openpalm 0.10.2 → 0.11.0-beta.2

package/src/commands/install.ts

@@ -1,32 +1,28 @@
 import { defineCommand } from 'citty';
 import { join } from 'node:path';
-import { rm } from 'node:fs/promises';
+import { createInterface } from 'node:readline';
 import cliPkg from '../../package.json' with { type: 'json' };
 import { defaultWorkDir } from '../lib/paths.ts';
-import { resolveOpenPalmHome, resolveConfigDir, resolveVaultDir, resolveDataDir } from '@openpalm/lib';
-import { ensureSecrets, ensureStackEnv, resolveRequestedImageTag } from '../lib/env.ts';
-import { ensureDirectoryTree, seedOpenPalmDir, openBrowser, runDockerCompose, runDockerComposeCapture } from '../lib/docker.ts';
+import { resolveOpenPalmHome, resolveConfigDir } from '@openpalm/lib';
+import { ensureSecrets, ensureStackEnv } from '../lib/env.ts';
+import { ensureDirectoryTree, seedOpenPalmDir, seedUiBuild } from '../lib/io.ts';
+import { openBrowser } from '../lib/browser.ts';
+import { runDockerCompose } from '../lib/docker.ts';
 import {
   backupOpenPalmHome,
+  buildComposeCliArgs,
   ensureOpenCodeConfig, ensureOpenCodeSystemConfig,
   performSetup,
   applyInstall,
   buildManagedServices,
-  createOpenCodeClient,
   createLogger,
+  resolveRequestedImageTag,
   type SetupSpec,
 } from '@openpalm/lib';
-import { seedEmbeddedAssets } from '../lib/embedded-assets.ts';
-import { ensureVarlock, prepareVarlockDir } from '../lib/varlock.ts';
 import { detectHostInfo } from '../lib/host-info.ts';
 import { ensureValidState } from '../lib/cli-state.ts';
-import { fullComposeArgs } from '../lib/cli-compose.ts';
-import { createSetupServer } from '../setup-wizard/server.ts';
-import { buildDeployStatusEntries } from './install-services.ts';
-import { startOpenCodeSubprocess, type OpenCodeSubprocess } from '../lib/opencode-subprocess.ts';
 
 const logger = createLogger('cli:install');
-const SETUP_WIZARD_PORT = Number(process.env.OP_SETUP_PORT) || 0; // 0 = random available port
 
 async function resolveDefaultInstallRef(): Promise<string> {
   try {
@@ -67,6 +63,12 @@ export default defineCommand({
       alias: 'f',
       description: 'Path to setup config file (JSON or YAML) — skips wizard',
     },
+    yes: {
+      type: 'boolean',
+      alias: 'y',
+      description: 'Auto-confirm destructive prompts (e.g. --force backup of existing OP_HOME)',
+      default: false,
+    },
   },
   async run({ args }) {
     try {
@@ -77,6 +79,7 @@ export default defineCommand({
         noStart: !args.start,
         noOpen: !args.open,
         file: args.file,
+        assumeYes: args.yes,
       });
     } catch (err) {
       console.error(`Error: ${err instanceof Error ? err.message : String(err)}`);
@@ -91,8 +94,26 @@ type InstallOptions = {
   noStart: boolean;
   noOpen: boolean;
   file?: string;
+  assumeYes: boolean;
 };
 
+/**
+ * Prompt the user for a y/N confirmation on stdin/stdout. Returns false in
+ * any non-interactive context (no TTY) so CI runs do not hang waiting on
+ * input — callers must pair this with an explicit `--yes` flag for
+ * unattended invocations.
+ */
+async function promptYesNo(question: string): Promise<boolean> {
+  if (!process.stdin.isTTY || !process.stdout.isTTY) return false;
+  const rl = createInterface({ input: process.stdin, output: process.stdout });
+  try {
+    const answer = await new Promise<string>((resolve) => rl.question(`${question} `, resolve));
+    return /^y(es)?$/i.test(answer.trim());
+  } finally {
+    rl.close();
+  }
+}
+
 async function requireCmd(cmd: string[], msg: string): Promise<void> {
   if ((await Bun.spawn(cmd, { stdout: 'ignore', stderr: 'ignore' }).exited) !== 0) throw new Error(msg);
 }
@@ -104,10 +125,10 @@ async function requireDocker(): Promise<void> {
 }
 
