certops 1.0.11 → 1.0.13

package/README.md

@@ -11,13 +11,13 @@ npm install -g certops
 ## Requirements
 
 - Node.js 18+
-- An CertOps API key (`sslpilot_...`) from your dashboard
+- A CertOps API key (`co_...`) from your dashboard
 
 ## Quick start
 
 ```bash
 # Set your API key
-export CERTOPS_API_KEY='sslpilot_...'
+export CERTOPS_API_KEY='co_...'
 
 # List certificates
 certops list

package/dist/brand.js

@@ -0,0 +1,10 @@
+export const BRAND = {
+    name: 'certops',
+    displayName: 'CertOps',
+    binName: 'certops',
+    configDir: '/etc/certops',
+    envPrefix: 'CERTOPS',
+    keyPrefix: 'co_',
+    serviceUnit: 'certops',
+    apiUrl: 'https://ssl-manager.dcom.at',
+};

package/dist/client.js

@@ -2,21 +2,23 @@ import input from '@inquirer/input';
 import { readConfig } from './config.js';
 import { createApiClient } from './api.js';
 import { CLI_VERSION } from './version.js';
+import { BRAND } from './brand.js';
+const API_KEY_ENV = `${BRAND.envPrefix}_API_KEY`;
 export async function getConfiguredClient() {
-    let apiKey = process.env['CERTOPS_API_KEY'];
+    let apiKey = process.env[API_KEY_ENV];
     if (!apiKey) {
         if (!process.stdin.isTTY) {
-            process.stderr.write('Error: CERTOPS_API_KEY is not set and no TTY is available for prompt.\n');
-            process.stderr.write('  export CERTOPS_API_KEY=\'sslpilot_...\'\n\n');
+            process.stderr.write(`Error: ${API_KEY_ENV} is not set and no TTY is available for prompt.\n`);
+            process.stderr.write(`  export ${API_KEY_ENV}='${BRAND.keyPrefix}...'\n\n`);
             process.exit(1);
         }
         apiKey = await input({
-            message: 'API key (sslpilot_...):',
-            validate: (v) => v.startsWith('sslpilot_') && v.length > 10
+            message: `API key (${BRAND.keyPrefix}...):`,
+            validate: (v) => v.startsWith(BRAND.keyPrefix) && v.length > 10
                 ? true
-                : 'Key must start with sslpilot_',
+                : `Key must start with ${BRAND.keyPrefix}`,
         });
     }
     const config = await readConfig();
-    return createApiClient({ apiKey, apiUrl: config.apiUrl, cliVersion: CLI_VERSION });
+    return createApiClient({ apiKey, apiUrl: config.apiUrl ?? BRAND.apiUrl, cliVersion: CLI_VERSION });
 }

package/dist/commands/service/control.js

@@ -2,13 +2,10 @@ import { Command } from 'commander';
 import { spawnSync } from 'child_process';
 import { unlink } from 'fs/promises';
 import { resolveApiKey, runRenewalCycle } from './renew.js';
-const UNIT = 'certops';
-const UNIT_PATH = '/etc/systemd/system/certops.service';
-/**
- * Runs systemctl with stdout inherited (visible) and stderr captured.
- * Stderr is only printed if the command fails, so noisy shim warnings
- * from Python-based systemctl stubs don't pollute normal output.
