npm - @layr-labs/ecloud-cli - Versions diffs - 0.4.3-dev → 0.5.0-dev.2 - Mend

@layr-labs/ecloud-cli 0.4.3-dev → 0.5.0-dev.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (64) hide show

package/VERSION +2 -2
package/dist/commands/auth/login.js +84 -54
package/dist/commands/auth/login.js.map +1 -1
package/dist/commands/auth/migrate.js +66 -30
package/dist/commands/auth/migrate.js.map +1 -1
package/dist/commands/auth/whoami.js.map +1 -1
package/dist/commands/billing/__tests__/status.test.js +9 -0
package/dist/commands/billing/__tests__/status.test.js.map +1 -1
package/dist/commands/billing/__tests__/subscribe.test.js +9 -0
package/dist/commands/billing/__tests__/subscribe.test.js.map +1 -1
package/dist/commands/billing/__tests__/top-up.test.js +9 -0
package/dist/commands/billing/__tests__/top-up.test.js.map +1 -1
package/dist/commands/billing/cancel.js +9 -0
package/dist/commands/billing/cancel.js.map +1 -1
package/dist/commands/billing/status.js +9 -0
package/dist/commands/billing/status.js.map +1 -1
package/dist/commands/billing/subscribe.js +9 -0
package/dist/commands/billing/subscribe.js.map +1 -1
package/dist/commands/billing/top-up.js +9 -0
package/dist/commands/billing/top-up.js.map +1 -1
package/dist/commands/compute/app/configure/tls.js +138 -50
package/dist/commands/compute/app/configure/tls.js.map +1 -1
package/dist/commands/compute/app/create.js.map +1 -1
package/dist/commands/compute/app/deploy.js +71 -18
package/dist/commands/compute/app/deploy.js.map +1 -1
package/dist/commands/compute/app/info.js +15 -8
package/dist/commands/compute/app/info.js.map +1 -1
package/dist/commands/compute/app/list.js +10 -1
package/dist/commands/compute/app/list.js.map +1 -1
package/dist/commands/compute/app/logs.js +15 -8
package/dist/commands/compute/app/logs.js.map +1 -1
package/dist/commands/compute/app/profile/set.js +16 -8
package/dist/commands/compute/app/profile/set.js.map +1 -1
package/dist/commands/compute/app/releases.js +15 -8
package/dist/commands/compute/app/releases.js.map +1 -1
package/dist/commands/compute/app/start.js +27 -11
package/dist/commands/compute/app/start.js.map +1 -1
package/dist/commands/compute/app/stop.js +27 -11
package/dist/commands/compute/app/stop.js.map +1 -1
package/dist/commands/compute/app/terminate.js +20 -8
package/dist/commands/compute/app/terminate.js.map +1 -1
package/dist/commands/compute/app/upgrade.js +110 -21
package/dist/commands/compute/app/upgrade.js.map +1 -1
package/dist/commands/compute/build/info.js +10 -1
package/dist/commands/compute/build/info.js.map +1 -1
package/dist/commands/compute/build/list.js +10 -1
package/dist/commands/compute/build/list.js.map +1 -1
package/dist/commands/compute/build/logs.js +10 -1
package/dist/commands/compute/build/logs.js.map +1 -1
package/dist/commands/compute/build/status.js +10 -1
package/dist/commands/compute/build/status.js.map +1 -1
package/dist/commands/compute/build/submit.js +11 -1
package/dist/commands/compute/build/submit.js.map +1 -1
package/dist/commands/compute/build/verify.js +10 -1
package/dist/commands/compute/build/verify.js.map +1 -1
package/dist/commands/compute/environment/set.js +8 -0
package/dist/commands/compute/environment/set.js.map +1 -1
package/dist/commands/compute/undelegate.js +10 -1
package/dist/commands/compute/undelegate.js.map +1 -1
package/dist/hooks/init/__tests__/version-check.test.js +1 -1
package/dist/hooks/init/__tests__/version-check.test.js.map +1 -1
package/dist/hooks/init/version-check.js +1 -1
package/dist/hooks/init/version-check.js.map +1 -1
package/package.json +26 -21

package/dist/commands/compute/app/configure/tls.js CHANGED Viewed

@@ -1,10 +1,11 @@
 #!/usr/bin/env node
 // src/commands/compute/app/configure/tls.ts
-import { Command } from "@oclif/core";
+import { Command, Flags } from "@oclif/core";
 import * as fs from "fs";
 import * as path from "path";