 async function deployServices(mode: string, pull = true): Promise<string[]> {
-  const state = await ensureValidState();
+  const state = ensureValidState();
   await applyInstall(state);
   const managedServices = await buildManagedServices(state);
-  const composeArgs = fullComposeArgs(state);
+  const composeArgs = buildComposeCliArgs(state);
   if (pull) await runDockerCompose([...composeArgs, 'pull', ...managedServices]).catch(() => console.warn('Warning: image pull failed.'));
   await runDockerCompose([...composeArgs, 'up', '-d', ...managedServices]);
   console.log(JSON.stringify({ ok: true, mode, services: managedServices }, null, 2));
@@ -128,16 +149,39 @@ async function parseConfigFile(filePath: string, raw: string): Promise<Record<st
 export async function bootstrapInstall(options: InstallOptions): Promise<void> {
   const homeDir = resolveOpenPalmHome();
   const configDir = resolveConfigDir();
-  const vaultDir = resolveVaultDir();
-  const dataDir = resolveDataDir();
+  const stateDir = `${homeDir}/state`;
   const workDir = defaultWorkDir();
 
-  const alreadyInstalled = await Bun.file(join(vaultDir, 'user', 'user.env')).exists();
+  // Use config/stack/stack.env (always present after a successful install) as the
+  // canonical "already installed" indicator.
+  const alreadyInstalled = await Bun.file(join(configDir, 'stack', 'stack.env')).exists();
   if (alreadyInstalled && !options.force) {
     throw new Error('OpenPalm appears to already be installed. Re-run install with --force to continue.');
   }
 
   if (alreadyInstalled && options.force) {
+    // Use the helper's own backup-path convention so the prompt is honest about
+    // where the existing install will land. Match backupOpenPalmHome():
+    // `${homeDir}.backup.${YYYYMMDD-HHMMSS}`.
+    const now = new Date();
+    const stamp =
+      `${now.getFullYear()}${String(now.getMonth() + 1).padStart(2, '0')}${String(now.getDate()).padStart(2, '0')}` +
+      `-${String(now.getHours()).padStart(2, '0')}${String(now.getMinutes()).padStart(2, '0')}${String(now.getSeconds()).padStart(2, '0')}`;
+    const plannedBackup = `${homeDir}.backup.${stamp}`;
+
+    // Skip the prompt when --yes was passed OR when there's no TTY (CI/scripts).
+    // Without the TTY exemption we would silently hang a non-interactive
+    // pipeline waiting for stdin, which is worse than auto-confirming.
+    const interactive = process.stdin.isTTY && process.stdout.isTTY;
+    if (!options.assumeYes && interactive) {
+      const proceed = await promptYesNo(
+        `--force will move the existing OpenPalm install at ${homeDir} to ${plannedBackup}. Continue? [y/N]`,
+      );
+      if (!proceed) {
+        console.log('Install aborted. Re-run with --yes (or -y) to skip this confirmation in non-interactive use.');
+        return;
+      }
+    }
     const backupDir = backupOpenPalmHome(homeDir);
     if (backupDir) {
       console.log(`Backed up existing OP_HOME to ${backupDir}`);
@@ -145,7 +189,7 @@ export async function bootstrapInstall(options: InstallOptions): Promise<void> {
   }
 
   // ── Bootstrap files ────────────────────────────────────────────────────
-  await prepareInstallFiles(homeDir, configDir, vaultDir, dataDir, workDir, options.version);
+  await prepareInstallFiles(homeDir, configDir, stateDir, workDir, options.version);
 
