npm - @geekmidas/cli - Versions diffs - 0.54.0 → 1.0.1 - Mend

@geekmidas/cli 0.54.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (154) hide show

package/CHANGELOG.md +23 -0
package/README.md +26 -5
package/dist/CachedStateProvider-D73dCqfH.cjs +60 -0
package/dist/CachedStateProvider-D73dCqfH.cjs.map +1 -0
package/dist/CachedStateProvider-DVyKfaMm.mjs +54 -0
package/dist/CachedStateProvider-DVyKfaMm.mjs.map +1 -0
package/dist/CachedStateProvider-D_uISMmJ.cjs +3 -0
package/dist/CachedStateProvider-OiFUGr7p.mjs +3 -0
package/dist/HostingerProvider-DUV9-Tzg.cjs +210 -0
package/dist/HostingerProvider-DUV9-Tzg.cjs.map +1 -0
package/dist/HostingerProvider-DqUq6e9i.mjs +210 -0
package/dist/HostingerProvider-DqUq6e9i.mjs.map +1 -0
package/dist/LocalStateProvider-CdspeSVL.cjs +43 -0
package/dist/LocalStateProvider-CdspeSVL.cjs.map +1 -0
package/dist/LocalStateProvider-DxoSaWUV.mjs +42 -0
package/dist/LocalStateProvider-DxoSaWUV.mjs.map +1 -0
package/dist/Route53Provider-CpRIqu69.cjs +157 -0
package/dist/Route53Provider-CpRIqu69.cjs.map +1 -0
package/dist/Route53Provider-KUAX3vz9.mjs +156 -0
package/dist/Route53Provider-KUAX3vz9.mjs.map +1 -0
package/dist/SSMStateProvider-BxAPU99a.cjs +53 -0
package/dist/SSMStateProvider-BxAPU99a.cjs.map +1 -0
package/dist/SSMStateProvider-C4wp4AZe.mjs +52 -0
package/dist/SSMStateProvider-C4wp4AZe.mjs.map +1 -0
package/dist/{bundler-DGry2vaR.mjs → bundler-BqTN5Dj5.mjs} +3 -3
package/dist/{bundler-DGry2vaR.mjs.map → bundler-BqTN5Dj5.mjs.map} +1 -1
package/dist/{bundler-BB-kETMd.cjs → bundler-tHLLwYuU.cjs} +3 -3
package/dist/{bundler-BB-kETMd.cjs.map → bundler-tHLLwYuU.cjs.map} +1 -1
package/dist/{config-HYiM3iQJ.cjs → config-BGeJsW1r.cjs} +2 -2
package/dist/{config-HYiM3iQJ.cjs.map → config-BGeJsW1r.cjs.map} +1 -1
package/dist/{config-C3LSBNSl.mjs → config-C6awcFBx.mjs} +2 -2
package/dist/{config-C3LSBNSl.mjs.map → config-C6awcFBx.mjs.map} +1 -1
package/dist/config.cjs +2 -2
package/dist/config.d.cts +1 -1
package/dist/config.d.mts +2 -2
package/dist/config.mjs +2 -2
package/dist/credentials-C8DWtnMY.cjs +174 -0
package/dist/credentials-C8DWtnMY.cjs.map +1 -0
package/dist/credentials-DT1dSxIx.mjs +126 -0
package/dist/credentials-DT1dSxIx.mjs.map +1 -0
package/dist/deploy/sniffer-envkit-patch.cjs.map +1 -1
package/dist/deploy/sniffer-envkit-patch.mjs.map +1 -1
package/dist/deploy/sniffer-loader.cjs +1 -1
package/dist/{dokploy-api-94KzmTVf.mjs → dokploy-api-7k3t7_zd.mjs} +1 -1
package/dist/{dokploy-api-94KzmTVf.mjs.map → dokploy-api-7k3t7_zd.mjs.map} +1 -1
package/dist/dokploy-api-CHa8G51l.mjs +3 -0
package/dist/{dokploy-api-YD8WCQfW.cjs → dokploy-api-CQvhV6Hd.cjs} +1 -1
package/dist/{dokploy-api-YD8WCQfW.cjs.map → dokploy-api-CQvhV6Hd.cjs.map} +1 -1
package/dist/dokploy-api-CWc02yyg.cjs +3 -0
package/dist/{encryption-DaCB_NmS.cjs → encryption-BE0UOb8j.cjs} +1 -1
package/dist/{encryption-DaCB_NmS.cjs.map → encryption-BE0UOb8j.cjs.map} +1 -1
package/dist/{encryption-Biq0EZ4m.cjs → encryption-Cv3zips0.cjs} +1 -1
package/dist/{encryption-BC4MAODn.mjs → encryption-JtMsiGNp.mjs} +1 -1