 import chalk from "chalk";
+import { input, confirm } from "@inquirer/prompts";
 // src/templates/tls/Caddyfile.tmpl
 var Caddyfile_default = `# Caddy configuration for automatic HTTPS
@@ -66,82 +67,169 @@ var Caddyfile_default = `# Caddy configuration for automatic HTTPS
 function getCaddyfileTemplate() {
   return Caddyfile_default;
 }
-var ENV_EXAMPLE_TLS = `# TLS Configuration
-# Set these variables to enable TLS for your application
-# Your domain name (required for TLS)
-DOMAIN=yourdomain.com
-# Port your application listens on
-APP_PORT=3000
-# Enable Caddy debug logs
-ENABLE_CADDY_LOGS=false
-# Use Let's Encrypt staging environment (for testing)
-# Set to true to avoid rate limits during development
-ACME_STAGING=false
-# Force certificate reissue even if a valid one exists
-# Useful when you need to update SANs or force a renewal
+function getTlsEnvBlock(vars) {
+  return `
+# TLS Configuration
+DOMAIN=${vars.domain}
+APP_PORT=${vars.appPort}
+ENABLE_CADDY_LOGS=${vars.enableCaddyLogs}
+ACME_STAGING=${vars.acmeStaging}
 ACME_FORCE_ISSUE=false
 `;
+}
+var TLS_ENV_EXAMPLE_BLOCK = `
+# TLS Configuration
+# DOMAIN=yourdomain.com
+# APP_PORT=3000
+# ENABLE_CADDY_LOGS=false
+# ACME_STAGING=false
+# ACME_FORCE_ISSUE=false
+`;
 // src/commands/compute/app/configure/tls.ts
-var ConfigureTLS = class extends Command {
+function envFileHasTlsConfig(filePath) {
+  if (!fs.existsSync(filePath)) return false;
+  const content = fs.readFileSync(filePath, "utf-8");
+  return /^DOMAIN=/m.test(content);
+}
+function validateDomain(value) {
+  const trimmed = value.trim();
+  if (!trimmed) return "Domain is required";
+  if (trimmed.toLowerCase() === "localhost") return "Domain cannot be localhost";
+  if (!/^[a-zA-Z0-9]([a-zA-Z0-9-]*\.)+[a-zA-Z]{2,}$/.test(trimmed))
+    return "Enter a valid domain (e.g. myapp.example.com)";
+  return true;
+}
+function validatePort(value) {
+  const num = Number(value.trim());
+  if (!Number.isInteger(num) || num < 1 || num > 65535) return "Enter a valid port (1-65535)";
+  return true;
+}
+var ConfigureTLS = class _ConfigureTLS extends Command {
   static description = "Configure TLS for your application";
-  static summary = `Adds TLS configuration to your EigenCloud application.
+  static summary = `Configures TLS for your EigenCloud application.
-This command creates:
-- Caddyfile: Reverse proxy configuration for automatic HTTPS
-- .env.example.tls: Example environment variables for TLS
+Prompts for domain and TLS settings (or accepts them via flags), then:
+- Creates a Caddyfile for automatic HTTPS via Caddy reverse proxy
+- Appends TLS variables to .env with your values
+- Appends TLS placeholders to .env.example
 TLS certificates are automatically obtained via Let's Encrypt using the tls-keygen tool.`;
+  static examples = [
+    "<%= config.bin %> compute app configure tls",
+    "<%= config.bin %> compute app configure tls --domain myapp.example.com",
+    "<%= config.bin %> compute app configure tls --domain myapp.example.com --app-port 8080",
+    "<%= config.bin %> compute app configure tls --domain myapp.example.com --no-acme-staging"
+  ];
+  static flags = {
+    domain: Flags.string({
+      description: "Domain name for TLS certificate"
+    }),
+    "app-port": Flags.string({
+      description: "Port your application listens on",
+      default: "3000"
+    }),
+    "acme-staging": Flags.boolean({
+      description: "Use Let's Encrypt staging environment",
+      default: true,
+      allowNo: true
+    }),
+    "caddy-logs": Flags.boolean({
+      description: "Enable Caddy debug logs",
+      default: false,
+      allowNo: true
+    })
+  };
   async run() {
+    const { flags } = await this.parse(_ConfigureTLS);
     const cwd = process.cwd();
+    const envPath = path.join(cwd, ".env");
+    if (envFileHasTlsConfig(envPath)) {
