hostfn 0.1.0 → 0.1.1

package/package.json

@@ -1,8 +1,7 @@
 {
   "name": "hostfn",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Universal application deployment CLI",
-  "license": "Apache-2.0",
   "workspaces": [
     "packages/*"
   ],
@@ -14,13 +13,13 @@
     "clean": "turbo run clean && rm -rf node_modules"
   },
   "devDependencies": {
+    "fast-glob": "^3.3.3",
     "turbo": "^1.11.0",
     "typescript": "^5.3.0"
   },
-  "keywords": [
-    "deployment",
-    "vps"
-  ],
+  "engines": {
+    "node": ">=18.0.0"
+  },
   "author": "21n",
   "repository": {
     "type": "git",
@@ -29,11 +28,9 @@
   "bugs": {
     "url": "https://github.com/21nCo/hostfn/issues"
   },
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "packageManager": "npm@10.2.0",
-  "dependencies": {
-    "fast-glob": "^3.3.3"
-  }
+  "keywords": [
+    "deployment",
+    "vps"
+  ],
+  "packageManager": "npm@10.2.0"
 }

package/packages/cli/src/__tests__/runtimes/pm2.test.ts

@@ -22,8 +22,8 @@ describe('PM2Manager', () => {
 
       expect(result).toContain("name: 'test-app-production'");
       expect(result).toContain("script: 'dist/index.js'");
-      expect(result).toContain("env_file: '.env'");
-      expect(result).toContain("NODE_ENV: 'production'");
+      // Implementation uses inline env with double quotes (JSON.stringify)
+      expect(result).toContain('NODE_ENV: "production"');
       expect(result).toContain('PORT: 3000');
       expect(result).toContain("instances: 'max'");
       expect(result).toContain("exec_mode: 'cluster'");

package/packages/cli/src/commands/deploy.ts

@@ -181,24 +181,32 @@ async function deployMultiService(
       const servicePath = serviceConfig.path;
       const originalCwd = process.cwd();
       
-      // Change to service directory
-      process.chdir(servicePath);
-
-      // Deploy single service
-      await deploySingleService(
-        serviceSpecificConfig,
-        serviceEnvConfig,
-        environment,
-        options,
-        servicePath
-      );
-
-      // Restore original directory
-      process.chdir(originalCwd);
-
-      results.push({ service: serviceName, success: true });
-      Logger.success(`Service '${serviceName}' deployed successfully`);
-      Logger.br();
+      try {
+        // Change to service directory
+        process.chdir(servicePath);
+
+        // Deploy single service
+        await deploySingleService(
+          serviceSpecificConfig,
+          serviceEnvConfig,
+          environment,
+          options,
+          servicePath
+        );
+
+        results.push({ service: serviceName, success: true });
+        Logger.success(`Service '${serviceName}' deployed successfully`);
+        Logger.br();
+      } catch (error) {
+        // Restore original directory in case of error
+        process.chdir(originalCwd);
+        throw error;
+      } finally {
+        // Restore original directory
+        if (process.cwd() !== originalCwd) {
+          process.chdir(originalCwd);
+        }
+      }
     } catch (error) {
       const errorMsg = error instanceof Error ? error.message : String(error);
       results.push({ service: serviceName, success: false, error: errorMsg });
@@ -546,11 +554,19 @@ async function deploySingleService(
     const backupManager = new BackupManager(ssh as any, remoteDir);
     const backupSpinner = ora('Creating backup of current deployment...').start();
     
-    try {
-      backupPath = await backupManager.create();
-      backupSpinner.succeed(`Backup created: ${backupPath.split('/').pop()}`);
-    } catch (error) {
-      backupSpinner.warn('No existing deployment to backup');
+    // Check if there's anything to backup
+    const hasExistingDeployment = await ssh.exists(`${remoteDir}/dist`);
+
+    if (!hasExistingDeployment) {
+      backupSpinner.info('No existing deployment to backup');
+    } else {
+      try {
+        backupPath = await backupManager.create();
+        backupSpinner.succeed(`Backup created: ${backupPath.split('/').pop()}`);
+      } catch (error) {
+        backupSpinner.fail('Failed to create backup');
+        throw error;
+      }
     }
 
     Logger.br();

package/packages/cli/src/commands/env.ts

@@ -116,6 +116,11 @@ export async function envSetCommand(
       process.exit(1);
     }
 
+    // Validate key format
+    if (!/^[A-Z_][A-Z0-9_]*$/.test(key)) {
+      throw new Error('Invalid key format. Must be uppercase, alphanumeric, and underscores only.');
+    }
+
     // Check if key already exists
     const checkResult = await ssh.exec(
       `grep -q "^${key}=" ${envFile} 2>/dev/null && echo "exists" || echo "new"`
@@ -127,15 +132,23 @@ export async function envSetCommand(
       isNew ? 'Adding variable...' : 'Updating variable...'
     ).start();
 
