@geekmidas/cli 0.53.0 → 1.0.0

package/src/deploy/dns/index.ts

@@ -5,17 +5,100 @@
  */
 
 import { lookup } from 'node:dns/promises';
-import { getHostingerToken, storeHostingerToken } from '../../auth/credentials';
-import type { DnsConfig } from '../../workspace/types';
+import type {
+	DnsConfig,
+	DnsProvider as DnsProviderConfig,
+} from '../../workspace/types';
 import {
 	type DokployStageState,
 	isDnsVerified,
 	setDnsVerification,
 } from '../state';
-import { HostingerApi } from './hostinger-api';
+import {
+	createDnsProvider,
+	type DnsProvider,
+	type DnsConfig as SchemaDnsConfig,
+	type UpsertDnsRecord,
+} from './DnsProvider';
 
 const logger = console;
 
+/**
+ * Check if DNS config is legacy format (single domain with `domain` property)
+ */
+export function isLegacyDnsConfig(
+	config: DnsConfig,
+): config is SchemaDnsConfig & { domain: string } {
+	return (
+		typeof config === 'object' &&
+		config !== null &&
+		'provider' in config &&
+		'domain' in config
+	);
+}
+
+/**
+ * Normalize DNS config to new multi-domain format
+ */
+export function normalizeDnsConfig(
+	config: DnsConfig,
+): Record<string, DnsProviderConfig> {
+	if (isLegacyDnsConfig(config)) {
+		// Convert legacy format to new format
+		const { domain, ...providerConfig } = config;
+		return { [domain]: providerConfig as DnsProviderConfig };
+	}
+	return config as Record<string, DnsProviderConfig>;
+}
+
+/**
+ * Find the root domain for a hostname from available DNS configs
+ *
+ * @example
+ * findRootDomain('api.geekmidas.com', { 'geekmidas.com': {...}, 'geekmidas.dev': {...} })
+ * // Returns 'geekmidas.com'
+ */
+export function findRootDomain(
+	hostname: string,
+	dnsConfig: Record<string, DnsProviderConfig>,
+): string | null {
+	// Sort domains by length descending to match most specific first
+	const domains = Object.keys(dnsConfig).sort((a, b) => b.length - a.length);
+
+	for (const domain of domains) {
+		if (hostname === domain || hostname.endsWith(`.${domain}`)) {
+			return domain;
+		}
+	}
+
+	return null;
+}
+
+/**
+ * Group hostnames by their root domain
+ */
+export function groupHostnamesByDomain(
+	appHostnames: Map<string, string>,
+	dnsConfig: Record<string, DnsProviderConfig>,
+): Map<string, Map<string, string>> {
+	const grouped = new Map<string, Map<string, string>>();
+
+	for (const [appName, hostname] of appHostnames) {
+		const rootDomain = findRootDomain(hostname, dnsConfig);
+		if (!rootDomain) {
+			logger.log(`   ⚠ No DNS config found for hostname: ${hostname}`);
+			continue;
+		}
+
+		if (!grouped.has(rootDomain)) {
+			grouped.set(rootDomain, new Map());
+		}
+		grouped.get(rootDomain)!.set(appName, hostname);
+	}
+
+	return grouped;
+}
+
 /**
  * Required DNS record for an app
  */
@@ -165,162 +248,139 @@ export function printDnsRecordsSimple(
 }
 
