@underpostnet/underpost 2.99.8 → 3.0.0

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "@underpostnet/underpost",
-    "version": "2.99.8",
+    "version": "3.0.0",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",
@@ -76,13 +76,13 @@
         "helmet": "^8.1.0",
         "html-minifier-terser": "^7.2.0",
         "http-proxy-middleware": "^2.0.6",
-        "ignore-walk": "^6.0.4",
+        "ignore-walk": "^8.0.0",
         "iovalkey": "^0.2.1",
         "json-colorizer": "^2.2.2",
         "jsonwebtoken": "^9.0.2",
         "mariadb": "^3.2.2",
         "marked": "^12.0.2",
-        "mocha": "^10.8.2",
+        "mocha": "^11.3.0",
         "mongoose": "^8.9.5",
         "morgan": "^1.10.0",
         "nodemailer": "^7.0.9",
@@ -92,12 +92,12 @@
         "prom-client": "^15.1.2",
         "read": "^2.1.0",
         "rrule": "^2.8.1",
-        "shelljs": "^0.8.5",
+        "shelljs": "^0.10.0",
         "sitemap": "^7.1.1",
         "socket.io": "^4.8.0",
         "sortablejs": "^1.15.0",
         "split-file": "^2.3.0",
-        "swagger-autogen": "^2.23.7",
+        "swagger-autogen": "^2.9.2",
         "swagger-ui-express": "^5.0.0",
         "uglify-js": "^3.17.4",
         "validator": "^13.11.0",

package/scripts/k3s-node-setup.sh

@@ -0,0 +1,89 @@
+#!/bin/bash
+set -e
+
+# ---------------------------------------------------------------------------
+# Underpost K3s Node Setup
+# Usage:
+#   --control                   Initialize as K3s control plane node (default)
+#   --worker                    Initialize as K3s worker node
+#   --control-ip=<ip>           Control plane IP (required for --worker)
+#   --token=<token>             K3s node token (required for --worker)
+# ---------------------------------------------------------------------------
+
+ROLE="control"
+CONTROL_IP=""
+K3S_TOKEN=""
+
+for arg in "$@"; do
+  case $arg in
+    --worker)         ROLE="worker" ;;
+    --control)        ROLE="control" ;;
+    --control-ip=*)   CONTROL_IP="${arg#*=}" ;;
+    --token=*)        K3S_TOKEN="${arg#*=}" ;;
+  esac
+done
+# ---------------------------------------------------------------------------
+# NVM and Node.js
+# ---------------------------------------------------------------------------
+echo "Installing NVM and Node.js v24.10.0..."
+
+curl -o- https://cdn.jsdelivr.net/gh/nvm-sh/nvm@v0.40.1/install.sh | bash
+
+export NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
+[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"
+
+nvm install 24.10.0
+nvm use 24.10.0
+
+echo "
+██╗░░░██╗███╗░░██╗██████╗░███████╗██████╗░██████╗░░█████╗░░██████╗████████╗
+██║░░░██║████╗░██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔══██╗██╔════╝╚══██╔══╝
+██║░░░██║██╔██╗██║██║░░██║█████╗░░██████╔╝██████╔╝██║░░██║╚█████╗░░░░██║░░░
+██║░░░██║██║╚████║██║░░██║██╔══╝░░██╔══██╗██╔═══╝░██║░░██║░╚═══██╗░░░██║░░░
+╚██████╔╝██║░╚███║██████╔╝███████╗██║░░██║██║░░░░░╚█████╔╝██████╔╝░░░██║░░░
+░╚═════╝░╚═╝░░╚══╝╚═════╝░╚══════╝╚═╝░░╚═╝╚═╝░░░░░░╚════╝░╚═════╝░░░░╚═╝░░░
+
+Installing underpost VM node...
+"
+
+npm install -g underpost
+
+cd /home/dd/engine
+
+echo "Applying host configuration..."
+
+underpost install
+
+node bin run secret
+
+node bin cluster --dev --config
+
+if [ "$ROLE" = "control" ]; then
+  echo "Initializing K3s control plane..."
+  node bin cluster --dev --k3s
+
+  echo ""
+  echo "K3s control plane is ready."
+  echo "Node token (share with workers to join this cluster):"
+  sudo cat /var/lib/rancher/k3s/server/node-token
+  echo ""
+  echo "Control plane IP addresses:"
+  ip -4 addr show scope global | grep inet | awk '{print $2}' | cut -d/ -f1
+
+elif [ "$ROLE" = "worker" ]; then
+  if [ -z "$CONTROL_IP" ] || [ -z "$K3S_TOKEN" ]; then
+    echo "ERROR: --control-ip and --token are required for worker role."
+    echo "Usage: bash k3s-node-setup.sh --worker --control-ip=<ip> --token=<token>"
+    exit 1
+  fi
+
+  echo "Joining K3s cluster at https://${CONTROL_IP}:6443..."
+  curl -sfL https://get.k3s.io | \
+    K3S_URL="https://${CONTROL_IP}:6443" \
+    K3S_TOKEN="${K3S_TOKEN}" \
+    sh -s - agent
+
+  echo ""
+  echo "K3s worker node joined the cluster at https://${CONTROL_IP}:6443 successfully."
+  sudo systemctl status k3s-agent --no-pager
+fi