package/dist/{encryption-BC4MAODn.mjs.map → encryption-JtMsiGNp.mjs.map} +1 -1
package/dist/encryption-UUmaWAmz.mjs +3 -0
package/dist/{index-pOA56MWT.d.cts → index-B5rGIc4g.d.cts} +553 -196
package/dist/index-B5rGIc4g.d.cts.map +1 -0
package/dist/{index-A70abJ1m.d.mts → index-KFEbMIRa.d.mts} +554 -197
package/dist/index-KFEbMIRa.d.mts.map +1 -0
package/dist/index.cjs +2265 -658
package/dist/index.cjs.map +1 -1
package/dist/index.mjs +2242 -635
package/dist/index.mjs.map +1 -1
package/dist/{openapi-C3C-BzIZ.mjs → openapi-BMFmLnX6.mjs} +51 -7
package/dist/openapi-BMFmLnX6.mjs.map +1 -0
package/dist/{openapi-D7WwlpPF.cjs → openapi-D1KXv2Ml.cjs} +51 -7
package/dist/openapi-D1KXv2Ml.cjs.map +1 -0
package/dist/{openapi-react-query-C_MxpBgF.cjs → openapi-react-query-BeXvk-wa.cjs} +1 -1
package/dist/{openapi-react-query-C_MxpBgF.cjs.map → openapi-react-query-BeXvk-wa.cjs.map} +1 -1
package/dist/{openapi-react-query-ZoP9DPbY.mjs → openapi-react-query-DGEkD39r.mjs} +1 -1
package/dist/{openapi-react-query-ZoP9DPbY.mjs.map → openapi-react-query-DGEkD39r.mjs.map} +1 -1
package/dist/openapi-react-query.cjs +1 -1
package/dist/openapi-react-query.mjs +1 -1
package/dist/openapi.cjs +3 -3
package/dist/openapi.d.cts +1 -1
package/dist/openapi.d.mts +2 -2
package/dist/openapi.mjs +3 -3
package/dist/{storage-Dhst7BhI.mjs → storage-BMW6yLu3.mjs} +1 -1
package/dist/{storage-Dhst7BhI.mjs.map → storage-BMW6yLu3.mjs.map} +1 -1
package/dist/{storage-fOR8dMu5.cjs → storage-C7pmBq1u.cjs} +1 -1
package/dist/{storage-BPRgh3DU.cjs → storage-CoCNe0Pt.cjs} +1 -1
package/dist/{storage-BPRgh3DU.cjs.map → storage-CoCNe0Pt.cjs.map} +1 -1
package/dist/{storage-DNj_I11J.mjs → storage-D8XzjVaO.mjs} +1 -1
package/dist/{types-BtGL-8QS.d.mts → types-BldpmqQX.d.mts} +1 -1
package/dist/{types-BtGL-8QS.d.mts.map → types-BldpmqQX.d.mts.map} +1 -1
package/dist/workspace/index.cjs +1 -1
package/dist/workspace/index.d.cts +1 -1
package/dist/workspace/index.d.mts +2 -2
package/dist/workspace/index.mjs +1 -1
package/dist/{workspace-CaVW6j2q.cjs → workspace-BFRUOOrh.cjs} +309 -25
package/dist/workspace-BFRUOOrh.cjs.map +1 -0
package/dist/{workspace-DLFRaDc-.mjs → workspace-DAxG3_H2.mjs} +309 -25
package/dist/workspace-DAxG3_H2.mjs.map +1 -0
package/package.json +14 -8
package/scripts/sync-versions.ts +86 -0
package/src/build/__tests__/handler-templates.spec.ts +115 -47
package/src/deploy/CachedStateProvider.ts +86 -0
package/src/deploy/LocalStateProvider.ts +57 -0
package/src/deploy/SSMStateProvider.ts +93 -0
package/src/deploy/StateProvider.ts +171 -0
package/src/deploy/__tests__/CachedStateProvider.spec.ts +228 -0
package/src/deploy/__tests__/HostingerProvider.spec.ts +347 -0
package/src/deploy/__tests__/LocalStateProvider.spec.ts +126 -0
package/src/deploy/__tests__/Route53Provider.spec.ts +402 -0
package/src/deploy/__tests__/SSMStateProvider.spec.ts +177 -0
package/src/deploy/__tests__/__fixtures__/env-parsers/throwing-env-parser.ts +1 -3
package/src/deploy/__tests__/__fixtures__/route-apps/services.ts +28 -19
package/src/deploy/__tests__/createDnsProvider.spec.ts +172 -0
