npm - @reyemtech/nimbus - Versions diffs - 1.3.0 → 2.0.1 - Mend

@reyemtech/nimbus 1.3.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (702) hide show

package/README.md +32 -28
package/dist/cjs/access/dns.d.ts +26 -0
package/dist/cjs/access/dns.d.ts.map +1 -0
package/dist/cjs/access/dns.js +136 -0
package/dist/cjs/access/dns.js.map +1 -0
package/dist/cjs/access/index.d.ts +30 -0
package/dist/cjs/access/index.d.ts.map +1 -0
package/dist/cjs/access/index.js +45 -0
package/dist/cjs/access/index.js.map +1 -0
package/dist/cjs/access/interfaces.d.ts +97 -0
package/dist/cjs/access/interfaces.d.ts.map +1 -0
package/dist/cjs/access/interfaces.js +17 -0
package/dist/cjs/access/interfaces.js.map +1 -0
package/dist/cjs/access/proxy.d.ts +21 -0
package/dist/cjs/access/proxy.d.ts.map +1 -0
package/dist/cjs/access/proxy.js +155 -0
package/dist/cjs/access/proxy.js.map +1 -0
package/dist/cjs/access/tailscale-dns.d.ts +28 -0
package/dist/cjs/access/tailscale-dns.d.ts.map +1 -0
package/dist/cjs/access/tailscale-dns.js +131 -0
package/dist/cjs/access/tailscale-dns.js.map +1 -0
package/dist/cjs/access/tailscale.d.ts +14 -0
package/dist/cjs/access/tailscale.d.ts.map +1 -0
package/dist/cjs/access/tailscale.js +135 -0
package/dist/cjs/access/tailscale.js.map +1 -0
package/dist/cjs/access/wireguard.d.ts +14 -0
package/dist/cjs/access/wireguard.d.ts.map +1 -0
package/dist/cjs/access/wireguard.js +140 -0
package/dist/cjs/access/wireguard.js.map +1 -0
package/dist/cjs/argocd/app.d.ts +31 -0
package/dist/cjs/argocd/app.d.ts.map +1 -0
package/dist/cjs/argocd/app.js +194 -0
package/dist/cjs/argocd/app.js.map +1 -0
package/dist/cjs/argocd/argocd.d.ts +33 -0
package/dist/cjs/argocd/argocd.d.ts.map +1 -0
package/dist/cjs/argocd/argocd.js +182 -0
package/dist/cjs/argocd/argocd.js.map +1 -0
package/dist/cjs/argocd/external-secrets.d.ts +23 -0
package/dist/cjs/argocd/external-secrets.d.ts.map +1 -0
package/dist/cjs/argocd/external-secrets.js +121 -0
package/dist/cjs/argocd/external-secrets.js.map +1 -0
package/dist/cjs/argocd/index.d.ts +18 -0
package/dist/cjs/argocd/index.d.ts.map +1 -0
package/dist/cjs/argocd/index.js +27 -0
package/dist/cjs/argocd/index.js.map +1 -0
package/dist/cjs/argocd/interfaces.d.ts +144 -0
package/dist/cjs/argocd/interfaces.d.ts.map +1 -0
package/dist/cjs/argocd/interfaces.js +8 -0
package/dist/cjs/argocd/interfaces.js.map +1 -0
package/dist/cjs/argocd/project.d.ts +23 -0
package/dist/cjs/argocd/project.d.ts.map +1 -0
package/dist/cjs/argocd/project.js +93 -0
package/dist/cjs/argocd/project.js.map +1 -0
package/dist/cjs/argocd/repo.d.ts +15 -0
package/dist/cjs/argocd/repo.d.ts.map +1 -0
package/dist/cjs/argocd/repo.js +83 -0
package/dist/cjs/argocd/repo.js.map +1 -0
package/dist/cjs/argocd/secrets.d.ts +23 -0
package/dist/cjs/argocd/secrets.d.ts.map +1 -0
package/dist/cjs/argocd/secrets.js +87 -0
package/dist/cjs/argocd/secrets.js.map +1 -0
package/dist/cjs/backup/index.d.ts +20 -0
package/dist/cjs/backup/index.d.ts.map +1 -0
package/dist/cjs/backup/index.js +206 -0
package/dist/cjs/backup/index.js.map +1 -0
package/dist/cjs/backup/interfaces.d.ts +29 -0
package/dist/cjs/backup/interfaces.d.ts.map +1 -0
package/dist/cjs/backup/interfaces.js +3 -0
package/dist/cjs/backup/interfaces.js.map +1 -0
package/dist/cjs/cache/cache.d.ts +38 -0
package/dist/cjs/cache/cache.d.ts.map +1 -0
package/dist/cjs/cache/cache.js +189 -0
package/dist/cjs/cache/cache.js.map +1 -0
package/dist/cjs/cache/index.d.ts +2 -0
package/dist/cjs/cache/index.d.ts.map +1 -1
package/dist/cjs/cache/index.js +7 -0
package/dist/cjs/cache/index.js.map +1 -1
package/dist/cjs/cache/interfaces.d.ts +20 -0
package/dist/cjs/cache/interfaces.d.ts.map +1 -1
package/dist/cjs/cache/interfaces.js +18 -0
package/dist/cjs/cache/interfaces.js.map +1 -1
package/dist/cjs/cluster/index.d.ts +1 -1
package/dist/cjs/cluster/index.d.ts.map +1 -1
package/dist/cjs/cluster/interfaces.d.ts +18 -1
package/dist/cjs/cluster/interfaces.d.ts.map +1 -1
package/dist/cjs/database/index.d.ts +1 -0
package/dist/cjs/database/index.d.ts.map +1 -1
package/dist/cjs/database/index.js +5 -0
package/dist/cjs/database/index.js.map +1 -1
package/dist/cjs/database/interfaces.d.ts +19 -0
package/dist/cjs/database/interfaces.d.ts.map +1 -1
package/dist/cjs/database/interfaces.js +20 -0
package/dist/cjs/database/interfaces.js.map +1 -1
package/dist/cjs/dns/index.d.ts +1 -0
package/dist/cjs/dns/index.d.ts.map +1 -1
package/dist/cjs/dns/index.js +3 -0
package/dist/cjs/dns/index.js.map +1 -1
package/dist/cjs/dns/interfaces.d.ts +11 -0
package/dist/cjs/dns/interfaces.d.ts.map +1 -1
package/dist/cjs/dns/interfaces.js +12 -0
package/dist/cjs/dns/interfaces.js.map +1 -1
package/dist/cjs/email/index.d.ts +41 -0
package/dist/cjs/email/index.d.ts.map +1 -0
package/dist/cjs/email/index.js +318 -0
package/dist/cjs/email/index.js.map +1 -0
package/dist/cjs/email/interfaces.d.ts +119 -0
package/dist/cjs/email/interfaces.d.ts.map +1 -0
package/dist/cjs/email/interfaces.js +19 -0
package/dist/cjs/email/interfaces.js.map +1 -0
package/dist/cjs/factories/cluster.d.ts +1 -1
package/dist/cjs/factories/cluster.d.ts.map +1 -1
package/dist/cjs/factories/cluster.js +16 -0
package/dist/cjs/factories/cluster.js.map +1 -1
package/dist/cjs/factories/index.d.ts +1 -1
package/dist/cjs/factories/index.d.ts.map +1 -1
package/dist/cjs/factories/index.js.map +1 -1
package/dist/cjs/factories/types.d.ts +26 -0
package/dist/cjs/factories/types.d.ts.map +1 -1
package/dist/cjs/factories/types.js.map +1 -1
package/dist/cjs/index.d.ts +26 -5
package/dist/cjs/index.d.ts.map +1 -1
package/dist/cjs/index.js +72 -8
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/network/index.d.ts +1 -0
package/dist/cjs/network/index.d.ts.map +1 -1
package/dist/cjs/network/index.js +3 -1
package/dist/cjs/network/index.js.map +1 -1
package/dist/cjs/network/interfaces.d.ts +6 -0
package/dist/cjs/network/interfaces.d.ts.map +1 -1
package/dist/cjs/network/interfaces.js +7 -0
package/dist/cjs/network/interfaces.js.map +1 -1
package/dist/cjs/nimbus/index.d.ts +28 -0
package/dist/cjs/nimbus/index.d.ts.map +1 -0
package/dist/cjs/nimbus/index.js +44 -0
package/dist/cjs/nimbus/index.js.map +1 -0
package/dist/cjs/nimbus/interfaces.d.ts +64 -0
package/dist/cjs/nimbus/interfaces.d.ts.map +1 -0
package/dist/cjs/nimbus/interfaces.js +10 -0
package/dist/cjs/nimbus/interfaces.js.map +1 -0
package/dist/cjs/nimbus/registry.d.ts +19 -0
package/dist/cjs/nimbus/registry.d.ts.map +1 -0
package/dist/cjs/nimbus/registry.js +123 -0
package/dist/cjs/nimbus/registry.js.map +1 -0
package/dist/cjs/observability/alerts.d.ts +51 -0
package/dist/cjs/observability/alerts.d.ts.map +1 -0
package/dist/cjs/observability/alerts.js +281 -0
package/dist/cjs/observability/alerts.js.map +1 -0
package/dist/cjs/observability/dashboards/_helpers.d.ts +38 -0
package/dist/cjs/observability/dashboards/_helpers.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/_helpers.js +141 -0
package/dist/cjs/observability/dashboards/_helpers.js.map +1 -0
package/dist/cjs/observability/dashboards/alerts.d.ts +12 -0
package/dist/cjs/observability/dashboards/alerts.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/alerts.js +261 -0
package/dist/cjs/observability/dashboards/alerts.js.map +1 -0
package/dist/cjs/observability/dashboards/argocd-app.d.ts +18 -0
package/dist/cjs/observability/dashboards/argocd-app.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/argocd-app.js +212 -0
package/dist/cjs/observability/dashboards/argocd-app.js.map +1 -0
package/dist/cjs/observability/dashboards/argocd.d.ts +9 -0
package/dist/cjs/observability/dashboards/argocd.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/argocd.js +141 -0
package/dist/cjs/observability/dashboards/argocd.js.map +1 -0
package/dist/cjs/observability/dashboards/cert-manager.d.ts +9 -0
package/dist/cjs/observability/dashboards/cert-manager.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/cert-manager.js +167 -0
package/dist/cjs/observability/dashboards/cert-manager.js.map +1 -0
package/dist/cjs/observability/dashboards/cnpg-cluster.d.ts +15 -0
