@matthesketh/fleet 1.2.0 → 1.7.0

package/dist/adapters/signals/ci-status.js

@@ -0,0 +1,79 @@
+import { execSafe } from '../../core/exec.js';
+function ghRunToState(run) {
+    if (run.status === 'in_progress' || run.status === 'queued' || run.status === 'waiting')
+        return 'warn';
+    switch (run.conclusion) {
+        case 'success': return 'ok';
+        case 'failure':
+        case 'timed_out':
+        case 'startup_failure':
+            return 'error';
+        case 'cancelled':
+        case 'skipped':
+        case 'stale':
+        case 'neutral':
+            return 'warn';
+        default: return 'unknown';
+    }
+}
+export const ciStatusProvider = {
+    kind: 'ci-status',
+    ttlMs: 60_000,
+    strategy: 'event',
+    async collect(repoPath, repoName) {
+        const collectedAt = new Date().toISOString();
+        const result = execSafe('gh', [
+            'run', 'list',
+            '--limit', '1',
+            '--json', 'status,conclusion,name,headBranch,event,createdAt,url',
+        ], { cwd: repoPath, timeout: 8_000 });
+        if (!result.ok) {
+            return {
+                repo: repoName,
+                kind: 'ci-status',
+                state: 'unknown',
+                value: null,
+                detail: result.stderr || 'gh run list failed',
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        }
+        let runs = [];
+        try {
+            runs = JSON.parse(result.stdout);
+        }
+        catch {
+            return {
+                repo: repoName,
+                kind: 'ci-status',
+                state: 'unknown',
+                value: null,
+                detail: 'gh output not JSON',
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        }
+        if (runs.length === 0) {
+            return {
+                repo: repoName,
+                kind: 'ci-status',
+                state: 'unknown',
+                value: null,
+                detail: 'no runs yet',
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        }
+        const latest = runs[0];
+        const state = ghRunToState(latest);
+        return {
+            repo: repoName,
+            kind: 'ci-status',
+            state,
+            value: latest.conclusion ?? latest.status,
+            detail: `${latest.name} · ${latest.headBranch} · ${latest.conclusion ?? latest.status}`,
+            collectedAt,
+            ttlMs: this.ttlMs,
+        };
+    },
+};

package/dist/adapters/signals/container-up.d.ts

@@ -0,0 +1,5 @@
+import type { SignalProvider } from '../types.js';
+export interface ContainerUpOptions {
+    projectForRepo?(repoName: string): string;
+}
+export declare function createContainerUpProvider(opts?: ContainerUpOptions): SignalProvider;

package/dist/adapters/signals/container-up.js

@@ -0,0 +1,54 @@
+import { execSafe } from '../../core/exec.js';
+const COMPOSE_LABEL = 'com.docker.compose.project';
+export function createContainerUpProvider(opts = {}) {
+    const projectForRepo = opts.projectForRepo ?? ((name) => name);
+    return {
+        kind: 'container-up',
+        ttlMs: 15_000,
+        strategy: 'pull',
+        async collect(_repoPath, repoName) {
+            const project = projectForRepo(repoName);
+            const collectedAt = new Date().toISOString();
+            const result = execSafe('docker', [
+                'ps', '--all',
+                '--filter', `label=${COMPOSE_LABEL}=${project}`,
+                '--format', '{{.State}}',
+            ], { timeout: 5_000 });
+            if (!result.ok) {
+                return {
+                    repo: repoName,
+                    kind: 'container-up',
+                    state: 'unknown',
+                    value: null,
+                    detail: result.stderr || 'docker ps failed',
+                    collectedAt,
+                    ttlMs: this.ttlMs,
+                };
+            }
+            const states = result.stdout.split('\n').map(s => s.trim()).filter(Boolean);
+            if (states.length === 0) {
+                return {
+                    repo: repoName,
+                    kind: 'container-up',
+                    state: 'warn',
+                    value: 0,
+                    detail: 'no containers for project',
+                    collectedAt,
+                    ttlMs: this.ttlMs,
+                };
+            }
+            const running = states.filter(s => s === 'running').length;
+            const total = states.length;
+            const allRunning = running === total;
+            return {
+                repo: repoName,
+                kind: 'container-up',
+                state: allRunning ? 'ok' : running > 0 ? 'warn' : 'error',
+                value: running,
+                detail: `${running}/${total} running`,
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        },
+    };
+}