package/scripts/lxd-vm-setup.sh

@@ -0,0 +1,23 @@
+
+echo "Expanding /dev/sda2 and resizing filesystem..."
+
+if ! command -v parted &>/dev/null; then
+  sudo dnf install -y parted
+fi
+
+sudo parted /dev/sda ---pretend-input-tty <<EOF
+unit s
+resizepart 2 100%
+Yes
+quit
+EOF
+
+sudo resize2fs /dev/sda2
+echo "Disk resized."
+
+echo "Installing essential packages..."
+sudo dnf install -y tar bzip2 git curl jq epel-release
+sudo dnf -y update
+
+echo "Loading br_netfilter module..."
+sudo modprobe br_netfilter

package/scripts/rocky-setup.sh

@@ -103,16 +103,4 @@ echo "[+] Cleanup: remove unnecessary packages and old metadata"
 dnf autoremove -y
 dnf clean all
 
-cat <<EOF
-
-Installation complete.
-- To allow SSH access (if this is a VM or server), open port 22 in firewalld:
-  sudo firewall-cmd --add-service=ssh --permanent && sudo firewall-cmd --reload
-- If you installed Development Tools, you will have gcc, make, etc.
-
-Examples:
-  sudo ./scripts/rocky-setup.sh --install-dev
-  INSTALL_DEV=1 sudo ./scripts/rocky-setup.sh
-
-Customize PACKAGES=(...) inside this script according to your needs (docker, podman, kube, mssql-tools, etc.).
-EOF
+echo "[+] Setup complete! Rocky Linux is now configured with the recommended base packages."

package/src/cli/baremetal.js

@@ -534,9 +534,6 @@ rm -rf ${artifacts.join(' ')}`);
       if (options.controlServerDbInstall === true) {
         // Deploy the database provider and manage MAAS database.
         shellExec(`node ${underpostRoot}/bin/deploy ${dbProviderId} install`);
-        shellExec(
-          `node ${underpostRoot}/bin/deploy pg-drop-db ${process.env.DB_PG_MAAS_NAME} ${process.env.DB_PG_MAAS_USER}`,
-        );
         shellExec(`node ${underpostRoot}/bin/deploy maas-db`);
         return;
       }
@@ -1150,8 +1147,9 @@ rm -rf ${artifacts.join(' ')}`);
           machine: machine ? machine.system_id : null,
         });
 
-        const { discovery, machine: discoveredMachine } =
-          await Underpost.baremetal.commissionMonitor(commissionMonitorPayload);
+        const { discovery, machine: discoveredMachine } = await Underpost.baremetal.commissionMonitor(
+          commissionMonitorPayload,
+        );
         if (discoveredMachine) machine = discoveredMachine;
       }
     },
@@ -2496,10 +2494,10 @@ fi
           const discoverHostname = discovery.hostname
             ? discovery.hostname
             : discovery.mac_organization
-              ? discovery.mac_organization
-              : discovery.domain
-                ? discovery.domain
-                : `generic-host-${s4()}${s4()}`;
+            ? discovery.mac_organization
+            : discovery.domain
+            ? discovery.domain
+            : `generic-host-${s4()}${s4()}`;
 
           console.log(discoverHostname.bgBlue.bold.white);
           console.log('ip target:'.green + ipAddress, 'ip discovered:'.green + discovery.ip);