- */
+import { BRAND } from '../../brand.js';
+import { CERTOPS_DIR } from '../../config.js';
+const UNIT = BRAND.serviceUnit;
+const UNIT_PATH = `/etc/systemd/system/${BRAND.serviceUnit}.service`;
 function systemctl(args, exitOnFail = true) {
     const result = spawnSync('systemctl', args, {
         stdio: ['inherit', 'inherit', 'pipe'],
@@ -30,25 +27,26 @@ function requireRoot() {
     }
 }
 export const startCommand = new Command('start')
-    .description('Start the CertOps service')
+    .description(`Start the ${BRAND.displayName} service`)
     .action(() => { requireRoot(); systemctl(['start', UNIT]); });
 export const stopCommand = new Command('stop')
-    .description('Stop the CertOps service')
+    .description(`Stop the ${BRAND.displayName} service`)
     .action(() => { requireRoot(); systemctl(['stop', UNIT]); });
 export const restartCommand = new Command('restart')
     .description('Restart the service — picks up config.json changes immediately')
     .action(() => { requireRoot(); systemctl(['restart', UNIT]); });
 export const statusCommand = new Command('status')
-    .description('Show CertOps service status')
+    .description(`Show ${BRAND.displayName} service status`)
     .action(() => { systemctl(['status', UNIT]); });
 export const checkCommand = new Command('check')
     .description('Run one renewal check cycle immediately (for testing)')
     .action(async () => {
     requireRoot();
     const apiKey = await resolveApiKey();
+    const apiKeyEnv = `${BRAND.envPrefix}_API_KEY`;
     if (!apiKey) {
-        process.stderr.write('\nError: CERTOPS_API_KEY not found in environment or service unit.\n');
-        process.stderr.write('  Set the env var or run: sudo sp service install\n\n');
+        process.stderr.write(`\nError: ${apiKeyEnv} not found in environment or service unit.\n`);
+        process.stderr.write(`  Set the env var or run: sudo ${BRAND.binName} service install\n\n`);
         process.exit(1);
     }
     const log = (msg) => process.stdout.write(`  ${msg}\n`);
@@ -65,10 +63,10 @@ export const checkCommand = new Command('check')
     }
 });
 export const uninstallServiceCommand = new Command('uninstall')
-    .description('Stop, disable, and remove the CertOps service unit')
+    .description(`Stop, disable, and remove the ${BRAND.displayName} service unit`)
     .action(async () => {
     requireRoot();
-    process.stdout.write('\nRemoving CertOps service…\n\n');
+    process.stdout.write(`\nRemoving ${BRAND.displayName} service…\n\n`);
     systemctl(['stop', UNIT], false);
     systemctl(['disable', UNIT], false);
     try {
@@ -80,7 +78,7 @@ export const uninstallServiceCommand = new Command('uninstall')
             throw err;
     }
     systemctl(['daemon-reload'], false);
-    process.stdout.write('\n  ✓ Service uninstalled.\n');
-    process.stdout.write('    /etc/certops/ (config, state, certs, hooks) was NOT removed.\n');
-    process.stdout.write('    Run "sudo sp service install" to reinstall.\n\n');
+    process.stdout.write(`\n  ✓ Service uninstalled.\n`);
+    process.stdout.write(`    ${CERTOPS_DIR}/ (config, state, certs, hooks) was NOT removed.\n`);
+    process.stdout.write(`    Run "sudo ${BRAND.binName} service install" to reinstall.\n\n`);
 });

package/dist/commands/service/daemon.js

@@ -1,6 +1,7 @@
 import { Command } from 'commander';
 import { readConfig } from '../../config.js';
 import { resolveApiKey, runRenewalCycle } from './renew.js';
+import { BRAND } from '../../brand.js';
 function log(msg) {
     process.stdout.write(`[${new Date().toISOString()}] ${msg}\n`);
 }
@@ -10,7 +11,7 @@ function sleep(ms) {
 async function tick() {
     const apiKey = await resolveApiKey();
     if (!apiKey) {
-        log('CERTOPS_API_KEY not available — skipping cycle.');
