const { domain, service, port } of routes) {
         // Always generate HTTPS-capable config
         // Certificates must exist before nginx can start (obtained via: npx stack fix --staging/--prod)
-        nginxConf += `
-    # ${service} - ${domain}
-
-    # HTTP - ACME challenge + redirect to HTTPS
-    server {
-        listen 80;
-        server_name ${domain};
-
-        # Allow certbot ACME challenge (for renewals)
-        location /.well-known/acme-challenge/ {
-            root /var/www/certbot;
-        }
-
-        # Redirect all other traffic to HTTPS
-        location / {
-            return 301 https://$server_name$request_uri;
-        }
-    }
-
-    # HTTPS - main server block
-    server {
-        listen 443 ssl;
-        http2 on;
-        server_name ${domain};
-
-        # SSL certificate paths (Let's Encrypt)
-        ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
-
-        # SSL security settings
-        ssl_protocols TLSv1.2 TLSv1.3;
-        ssl_prefer_server_ciphers on;
-        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
-        ssl_session_cache shared:SSL:10m;
-        ssl_session_timeout 10m;
-
-        location / {
-            proxy_pass http://${service}:${port};
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-            proxy_cache_bypass $http_upgrade;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-        }
-    }
+        nginxConf += `
+    # ${service} - ${domain}
+
+    # HTTP - ACME challenge + redirect to HTTPS
+    server {
+        listen 80;
+        server_name ${domain};
+
+        # Allow certbot ACME challenge (for renewals)
+        location /.well-known/acme-challenge/ {
+            root /var/www/certbot;
+        }
+
+        # Redirect all other traffic to HTTPS
+        location / {
+            return 301 https://$server_name$request_uri;
+        }
+    }
+
+    # HTTPS - main server block
+    server {
+        listen 443 ssl;
+        http2 on;
+        server_name ${domain};
+
+        # SSL certificate paths (Let's Encrypt)
+        ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
+
+        # SSL security settings
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+        ssl_session_cache shared:SSL:10m;
+        ssl_session_timeout 10m;
+
+        location / {
+            proxy_pass http://${service}:${port};
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection 'upgrade';
+            proxy_set_header Host $host;
+            proxy_cache_bypass $http_upgrade;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
 `;
     }
     nginxConf += `}\n`;

package/dist/utils/deployment-report.js

@@ -154,8 +154,8 @@ function formatDeploymentReport(data) {
 function formatWorkflowSummary(data) {
     const report = formatDeploymentReport(data);
     // Workflow summaries support markdown, so we can enhance it
-    return `\`\`\`
-${report}
+    return `\`\`\`
+${report}
 \`\`\``;
 }
 /**