package/src/cli/cluster.js

@@ -36,6 +36,7 @@ class UnderpostCluster {
      * @param {boolean} [options.mysql=false] - Deploy MySQL.
      * @param {boolean} [options.postgresql=false] - Deploy PostgreSQL.
      * @param {boolean} [options.valkey=false] - Deploy Valkey.
+     * @param {boolean} [options.ipfs=false] - Deploy ipfs-cluster statefulset.
      * @param {boolean} [options.full=false] - Deploy a full set of common components.
      * @param {boolean} [options.info=false] - Display extensive Kubernetes cluster information.
      * @param {boolean} [options.certManager=false] - Deploy Cert-Manager for certificate management.
@@ -57,10 +58,10 @@ class UnderpostCluster {
      * @param {string} [options.prom=''] - Initialize the cluster with a Prometheus Operator deployment and monitor scrap for specified hosts.
      * @param {boolean} [options.uninstallHost=false] - Uninstall all host components.
      * @param {boolean} [options.config=false] - Apply general host configuration (SELinux, containerd, sysctl, firewalld).
-     * @param {boolean} [options.worker=false] - Configure as a worker node (for Kubeadm or K3s join).
      * @param {boolean} [options.chown=false] - Set up kubectl configuration for the current user.
      * @param {boolean} [options.removeVolumeHostPaths=false] - Remove data from host paths used by Persistent Volumes.
      * @param {string} [options.hosts] - Set custom hosts entries.
+     * @param {string} [options.replicas] - Set the number of replicas for certain deployments.
      * @memberof UnderpostCluster
      */
     async init(
@@ -73,6 +74,7 @@ class UnderpostCluster {
         mysql: false,
         postgresql: false,
         valkey: false,
+        ipfs: false,
         full: false,
         info: false,
         certManager: false,
@@ -94,10 +96,10 @@ class UnderpostCluster {
         prom: '',
         uninstallHost: false,
         config: false,
-        worker: false,
         chown: false,
         removeVolumeHostPaths: false,
         hosts: '',
+        replicas: '',
       },
     ) {
       // Handles initial host setup (installing docker, podman, kind, kubeadm, helm)
@@ -140,11 +142,14 @@ class UnderpostCluster {
       }
 
       // Reset Kubernetes cluster components (Kind/Kubeadm/K3s) and container runtimes
-      if (options.reset === true)
+      if (options.reset === true) {
+        const clusterType = options.k3s === true ? 'k3s' : options.kubeadm === true ? 'kubeadm' : 'kind';
         return await Underpost.cluster.safeReset({
           underpostRoot,
           removeVolumeHostPaths: options.removeVolumeHostPaths,
+          clusterType,
         });
+      }
 
       // Check if a cluster (Kind, Kubeadm, or K3s) is already initialized
       const alreadyKubeadmCluster = Underpost.deploy.get('calico-kube-controllers')[0];
@@ -153,66 +158,20 @@ class UnderpostCluster {
       const alreadyK3sCluster = Underpost.deploy.get('svclb-traefik')[0];
 
       // --- Kubeadm/Kind/K3s Cluster Initialization ---
-      // This block handles the initial setup of the Kubernetes cluster (control plane or worker).
-      // It prevents re-initialization if a cluster is already detected.
-      if (!options.worker && !alreadyKubeadmCluster && !alreadyKindCluster && !alreadyK3sCluster) {
+      if (!alreadyKubeadmCluster && !alreadyKindCluster && !alreadyK3sCluster) {
         Underpost.cluster.config();
         if (options.k3s === true) {
           logger.info('Initializing K3s control plane...');
           // Install K3s
-          console.log('Installing K3s...');
+          logger.info('Installing K3s...');
           shellExec(`curl -sfL https://get.k3s.io | sh -`);
-          console.log('K3s installation completed.');
-
-          // Move k3s binary to /bin/k3s and make it executable
-          shellExec(`sudo mv /usr/local/bin/k3s /bin/k3s`);
-          shellExec(`sudo chmod +x /bin/k3s`);
-          console.log('K3s binary moved to /bin/k3s and made executable.');
+          logger.info('K3s installation completed.');
 
-          // Configure kubectl for the current user for K3s *before* checking readiness
-          // This ensures kubectl can find the K3s kubeconfig immediately after K3s installation.
           Underpost.cluster.chown('k3s');
 
