@yaop/obsidian-r2-sync 0.0.1 → 0.1.1

package/dist/lib/cloudflare.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Read the pre-built Worker bundle.
+ *
+ * When installed from npm, the worker bundle is at dist/worker/index.js
+ * (copied there by the prepack script). In the monorepo during development,
+ * it falls back to the workspace-relative path.
+ */
+export declare function readWorkerBundle(bundlePath?: string): string;
+export interface ProvisioningConfig {
+    apiToken: string;
+    accountId: string;
+    bucketName: string;
+    workerName: string;
+}
+/**
+ * Wrapper around the Cloudflare SDK for infrastructure provisioning.
+ */
+export declare class CloudflareClient {
+    private client;
+    private accountId;
+    constructor(apiToken: string, accountId: string);
+    /**
+     * List available accounts to auto-detect account ID.
+     */
+    listAccounts(): Promise<Array<{
+        id: string;
+        name: string;
+    }>>;
+    /**
+     * Create an R2 bucket (idempotent — returns existing if it already exists).
+     */
+    ensureBucket(bucketName: string): Promise<{
+        name: string;
+        created: boolean;
+    }>;
+    /**
+     * Delete an R2 bucket.
+     */
+    deleteBucket(bucketName: string): Promise<void>;
+    /**
+     * Create an R2-scoped API token and derive S3 credentials from it.
+     *
+     * Uses the account-level token API (POST /accounts/{id}/tokens) instead of
+     * the user-level API, so it only requires normal account permissions — no
+     * special "User API Tokens: Edit" permission needed.
+     *
+     * The Cloudflare API token's `id` becomes the Access Key ID,
+     * and `SHA-256(token value)` becomes the Secret Access Key.
+     */
+    createR2Token(bucketName: string): Promise<{
+        accessKeyId: string;
+        secretAccessKey: string;
+        tokenId: string;
+    }>;
+    /**
+     * Deploy a Worker script.
+     * For MVP, we upload a pre-built worker bundle.
+     */
+    deployWorker(workerName: string, scriptContent: string, bindings: {
+        r2BucketName: string;
+        authSecret: string;
+        cfAccountId?: string;
+        cfAccessKeyId?: string;
+        cfSecretAccessKey?: string;
+    }): Promise<{
+        url: string;
+    }>;
+    /**
+     * Delete a Worker.
+     */
+    deleteWorker(workerName: string): Promise<void>;
+    /**
+     * Update a single secret on a deployed Worker without redeploying the whole script.
+     */
+    putSecret(workerName: string, secretName: string, secretValue: string): Promise<void>;
+    /**
+     * Generate an HMAC-based auth token for a device.
+     */
+    static generateToken(authSecret: string, deviceId: string): Promise<string>;
+}
+//# sourceMappingURL=cloudflare.d.ts.map

package/dist/lib/cloudflare.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.d.ts","sourceRoot":"","sources":["../../src/lib/cloudflare.ts"],"names":[],"mappings":"AAQA;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,CA6B5D;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,SAAS,CAAS;gBAEd,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;IAK/C;;OAEG;IACG,YAAY,IAAI,OAAO,CAAC,KAAK,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAWlE;;OAEG;IACG,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAmBnF;;OAEG;IACG,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMrD;;;;;;;;;OASG;IACG,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC;QAC/C,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IAgEF;;;OAGG;IACG,YAAY,CAChB,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE;QACR,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;KAC5B,GACA,OAAO,CAAC;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IA2D3B;;OAEG;IACG,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMrD;;OAEG;IACG,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAS3F;;OAEG;WACU,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAelF"}