package/src/deploy/__tests__/createStateProvider.spec.ts +116 -0
package/src/deploy/__tests__/dns-orchestration.spec.ts +192 -0
package/src/deploy/__tests__/dns-verification.spec.ts +2 -2
package/src/deploy/__tests__/env-resolver.spec.ts +37 -15
package/src/deploy/__tests__/sniffer.spec.ts +4 -20
package/src/deploy/__tests__/state.spec.ts +13 -5
package/src/deploy/dns/DnsProvider.ts +163 -0
package/src/deploy/dns/HostingerProvider.ts +100 -0
package/src/deploy/dns/Route53Provider.ts +256 -0
package/src/deploy/dns/index.ts +257 -165
package/src/deploy/env-resolver.ts +12 -5
package/src/deploy/index.ts +16 -13
package/src/deploy/sniffer-envkit-patch.ts +3 -1
package/src/deploy/sniffer-routes-worker.ts +104 -0
package/src/deploy/sniffer.ts +77 -55
package/src/deploy/state-commands.ts +274 -0
package/src/dev/__tests__/entry.spec.ts +8 -2
package/src/dev/__tests__/index.spec.ts +1 -3
package/src/dev/index.ts +9 -3
package/src/docker/__tests__/templates.spec.ts +3 -1
package/src/index.ts +88 -0
package/src/init/__tests__/generators.spec.ts +273 -0
package/src/init/__tests__/init.spec.ts +3 -3
package/src/init/generators/auth.ts +1 -0
package/src/init/generators/config.ts +2 -0
package/src/init/generators/models.ts +6 -1
package/src/init/generators/monorepo.ts +3 -0
package/src/init/generators/ui.ts +1472 -0
package/src/init/generators/web.ts +134 -87
package/src/init/index.ts +22 -3
package/src/init/templates/api.ts +109 -3
package/src/init/versions.ts +25 -53
package/src/openapi.ts +99 -13
package/src/workspace/__tests__/schema.spec.ts +107 -0
package/src/workspace/schema.ts +314 -4
package/src/workspace/types.ts +22 -36
package/dist/dokploy-api-CItuaWTq.mjs +0 -3
package/dist/dokploy-api-DBNE8MDt.cjs +0 -3
package/dist/encryption-CQXBZGkt.mjs +0 -3
package/dist/index-A70abJ1m.d.mts.map +0 -1
package/dist/index-pOA56MWT.d.cts.map +0 -1
package/dist/openapi-C3C-BzIZ.mjs.map +0 -1
package/dist/openapi-D7WwlpPF.cjs.map +0 -1
package/dist/workspace-CaVW6j2q.cjs.map +0 -1
package/dist/workspace-DLFRaDc-.mjs.map +0 -1
package/tsconfig.tsbuildinfo +0 -1

package/src/openapi.ts CHANGED Viewed

@@ -2,7 +2,7 @@
 import { mkdir, writeFile } from 'node:fs/promises';
 import { dirname, join } from 'node:path';
-import { loadConfig } from './config.js';
+import { loadWorkspaceConfig } from './config.js';
 import { EndpointGenerator } from './generators/EndpointGenerator.js';
 import { OpenApiTsGenerator } from './generators/OpenApiTsGenerator.js';
 import type { GkmConfig, OpenApiConfig } from './types.js';
@@ -12,7 +12,7 @@ interface OpenAPIOptions {
 }
 /**
- * Fixed output path for generated OpenAPI client (not configurable)
+ * Default output path for generated OpenAPI client (used for single-app configs)
  */
 export const OPENAPI_OUTPUT_PATH = './.gkm/openapi.ts';
@@ -92,17 +92,103 @@ export async function openapiCommand(
 	const logger = console;
 	try {
-		const config = await loadConfig(options.cwd);
-		// Enable openapi if not configured
-		if (!config.openapi) {
-			config.openapi = { enabled: true };
-		}