 /**
- * Prompt for input (reuse from deploy/index.ts pattern)
- */
-async function promptForToken(message: string): Promise<string> {
-	const { stdin, stdout } = await import('node:process');
-
-	if (!stdin.isTTY) {
-		throw new Error('Interactive input required for Hostinger token.');
-	}
-
-	// Hidden input for token
-	stdout.write(message);
-	return new Promise((resolve) => {
-		let value = '';
-		const onData = (char: Buffer) => {
-			const c = char.toString();
-			if (c === '\n' || c === '\r') {
-				stdin.setRawMode(false);
-				stdin.pause();
-				stdin.removeListener('data', onData);
-				stdout.write('\n');
-				resolve(value);
-			} else if (c === '\u0003') {
-				stdin.setRawMode(false);
-				stdin.pause();
-				stdout.write('\n');
-				process.exit(1);
-			} else if (c === '\u007F' || c === '\b') {
-				if (value.length > 0) value = value.slice(0, -1);
-			} else {
-				value += c;
-			}
-		};
-		stdin.setRawMode(true);
-		stdin.resume();
-		stdin.on('data', onData);
-	});
-}
-
-/**
- * Create DNS records using the configured provider
- */
-export async function createDnsRecords(
-	records: RequiredDnsRecord[],
-	dnsConfig: DnsConfig,
-): Promise<RequiredDnsRecord[]> {
-	const { provider, domain: rootDomain, ttl = 300 } = dnsConfig;
-
-	if (provider === 'manual') {
-		// Just mark all records as needing manual creation
-		return records.map((r) => ({ ...r, created: false, existed: false }));
-	}
-
-	if (provider === 'hostinger') {
-		return createHostingerRecords(records, rootDomain, ttl);
-	}
-
-	if (provider === 'cloudflare') {
-		logger.log('   ⚠ Cloudflare DNS integration not yet implemented');
-		return records.map((r) => ({
-			...r,
-			error: 'Cloudflare not implemented',
-		}));
-	}
-
-	return records;
-}
-
-/**
- * Create DNS records at Hostinger
+ * Create DNS records for a single domain using its configured provider
  */
-async function createHostingerRecords(
+export async function createDnsRecordsForDomain(
 	records: RequiredDnsRecord[],
 	rootDomain: string,
-	ttl: number,
+	providerConfig: DnsProviderConfig,
 ): Promise<RequiredDnsRecord[]> {
-	// Get or prompt for Hostinger token
-	let token = await getHostingerToken();
+	// Get TTL from config, default to 300. Manual mode doesn't have ttl property.
+	const ttl =
+		'ttl' in providerConfig && providerConfig.ttl ? providerConfig.ttl : 300;
 
-	if (!token) {
-		logger.log('\n   📋 Hostinger API token not found.');
+	// Get DNS provider from factory
+	let provider: DnsProvider | null;
+	try {
+		// Cast to schema-derived DnsConfig for provider factory
+		provider = await createDnsProvider({
+			config: providerConfig as SchemaDnsConfig,
+		});
+	} catch (error) {
+		const message = error instanceof Error ? error.message : 'Unknown error';
 		logger.log(
-			'   Get your token from: https://hpanel.hostinger.com/profile/api\n',
+			`   ⚠ Failed to create DNS provider for ${rootDomain}: ${message}`,
 		);
+		return records.map((r) => ({ ...r, error: message }));
+	}
 
-		try {
-			token = await promptForToken('   Hostinger API Token: ');
-			await storeHostingerToken(token);
-			logger.log('   ✓ Token saved');
-		} catch {
-			logger.log('   ⚠ Could not get token, skipping DNS creation');
-			return records.map((r) => ({
-				...r,
-				error: 'No API token',
-			}));
-		}
+	// Manual mode - no provider, just mark records as needing manual creation
+	if (!provider) {
+		return records.map((r) => ({ ...r, created: false, existed: false }));
 	}
 
-	const api = new HostingerApi(token);
 	const results: RequiredDnsRecord[] = [];
 
-	// Get existing records to check what already exists
-	let existingRecords: Awaited<ReturnType<typeof api.getRecords>> = [];
-	try {
-		existingRecords = await api.getRecords(rootDomain);
-	} catch (error) {
-		const message = error instanceof Error ? error.message : 'Unknown error';
-		logger.log(`   ⚠ Failed to fetch existing DNS records: ${message}`);
-		return records.map((r) => ({ ...r, error: message }));
-	}
+	// Convert RequiredDnsRecord to UpsertDnsRecord format
+	const upsertRecords: UpsertDnsRecord[] = records.map((r) => ({
+		name: r.subdomain,
+		type: r.type,
+		ttl,
+		value: r.value,
+	}));
 
-	// Process each record
-	for (const record of records) {
-		const existing = existingRecords.find(
-			(r) => r.name === record.subdomain && r.type === 'A',
+	try {
+		// Use provider to upsert records
+		const upsertResults = await provider.upsertRecords(
+			rootDomain,
+			upsertRecords,
 		);
 
-		if (existing) {
-			// Record already exists
-			results.push({
-				...record,
-				existed: true,
-				created: false,
-			});
-			continue;
-		}
+		// Map results back to RequiredDnsRecord format
+		for (const [i, record] of records.entries()) {
+			const result = upsertResults[i];
 