package/dist/lib/cloudflare.js

@@ -0,0 +1,245 @@
+import Cloudflare from "cloudflare";
+import { createHash } from "node:crypto";
+import { readFileSync } from "node:fs";
+import { resolve, dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+const __dirname = dirname(fileURLToPath(import.meta.url));
+/**
+ * Read the pre-built Worker bundle.
+ *
+ * When installed from npm, the worker bundle is at dist/worker/index.js
+ * (copied there by the prepack script). In the monorepo during development,
+ * it falls back to the workspace-relative path.
+ */
+export function readWorkerBundle(bundlePath) {
+    if (bundlePath) {
+        try {
+            return readFileSync(bundlePath, "utf-8");
+        }
+        catch {
+            throw new Error(`Worker bundle not found at ${bundlePath}.`);
+        }
+    }
+    // 1. Check bundled location (npm install / npx)
+    const bundledPath = resolve(__dirname, "../worker/index.js");
+    try {
+        return readFileSync(bundledPath, "utf-8");
+    }
+    catch {
+        // not found — fall through
+    }
+    // 2. Fall back to monorepo-relative path (local dev)
+    const monoRepoPath = resolve(__dirname, "../../../worker/dist/index.js");
+    try {
+        return readFileSync(monoRepoPath, "utf-8");
+    }
+    catch {
+        throw new Error(`Worker bundle not found.\n` +
+            `  Checked: ${bundledPath}\n` +
+            `  Checked: ${monoRepoPath}\n` +
+            `Run "pnpm --filter @obsidian-r2-sync/worker build" first.`);
+    }
+}
+/**
+ * Wrapper around the Cloudflare SDK for infrastructure provisioning.
+ */
+export class CloudflareClient {
+    client;
+    accountId;
+    constructor(apiToken, accountId) {
+        this.client = new Cloudflare({ apiToken });
+        this.accountId = accountId;
+    }
+    /**
+     * List available accounts to auto-detect account ID.
+     */
+    async listAccounts() {
+        // Use a single page request instead of the auto-paginating iterator,
+        // which has a bug where it infinitely re-fetches the same page.
+        const page = await this.client.accounts.list();
+        const result = [];
+        for (const account of page.result) {
+            result.push({ id: account.id, name: account.name });
+        }
+        return result;
+    }
+    /**
+     * Create an R2 bucket (idempotent — returns existing if it already exists).
+     */
+    async ensureBucket(bucketName) {
+        try {
+            // Check if bucket already exists
+            const buckets = await this.client.r2.buckets.list({ account_id: this.accountId });
+            const existing = buckets.buckets?.find((b) => b.name === bucketName);
+            if (existing) {
+                return { name: bucketName, created: false };
+            }
+        }
+        catch {
+            // List failed, try creating
+        }
+        await this.client.r2.buckets.create({
+            account_id: this.accountId,
+            name: bucketName,
+        });
+        return { name: bucketName, created: true };
+    }
+    /**
+     * Delete an R2 bucket.
+     */
+    async deleteBucket(bucketName) {
+        await this.client.r2.buckets.delete(bucketName, {
+            account_id: this.accountId,
+        });
+    }
+    /**
+     * Create an R2-scoped API token and derive S3 credentials from it.
+     *
+     * Uses the account-level token API (POST /accounts/{id}/tokens) instead of
+     * the user-level API, so it only requires normal account permissions — no
+     * special "User API Tokens: Edit" permission needed.
+     *
+     * The Cloudflare API token's `id` becomes the Access Key ID,
+     * and `SHA-256(token value)` becomes the Secret Access Key.
+     */
+    async createR2Token(bucketName) {
+        // Step 1: Find the R2 permission group IDs via the account-level endpoint.
+        // Use .result directly to avoid the SDK's auto-paginating iterator bug.
+        const permissionGroupsPage = await this.client.accounts.tokens.permissionGroups.list({
+            account_id: this.accountId,
+        });
+        const permissionGroups = [...permissionGroupsPage.result];
+        // Look for R2 object read/write permissions (scoped to r2.bucket)
+        const r2WriteGroup = permissionGroups.find((g) => g.name?.includes("Workers R2 Storage Bucket Item Write"));
+        const r2ReadGroup = permissionGroups.find((g) => g.name?.includes("Workers R2 Storage Bucket Item Read") &&
+            !g.name?.includes("Write"));
+        if (!r2WriteGroup?.id) {
+            throw new Error("Could not find R2 write permission group. " +
+                "Available groups: " +
+                permissionGroups
+                    .filter((g) => g.name?.includes("R2"))
+                    .map((g) => g.name)
+                    .join(", "));
+        }