+      this.warn("TLS is already configured in .env (DOMAIN is set). Skipping.");
+      return;
+    }
     const caddyfilePath = path.join(cwd, "Caddyfile");
     if (fs.existsSync(caddyfilePath)) {
-      this.warn("Caddyfile already exists. Skipping...");
+      this.log("Caddyfile already exists, keeping existing file.");
     } else {
       const caddyfileContent = getCaddyfileTemplate();
       fs.writeFileSync(caddyfilePath, caddyfileContent, { mode: 420 });
       this.log("Created Caddyfile");
     }
-    const envTLSPath = path.join(cwd, ".env.example.tls");
-    if (fs.existsSync(envTLSPath)) {
-      this.warn(".env.example.tls already exists. Skipping...");
+    this.log("");
+    let domain = flags.domain;
+    if (!domain) {
+      domain = await input({
+        message: "Domain name:",
+        validate: validateDomain
+      });
     } else {
-      fs.writeFileSync(envTLSPath, ENV_EXAMPLE_TLS, { mode: 420 });
-      this.log("Created .env.example.tls");
+      const result = validateDomain(domain);
+      if (result !== true) this.error(result);
     }
+    let appPort = flags["app-port"];
+    const portResult = validatePort(appPort);
+    if (portResult !== true) this.error(portResult);
+    const acmeStaging = flags["acme-staging"] !== void 0 ? flags["acme-staging"] : await confirm({
+      message: "Use Let's Encrypt staging? (recommended for first deploy to avoid rate limits)",
+      default: true
+    });
+    const enableCaddyLogs = flags["caddy-logs"] !== void 0 ? flags["caddy-logs"] : await confirm({
+      message: "Enable Caddy debug logs?",
+      default: false
+    });
     this.log("");
-    this.log(chalk.green("TLS configuration added successfully"));
-    this.log("");
-    this.log("Created:");
-    this.log("  - Caddyfile");
-    this.log("  - .env.example.tls");
+    this.log(chalk.bold("TLS Configuration:"));
+    this.log(`  Domain:          ${domain.trim()}`);
+    this.log(`  App port:        ${appPort.trim()}`);
+    this.log(`  ACME staging:    ${acmeStaging}`);
+    this.log(`  Caddy logs:      ${enableCaddyLogs}`);
     this.log("");
-    this.log("To enable TLS:");
-    this.log("");
-    this.log("1. Add TLS variables to .env:");
-    this.log("   cat .env.example.tls >> .env");
+    if (!flags.domain) {
+      const confirmed = await confirm({
+        message: "Write these settings to .env?",
+        default: true
+      });
+      if (!confirmed) {
+        this.log("Cancelled.");
+        return;
+      }
+    }
+    const vars = {
+      domain: domain.trim(),
+      appPort: appPort.trim(),
+      acmeStaging,
+      enableCaddyLogs
+    };
+    const envBlock = getTlsEnvBlock(vars);
+    fs.appendFileSync(envPath, envBlock, { mode: 420 });
+    this.log(`Updated .env`);
+    const envExamplePath = path.join(cwd, ".env.example");
+    if (!envFileHasTlsConfig(envExamplePath)) {
+      fs.appendFileSync(envExamplePath, TLS_ENV_EXAMPLE_BLOCK, { mode: 420 });
+      this.log(`Updated .env.example`);
+    }
     this.log("");
-    this.log("2. Configure required variables:");
-    this.log("   DOMAIN=yourdomain.com");
+    this.log(chalk.green("TLS configured successfully"));
     this.log("");
-    this.log("   For first deployment (recommended):");
-    this.log("   ENABLE_CADDY_LOGS=true");
-    this.log("   ACME_STAGING=true");
+    this.log("Next steps:");
     this.log("");
-    this.log("3. Set up DNS A record pointing to instance IP");
+    this.log("1. Set up DNS A record pointing to your instance IP");
     this.log("   Run 'ecloud compute app list' to get IP address");
     this.log("");
-    this.log("4. Upgrade:");
-    this.log("   ecloud compute app upgrade");
+    this.log("2. Deploy or upgrade:");
+    this.log("   ecloud compute app deploy    # new app");
+    this.log("   ecloud compute app upgrade   # existing app");
     this.log("");