package/dist/utils/secret-prompts.js

@@ -64,16 +64,16 @@ const SECRET_METADATA = {
     STAGING_SSH: {
         type: 'ssh_key',
         description: 'SSH private key for accessing staging server',
-        helpText: `
-   Step 1: Generate a new SSH key pair:
-   ssh-keygen -t ed25519 -C "staging-deploy" -f ~/.ssh/staging_deploy
-   
-   Step 2: Add PUBLIC key to your staging server:
-   ssh-copy-id -i ~/.ssh/staging_deploy.pub ubuntu@YOUR_HOST
-   
-   (HOST is configured in stack.yml → environments.staging.host)
-   
-   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
+        helpText: `
+   Step 1: Generate a new SSH key pair:
+   ssh-keygen -t ed25519 -C "staging-deploy" -f ~/.ssh/staging_deploy
+   
+   Step 2: Add PUBLIC key to your staging server:
+   ssh-copy-id -i ~/.ssh/staging_deploy.pub ubuntu@YOUR_HOST
+   
+   (HOST is configured in stack.yml → environments.staging.host)
+   
+   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
    cat ~/.ssh/staging_deploy`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -91,16 +91,16 @@ const SECRET_METADATA = {
     PROD_SSH: {
         type: 'ssh_key',
         description: 'SSH private key for accessing production server',
-        helpText: `
-   Step 1: Generate a new SSH key pair:
-   ssh-keygen -t ed25519 -C "production-deploy" -f ~/.ssh/prod_deploy
-   
-   Step 2: Add PUBLIC key to your production server:
-   ssh-copy-id -i ~/.ssh/prod_deploy.pub ubuntu@YOUR_HOST
-   
-   (HOST is configured in stack.yml → environments.production.host)
-   
-   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
+        helpText: `
+   Step 1: Generate a new SSH key pair:
+   ssh-keygen -t ed25519 -C "production-deploy" -f ~/.ssh/prod_deploy
+   
+   Step 2: Add PUBLIC key to your production server:
+   ssh-copy-id -i ~/.ssh/prod_deploy.pub ubuntu@YOUR_HOST
+   
+   (HOST is configured in stack.yml → environments.production.host)
+   
+   Step 3: Paste the PRIVATE key below (multi-line, end with blank line):
    cat ~/.ssh/prod_deploy`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -118,14 +118,14 @@ const SECRET_METADATA = {
     AWS_SECRET_ACCESS_KEY: {
         type: 'aws_secret',
         description: 'AWS Secret Access Key (the only secret AWS value)',
-        helpText: `
-   Get from AWS Console: IAM → Users → Security credentials
-   
-   This is shown only once when you create the key.
-   If lost, you must create a new key pair.
-   
-   Note: AWS_ACCESS_KEY_ID and AWS_REGION go in stack.yml (not secrets)
-   
+        helpText: `
+   Get from AWS Console: IAM → Users → Security credentials
+   
+   This is shown only once when you create the key.
+   If lost, you must create a new key pair.
+   
+   Note: AWS_ACCESS_KEY_ID and AWS_REGION go in stack.yml (not secrets)
+   
    Enter AWS Secret Access Key:`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {
@@ -143,12 +143,12 @@ const SECRET_METADATA = {
     VERCEL_TOKEN: {
         type: 'api_token',
         description: 'Vercel API Token for deployments',
-        helpText: `
-   Get your token from: https://vercel.com/account/tokens
-   Create a new token with:
-   - Scope: Full Account (or specific team)
-   - Expiration: No Expiration (or custom)
-   
+        helpText: `
+   Get your token from: https://vercel.com/account/tokens
+   Create a new token with:
+   - Scope: Full Account (or specific team)
+   - Expiration: No Expiration (or custom)
+   
    Enter Vercel API Token:`,
         validation: (value) => {
             if (!value || value.trim().length === 0) {

package/dist/utils/ssh-helper.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ssh-helper.d.ts","sourceRoot":"","sources":["../../src/utils/ssh-helper.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAKjF;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAU5E;AA+BD;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAS9E;AAED;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CA4BlF;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,aAAa,GACpB,iBAAiB,GAAG,IAAI,CAc1B;AA+aD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CA+2B/D;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,OAAO,CAC3B,SAAS,EAAE,iBAAiB,EAC5B,OAAO,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,KAAK,EACb,MAAM,CAAC,EAAE,aAAa,EACtB,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAqMjB"}
+{"version":3,"file":"ssh-helper.d.ts","sourceRoot":"","sources":["../../src/utils/ssh-helper.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAKjF;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAU5E;AA+BD;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAS9E;AAED;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CA4BlF;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,aAAa,GACpB,iBAAiB,GAAG,IAAI,CAc1B;AA+aD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAo0B/D;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,OAAO,CAC3B,SAAS,EAAE,iBAAiB,EAC5B,OAAO,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,KAAK,EACb,MAAM,CAAC,EAAE,aAAa,EACtB,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAqMjB"}