-          // Wait for K3s to be ready
           logger.info('Waiting for K3s to be ready...');
-          let k3sReady = false;
-          let retries = 0;
-          const maxRetries = 20; // Increased retries for K3s startup
-          const delayMs = 5000; // 5 seconds
-
-          while (!k3sReady && retries < maxRetries) {
-            try {
-              // Explicitly use KUBECONFIG for kubectl commands to ensure it points to K3s config
-              const nodes = shellExec(`KUBECONFIG=/etc/rancher/k3s/k3s.yaml kubectl get nodes -o json`, {
-                stdout: true,
-                silent: true,
-              });
-              const parsedNodes = JSON.parse(nodes);
-              if (
-                parsedNodes.items.some((node) =>
-                  node.status.conditions.some((cond) => cond.type === 'Ready' && cond.status === 'True'),
-                )
-              ) {
-                k3sReady = true;
-                logger.info('K3s cluster is ready.');
-              } else {
-                logger.info(`K3s not yet ready. Retrying in ${delayMs / 1000} seconds...`);
-                await new Promise((resolve) => setTimeout(resolve, delayMs));
-              }
-            } catch (error) {
-              logger.info(`Error checking K3s status: ${error.message}. Retrying in ${delayMs / 1000} seconds...`);
-              await new Promise((resolve) => setTimeout(resolve, delayMs));
-            }
-            retries++;
-          }
-
-          if (!k3sReady) {
-            logger.error('K3s cluster did not become ready in time. Please check the K3s logs.');
-            return;
-          }
-
-          // K3s includes local-path-provisioner by default, so no need to install explicitly.
-          logger.info('K3s comes with local-path-provisioner by default. Skipping explicit installation.');
+          shellExec(`sudo systemctl is-active --wait k3s || sudo systemctl wait --for=active k3s.service`);
+          logger.info('K3s service is active.');
         } else if (options.kubeadm === true) {
           logger.info('Initializing Kubeadm control plane...');
           // Set default values if not provided
@@ -254,14 +213,6 @@ class UnderpostCluster {
           );
           Underpost.cluster.chown('kind'); // Pass 'kind' to chown
         }
-      } else if (options.worker === true) {
-        // Worker node specific configuration (kubeadm join command needs to be executed separately)
-        logger.info('Worker node configuration applied. Awaiting join command...');
-        // No direct cluster initialization here for workers. The `kubeadm join` or `k3s agent` command
-        // needs to be run on the worker after the control plane is up and a token is created.
-        // This part of the script is for general worker setup, not the join itself.
-      } else {
-        logger.warn('Cluster already initialized or worker flag not set for worker node.');
       }
 
       // --- Optional Component Deployments (Databases, Ingress, Cert-Manager) ---
@@ -307,36 +258,21 @@ EOF
       }
 
       if (options.full === true || options.valkey === true) {
-        if (options.pullImage === true) {
-          // shellExec(`sudo podman pull valkey/valkey:latest`);
-          if (!options.kubeadm && !options.k3s) {
-            // Only load if not kubeadm/k3s (Kind needs it)
-            shellExec(`docker pull valkey/valkey:latest`);
-            shellExec(`sudo kind load docker-image valkey/valkey:latest`);
-          } else if (options.kubeadm || options.k3s)
-            // For kubeadm/k3s, ensure it's available for containerd
-            shellExec(`sudo crictl pull valkey/valkey:latest`);
-        }
+        if (options.pullImage === true) Underpost.cluster.pullImage('valkey/valkey:latest', options);
         shellExec(`kubectl delete statefulset valkey-service -n ${options.namespace} --ignore-not-found`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/valkey -n ${options.namespace}`);
         await Underpost.test.statusMonitor('valkey-service', 'Running', 'pods', 1000, 60 * 10);
       }
+      if (options.ipfs) {
+        await Underpost.ipfs.deploy(options, underpostRoot);
+      }
       if (options.full === true || options.mariadb === true) {
         shellExec(
           `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(`kubectl delete statefulset mariadb-statefulset -n ${options.namespace} --ignore-not-found`);
 