-		const result = await generateOpenApi(config);
-		if (result) {
-			logger.log(`Found ${result.endpointCount} endpoints`);
+		const loadedConfig = await loadWorkspaceConfig(options.cwd);
+		if (loadedConfig.type === 'single') {
+			// Single-app config - use existing behavior
+			const config = loadedConfig.raw as GkmConfig;
+			// Enable openapi if not configured
+			if (!config.openapi) {
+				config.openapi = { enabled: true };
+			}
+			const result = await generateOpenApi(config);
+			if (result) {
+				logger.log(`Found ${result.endpointCount} endpoints`);
+			}
+		} else {
+			// Workspace config - generate for each backend app and copy to frontend clients
+			const { workspace } = loadedConfig;
+			const workspaceRoot = options.cwd || process.cwd();
+			// Find backend apps with openapi enabled
+			const backendApps = Object.entries(workspace.apps).filter(
+				([_, app]) =>
+					app.type === 'backend' &&
+					(app.openapi === true ||
+						(typeof app.openapi === 'object' && app.openapi.enabled !== false)),
+			);
+			if (backendApps.length === 0) {
+				logger.log('No backend apps with OpenAPI enabled found');
+				return;
+			}
+			// Find frontend apps with client config
+			const frontendApps = Object.entries(workspace.apps).filter(
+				([_, app]) => app.type === 'frontend' && app.client?.output,
+			);
+			// Generate OpenAPI for each backend app
+			for (const [appName, app] of backendApps) {
+				if (app.type !== 'backend' || !app.routes) continue;
+				const appPath = join(workspaceRoot, app.path);
+				const routes = Array.isArray(app.routes) ? app.routes : [app.routes];
+				const routesGlob = routes.map((r) => join(appPath, r));
+				const gkmConfig: GkmConfig = {
+					routes: routesGlob,
+					envParser: app.envParser || '',
+					logger: app.logger || '',
+					openapi: app.openapi,
+				};
+				// Change to app directory for generation
+				const originalCwd = process.cwd();
+				process.chdir(appPath);
+				const result = await generateOpenApi(gkmConfig, { silent: true });
+				process.chdir(originalCwd);
+				if (result) {
+					logger.log(
+						`📄 [${appName}] Generated OpenAPI (${result.endpointCount} endpoints)`,
+					);
+					// Copy to frontend apps that depend on this backend
+					for (const [frontendName, frontendApp] of frontendApps) {
+						if (frontendApp.type !== 'frontend') continue;
+						const dependsOnBackend =
+							!frontendApp.dependencies ||
+							frontendApp.dependencies.includes(appName);
+						if (dependsOnBackend && frontendApp.client?.output) {
+							const frontendPath = join(workspaceRoot, frontendApp.path);
+							const clientOutputPath = join(
+								frontendPath,
+								frontendApp.client.output,
+								'openapi.ts',
+							);
+							await mkdir(dirname(clientOutputPath), { recursive: true });
+							// Read the generated content and write to frontend
+							const { readFile } = await import('node:fs/promises');
+							const content = await readFile(result.outputPath, 'utf-8');
+							await writeFile(clientOutputPath, content);
+							logger.log(