   // ── Configure ──────────────────────────────────────────────────────────
   // File-based install: read config, run performSetup, optionally deploy
@@ -154,10 +198,10 @@ export async function bootstrapInstall(options: InstallOptions): Promise<void> {
     return;
   }
 
-  // Interactive wizard: --force always runs wizard, otherwise only on first install
+  // Interactive wizard: start the admin UI which serves the setup wizard
   const needsWizard = !alreadyInstalled || options.force;
   if (needsWizard) {
-    await runWizardInstall(configDir, options.noOpen, options.noStart);
+    await runWizardInstall(options.noOpen);
     return;
   }
 
@@ -171,139 +215,51 @@ export async function bootstrapInstall(options: InstallOptions): Promise<void> {
 }
 
 async function prepareInstallFiles(
-  homeDir: string, configDir: string, vaultDir: string, dataDir: string, workDir: string, version: string,
+  homeDir: string, configDir: string, stateDir: string, workDir: string, version: string,
 ): Promise<void> {
   console.log('Preparing directories...');
-  await ensureDirectoryTree(homeDir, configDir, vaultDir, dataDir, workDir);
+  await ensureDirectoryTree(homeDir, configDir, '', '', workDir);
 
-  try { await Bun.write(join(dataDir, 'host.json'), JSON.stringify(await detectHostInfo(), null, 2) + '\n'); }
+  try { await Bun.write(join(stateDir, 'host.json'), JSON.stringify(await detectHostInfo(), null, 2) + '\n'); }
   catch (err) { logger.debug('failed to write host.json', { error: String(err) }); }
 
-  // Seed core files from embedded assets (always available, even offline)
-  seedEmbeddedAssets(homeDir);
-
-  // Try to fetch latest assets from GitHub (non-fatal — embedded assets are sufficient)
-  try {
-    await seedOpenPalmDir(version, homeDir, configDir, vaultDir, dataDir);
-  } catch (err) {
-    logger.debug('seedOpenPalmDir failed (embedded assets already seeded)', { error: String(err) });
-  }
+  // Seed OP_HOME from .openpalm/ (local source if available, else GitHub tarball)
+  await seedOpenPalmDir(version, homeDir, configDir, stateDir);
+  // Install UI build to state/ui/ (local build if available, else GitHub release asset)
+  await seedUiBuild(version, stateDir);
 
   console.log('Configuring secrets...');
-  await ensureSecrets(vaultDir);
-  await ensureStackEnv(homeDir, vaultDir, workDir, version, resolveRequestedImageTag(version) ?? undefined);
+  await ensureSecrets(stateDir);
+  await ensureStackEnv(homeDir, configDir, workDir, version, resolveRequestedImageTag(version) ?? undefined);
 
   for (const [path, content] of [
-    [join(vaultDir, 'stack', 'guardian.env'), '# Guardian channel HMAC secrets — managed by openpalm\n'],
-    [join(vaultDir, 'stack', 'auth.json'), '{}\n'],
+    [join(configDir, 'stack', 'guardian.env'), '# Guardian channel HMAC secrets — managed by openpalm\n'],
+    [join(configDir, 'stack', 'auth.json'), '{}\n'],
+    [join(homeDir, 'stash', 'vaults', 'user.env'), '# OpenPalm user vault — add LLM API keys and other secrets here\n'],
   ] as const) {
     if (!(await Bun.file(path).exists())) await Bun.write(path, content);
   }
 
   try { ensureOpenCodeConfig(); ensureOpenCodeSystemConfig(); } catch (err) { logger.debug('failed to ensure OpenCode config', { error: String(err) }); }
-
-  try {
-    // Download + validate wrapped in a single timeout. The download can be
-    // slow on first install (binary fetch from GitHub) but must not block
-    // the install indefinitely — 30s is generous enough for most connections.
-    await Promise.race([
-      (async () => {
-        const varlockBin = await ensureVarlock();
-        await runVarlockValidation(varlockBin, vaultDir);
-      })(),
-      new Promise((_, reject) => setTimeout(() => reject(new Error('timeout')), 30_000)),
-    ]);
-    console.log('Configuration validated.');
-  } catch (err) { logger.debug('varlock validation skipped', { error: String(err) }); }
 }
 