package/dist/cjs/observability/dashboards/cnpg-cluster.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/cnpg-cluster.js +376 -0
package/dist/cjs/observability/dashboards/cnpg-cluster.js.map +1 -0
package/dist/cjs/observability/dashboards/cnpg.d.ts +10 -0
package/dist/cjs/observability/dashboards/cnpg.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/cnpg.js +181 -0
package/dist/cjs/observability/dashboards/cnpg.js.map +1 -0
package/dist/cjs/observability/dashboards/index.d.ts +28 -0
package/dist/cjs/observability/dashboards/index.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/index.js +159 -0
package/dist/cjs/observability/dashboards/index.js.map +1 -0
package/dist/cjs/observability/dashboards/loki.d.ts +9 -0
package/dist/cjs/observability/dashboards/loki.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/loki.js +113 -0
package/dist/cjs/observability/dashboards/loki.js.map +1 -0
package/dist/cjs/observability/dashboards/mariadb-cluster.d.ts +15 -0
package/dist/cjs/observability/dashboards/mariadb-cluster.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/mariadb-cluster.js +424 -0
package/dist/cjs/observability/dashboards/mariadb-cluster.js.map +1 -0
package/dist/cjs/observability/dashboards/mariadb.d.ts +10 -0
package/dist/cjs/observability/dashboards/mariadb.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/mariadb.js +181 -0
package/dist/cjs/observability/dashboards/mariadb.js.map +1 -0
package/dist/cjs/observability/dashboards/minio.d.ts +9 -0
package/dist/cjs/observability/dashboards/minio.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/minio.js +267 -0
package/dist/cjs/observability/dashboards/minio.js.map +1 -0
package/dist/cjs/observability/dashboards/neo4j-cluster.d.ts +16 -0
package/dist/cjs/observability/dashboards/neo4j-cluster.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/neo4j-cluster.js +223 -0
package/dist/cjs/observability/dashboards/neo4j-cluster.js.map +1 -0
package/dist/cjs/observability/dashboards/neo4j.d.ts +9 -0
package/dist/cjs/observability/dashboards/neo4j.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/neo4j.js +156 -0
package/dist/cjs/observability/dashboards/neo4j.js.map +1 -0
package/dist/cjs/observability/dashboards/redis.d.ts +9 -0
package/dist/cjs/observability/dashboards/redis.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/redis.js +221 -0
package/dist/cjs/observability/dashboards/redis.js.map +1 -0
package/dist/cjs/observability/dashboards/traefik.d.ts +9 -0
package/dist/cjs/observability/dashboards/traefik.d.ts.map +1 -0
package/dist/cjs/observability/dashboards/traefik.js +387 -0
package/dist/cjs/observability/dashboards/traefik.js.map +1 -0
package/dist/cjs/observability/index.d.ts +10 -0
package/dist/cjs/observability/index.d.ts.map +1 -0
package/dist/cjs/observability/index.js +14 -0
package/dist/cjs/observability/index.js.map +1 -0
package/dist/cjs/observability/interfaces.d.ts +173 -0
package/dist/cjs/observability/interfaces.d.ts.map +1 -0
package/dist/cjs/observability/interfaces.js +11 -0
package/dist/cjs/observability/interfaces.js.map +1 -0
package/dist/cjs/observability/stack.d.ts +31 -0
package/dist/cjs/observability/stack.d.ts.map +1 -0
package/dist/cjs/observability/stack.js +523 -0
package/dist/cjs/observability/stack.js.map +1 -0
package/dist/cjs/operator/cnpg.d.ts +22 -0
package/dist/cjs/operator/cnpg.d.ts.map +1 -0
package/dist/cjs/operator/cnpg.js +412 -0
package/dist/cjs/operator/cnpg.js.map +1 -0
package/dist/cjs/operator/index.d.ts +48 -0
package/dist/cjs/operator/index.d.ts.map +1 -0
package/dist/cjs/operator/index.js +155 -0
package/dist/cjs/operator/index.js.map +1 -0
package/dist/cjs/operator/interfaces.d.ts +192 -0
package/dist/cjs/operator/interfaces.d.ts.map +1 -0
package/dist/cjs/operator/interfaces.js +20 -0
package/dist/cjs/operator/interfaces.js.map +1 -0
package/dist/cjs/operator/mariadb.d.ts +22 -0
package/dist/cjs/operator/mariadb.d.ts.map +1 -0
package/dist/cjs/operator/mariadb.js +389 -0
package/dist/cjs/operator/mariadb.js.map +1 -0
package/dist/cjs/operator/minio.d.ts +37 -0
package/dist/cjs/operator/minio.d.ts.map +1 -0
package/dist/cjs/operator/minio.js +364 -0
package/dist/cjs/operator/minio.js.map +1 -0
package/dist/cjs/operator/neo4j.d.ts +48 -0
package/dist/cjs/operator/neo4j.d.ts.map +1 -0
package/dist/cjs/operator/neo4j.js +431 -0
package/dist/cjs/operator/neo4j.js.map +1 -0
package/dist/cjs/platform/components/argocd.d.ts +9 -0
package/dist/cjs/platform/components/argocd.d.ts.map +1 -0
package/dist/cjs/platform/components/argocd.js +82 -0
package/dist/cjs/platform/components/argocd.js.map +1 -0
package/dist/cjs/platform/components/cert-manager.d.ts +9 -0
package/dist/cjs/platform/components/cert-manager.d.ts.map +1 -0
package/dist/cjs/platform/components/cert-manager.js +56 -0
package/dist/cjs/platform/components/cert-manager.js.map +1 -0
package/dist/cjs/platform/components/descheduler.d.ts +9 -0
package/dist/cjs/platform/components/descheduler.d.ts.map +1 -0
package/dist/cjs/platform/components/descheduler.js +67 -0
package/dist/cjs/platform/components/descheduler.js.map +1 -0
package/dist/cjs/platform/components/external-dns.d.ts +9 -0
package/dist/cjs/platform/components/external-dns.d.ts.map +1 -0
package/dist/cjs/platform/components/external-dns.js +83 -0
package/dist/cjs/platform/components/external-dns.js.map +1 -0
package/dist/cjs/platform/components/external-secrets.d.ts +9 -0
package/dist/cjs/platform/components/external-secrets.d.ts.map +1 -0
package/dist/cjs/platform/components/external-secrets.js +62 -0
package/dist/cjs/platform/components/external-secrets.js.map +1 -0
package/dist/cjs/platform/components/index.d.ts +17 -0
package/dist/cjs/platform/components/index.d.ts.map +1 -0
package/dist/cjs/platform/components/index.js +28 -0
package/dist/cjs/platform/components/index.js.map +1 -0
package/dist/cjs/platform/components/oauth2-proxy.d.ts +14 -0
package/dist/cjs/platform/components/oauth2-proxy.d.ts.map +1 -0
package/dist/cjs/platform/components/oauth2-proxy.js +80 -0
package/dist/cjs/platform/components/oauth2-proxy.js.map +1 -0
package/dist/cjs/platform/components/traefik.d.ts +9 -0
package/dist/cjs/platform/components/traefik.d.ts.map +1 -0
package/dist/cjs/platform/components/traefik.js +74 -0
package/dist/cjs/platform/components/traefik.js.map +1 -0
package/dist/cjs/platform/components/vault.d.ts +12 -0
package/dist/cjs/platform/components/vault.d.ts.map +1 -0
package/dist/cjs/platform/components/vault.js +474 -0
package/dist/cjs/platform/components/vault.js.map +1 -0
package/dist/cjs/platform/index.d.ts +2 -1
package/dist/cjs/platform/index.d.ts.map +1 -1
package/dist/cjs/platform/index.js +3 -1
package/dist/cjs/platform/index.js.map +1 -1
package/dist/cjs/platform/interfaces.d.ts +73 -1
package/dist/cjs/platform/interfaces.d.ts.map +1 -1
package/dist/cjs/platform/interfaces.js +8 -0
package/dist/cjs/platform/interfaces.js.map +1 -1
package/dist/cjs/platform/stack.d.ts +1 -1
package/dist/cjs/platform/stack.d.ts.map +1 -1
package/dist/cjs/platform/stack.js +363 -153
package/dist/cjs/platform/stack.js.map +1 -1
package/dist/cjs/queue/index.d.ts +1 -0
package/dist/cjs/queue/index.d.ts.map +1 -1
package/dist/cjs/queue/index.js +5 -0
package/dist/cjs/queue/index.js.map +1 -1
package/dist/cjs/queue/interfaces.d.ts +20 -0
package/dist/cjs/queue/interfaces.d.ts.map +1 -1
package/dist/cjs/queue/interfaces.js +21 -0
package/dist/cjs/queue/interfaces.js.map +1 -1
package/dist/cjs/rackspace/cluster.d.ts +30 -0
package/dist/cjs/rackspace/cluster.d.ts.map +1 -0
package/dist/cjs/rackspace/cluster.js +116 -0
package/dist/cjs/rackspace/cluster.js.map +1 -0
package/dist/cjs/rackspace/index.d.ts +7 -0
package/dist/cjs/rackspace/index.d.ts.map +1 -0
package/dist/cjs/rackspace/index.js +11 -0
package/dist/cjs/rackspace/index.js.map +1 -0
package/dist/cjs/secrets/index.d.ts +1 -0
package/dist/cjs/secrets/index.d.ts.map +1 -1
package/dist/cjs/secrets/index.js +3 -0
package/dist/cjs/secrets/index.js.map +1 -1
package/dist/cjs/secrets/interfaces.d.ts +7 -0