+								`   → [${frontendName}] ${frontendApp.client.output}/openapi.ts`,
+							);
+						}
+					}
+				}
+			}
 		}
 	} catch (error) {
 		throw new Error(`OpenAPI generation failed: ${(error as Error).message}`);

package/src/workspace/__tests__/schema.spec.ts CHANGED Viewed

@@ -592,6 +592,113 @@ describe('WorkspaceConfigSchema', () => {
 		});
 	});
+	describe('DNS configuration', () => {
+		it('should accept multi-domain DNS config', () => {
+			const config = {
+				apps: {
+					api: {
+						type: 'backend' as const,
+						path: 'apps/api',
+						port: 3000,
+						routes: './src/**/*.ts',
+					},
+				},
+				deploy: {
+					default: 'dokploy' as const,
+					dns: {
+						'geekmidas.dev': { provider: 'hostinger' as const },
+						'geekmidas.com': {
+							provider: 'route53' as const,
+							region: 'us-east-1' as const,
+						},
+					},
+				},
+			};
+			const result = validateWorkspaceConfig(config);
+			expect(result.deploy?.dns).toEqual({
+				'geekmidas.dev': { provider: 'hostinger' },
+				'geekmidas.com': { provider: 'route53', region: 'us-east-1' },
+			});
+		});
+		it('should accept legacy single-domain DNS config', () => {
+			const config = {
+				apps: {
+					api: {
+						type: 'backend' as const,
+						path: 'apps/api',
+						port: 3000,
+						routes: './src/**/*.ts',
+					},
+				},
+				deploy: {
+					default: 'dokploy' as const,
+					dns: {
+						provider: 'hostinger' as const,
+						domain: 'example.com',
+					},
+				},
+			};
+			const result = validateWorkspaceConfig(config);
+			expect(result.deploy?.dns).toEqual({
+				provider: 'hostinger',
+				domain: 'example.com',
+			});
+		});
+		it('should accept DNS config with manual provider', () => {
+			const config = {
+				apps: {
+					api: {
+						type: 'backend' as const,
+						path: 'apps/api',
+						port: 3000,
+						routes: './src/**/*.ts',
+					},
+				},
+				deploy: {
+					default: 'dokploy' as const,
+					dns: {
+						'example.com': { provider: 'manual' as const },
+					},
+				},
+			};
+			const result = validateWorkspaceConfig(config);
+			expect(result.deploy?.dns).toEqual({
+				'example.com': { provider: 'manual' },
+			});
+		});
+		it('should accept DNS config with TTL', () => {
+			const config = {
+				apps: {
+					api: {
+						type: 'backend' as const,
+						path: 'apps/api',
+						port: 3000,
+						routes: './src/**/*.ts',
+					},
+				},
+				deploy: {
+					default: 'dokploy' as const,
+					dns: {
+						'example.com': { provider: 'hostinger' as const, ttl: 600 },
+					},
+				},
+			};
+			const result = validateWorkspaceConfig(config);
+			expect((result.deploy?.dns as any)['example.com'].ttl).toBe(600);
+		});
+	});
 	describe('deploy target helpers', () => {
 		it('isDeployTargetSupported should return true for dokploy', () => {
 			expect(isDeployTargetSupported('dokploy')).toBe(true);

package/src/workspace/schema.ts CHANGED Viewed

@@ -75,7 +75,10 @@ const FrontendFrameworkSchema = z.enum(['nextjs', 'remix', 'vite']);
 /**
  * Combined framework schema (backend or frontend).