-async function runWizardInstall(configDir: string, noOpen: boolean, noStart = false): Promise<void> {
-  console.log('Starting setup wizard...');
-
-  // Start OpenCode subprocess for provider discovery (non-fatal if unavailable)
-  let openCodeSub: OpenCodeSubprocess | null = null;
-  let openCodeClient: ReturnType<typeof createOpenCodeClient> | undefined;
-  try {
-    console.log('Starting provider discovery...');
-    openCodeSub = await startOpenCodeSubprocess({
-      homeDir: resolveOpenPalmHome(),
-      configDir: resolveConfigDir(),
-      vaultDir: resolveVaultDir(),
-      dataDir: resolveDataDir(),
-    });
-    const ready = await openCodeSub.waitForReady();
-    if (ready) {
-      openCodeClient = createOpenCodeClient({ baseUrl: openCodeSub.baseUrl });
-    } else {
-      console.log('Provider discovery unavailable. Using built-in provider list.');
-      await openCodeSub.stop();
-      openCodeSub = null;
-    }
-  } catch {
-    console.log('Provider discovery unavailable. Using built-in provider list.');
-    openCodeSub = null;
-  }
-
-  const wizard = createSetupServer(SETUP_WIZARD_PORT, { configDir, openCodeClient });
-  const wizardUrl = `http://localhost:${wizard.server.port}/setup`;
-  console.log(`Setup wizard running at ${wizardUrl}`);
-  if (!noOpen) await openBrowser(wizardUrl);
-
-  const result = await wizard.waitForComplete();
-  if (!result.ok) { wizard.stop(); throw new Error(`Setup failed: ${result.error ?? 'unknown error'}`); }
-
-  if (noStart) {
-    console.log('Setup complete. Config written. Run `openpalm start` to start services.');
-    wizard.stop();
-    if (openCodeSub) await openCodeSub.stop().catch(() => {});
-    return;
-  }
-
-  console.log('Setup complete. Checking Docker...');
-  wizard.setDeploying(true);
+/**
+ * Launch the UI host server to handle first-time setup.
+ *
+ * The SvelteKit UI detects that setup is not complete (via hooks.server.ts)
+ * and redirects to /setup where the wizard runs. Deploy is triggered from
+ * within the UI process after the user completes the wizard.
+ *
+ * Pre-flight: `requireDocker()` runs FIRST so users hit our friendly Docker
+ * error before the browser opens to a wizard that will fail at the end of
+ * a 10-step flow.
+ */
+async function runWizardInstall(noOpen: boolean): Promise<void> {
   await requireDocker();
-
-  console.log('Starting services...');
-  const homeDir = resolveOpenPalmHome();
-  const vaultDir = resolveVaultDir();
-  await ensureVolumeMountTargets(homeDir, vaultDir);
-  const state = await ensureValidState();
-  await applyInstall(state);
-  const allServices = await buildManagedServices(state);
-  const composeArgs = fullComposeArgs(state);
-  try {
-    wizard.updateDeployStatus(buildDeployStatusEntries(allServices, 'pending', 'Pulling images...'));
-    await runDockerCompose([...composeArgs, 'pull', ...allServices]).catch(() => {
-      console.warn('Warning: image pull failed — if this is your first install, check your network connection.');
-    });
-    wizard.updateDeployStatus(buildDeployStatusEntries(allServices, 'pending', 'Starting...'));
-    await runDockerCompose([...composeArgs, 'up', '-d', ...allServices]);
-
-    // Poll container health so the wizard shows real progress per-service
-    await pollContainerHealth(composeArgs, allServices, wizard);
-
-    console.log('\n✓ All services are running:');
-    for (const svc of allServices) {
-      console.log(`  • ${svc}`);
-    }
-    console.log(`\n  Assistant:  http://localhost:${3800}`);
-    console.log(`  Admin:      http://localhost:${3880}`);
-    console.log(`  Memory API: http://localhost:${3898}`);
-    console.log(`  Guardian:   http://localhost:${3899}`);
-    console.log('');
-    // pollContainerHealth returns as soon as all services are healthy, but
-    // the frontend polls every 2.5s — keep the server alive long enough for
-    // at least 2-3 polls to fetch the final "all running" state with URLs.
-    await new Promise(resolve => setTimeout(resolve, 8000));
-  } catch (err) {
-    wizard.updateDeployStatus(buildDeployStatusEntries(allServices, 'error', String(err)));
-    wizard.setDeployError(String(err));
-    await new Promise(resolve => setTimeout(resolve, 10000));
-    throw err;
-  } finally {
-    wizard.stop();
-    if (openCodeSub) await openCodeSub.stop().catch(() => {});
-  }
+  const port = Number(process.env.OP_HOST_UI_PORT) || 3880;
+  console.log(`Setup wizard: http://localhost:${port}/setup`);
+  const { startUIServer } = await import('../lib/ui-server.ts');
+  await startUIServer({ open: !noOpen, port });
 }
 
