@zincapp/zn-vault-agent 1.3.0

package/dist/commands/setup.js

@@ -0,0 +1,346 @@
+// Path: zn-vault-agent/src/commands/setup.ts
+import chalk from 'chalk';
+import { execSync } from 'child_process';
+import { existsSync, mkdirSync, writeFileSync, unlinkSync, copyFileSync } from 'fs';
+import { dirname, join } from 'path';
+import { fileURLToPath } from 'url';
+const SYSTEM_USER = 'zn-vault-agent';
+const SERVICE_NAME = 'zn-vault-agent';
+const CONFIG_DIR = '/etc/zn-vault-agent';
+const DATA_DIR = '/var/lib/zn-vault-agent';
+const LOG_DIR = '/var/log/zn-vault-agent';
+const CERT_DIR = '/etc/ssl/znvault';
+const SERVICE_FILE = `/etc/systemd/system/${SERVICE_NAME}.service`;
+export function registerSetupCommand(program) {
+    program
+        .command('setup')
+        .description('Install systemd service and create directories')
+        .option('--uninstall', 'Remove systemd service and optionally config')
+        .option('--purge', 'Also remove configuration (only with --uninstall)')
+        .option('--skip-user', 'Skip creating system user')
+        .option('-y, --yes', 'Skip confirmation prompts')
+        .addHelpText('after', `
+Examples:
+  # Install systemd service (requires root)
+  sudo zn-vault-agent setup
+
+  # Remove systemd service but keep config
+  sudo zn-vault-agent setup --uninstall
+
+  # Remove everything including config
+  sudo zn-vault-agent setup --uninstall --purge
+`)
+        .action(async (options) => {
+        // Check for root
+        if (process.getuid && process.getuid() !== 0) {
+            console.error(chalk.red('This command requires root. Run with sudo.'));
+            process.exit(1);
+        }
+        if (options.uninstall) {
+            await handleUninstall(options);
+        }
+        else {
+            await handleInstall(options);
+        }
+    });
+}
+async function handleInstall(options) {
+    console.log();
+    console.log(chalk.bold('ZN-Vault Agent Setup'));
+    console.log();
+    // Confirm installation
+    if (!options.yes) {
+        console.log('This will:');
+        console.log(`  - Create system user: ${SYSTEM_USER}`);
+        console.log(`  - Create directories:`);
+        console.log(`      ${CONFIG_DIR}/`);
+        console.log(`      ${DATA_DIR}/`);
+        console.log(`      ${LOG_DIR}/`);
+        console.log(`      ${CERT_DIR}/`);
+        console.log(`  - Install systemd service: ${SERVICE_NAME}`);
+        console.log();
+        const inquirer = await import('inquirer');
+        const { confirm } = await inquirer.default.prompt([
+            {
+                type: 'confirm',
+                name: 'confirm',
+                message: 'Proceed with installation?',
+                default: true,
+            },
+        ]);
+        if (!confirm) {
+            console.log('Installation cancelled.');
+            return;
+        }
+    }
+    console.log();
+    // Step 1: Create system user
+    if (!options.skipUser) {
+        try {
+            // Check if user exists
+            execSync(`id ${SYSTEM_USER}`, { stdio: 'pipe' });
+            console.log(chalk.gray(`User ${SYSTEM_USER} already exists`));
+        }
+        catch {
+            console.log(`Creating user ${SYSTEM_USER}...`);
+            try {
+                execSync(`useradd --system --no-create-home --shell /sbin/nologin ${SYSTEM_USER}`, { stdio: 'inherit' });
+                console.log(chalk.green(`  Created user ${SYSTEM_USER}`));
+            }
+            catch {
+                console.log(chalk.yellow(`  Could not create user (might already exist)`));
+            }
+        }
+    }
+    // Step 2: Create directories
+    const directories = [
+        { path: CONFIG_DIR, mode: 0o755 },
+        { path: DATA_DIR, mode: 0o750 },
+        { path: LOG_DIR, mode: 0o750 },
+        { path: CERT_DIR, mode: 0o750 },
+    ];
+    for (const dir of directories) {
+        if (!existsSync(dir.path)) {
+            console.log(`Creating ${dir.path}/...`);