-        if (options.pullImage === true) {
-          // shellExec(`sudo podman pull mariadb:latest`);
-          if (!options.kubeadm && !options.k3s) {
-            // Only load if not kubeadm/k3s (Kind needs it)
-            shellExec(`docker pull mariadb:latest`);
-            shellExec(`sudo kind load docker-image mariadb:latest`);
-          } else if (options.kubeadm || options.k3s)
-            // For kubeadm/k3s, ensure it's available for containerd
-            shellExec(`sudo crictl pull mariadb:latest`);
-        }
+        if (options.pullImage === true) Underpost.cluster.pullImage('mariadb:latest', options);
         shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml -n ${options.namespace}`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb -n ${options.namespace}`);
       }
@@ -350,30 +286,14 @@ EOF
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mysql -n ${options.namespace}`);
       }
       if (options.full === true || options.postgresql === true) {
-        if (options.pullImage === true) {
-          if (!options.kubeadm && !options.k3s) {
-            // Only load if not kubeadm/k3s (Kind needs it)
-            shellExec(`docker pull postgres:latest`);
-            shellExec(`sudo kind load docker-image postgres:latest`);
-          } else if (options.kubeadm || options.k3s)
-            // For kubeadm/k3s, ensure it's available for containerd
-            shellExec(`sudo crictl pull postgres:latest`);
-        }
+        if (options.pullImage === true) Underpost.cluster.pullImage('postgres:latest', options);
         shellExec(
           `sudo kubectl create secret generic postgres-secret --from-file=password=/home/dd/engine/engine-private/postgresql-password --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/postgresql -n ${options.namespace}`);
       }
       if (options.mongodb4 === true) {
-        if (options.pullImage === true) {
-          if (!options.kubeadm && !options.k3s) {
-            // Only load if not kubeadm/k3s (Kind needs it)
-            shellExec(`docker pull mongo:4.4`);
-            shellExec(`sudo kind load docker-image mongo:4.4`);
-          } else if (options.kubeadm || options.k3s)
-            // For kubeadm/k3s, ensure it's available for containerd
-            shellExec(`sudo crictl pull mongo:4.4`);
-        }
+        if (options.pullImage === true) Underpost.cluster.pullImage('mongo:4.4', options);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mongodb-4.4 -n ${options.namespace}`);
 
         const deploymentName = 'mongodb-deployment';
@@ -395,15 +315,7 @@ EOF
           );
         }
       } else if (options.full === true || options.mongodb === true) {
-        if (options.pullImage === true) {
-          if (!options.kubeadm && !options.k3s) {
-            // Only load if not kubeadm/k3s (Kind needs it)
-            shellExec(`docker pull mongo:latest`);
-            shellExec(`sudo kind load docker-image mongo:latest`);
-          } else if (options.kubeadm || options.k3s)
-            // For kubeadm/k3s, ensure it's available for containerd
-            shellExec(`sudo crictl pull mongo:latest`);
-        }
+        if (options.pullImage === true) Underpost.cluster.pullImage('mongo:latest', options);
         shellExec(
           `sudo kubectl create secret generic mongodb-keyfile --from-file=/home/dd/engine/engine-private/mongodb-keyfile --dry-run=client -o yaml | kubectl apply -f - -n ${options.namespace}`,
         );
@@ -464,6 +376,32 @@ EOF
       }
     },
 
+    /**
+     * @method pullImage
+     * @description Pulls a container image using the appropriate runtime based on the cluster type.
+     * - For Kind clusters: pulls via Docker and loads the image into the Kind cluster.
+     * - For Kubeadm/K3s clusters: pulls via crictl (containerd).
+     * @param {string} image - The fully-qualified container image reference (e.g. 'mongo:latest').
+     * @param {object} options - The cluster options object from `init`.
+     * @param {boolean} [options.kubeadm=false] - Whether the cluster is Kubeadm-based.
+     * @param {boolean} [options.k3s=false] - Whether the cluster is K3s-based.
+     * @memberof UnderpostCluster
+     */
+    pullImage(image, options = { kubeadm: false, k3s: false }) {
+      if (!options.kubeadm && !options.k3s) {
+        const tarPath = `/tmp/kind-image-${image.replace(/[\/:]/g, '-')}.tar`;
+        shellExec(`docker pull ${image}`);
+        shellExec(`docker save ${image} -o ${tarPath}`);
+        shellExec(
+          `for node in $(kind get nodes); do cat ${tarPath} | docker exec -i $node ctr --namespace=k8s.io images import -; done`,
+        );
+        shellExec(`rm -f ${tarPath}`);
+      } else if (options.kubeadm || options.k3s) {
+        // Kubeadm / K3s: use crictl to pull directly into containerd
+        shellExec(`sudo crictl pull ${image}`);
+      }
+    },
+
     /**
      * @method config
      * @description Configures host-level settings required for Kubernetes.
@@ -570,12 +508,15 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`,
      * @description Performs a complete reset of the Kubernetes cluster and its container environments.
      * This version focuses on correcting persistent permission errors (such as 'permission denied'
      * in coredns) by restoring SELinux security contexts and safely cleaning up cluster artifacts.
+     * Only the uninstall/delete commands specific to the given clusterType are executed; all other
+     * cleanup steps (log truncation, filesystem, network) are always run as generic k8s resets.
      * @param {object} [options] - Configuration options for the reset.
      * @param {string} [options.underpostRoot] - The root path of the underpost project.
      * @param {boolean} [options.removeVolumeHostPaths=false] - Whether to remove data from host paths used by Persistent Volumes.
+     * @param {string} [options.clusterType='kind'] - The type of cluster to reset: 'kind', 'kubeadm', or 'k3s'.
      * @memberof UnderpostCluster
      */
-    async safeReset(options = { underpostRoot: '.', removeVolumeHostPaths: false }) {
+    async safeReset(options = { underpostRoot: '.', removeVolumeHostPaths: false, clusterType: 'kind' }) {
       logger.info('Starting a safe and comprehensive reset of Kubernetes and container environments...');
 