package/dist/cjs/secrets/interfaces.d.ts.map +1 -1
package/dist/cjs/secrets/interfaces.js +8 -0
package/dist/cjs/secrets/interfaces.js.map +1 -1
package/dist/cjs/state/index.d.ts +1 -0
package/dist/cjs/state/index.d.ts.map +1 -1
package/dist/cjs/state/index.js +3 -0
package/dist/cjs/state/index.js.map +1 -1
package/dist/cjs/state/interfaces.d.ts +6 -0
package/dist/cjs/state/interfaces.d.ts.map +1 -1
package/dist/cjs/state/interfaces.js +7 -0
package/dist/cjs/state/interfaces.js.map +1 -1
package/dist/cjs/types/cloud-target.d.ts +7 -0
package/dist/cjs/types/cloud-target.d.ts.map +1 -1
package/dist/cjs/types/cloud-target.js +9 -2
package/dist/cjs/types/cloud-target.js.map +1 -1
package/dist/cjs/types/exposed-service.d.ts +20 -0
package/dist/cjs/types/exposed-service.d.ts.map +1 -0
package/dist/cjs/types/exposed-service.js +8 -0
package/dist/cjs/types/exposed-service.js.map +1 -0
package/dist/cjs/types/index.d.ts +3 -1
package/dist/cjs/types/index.d.ts.map +1 -1
package/dist/cjs/types/index.js +5 -1
package/dist/cjs/types/index.js.map +1 -1
package/dist/cjs/types/storage-tiers.d.ts +26 -0
package/dist/cjs/types/storage-tiers.d.ts.map +1 -0
package/dist/cjs/types/storage-tiers.js +30 -0
package/dist/cjs/types/storage-tiers.js.map +1 -0
package/dist/cjs/utils/ensure-namespace.d.ts +7 -0
package/dist/cjs/utils/ensure-namespace.d.ts.map +1 -0
package/dist/cjs/utils/ensure-namespace.js +53 -0
package/dist/cjs/utils/ensure-namespace.js.map +1 -0
package/dist/cjs/utils/index.d.ts +1 -0
package/dist/cjs/utils/index.d.ts.map +1 -1
package/dist/cjs/utils/index.js +3 -1
package/dist/cjs/utils/index.js.map +1 -1
package/dist/esm/access/dns.d.ts +26 -0
package/dist/esm/access/dns.d.ts.map +1 -0
package/dist/esm/access/dns.js +136 -0
package/dist/esm/access/dns.js.map +1 -0
package/dist/esm/access/index.d.ts +30 -0
package/dist/esm/access/index.d.ts.map +1 -0
package/dist/esm/access/index.js +45 -0
package/dist/esm/access/index.js.map +1 -0
package/dist/esm/access/interfaces.d.ts +97 -0
package/dist/esm/access/interfaces.d.ts.map +1 -0
package/dist/esm/access/interfaces.js +17 -0
package/dist/esm/access/interfaces.js.map +1 -0
package/dist/esm/access/proxy.d.ts +21 -0
package/dist/esm/access/proxy.d.ts.map +1 -0
package/dist/esm/access/proxy.js +155 -0
package/dist/esm/access/proxy.js.map +1 -0
package/dist/esm/access/tailscale-dns.d.ts +28 -0
package/dist/esm/access/tailscale-dns.d.ts.map +1 -0
package/dist/esm/access/tailscale-dns.js +131 -0
package/dist/esm/access/tailscale-dns.js.map +1 -0
package/dist/esm/access/tailscale.d.ts +14 -0
package/dist/esm/access/tailscale.d.ts.map +1 -0
package/dist/esm/access/tailscale.js +135 -0
package/dist/esm/access/tailscale.js.map +1 -0
package/dist/esm/access/wireguard.d.ts +14 -0
package/dist/esm/access/wireguard.d.ts.map +1 -0
package/dist/esm/access/wireguard.js +140 -0
package/dist/esm/access/wireguard.js.map +1 -0
package/dist/esm/argocd/app.d.ts +31 -0
package/dist/esm/argocd/app.d.ts.map +1 -0
package/dist/esm/argocd/app.js +194 -0
package/dist/esm/argocd/app.js.map +1 -0
package/dist/esm/argocd/argocd.d.ts +33 -0
package/dist/esm/argocd/argocd.d.ts.map +1 -0
package/dist/esm/argocd/argocd.js +182 -0
package/dist/esm/argocd/argocd.js.map +1 -0
package/dist/esm/argocd/external-secrets.d.ts +23 -0
package/dist/esm/argocd/external-secrets.d.ts.map +1 -0
package/dist/esm/argocd/external-secrets.js +121 -0
package/dist/esm/argocd/external-secrets.js.map +1 -0
package/dist/esm/argocd/index.d.ts +18 -0
package/dist/esm/argocd/index.d.ts.map +1 -0
package/dist/esm/argocd/index.js +27 -0
package/dist/esm/argocd/index.js.map +1 -0
package/dist/esm/argocd/interfaces.d.ts +144 -0
package/dist/esm/argocd/interfaces.d.ts.map +1 -0
package/dist/esm/argocd/interfaces.js +8 -0
package/dist/esm/argocd/interfaces.js.map +1 -0
package/dist/esm/argocd/project.d.ts +23 -0
package/dist/esm/argocd/project.d.ts.map +1 -0
package/dist/esm/argocd/project.js +93 -0
package/dist/esm/argocd/project.js.map +1 -0
package/dist/esm/argocd/repo.d.ts +15 -0
package/dist/esm/argocd/repo.d.ts.map +1 -0
package/dist/esm/argocd/repo.js +83 -0
package/dist/esm/argocd/repo.js.map +1 -0
package/dist/esm/argocd/secrets.d.ts +23 -0
package/dist/esm/argocd/secrets.d.ts.map +1 -0
package/dist/esm/argocd/secrets.js +87 -0
package/dist/esm/argocd/secrets.js.map +1 -0
package/dist/esm/backup/index.d.ts +20 -0
package/dist/esm/backup/index.d.ts.map +1 -0
package/dist/esm/backup/index.js +206 -0
package/dist/esm/backup/index.js.map +1 -0
package/dist/esm/backup/interfaces.d.ts +29 -0
package/dist/esm/backup/interfaces.d.ts.map +1 -0
package/dist/esm/backup/interfaces.js +3 -0
package/dist/esm/backup/interfaces.js.map +1 -0
package/dist/esm/cache/cache.d.ts +38 -0
package/dist/esm/cache/cache.d.ts.map +1 -0
package/dist/esm/cache/cache.js +189 -0
package/dist/esm/cache/cache.js.map +1 -0
package/dist/esm/cache/index.d.ts +2 -0
package/dist/esm/cache/index.d.ts.map +1 -1
package/dist/esm/cache/index.js +7 -0
package/dist/esm/cache/index.js.map +1 -1
package/dist/esm/cache/interfaces.d.ts +20 -0
package/dist/esm/cache/interfaces.d.ts.map +1 -1
package/dist/esm/cache/interfaces.js +18 -0
package/dist/esm/cache/interfaces.js.map +1 -1
package/dist/esm/cluster/index.d.ts +1 -1
package/dist/esm/cluster/index.d.ts.map +1 -1
package/dist/esm/cluster/interfaces.d.ts +18 -1
package/dist/esm/cluster/interfaces.d.ts.map +1 -1
package/dist/esm/database/index.d.ts +1 -0
package/dist/esm/database/index.d.ts.map +1 -1
package/dist/esm/database/index.js +5 -0
package/dist/esm/database/index.js.map +1 -1
package/dist/esm/database/interfaces.d.ts +19 -0
package/dist/esm/database/interfaces.d.ts.map +1 -1
package/dist/esm/database/interfaces.js +20 -0
package/dist/esm/database/interfaces.js.map +1 -1
package/dist/esm/dns/index.d.ts +1 -0
package/dist/esm/dns/index.d.ts.map +1 -1
package/dist/esm/dns/index.js +3 -0
package/dist/esm/dns/index.js.map +1 -1
package/dist/esm/dns/interfaces.d.ts +11 -0
package/dist/esm/dns/interfaces.d.ts.map +1 -1
package/dist/esm/dns/interfaces.js +12 -0
package/dist/esm/dns/interfaces.js.map +1 -1
package/dist/esm/email/index.d.ts +41 -0
package/dist/esm/email/index.d.ts.map +1 -0
package/dist/esm/email/index.js +318 -0
package/dist/esm/email/index.js.map +1 -0
package/dist/esm/email/interfaces.d.ts +119 -0
package/dist/esm/email/interfaces.d.ts.map +1 -0
package/dist/esm/email/interfaces.js +19 -0
package/dist/esm/email/interfaces.js.map +1 -0
package/dist/esm/factories/cluster.d.ts +1 -1
package/dist/esm/factories/cluster.d.ts.map +1 -1
package/dist/esm/factories/cluster.js +16 -0
package/dist/esm/factories/cluster.js.map +1 -1
package/dist/esm/factories/index.d.ts +1 -1
package/dist/esm/factories/index.d.ts.map +1 -1
package/dist/esm/factories/index.js.map +1 -1
package/dist/esm/factories/types.d.ts +26 -0
package/dist/esm/factories/types.d.ts.map +1 -1
package/dist/esm/factories/types.js.map +1 -1
package/dist/esm/index.d.ts +26 -5
package/dist/esm/index.d.ts.map +1 -1
package/dist/esm/index.js +72 -8
package/dist/esm/index.js.map +1 -1
package/dist/esm/network/index.d.ts +1 -0
package/dist/esm/network/index.d.ts.map +1 -1
package/dist/esm/network/index.js +3 -1
package/dist/esm/network/index.js.map +1 -1
package/dist/esm/network/interfaces.d.ts +6 -0
package/dist/esm/network/interfaces.d.ts.map +1 -1
package/dist/esm/network/interfaces.js +7 -0
package/dist/esm/network/interfaces.js.map +1 -1
package/dist/esm/nimbus/index.d.ts +28 -0
package/dist/esm/nimbus/index.d.ts.map +1 -0
package/dist/esm/nimbus/index.js +44 -0
package/dist/esm/nimbus/index.js.map +1 -0
package/dist/esm/nimbus/interfaces.d.ts +64 -0
package/dist/esm/nimbus/interfaces.d.ts.map +1 -0
package/dist/esm/nimbus/interfaces.js +10 -0
package/dist/esm/nimbus/interfaces.js.map +1 -0
package/dist/esm/nimbus/registry.d.ts +19 -0
package/dist/esm/nimbus/registry.d.ts.map +1 -0
package/dist/esm/nimbus/registry.js +123 -0
package/dist/esm/nimbus/registry.js.map +1 -0
package/dist/esm/observability/alerts.d.ts +51 -0
