npm - opentunnel-cli - Versions diffs - 1.0.23 → 1.0.25 - Mend

opentunnel-cli 1.0.23 → 1.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/README.md +39 -2
package/dist/cli/index.js +678 -84
package/dist/cli/index.js.map +1 -1
package/dist/client/CloudflareTunnelClient.d.ts +110 -0
package/dist/client/CloudflareTunnelClient.d.ts.map +1 -0
package/dist/client/CloudflareTunnelClient.js +531 -0
package/dist/client/CloudflareTunnelClient.js.map +1 -0
package/dist/client/NgrokClient.d.ts +18 -1
package/dist/client/NgrokClient.d.ts.map +1 -1
package/dist/client/NgrokClient.js +130 -4
package/dist/client/NgrokClient.js.map +1 -1
package/dist/client/TunnelClient.d.ts +0 -1
package/dist/client/TunnelClient.d.ts.map +1 -1
package/dist/client/TunnelClient.js +2 -96
package/dist/client/TunnelClient.js.map +1 -1
package/dist/client/index.d.ts +1 -0
package/dist/client/index.d.ts.map +1 -1
package/dist/client/index.js +3 -1
package/dist/client/index.js.map +1 -1
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +3 -1
package/dist/index.js.map +1 -1
package/dist/lib/index.d.ts +2 -0
package/dist/lib/index.d.ts.map +1 -0
package/dist/lib/index.js +18 -0
package/dist/lib/index.js.map +1 -0
package/dist/lib/pages/index.d.ts +2 -0
package/dist/lib/pages/index.d.ts.map +1 -0
package/dist/lib/pages/index.js +6 -0
package/dist/lib/pages/index.js.map +1 -0
package/dist/lib/pages/not-running.d.ts +10 -0
package/dist/lib/pages/not-running.d.ts.map +1 -0
package/dist/lib/pages/not-running.js +117 -0
package/dist/lib/pages/not-running.js.map +1 -0
package/dist/server/TunnelServer.d.ts +1 -3
package/dist/server/TunnelServer.d.ts.map +1 -1
package/dist/server/TunnelServer.js +7 -58
package/dist/server/TunnelServer.js.map +1 -1
package/dist/shared/credentials.d.ts +101 -0
package/dist/shared/credentials.d.ts.map +1 -0
package/dist/shared/credentials.js +302 -0
package/dist/shared/credentials.js.map +1 -0
package/dist/shared/ip-filter.d.ts +75 -0
package/dist/shared/ip-filter.d.ts.map +1 -0
package/dist/shared/ip-filter.js +203 -0
package/dist/shared/ip-filter.js.map +1 -0
package/dist/shared/types.d.ts +34 -0
package/dist/shared/types.d.ts.map +1 -1
package/package.json +6 -3

package/dist/cli/index.js CHANGED Viewed

@@ -42,6 +42,8 @@ const chalk_1 = __importDefault(require("chalk"));
 const ora_1 = __importDefault(require("ora"));
 const TunnelClient_1 = require("../client/TunnelClient");
 const NgrokClient_1 = require("../client/NgrokClient");
+const CloudflareTunnelClient_1 = require("../client/CloudflareTunnelClient");
+const credentials_1 = require("../shared/credentials");
 const utils_1 = require("../shared/utils");
 const yaml_1 = require("yaml");
 const fs = __importStar(require("fs"));
@@ -220,8 +222,8 @@ const program = new commander_1.Command();
 program
     .name("opentunnel")
     .alias("ot")
-    .description("Expose local ports to the internet via custom domains or ngrok")
-    .version("1.0.23");
+    .description("Expose local ports to the internet via custom domains, ngrok, or Cloudflare Tunnel")
+    .version("1.0.25");
 // Helper function to build WebSocket URL from domain
 // User only provides base domain (e.g., fjrg2007.com), system handles the rest
 // Note: --insecure flag only affects certificate verification, not the protocol
@@ -618,8 +620,28 @@ program
     .option("--insecure", "Skip SSL verification (for self-signed certs)")
     .option("--ngrok", "Use ngrok instead of OpenTunnel server")
     .option("--region <region>", "Ngrok region (us, eu, ap, au, sa, jp, in)", "us")
+    .option("--cloudflare, --cf", "Use Cloudflare Tunnel instead of OpenTunnel server")
+    .option("--cf-hostname <hostname>", "Custom hostname for Cloudflare Tunnel")
+    .option("--provider <provider>", "Tunnel provider (opentunnel, ngrok, cloudflare)")
     .action(async (port, options) => {
-    if (options.ngrok || options.domain === "ngrok") {
+    // Determine provider
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : null) ||
+        (options.ngrok ? "ngrok" : null);
+    // Cloudflare Tunnel
+    if (provider === "cloudflare" || provider === "cf") {
+        await createCloudflareTunnel({
+            protocol: options.https ? "https" : "http",
+            localHost: options.host,
+            localPort: parseInt(port),
+            hostname: options.cfHostname,
+            tunnelName: options.subdomain, // -n works as tunnel name for CF
+            noTlsVerify: options.insecure,