       try {
@@ -645,14 +586,22 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`,
         // Safely unmount pod filesystems to avoid errors.
         shellExec('sudo umount -f /var/lib/kubelet/pods/*/*');
 
-        // Phase 3: Execute official uninstallation commands
-        logger.info('Phase 3/7: Executing official reset and uninstallation commands...');
-        logger.info('  -> Executing kubeadm reset...');
-        shellExec('sudo kubeadm reset --force');
-        logger.info('  -> Executing K3s uninstallation script if it exists...');
-        shellExec('sudo /usr/local/bin/k3s-uninstall.sh');
-        logger.info('  -> Deleting Kind clusters...');
-        shellExec('kind get clusters | xargs -r -t -n1 kind delete cluster');
+        // Phase 3: Execute official uninstallation commands (type-specific)
+        const clusterType = options.clusterType || 'kind';
+        logger.info(
+          `Phase 3/7: Executing official reset/uninstallation commands for cluster type: '${clusterType}'...`,
+        );
+        if (clusterType === 'kubeadm') {
+          logger.info('  -> Executing kubeadm reset...');
+          shellExec('sudo kubeadm reset --force');
+        } else if (clusterType === 'k3s') {
+          logger.info('  -> Executing K3s uninstallation script if it exists...');
+          shellExec('sudo /usr/local/bin/k3s-uninstall.sh');
+        } else {
+          // Default: kind
+          logger.info('  -> Deleting Kind clusters...');
+          shellExec('kind get clusters | xargs -r -t -n1 kind delete cluster');
+        }
 
         // Phase 4: File system cleanup
         logger.info('Phase 4/7: Cleaning up remaining file system artifacts...');
@@ -672,9 +621,6 @@ net.ipv4.ip_forward = 1' | sudo tee ${iptableConfPath}`,
         // Remove iptables rules and CNI network interfaces.
         shellExec('sudo iptables -F');
         shellExec('sudo iptables -t nat -F');
-        // Restore iptables rules
-        shellExec(`chmod +x ${options.underpostRoot}/scripts/nat-iptables.sh`);
-        shellExec(`${options.underpostRoot}/scripts/nat-iptables.sh`, { silent: true });
         shellExec('sudo ip link del cni0');
         shellExec('sudo ip link del flannel.1');
 
@@ -772,6 +718,11 @@ EOF`);
       shellExec(`chmod +x /usr/local/bin/helm`);
       shellExec(`sudo mv /usr/local/bin/helm /bin/helm`);
       shellExec(`sudo rm -rf get_helm.sh`);
+
+      // Install snap
+      shellExec(`sudo yum install -y snapd`);
+      shellExec(`sudo systemctl enable --now snapd.socket`);
+
       console.log('Host prerequisites installed successfully.');
     },
 

package/src/cli/deploy.js

@@ -491,6 +491,7 @@ spec:
         retryPerTryTimeout: '',
         kindType: '',
         port: 0,
+        exposePort: 0,
         cmd: '',
       },
     ) {
@@ -573,11 +574,13 @@ EOF`);
         if (options.expose === true) {
           const kindType = options.kindType ? options.kindType : 'svc';
           const svc = Underpost.deploy.get(deployId, kindType)[0];
-          const port = options.port
-            ? options.port
-            : kindType !== 'svc'
-              ? 80
-              : parseInt(svc[`PORT(S)`].split('/TCP')[0]);
+          const port = options.exposePort
+            ? parseInt(options.exposePort)
+            : options.port
+              ? parseInt(options.port)
+              : kindType !== 'svc'
+                ? 80
+                : parseInt(svc[`PORT(S)`].split('/TCP')[0]);
           logger.info(deployId, {
             svc,
             port,