-		// Create the record
-		try {
-			await api.upsertRecords(rootDomain, [
-				{
-					name: record.subdomain,
-					type: 'A',
-					ttl,
-					records: [{ content: record.value }],
-				},
-			]);
+			// Handle case where upsertResults has fewer items (shouldn't happen but be safe)
+			if (!result) {
+				results.push({
+					hostname: record.hostname,
+					subdomain: record.subdomain,
+					type: record.type,
+					value: record.value,
+					appName: record.appName,
+					error: 'No result returned from provider',
+				});
+				continue;
+			}
 
-			results.push({
-				...record,
-				created: true,
-				existed: false,
-			});
-		} catch (error) {
-			const message = error instanceof Error ? error.message : 'Unknown error';
-			results.push({
-				...record,
-				error: message,
-			});
+			if (result.unchanged) {
+				results.push({
+					hostname: record.hostname,
+					subdomain: record.subdomain,
+					type: record.type,
+					value: record.value,
+					appName: record.appName,
+					existed: true,
+					created: false,
+				});
+			} else {
+				results.push({
+					hostname: record.hostname,
+					subdomain: record.subdomain,
+					type: record.type,
+					value: record.value,
+					appName: record.appName,
+					created: result.created,
+					existed: !result.created,
+				});
+			}
 		}
+	} catch (error) {
+		const message = error instanceof Error ? error.message : 'Unknown error';
+		logger.log(
+			`   ⚠ Failed to create DNS records for ${rootDomain}: ${message}`,
+		);
+		return records.map((r) => ({
+			hostname: r.hostname,
+			subdomain: r.subdomain,
+			type: r.type,
+			value: r.value,
+			appName: r.appName,
+			error: message,
+		}));
 	}
 
 	return results;
 }
 
+/**
+ * Create DNS records using the configured provider
+ * @deprecated Use createDnsRecordsForDomain for multi-domain support
+ */
+export async function createDnsRecords(
+	records: RequiredDnsRecord[],
+	dnsConfig: DnsConfig,
+): Promise<RequiredDnsRecord[]> {
+	// Handle legacy config format
+	if (!isLegacyDnsConfig(dnsConfig)) {
+		throw new Error(
+			'createDnsRecords requires legacy DnsConfig with domain property. Use createDnsRecordsForDomain instead.',
+		);
+	}
+	const { domain: rootDomain, ...providerConfig } = dnsConfig;
+	return createDnsRecordsForDomain(
+		records,
+		rootDomain,
+		providerConfig as DnsProviderConfig,
+	);
+}
+
 /**
  * Main DNS orchestration function for deployments
+ *
+ * Supports both legacy single-domain format and new multi-domain format:
+ * - Legacy: { provider: 'hostinger', domain: 'example.com' }
+ * - Multi:  { 'example.com': { provider: 'hostinger' }, 'example.dev': { provider: 'route53' } }
  */
 export async function orchestrateDns(
 	appHostnames: Map<string, string>, // appName -> hostname
@@ -331,7 +391,8 @@ export async function orchestrateDns(
 		return null;
 	}
 
-	const { domain: rootDomain, autoCreate = true } = dnsConfig;
+	// Normalize config to multi-domain format
+	const normalizedConfig = normalizeDnsConfig(dnsConfig);
 
 	// Resolve Dokploy server IP from endpoint
 	logger.log('\n🌐 Setting up DNS records...');
@@ -347,56 +408,87 @@ export async function orchestrateDns(
 		return null;
 	}
 
-	// Generate required records
-	const requiredRecords = generateRequiredRecords(
+	// Group hostnames by their root domain
+	const groupedHostnames = groupHostnamesByDomain(
 		appHostnames,
-		rootDomain,
-		serverIp,
+		normalizedConfig,
 	);
 
-	if (requiredRecords.length === 0) {
-		logger.log('   No DNS records needed');
+	if (groupedHostnames.size === 0) {
+		logger.log(
+			'   No DNS records needed (no hostnames match configured domains)',
+		);
 		return { records: [], success: true, serverIp };
 	}
 