+        });
+        return;
+    }
+    // ngrok
+    if (provider === "ngrok") {
         await createNgrokTunnel({
             protocol: options.https ? "https" : "http",
             localHost: options.host,
@@ -630,8 +652,8 @@ program
         });
         return;
     }
-    // If remote server domain provided, just connect to it
-    if (options.domain) {
+    // If remote server domain provided, connect to OpenTunnel server
+    if (options.domain && options.domain !== "cloudflare" && options.domain !== "ngrok") {
         const { url: serverUrl } = buildServerUrl(options.domain, options.basePath);
         await createTunnel({
             protocol: options.https ? "https" : "http",
@@ -649,6 +671,8 @@ program
     console.log(chalk_1.default.gray("\nExamples:"));
     console.log(chalk_1.default.cyan("  opentunnel http 3000 -s example.com"));
     console.log(chalk_1.default.cyan("  opentunnel http 3000 --domain example.com -n myapp"));
+    console.log(chalk_1.default.cyan("  opentunnel http 3000 --cloudflare"));
+    console.log(chalk_1.default.cyan("  opentunnel http 3000 --ngrok"));
     process.exit(1);
 });
 // TCP tunnel command
@@ -664,8 +688,33 @@ program
     .option("--insecure", "Skip SSL verification (for self-signed certs)")
     .option("--ngrok", "Use ngrok instead of OpenTunnel server")
     .option("--region <region>", "Ngrok region (us, eu, ap, au, sa, jp, in)", "us")
+    .option("--cloudflare, --cf", "Use Cloudflare Tunnel (TCP requires named tunnel)")
+    .option("--cf-hostname <hostname>", "Custom hostname for Cloudflare Tunnel")
+    .option("--provider <provider>", "Tunnel provider (opentunnel, ngrok, cloudflare)")
     .action(async (port, options) => {
-    if (options.ngrok || options.domain === "ngrok") {
+    // Determine provider
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : null) ||
+        (options.ngrok ? "ngrok" : null);
+    // Cloudflare Tunnel - Note: TCP requires named tunnel
+    if (provider === "cloudflare" || provider === "cf") {
+        if (!options.subdomain) {
+            console.log(chalk_1.default.yellow("Note: Cloudflare TCP tunnels require a named tunnel."));
+            console.log(chalk_1.default.gray("Use -n <tunnel-name> to specify a named tunnel."));
+            console.log(chalk_1.default.gray("\nExample: opentunnel tcp 5432 --cf -n my-tunnel"));
+        }
+        await createCloudflareTunnel({
+            protocol: "tcp",
+            localHost: options.host,
+            localPort: parseInt(port),
+            hostname: options.cfHostname,
+            tunnelName: options.subdomain,
+            noTlsVerify: options.insecure,
+        });
+        return;
+    }
+    // ngrok
+    if (provider === "ngrok") {
         await createNgrokTunnel({
             protocol: "tcp",
             localHost: options.host,
@@ -676,8 +725,8 @@ program
         });
         return;
     }
-    // If remote server domain provided, just connect to it
-    if (options.domain) {
+    // If remote server domain provided, connect to OpenTunnel server
+    if (options.domain && options.domain !== "cloudflare" && options.domain !== "ngrok") {
         const { url: serverUrl } = buildServerUrl(options.domain, options.basePath);
         await createTunnel({
             protocol: "tcp",
@@ -695,6 +744,7 @@ program
     console.log(chalk_1.default.gray("\nExamples:"));
     console.log(chalk_1.default.cyan("  opentunnel tcp 5432 -s example.com"));
     console.log(chalk_1.default.cyan("  opentunnel tcp 5432 --domain example.com -r 15432"));
+    console.log(chalk_1.default.cyan("  opentunnel tcp 5432 --ngrok"));
     process.exit(1);
 });
 // Quick expose command
@@ -709,6 +759,7 @@ program
     .option("--domain <domain>", "Server domain (e.g., domain.com)")
     .option("--insecure", "Skip SSL certificate verification (for self-signed certs)")
     .option("--ngrok", "Use ngrok instead of OpenTunnel server")
+    .option("--cloudflare, --cf", "Use Cloudflare Tunnel instead of OpenTunnel server")
     .action(async (port, options) => {
     const serverUrl = options.server || (options.domain
         ? `wss://${options.domain}/_tunnel`
@@ -717,26 +768,37 @@ program
         await runTunnelInBackground("expose", port, { ...options, server: serverUrl });
         return;
     }
-    if (options.ngrok || options.server === "ngrok") {
-        await createNgrokTunnel({
+    // Cloudflare Tunnel