+            mkdirSync(dir.path, { recursive: true, mode: dir.mode });
+            execSync(`chown ${SYSTEM_USER}:${SYSTEM_USER} ${dir.path}`);
+            console.log(chalk.green(`  Created ${dir.path}/`));
+        }
+        else {
+            console.log(chalk.gray(`${dir.path}/ already exists`));
+        }
+    }
+    // Step 3: Create config template if not exists
+    const envFile = join(CONFIG_DIR, 'agent.env');
+    if (!existsSync(envFile)) {
+        console.log(`Creating ${envFile}...`);
+        writeFileSync(envFile, `# ZN-Vault Agent Configuration
+# See: zn-vault-agent --help
+
+# Logging
+LOG_LEVEL=info
+
+# Auto-update settings (optional)
+# AUTO_UPDATE=true
+# AUTO_UPDATE_INTERVAL=300
+# AUTO_UPDATE_CHANNEL=latest
+`, { mode: 0o640 });
+        execSync(`chown ${SYSTEM_USER}:${SYSTEM_USER} ${envFile}`);
+        console.log(chalk.green(`  Created ${envFile}`));
+    }
+    else {
+        console.log(chalk.gray(`${envFile} already exists`));
+    }
+    // Step 4: Copy systemd service file
+    console.log(`Installing systemd service...`);
+    const __filename = fileURLToPath(import.meta.url);
+    const __dirname = dirname(__filename);
+    // Try to find the service file in the package
+    const possiblePaths = [
+        join(__dirname, '..', '..', 'deploy', 'systemd', 'zn-vault-agent.service'),
+        join(__dirname, '..', 'deploy', 'systemd', 'zn-vault-agent.service'),
+        '/usr/local/lib/node_modules/@zincapp/zn-vault-agent/deploy/systemd/zn-vault-agent.service',
+    ];
+    let sourceServiceFile = null;
+    for (const p of possiblePaths) {
+        if (existsSync(p)) {
+            sourceServiceFile = p;
+            break;
+        }
+    }
+    if (sourceServiceFile) {
+        copyFileSync(sourceServiceFile, SERVICE_FILE);
+        console.log(chalk.green(`  Installed ${SERVICE_FILE}`));
+    }
+    else {
+        // Generate service file inline
+        const serviceContent = generateServiceFile();
+        writeFileSync(SERVICE_FILE, serviceContent, { mode: 0o644 });
+        console.log(chalk.green(`  Generated ${SERVICE_FILE}`));
+    }
+    // Step 5: Reload systemd
+    console.log('Reloading systemd...');
+    execSync('systemctl daemon-reload', { stdio: 'inherit' });
+    console.log(chalk.green('  systemd reloaded'));
+    // Enable service (but don't start)
+    console.log('Enabling service...');
+    execSync(`systemctl enable ${SERVICE_NAME}`, { stdio: 'inherit' });
+    console.log(chalk.green(`  ${SERVICE_NAME} enabled`));
+    console.log();
+    console.log(chalk.green.bold('Setup complete!'));
+    console.log();
+    console.log('Next steps:');
+    console.log(`  1. Configure the agent: ${chalk.cyan('zn-vault-agent login')}`);
+    console.log(`  2. Add certificates: ${chalk.cyan('zn-vault-agent certs add')}`);
+    console.log(`  3. Start the service: ${chalk.cyan(`sudo systemctl start ${SERVICE_NAME}`)}`);
+    console.log(`  4. Check status: ${chalk.cyan(`sudo systemctl status ${SERVICE_NAME}`)}`);
+    console.log();
+}
+async function handleUninstall(options) {
+    console.log();
+    console.log(chalk.bold('ZN-Vault Agent Uninstall'));
+    console.log();
+    // Confirm uninstall
+    if (!options.yes) {
+        console.log('This will:');
+        console.log(`  - Stop and disable systemd service: ${SERVICE_NAME}`);
+        console.log(`  - Remove service file: ${SERVICE_FILE}`);
+        if (options.purge) {
+            console.log(chalk.yellow(`  - Remove configuration: ${CONFIG_DIR}/`));
+            console.log(chalk.yellow(`  - Remove data: ${DATA_DIR}/`));
+            console.log(chalk.yellow(`  - Remove logs: ${LOG_DIR}/`));
+        }
+        console.log();
+        const inquirer = await import('inquirer');
+        const { confirm } = await inquirer.default.prompt([
+            {
+                type: 'confirm',
+                name: 'confirm',
+                message: options.purge
+                    ? 'Are you sure? This will remove all configuration and data!'