package/dist/adapters/signals/git-clean.d.ts

@@ -0,0 +1,2 @@
+import type { SignalProvider } from '../types.js';
+export declare const gitCleanProvider: SignalProvider;

package/dist/adapters/signals/git-clean.js

@@ -0,0 +1,55 @@
+import { realpathSync } from 'node:fs';
+import { execSafe } from '../../core/exec.js';
+function resolveSafe(path) {
+    try {
+        return realpathSync(path);
+    }
+    catch {
+        return null;
+    }
+}
+export const gitCleanProvider = {
+    kind: 'git-clean',
+    ttlMs: 5_000,
+    strategy: 'pull',
+    async collect(repoPath, repoName) {
+        const collectedAt = new Date().toISOString();
+        const toplevel = execSafe('git', ['-C', repoPath, 'rev-parse', '--show-toplevel'], { timeout: 5_000 });
+        const expected = resolveSafe(repoPath);
+        const actual = toplevel.ok ? resolveSafe(toplevel.stdout.trim()) : null;
+        if (!toplevel.ok || !expected || !actual || expected !== actual) {
+            return {
+                repo: repoName,
+                kind: 'git-clean',
+                state: 'unknown',
+                value: null,
+                detail: !toplevel.ok ? (toplevel.stderr || 'not a git repo') : 'path is not a git repo root',
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        }
+        const status = execSafe('git', ['-C', repoPath, 'status', '--porcelain=1'], { timeout: 5_000 });
+        if (!status.ok) {
+            return {
+                repo: repoName,
+                kind: 'git-clean',
+                state: 'unknown',
+                value: null,
+                detail: status.stderr || 'git status failed',
+                collectedAt,
+                ttlMs: this.ttlMs,
+            };
+        }
+        const dirty = status.stdout.trim().length > 0;
+        const changeCount = dirty ? status.stdout.split('\n').filter(Boolean).length : 0;
+        return {
+            repo: repoName,
+            kind: 'git-clean',
+            state: dirty ? 'warn' : 'ok',
+            value: !dirty,
+            detail: dirty ? `${changeCount} uncommitted change${changeCount === 1 ? '' : 's'}` : '',
+            collectedAt,
+            ttlMs: this.ttlMs,
+        };
+    },
+};

package/dist/adapters/signals/index.d.ts

@@ -0,0 +1,6 @@
+import type { SignalProvider } from '../types.js';
+import { ciStatusProvider } from './ci-status.js';
+import { createContainerUpProvider } from './container-up.js';
+import { gitCleanProvider } from './git-clean.js';
+export { ciStatusProvider, createContainerUpProvider, gitCleanProvider };
+export declare function builtInSignalProviders(): SignalProvider[];

package/dist/adapters/signals/index.js

@@ -0,0 +1,7 @@
+import { ciStatusProvider } from './ci-status.js';
+import { createContainerUpProvider } from './container-up.js';
+import { gitCleanProvider } from './git-clean.js';
+export { ciStatusProvider, createContainerUpProvider, gitCleanProvider };
+export function builtInSignalProviders() {
+    return [gitCleanProvider, createContainerUpProvider(), ciStatusProvider];
+}

package/dist/adapters/types.d.ts

@@ -0,0 +1,52 @@
+import type { Routine, RoutineTask, RunEvent, Signal, SignalKind } from '../core/routines/schema.js';
+export interface ScheduledEntry {
+    routineId: string;
+    unitName: string;
+    nextRunAt: string | null;
+    lastRunAt: string | null;
+    lastStatus: 'ok' | 'failed' | 'unknown';
+    active: boolean;
+    persistent: boolean;
+}
+export interface SchedulerAdapter {
+    readonly id: 'systemd-timer';
+    readonly available: () => boolean;
+    upsert(routine: Routine): Promise<void>;
+    remove(routineId: string): Promise<void>;
+    list(): Promise<ScheduledEntry[]>;
+    get(routineId: string): Promise<ScheduledEntry | null>;
+}
+export interface RunContext {
+    repo: string | null;
+    repoPath: string | null;
+    runId: string;
+    routineId: string;
+    startedAt: string;
+    logsDir: string;
+    env: Record<string, string>;
+}
+export interface RunnerAdapter {
+    readonly id: RoutineTask['kind'];
+    supports(task: RoutineTask): boolean;
+    run(task: RoutineTask, ctx: RunContext, signal: AbortSignal): AsyncIterable<RunEvent>;
+}
+export interface SignalProvider {
+    readonly kind: SignalKind;
+    readonly ttlMs: number;
+    readonly strategy: 'push' | 'pull' | 'event';
+    collect(repoPath: string, repoName: string): Promise<Signal>;
+    watch?(repoPath: string, repoName: string, emit: (s: Signal) => void): () => void;
+}
+export interface NotifierAdapter {
+    readonly id: 'stdout' | 'webhook' | 'slack' | 'email';
+    notify(subject: string, body: string, meta: {
+        routineId: string;
+        runId: string;
+        status: string;
+    }): Promise<void>;
+}
+export interface StackDetector {
+    readonly id: 'node' | 'python' | 'rust' | 'docker' | 'generic';
+    detect(repoPath: string): boolean;
+    priority: number;
+}