package/dist/esm/observability/alerts.d.ts.map +1 -0
package/dist/esm/observability/alerts.js +281 -0
package/dist/esm/observability/alerts.js.map +1 -0
package/dist/esm/observability/dashboards/_helpers.d.ts +38 -0
package/dist/esm/observability/dashboards/_helpers.d.ts.map +1 -0
package/dist/esm/observability/dashboards/_helpers.js +141 -0
package/dist/esm/observability/dashboards/_helpers.js.map +1 -0
package/dist/esm/observability/dashboards/alerts.d.ts +12 -0
package/dist/esm/observability/dashboards/alerts.d.ts.map +1 -0
package/dist/esm/observability/dashboards/alerts.js +261 -0
package/dist/esm/observability/dashboards/alerts.js.map +1 -0
package/dist/esm/observability/dashboards/argocd-app.d.ts +18 -0
package/dist/esm/observability/dashboards/argocd-app.d.ts.map +1 -0
package/dist/esm/observability/dashboards/argocd-app.js +212 -0
package/dist/esm/observability/dashboards/argocd-app.js.map +1 -0
package/dist/esm/observability/dashboards/argocd.d.ts +9 -0
package/dist/esm/observability/dashboards/argocd.d.ts.map +1 -0
package/dist/esm/observability/dashboards/argocd.js +141 -0
package/dist/esm/observability/dashboards/argocd.js.map +1 -0
package/dist/esm/observability/dashboards/cert-manager.d.ts +9 -0
package/dist/esm/observability/dashboards/cert-manager.d.ts.map +1 -0
package/dist/esm/observability/dashboards/cert-manager.js +167 -0
package/dist/esm/observability/dashboards/cert-manager.js.map +1 -0
package/dist/esm/observability/dashboards/cnpg-cluster.d.ts +15 -0
package/dist/esm/observability/dashboards/cnpg-cluster.d.ts.map +1 -0
package/dist/esm/observability/dashboards/cnpg-cluster.js +376 -0
package/dist/esm/observability/dashboards/cnpg-cluster.js.map +1 -0
package/dist/esm/observability/dashboards/cnpg.d.ts +10 -0
package/dist/esm/observability/dashboards/cnpg.d.ts.map +1 -0
package/dist/esm/observability/dashboards/cnpg.js +181 -0
package/dist/esm/observability/dashboards/cnpg.js.map +1 -0
package/dist/esm/observability/dashboards/index.d.ts +28 -0
package/dist/esm/observability/dashboards/index.d.ts.map +1 -0
package/dist/esm/observability/dashboards/index.js +159 -0
package/dist/esm/observability/dashboards/index.js.map +1 -0
package/dist/esm/observability/dashboards/loki.d.ts +9 -0
package/dist/esm/observability/dashboards/loki.d.ts.map +1 -0
package/dist/esm/observability/dashboards/loki.js +113 -0
package/dist/esm/observability/dashboards/loki.js.map +1 -0
package/dist/esm/observability/dashboards/mariadb-cluster.d.ts +15 -0
package/dist/esm/observability/dashboards/mariadb-cluster.d.ts.map +1 -0
package/dist/esm/observability/dashboards/mariadb-cluster.js +424 -0
package/dist/esm/observability/dashboards/mariadb-cluster.js.map +1 -0
package/dist/esm/observability/dashboards/mariadb.d.ts +10 -0
package/dist/esm/observability/dashboards/mariadb.d.ts.map +1 -0
package/dist/esm/observability/dashboards/mariadb.js +181 -0
package/dist/esm/observability/dashboards/mariadb.js.map +1 -0
package/dist/esm/observability/dashboards/minio.d.ts +9 -0
package/dist/esm/observability/dashboards/minio.d.ts.map +1 -0
package/dist/esm/observability/dashboards/minio.js +267 -0
package/dist/esm/observability/dashboards/minio.js.map +1 -0
package/dist/esm/observability/dashboards/neo4j-cluster.d.ts +16 -0
package/dist/esm/observability/dashboards/neo4j-cluster.d.ts.map +1 -0
package/dist/esm/observability/dashboards/neo4j-cluster.js +223 -0
package/dist/esm/observability/dashboards/neo4j-cluster.js.map +1 -0
package/dist/esm/observability/dashboards/neo4j.d.ts +9 -0
package/dist/esm/observability/dashboards/neo4j.d.ts.map +1 -0
package/dist/esm/observability/dashboards/neo4j.js +156 -0
package/dist/esm/observability/dashboards/neo4j.js.map +1 -0
package/dist/esm/observability/dashboards/redis.d.ts +9 -0
package/dist/esm/observability/dashboards/redis.d.ts.map +1 -0
package/dist/esm/observability/dashboards/redis.js +221 -0
package/dist/esm/observability/dashboards/redis.js.map +1 -0
package/dist/esm/observability/dashboards/traefik.d.ts +9 -0
package/dist/esm/observability/dashboards/traefik.d.ts.map +1 -0
package/dist/esm/observability/dashboards/traefik.js +387 -0
package/dist/esm/observability/dashboards/traefik.js.map +1 -0
package/dist/esm/observability/index.d.ts +10 -0
package/dist/esm/observability/index.d.ts.map +1 -0
package/dist/esm/observability/index.js +14 -0
package/dist/esm/observability/index.js.map +1 -0
package/dist/esm/observability/interfaces.d.ts +173 -0
package/dist/esm/observability/interfaces.d.ts.map +1 -0
package/dist/esm/observability/interfaces.js +11 -0
package/dist/esm/observability/interfaces.js.map +1 -0
package/dist/esm/observability/stack.d.ts +31 -0
package/dist/esm/observability/stack.d.ts.map +1 -0
package/dist/esm/observability/stack.js +523 -0
package/dist/esm/observability/stack.js.map +1 -0
package/dist/esm/operator/cnpg.d.ts +22 -0
package/dist/esm/operator/cnpg.d.ts.map +1 -0
package/dist/esm/operator/cnpg.js +412 -0
package/dist/esm/operator/cnpg.js.map +1 -0
package/dist/esm/operator/index.d.ts +48 -0
package/dist/esm/operator/index.d.ts.map +1 -0
package/dist/esm/operator/index.js +155 -0
package/dist/esm/operator/index.js.map +1 -0
package/dist/esm/operator/interfaces.d.ts +192 -0
package/dist/esm/operator/interfaces.d.ts.map +1 -0
package/dist/esm/operator/interfaces.js +20 -0
package/dist/esm/operator/interfaces.js.map +1 -0
package/dist/esm/operator/mariadb.d.ts +22 -0
package/dist/esm/operator/mariadb.d.ts.map +1 -0
package/dist/esm/operator/mariadb.js +389 -0
package/dist/esm/operator/mariadb.js.map +1 -0
package/dist/esm/operator/minio.d.ts +37 -0
package/dist/esm/operator/minio.d.ts.map +1 -0
package/dist/esm/operator/minio.js +364 -0
package/dist/esm/operator/minio.js.map +1 -0
package/dist/esm/operator/neo4j.d.ts +48 -0
package/dist/esm/operator/neo4j.d.ts.map +1 -0
package/dist/esm/operator/neo4j.js +431 -0
package/dist/esm/operator/neo4j.js.map +1 -0
package/dist/esm/platform/components/argocd.d.ts +9 -0
package/dist/esm/platform/components/argocd.d.ts.map +1 -0
package/dist/esm/platform/components/argocd.js +82 -0
package/dist/esm/platform/components/argocd.js.map +1 -0
package/dist/esm/platform/components/cert-manager.d.ts +9 -0
package/dist/esm/platform/components/cert-manager.d.ts.map +1 -0
package/dist/esm/platform/components/cert-manager.js +56 -0
package/dist/esm/platform/components/cert-manager.js.map +1 -0
package/dist/esm/platform/components/descheduler.d.ts +9 -0
package/dist/esm/platform/components/descheduler.d.ts.map +1 -0
package/dist/esm/platform/components/descheduler.js +67 -0
package/dist/esm/platform/components/descheduler.js.map +1 -0
package/dist/esm/platform/components/external-dns.d.ts +9 -0
package/dist/esm/platform/components/external-dns.d.ts.map +1 -0
package/dist/esm/platform/components/external-dns.js +83 -0
package/dist/esm/platform/components/external-dns.js.map +1 -0
package/dist/esm/platform/components/external-secrets.d.ts +9 -0
package/dist/esm/platform/components/external-secrets.d.ts.map +1 -0
package/dist/esm/platform/components/external-secrets.js +62 -0
package/dist/esm/platform/components/external-secrets.js.map +1 -0
package/dist/esm/platform/components/index.d.ts +17 -0
package/dist/esm/platform/components/index.d.ts.map +1 -0
package/dist/esm/platform/components/index.js +28 -0
package/dist/esm/platform/components/index.js.map +1 -0
package/dist/esm/platform/components/oauth2-proxy.d.ts +14 -0
package/dist/esm/platform/components/oauth2-proxy.d.ts.map +1 -0
package/dist/esm/platform/components/oauth2-proxy.js +80 -0
package/dist/esm/platform/components/oauth2-proxy.js.map +1 -0
package/dist/esm/platform/components/traefik.d.ts +9 -0
package/dist/esm/platform/components/traefik.d.ts.map +1 -0
package/dist/esm/platform/components/traefik.js +74 -0
package/dist/esm/platform/components/traefik.js.map +1 -0
package/dist/esm/platform/components/vault.d.ts +12 -0
package/dist/esm/platform/components/vault.d.ts.map +1 -0
package/dist/esm/platform/components/vault.js +474 -0
package/dist/esm/platform/components/vault.js.map +1 -0