+                    : 'Proceed with uninstall?',
+                default: false,
+            },
+        ]);
+        if (!confirm) {
+            console.log('Uninstall cancelled.');
+            return;
+        }
+    }
+    console.log();
+    // Stop service
+    try {
+        console.log('Stopping service...');
+        execSync(`systemctl stop ${SERVICE_NAME}`, { stdio: 'pipe' });
+        console.log(chalk.green(`  ${SERVICE_NAME} stopped`));
+    }
+    catch {
+        console.log(chalk.gray('  Service not running'));
+    }
+    // Disable service
+    try {
+        console.log('Disabling service...');
+        execSync(`systemctl disable ${SERVICE_NAME}`, { stdio: 'pipe' });
+        console.log(chalk.green(`  ${SERVICE_NAME} disabled`));
+    }
+    catch {
+        console.log(chalk.gray('  Service not enabled'));
+    }
+    // Remove service file
+    if (existsSync(SERVICE_FILE)) {
+        console.log(`Removing ${SERVICE_FILE}...`);
+        unlinkSync(SERVICE_FILE);
+        console.log(chalk.green(`  Removed ${SERVICE_FILE}`));
+    }
+    // Reload systemd
+    console.log('Reloading systemd...');
+    execSync('systemctl daemon-reload', { stdio: 'inherit' });
+    // Purge if requested
+    if (options.purge) {
+        const dirsToRemove = [CONFIG_DIR, DATA_DIR, LOG_DIR];
+        for (const dir of dirsToRemove) {
+            if (existsSync(dir)) {
+                console.log(`Removing ${dir}/...`);
+                execSync(`rm -rf ${dir}`, { stdio: 'inherit' });
+                console.log(chalk.green(`  Removed ${dir}/`));
+            }
+        }
+    }
+    console.log();
+    console.log(chalk.green.bold('Uninstall complete!'));
+    if (!options.purge) {
+        console.log();
+        console.log(chalk.gray(`Configuration preserved in ${CONFIG_DIR}/`));
+        console.log(chalk.gray(`Data preserved in ${DATA_DIR}/`));
+        console.log(chalk.gray('Use --purge to remove all data.'));
+    }
+    console.log();
+}
+function generateServiceFile() {
+    // Find the binary path
+    let binPath = '/usr/local/bin/zn-vault-agent';
+    try {
+        const result = execSync('which zn-vault-agent', { encoding: 'utf-8', stdio: 'pipe' });
+        binPath = result.trim();
+    }
+    catch {
+        // Use default
+    }
+    return `[Unit]
+Description=ZN-Vault Certificate Agent
+Documentation=https://github.com/zincapp/zn-vault
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=${SYSTEM_USER}
+Group=${SYSTEM_USER}
+
+# Working directory
+WorkingDirectory=${DATA_DIR}
+
+# Main executable
+ExecStart=${binPath} start --health-port 9100
+
+# Restart policy
+Restart=always
+RestartSec=5
+StartLimitInterval=60
+StartLimitBurst=5
+
+# Environment
+EnvironmentFile=${CONFIG_DIR}/agent.env
+EnvironmentFile=-${CONFIG_DIR}/secrets.env
+
+# Logging
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=${SERVICE_NAME}
+
+# Shutdown
+TimeoutStopSec=30
+KillMode=mixed
+KillSignal=SIGTERM
+
+# Security hardening
+NoNewPrivileges=true
+ProtectSystem=strict
+ProtectHome=true
+PrivateTmp=true
+PrivateDevices=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectControlGroups=true
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+LockPersonality=true
+
+# Allow writing certificates and logs
+ReadWritePaths=${CERT_DIR}
+ReadWritePaths=${DATA_DIR}
+ReadWritePaths=${LOG_DIR}
+
+# Network access
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+
+# System call filter
+SystemCallFilter=@system-service
+SystemCallFilter=~@privileged @resources
+SystemCallArchitectures=native
+
+# Capabilities
+CapabilityBoundingSet=
+AmbientCapabilities=
+
+# Resource limits
+MemoryHigh=256M
+MemoryMax=512M
+LimitNOFILE=4096
+
+[Install]
+WantedBy=multi-user.target
+`;
+}
+//# sourceMappingURL=setup.js.map