+    // Use a temporary file strategy to avoid shell injection issues with value
+    const tempFile = `/tmp/env_var_${Date.now()}`;
+    await ssh.exec(`echo "${value.replace(/"/g, '\\"')}" > ${tempFile}`);
+
     if (isNew) {
-      // Append new variable
-      await ssh.exec(`echo "${key}=${value}" >> ${envFile}`);
+      // Append new variable safely
+      await ssh.exec(`echo "${key}=\\"$(cat ${tempFile})\\"" >> ${envFile}`);
     } else {
-      // Update existing variable (use sed for safety)
-      await ssh.exec(
-        `sed -i.bak "s|^${key}=.*|${key}=${value}|" ${envFile}`
-      );
+      // Update existing variable safely using temp file content
+      // We use a more complex sed or awk command, or just overwrite the line
+      // Constructing safe sed is hard, so let's use grep -v to remove old and append new
+      await ssh.exec(`grep -v "^${key}=" ${envFile} > ${envFile}.tmp && mv ${envFile}.tmp ${envFile}`);
+      await ssh.exec(`echo "${key}=\\"$(cat ${tempFile})\\"" >> ${envFile}`);
     }
+    
+    // Cleanup temp file
+    await ssh.exec(`rm ${tempFile}`);
 
     updateSpinner.succeed(isNew ? 'Variable added' : 'Variable updated');
 

package/packages/cli/src/commands/expose.ts

@@ -94,7 +94,8 @@ export async function exposeCommand(environment: string, options: {
     if (shouldSetupSsl && domains.length > 0) {
       // Check if certificate exists for the primary domain (first in the list)
       const primaryDomain = domains[0];
-      const certCheck = await ssh.exec(`sudo test -d /etc/letsencrypt/live/${primaryDomain} && echo "exists"`);
+      const safePrimaryDomain = `'${primaryDomain.replace(/'/g, "'\\''")}'`;
+      const certCheck = await ssh.exec(`sudo test -d /etc/letsencrypt/live/${safePrimaryDomain} && echo "exists"`);
       certsExist = certCheck.stdout.trim() === 'exists';
     }
 
@@ -114,10 +115,16 @@ export async function exposeCommand(environment: string, options: {
 
         // Only include services on this server
         if (serviceEnvConfig.server === host) {
+          const port = serviceConfig.port;
+          // Validate port
+          if (!port || isNaN(Number(port)) || Number(port) < 1 || Number(port) > 65535) {
+            throw new Error(`Invalid port for service '${serviceName}': ${port}. Must be between 1 and 65535.`);
+          }
+
           const isDefault = !serviceConfig.exposePath;
           services.push({
             name: `${config.name}-${serviceName}`,
-            port: serviceConfig.port,
+            port: Number(port),
             exposePath: serviceConfig.exposePath,
             isDefault,
           });
@@ -136,9 +143,15 @@ export async function exposeCommand(environment: string, options: {
       Logger.section('Configuring Single Service');
       Logger.br();
       
+      const port = envConfig.port;
+      // Validate port
+      if (!port || isNaN(Number(port)) || Number(port) < 1 || Number(port) > 65535) {
+        throw new Error(`Invalid port for environment '${environment}': ${port}. Must be between 1 and 65535.`);
+      }
+
       services.push({
         name: `${config.name}-${environment}`,
-        port: envConfig.port,
+        port: Number(port),
         isDefault: true,
       });
 
@@ -247,7 +260,7 @@ EOF`);
 
     // Setup SSL if domains are configured
     if (shouldSetupSsl && domains.length > 0 && sslEmail) {
-      await setupSSL(ssh, domains, sslEmail, environment);
+      await setupSSL(ssh, host, domains, sslEmail, environment);
     }
 