-    this.log("Note: Let's Encrypt rate limit is 5 certificates/week per domain");
-    this.log("      To switch staging -> production: set ACME_STAGING=false");
-    this.log("      If cert exists, use ACME_FORCE_ISSUE=true once to replace");
+    if (acmeStaging) {
+      this.log(chalk.yellow("Note: ACME_STAGING is enabled (recommended for first deploy)"));
+      this.log("Once verified, switch to production certs:");
+      this.log("  1. Set ACME_STAGING=false in .env");
+      this.log("  2. Set ACME_FORCE_ISSUE=true in .env (one-time)");
+      this.log("  3. Run: ecloud compute app upgrade");
+      this.log("");
+    }
+    this.log("Let's Encrypt rate limit: 5 certificates/week per domain");
   }
 };
 export {

package/dist/commands/compute/app/configure/tls.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../../src/commands/compute/app/configure/tls.ts","../../../../../src/templates/tls/Caddyfile.tmpl","../../../../../src/templates/tls/templates.ts"],"sourcesContent":["import { Command } from \"@oclif/core\";\nimport * as fs from \"fs\";\nimport * as path from \"path\";\nimport chalk from \"chalk\";\nimport { getCaddyfileTemplate, ENV_EXAMPLE_TLS } from \"../../../../templates/tls/templates.js\";\n\nexport default class ConfigureTLS extends Command {\n static description = \"Configure TLS for your application\";\n\n static summary = `Adds TLS configuration to your EigenCloud application.\n\nThis command creates:\n- Caddyfile: Reverse proxy configuration for automatic HTTPS\n- .env.example.tls: Example environment variables for TLS\n\nTLS certificates are automatically obtained via Let's Encrypt using the tls-keygen tool.`;\n\n async run() {\n const cwd = process.cwd();\n\n // Write Caddyfile\n const caddyfilePath = path.join(cwd, \"Caddyfile\");\n if (fs.existsSync(caddyfilePath)) {\n this.warn(\"Caddyfile already exists. Skipping...\");\n } else {\n const caddyfileContent = getCaddyfileTemplate();\n fs.writeFileSync(caddyfilePath, caddyfileContent, { mode: 0o644 });\n this.log(\"Created Caddyfile\");\n }\n\n // Write .env.example.tls\n const envTLSPath = path.join(cwd, \".env.example.tls\");\n if (fs.existsSync(envTLSPath)) {\n this.warn(\".env.example.tls already exists. Skipping...\");\n } else {\n fs.writeFileSync(envTLSPath, ENV_EXAMPLE_TLS, { mode: 0o644 });\n this.log(\"Created .env.example.tls\");\n }\n\n // Print success message and instructions\n this.log(\"\");\n this.log(chalk.green(\"TLS configuration added successfully\"));\n this.log(\"\");\n this.log(\"Created:\");\n this.log(\" - Caddyfile\");\n this.log(\" - .env.example.tls\");\n this.log(\"\");\n\n this.log(\"To enable TLS:\");\n this.log(\"\");\n this.log(\"1. Add TLS variables to .env:\");\n this.log(\" cat .env.example.tls >> .env\");\n this.log(\"\");\n\n this.log(\"2. Configure required variables:\");\n this.log(\" DOMAIN=yourdomain.com\");\n this.log(\"\");\n this.log(\" For first deployment (recommended):\");\n this.log(\" ENABLE_CADDY_LOGS=true\");\n this.log(\" ACME_STAGING=true\");\n this.log(\"\");\n\n this.log(\"3. Set up DNS A record pointing to instance IP\");\n this.log(\" Run 'ecloud compute app list' to get IP address\");\n this.log(\"\");\n\n this.log(\"4. Upgrade:\");\n this.log(\" ecloud compute app upgrade\");\n this.log(\"\");\n\n this.log(\"Note: Let's Encrypt rate limit is 5 certificates/week per domain\");\n this.log(\" To switch staging -> production: set ACME_STAGING=false\");\n this.log(\" If cert exists, use ACME_FORCE_ISSUE=true once to replace\");\n }\n}\n","# Caddy configuration for automatic HTTPS\n# The DOMAIN environment variable will be injected at runtime\n\n{$DOMAIN:localhost} {\n # TLS configuration - always use provided certificates generated by tls-keygen\n tls /run/tls/fullchain.pem /run/tls/privkey.pem\n\n # Reverse proxy to your Node.js application\n # Modify the port to match your application (default: 