+        // Step 2: Create the token with R2 bucket-scoped permissions
+        const policyPermissions = [{ id: r2WriteGroup.id }];
+        if (r2ReadGroup?.id && r2ReadGroup.id !== r2WriteGroup.id) {
+            policyPermissions.push({ id: r2ReadGroup.id });
+        }
+        const token = await this.client.accounts.tokens.create({
+            account_id: this.accountId,
+            name: `obsidian-r2-sync-${bucketName}`,
+            policies: [
+                {
+                    effect: "allow",
+                    permission_groups: policyPermissions,
+                    resources: {
+                        [`com.cloudflare.edge.r2.bucket.${this.accountId}_default_${bucketName}`]: "*",
+                    },
+                },
+            ],
+        });
+        const tokenValue = token.value;
+        const tokenId = token.id;
+        // Step 3: Derive S3 credentials
+        // Access Key ID = token ID
+        // Secret Access Key = SHA-256(token value)
+        const secretAccessKey = createHash("sha256").update(tokenValue).digest("hex");
+        return {
+            accessKeyId: tokenId,
+            secretAccessKey,
+            tokenId,
+        };
+    }
+    /**
+     * Deploy a Worker script.
+     * For MVP, we upload a pre-built worker bundle.
+     */
+    async deployWorker(workerName, scriptContent, bindings) {
+        // Build the bindings list
+        // Using `as never` to work around the SDK's strict union types for bindings
+        const workerBindings = [
+            {
+                type: "r2_bucket",
+                name: "BUCKET",
+                bucket_name: bindings.r2BucketName,
+            },
+            {
+                type: "secret_text",
+                name: "AUTH_SECRET",
+                text: bindings.authSecret,
+            },
+            {
+                type: "plain_text",
+                name: "BUCKET_NAME",
+                text: bindings.r2BucketName,
+            },
+            ...(bindings.cfAccountId
+                ? [{ type: "secret_text", name: "CF_ACCOUNT_ID", text: bindings.cfAccountId }]
+                : []),
+            ...(bindings.cfAccessKeyId
+                ? [{ type: "secret_text", name: "CF_ACCESS_KEY_ID", text: bindings.cfAccessKeyId }]
+                : []),
+            ...(bindings.cfSecretAccessKey
+                ? [{ type: "secret_text", name: "CF_SECRET_ACCESS_KEY", text: bindings.cfSecretAccessKey }]
+                : []),
+        ];
+        // Upload the worker script as an ES module
+        await this.client.workers.scripts.update(workerName, {
+            account_id: this.accountId,
+            metadata: {
+                main_module: "index.js",
+                compatibility_date: "2025-02-01",
+                bindings: workerBindings,
+            },
+            files: {
+                "index.js": new File([scriptContent], "index.js", {
+                    type: "application/javascript+module",
+                }),
+            },
+        });
+        // Enable the workers.dev route
+        await this.client.workers.scripts.subdomain.create(workerName, {
+            account_id: this.accountId,
+            enabled: true,
+        });
+        // Get the account's workers.dev subdomain to build the URL
+        const subdomainInfo = await this.client.workers.accountSettings.get({
+            account_id: this.accountId,
+        });
+        const accountSubdomain = subdomainInfo.subdomain;
+        return { url: `https://${workerName}.${accountSubdomain}.workers.dev` };
+    }
+    /**
+     * Delete a Worker.
+     */
+    async deleteWorker(workerName) {
+        await this.client.workers.scripts.delete(workerName, {
+            account_id: this.accountId,
+        });
+    }
+    /**
+     * Update a single secret on a deployed Worker without redeploying the whole script.
+     */
+    async putSecret(workerName, secretName, secretValue) {
+        await this.client.workers.scripts.secrets.update(workerName, {
+            account_id: this.accountId,
+            name: secretName,
+            text: secretValue,
+            type: "secret_text",
+        });
+    }
+    /**
+     * Generate an HMAC-based auth token for a device.
+     */
+    static async generateToken(authSecret, deviceId) {
+        const encoder = new TextEncoder();
+        const key = await crypto.subtle.importKey("raw", encoder.encode(authSecret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+        const signature = await crypto.subtle.sign("HMAC", key, encoder.encode(deviceId));
+        const hmacHex = Array.from(new Uint8Array(signature))
+            .map((b) => b.toString(16).padStart(2, "0"))
+            .join("");
+        return `${deviceId}:${hmacHex}`;
+    }
+}
+//# sourceMappingURL=cloudflare.js.map