package/dist/utils/ssh-helper.js

@@ -764,107 +764,67 @@ async function sshRemoteFactiiiCommand(stage, config, command, rootDir) {
     const localGithubToken = process.env.GITHUB_TOKEN || '';
     const tokenExport = localGithubToken ? 'export GITHUB_TOKEN="' + localGithubToken + '" && ' : '';
     // Auto-bootstrap: install dependencies and clone repo if missing on server
-    // Platform-aware: Mac uses Homebrew, Ubuntu uses apt-get
-    const serverType = envConfig.server ?? 'ubuntu';
-    const isMacServer = serverType === 'mac';
-    const bootstrapCmd = isMacServer
-        ? (
-        // ── macOS bootstrap (Homebrew) ──
-        // Install Homebrew if missing
-        'export PATH="/opt/homebrew/bin:/usr/local/bin:$PATH" && ' +
-            'if ! command -v brew &>/dev/null; then ' +
-            'echo "   Installing Homebrew..." && ' +
-            '/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" && ' +
-            'eval "$(/opt/homebrew/bin/brew shellenv 2>/dev/null || /usr/local/bin/brew shellenv 2>/dev/null)"; ' +
-            'fi && ' +
-            // Install git if missing (usually pre-installed via Xcode CLI tools)
-            'if ! command -v git &>/dev/null; then ' +
-            'echo "   Installing git..." && ' +
-            'brew install git; ' +
-            'fi && ' +
-            // Install Node.js if missing
-            'if ! command -v node &>/dev/null; then ' +
-            'echo "   Installing Node.js..." && ' +
-            'brew install node; ' +
-            'fi && ' +
-            // Install Docker (Colima) if missing
-            'if ! command -v docker &>/dev/null; then ' +
-            'echo "   Installing Docker via Colima..." && ' +
-            'brew install docker docker-compose colima && ' +
-            'colima start --memory 4 --cpu 2; ' +
-            'fi && ' +
-            // Ensure Docker daemon is running (Colima or Docker Desktop)
-            'if ! docker info &>/dev/null; then ' +
-            'echo "   Starting Docker..." && ' +
-            'if command -v colima &>/dev/null; then ' +
-            'colima start --memory 4 --cpu 2 2>/dev/null; ' +
-            'elif [ -d "/Applications/Docker.app" ]; then ' +
-            'nohup /Applications/Docker.app/Contents/MacOS/Docker --unattended > /dev/null 2>&1 & ' +
-            'for i in $(seq 1 30); do sleep 1; if docker info &>/dev/null; then break; fi; done; ' +
-            'fi; ' +
-            'fi && ')
-        : (
-        // ── Ubuntu/Linux bootstrap (apt-get) ──
-        // Install git if missing
-        'if ! command -v git &>/dev/null; then ' +
-            'echo "   Installing git..." && ' +
-            'sudo apt-get update -qq && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq git; ' +
-            'fi && ' +
-            // Install Node.js if missing
-            'if ! command -v node &>/dev/null; then ' +
-            'echo "   Installing Node.js 20.x..." && ' +
-            'curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && ' +
-            'sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq nodejs; ' +
-            'fi && ' +
-            // Install Docker if missing
-            'if ! command -v docker &>/dev/null; then ' +
-            'echo "   Installing Docker..." && ' +
-            'sudo apt-get update -qq && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq docker.io docker-compose-v2 && ' +
-            'sudo usermod -aG docker $USER && ' +
-            'sudo systemctl enable docker && sudo systemctl start docker; ' +
-            'fi && ') +
-            // Clone repo if missing (check .git dir to catch empty/broken clones)
-            'if [ ! -d "' + projectDir + '/.git" ]; then ' +
-            'echo "   Cloning project..." && ' +
-            'mkdir -p $HOME/.factiii && ' +
-            // Remove broken/partial clone directory if it exists without .git
-            'if [ -d "' + projectDir + '" ]; then echo "   Removing broken clone..." && rm -rf "' + projectDir + '"; fi && ' +
-            // Add github.com to known_hosts to avoid interactive prompt
-            'mkdir -p ~/.ssh && ssh-keyscan -t ed25519,rsa github.com >> ~/.ssh/known_hosts 2>/dev/null && ' +
-            // Generate a GitHub deploy key on the server if none exists
-            'if [ ! -f ~/.ssh/github_deploy_key ]; then ' +
-            'echo "   Generating GitHub deploy key on server..." && ' +
-            'ssh-keygen -t ed25519 -f ~/.ssh/github_deploy_key -N "" -C "server-deploy" -q && ' +
-            'chmod 600 ~/.ssh/github_deploy_key; ' +
-            'fi && ' +
-            // Configure SSH to use the deploy key for github.com
-            'if ! grep -q "Host github.com" ~/.ssh/config 2>/dev/null; then ' +
-            'printf "\\nHost github.com\\n  IdentityFile ~/.ssh/github_deploy_key\\n  IdentitiesOnly yes\\n" >> ~/.ssh/config && ' +
-            'chmod 600 ~/.ssh/config; ' +
-            'fi && ' +
-            (githubRepo
-                ? 'cd $HOME/.factiii && ' +
-                    // Try HTTPS with token first (works for private repos when GITHUB_TOKEN is set)
-                    'if [ -n "$GITHUB_TOKEN" ]; then ' +