3000)\n reverse_proxy localhost:{$APP_PORT:3000} {\n # Health check configuration\n health_uri /health\n health_interval 30s\n health_timeout 5s\n health_status 200\n }\n\n # Custom headers\n header {\n # Security headers\n X-Content-Type-Options \"nosniff\"\n X-Frame-Options \"DENY\"\n X-XSS-Protection \"1; mode=block\"\n Referrer-Policy \"strict-origin-when-cross-origin\"\n\n # Remove server header\n -Server\n }\n\n # Logging\n log {\n output stdout\n format console\n level INFO\n }\n\n # Request size limits\n request_body {\n max_size 10MB\n }\n}\n\n# HTTP endpoint (optional, for health checks or redirects)\n:80 {\n # Redirect to HTTPS only when host isn't localhost\n @for_domain expression {host} != \"localhost\"\n redir @for_domain https://{host}{uri} permanent\n\n # Health check endpoint (always available via HTTP)\n handle /health {\n respond \"OK\" 200\n }\n}\n","/*\n TLS configuration templates\n /\n\nimport caddyfileTemplate from \"./Caddyfile.tmpl\";\n\n/\n Get the Caddyfile template\n /\nexport function getCaddyfileTemplate(): string {\n return caddyfileTemplate;\n}\n\n/\n Embedded .env.example.tls content\n * (embedded directly since .env files are gitignored)\n */\nexport const ENV_EXAMPLE_TLS = `# TLS Configuration\n# Set these variables to enable TLS for your application\n\n# Your domain name (required for TLS)\nDOMAIN=yourdomain.com\n\n# Port your application listens on\nAPP_PORT=3000\n\n# Enable Caddy debug logs\nENABLE_CADDY_LOGS=false\n\n# Use Let's Encrypt staging environment (for testing)\n# Set to true to avoid rate limits during development\nACME_STAGING=false\n\n# Force certificate reissue even if a valid one exists\n# Useful when you need to update SANs or force a renewal\nACME_FORCE_ISSUE=false\n`;\n"],"mappings":";;;AAAA,SAAS,eAAe;AACxB,YAAY,QAAQ;AACpB,YAAY,UAAU;AACtB,OAAO,WAAW;;;ACHlB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACSO,SAAS,uBAA+B;AAC7C,SAAO;AACT;AAMO,IAAM,kBAAkB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;AFX/B,IAAqB,eAArB,cAA0C,QAAQ;AAAA,EAChD,OAAO,cAAc;AAAA,EAErB,OAAO,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjB,MAAM,MAAM;AACV,UAAM,MAAM,QAAQ,IAAI;AAGxB,UAAM,gBAAqB,UAAK,KAAK,WAAW;AAChD,QAAO,cAAW,aAAa,GAAG;AAChC,WAAK,KAAK,uCAAuC;AAAA,IACnD,OAAO;AACL,YAAM,mBAAmB,qBAAqB;AAC9C,MAAG,iBAAc,eAAe,kBAAkB,EAAE,MAAM,IAAM,CAAC;AACjE,WAAK,IAAI,mBAAmB;AAAA,IAC9B;AAGA,UAAM,aAAkB,UAAK,KAAK,kBAAkB;AACpD,QAAO,cAAW,UAAU,GAAG;AAC7B,WAAK,KAAK,8CAA8C;AAAA,IAC1D,OAAO;AACL,MAAG,iBAAc,YAAY,iBAAiB,EAAE,MAAM,IAAM,CAAC;AAC7D,WAAK,IAAI,0BAA0B;AAAA,IACrC;AAGA,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,MAAM,MAAM,sCAAsC,CAAC;AAC5D,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,UAAU;AACnB,SAAK,IAAI,eAAe;AACxB,SAAK,IAAI,sBAAsB;AAC/B,SAAK,IAAI,EAAE;AAEX,SAAK,IAAI,gBAAgB;AACzB,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,+BAA+B;AACxC,SAAK,IAAI,iCAAiC;AAC1C,SAAK,IAAI,EAAE;AAEX,SAAK,IAAI,kCAAkC;AAC3C,SAAK,IAAI,0BAA0B;AACnC,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,wCAAwC;AACjD,SAAK,IAAI,2BAA2B;AACpC,SAAK,IAAI,sBAAsB;AAC/B,SAAK,IAAI,EAAE;AAEX,SAAK,IAAI,gDAAgD;AACzD,SAAK,IAAI,oDAAoD;AAC7D,SAAK,IAAI,EAAE;AAEX,SAAK,IAAI,aAAa;AACtB,SAAK,IAAI,+BAA+B;AACxC,SAAK,IAAI,EAAE;AAEX,SAAK,IAAI,kEAAkE;AAC3E,SAAK,IAAI,+DAA+D;AACxE,SAAK,IAAI,iEAAiE;AAAA,EAC5E;AACF;","names":[]}
1	+ {"version":3,"sources":["../../../../../src/commands/compute/app/configure/tls.ts","../../../../../src/templates/tls/Caddyfile.tmpl","../../../../../src/templates/tls/templates.ts"],"sourcesContent":["import { Command, Flags } from \"@oclif/core\";\nimport * as fs from \"fs\";\nimport * as path from \"path\";\nimport chalk from \"chalk\";\nimport { input, confirm } from \"@inquirer/prompts\";\nimport {\n getCaddyfileTemplate,\n getTlsEnvBlock,\n TLS_ENV_EXAMPLE_BLOCK,\n} from \"../../../../templates/tls/templates.js\";\n\nfunction envFileHasTlsConfig(filePath: string): boolean {\n if (!fs.existsSync(filePath)) return false;\n const content = fs.readFileSync(filePath, \"utf-8\");\n return /^DOMAIN=/m.test(content);\n}\n\nfunction validateDomain(value: string): true \| string {\n const trimmed = value.trim();\n if (!trimmed) return \"Domain is required\";\n if (trimmed.toLowerCase() === \"localhost\") return \"Domain cannot be localhost\";\n if (!