package/dist/lib/cloudflare.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloudflare.js","sourceRoot":"","sources":["../../src/lib/cloudflare.ts"],"names":[],"mappings":"AAAA,OAAO,UAAU,MAAM,YAAY,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAE1D;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,UAAmB;IAClD,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC;YACH,OAAO,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,8BAA8B,UAAU,GAAG,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAC;IAC7D,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IAED,qDAAqD;IACrD,MAAM,YAAY,GAAG,OAAO,CAAC,SAAS,EAAE,+BAA+B,CAAC,CAAC;IACzE,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,4BAA4B;YAC5B,cAAc,WAAW,IAAI;YAC7B,cAAc,YAAY,IAAI;YAC9B,2DAA2D,CAC5D,CAAC;IACJ,CAAC;AACH,CAAC;AASD;;GAEG;AACH,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAa;IACnB,SAAS,CAAS;IAE1B,YAAY,QAAgB,EAAE,SAAiB;QAC7C,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY;QAChB,qEAAqE;QACrE,gEAAgE;QAChE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC/C,MAAM,MAAM,GAAwC,EAAE,CAAC;QACvD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAClC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACtD,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,UAAkB;QACnC,IAAI,CAAC;YACH,iCAAiC;YACjC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAClF,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;YACrE,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;YAC9C,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,4BAA4B;QAC9B,CAAC;QAED,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;YAClC,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,IAAI,EAAE,UAAU;SACjB,CAAC,CAAC;QACH,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,UAAkB;QACnC,MAAM,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE;YAC9C,UAAU,EAAE,IAAI,CAAC,SAAS;SAC3B,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,aAAa,CAAC,UAAkB;QAKpC,2EAA2E;QAC3E,wEAAwE;QACxE,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC;YACnF,UAAU,EAAE,IAAI,CAAC,SAAS;SAC3B,CAAC,CAAC;QACH,MAAM,gBAAgB,GAAG,CAAC,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAE1D,kEAAkE;QAClE,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,sCAAsC,CAAC,CAChE,CAAC;QAEF,MAAM,WAAW,GAAG,gBAAgB,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,qCAAqC,CAAC;YACvD,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,CAClC,CAAC;QAEF,IAAI,CAAC,YAAY,EAAE,EAAE,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CACb,4CAA4C;gBAC5C,oBAAoB;gBACpB,gBAAgB;qBACb,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC;qBACrC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;qBAClB,IAAI,CAAC,IAAI,CAAC,CACd,CAAC;QACJ,CAAC;QAED,6DAA6D;QAC7D,MAAM,iBAAiB,GAA0B,CAAC,EAAE,EAAE,EAAE,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;QAC3E,IAAI,WAAW,EAAE,EAAE,IAAI,WAAW,CAAC,EAAE,KAAK,YAAY,CAAC,EAAE,EAAE,CAAC;YAC1D,iBAAiB,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC;YACrD,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,IAAI,EAAE,oBAAoB,UAAU,EAAE;YACtC,QAAQ,EAAE;gBACR;oBACE,MAAM,EAAE,OAAO;oBACf,iBAAiB,EAAE,iBAAiB;oBACpC,SAAS,EAAE;wBACT,CAAC,iCAAiC,IAAI,CAAC,SAAS,YAAY,UAAU,EAAE,CAAC,EAAE,GAAG;qBAC/E;iBACF;aACF;SACF,CAAC,CAAC;QAEH,MAAM,UAAU,GAAI,KAAsC,CAAC,KAAK,CAAC;QACjE,MAAM,OAAO,GAAG,KAAK,CAAC,EAAY,CAAC;QAEnC,gCAAgC;QAChC,2BAA2B;QAC3B,2CAA2C;QAC3C,MAAM,eAAe,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE9E,OAAO;YACL,WAAW,EAAE,OAAO;YACpB,eAAe;YACf,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAChB,UAAkB,EAClB,aAAqB,EACrB,QAMC;QAED,0BAA0B;QAC1B,4EAA4E;QAC5E,MAAM,cAAc,GAAG;YACrB;gBACE,IAAI,EAAE,WAAoB;gBAC1B,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,QAAQ,CAAC,YAAY;aACnC;YACD;gBACE,IAAI,EAAE,aAAsB;gBAC5B,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,QAAQ,CAAC,UAAU;aAC1B;YACD;gBACE,IAAI,EAAE,YAAqB;gBAC3B,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,QAAQ,CAAC,YAAY;aAC5B;YACD,GAAG,CAAC,QAAQ,CAAC,WAAW;gBACtB,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,aAAsB,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACvF,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,QAAQ,CAAC,aAAa;gBACxB,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,aAAsB,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,CAAC,aAAa,EAAE,CAAC;gBAC5F,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,QAAQ,CAAC,iBAAiB;gBAC5B,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,aAAsB,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,QAAQ,CAAC,iBAAiB,EAAE,CAAC;gBACpG,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;QAEF,2CAA2C;QAC3C,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE;YACnD,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,QAAQ,EAAE;gBACR,WAAW,EAAE,UAAU;gBACvB,kBAAkB,EAAE,YAAY;gBAChC,QAAQ,EAAE,cAAuB;aAClC;YACD,KAAK,EAAE;gBACL,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE;oBAChD,IAAI,EAAE,+BAA+B;iBACtC,CAAC;aACH;SACF,CAAC,CAAC;QAEH,+BAA+B;QAC/B,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE;YAC7D,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,2DAA2D;QAC3D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,CAAC;YAClE,UAAU,EAAE,IAAI,CAAC,SAAS;SAC3B,CAAC,CAAC;QACH,MAAM,gBAAgB,GAAI,aAAkD,CAAC,SAAS,CAAC;QACvF,OAAO,EAAE,GAAG,EAAE,WAAW,UAAU,IAAI,gBAAgB,cAAc,EAAE,CAAC;IAC1E,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,UAAkB;QACnC,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE;YACnD,UAAU,EAAE,IAAI,CAAC,SAAS;SAC3B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,UAAkB,EAAE,UAAkB,EAAE,WAAmB;QACzE,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE;YAC3D,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,WAAW;YACjB,IAAI,EAAE,aAAa;SACpB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,UAAkB,EAAE,QAAgB;QAC7D,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAC1B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,EACjC,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;aAClD,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;QACZ,OAAO,GAAG,QAAQ,IAAI,OAAO,EAAE,CAAC;IAClC,CAAC;CACF"}