+        log(`${BRAND.envPrefix}_API_KEY not available — skipping cycle.`);
         return;
     }
     try {
@@ -24,7 +25,7 @@ async function tick() {
 export const daemonCommand = new Command('run')
     .description('Run the monitoring daemon (managed by systemd)')
     .action(async () => {
-    log('CertOps daemon starting.');
+    log(`${BRAND.displayName} daemon starting.`);
     process.on('SIGTERM', () => { log('SIGTERM — shutting down.'); process.exit(0); });
     process.on('SIGINT', () => { log('SIGINT — shutting down.'); process.exit(0); });
     while (true) {

package/dist/commands/service/install.js

@@ -4,23 +4,25 @@ import { writeFile, mkdir } from 'fs/promises';
 import { spawnSync } from 'child_process';
 import { readConfig, writeConfig, CERTOPS_DIR, HOOKS_DIR } from '../../config.js';
 import { domainHookPath, GLOBAL_HOOK } from '../../hooks.js';
-const UNIT_PATH = '/etc/systemd/system/certops.service';
+import { BRAND } from '../../brand.js';
+const UNIT_PATH = `/etc/systemd/system/${BRAND.serviceUnit}.service`;
+const API_KEY_ENV = `${BRAND.envPrefix}_API_KEY`;
 function buildUnitContent(apiKey) {
     return `\
 [Unit]
-Description=CertOps Certificate Monitor
+Description=${BRAND.displayName} Certificate Monitor
 After=network-online.target
 Wants=network-online.target
 
 [Service]
 Type=simple
-Environment=CERTOPS_API_KEY=${apiKey}
-ExecStart=/usr/local/bin/certops service run
+Environment=${API_KEY_ENV}=${apiKey}
+ExecStart=/usr/local/bin/${BRAND.binName} service run
 Restart=on-failure
 RestartSec=30
 StandardOutput=journal
 StandardError=journal
-SyslogIdentifier=certops
+SyslogIdentifier=${BRAND.serviceUnit}
 
 [Install]
 WantedBy=multi-user.target
@@ -28,36 +30,35 @@ WantedBy=multi-user.target
 }
 const HOOK_TEMPLATE = `#!/usr/bin/env bash
 # Available env vars:
-#   CERTOPS_CERT_NAME       — certificate name (e.g. *.example.com)
-#   CERTOPS_DOMAIN          — domain name (certName from API)
-#   CERTOPS_FULLCHAIN_PATH  — path to fullchain.pem
-#   CERTOPS_CERT_PATH       — path to cert.pem
-#   CERTOPS_CHAIN_PATH      — path to chain.pem
-#   CERTOPS_KEY_PATH        — path to privkey.pem
+#   ${BRAND.envPrefix}_CERT_NAME       — certificate name (e.g. *.example.com)
+#   ${BRAND.envPrefix}_DOMAIN          — domain name (certName from API)
+#   ${BRAND.envPrefix}_FULLCHAIN_PATH  — path to fullchain.pem
+#   ${BRAND.envPrefix}_CERT_PATH       — path to cert.pem
+#   ${BRAND.envPrefix}_CHAIN_PATH      — path to chain.pem
+#   ${BRAND.envPrefix}_KEY_PATH        — path to privkey.pem
 
 # Example: reload nginx after cert update
 # systemctl reload nginx
 `;
 export const installCommand = new Command('install')
-    .description('Install and configure the CertOps background service')
+    .description(`Install and configure the ${BRAND.displayName} background service`)
     .action(async () => {
     try {
         if (process.getuid?.() !== 0) {
-            console.error('Error: certops service install must run as root.');
-            console.error('\n  sudo -E sp service install\n');
+            console.error(`Error: ${BRAND.binName} service install must run as root.`);
+            console.error(`\n  sudo -E ${BRAND.binName} service install\n`);
             process.exit(1);
         }
-        console.log('\nCertOps Service Setup\n');
+        console.log(`\n${BRAND.displayName} Service Setup\n`);
         const existing = await readConfig();
-        // API key — env takes precedence, otherwise prompt
-        const apiKey = process.env['CERTOPS_API_KEY'] ?? await input({
-            message: 'API key (sslpilot_...):',
-            validate: (v) => v.startsWith('sslpilot_') && v.length > 10
+        const apiKey = process.env[API_KEY_ENV] ?? await input({
+            message: `API key (${BRAND.keyPrefix}...):`,
+            validate: (v) => v.startsWith(BRAND.keyPrefix) && v.length > 10