-	// Create records if auto-create is enabled
-	let finalRecords: RequiredDnsRecord[];
+	const allRecords: RequiredDnsRecord[] = [];
+	let hasFailures = false;
+
+	// Process each domain group with its specific provider
+	for (const [rootDomain, domainHostnames] of groupedHostnames) {
+		const providerConfig = normalizedConfig[rootDomain];
+		if (!providerConfig) {
+			logger.log(`   ⚠ No provider config for ${rootDomain}`);
+			continue;
+		}
+
+		const providerName =
+			typeof providerConfig.provider === 'string'
+				? providerConfig.provider
+				: 'custom';
+
+		// Generate required records for this domain
+		const requiredRecords = generateRequiredRecords(
+			domainHostnames,
+			rootDomain,
+			serverIp,
+		);
+
+		if (requiredRecords.length === 0) {
+			continue;
+		}
 
-	if (autoCreate && dnsConfig.provider !== 'manual') {
-		logger.log(`   Creating DNS records at ${dnsConfig.provider}...`);
-		finalRecords = await createDnsRecords(requiredRecords, dnsConfig);
+		// Create records for this domain
+		logger.log(
+			`   Creating DNS records for ${rootDomain} (${providerName})...`,
+		);
+		const domainRecords = await createDnsRecordsForDomain(
+			requiredRecords,
+			rootDomain,
+			providerConfig,
+		);
+
+		allRecords.push(...domainRecords);
 
-		const created = finalRecords.filter((r) => r.created).length;
-		const existed = finalRecords.filter((r) => r.existed).length;
-		const failed = finalRecords.filter((r) => r.error).length;
+		const created = domainRecords.filter((r) => r.created).length;
+		const existed = domainRecords.filter((r) => r.existed).length;
+		const failed = domainRecords.filter((r) => r.error).length;
 
 		if (created > 0) {
-			logger.log(`   ✓ Created ${created} DNS record(s)`);
+			logger.log(`   ✓ Created ${created} DNS record(s) for ${rootDomain}`);
 		}
 		if (existed > 0) {
-			logger.log(`   ✓ ${existed} record(s) already exist`);
+			logger.log(`   ✓ ${existed} record(s) already exist for ${rootDomain}`);
 		}
 		if (failed > 0) {
-			logger.log(`   ⚠ ${failed} record(s) failed`);
+			logger.log(`   ⚠ ${failed} record(s) failed for ${rootDomain}`);
+			hasFailures = true;
 		}
-	} else {
-		finalRecords = requiredRecords;
-	}
 
-	// Print summary table
-	printDnsRecordsTable(finalRecords, rootDomain);
+		// Print summary table for this domain
+		printDnsRecordsTable(domainRecords, rootDomain);
 
-	// If manual mode or some failed, print simple instructions
-	const hasFailures = finalRecords.some((r) => r.error);
-	if (dnsConfig.provider === 'manual' || hasFailures) {
-		printDnsRecordsSimple(
-			finalRecords.filter((r) => !r.created && !r.existed),
-			rootDomain,
-		);
+		// If manual mode or some failed, print simple instructions
+		if (providerConfig.provider === 'manual' || failed > 0) {
+			printDnsRecordsSimple(
+				domainRecords.filter((r) => !r.created && !r.existed),
+				rootDomain,
+			);
+		}
 	}
 
 	return {
-		records: finalRecords,
+		records: allRecords,
 		success: !hasFailures,
 		serverIp,
 	};

package/src/deploy/env-resolver.ts

@@ -10,10 +10,10 @@ import { randomBytes } from 'node:crypto';
 import type { StageSecrets } from '../secrets/types';
 import type { NormalizedAppConfig } from '../workspace/types';
 import {
-	getGeneratedSecret,
-	setGeneratedSecret,
 	type AppDbCredentials,
 	type DokployStageState,
+	getGeneratedSecret,
+	setGeneratedSecret,
 } from './state';
 
 /**
@@ -82,7 +82,9 @@ export type AutoSupportedVar = (typeof AUTO_SUPPORTED_VARS)[number];
 /**
  * Check if a variable name is auto-supported
  */
-export function isAutoSupportedVar(varName: string): varName is AutoSupportedVar {
+export function isAutoSupportedVar(
+	varName: string,
+): varName is AutoSupportedVar {
 	return AUTO_SUPPORTED_VARS.includes(varName as AutoSupportedVar);
 }
 