package/dist/esm/platform/index.d.ts +2 -1
package/dist/esm/platform/index.d.ts.map +1 -1
package/dist/esm/platform/index.js +3 -1
package/dist/esm/platform/index.js.map +1 -1
package/dist/esm/platform/interfaces.d.ts +73 -1
package/dist/esm/platform/interfaces.d.ts.map +1 -1
package/dist/esm/platform/interfaces.js +8 -0
package/dist/esm/platform/interfaces.js.map +1 -1
package/dist/esm/platform/stack.d.ts +1 -1
package/dist/esm/platform/stack.d.ts.map +1 -1
package/dist/esm/platform/stack.js +363 -153
package/dist/esm/platform/stack.js.map +1 -1
package/dist/esm/queue/index.d.ts +1 -0
package/dist/esm/queue/index.d.ts.map +1 -1
package/dist/esm/queue/index.js +5 -0
package/dist/esm/queue/index.js.map +1 -1
package/dist/esm/queue/interfaces.d.ts +20 -0
package/dist/esm/queue/interfaces.d.ts.map +1 -1
package/dist/esm/queue/interfaces.js +21 -0
package/dist/esm/queue/interfaces.js.map +1 -1
package/dist/esm/rackspace/cluster.d.ts +30 -0
package/dist/esm/rackspace/cluster.d.ts.map +1 -0
package/dist/esm/rackspace/cluster.js +116 -0
package/dist/esm/rackspace/cluster.js.map +1 -0
package/dist/esm/rackspace/index.d.ts +7 -0
package/dist/esm/rackspace/index.d.ts.map +1 -0
package/dist/esm/rackspace/index.js +11 -0
package/dist/esm/rackspace/index.js.map +1 -0
package/dist/esm/secrets/index.d.ts +1 -0
package/dist/esm/secrets/index.d.ts.map +1 -1
package/dist/esm/secrets/index.js +3 -0
package/dist/esm/secrets/index.js.map +1 -1
package/dist/esm/secrets/interfaces.d.ts +7 -0
package/dist/esm/secrets/interfaces.d.ts.map +1 -1
package/dist/esm/secrets/interfaces.js +8 -0
package/dist/esm/secrets/interfaces.js.map +1 -1
package/dist/esm/state/index.d.ts +1 -0
package/dist/esm/state/index.d.ts.map +1 -1
package/dist/esm/state/index.js +3 -0
package/dist/esm/state/index.js.map +1 -1
package/dist/esm/state/interfaces.d.ts +6 -0
package/dist/esm/state/interfaces.d.ts.map +1 -1
package/dist/esm/state/interfaces.js +7 -0
package/dist/esm/state/interfaces.js.map +1 -1
package/dist/esm/types/cloud-target.d.ts +7 -0
package/dist/esm/types/cloud-target.d.ts.map +1 -1
package/dist/esm/types/cloud-target.js +9 -2
package/dist/esm/types/cloud-target.js.map +1 -1
package/dist/esm/types/exposed-service.d.ts +20 -0
package/dist/esm/types/exposed-service.d.ts.map +1 -0
package/dist/esm/types/exposed-service.js +8 -0
package/dist/esm/types/exposed-service.js.map +1 -0
package/dist/esm/types/index.d.ts +3 -1
package/dist/esm/types/index.d.ts.map +1 -1
package/dist/esm/types/index.js +5 -1
package/dist/esm/types/index.js.map +1 -1
package/dist/esm/types/storage-tiers.d.ts +26 -0
package/dist/esm/types/storage-tiers.d.ts.map +1 -0
package/dist/esm/types/storage-tiers.js +30 -0
package/dist/esm/types/storage-tiers.js.map +1 -0
package/dist/esm/utils/ensure-namespace.d.ts +7 -0
package/dist/esm/utils/ensure-namespace.d.ts.map +1 -0
package/dist/esm/utils/ensure-namespace.js +53 -0
package/dist/esm/utils/ensure-namespace.js.map +1 -0
package/dist/esm/utils/index.d.ts +1 -0
package/dist/esm/utils/index.d.ts.map +1 -1
package/dist/esm/utils/index.js +3 -1
package/dist/esm/utils/index.js.map +1 -1
package/package.json +8 -4

package/README.md CHANGED Viewed

@@ -50,20 +50,24 @@ Or start from scratch:
 import { createNetwork, createCluster, createPlatformStack } from "@reyemtech/nimbus";
 import type { INetwork, ICluster } from "@reyemtech/nimbus";
-const network = await createNetwork("prod", {
+const network = (await createNetwork("prod", {
   cloud: "aws",
   cidr: "10.0.0.0/16",
   natStrategy: "fck-nat",
-}) as INetwork;
-const cluster = await createCluster("prod", {
-  cloud: "aws",
-  nodePools: [
-    { name: "system", instanceType: "t4g.small", minNodes: 2, maxNodes: 3 },
-    { name: "workers", instanceType: "c6a.large", minNodes: 1, maxNodes: 10, spot: true },
-  ],
-  providerOptions: { aws: { autoMode: true } },
-}, network) as ICluster;
+})) as INetwork;
+const cluster = (await createCluster(
+  "prod",
+  {
+    cloud: "aws",
+    nodePools: [
+      { name: "system", instanceType: "t4g.small", minNodes: 2, maxNodes: 3 },
+      { name: "workers", instanceType: "c6a.large", minNodes: 1, maxNodes: 10, spot: true },
+    ],
+    providerOptions: { aws: { autoMode: true } },
+  },
+  network
+)) as ICluster;
 createPlatformStack("prod", { cluster, domain: "example.com" });
 ```
@@ -80,14 +84,14 @@ nimbus check                     # Show which providers are installed
 ### Templates
-| Template | Description |
-|----------|-------------|
-| `empty` | Blank scaffold with TODO placeholders |
-| `minimal-aws` | State backend + Secrets Manager (no cluster) |
-| `minimal-azure` | State backend + Key Vault (no cluster) |
-| `aws` | Full stack: VPC + EKS + Route 53 + Secrets + Platform |
-| `azure` | Full stack: VNet + AKS + Azure DNS + Key Vault + Platform |
-| `multi-cloud` | AWS + Azure active-active with Global Load Balancer |
+| Template        | Description                                               |
+| --------------- | --------------------------------------------------------- |
+| `empty`         | Blank scaffold with TODO placeholders                     |
+| `minimal-aws`   | State backend + Secrets Manager (no cluster)              |
+| `minimal-azure` | State backend + Key Vault (no cluster)                    |
+| `aws`           | Full stack: VPC + EKS + Route 53 + Secrets + Platform     |
+| `azure`         | Full stack: VNet + AKS + Azure DNS + Key Vault + Platform |
+| `multi-cloud`   | AWS + Azure active-active with Global Load Balancer       |
 ### Day-to-Day Operations
@@ -125,15 +129,15 @@ pulumi stack output           # View stack outputs
 ### Module Status
-| Module | AWS | Azure | GCP |
-|--------|-----|-------|-----|
-| **Network** | VPC + fck-nat/managed NAT | VNet + NAT Gateway | Planned |
-| **Cluster** | EKS + Auto Mode | AKS + virtual nodes | Planned |
-| **DNS** | Route 53 | Azure DNS | Planned |
-| **Secrets** | Secrets Manager | Key Vault | Planned |
-| **State** | S3 + DynamoDB locking + replication | Blob + GRS | Planned |
-| **Platform** | Helm (provider-agnostic) | Helm (provider-agnostic) | Helm (provider-agnostic) |
-| **Global LB** | Route 53 health-checked routing | Planned | — |
+| Module        | AWS                                 | Azure                    | GCP                      |
+| ------------- | ----------------------------------- | ------------------------ | ------------------------ |
+| **Network**   | VPC + fck-nat/managed NAT           | VNet + NAT Gateway       | Planned                  |
+| **Cluster**   | EKS + Auto Mode                     | AKS + virtual nodes      | Planned                  |
+| **DNS**       | Route 53                            | Azure DNS                | Planned                  |
+| **Secrets**   | Secrets Manager                     | Key Vault                | Planned                  |
+| **State**     | S3 + DynamoDB locking + replication | Blob + GRS               | Planned                  |
+| **Platform**  | Helm (provider-agnostic)            | Helm (provider-agnostic) | Helm (provider-agnostic) |
+| **Global LB** | Route 53 health-checked routing     | Planned                  | —                        |
 ## Documentation

package/dist/cjs/access/dns.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+/**
+ * Shared split DNS for access gateway providers.
+ *
+ * Two resolution paths:
+ * - Web services (proxied): grafana.iad-1.internal → Nginx proxy (port 80)
+ * - Data services (direct): mariadb-main.data.iad-1.internal → ClusterIP (native port)
+ *
+ * @module access/dns
+ */
+import * as k8s from "@pulumi/kubernetes";
+import * as pulumi from "@pulumi/pulumi";
+import type { IAccessDnsConfig } from "./interfaces";
+import type { IExposedService } from "../types";
+/** CoreDNS deployment output. */
+export interface IAccessDns {
+    readonly service: k8s.core.v1.Service;
+    readonly clusterIp: pulumi.Output<string>;
+    readonly zone: string;
+}
+/**
+ * Deploy CoreDNS for access gateway split DNS.