  */
-const FrameworkSchema = z.union([BackendFrameworkSchema, FrontendFrameworkSchema]);
+const FrameworkSchema = z.union([
+	BackendFrameworkSchema,
+	FrontendFrameworkSchema,
+]);
 /**
  * Deploy target schema.
@@ -164,12 +167,251 @@ const DokployWorkspaceConfigSchema = z.object({
 	registryId: z.string().optional(),
 });
+// =============================================================================
+// AWS Regions (needed by DNS and State providers)
+// =============================================================================
+/**
+ * Valid AWS regions.
+ */
+const AwsRegionSchema = z.enum([
+	'us-east-1',
+	'us-east-2',
+	'us-west-1',
+	'us-west-2',
+	'af-south-1',
+	'ap-east-1',
+	'ap-south-1',
+	'ap-south-2',
+	'ap-southeast-1',
+	'ap-southeast-2',
+	'ap-southeast-3',
+	'ap-southeast-4',
+	'ap-northeast-1',
+	'ap-northeast-2',
+	'ap-northeast-3',
+	'ca-central-1',
+	'eu-central-1',
+	'eu-central-2',
+	'eu-west-1',
+	'eu-west-2',
+	'eu-west-3',
+	'eu-south-1',
+	'eu-south-2',
+	'eu-north-1',
+	'me-south-1',
+	'me-central-1',
+	'sa-east-1',
+]);
+// =============================================================================
+// DNS Record Types (used by DnsProvider interface)
+// =============================================================================
+/**
+ * DNS record types supported across providers.
+ */
+export const DnsRecordTypeSchema = z.enum([
+	'A',
+	'AAAA',
+	'CNAME',
+	'MX',
+	'TXT',
+	'NS',
+	'SRV',
+	'CAA',
+]);
+/**
+ * A DNS record as returned by the provider.
+ */
+export const DnsRecordSchema = z.object({
+	/** Subdomain name (e.g., 'api' for api.example.com, '@' for root) */
+	name: z.string(),
+	/** Record type */
+	type: DnsRecordTypeSchema,
+	/** TTL in seconds */
+	ttl: z.number().int().positive(),
+	/** Record values */
+	values: z.array(z.string()),
+});
+/**
+ * A DNS record to create or update.
+ */
+export const UpsertDnsRecordSchema = z.object({
+	/** Subdomain name (e.g., 'api' for api.example.com, '@' for root) */
+	name: z.string(),
+	/** Record type */
+	type: DnsRecordTypeSchema,
+	/** TTL in seconds */
+	ttl: z.number().int().positive(),
+	/** Record value (IP address, hostname, etc.) */
+	value: z.string(),
+});
+/**
+ * Result of an upsert operation.
+ */
+export const UpsertResultSchema = z.object({
+	/** The record that was upserted */
+	record: UpsertDnsRecordSchema,
+	/** Whether the record was created (true) or updated (false) */
+	created: z.boolean(),
+	/** Whether the record already existed with the same value */
+	unchanged: z.boolean(),
+});
+// =============================================================================
+// DNS Provider Configuration
+// =============================================================================
+/**
+ * Hostinger DNS provider config (without domain - domain is the record key).
+ */
+export const HostingerDnsProviderSchema = z.object({
+	provider: z.literal('hostinger'),
+	/** TTL in seconds (default: 300) */
+	ttl: z.number().int().positive().optional(),
+});
+/**
+ * Route53 DNS provider config (without domain - domain is the record key).
+ */
+export const Route53DnsProviderSchema = z.object({
+	provider: z.literal('route53'),
+	/** AWS region (optional - uses AWS_REGION env var if not provided) */
+	region: AwsRegionSchema.optional(),
+	/** AWS profile name (optional - uses default credential chain if not provided) */
+	profile: z.string().optional(),
+	/** Hosted zone ID (optional - auto-detected from domain if not provided) */
+	hostedZoneId: z.string().optional(),
+	/** TTL in seconds (default: 300) */
+	ttl: z.number().int().positive().optional(),
+});
+/**
+ * Cloudflare DNS provider config (placeholder for future).