package/dist/commands/setup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/commands/setup.ts"],"names":[],"mappings":"AAAA,6CAA6C;AAU7C,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAgB,UAAU,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClG,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AAEpC,MAAM,WAAW,GAAG,gBAAgB,CAAC;AACrC,MAAM,YAAY,GAAG,gBAAgB,CAAC;AACtC,MAAM,UAAU,GAAG,qBAAqB,CAAC;AACzC,MAAM,QAAQ,GAAG,yBAAyB,CAAC;AAC3C,MAAM,OAAO,GAAG,yBAAyB,CAAC;AAC1C,MAAM,QAAQ,GAAG,kBAAkB,CAAC;AACpC,MAAM,YAAY,GAAG,uBAAuB,YAAY,UAAU,CAAC;AAEnE,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CAAC,aAAa,EAAE,8CAA8C,CAAC;SACrE,MAAM,CAAC,SAAS,EAAE,mDAAmD,CAAC;SACtE,MAAM,CAAC,aAAa,EAAE,2BAA2B,CAAC;SAClD,MAAM,CAAC,WAAW,EAAE,2BAA2B,CAAC;SAChD,WAAW,CAAC,OAAO,EAAE;;;;;;;;;;CAUzB,CAAC;SACG,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,iBAAiB;QACjB,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC,CAAC;YACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,OAA8C;IACzE,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,uBAAuB;IACvB,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,GAAG,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,SAAS,QAAQ,GAAG,CAAC,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,SAAS,OAAO,GAAG,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,SAAS,QAAQ,GAAG,CAAC,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,gCAAgC,YAAY,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YAChD;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,4BAA4B;gBACrC,OAAO,EAAE,IAAI;aACd;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;YACvC,OAAO;QACT,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,6BAA6B;IAC7B,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,uBAAuB;YACvB,QAAQ,CAAC,MAAM,WAAW,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,WAAW,iBAAiB,CAAC,CAAC,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,iBAAiB,WAAW,KAAK,CAAC,CAAC;YAC/C,IAAI,CAAC;gBACH,QAAQ,CACN,2DAA2D,WAAW,EAAE,EACxE,EAAE,KAAK,EAAE,SAAS,EAAE,CACrB,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,WAAW,EAAE,CAAC,CAAC,CAAC;YAC5D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,+CAA+C,CAAC,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,WAAW,GAAG;QAClB,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE;QACjC,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE;QAC/B,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE;QAC9B,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE;KAChC,CAAC;IAEF,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC9B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,IAAI,MAAM,CAAC,CAAC;YACxC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACzD,QAAQ,CAAC,SAAS,WAAW,IAAI,WAAW,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;QACrD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,kBAAkB,CAAC,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IAC9C,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,KAAK,CAAC,CAAC;QACtC,aAAa,CACX,OAAO,EACP;;;;;;;;;;CAUL,EACK,EAAE,IAAI,EAAE,KAAK,EAAE,CAChB,CAAC;QACF,QAAQ,CAAC,SAAS,WAAW,IAAI,WAAW,IAAI,OAAO,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,OAAO,EAAE,CAAC,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,iBAAiB,CAAC,CAAC,CAAC;IACvD,CAAC;IAED,oCAAoC;IACpC,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAEtC,8CAA8C;IAC9C,MAAM,aAAa,GAAG;QACpB,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,wBAAwB,CAAC;QAC1E,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,wBAAwB,CAAC;QACpE,2FAA2F;KAC5F,CAAC;IAEF,IAAI,iBAAiB,GAAkB,IAAI,CAAC;IAC5C,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;QAC9B,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YAClB,iBAAiB,GAAG,CAAC,CAAC;YACtB,MAAM;QACR,CAAC;IACH,CAAC;IAED,IAAI,iBAAiB,EAAE,CAAC;QACtB,YAAY,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,YAAY,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,+BAA+B;QAC/B,MAAM,cAAc,GAAG,mBAAmB,EAAE,CAAC;QAC7C,aAAa,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,YAAY,EAAE,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED,yBAAyB;IACzB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,QAAQ,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAE/C,mCAAmC;IACnC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACnC,QAAQ,CAAC,oBAAoB,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC;IAEtD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3B,OAAO,CAAC,GAAG,CAAC,6BAA6B,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,EAAE,CAAC,CAAC;IAChF,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,CAAC,IAAI,CAAC,wBAAwB,YAAY,EAAE,CAAC,EAAE,CAAC,CAAC;IAC7F,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,IAAI,CAAC,yBAAyB,YAAY