package/dist/lib/config.d.ts

@@ -0,0 +1,23 @@
+export interface CliConfig {
+    apiToken?: string;
+    accountId?: string;
+    workerName?: string;
+    bucketName?: string;
+    authSecret?: string;
+    r2AccessKeyId?: string;
+    r2SecretAccessKey?: string;
+    workerUrl?: string;
+}
+/**
+ * Load saved CLI config from ~/.obsidian-r2-sync.json
+ */
+export declare function loadConfig(): CliConfig;
+/**
+ * Save CLI config to ~/.obsidian-r2-sync.json
+ */
+export declare function saveConfig(config: CliConfig): void;
+/**
+ * Merge new values into the existing config and save.
+ */
+export declare function updateConfig(partial: Partial<CliConfig>): void;
+//# sourceMappingURL=config.d.ts.map

package/dist/lib/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,wBAAgB,UAAU,IAAI,SAAS,CAOtC;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAElD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,GAAG,IAAI,CAG9D"}

package/dist/lib/config.js

@@ -0,0 +1,30 @@
+import { readFileSync, writeFileSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+const CONFIG_FILE = join(homedir(), ".obsidian-r2-sync.json");
+/**
+ * Load saved CLI config from ~/.obsidian-r2-sync.json
+ */
+export function loadConfig() {
+    try {
+        const content = readFileSync(CONFIG_FILE, "utf-8");
+        return JSON.parse(content);
+    }
+    catch {
+        return {};
+    }
+}
+/**
+ * Save CLI config to ~/.obsidian-r2-sync.json
+ */
+export function saveConfig(config) {
+    writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2) + "\n", "utf-8");
+}
+/**
+ * Merge new values into the existing config and save.
+ */
+export function updateConfig(partial) {
+    const existing = loadConfig();
+    saveConfig({ ...existing, ...partial });
+}
+//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,wBAAwB,CAAC,CAAC;AAa9D;;GAEG;AACH,MAAM,UAAU,UAAU;IACxB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACnD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAc,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,MAAiB;IAC1C,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AAC9E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,OAA2B;IACtD,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC;IAC9B,UAAU,CAAC,EAAE,GAAG,QAAQ,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC1C,CAAC"}

package/dist/lib/prompts.d.ts

@@ -0,0 +1,10 @@
+export declare function promptApiToken(): Promise<string>;
+export declare function promptAccountId(accounts: Array<{
+    id: string;
+    name: string;
+}>): Promise<string>;
+export declare function promptBucketName(): Promise<string>;
+export declare function promptWorkerName(): Promise<string>;
+export declare function promptDeviceId(): Promise<string>;
+export declare function confirmAction(message: string): Promise<boolean>;
+//# sourceMappingURL=prompts.d.ts.map