+ */
+export const CloudflareDnsProviderSchema = z.object({
+	provider: z.literal('cloudflare'),
+	/** TTL in seconds (default: 300) */
+	ttl: z.number().int().positive().optional(),
+});
+/**
+ * Manual DNS configuration (user handles DNS themselves).
+ */
+export const ManualDnsProviderSchema = z.object({
+	provider: z.literal('manual'),
+});
+/**
+ * Custom DNS provider config (user-provided implementation).
+ */
+export const CustomDnsProviderSchema = z.object({
+	/** Custom DnsProvider implementation */
+	provider: z.custom<{
+		name: string;
+		getRecords: Function;
+		upsertRecords: Function;
+	}>(
+		(val) =>
+			typeof val === 'object' &&
+			val !== null &&
+			typeof (val as any).name === 'string' &&
+			typeof (val as any).getRecords === 'function' &&
+			typeof (val as any).upsertRecords === 'function',
+		{
+			message:
+				'Custom DNS provider must implement name, getRecords(), and upsertRecords() methods',
+		},
+	),
+	/** TTL in seconds (default: 300) */
+	ttl: z.number().int().positive().optional(),
+});
+/**
+ * Built-in DNS provider config (discriminated union).
+ */
+export const BuiltInDnsProviderSchema = z.discriminatedUnion('provider', [
+	HostingerDnsProviderSchema,
+	Route53DnsProviderSchema,
+	CloudflareDnsProviderSchema,
+	ManualDnsProviderSchema,
+]);
+/**
+ * Single DNS provider config (for one domain).
+ */
+export const DnsProviderSchema = z.union([
+	BuiltInDnsProviderSchema,
+	CustomDnsProviderSchema,
+]);
+/**
+ * DNS configuration schema.
+ *
+ * Maps root domains to their DNS provider configuration.
+ * Example:
+ * ```
+ * dns: {
+ *   'geekmidas.dev': { provider: 'hostinger' },
+ *   'geekmidas.com': { provider: 'route53' },
+ * }
+ * ```
+ *
+ * Supported providers:
+ * - 'hostinger': Use Hostinger DNS API
+ * - 'route53': Use AWS Route53
+ * - 'cloudflare': Use Cloudflare DNS API (future)
+ * - 'manual': Don't create records, just print required records
+ * - Custom: Provide a DnsProvider implementation
+ */
+export const DnsConfigSchema = z.record(z.string(), DnsProviderSchema);
+// Legacy single-domain config schemas (for backwards compatibility)
+export const HostingerDnsConfigSchema = HostingerDnsProviderSchema.extend({
+	domain: z.string().min(1, 'Domain is required'),
+});
+export const Route53DnsConfigSchema = Route53DnsProviderSchema.extend({
+	domain: z.string().min(1, 'Domain is required'),
+});
+export const CloudflareDnsConfigSchema = CloudflareDnsProviderSchema.extend({
+	domain: z.string().min(1, 'Domain is required'),
+});
+export const ManualDnsConfigSchema = ManualDnsProviderSchema.extend({
+	domain: z.string().min(1, 'Domain is required'),
+});
+export const CustomDnsConfigSchema = CustomDnsProviderSchema.extend({
+	domain: z.string().min(1, 'Domain is required'),
+});
+export const BuiltInDnsConfigSchema = z.discriminatedUnion('provider', [
+	HostingerDnsConfigSchema,
+	Route53DnsConfigSchema,
+	CloudflareDnsConfigSchema,
+	ManualDnsConfigSchema,
+]);
+export const LegacyDnsConfigSchema = z.union([
+	BuiltInDnsConfigSchema,
+	CustomDnsConfigSchema,
+]);
+/**
+ * Combined DNS config that supports both new multi-domain and legacy single-domain formats.
+ */
+export const DnsConfigWithLegacySchema = z.union([
+	DnsConfigSchema,
+	LegacyDnsConfigSchema,
+]);
 /**
  * Deploy configuration schema.