,EAAE,CAAC,EAAE,CAAC,CAAC;IACzF,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,OAA2C;IACxE,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,oBAAoB;IACpB,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,yCAAyC,YAAY,EAAE,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,4BAA4B,YAAY,EAAE,CAAC,CAAC;QACxD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,6BAA6B,UAAU,GAAG,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oBAAoB,QAAQ,GAAG,CAAC,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oBAAoB,OAAO,GAAG,CAAC,CAAC,CAAC;QAC5D,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YAChD;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,OAAO,CAAC,KAAK;oBACpB,CAAC,CAAC,4DAA4D;oBAC9D,CAAC,CAAC,yBAAyB;gBAC7B,OAAO,EAAE,KAAK;aACf;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;YACpC,OAAO;QACT,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,eAAe;IACf,IAAI,CAAC;QACH,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnC,QAAQ,CAAC,kBAAkB,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,kBAAkB;IAClB,IAAI,CAAC;QACH,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,QAAQ,CAAC,qBAAqB,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,YAAY,YAAY,KAAK,CAAC,CAAC;QAC3C,UAAU,CAAC,YAAY,CAAC,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,YAAY,EAAE,CAAC,CAAC,CAAC;IACxD,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,QAAQ,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAE1D,qBAAqB;IACrB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,YAAY,GAAG,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC/B,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,CAAC;gBACnC,QAAQ,CAAC,UAAU,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACrD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,8BAA8B,UAAU,GAAG,CAAC,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,QAAQ,GAAG,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC,CAAC;IAC7D,CAAC;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED,SAAS,mBAAmB;IAC1B,uBAAuB;IACvB,IAAI,OAAO,GAAG,+BAA+B,CAAC;IAC9C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,sBAAsB,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACtF,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,cAAc;IAChB,CAAC;IAED,OAAO;;;;;;;;OAQF,WAAW;QACV,WAAW;;;mBAGA,QAAQ;;;YAGf,OAAO;;;;;;;;;kBASD,UAAU;mBACT,UAAU;;;;;mBAKV,YAAY;;;;;;;;;;;;;;;;;;;;;;iBAsBd,QAAQ;iBACR,QAAQ;iBACR,OAAO;;;;;;;;;;;;;;;;;;;;;CAqBvB,CAAC;AACF,CAAC"}

package/dist/commands/start.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function registerStartCommand(program: Command): void;
+//# sourceMappingURL=start.d.ts.map

package/dist/commands/start.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"start.d.ts","sourceRoot":"","sources":["../../src/commands/start.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAQpC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAiH3D"}

package/dist/commands/start.js

@@ -0,0 +1,113 @@
+// Path: src/commands/start.ts
+// Start command - runs the agent daemon
+import chalk from 'chalk';
+import { isConfigured, loadConfig, getTargets } from '../lib/config.js';
+import { validateConfig, formatValidationResult } from '../lib/validation.js';
+import { startDaemon } from '../lib/websocket.js';
+import { logger } from '../lib/logger.js';
+import { NpmAutoUpdateService, loadUpdateConfig } from '../services/npm-auto-update.js';
+export function registerStartCommand(program) {
+    program
+        .command('start')
+        .description('Start the certificate sync daemon')
+        .option('-v, --verbose', 'Enable verbose logging')
+        .option('--health-port <port>', 'Health/metrics HTTP server port (default: disabled)', parseInt)
+        .option('--validate', 'Validate configuration before starting')
+        .option('--foreground', 'Run in foreground (default)')
+        .option('--auto-update', 'Enable automatic updates (uses saved config)')
+        .option('--no-auto-update', 'Disable automatic updates')
+        .addHelpText('after', `
+Examples:
+  # Start in foreground (default)
+  zn-vault-agent start
+
+  # Enable health/metrics endpoint for monitoring
+  zn-vault-agent start --health-port 9100
+
+  # Verbose logging for debugging
+  zn-vault-agent start --verbose