 async function runFileInstall(filePath: string, noStart: boolean): Promise<void> {
@@ -326,13 +282,15 @@ async function runFileInstall(filePath: string, noStart: boolean): Promise<void>
 
   if (config.version !== 2) throw new Error('Setup config must be version 2. See example.spec.yaml for the format.');
   if (!config.capabilities || typeof config.capabilities !== 'object' || Array.isArray(config.capabilities)) {
-    throw new Error('Setup config must contain a "capabilities" object (llm, embeddings, memory).');
+    throw new Error('Setup config must contain a "capabilities" object (llm, embeddings).');
   }
 
-  // Resolve security.adminToken from environment when not in spec
+  // Resolve security.uiLoginPassword from environment when not in spec.
+  // Phase 4 (auth/proxy refactor) renamed the env var to OP_UI_LOGIN_PASSWORD
+  // and the spec field to security.uiLoginPassword.
   const security = (config.security ?? {}) as Record<string, unknown>;
-  if (!security.adminToken && process.env.OP_ADMIN_TOKEN) {
-    security.adminToken = process.env.OP_ADMIN_TOKEN;
+  if (!security.uiLoginPassword && process.env.OP_UI_LOGIN_PASSWORD) {
+    security.uiLoginPassword = process.env.OP_UI_LOGIN_PASSWORD;
     config.security = security;
   }
 
@@ -341,147 +299,7 @@ async function runFileInstall(filePath: string, noStart: boolean): Promise<void>
   console.log('Setup complete.');
   if (noStart) { console.log('Config written. Run `openpalm start` to start services.'); return; }
   await requireDocker();
-  await ensureVolumeMountTargets(resolveOpenPalmHome(), resolveVaultDir());
   await deployServices('install');
 }
 