     // Success summary
@@ -293,6 +306,7 @@ EOF`);
  */
 async function setupSSL(
   ssh: SSHConnection,
+  host: string,
   domains: string[],
   email: string,
   environment: string
@@ -371,7 +385,7 @@ async function setupSSL(
         Logger.warn('SSL expansion failed');
         Logger.info('You can manually run certbot with --expand:');
         const manualDomainFlags = domains.map(d => `-d ${d}`).join(' ');
-        Logger.command(`ssh ${ssh} "sudo certbot --nginx ${manualDomainFlags} --expand"`);
+        Logger.command(`ssh ${host} "sudo certbot --nginx ${manualDomainFlags} --expand"`);
         return;
       }
     } else {
@@ -416,7 +430,7 @@ async function setupSSL(
       Logger.warn('SSL setup failed, but nginx is still configured for HTTP');
       Logger.info('You can manually run certbot later:');
       const manualDomainFlags = domains.map(d => `-d ${d}`).join(' ');
-      Logger.command(`ssh ${ssh} "sudo certbot --nginx ${manualDomainFlags}"`);
+      Logger.command(`ssh ${host} "sudo certbot --nginx ${manualDomainFlags}"`);
       return;
     }
   }

package/packages/cli/src/commands/logs.ts

@@ -66,9 +66,10 @@ async function fetchLogs(
   const pm2 = adapter.getProcessManager();
 
   const spinner = ora('Connecting to server...').start();
+  let ssh: { disconnect: () => void } | null = null;
 
   try {
-    const ssh = await createSSHConnection(server);
+    ssh = await createSSHConnection(server);
     spinner.succeed('Connected');
 
     Logger.br();
@@ -82,10 +83,10 @@ async function fetchLogs(
     }
     
     // Execute logs command
-    const result = await ssh.exec(logsCmd, { streaming: !options.output });
+    const result = await (ssh as any).exec(logsCmd, { streaming: !options.output });
 
     if (result.exitCode !== 0) {
-      Logger.error('Failed to fetch logs');
+      throw new Error(result.stderr || 'Failed to fetch logs');
     }
 
     // Save to file if requested
@@ -97,10 +98,13 @@ async function fetchLogs(
       Logger.kv('Size', `${(result.stdout.length / 1024).toFixed(2)} KB`);
     }
 
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Failed to get logs');
     Logger.error(error instanceof Error ? error.message : String(error));
     process.exit(1);
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }

package/packages/cli/src/commands/rollback.ts

@@ -28,14 +28,15 @@ export async function rollbackCommand(
   const serviceName = `${config.name}-${environment}`;
 
   const spinner = ora('Connecting to server...').start();
+  let ssh: { disconnect: () => void } | null = null;
 
   try {
-    const ssh = await createSSHConnection(envConfig.server);
+    ssh = await createSSHConnection(envConfig.server);
     spinner.succeed('Connected');
 
     Logger.br();
 
-    const backupManager = new BackupManager(ssh, remoteDir);
+    const backupManager = new BackupManager(ssh as any, remoteDir);
 
     // List available backups
     const listSpinner = ora('Fetching available backups...').start();
@@ -44,7 +45,6 @@ export async function rollbackCommand(
 
     if (backups.length === 0) {
       Logger.warn('No backups available');
-      ssh.disconnect();
       return;
     }
 
@@ -96,7 +96,6 @@ export async function rollbackCommand(
 
     if (!confirm) {
       Logger.info('Rollback cancelled');
-      ssh.disconnect();
       return;
     }
 
@@ -112,7 +111,7 @@ export async function rollbackCommand(
     const pm2 = adapter.getProcessManager();
     
     const reloadSpinner = ora('Reloading service...').start();
-    const reloadResult = await ssh.exec(
+    const reloadResult = await (ssh as any).exec(
       pm2.generateReloadCommand(serviceName),
       { cwd: remoteDir }
     );
@@ -133,10 +132,13 @@ export async function rollbackCommand(
     Logger.command(`hostfn status ${environment}`);
     Logger.br();
 
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Rollback failed');
     Logger.error(error instanceof Error ? error.message : String(error));
     process.exit(1);
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }

package/packages/cli/src/commands/status.ts

@@ -75,15 +75,16 @@ async function showServiceStatus(
   displayName?: string
 ): Promise<void> {
   const spinner = ora(`Fetching status for ${displayName || serviceName}...`).start();
+  let ssh: { disconnect: () => void } | null = null;
 
   try {
-    const ssh = await createSSHConnection(server);
+    ssh = await createSSHConnection(server);
     spinner.succeed('Connected');
 
     Logger.br();
 
     // Get PM2 service details
-    const result = await ssh.exec(`pm2 jlist | jq '.[] | select(.name=="${serviceName}")'`);
+    const result = await (ssh as any).exec(`pm2 jlist | jq '.[] | select(.name=="${serviceName}")'`);
 
     if (result.stdout.trim()) {
       const service = JSON.parse(result.stdout);
@@ -129,10 +130,13 @@ async function showServiceStatus(
       Logger.info('Has the service been deployed?');
     }
 
-    ssh.disconnect();
   } catch (error) {
     spinner.fail('Failed to get status');
     throw error;
+  } finally {
+    if (ssh) {
+      ssh.disconnect();
+    }
   }
 }