+
+  # Validate configuration before starting
+  zn-vault-agent start --validate
+
+  # With auto-updates enabled
+  zn-vault-agent start --health-port 9100 --auto-update
+
+  # Production setup (systemd)
+  # See docs/GUIDE.md for systemd service file
+`)
+        .action(async (options) => {
+        // Check configuration
+        if (!isConfigured()) {
+            console.error(chalk.red('Not configured. Run: zn-vault-agent login'));
+            process.exit(1);
+        }
+        const config = loadConfig();
+        const targets = getTargets();
+        // Validate configuration if requested
+        if (options.validate) {
+            const result = validateConfig(config);
+            console.log(formatValidationResult(result));
+            console.log();
+            if (!result.valid) {
+                console.error(chalk.red('Configuration validation failed. Fix errors before starting.'));
+                process.exit(1);
+            }
+        }
+        // Warn if no targets
+        if (targets.length === 0) {
+            console.log(chalk.yellow('Warning: No certificate targets configured.'));
+            console.log('Run ' + chalk.cyan('zn-vault-agent add') + ' to add certificates to sync.');
+            console.log();
+        }
+        // Set log level based on verbose flag
+        if (options.verbose) {
+            process.env.LOG_LEVEL = 'debug';
+        }
+        // Print startup banner
+        console.log();
+        console.log(chalk.bold('ZN-Vault Certificate Agent'));
+        console.log();
+        console.log(`  Vault:       ${config.vaultUrl}`);
+        console.log(`  Tenant:      ${config.tenantId}`);
+        console.log(`  Targets:     ${targets.length} certificate(s)`);
+        console.log(`  Poll:        every ${config.pollInterval || 3600}s`);
+        if (options.healthPort) {
+            console.log(`  Health:      http://0.0.0.0:${options.healthPort}/health`);
+            console.log(`  Metrics:     http://0.0.0.0:${options.healthPort}/metrics`);
+        }
+        // Auto-update status
+        const updateConfig = loadUpdateConfig();
+        const autoUpdateEnabled = options.autoUpdate !== false && updateConfig.enabled;
+        console.log(`  Auto-update: ${autoUpdateEnabled ? chalk.green('enabled') : 'disabled'}`);
+        console.log();
+        if (targets.length > 0) {
+            console.log(chalk.gray('Subscribed certificates:'));
+            for (const target of targets) {
+                console.log(`  - ${target.name} (${target.certId.substring(0, 8)}...)`);
+            }
+            console.log();
+        }
+        console.log(chalk.gray('Starting daemon...'));
+        console.log();
+        // Start auto-update service if enabled
+        let autoUpdateService = null;
+        if (autoUpdateEnabled) {
+            logger.info('Starting npm-based auto-update service');
+            autoUpdateService = new NpmAutoUpdateService(updateConfig);
+            autoUpdateService.start();
+        }
+        try {
+            await startDaemon({
+                verbose: options.verbose,
+                healthPort: options.healthPort,
+            });
+        }
+        catch (err) {
+            logger.error({ err }, 'Daemon error');
+            console.error(chalk.red('Daemon error:'), err instanceof Error ? err.message : String(err));
+            process.exit(1);
+        }
+    });
+}
+//# sourceMappingURL=start.js.map

package/dist/commands/start.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"start.js","sourceRoot":"","sources":["../../src/commands/start.