package/dist/adapters/types.js

@@ -0,0 +1 @@
+export {};

package/dist/cli.js

@@ -1,9 +1,13 @@
+import { readFileSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+import { fileURLToPath } from 'node:url';
 import { statusCommand } from './commands/status.js';
 import { listCommand } from './commands/list.js';
 import { startCommand } from './commands/start.js';
 import { stopCommand } from './commands/stop.js';
 import { restartCommand } from './commands/restart.js';
 import { logsCommand } from './commands/logs.js';
+import { egressCommand } from './commands/egress.js';
 import { healthCommand } from './commands/health.js';
 import { addCommand } from './commands/add.js';
 import { removeCommand } from './commands/remove.js';
@@ -15,9 +19,18 @@ import { initCommand } from './commands/init.js';
 import { depsCommand } from './commands/deps.js';
 import { watchdogCommand } from './commands/watchdog.js';
 import { installMcpCommand } from './commands/install-mcp.js';
+import { patchSystemdCommand } from './commands/patch-systemd.js';
+import { freezeCommand, unfreezeCommand } from './commands/freeze.js';
+import { guardCommand } from './commands/guard.js';
+import { bootStartCommand } from './commands/boot-start.js';
+import { rollbackCommand } from './commands/rollback.js';
+import { routineRunCommand } from './commands/routine-run.js';
+import { routinesCommand } from './commands/routines.js';
 import { startMcpServer } from './mcp/server.js';
 import { error } from './ui/output.js';
-const VERSION = '1.0.0';
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const pkg = JSON.parse(readFileSync(join(__dirname, '..', 'package.json'), 'utf-8'));
+const VERSION = pkg.version;
 const HELP = `fleet v${VERSION} - Docker production management CLI
 
 Usage: fleet <command> [options]
@@ -65,10 +78,19 @@ Commands:
   git pr list <app>   List open PRs
   git release <app>   Create develop->main PR
   tui, dashboard      Interactive terminal dashboard
+  routines            Fleet-wide routines TUI (signals grid + routine history)
+  routine-run --id <id> [--target <repo>] [--trigger scheduled]
+                      Headless entrypoint for systemd-timer units. JSON mode: --json.
   init                Auto-discover all existing apps
   watchdog            Health check all services, alert on failure
   install-mcp         Install fleet as Claude Code MCP server
   mcp                 Start as MCP server
+  patch-systemd       Add StartLimitBurst/StartLimitIntervalSec to all service files
+  boot-start <app>    Start app respecting boot-order dependencies
+  freeze <app>        Freeze a crash-looping service (stop + disable)
+  rollback <app>      Roll back app to previous image
+  unfreeze <app>      Unfreeze and restart a frozen service
+  guard <subcommand>  Cloudflare protection layer (install/status/approve/reject/...)
 