                 ? true
-                : 'Key must start with sslpilot_',
+                : `Key must start with ${BRAND.keyPrefix}`,
         });
         const apiUrl = await input({
-            message: 'API URL (leave blank for default https://ssl-manager.dcom.at):',
+            message: `API URL (leave blank for default ${BRAND.apiUrl}):`,
             default: existing.apiUrl ?? '',
         });
         const intervalStr = await input({
@@ -80,12 +81,10 @@ export const installCommand = new Command('install')
             watchDomains,
             maxDownloadRetries: existing.maxDownloadRetries,
         };
-        // Write config + create directories
         await writeConfig(config);
         await mkdir(CERTOPS_DIR, { recursive: true });
         await mkdir(HOOKS_DIR, { recursive: true });
-        console.log('\n✓ Config written to /etc/certops/config.json');
-        // Create hook stubs only if they don't exist yet
+        console.log(`\n✓ Config written to ${CERTOPS_DIR}/config.json`);
         for (const domain of watchDomains) {
             const hookFile = domainHookPath(domain);
             try {
@@ -105,13 +104,12 @@ export const installCommand = new Command('install')
             if (err.code !== 'EEXIST')
                 throw err;
         }
-        // Write systemd unit
         await writeFile(UNIT_PATH, buildUnitContent(apiKey), { encoding: 'utf8', mode: 0o600 });
         console.log(`✓ Systemd unit written to ${UNIT_PATH}`);
         for (const args of [
             ['daemon-reload'],
-            ['enable', 'certops'],
-            ['restart', 'certops'],
+            ['enable', BRAND.serviceUnit],
+            ['restart', BRAND.serviceUnit],
         ]) {
             const r = spawnSync('systemctl', args, { stdio: ['inherit', 'inherit', 'pipe'], encoding: 'utf8' });
             if (r.status !== 0) {
@@ -121,9 +119,9 @@ export const installCommand = new Command('install')
             }
         }
         console.log('\n✓ Service enabled and started.\n');
-        console.log('  Edit hooks in  : /etc/certops/hooks/');
-        console.log('  Check status   : certops service status');
-        console.log('  Follow logs    : journalctl -u certops -f\n');
+        console.log(`  Edit hooks in  : ${HOOKS_DIR}/`);
+        console.log(`  Check status   : ${BRAND.binName} service status`);
+        console.log(`  Follow logs    : journalctl -u ${BRAND.serviceUnit} -f\n`);
     }
     catch (err) {
         if (err.name === 'ExitPromptError')

package/dist/commands/service/renew.js

@@ -4,17 +4,19 @@ import { readConfig } from '../../config.js';
 import { readState, updateCertState } from '../../state.js';
 import { runHooks } from '../../hooks.js';
 import { CLI_VERSION } from '../../version.js';
+import { BRAND } from '../../brand.js';
 const BASE_RETRY_DELAY_MS = 2_000; // 2 s → 4 s → 8 s …
 function sleep(ms) {
     return new Promise(resolve => setTimeout(resolve, ms));
 }
 export async function resolveApiKey() {
-    if (process.env['CERTOPS_API_KEY'])
-        return process.env['CERTOPS_API_KEY'];
+    const envKey = `${BRAND.envPrefix}_API_KEY`;
+    if (process.env[envKey])
+        return process.env[envKey];
     try {
         const { execSync } = await import('child_process');
-        const out = execSync('systemctl show certops -p Environment --value', { encoding: 'utf8' });
-        const match = out.match(/CERTOPS_API_KEY=(\S+)/);
+        const out = execSync(`systemctl show ${BRAND.serviceUnit} -p Environment --value`, { encoding: 'utf8' });
+        const match = out.match(new RegExp(`${BRAND.envPrefix}_API_KEY=(\\S+)`));
         return match?.[1] ?? null;
     }
     catch {
@@ -68,11 +70,11 @@ export async function runRenewalCycle(apiKey, log) {
                 log(`  key       : ${paths.keyPath}`);