-                    'GIT_TERMINAL_PROMPT=0 git clone https://x-access-token:$GITHUB_TOKEN@github.com/' + githubRepo + '.git ' + repoName + '; ' +
-                    // Then try SSH (works if server has a GitHub deploy key in repo settings)
-                    'elif GIT_TERMINAL_PROMPT=0 git clone git@github.com:' + githubRepo + '.git ' + repoName + ' 2>/dev/null; then ' +
-                    'true; ' +
-                    // All clone methods failed — show deploy key and instructions
-                    'else ' +
-                    'echo "" && ' +
-                    'echo "   [!] Cannot clone private repo — server needs GitHub access" && ' +
-                    'echo "" && ' +
-                    'echo "   Add this deploy key to your GitHub repo:" && ' +
-                    'echo "   GitHub → ' + githubRepo + ' → Settings → Deploy keys → Add" && ' +
-                    'echo "" && ' +
-                    'cat ~/.ssh/github_deploy_key.pub && ' +
-                    'echo "" && ' +
-                    'echo "   Then re-run: npx stack fix --prod" && ' +
-                    'exit 1; ' +
-                    'fi; '
-                : 'echo "   [!] No github_repo configured — cannot auto-clone" && exit 1; ') +
-            'fi && ';
+    const bootstrapCmd = 
+    // Install git if missing
+    'if ! command -v git &>/dev/null; then ' +
+        'echo "   Installing git..." && ' +
+        'sudo apt-get update -qq && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq git; ' +
+        'fi && ' +
+        // Install Node.js if missing
+        'if ! command -v node &>/dev/null; then ' +
+        'echo "   Installing Node.js 20.x..." && ' +
+        'curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && ' +
+        'sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq nodejs; ' +
+        'fi && ' +
+        // Install Docker if missing
+        'if ! command -v docker &>/dev/null; then ' +
+        'echo "   Installing Docker..." && ' +
+        'sudo apt-get update -qq && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq docker.io docker-compose-v2 && ' +
+        'sudo usermod -aG docker $USER && ' +
+        'sudo systemctl enable docker && sudo systemctl start docker; ' +
+        'fi && ' +
+        // Clone repo if missing (check .git dir to catch empty/broken clones)
+        'if [ ! -d "' + projectDir + '/.git" ]; then ' +
+        'echo "   Cloning project..." && ' +
+        'mkdir -p $HOME/.factiii && ' +
+        // Remove broken/partial clone directory if it exists without .git
+        'if [ -d "' + projectDir + '" ]; then echo "   Removing broken clone..." && rm -rf "' + projectDir + '"; fi && ' +
+        // Add github.com to known_hosts to avoid interactive prompt
+        'mkdir -p ~/.ssh && ssh-keyscan -t ed25519,rsa github.com >> ~/.ssh/known_hosts 2>/dev/null && ' +
+        // Generate a GitHub deploy key on the server if none exists
+        'if [ ! -f ~/.ssh/github_deploy_key ]; then ' +
+        'echo "   Generating GitHub deploy key on server..." && ' +
+        'ssh-keygen -t ed25519 -f ~/.ssh/github_deploy_key -N "" -C "server-deploy" -q && ' +
+        'chmod 600 ~/.ssh/github_deploy_key; ' +
+        'fi && ' +
+        // Configure SSH to use the deploy key for github.com
+        'if ! grep -q "Host github.com" ~/.ssh/config 2>/dev/null; then ' +
+        'printf "\\nHost github.com\\n  IdentityFile ~/.ssh/github_deploy_key\\n  IdentitiesOnly yes\\n" >> ~/.ssh/config && ' +
+        'chmod 600 ~/.ssh/config; ' +
+        'fi && ' +
+        (githubRepo
+            ? 'cd $HOME/.factiii && ' +
+                // Try HTTPS with token first (works for private repos when GITHUB_TOKEN is set)
+                'if [ -n "$GITHUB_TOKEN" ]; then ' +
+                'GIT_TERMINAL_PROMPT=0 git clone https://x-access-token:$GITHUB_TOKEN@github.com/' + githubRepo + '.git ' + repoName + '; ' +
+                // Then try SSH (works if server has a GitHub deploy key in repo settings)
+                'elif GIT_TERMINAL_PROMPT=0 git clone git@github.com:' + githubRepo + '.git ' + repoName + ' 2>/dev/null; then ' +
+                'true; ' +
+                // All clone methods failed — show deploy key and instructions
+                'else ' +
+                'echo "" && ' +
+                'echo "   [!] Cannot clone private repo — server needs GitHub access" && ' +
+                'echo "" && ' +
+                'echo "   Add this deploy key to your GitHub repo:" && ' +
+                'echo "   GitHub → ' + githubRepo + ' → Settings → Deploy keys → Add" && ' +
+                'echo "" && ' +
+                'cat ~/.ssh/github_deploy_key.pub && ' +
+                'echo "" && ' +
+                'echo "   Then re-run: npx stack fix --prod" && ' +
+                'exit 1; ' +
+                'fi; '
+            : 'echo "   [!] No github_repo configured — cannot auto-clone" && exit 1; ') +
+        'fi && ';
     const projectCheckCmd = bootstrapCmd;
     // Step 2: Still no key — prompt for it (EC2: .pem file, others: password)
     if (!resolvedKeyPath) {