+ *
+ * @param proxiedServices - Services routed through the Nginx proxy (web UIs)
+ */
+export declare function deployAccessDns(name: string, prefix: string, dnsConfig: IAccessDnsConfig, namespace: string, provider: k8s.Provider, proxiedServices: ReadonlyArray<IExposedService>, dependsOn?: pulumi.Resource[]): IAccessDns;
+//# sourceMappingURL=dns.d.ts.map

package/dist/cjs/access/dns.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"dns.d.ts","sourceRoot":"","sources":["../../../src/access/dns.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AACrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAEhD,iCAAiC;AACjC,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;IACtC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1C,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;CACvB;AA6CD;;;;GAIG;AACH,wBAAgB,eAAe,CAC7B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,gBAAgB,EAC3B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EACtB,eAAe,EAAE,aAAa,CAAC,eAAe,CAAC,EAC/C,SAAS,CAAC,EAAE,MAAM,CAAC,QAAQ,EAAE,GAC5B,UAAU,CAqEZ"}

package/dist/cjs/access/dns.js ADDED Viewed

@@ -0,0 +1,136 @@
+"use strict";
+/**
+ * Shared split DNS for access gateway providers.
+ *
+ * Two resolution paths:
+ * - Web services (proxied): grafana.iad-1.internal → Nginx proxy (port 80)
+ * - Data services (direct): mariadb-main.data.iad-1.internal → ClusterIP (native port)
+ *
+ * @module access/dns
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deployAccessDns = deployAccessDns;
+const k8s = __importStar(require("@pulumi/kubernetes"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+/**
+ * Build CoreDNS Corefile with two resolution paths:
+ *
+ * 1. Per-service rewrites for proxied web services:
+ *    grafana.iad-1.internal → access-proxy.access.svc.cluster.local
+ *
+ * 2. Catch-all regex for direct access (with namespace):
+ *    mariadb-main.data.iad-1.internal → mariadb-main.data.svc.cluster.local
+ */
+function buildCorefile(prefix, tld, proxiedServices) {
+    const zone = `${prefix}.${tld}`;
+    const prefixEsc = prefix.replace(/\./g, "\\.");
+    const tldEsc = tld.replace(/\./g, "\\.");
+    // Build per-service rewrite rules for proxied services
+    // CoreDNS exact name rewrite: rewrite name exact <from> <to>
+    const proxyRewrites = proxiedServices.map((svc) => `    rewrite name exact ${svc.label}.${prefix}.${tld} access-proxy.access.svc.cluster.local`);
+    return pulumi.output(proxyRewrites).apply((rewrites) => `${zone}:53 {
+    # Proxied web services → Nginx reverse proxy (port 80)
+${rewrites.join("\n")}
+    # Direct access: <service>.<namespace>.iad-1.internal → <service>.<namespace>.svc.cluster.local
+    rewrite name regex ([a-z0-9-]+)\\.([a-z0-9-]+)\\.${prefixEsc}\\.${tldEsc} {1}.{2}.svc.cluster.local answer auto
+    forward . /etc/resolv.conf
+    cache 60
+    errors
+    log
+}
+`);
+}
+/**
+ * Deploy CoreDNS for access gateway split DNS.
+ *
+ * @param proxiedServices - Services routed through the Nginx proxy (web UIs)
+ */
+function deployAccessDns(name, prefix, dnsConfig, namespace, provider, proxiedServices, dependsOn) {
+    const tld = dnsConfig.tld ?? "internal";
+    const zone = `${prefix}.${tld}`;
+    const corefile = new k8s.core.v1.ConfigMap(`${name}-access-dns-corefile`, {
+        metadata: { name: "access-dns-corefile", namespace },
+        data: { Corefile: buildCorefile(prefix, tld, proxiedServices) },
+    }, { provider, dependsOn });
+    const labels = { app: "access-dns", "app.kubernetes.io/managed-by": "nimbus" };
+    new k8s.apps.v1.Deployment(`${name}-access-dns`, {
+        metadata: { name: "access-dns", namespace },
+        spec: {
+            replicas: 1,
+            selector: { matchLabels: labels },
+            template: {
+                metadata: { labels },
+                spec: {
+                    containers: [
+                        {
+                            name: "coredns",
+                            image: "coredns/coredns:1.12.0",
+                            args: ["-conf", "/etc/coredns/Corefile"],
+                            ports: [
+                                { name: "dns", containerPort: 53, protocol: "UDP" },
+                                { name: "dns-tcp", containerPort: 53, protocol: "TCP" },
+                            ],
+                            volumeMounts: [{ name: "corefile", mountPath: "/etc/coredns", readOnly: true }],
+                            resources: {
+                                requests: { cpu: "10m", memory: "16Mi" },
+                                limits: { cpu: "50m", memory: "64Mi" },
+                            },
+                        },
+                    ],
+                    volumes: [{ name: "corefile", configMap: { name: "access-dns-corefile" } }],
+                },
+            },
+        },
+    }, { provider, dependsOn: [corefile] });
+    const service = new k8s.core.v1.Service(`${name}-access-dns-svc`, {
+        metadata: { name: "access-dns", namespace },
+        spec: {
+            selector: labels,
+            ports: [
+                { name: "dns", port: 53, targetPort: 53, protocol: "UDP" },
+                { name: "dns-tcp", port: 53, targetPort: 53, protocol: "TCP" },
+            ],
+        },
+    }, { provider });
+    return {
+        service,
+        clusterIp: service.spec.clusterIP,
+        zone,
+    };
+}
+//# sourceMappingURL=dns.js.map

package/dist/cjs/access/dns.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"dns.js","sourceRoot":"","sources":["../../../src/access/dns.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8DH,0CA6EC;AAzID,wDAA0C;AAC1C,uDAAyC;AAWzC;;;;;;;;GAQG;AACH,SAAS,aAAa,CACpB,MAAc,EACd,GAAW,EACX,eAA+C;IAE/C,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC;IAChC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAEzC,uDAAuD;IACvD,6DAA6D;IAC7D,MAAM,aAAa,GAAG,eAAe,CAAC,GAAG,CACvC,CAAC,GAAG,EAAE,EAAE,CACN,0BAA0B,GAAG,CAAC,KAAK,IAAI,MAAM,IAAI,GAAG,wCAAwC,CAC/F,CAAC;IAEF,OAAO,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,KAAK,CACvC,CAAC,QAAQ,EAAE,EAAE,CACX,GAAG,IAAI;;EAEX,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;;;uDAGkC,SAAS,MAAM,MAAM;;;;;;;CAO3E,CACE,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,eAAe,CAC7B,IAAY,EACZ,MAAc,EACd,SAA2B,EAC3B,SAAiB,EACjB,QAAsB,EACtB,eAA+C,EAC/C,SAA6B;IAE7B,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,IAAI,UAAU,CAAC;IACxC,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,GAAG,EAAE,CAAC;IAEhC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CACxC,GAAG,IAAI,sBAAsB,EAC7B;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE,SAAS,EAAE;QACpD,IAAI,EAAE,EAAE,QAAQ,EAAE,aAAa,CAAC,MAAM,EAAE,GAAG,EAAE,eAAe,CAAC,EAAE;KAChE,EACD,EAAE,QAAQ,EAAE,SAAS,EAAE,CACxB,CAAC;IAEF,MAAM,MAAM,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,8BAA8B,EAAE,QAAQ,EAAE,CAAC;IAE/E,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CACxB,GAAG,IAAI,aAAa,EACpB;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE;QAC3C,IAAI,EAAE;YACJ,QAAQ,EAAE,CAAC;YACX,QAAQ,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE;YACjC,QAAQ,EAAE;gBACR,QAAQ,EAAE,EAAE,MAAM,EAAE;gBACpB,IAAI,EAAE;oBACJ,UAAU,EAAE;wBACV;4BACE,IAAI,EAAE,SAAS;4BACf,KAAK,EAAE,wBAAwB;4BAC/B,IAAI,EAAE,CAAC,OAAO,EAAE,uBAAuB,CAAC;4BACxC,KAAK,EAAE;gCACL,EAAE,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;gCACnD,EAAE,IAAI,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;6BACxD;4BACD,YAAY,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;4BAC/E,SAAS,EAAE;gCACT,QAAQ,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE;gCACxC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE;6BACvC;yBACF;qBACF;oBACD,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE,EAAE,CAAC;iBAC5E;aACF;SACF;KACF,EACD,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE,CACpC,CAAC;IAEF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CACrC,GAAG,IAAI,iBAAiB,EACxB;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,EAAE;QAC3C,IAAI,EAAE;YACJ,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE;gBACL,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;gBAC1D,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;aAC/D;SACF;KACF,EACD,EAAE,QAAQ,EAAE,CACb,CAAC;IAEF,OAAO;QACL,OAAO;QACP,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS;QACjC,IAAI;KACL,CAAC;AACJ,CAAC"}

package/dist/cjs/access/index.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Access gateway module — provider-agnostic remote cluster access.
+ *
+ * Supports Tailscale (always-on mesh) and WireGuard (self-hosted VPN).
+ * Optional split DNS for multi-cluster service discovery.
+ *
+ * @module access
+ */
+import type { IAccessGatewayConfig, IAccessGateway } from "./interfaces";
+export type { AccessGatewayProvider, IAccessDnsConfig, ITailscaleConfig, IWireGuardPeer, IWireGuardConfig, ITailscaleGatewayConfig, IWireGuardGatewayConfig, IAccessGatewayConfig, IAccessGateway, } from "./interfaces";
+export { ACCESS_GATEWAY_PROVIDERS } from "./interfaces";
+/**
+ * Create an access gateway for secure remote access to cluster services.