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,wCAAwC;AAGxC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9E,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAExF,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,mCAAmC,CAAC;SAChD,MAAM,CAAC,eAAe,EAAE,wBAAwB,CAAC;SACjD,MAAM,CAAC,sBAAsB,EAAE,qDAAqD,EAAE,QAAQ,CAAC;SAC/F,MAAM,CAAC,YAAY,EAAE,wCAAwC,CAAC;SAC9D,MAAM,CAAC,cAAc,EAAE,6BAA6B,CAAC;SACrD,MAAM,CAAC,eAAe,EAAE,8CAA8C,CAAC;SACvE,MAAM,CAAC,kBAAkB,EAAE,2BAA2B,CAAC;SACvD,WAAW,CAAC,OAAO,EAAE;;;;;;;;;;;;;;;;;;;CAmBzB,CAAC;SACG,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,sBAAsB;QACtB,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAE7B,sCAAsC;QACtC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,EAAE,CAAC;YAEd,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBAClB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC,CAAC;gBACzF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,qBAAqB;QACrB,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,6CAA6C,CAAC,CAAC,CAAC;YACzE,OAAO,CAAC,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,+BAA+B,CAAC,CAAC;YACzF,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;QAED,sCAAsC;QACtC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,OAAO,CAAC;QAClC,CAAC;QAED,uBAAuB;QACvB,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,CAAC,MAAM,iBAAiB,CAAC,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,YAAY,IAAI,IAAI,GAAG,CAAC,CAAC;QACpE,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,iCAAiC,OAAO,CAAC,UAAU,SAAS,CAAC,CAAC;YAC1E,OAAO,CAAC,GAAG,CAAC,iCAAiC,OAAO,CAAC,UAAU,UAAU,CAAC,CAAC;QAC7E,CAAC;QAED,qBAAqB;QACrB,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,OAAO,CAAC,UAAU,KAAK,KAAK,IAAI,YAAY,CAAC,OAAO,CAAC;QAC/E,OAAO,CAAC,GAAG,CAAC,kBAAkB,iBAAiB,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACpD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;YAC1E,CAAC;YACD,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,uCAAuC;QACvC,IAAI,iBAAiB,GAAgC,IAAI,CAAC;QAC1D,IAAI,iBAAiB,EAAE,CAAC;YACtB,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;YACtD,iBAAiB,GAAG,IAAI,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAC3D,iBAAiB,CAAC,KAAK,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC;YACH,MAAM,WAAW,CAAC;gBAChB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/status.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function registerStatusCommand(program: Command): void;
+//# sourceMappingURL=status.d.ts.map

package/dist/commands/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIpC,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAuF5D"}

package/dist/commands/status.js

@@ -0,0 +1,85 @@
+import chalk from 'chalk';
+import { isConfigured, loadConfig, getTargets, getConfigPath } from '../lib/config.js';
+export function registerStatusCommand(program) {
+    program
+        .command('status')
+        .description('Show agent configuration and status')
+        .option('--json', 'Output as JSON')
+        .addHelpText('after', `
+Examples:
+  zn-vault-agent status         # Human-readable status
+  zn-vault-agent status --json  # JSON output for scripting
+`)
+        .action(async (options) => {
+        const config = loadConfig();
+        const targets = getTargets();
+        if (options.json) {
+            console.log(JSON.stringify({
+                configured: isConfigured(),
+                configPath: getConfigPath(),
+                vaultUrl: config.vaultUrl,
+                tenantId: config.tenantId,
+                authMethod: config.auth.apiKey ? 'apiKey' : (config.auth.username ? 'password' : 'none'),
+                insecure: config.insecure,
+                pollInterval: config.pollInterval || 3600,
+                targets: targets.map(t => ({
+                    name: t.name,
+                    certId: t.certId,
+                    outputs: t.outputs,
+                    lastSync: t.lastSync,
+                    lastFingerprint: t.lastFingerprint,
+                })),
+            }, null, 2));
+            return;
+        }
+        console.log();
+        console.log(chalk.bold('ZN-Vault Agent Status'));
+        console.log();
+        if (!isConfigured()) {
+            console.log(chalk.yellow('  Status: Not configured'));
+            console.log();
+            console.log('Run ' + chalk.cyan('zn-vault-agent login') + ' to configure.');
+            return;
+        }
+        console.log(chalk.green('  Status: Configured'));
+        console.log();
+        console.log(chalk.bold('Connection'));
+        console.log(`  Vault URL:    ${config.vaultUrl}`);
+        console.log(`  Tenant ID:    ${config.tenantId}`);
+        console.log(`  Auth Method:  ${config.auth.apiKey ? 'API Key' : 'Username/Password'}`);
+        console.log(`  TLS Verify:   ${config.insecure ? chalk.yellow('disabled') : chalk.green('enabled')}`);