-/**
- * Poll `docker compose ps` until all services are running/healthy (or timeout).
- * Updates the wizard deploy status per-service so the frontend shows real progress.
- */
-async function pollContainerHealth(
-  composeArgs: string[],
-  services: string[],
-  wizard: ReturnType<typeof createSetupServer>,
-): Promise<void> {
-  const MAX_WAIT_MS = 120_000; // 2 minutes
-  const POLL_INTERVAL = 3_000;
-  const start = Date.now();
-  const running = new Set<string>();
-  const psArgs = [...composeArgs, 'ps', '--format', 'json'];
-  let prevRunningCount = 0;
-
-  while (Date.now() - start < MAX_WAIT_MS) {
-    try {
-      const output = await runDockerComposeCapture(psArgs);
-      for (const line of output.trim().split('\n')) {
-        if (!line.trim()) continue;
-        try {
-          const container = JSON.parse(line) as { Service?: string; State?: string; Health?: string };
-          const svc = container.Service;
-          if (!svc || !services.includes(svc)) continue;
-          const isHealthy = container.Health === 'healthy' || (container.State === 'running' && !container.Health);
-          if (isHealthy) running.add(svc);
-        } catch { /* skip malformed JSON line */ }
-      }
-    } catch { /* compose ps failed — retry next tick */ }
-
-    if (running.size !== prevRunningCount) {
-      prevRunningCount = running.size;
-      const entries = services.map(svc => ({
-        service: svc,
-        status: (running.has(svc) ? 'running' : 'pending') as 'running' | 'pending',
-        label: running.has(svc) ? 'Running' : 'Starting...',
-      }));
-      wizard.updateDeployStatus(entries);
-    }
-
-    if (running.size >= services.length) return;
-
-    await new Promise(resolve => setTimeout(resolve, POLL_INTERVAL));
-  }
-
-  // Timeout: mark remaining as running so the UI completes, but warn
-  const pending = services.filter(s => !running.has(s));
-  console.warn(`Warning: health check timed out for: ${pending.join(', ')}. They may still be starting.`);
-  wizard.markAllRunning();
-}
-
-/**
- * Parse all compose files under homeDir/stack/ and pre-create every host-side
- * volume mount target as the current user. This prevents Docker from creating
- * them as root-owned, which causes EACCES inside non-root containers.
- *
- * For file mounts (source path has an extension like .json, .env), creates
- * an empty file. For directory mounts, creates the directory.
- */
-async function ensureVolumeMountTargets(homeDir: string, vaultDir: string): Promise<void> {
-  const { readFileSync, existsSync, mkdirSync, writeFileSync } = await import('node:fs');
-  const { parse: yamlParse } = await import('yaml');
-  const { dirname } = await import('node:path');
-  const stackDir = join(homeDir, 'stack');
-  const composeFiles: string[] = [];
-
-  // Collect all compose files
-  const coreYml = join(stackDir, 'core.compose.yml');
-  if (existsSync(coreYml)) composeFiles.push(coreYml);
-  const addonsDir = join(stackDir, 'addons');
-  if (existsSync(addonsDir)) {
-    for (const entry of (await import('node:fs')).readdirSync(addonsDir, { withFileTypes: true })) {
-      if (entry.isDirectory()) {
-        const addonYml = join(addonsDir, entry.name, 'compose.yml');
-        if (existsSync(addonYml)) composeFiles.push(addonYml);
-      }
-    }
-  }
-
-  // Read env vars for variable substitution
-  const envVars: Record<string, string> = { ...process.env };
-  const stackEnv = join(vaultDir, 'stack', 'stack.env');
-  if (existsSync(stackEnv)) {
-    for (const line of readFileSync(stackEnv, 'utf-8').split('\n')) {
-      const m = line.match(/^(?:export\s+)?([A-Z_][A-Z0-9_]*)=(.*)$/);
-      if (m) envVars[m[1]] = m[2];
-    }
-  }
-
-  function resolveEnvVar(str: string): string {
-    return str.replace(/\$\{([^}:]+)(?::-([^}]*))?\}/g, (_, name, def) => envVars[name] ?? def ?? '');
-  }
-
-  // Extract volume mount sources from all compose files
-  for (const file of composeFiles) {
-    let doc: Record<string, unknown>;
-    try { doc = yamlParse(readFileSync(file, 'utf-8')) as Record<string, unknown>; } catch { continue; }
-    const services = doc?.services;
-    if (!services || typeof services !== 'object') continue;
-
-    for (const svc of Object.values(services as Record<string, unknown>)) {
-      if (!svc || typeof svc !== 'object') continue;
-      const svcRecord = svc as Record<string, unknown>;
-      if (!Array.isArray(svcRecord.volumes)) continue;
-      for (const vol of svcRecord.volumes as unknown[]) {
-        const volRecord = typeof vol === 'object' && vol !== null ? vol as Record<string, unknown> : null;
-        const raw = typeof vol === 'string' ? vol : String(volRecord?.source ?? volRecord?.target ?? '');
-        if (!raw || typeof raw !== 'string') continue;
 