package/dist/lib/prompts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.d.ts","sourceRoot":"","sources":["../../src/lib/prompts.ts"],"names":[],"mappings":"AAEA,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED,wBAAsB,eAAe,CACnC,QAAQ,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,GAC5C,OAAO,CAAC,MAAM,CAAC,CAcjB;AAED,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC,CAiBxD;AAED,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC,CAUxD;AAED,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAUtD;AAED,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAUrE"}

package/dist/lib/prompts.js

@@ -0,0 +1,80 @@
+import inquirer from "inquirer";
+export async function promptApiToken() {
+    const { token } = await inquirer.prompt([
+        {
+            type: "password",
+            name: "token",
+            message: "Enter your Cloudflare API token:",
+            mask: "*",
+            validate: (input) => input.length > 0 || "API token is required",
+        },
+    ]);
+    return token;
+}
+export async function promptAccountId(accounts) {
+    if (accounts.length === 1) {
+        return accounts[0].id;
+    }
+    const { accountId } = await inquirer.prompt([
+        {
+            type: "list",
+            name: "accountId",
+            message: "Select a Cloudflare account:",
+            choices: accounts.map((a) => ({ name: `${a.name} (${a.id})`, value: a.id })),
+        },
+    ]);
+    return accountId;
+}
+export async function promptBucketName() {
+    const { name } = await inquirer.prompt([
+        {
+            type: "input",
+            name: "name",
+            message: "R2 bucket name:",
+            default: "obsidian-vault-sync",
+            validate: (input) => {
+                if (input.length < 3)
+                    return "Bucket name must be at least 3 characters";
+                if (!/^[a-z0-9][a-z0-9-]*[a-z0-9]$/.test(input)) {
+                    return "Bucket name must be lowercase alphanumeric with hyphens";
+                }
+                return true;
+            },
+        },
+    ]);
+    return name;
+}
+export async function promptWorkerName() {
+    const { name } = await inquirer.prompt([
+        {
+            type: "input",
+            name: "name",
+            message: "Worker name:",
+            default: "obsidian-r2-sync",
+        },
+    ]);
+    return name;
+}
+export async function promptDeviceId() {
+    const { id } = await inquirer.prompt([
+        {
+            type: "input",
+            name: "id",
+            message: "Device identifier (e.g., macbook, phone, ipad):",
+            validate: (input) => input.length > 0 || "Device ID is required",
+        },
+    ]);
+    return `device-${id.toLowerCase().replace(/[^a-z0-9]/g, "-")}`;
+}
+export async function confirmAction(message) {
+    const { confirmed } = await inquirer.prompt([
+        {
+            type: "confirm",
+            name: "confirmed",
+            message,
+            default: false,
+        },
+    ]);
+    return confirmed;
+}
+//# sourceMappingURL=prompts.js.map

package/dist/lib/prompts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.js","sourceRoot":"","sources":["../../src/lib/prompts.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,UAAU,CAAC;AAEhC,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QACtC;YACE,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,kCAAkC;YAC3C,IAAI,EAAE,GAAG;YACT,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,uBAAuB;SACzE;KACF,CAAC,CAAC;IACH,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAA6C;IAE7C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC,CAAC,CAAE,CAAC,EAAE,CAAC;IACzB,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QAC1C;YACE,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,8BAA8B;YACvC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;SAC7E;KACF,CAAC,CAAC;IACH,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QACrC;YACE,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,iBAAiB;YAC1B,OAAO,EAAE,qBAAqB;YAC9B,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;gBAC1B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;oBAAE,OAAO,2CAA2C,CAAC;gBACzE,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAChD,OAAO,yDAAyD,CAAC;gBACnE,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;SACF;KACF,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QACrC;YACE,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,cAAc;YACvB,OAAO,EAAE,kBAAkB;SAC5B;KACF,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,EAAE,EAAE,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QACnC;YACE,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,iDAAiD;YAC1D,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,uBAAuB;SACzE;KACF,CAAC,CAAC;IACH,OAAO,UAAU,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE,CAAC;AACjE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe;IACjD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;QAC1C;YACE,IAAI,EAAE,SAAS;YACf,IAAI,EAAE,WAAW;YACjB,OAAO;YACP,OAAO,EAAE,KAAK;SACf;KACF,CAAC,CAAC;IACH,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/worker/README.md

@@ -0,0 +1 @@
+This folder contains the built output assets for the worker "obsidian-r2-sync" generated at 2026-02-24T20:31:42.461Z.