                 await updateCertState(cert.certName, cert.expiryDate ?? '');
                 await runHooks(cert.certName, {
-                    CERTOPS_DOMAIN: cert.certName,
-                    CERTOPS_FULLCHAIN_PATH: paths.fullchainPath,
-                    CERTOPS_CERT_PATH: paths.certPath,
-                    CERTOPS_CHAIN_PATH: paths.chainPath,
-                    CERTOPS_KEY_PATH: paths.keyPath,
+                    [`${BRAND.envPrefix}_DOMAIN`]: cert.certName,
+                    [`${BRAND.envPrefix}_FULLCHAIN_PATH`]: paths.fullchainPath,
+                    [`${BRAND.envPrefix}_CERT_PATH`]: paths.certPath,
+                    [`${BRAND.envPrefix}_CHAIN_PATH`]: paths.chainPath,
+                    [`${BRAND.envPrefix}_KEY_PATH`]: paths.keyPath,
                 }, log);
                 downloaded++;
                 lastError = undefined;

package/dist/config.js

@@ -1,6 +1,7 @@
 import { readFile, writeFile, mkdir } from 'fs/promises';
 import { join } from 'path';
-export const CERTOPS_DIR = '/etc/certops';
+import { BRAND } from './brand.js';
+export const CERTOPS_DIR = BRAND.configDir;
 export const HOOKS_DIR = join(CERTOPS_DIR, 'hooks');
 const CONFIG_PATH = join(CERTOPS_DIR, 'config.json');
 const DEFAULTS = {

package/dist/hooks.js

@@ -2,6 +2,7 @@ import { spawn } from 'child_process';
 import { access } from 'fs/promises';
 import { join } from 'path';
 import { HOOKS_DIR } from './config.js';
+import { BRAND } from './brand.js';
 const GLOBAL_HOOK = join(HOOKS_DIR, 'global.sh');
 function domainHookPath(certName) {
     const safe = certName.replace(/^\*\./, 'wildcard.');
@@ -33,7 +34,7 @@ async function execHook(scriptPath, vars) {
 }
 export async function runHooks(certName, vars, log) {
     const domainHook = domainHookPath(certName);
-    const hookVars = { ...vars, CERTOPS_CERT_NAME: certName };
+    const hookVars = { ...vars, [`${BRAND.envPrefix}_CERT_NAME`]: certName };
     if (await fileExists(domainHook)) {
         log(`  Running domain hook: ${domainHook}`);
         try {

package/dist/index.js

@@ -3,20 +3,19 @@ import { Command } from 'commander';
 import { listCommand } from './commands/list.js';
 import { downloadCommand } from './commands/download.js';
 import { serviceCommand } from './commands/service/index.js';
+import { CLI_VERSION } from './version.js';
+import { BRAND } from './brand.js';
 const program = new Command()
-    .name('certops')
-    .description('CertOps CLI — manage and auto-renew your SSL certificates')
-    .version('1.0.0')
+    .name(BRAND.binName)
+    .description(`${BRAND.displayName} CLI — manage and auto-renew your SSL certificates`)
+    .version(CLI_VERSION)
     .addHelpText('after', `
 Examples:
-  certops list                          List all certificates
-  sudo certops download                 Pick and download interactively
-  sudo certops download '*.example.com' Download a specific domain
-  sudo certops service install          Set up the auto-renewal service
-  certops service status                Check service status
-
-Documentation:
-  https://github.com/Vimosoftdev/ssl-checker-web/blob/main/SETUP.md
+  ${BRAND.binName} list                          List all certificates
+  sudo ${BRAND.binName} download                 Pick and download interactively
+  sudo ${BRAND.binName} download '*.example.com' Download a specific domain
+  sudo ${BRAND.binName} service install          Set up the auto-renewal service
+  ${BRAND.binName} service status                Check service status
 `);
 program.addCommand(listCommand);
 program.addCommand(downloadCommand);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "certops",
-  "version": "1.0.11",
+  "version": "1.0.13",
   "description": "SSL Pilot CLI — download and manage your SSL certificates",
   "type": "module",
   "files": [