/^[a-zA-Z0-9]([a-zA-Z0-9-]\\.)+[a-zA-Z]{2,}$/.test(trimmed))\n return \"Enter a valid domain (e.g. myapp.example.com)\";\n return true;\n}\n\nfunction validatePort(value: string): true \| string {\n const num = Number(value.trim());\n if (!Number.isInteger(num) \|\| num < 1 \|\| num > 65535) return \"Enter a valid port (1-65535)\";\n return true;\n}\n\nexport default class ConfigureTLS extends Command {\n static description = \"Configure TLS for your application\";\n\n static summary = `Configures TLS for your EigenCloud application.\n\nPrompts for domain and TLS settings (or accepts them via flags), then:\n- Creates a Caddyfile for automatic HTTPS via Caddy reverse proxy\n- Appends TLS variables to .env with your values\n- Appends TLS placeholders to .env.example\n\nTLS certificates are automatically obtained via Let's Encrypt using the tls-keygen tool.`;\n\n static examples = [\n \"<%= config.bin %> compute app configure tls\",\n \"<%= config.bin %> compute app configure tls --domain myapp.example.com\",\n \"<%= config.bin %> compute app configure tls --domain myapp.example.com --app-port 8080\",\n \"<%= config.bin %> compute app configure tls --domain myapp.example.com --no-acme-staging\",\n ];\n\n static flags = {\n domain: Flags.string({\n description: \"Domain name for TLS certificate\",\n }),\n \"app-port\": Flags.string({\n description: \"Port your application listens on\",\n default: \"3000\",\n }),\n \"acme-staging\": Flags.boolean({\n description: \"Use Let's Encrypt staging environment\",\n default: true,\n allowNo: true,\n }),\n \"caddy-logs\": Flags.boolean({\n description: \"Enable Caddy debug logs\",\n default: false,\n allowNo: true,\n }),\n };\n\n async run() {\n const { flags } = await this.parse(ConfigureTLS);\n const cwd = process.cwd();\n\n // Check if TLS is already configured in .env\n const envPath = path.join(cwd, \".env\");\n if (envFileHasTlsConfig(envPath)) {\n this.warn(\"TLS is already configured in .env (DOMAIN is set). Skipping.\");\n return;\n }\n\n // Write Caddyfile\n const caddyfilePath = path.join(cwd, \"Caddyfile\");\n if (fs.existsSync(caddyfilePath)) {\n this.log(\"Caddyfile already exists, keeping existing file.\");\n } else {\n const caddyfileContent = getCaddyfileTemplate();\n fs.writeFileSync(caddyfilePath, caddyfileContent, { mode: 0o644 });\n this.log(\"Created Caddyfile\");\n }\n\n this.log(\"\");\n\n // Resolve values: use flags if provided, otherwise prompt\n let domain = flags.domain;\n if (!domain) {\n domain = await input({\n message: \"Domain name:\",\n validate: validateDomain,\n });\n } else {\n const result = validateDomain(domain);\n if (result !== true) this.error(result);\n }\n\n let appPort = flags[\"app-port\"];\n // Only prompt if the user didn't pass --app-port at all (default is \"3000\")\n // Since oclif always provides the default, we use the default directly\n const portResult = validatePort(appPort);\n if (portResult !== true) this.error(portResult);\n\n const acmeStaging =\n flags[\"acme-staging\"] !== undefined\n ? flags[\"acme-staging\"]\n : await confirm({\n message:\n \"Use Let's Encrypt staging? (recommended for first deploy to avoid rate limits)\",\n default: true,\n });\n\n const enableCaddyLogs =\n flags[\"caddy-logs\"] !== undefined\n ? flags[\"caddy-logs\"]\n : await confirm({\n message: \"Enable Caddy debug logs?