+ *
+ * @example
+ * ```typescript
+ * const gateway = createAccessGateway("vpn", {
+ *   cluster,
+ *   hostnamePrefix: "iad-1",
+ *   dns: { enabled: true, tld: "internal" },
+ *   provider: "tailscale",
+ *   tailscale: {
+ *     authKey: config.requireSecret("tailscaleAuthKey"),
+ *     routes: ["10.0.0.0/8"],
+ *   },
+ * });
+ * ```
+ */
+export declare function createAccessGateway(name: string, config: IAccessGatewayConfig): IAccessGateway;
+//# sourceMappingURL=index.d.ts.map

package/dist/cjs/access/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/access/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAKzE,YAAY,EACV,qBAAqB,EACrB,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,uBAAuB,EACvB,oBAAoB,EACpB,cAAc,GACf,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AAExD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,GAAG,cAAc,CAS9F"}

package/dist/cjs/access/index.js ADDED Viewed

@@ -0,0 +1,45 @@
+"use strict";
+/**
+ * Access gateway module — provider-agnostic remote cluster access.
+ *
+ * Supports Tailscale (always-on mesh) and WireGuard (self-hosted VPN).
+ * Optional split DNS for multi-cluster service discovery.
+ *
+ * @module access
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ACCESS_GATEWAY_PROVIDERS = void 0;
+exports.createAccessGateway = createAccessGateway;
+const tailscale_1 = require("./tailscale");
+const wireguard_1 = require("./wireguard");
+const types_1 = require("../types");
+var interfaces_1 = require("./interfaces");
+Object.defineProperty(exports, "ACCESS_GATEWAY_PROVIDERS", { enumerable: true, get: function () { return interfaces_1.ACCESS_GATEWAY_PROVIDERS; } });
+/**
+ * Create an access gateway for secure remote access to cluster services.
+ *
+ * @example
+ * ```typescript
+ * const gateway = createAccessGateway("vpn", {
+ *   cluster,
+ *   hostnamePrefix: "iad-1",
+ *   dns: { enabled: true, tld: "internal" },
+ *   provider: "tailscale",
+ *   tailscale: {
+ *     authKey: config.requireSecret("tailscaleAuthKey"),
+ *     routes: ["10.0.0.0/8"],
+ *   },
+ * });
+ * ```
+ */
+function createAccessGateway(name, config) {
+    switch (config.provider) {
+        case "tailscale":
+            return (0, tailscale_1.deployTailscale)(name, config);
+        case "wireguard":
+            return (0, wireguard_1.deployWireGuard)(name, config);
+        default:
+            return (0, types_1.assertNever)(config);
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/cjs/access/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/access/index.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAqCH,kDASC;AA3CD,2CAA8C;AAC9C,2CAA8C;AAC9C,oCAAuC;AAavC,2CAAwD;AAA/C,sHAAA,wBAAwB,OAAA;AAEjC;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,mBAAmB,CAAC,IAAY,EAAE,MAA4B;IAC5E,QAAQ,MAAM,CAAC,QAAQ,EAAE,CAAC;QACxB,KAAK,WAAW;YACd,OAAO,IAAA,2BAAe,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACvC,KAAK,WAAW;YACd,OAAO,IAAA,2BAAe,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACvC;YACE,OAAO,IAAA,mBAAW,EAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;AACH,CAAC"}

package/dist/cjs/access/interfaces.d.ts ADDED Viewed

@@ -0,0 +1,97 @@
+/**
+ * Access gateway interfaces for @reyemtech/nimbus.
+ *
+ * Provider-agnostic remote access to Kubernetes cluster services
+ * via Tailscale, WireGuard, or future providers.
+ *
+ * @module access/interfaces
+ */
+import type * as pulumi from "@pulumi/pulumi";
+import type * as k8s from "@pulumi/kubernetes";
+import type { ICluster } from "../cluster";
+import type { IExposedService } from "../types";
+/** Access gateway provider type. */
+export type AccessGatewayProvider = "tailscale" | "wireguard";
+/** Typed constant map for AccessGatewayProvider string literals. */
+export declare const ACCESS_GATEWAY_PROVIDERS: {
+    TAILSCALE: "tailscale";
+    WIREGUARD: "wireguard";
+};
+/** Split DNS configuration for service discovery. */
+export interface IAccessDnsConfig {
+    /** Enable split DNS for service discovery. Default: false. */
+    readonly enabled: boolean;
+    /** Top-level domain for service names. Default: "internal". */
+    readonly tld?: string;
+}
+/** Tailscale-specific configuration. */
+export interface ITailscaleConfig {
+    /** OAuth client ID (generate at Tailscale admin → Settings → OAuth). */
+    readonly oauthClientId: pulumi.Input<string>;
+    /** OAuth client secret. */
+    readonly oauthClientSecret: pulumi.Input<string>;
+    /** Subnet routes to advertise to the tailnet (e.g., ["10.0.0.0/8"]). */
+    readonly routes: ReadonlyArray<string>;
+    /** Tags for the operator node (e.g., ["tag:k8s-operator"]). Default: ["tag:k8s-operator"]. */
+    readonly tags?: ReadonlyArray<string>;
+    /** Services to expose as Tailscale devices. Collect from module .exposedServices outputs. */
+    readonly services?: ReadonlyArray<IExposedService>;
+    /** Tailscale Operator Helm chart version override. */
+    readonly version?: string;
+    /** Additional Helm values. */
+    readonly values?: Readonly<Record<string, unknown>>;
+}
+/** WireGuard peer (client) configuration. */
+export interface IWireGuardPeer {
+    /** Peer display name (used for config file naming). */
+    readonly name: string;
+    /** Peer's WireGuard public key. */
+    readonly publicKey: string;
+    /** IP addresses assigned to this peer within the VPN CIDR. */
+    readonly allowedIps: ReadonlyArray<string>;
+}
+/** WireGuard-specific configuration. */
+export interface IWireGuardConfig {
+    /** Public DNS name or IP for the WireGuard endpoint. */
+    readonly endpoint: string;
+    /** UDP listen port. Default: 51820. */
+    readonly listenPort?: number;
+    /** VPN tunnel CIDR (e.g., "10.100.0.0/24"). */
+    readonly serverCidr: string;
+    /** Subnet routes to push to clients (e.g., ["10.0.0.0/8"]). */
+    readonly routes: ReadonlyArray<string>;
+    /** Client peers. */
+    readonly peers: ReadonlyArray<IWireGuardPeer>;
+    /** WireGuard Helm chart version override. */
+    readonly version?: string;
+    /** Additional Helm values. */
+    readonly values?: Readonly<Record<string, unknown>>;
+}
+/** Tailscale access gateway config. */
+export interface ITailscaleGatewayConfig {
+    readonly cluster: ICluster;
+    readonly hostnamePrefix?: string;
+    readonly dns?: IAccessDnsConfig;
+    readonly provider: "tailscale";
+    readonly tailscale: ITailscaleConfig;
+}
+/** WireGuard access gateway config. */
+export interface IWireGuardGatewayConfig {
+    readonly cluster: ICluster;
+    readonly hostnamePrefix?: string;
+    readonly dns?: IAccessDnsConfig;
+    readonly provider: "wireguard";
+    readonly wireguard: IWireGuardConfig;
+}
+/** Access gateway config — discriminated union on provider. */
+export type IAccessGatewayConfig = ITailscaleGatewayConfig | IWireGuardGatewayConfig;
+/** Access gateway output. */
+export interface IAccessGateway {
+    readonly name: string;
+    readonly provider: AccessGatewayProvider;
+    readonly namespace: string;
+    readonly helmRelease: k8s.helm.v3.Release;
+    readonly serverPublicKey?: pulumi.Output<string>;
+    readonly clientConfigs?: pulumi.Output<Record<string, string>>;
+}
+//# sourceMappingURL=interfaces.d.ts.map

package/dist/cjs/access/interfaces.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../../src/access/interfaces.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC/C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAEhD,oCAAoC;AACpC,MAAM,MAAM,qBAAqB,GAAG,WAAW,GAAG,WAAW,CAAC;AAE9D,oEAAoE;AACpE,eAAO,MAAM,wBAAwB;;;CAGY,CAAC;AAElD,qDAAqD;AACrD,MAAM,WAAW,gBAAgB;IAC/B,8DAA8D;IAC9D,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,+DAA+D;IAC/D,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,wCAAwC;AACxC,MAAM,WAAW,gBAAgB;IAC/B,wEAAwE;IACxE,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7C,2BAA2B;IAC3B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjD,wEAAwE;IACxE,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACvC,8FAA8F;IAC9F,QAAQ,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,6FAA6F;IAC7F,QAAQ,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC,eAAe,CAAC,CAAC;IACnD,sDAAsD;IACtD,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,8BAA8B;IAC9B,QAAQ,CAAC,MAAM,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACrD;AAED,6CAA6C;AAC7C,MAAM,WAAW,cAAc;IAC7B,uDAAuD;IACvD,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,mCAAmC;IACnC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,8DAA8D;IAC9D,QAAQ,CAAC,UAAU,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC5C;AAED,wCAAwC;AACxC,MAAM,WAAW,gBAAgB;IAC/B,wDAAwD;IACxD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,uCAAuC;IACvC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,+CAA+C;IAC/C,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,+DAA+D;IAC/D,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACvC,oBAAoB;IACpB,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAC9C,6CAA6C;IAC7C,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,8BAA8B;IAC9B,QAAQ,CAAC,MAAM,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACrD;AAED,uCAAuC;AACvC,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC;IAC3B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,GAAG,CAAC,EAAE,gBAAgB,CAAC;IAChC,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;CACtC;AAED,uCAAuC;AACvC,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC;IAC3B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,GAAG,CAAC,EAAE,gBAAgB,CAAC;IAChC,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;CACtC;AAED,+DAA+D;AAC/D,MAAM,MAAM,oBAAoB,GAAG,uBAAuB,GAAG,uBAAuB,CAAC;AAErF,6BAA6B;AAC7B,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,QAAQ,EAAE,qBAAqB,CAAC;IACzC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;IAC1C,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACjD,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;CAChE"}

package/dist/cjs/access/interfaces.js ADDED Viewed

@@ -0,0 +1,17 @@
+"use strict";
+/**
+ * Access gateway interfaces for @reyemtech/nimbus.