 Global flags:
   --json              Output as JSON
@@ -85,10 +107,23 @@ export async function run(argv) {
         process.stdout.write(VERSION + '\n');
         return;
     }
-    if (!command || args.includes('-h') || args.includes('--help')) {
+    if (args.includes('-h') || args.includes('--help')) {
         process.stdout.write(HELP);
         return;
     }
+    if (!command) {
+        const { launchTui } = await import('./tui/app.js');
+        return launchTui();
+    }
+    // Commands that require root privileges
+    const ROOT_COMMANDS = new Set([
+        'start', 'stop', 'restart', 'deploy', 'freeze', 'unfreeze',
+        'nginx', 'secrets', 'patch-systemd', 'init', 'watchdog',
+    ]);
+    if (ROOT_COMMANDS.has(command) && process.getuid && process.getuid() !== 0) {
+        error(`'fleet ${command}' requires root privileges. Run with sudo.`);
+        process.exit(1);
+    }
     switch (command) {
         case 'status': return statusCommand(rest);
         case 'list': return listCommand(rest);
@@ -96,6 +131,7 @@ export async function run(argv) {
         case 'stop': return stopCommand(rest);
         case 'restart': return restartCommand(rest);
         case 'logs': return logsCommand(rest);
+        case 'egress': return egressCommand(rest);
         case 'health': return healthCommand(rest);
         case 'deps': return depsCommand(rest);
         case 'add': return addCommand(rest);
@@ -107,12 +143,20 @@ export async function run(argv) {
         case 'init': return initCommand(rest);
         case 'watchdog': return watchdogCommand(rest);
         case 'install-mcp': return installMcpCommand(rest);
+        case 'patch-systemd': return patchSystemdCommand(rest);
+        case 'boot-start': return bootStartCommand(rest);
+        case 'freeze': return freezeCommand(rest);
+        case 'rollback': return rollbackCommand(rest);
+        case 'unfreeze': return unfreezeCommand(rest);
+        case 'guard': return guardCommand(rest);
         case 'mcp': return startMcpServer();
         case 'tui':
         case 'dashboard': {
             const { launchTui } = await import('./tui/app.js');
             return launchTui();
         }
+        case 'routines': return routinesCommand(rest);
+        case 'routine-run': return routineRunCommand(rest);
         default:
             error(`Unknown command: ${command}`);
             process.stdout.write(HELP);

package/dist/commands/add.js

@@ -85,11 +85,5 @@ function findComposePath(dir) {
     if (existsSync(`${dir}/server/docker-compose.yaml`)) {
         return { path: `${dir}/server`, file: null };
     }
-    const customFiles = ['docker-compose.imagemerger.yml'];
-    for (const f of customFiles) {
-        if (existsSync(`${dir}/${f}`)) {
-            return { path: dir, file: f };
-        }
-    }
     return { path: '', file: null };
 }

package/dist/commands/boot-start.d.ts

@@ -0,0 +1 @@
+export declare function bootStartCommand(args: string[]): Promise<void>;

package/dist/commands/boot-start.js

@@ -0,0 +1,51 @@
+import { load, findApp } from '../core/registry.js';
+import { refresh } from '../core/boot-refresh.js';
+import { composeUp } from '../core/docker.js';
+function log(msg) {
+    process.stdout.write(`[boot-start] ${msg}\n`);
+}
+function logErr(msg) {
+    process.stderr.write(`[boot-start] ${msg}\n`);
+}
+export async function bootStartCommand(args) {
+    const appName = args[0];
+    if (!appName) {
+        logErr('Usage: fleet boot-start <app>');
+        process.exit(1);
+    }
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app) {
+        logErr(`app not found: ${appName}`);
+        process.exit(1);
+    }
+    // Refresh is best-effort. Any error — sync or async — is caught here and logged,
+    // then compose up ALWAYS runs. This is the fail-safe contract for boot.
+    try {
+        const result = await refresh(app);
+        switch (result.kind) {
+            case 'refreshed':
+                log(`refreshed ${app.name} head=${result.head} built=${result.built}`);
+                break;
+            case 'no-change':
+                log(`no-change ${app.name} head=${result.head}`);
+                break;
+            case 'skipped':
+                log(`skipped ${app.name} reason=${result.reason}`);
+                break;
+            case 'failed-safe':
+                log(`failed-safe ${app.name} step=${result.step} detail=${result.detail}`);
+                break;
+        }
+    }
+    catch (err) {
+        log(`failed-safe ${app.name} step=outer-catch detail=${err instanceof Error ? err.message : String(err)}`);
+    }
+    // compose up — the only step whose exit code matters
+    const ok = composeUp(app.composePath, app.composeFile);
+    if (!ok) {
+        logErr(`compose up failed for ${app.name}`);
+        process.exit(1);
+    }
+    log(`up ${app.name}`);
+}