\",\n default: false,\n });\n\n // Show summary\n this.log(\"\");\n this.log(chalk.bold(\"TLS Configuration:\"));\n this.log(` Domain: ${domain.trim()}`);\n this.log(` App port: ${appPort.trim()}`);\n this.log(` ACME staging: ${acmeStaging}`);\n this.log(` Caddy logs: ${enableCaddyLogs}`);\n this.log(\"\");\n\n // Only ask for confirmation in interactive mode (no --domain flag)\n if (!flags.domain) {\n const confirmed = await confirm({\n message: \"Write these settings to .env?\",\n default: true,\n });\n\n if (!confirmed) {\n this.log(\"Cancelled.\");\n return;\n }\n }\n\n const vars = {\n domain: domain.trim(),\n appPort: appPort.trim(),\n acmeStaging,\n enableCaddyLogs,\n };\n\n // Append to .env\n const envBlock = getTlsEnvBlock(vars);\n fs.appendFileSync(envPath, envBlock, { mode: 0o644 });\n this.log(`Updated .env`);\n\n // Append to .env.example (with placeholders, skip if already has DOMAIN)\n const envExamplePath = path.join(cwd, \".env.example\");\n if (!envFileHasTlsConfig(envExamplePath)) {\n fs.appendFileSync(envExamplePath, TLS_ENV_EXAMPLE_BLOCK, { mode: 0o644 });\n this.log(`Updated .env.example`);\n }\n\n // Print next steps\n this.log(\"\");\n this.log(chalk.green(\"TLS configured successfully\"));\n this.log(\"\");\n this.log(\"Next steps:\");\n this.log(\"\");\n this.log(\"1. Set up DNS A record pointing to your instance IP\");\n this.log(\" Run 'ecloud compute app list' to get IP address\");\n this.log(\"\");\n this.log(\"2. Deploy or upgrade:\");\n this.log(\" ecloud compute app deploy # new app\");\n this.log(\" ecloud compute app upgrade # existing app\");\n this.log(\"\");\n\n if (acmeStaging) {\n this.log(chalk.yellow(\"Note: ACME_STAGING is enabled (recommended for first deploy)\"));\n this.log(\"Once verified, switch to production certs:\");\n this.log(\" 1. Set ACME_STAGING=false in .env\");\n this.log(\" 2. Set ACME_FORCE_ISSUE=true in .env (one-time)\");\n this.log(\" 3. Run: ecloud compute app upgrade\");\n this.log(\"\");\n }\n\n this.log(\"Let's Encrypt rate limit: 5 certificates/week per domain\");\n }\n}\n","# Caddy configuration for automatic HTTPS\n# The DOMAIN environment variable will be injected at runtime\n\n{$DOMAIN:localhost} {\n # TLS configuration - always use provided certificates generated by tls-keygen\n tls /run/tls/fullchain.pem /run/tls/privkey.pem\n\n # Reverse proxy to your Node.js application\n # Modify the port to match your application (default: 3000)\n reverse_proxy localhost:{$APP_PORT:3000} {\n # Health check configuration\n health_uri /health\n health_interval 30s\n health_timeout 5s\n health_status 200\n }\n\n # Custom headers\n header {\n # Security headers\n X-Content-Type-Options \"nosniff\"\n X-Frame-Options \"DENY\"\n X-XSS-Protection \"1; mode=block\"\n Referrer-Policy \"strict-origin-when-cross-origin\"\n\n # Remove server header\n -Server\n }\n\n # Logging\n log {\n output stdout\n format console\n level INFO\n }\n\n # Request size limits\n request_body {\n max_size 10MB\n }\n}\n\n# HTTP endpoint (optional, for health checks or redirects)\n:80 {\n # Redirect to HTTPS only when host isn't localhost\n @for_domain expression {host} != \"localhost\"\n redir @for_domain https://{host}{uri} permanent\n\n # Health check endpoint (always available via HTTP)\n handle /health {\n respond \"OK\" 200\n }\n}\n","/\n TLS configuration templates\n /\n\nimport caddyfileTemplate from \"./Caddyfile.tmpl\";\n\n/\n Get the Caddyfile template\n /\nexport function getCaddyfileTemplate(): string {\n return caddyfileTemplate;\n}\n\nexport interface TlsEnvVars {\n domain: string;\n appPort: string;\n acmeStaging: boolean;\n enableCaddyLogs: boolean;\n}\n\n/\n Generate the TLS env block with user-provided values for .env\n /\nexport function getTlsEnvBlock(vars: TlsEnvVars): string {\n return `\n# TLS Configuration\nDOMAIN=${vars.domain}\nAPP_PORT=${vars.appPort}\nENABLE_CADDY_LOGS=${vars.enableCaddyLogs}\nACME_STAGING=${vars.acmeStaging}\nACME_FORCE_ISSUE=false\n`;\n}\n\n/\n Placeholder TLS block for .env.example\n */\nexport const TLS_ENV_EXAMPLE_BLOCK = `\n# TLS Configuration\n# DOMAIN=yourdomain.com\n# APP_PORT=3000\n# ENABLE_CADDY_LOGS=false\n# ACME_STAGING=false\n# ACME_FORCE_ISSUE=false\n`;\n"],"mappings":";;;AAAA,SAAS,SAAS,aAAa;AAC/B,YAAY,QAAQ;AACpB,YAAY,UAAU;AACtB,OAAO,WAAW;AAClB,SAAS,OAAO,eAAe;;;ACJ/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACSO,SAAS,uBAA+B;AAC7C,SAAO;AACT;AAYO,SAAS,eAAe,MAA0B;AACvD,SAAO;AAAA;AAAA,SAEA,KAAK,MAAM;AAAA,WACT,KAAK,OAAO;AAAA,oBACH,KAAK,eAAe;AAAA,eACzB,KAAK,WAAW;AAAA;AAAA;AAG/B;AAKO,IAAM,wBAAwB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;AF1BrC,SAAS,oBAAoB,UAA2B;AACtD,MAAI,CAAI,cAAW,QAAQ,EAAG,QAAO;AACrC,QAAM,UAAa,gBAAa,UAAU,OAAO;AACjD,SAAO,YAAY,KAAK,OAAO;AACjC;AAEA,SAAS,eAAe,OAA8B;AACpD,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI,QAAQ,YAAY,MAAM,YAAa,QAAO;AAClD,MAAI,CAAC,8CAA8C,KAAK,OAAO;AAC7D,WAAO;AACT,SAAO;AACT;AAEA,SAAS,aAAa,OAA8B;AAClD,QAAM,MAAM,OAAO,MAAM,KAAK,CAAC;AAC/B,MAAI,CAAC,OAAO,UAAU,GAAG,KAAK,MAAM,KAAK,MAAM,MAAO,QAAO;AAC7D,SAAO;AACT;AAEA,IAAqB,eAArB,MAAqB,sBAAqB,QAAQ;AAAA,EAChD,OAAO,cAAc;AAAA,EAErB,OAAO,UAAU;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASjB,OAAO,WAAW;AAAA,IAChB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAAA,EAEA,OAAO,QAAQ;AAAA,IACb,QAAQ,MAAM,OAAO;AAAA,MACnB,aAAa;AAAA,IACf,CAAC;AAAA,IACD,YAAY,MAAM,OAAO;AAAA,MACvB,aAAa;AAAA,MACb,SAAS;AAAA,IACX,CAAC;AAAA,IACD,gBAAgB,MAAM,QAAQ;AAAA,MAC5B,aAAa;AAAA,MACb,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,IACD,cAAc,MAAM,QAAQ;AAAA,MAC1B,aAAa;AAAA,MACb,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,MAAM;AACV,UAAM,EAAE,MAAM,IAAI,MAAM,KAAK,MAAM,aAAY;AAC/C,UAAM,MAAM,QAAQ,IAAI;AAGxB,UAAM,UAAe,UAAK,KAAK,MAAM;AACrC,QAAI,oBAAoB,OAAO,GAAG;AAChC,WAAK,KAAK,8DAA8D;AACxE;AAAA,IACF;AAGA,UAAM,gBAAqB,UAAK,KAAK,WAAW;AAChD,QAAO,cAAW,aAAa,GAAG;AAChC,WAAK,IAAI,kDAAkD;AAAA,IAC7D,OAAO;AACL,YAAM,mBAAmB,qBAAqB;AAC9C,MAAG,iBAAc,eAAe,kBAAkB,EAAE,MAAM,IAAM,CAAC;AACjE,WAAK,IAAI,mBAAmB;AAAA,IAC9B;AAEA,SAAK,IAAI,EAAE;AAGX,QAAI,SAAS,MAAM;AACnB,QAAI,CAAC,QAAQ;AACX,eAAS,MAAM,MAAM;AAAA,QACnB,SAAS;AAAA,QACT,UAAU;AAAA,MACZ,CAAC;AAAA,IACH,OAAO;AACL,YAAM,SAAS,eAAe,MAAM;AACpC,UAAI,WAAW,KAAM,MAAK,MAAM,MAAM;AAAA,IACxC;AAEA,QAAI,UAAU,MAAM,UAAU;AAG9B,UAAM,aAAa,aAAa,OAAO;AACvC,QAAI,eAAe,KAAM,MAAK,MAAM,UAAU;AAE9C,UAAM,cACJ,MAAM,cAAc,MAAM,SACtB,MAAM,cAAc,IACpB,MAAM,QAAQ;AAAA,MACZ,SACE;AAAA,MACF,SAAS;AAAA,IACX,CAAC;AAEP,UAAM,kBACJ,MAAM,YAAY,MAAM,SACpB,MAAM,YAAY,IAClB,MAAM,QAAQ;AAAA,MACZ,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAGP,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,MAAM,KAAK,oBAAoB,CAAC;AACzC,SAAK,IAAI,sBAAsB,OAAO,KAAK,CAAC,EAAE;AAC9C,SAAK,IAAI,sBAAsB,QAAQ,KAAK,CAAC,EAAE;AAC/C,SAAK,IAAI,sBAAsB,WAAW,EAAE;AAC5C,SAAK,IAAI,sBAAsB,eAAe,EAAE;AAChD,SAAK,IAAI,EAAE;AAGX,QAAI,CAAC,MAAM,QAAQ;AACjB,YAAM,YAAY,MAAM,QAAQ;AAAA,QAC9B,SAAS;AAAA,QACT,SAAS;AAAA,MACX,CAAC;AAED,UAAI,CAAC,WAAW;AACd,aAAK,IAAI,YAAY;AACrB;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAO;AAAA,MACX,QAAQ,OAAO,KAAK;AAAA,MACpB,SAAS,QAAQ,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,IACF;AAGA,UAAM,WAAW,eAAe,IAAI;AACpC,IAAG,kBAAe,SAAS,UAAU,EAAE,MAAM,IAAM,CAAC;AACpD,SAAK,IAAI,cAAc;AAGvB,UAAM,iBAAsB,UAAK,KAAK,cAAc;AACpD,QAAI,CAAC,oBAAoB,cAAc,GAAG;AACxC,MAAG,kBAAe,gBAAgB,uBAAuB,EAAE,MAAM,IAAM,CAAC;AACxE,WAAK,IAAI,sBAAsB;AAAA,IACjC;AAGA,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,MAAM,MAAM,6BAA6B,CAAC;AACnD,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,aAAa;AACtB,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,qDAAqD;AAC9D,SAAK,IAAI,oDAAoD;AAC7D,SAAK,IAAI,EAAE;AACX,SAAK,IAAI,uBAAuB;AAChC,SAAK,IAAI,2CAA2C;AACpD,SAAK,IAAI,gDAAgD;AACzD,SAAK,IAAI,EAAE;AAEX,QAAI,aAAa;AACf,WAAK,IAAI,MAAM,OAAO,8DAA8D,CAAC;AACrF,WAAK,IAAI,4CAA4C;AACrD,WAAK,IAAI,qCAAqC;AAC9C,WAAK,IAAI,mDAAmD;AAC5D,WAAK,IAAI,sCAAsC;AAC/C,WAAK,IAAI,EAAE;AAAA,IACb;AAEA,SAAK,IAAI,0DAA0D;AAAA,EACrE;AACF;","names":[]}