+ *
+ * Provider-agnostic remote access to Kubernetes cluster services
+ * via Tailscale, WireGuard, or future providers.
+ *
+ * @module access/interfaces
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ACCESS_GATEWAY_PROVIDERS = void 0;
+/** Typed constant map for AccessGatewayProvider string literals. */
+exports.ACCESS_GATEWAY_PROVIDERS = {
+    TAILSCALE: "tailscale",
+    WIREGUARD: "wireguard",
+};
+//# sourceMappingURL=interfaces.js.map

package/dist/cjs/access/interfaces.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"interfaces.js","sourceRoot":"","sources":["../../../src/access/interfaces.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAUH,oEAAoE;AACvD,QAAA,wBAAwB,GAAG;IACtC,SAAS,EAAE,WAAoB;IAC/B,SAAS,EAAE,WAAoB;CACgB,CAAC"}

package/dist/cjs/access/proxy.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Reverse proxy for access gateway service exposure.
+ *
+ * Deploys a lightweight Nginx pod that routes by Host header
+ * to backend services, providing port 80 access to services
+ * running on non-standard ports (Prometheus :9090, Vault :8200, etc.).
+ *
+ * All services are accessed via: <label>.iad-1.internal:80
+ *
+ * @module access/proxy
+ */
+import * as k8s from "@pulumi/kubernetes";
+import * as pulumi from "@pulumi/pulumi";
+import type { IExposedService } from "../types";
+/**
+ * Deploy the access proxy — Nginx reverse proxy for exposed services.
+ *
+ * Returns the proxy ClusterIP service name for CoreDNS to resolve to.
+ */
+export declare function deployAccessProxy(name: string, services: ReadonlyArray<IExposedService>, dnsSuffix: string, namespace: string, provider: k8s.Provider, dependsOn?: pulumi.Resource[]): k8s.core.v1.Service;
+//# sourceMappingURL=proxy.d.ts.map

package/dist/cjs/access/proxy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"proxy.d.ts","sourceRoot":"","sources":["../../../src/access/proxy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,GAAG,MAAM,oBAAoB,CAAC;AAC1C,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAwDhD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,aAAa,CAAC,eAAe,CAAC,EACxC,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EACtB,SAAS,CAAC,EAAE,MAAM,CAAC,QAAQ,EAAE,GAC5B,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAsErB"}

package/dist/cjs/access/proxy.js ADDED Viewed

@@ -0,0 +1,155 @@
+"use strict";
+/**
+ * Reverse proxy for access gateway service exposure.
+ *
+ * Deploys a lightweight Nginx pod that routes by Host header
+ * to backend services, providing port 80 access to services
+ * running on non-standard ports (Prometheus :9090, Vault :8200, etc.).
+ *
+ * All services are accessed via: <label>.iad-1.internal:80
+ *
+ * @module access/proxy
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deployAccessProxy = deployAccessProxy;
+const k8s = __importStar(require("@pulumi/kubernetes"));
+const pulumi = __importStar(require("@pulumi/pulumi"));
+/**
+ * Build Nginx config from exposed services.
+ *
+ * Each service gets a server block matching its label as the hostname.
+ * All listen on port 80, proxy to the real service's port.
+ */
+function buildNginxConfig(services, dnsSuffix) {
+    const serviceConfigs = services.map((svc) => {
+        const upstream = pulumi
+            .output(svc.originalName ?? svc.name)
+            .apply((name) => `${name}.${svc.namespace}.svc.cluster.local:${svc.port}`);
+        return upstream.apply((u) => `    server {
+        listen 80;
+        server_name ${svc.label}.${dnsSuffix};
+        location / {
+            proxy_pass http://${u};
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+    }`);
+    });
+    return pulumi.all(serviceConfigs).apply((blocks) => `events {
+    worker_connections 256;
+}
+http {
+    resolver kube-dns.kube-system.svc.cluster.local valid=10s;
+${blocks.join("\n\n")}
+    # Default — return 404 for unknown hosts
+    server {
+        listen 80 default_server;
+        return 404;
+    }
+}
+`);
+}
+/**
+ * Deploy the access proxy — Nginx reverse proxy for exposed services.
+ *
+ * Returns the proxy ClusterIP service name for CoreDNS to resolve to.
+ */
+function deployAccessProxy(name, services, dnsSuffix, namespace, provider, dependsOn) {
+    const labels = {
+        app: "access-proxy",
+        "app.kubernetes.io/managed-by": "nimbus",
+    };
+    const configMap = new k8s.core.v1.ConfigMap(`${name}-access-proxy-config`, {
+        metadata: { name: "access-proxy-config", namespace },
+        data: {
+            "nginx.conf": buildNginxConfig(services, dnsSuffix),
+        },
+    }, { provider, dependsOn });
+    new k8s.apps.v1.Deployment(`${name}-access-proxy`, {
+        metadata: { name: "access-proxy", namespace },
+        spec: {
+            replicas: 1,
+            selector: { matchLabels: labels },
+            template: {
+                metadata: { labels },
+                spec: {
+                    containers: [
+                        {
+                            name: "nginx",
+                            image: "nginx:alpine",
+                            ports: [{ name: "http", containerPort: 80 }],
+                            volumeMounts: [
+                                {
+                                    name: "config",
+                                    mountPath: "/etc/nginx/nginx.conf",
+                                    subPath: "nginx.conf",
+                                    readOnly: true,
+                                },
+                            ],
+                            resources: {
+                                requests: { cpu: "5m", memory: "8Mi" },
+                                limits: { cpu: "50m", memory: "32Mi" },
+                            },
+                        },
+                    ],
+                    volumes: [
+                        {
+                            name: "config",
+                            configMap: { name: "access-proxy-config" },
+                        },
+                    ],
+                },
+            },
+        },
+    }, { provider, dependsOn: [configMap] });
+    return new k8s.core.v1.Service(`${name}-access-proxy-svc`, {
+        metadata: { name: "access-proxy", namespace },
+        spec: {
+            selector: labels,
+            ports: [{ name: "http", port: 80, targetPort: 80 }],
+        },
+    }, { provider });
+}
+//# sourceMappingURL=proxy.js.map

package/dist/cjs/access/proxy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"proxy.js","sourceRoot":"","sources":["../../../src/access/proxy.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiEH,8CA6EC;AA5ID,wDAA0C;AAC1C,uDAAyC;AAGzC;;;;;GAKG;AACH,SAAS,gBAAgB,CACvB,QAAwC,EACxC,SAAiB;IAEjB,MAAM,cAAc,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC1C,MAAM,QAAQ,GAAG,MAAM;aACpB,MAAM,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,IAAI,CAAC;aACpC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,IAAI,IAAI,GAAG,CAAC,SAAS,sBAAsB,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;QAE7E,OAAO,QAAQ,CAAC,KAAK,CACnB,CAAC,CAAC,EAAE,EAAE,CAAC;;sBAES,GAAG,CAAC,KAAK,IAAI,SAAS;;;gCAGZ,CAAC;;;;;;;;;MAS3B,CACD,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,KAAK,CACrC,CAAC,MAAM,EAAE,EAAE,CAAC;;;;;;;EAOd,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;;;;;;;;CAQpB,CACE,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,iBAAiB,CAC/B,IAAY,EACZ,QAAwC,EACxC,SAAiB,EACjB,SAAiB,EACjB,QAAsB,EACtB,SAA6B;IAE7B,MAAM,MAAM,GAAG;QACb,GAAG,EAAE,cAAc;QACnB,8BAA8B,EAAE,QAAQ;KACzC,CAAC;IAEF,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CACzC,GAAG,IAAI,sBAAsB,EAC7B;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE,SAAS,EAAE;QACpD,IAAI,EAAE;YACJ,YAAY,EAAE,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC;SACpD;KACF,EACD,EAAE,QAAQ,EAAE,SAAS,EAAE,CACxB,CAAC;IAEF,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CACxB,GAAG,IAAI,eAAe,EACtB;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE;QAC7C,IAAI,EAAE;YACJ,QAAQ,EAAE,CAAC;YACX,QAAQ,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE;YACjC,QAAQ,EAAE;gBACR,QAAQ,EAAE,EAAE,MAAM,EAAE;gBACpB,IAAI,EAAE;oBACJ,UAAU,EAAE;wBACV;4BACE,IAAI,EAAE,OAAO;4BACb,KAAK,EAAE,cAAc;4BACrB,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC;4BAC5C,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,QAAQ;oCACd,SAAS,EAAE,uBAAuB;oCAClC,OAAO,EAAE,YAAY;oCACrB,QAAQ,EAAE,IAAI;iCACf;6BACF;4BACD,SAAS,EAAE;gCACT,QAAQ,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE;gCACtC,MAAM,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE;6BACvC;yBACF;qBACF;oBACD,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,QAAQ;4BACd,SAAS,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE;yBAC3C;qBACF;iBACF;aACF;SACF;KACF,EACD,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CACrC,CAAC;IAEF,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAC5B,GAAG,IAAI,mBAAmB,EAC1B;QACE,QAAQ,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE;QAC7C,IAAI,EAAE;YACJ,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;SACpD;KACF,EACD,EAAE,QAAQ,EAAE,CACb,CAAC;AACJ,CAAC"}