package/dist/commands/deploy.js

@@ -6,6 +6,9 @@ import { startService, restartService, getServiceStatus } from '../core/systemd.
 import { FleetError } from '../core/errors.js';
 import { success, error, info, warn, heading } from '../ui/output.js';
 import { addCommand } from './add.js';
+import { execGit } from '../core/exec.js';
+import { getProjectRoot } from '../core/git.js';
+import { recordBuiltCommit } from '../core/boot-refresh.js';
 export async function deployCommand(args) {
     const dryRun = args.includes('--dry-run');
     const yes = args.includes('-y') || args.includes('--yes');
@@ -40,6 +43,16 @@ export async function deployCommand(args) {
         process.exit(1);
     }
     success('Build complete');
+    try {
+        const root = getProjectRoot(app.composePath);
+        const head = execGit(['rev-parse', 'HEAD'], { cwd: root, timeout: 10_000 });
+        if (head.ok && head.stdout.trim()) {
+            recordBuiltCommit(app.name, head.stdout.trim());
+        }
+    }
+    catch {
+        // Non-fatal: deploy already succeeded
+    }
     info(`Starting ${app.name}...`);
     const svc = getServiceStatus(app.serviceName);
     const started = svc.active

package/dist/commands/deps.js

@@ -151,9 +151,14 @@ async function depsConfig(args) {
         process.stdout.write(JSON.stringify(config, null, 2) + '\n');
         return;
     }
+    const ALLOWED_KEYS = new Set(['scanIntervalHours', 'concurrency']);
     if (args[0] === 'set' && args.length >= 3) {
         const key = args[1];
         const value = args[2];
+        if (!ALLOWED_KEYS.has(key)) {
+            error(`Cannot set key: ${key}. Allowed: ${[...ALLOWED_KEYS].join(', ')}`);
+            process.exit(1);
+        }
         const parsed = value === 'true' ? true : value === 'false' ? false : isNaN(Number(value)) ? value : Number(value);
         config[key] = parsed;
         saveConfig(config);

package/dist/commands/egress.d.ts

@@ -0,0 +1 @@
+export declare function egressCommand(args: string[]): void;

package/dist/commands/egress.js

@@ -0,0 +1,106 @@
+import { load, save, findApp } from '../core/registry.js';
+import { snapshotEgress, addEgressAllow } from '../core/egress.js';
+import { AppNotFoundError } from '../core/errors.js';
+import { c, error, heading, info, success, table, warn } from '../ui/output.js';
+export function egressCommand(args) {
+    const sub = args[0];
+    switch (sub) {
+        case 'observe': return egressObserve(args.slice(1));
+        case 'show': return egressShow(args.slice(1));
+        case 'allow': return egressAllow(args.slice(1));
+        default:
+            error('Usage: fleet egress <observe|show|allow> ...');
+            error('  observe <app>          take a snapshot of current outbound flows');
+            error('  show <app>             show configured allowlist + observed flows');
+            error('  allow <app> <host>     add a host to the allowlist');
+            error('Note: enforce mode (actual drop) is deferred to Phase E. v1 is observe-only.');
+            process.exit(1);
+    }
+}
+function egressObserve(args) {
+    const json = args.includes('--json');
+    const appName = args.find(a => !a.startsWith('-'));
+    if (!appName) {
+        error('Usage: fleet egress observe <app>');
+        process.exit(1);
+    }
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app)
+        throw new AppNotFoundError(appName);
+    const snap = snapshotEgress(app);
+    if (json) {
+        process.stdout.write(JSON.stringify(snap, null, 2) + '\n');
+        return;
+    }
+    heading(`Egress snapshot: ${app.name}`);
+    info(`Taken: ${snap.takenAt}`);
+    info(`Distinct remote endpoints: ${snap.uniqueRemotes.length}`);
+    if (snap.uniqueRemotes.length === 0) {
+        info('No outbound flows visible right now (containers may be idle).');
+        return;
+    }
+    // Dedupe per (container, remote)
+    const seen = new Set();
+    const rows = [];
+    for (const f of snap.flows) {
+        const key = `${f.container}|${f.remote}`;
+        if (seen.has(key))
+            continue;
+        seen.add(key);
+        const status = f.allowed
+            ? `${c.green}allowed${c.reset}`
+            : `${c.yellow}not in allowlist${c.reset}`;
+        rows.push([f.container, f.remote, status]);
+    }
+    table(['CONTAINER', 'REMOTE', 'STATUS'], rows);
+    process.stdout.write('\n');
+    if (snap.violations.length > 0) {
+        warn(`${snap.violations.length} non-private destination(s) NOT in allowlist:`);
+        for (const v of snap.violations)
+            process.stdout.write(`  - ${v}\n`);
+        info(`Add to allowlist: fleet egress allow ${app.name} <host>`);
+    }
+    else {
+        success('All non-private destinations are allowed (or allowlist not yet seeded).');
+    }
+}
+function egressShow(args) {
+    const appName = args.find(a => !a.startsWith('-'));
+    if (!appName) {
+        error('Usage: fleet egress show <app>');
+        process.exit(1);
+    }
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app)
+        throw new AppNotFoundError(appName);
+    heading(`Egress config: ${app.name}`);
+    info(`Mode: ${app.egress?.mode ?? 'observe (default)'}`);
+    const allow = app.egress?.allow ?? [];
+    if (allow.length === 0) {
+        info('Allowlist: (empty — every external destination would be flagged)');
+        info(`Seed it: fleet egress observe ${app.name}, then fleet egress allow ${app.name} <host>`);
+    }
+    else {
+        info(`Allowlist (${allow.length}):`);
+        for (const a of allow)
+            process.stdout.write(`  - ${a}\n`);
+    }
+    info('Note: v1 is observe/shadow only — no packets are actually dropped.');
+}
+function egressAllow(args) {
+    const positional = args.filter(a => !a.startsWith('-'));
+    const [appName, host] = positional;
+    if (!appName || !host) {
+        error('Usage: fleet egress allow <app> <host[:port] | *.host | cidr>');
+        process.exit(1);
+    }
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app)
+        throw new AppNotFoundError(appName);
+    const updated = addEgressAllow(app, host);
+    save(reg);
+    success(`${appName} allow → ${host}  (now ${updated.length} entries)`);
+}