  */
 const DeployConfigSchema = z.object({
 	default: DeployTargetSchema.optional(),
 	dokploy: DokployWorkspaceConfigSchema.optional(),
+	dns: DnsConfigWithLegacySchema.optional(),
 });
 /**
@@ -197,6 +439,62 @@ const SecretsConfigSchema = z.object({
 	kdf: z.enum(['scrypt', 'pbkdf2']).optional(),
 });
+// =============================================================================
+// State Provider Configuration
+// =============================================================================
+/**
+ * Local state provider config.
+ */
+const LocalStateConfigSchema = z.object({
+	provider: z.literal('local'),
+});
+/**
+ * SSM state provider config (requires region).
+ */
+const SSMStateConfigSchema = z.object({
+	provider: z.literal('ssm'),
+	/** AWS region (required for SSM provider) */
+	region: AwsRegionSchema,
+});
+/**
+ * Custom state provider config (user-provided implementation).
+ */
+const CustomStateConfigSchema = z.object({
+	/** Custom StateProvider implementation */
+	provider: z.custom<{ read: Function; write: Function }>(
+		(val) =>
+			typeof val === 'object' &&
+			val !== null &&
+			typeof (val as any).read === 'function' &&
+			typeof (val as any).write === 'function',
+		{ message: 'Custom provider must implement read() and write() methods' },
+	),
+});
+/**
+ * Built-in state provider config (discriminated union).
+ */
+const BuiltInStateConfigSchema = z.discriminatedUnion('provider', [
+	LocalStateConfigSchema,
+	SSMStateConfigSchema,
+]);
+/**
+ * State configuration schema.
+ *
+ * Configures how deployment state is stored.
+ * - 'local': Store in .gkm/deploy-{stage}.json (default)
+ * - 'ssm': Store in AWS SSM Parameter Store (requires region)
+ * - Custom: Provide a StateProvider implementation with read/write methods
+ */
+const StateConfigSchema = z.union([
+	BuiltInStateConfigSchema,
+	CustomStateConfigSchema,
+]);
 /**
  * App configuration schema.
  */
@@ -248,7 +546,8 @@ const AppConfigSchema = z
 			return true;
 		},
 		{
-			message: 'Frontend apps must have a valid frontend framework (nextjs, remix, vite)',
+			message:
+				'Frontend apps must have a valid frontend framework (nextjs, remix, vite)',
 			path: ['framework'],
 		},
 	)
@@ -281,6 +580,7 @@ export const WorkspaceConfigSchema = z
 		deploy: DeployConfigSchema.optional(),
 		services: ServicesConfigSchema.optional(),
 		secrets: SecretsConfigSchema.optional(),
+		state: StateConfigSchema.optional(),
 	})
 	.refine(
 		(data) => {
@@ -343,7 +643,7 @@ export const WorkspaceConfigSchema = z
 		const defaultTarget = data.deploy?.default;
 		if (defaultTarget && !isDeployTargetSupported(defaultTarget)) {
 			ctx.addIssue({
-				code: z.ZodIssueCode.custom,
+				code: 'custom',
 				message: getDeployTargetError(defaultTarget),
 				path: ['deploy', 'default'],
 			});
@@ -353,13 +653,23 @@ export const WorkspaceConfigSchema = z
 		for (const [appName, app] of Object.entries(data.apps)) {
 			if (app.deploy && !isDeployTargetSupported(app.deploy)) {
 				ctx.addIssue({
-					code: z.ZodIssueCode.custom,
+					code: 'custom',
 					message: getDeployTargetError(app.deploy, appName),
 					path: ['apps', appName, 'deploy'],
 				});
 				return;
 			}
 		}
+		// Validate workspace name is required for SSM state provider
+		if (data.state?.provider === 'ssm' && !data.name) {
+			ctx.addIssue({
+				code: 'custom',
+				message:
+					'Workspace name is required when using SSM state provider. Add "name" to your gkm.config.ts.',
+				path: ['name'],
+			});
+		}
 	});
 /**