+        console.log(`  Poll Interval: ${config.pollInterval || 3600}s`);
+        console.log();
+        console.log(chalk.bold('Certificate Targets'));
+        if (targets.length === 0) {
+            console.log('  No targets configured');
+            console.log('  Run ' + chalk.cyan('zn-vault-agent add') + ' to add one.');
+        }
+        else {
+            for (const target of targets) {
+                const syncStatus = target.lastSync
+                    ? chalk.green(`synced ${new Date(target.lastSync).toLocaleString()}`)
+                    : chalk.yellow('not synced');
+                console.log();
+                console.log(`  ${chalk.cyan(target.name)}`);
+                console.log(`    Certificate: ${target.certId.substring(0, 8)}...`);
+                console.log(`    Status:      ${syncStatus}`);
+                console.log(`    Outputs:`);
+                for (const [type, path] of Object.entries(target.outputs)) {
+                    if (path)
+                        console.log(`      ${type}: ${path}`);
+                }
+                if (target.reloadCmd) {
+                    console.log(`    Reload:      ${target.reloadCmd}`);
+                }
+                if (target.healthCheckCmd) {
+                    console.log(`    Health:      ${target.healthCheckCmd}`);
+                }
+            }
+        }
+        console.log();
+        console.log(chalk.gray(`Config: ${getConfigPath()}`));
+        console.log();
+    });
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEvF,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACpD,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,qCAAqC,CAAC;SAClD,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC;SAClC,WAAW,CAAC,OAAO,EAAE;;;;CAIzB,CAAC;SACG,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAE7B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;gBACzB,UAAU,EAAE,YAAY,EAAE;gBAC1B,UAAU,EAAE,aAAa,EAAE;gBAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;gBACxF,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;gBACzC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBACzB,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,MAAM,EAAE,CAAC,CAAC,MAAM;oBAChB,OAAO,EAAE,CAAC,CAAC,OAAO;oBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,eAAe,EAAE,CAAC,CAAC,eAAe;iBACnC,CAAC,CAAC;aACJ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACb,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,GAAG,gBAAgB,CAAC,CAAC;YAC5E,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QACtC,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,mBAAmB,EAAE,CAAC,CAAC;QACvF,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACtG,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,YAAY,IAAI,IAAI,GAAG,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC/C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;YACvC,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,cAAc,CAAC,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ;oBAChC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,cAAc,EAAE,EAAE,CAAC;oBACrE,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;gBAE/B,OAAO,CAAC,GAAG,EAAE,CAAC;gBACd,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC5C,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,oBAAoB,UAAU,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;gBAC5B,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1D,IAAI,IAAI;wBAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,KAAK,IAAI,EAAE,CAAC,CAAC;gBAClD,CAAC;gBACD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;oBACrB,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;gBACtD,CAAC;gBACD,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;oBAC1B,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,aAAa,EAAE,EAAE,CAAC,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/sync.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function registerSyncCommand(program: Command): void;
+//# sourceMappingURL=sync.d.ts.map

package/dist/commands/sync.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../src/commands/sync.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMpC,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA+H1D"}