package/dist/commands/freeze.d.ts

@@ -0,0 +1,4 @@
+export declare function freezeApp(appName: string, reason?: string): void;
+export declare function unfreezeApp(appName: string): void;
+export declare function freezeCommand(args: string[]): void;
+export declare function unfreezeCommand(args: string[]): void;

package/dist/commands/freeze.js

@@ -0,0 +1,64 @@
+import { load, save, findApp } from '../core/registry.js';
+import { stopService, disableService, enableService, startService } from '../core/systemd.js';
+import { AppNotFoundError } from '../core/errors.js';
+import { success, error } from '../ui/output.js';
+export function freezeApp(appName, reason) {
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app)
+        throw new AppNotFoundError(appName);
+    if (app.frozenAt) {
+        throw new Error(`App "${appName}" is already frozen (since ${app.frozenAt})`);
+    }
+    stopService(app.serviceName);
+    disableService(app.serviceName);
+    app.frozenAt = new Date().toISOString();
+    if (reason)
+        app.frozenReason = reason;
+    save(reg);
+}
+export function unfreezeApp(appName) {
+    const reg = load();
+    const app = findApp(reg, appName);
+    if (!app)
+        throw new AppNotFoundError(appName);
+    if (!app.frozenAt) {
+        throw new Error(`App "${appName}" is not frozen`);
+    }
+    delete app.frozenAt;
+    delete app.frozenReason;
+    save(reg);
+    enableService(app.serviceName);
+    startService(app.serviceName);
+}
+export function freezeCommand(args) {
+    const appName = args[0];
+    if (!appName) {
+        error('Usage: fleet freeze <app> [reason]');
+        process.exit(1);
+    }
+    const reason = args.slice(1).join(' ') || undefined;
+    try {
+        freezeApp(appName, reason);
+        success(`Frozen ${appName}${reason ? `: ${reason}` : ''}`);
+    }
+    catch (err) {
+        error(err.message);
+        process.exit(1);
+    }
+}
+export function unfreezeCommand(args) {
+    const appName = args[0];
+    if (!appName) {
+        error('Usage: fleet unfreeze <app>');
+        process.exit(1);
+    }
+    try {
+        unfreezeApp(appName);
+        success(`Unfrozen ${appName} — service enabled and started`);
+    }
+    catch (err) {
+        error(err.message);
+        process.exit(1);
+    }
+}

package/dist/commands/guard.d.ts

@@ -0,0 +1 @@
+export declare function guardCommand(args: string[]): void;