-        // Parse "source:target[:opts]" format
-        const hostPath = resolveEnvVar(typeof vol === 'string' ? vol.split(':')[0] : String(volRecord?.source ?? ''));
-        if (!hostPath || !hostPath.startsWith('/')) continue;
-
-        // Determine if this is a file mount (has extension) or directory mount
-        const basename = hostPath.split('/').pop() ?? '';
-        const isFile = basename.includes('.') && !basename.startsWith('.');
-
-        if (existsSync(hostPath)) continue;
-
-        if (isFile) {
-          mkdirSync(dirname(hostPath), { recursive: true });
-          writeFileSync(hostPath, '');
-        } else {
-          mkdirSync(hostPath, { recursive: true });
-        }
-      }
-    }
-  }
-}
-
-async function runVarlockValidation(varlockBin: string, vaultDir: string): Promise<void> {
-  const schemaPath = join(vaultDir, 'user', 'user.env.schema');
-  if (!(await Bun.file(schemaPath).exists())) return;
-  const tmpDir = await prepareVarlockDir(schemaPath, join(vaultDir, 'user', 'user.env'));
-  try {
-    const code = await Bun.spawn([varlockBin, 'load', '--path', `${tmpDir}/`], { stdout: 'ignore', stderr: 'ignore' }).exited;
-    console.log(code === 0 ? 'Configuration validated.' : 'Configuration has validation warnings (non-fatal on first install).');
-  } finally { await rm(tmpDir, { recursive: true, force: true }); }
-}

package/src/commands/logs.ts

@@ -3,7 +3,7 @@ import { ensureValidState } from '../lib/cli-state.ts';
 import { runComposeReadOnly } from '../lib/cli-compose.ts';
 
 export async function runLogsAction(services: string[]): Promise<void> {
-  const state = await ensureValidState();
+  const state = ensureValidState();
   await runComposeReadOnly(state, ['logs', '--tail', '100', ...services]);
 }
 

package/src/commands/restart.ts

@@ -1,6 +1,7 @@
 import { defineCommand } from 'citty';
+import { buildManagedServices } from '@openpalm/lib';
 import { ensureValidState } from '../lib/cli-state.ts';
-import { buildManagedServiceNames, runComposeWithPreflight } from '../lib/cli-compose.ts';
+import { runComposeWithPreflight } from '../lib/cli-compose.ts';
 
 export default defineCommand({
   meta: {
@@ -23,13 +24,13 @@ export default defineCommand({
 export async function runRestartAction(services: string[]): Promise<void> {
   if (services.length === 0) {
     // Restart all managed services (admin included if enabled)
-    const state = await ensureValidState();
-    const managedServices = await buildManagedServiceNames(state);
+    const state = ensureValidState();
+    const managedServices = await buildManagedServices(state);
     await runComposeWithPreflight(state, ['restart', ...managedServices]);
     return;
   }
 
-  const state = await ensureValidState();
+  const state = ensureValidState();
   for (const service of services) {
     await runComposeWithPreflight(state, ['restart', service]);
   }

package/src/commands/rollback.ts

@@ -1,7 +1,8 @@
 import { defineCommand } from 'citty';
 import { ensureValidState } from '../lib/cli-state.ts';
-import { buildManagedServiceNames, runComposeWithPreflight } from '../lib/cli-compose.ts';
+import { runComposeWithPreflight } from '../lib/cli-compose.ts';
 import {
+  buildManagedServices,
   createState,
   restoreSnapshot,
   hasSnapshot,
@@ -30,9 +31,9 @@ export default defineCommand({
     console.log('Snapshot restored. Rebuilding configuration...');
 
     // Now validate and persist with the restored files in place
-    const state = await ensureValidState();
+    const state = ensureValidState();
 
-    const managedServices = await buildManagedServiceNames(state);
+    const managedServices = await buildManagedServices(state);
 
     await runComposeWithPreflight(state, [
       'up', '-d', '--remove-orphans', ...managedServices,