@@ -212,11 +214,16 @@ export function resolveEnvVar(
 
 		// Check URLs (DATABASE_URL, REDIS_URL, RABBITMQ_URL)
 		if (varName in context.userSecrets.urls) {
-			return context.userSecrets.urls[varName as keyof typeof context.userSecrets.urls];
+			return context.userSecrets.urls[
+				varName as keyof typeof context.userSecrets.urls
+			];
 		}
 
 		// Check service-specific vars
-		if (varName === 'POSTGRES_PASSWORD' && context.userSecrets.services.postgres) {
+		if (
+			varName === 'POSTGRES_PASSWORD' &&
+			context.userSecrets.services.postgres
+		) {
 			return context.userSecrets.services.postgres.password;
 		}
 		if (varName === 'REDIS_PASSWORD' && context.userSecrets.services.redis) {

package/src/deploy/index.ts

@@ -64,11 +64,7 @@ import {
 	isDeployTargetSupported,
 } from '../workspace/index.js';
 import type { NormalizedWorkspace } from '../workspace/types.js';
-import {
-	orchestrateDns,
-	resolveHostnameToIp,
-	verifyDnsRecords,
-} from './dns/index.js';
+import { orchestrateDns, verifyDnsRecords } from './dns/index.js';
 import { deployDocker, resolveDockerConfig } from './docker';
 import { deployDokploy } from './dokploy';
 import {
@@ -89,6 +85,7 @@ import {
 	validateEnvVars,
 } from './env-resolver.js';
 import { updateConfig } from './init';
+import { createStateProvider } from './StateProvider.js';
 import { generateSecretsReport, prepareSecretsForAllApps } from './secrets.js';
 import { sniffAllApps } from './sniffer.js';
 import {
@@ -98,12 +95,10 @@ import {
 	getApplicationId,
 	getPostgresId,
 	getRedisId,
-	readStageState,
 	setAppCredentials,
 	setApplicationId,
 	setPostgresId,
 	setRedisId,
-	writeStageState,
 } from './state.js';
 import type {
 	AppDeployResult,
@@ -404,7 +399,7 @@ function getServerHostname(endpoint: string): string {
  * // Returns: postgresql://api:secret123@postgres-abc:5432/myproject
  * ```
  */
-function buildPerAppDatabaseUrl(
+function _buildPerAppDatabaseUrl(
 	appName: string,
 	appPassword: string,
 	postgresAppName: string,
@@ -1073,10 +1068,18 @@ export async function workspaceDeployCommand(
 	}
 
 	// ==================================================================
-	// STATE: Load or create deploy state for this stage
+	// STATE: Create state provider and load deploy state
 	// ==================================================================
 	logger.log('\n📋 Loading deploy state...');
-	let state = await readStageState(workspace.root, stage);
+
+	// Create state provider based on workspace config
+	const stateProvider = await createStateProvider({
+		config: workspace.state,
+		workspaceRoot: workspace.root,
+		workspaceName: workspace.name,
+	});
+
+	let state = await stateProvider.read(stage);
 
 	if (state) {
 		logger.log(`   Found existing state for stage "${stage}"`);
@@ -1684,8 +1687,8 @@ export async function workspaceDeployCommand(
 	// STATE: Save deploy state
 	// ==================================================================
 	logger.log('\n📋 Saving deploy state...');
-	await writeStageState(workspace.root, stage, state);
-	logger.log(`   ✓ State saved to .gkm/deploy-${stage}.json`);
+	await stateProvider.write(stage, state);
+	logger.log('   ✓ State saved');
 
 	// ==================================================================
 	// DNS: Create DNS records, verify propagation, and validate for SSL
@@ -1703,7 +1706,7 @@ export async function workspaceDeployCommand(
 			await verifyDnsRecords(appHostnames, dnsResult.serverIp, state);
 
 			// Save state again to persist DNS verification results
-			await writeStageState(workspace.root, stage, state);
+			await stateProvider.write(stage, state);
 		}
 
 		// Validate domains to trigger SSL certificate generation

package/src/deploy/sniffer-envkit-patch.ts

@@ -48,7 +48,9 @@ class PatchedEnvironmentParser {
 	create<TReturn extends Record<string, unknown>>(
 		builder: (get: EnvFetcher) => TReturn,
 	): ConfigParser<TReturn> {
-		return globalThis.__envSniffer!.create(builder) as ConfigParser<TReturn>;
+		return globalThis.__envSniffer!.create(
+			builder as any,
+		) as unknown as ConfigParser<TReturn>;
 	}
 }