+    if (options.cloudflare || options.cf || options.server === "cloudflare") {
+        await createCloudflareTunnel({
             protocol: options.protocol,
             localHost: "localhost",
             localPort: parseInt(port),
-            subdomain: options.subdomain,
-            authtoken: options.token
+            noTlsVerify: options.insecure,
         });
+        return;
     }
-    else {
-        await createTunnel({
+    // ngrok
+    if (options.ngrok || options.server === "ngrok") {
+        await createNgrokTunnel({
             protocol: options.protocol,
             localHost: "localhost",
             localPort: parseInt(port),
             subdomain: options.subdomain,
-            serverUrl,
-            token: options.token,
-            insecure: options.insecure
+            authtoken: options.token
         });
+        return;
     }
+    // OpenTunnel server
+    await createTunnel({
+        protocol: options.protocol,
+        localHost: "localhost",
+        localPort: parseInt(port),
+        subdomain: options.subdomain,
+        serverUrl,
+        token: options.token,
+        insecure: options.insecure
+    });
 });
 // Server command
 program
@@ -1613,7 +1675,7 @@ program
         console.log(chalk_1.default.cyan(`Connecting to ${remote}...\n`));
         console.log(chalk_1.default.cyan(`Starting ${tunnelsToStart.length} tunnel(s)...\n`));
         try {
-            await startTunnelsFromConfig(tunnelsToStart, serverUrl, config.server?.token, true);
+            await startTunnelsFromConfig(tunnelsToStart, serverUrl, config.server?.token, true, config);
             console.log(chalk_1.default.gray("\nPress Ctrl+C to stop"));
             // Keep running
             await new Promise(() => { });
@@ -1665,7 +1727,7 @@ program
                 const serverUrl = `${wsProtocol}://localhost:${port}/_tunnel`;
                 // Small delay to ensure server is fully ready
                 await new Promise(resolve => setTimeout(resolve, 500));
-                await startTunnelsFromConfig(tunnelsToStart, serverUrl, config.server?.token, true);
+                await startTunnelsFromConfig(tunnelsToStart, serverUrl, config.server?.token, true, config);
             }
             else if (isServerMode) {
                 console.log(chalk_1.default.gray("\nServer ready. Waiting for connections..."));
@@ -2301,79 +2363,175 @@ async function runTunnelInBackgroundFromConfig(name, protocol, port, options) {
     console.log(chalk_1.default.green(`  ✓ ${name}: started (PID: ${child.pid})`));
 }
 ;
-async function startTunnelsFromConfig(tunnels, serverUrl, token, insecure) {
-    const spinner = (0, ora_1.default)("Connecting to server...").start();
-    const client = new TunnelClient_1.TunnelClient({
-        serverUrl,
-        token,
-        reconnect: true,
-        silent: true,
-        rejectUnauthorized: !insecure,
-    });
-    try {
-        await client.connect();
-        spinner.succeed("Connected to server");
-        const activeTunnels = [];
-        for (const tunnel of tunnels) {
-            const tunnelSpinner = (0, ora_1.default)(`Creating tunnel: ${tunnel.name}...`).start();
-            try {
-                const { tunnelId, publicUrl } = await client.createTunnel({
-                    protocol: tunnel.protocol,
-                    localHost: tunnel.host || "localhost",
-                    localPort: tunnel.port,
-                    subdomain: tunnel.subdomain,
-                    remotePort: tunnel.remotePort,
-                });
-                activeTunnels.push({ name: tunnel.name, tunnelId, publicUrl });
-                tunnelSpinner.succeed(`${tunnel.name}: ${publicUrl}`);
-            }
-            catch (err) {
-                tunnelSpinner.fail(`${tunnel.name}: ${err.message}`);
-            }
+async function startTunnelsFromConfig(tunnels, serverUrl, token, insecure, globalConfig) {
+    // Determine global provider
+    const globalProvider = globalConfig?.provider || "opentunnel";
+    // Group tunnels by provider
+    const tunnelsByProvider = new Map();
+    for (const tunnel of tunnels) {
+        const provider = tunnel.provider || globalProvider;
+        if (!tunnelsByProvider.has(provider)) {
+            tunnelsByProvider.set(provider, []);
         }
-        if (activeTunnels.length === 0) {
-            console.log(chalk_1.default.red("\nNo tunnels created"));
-            process.exit(1);
+        tunnelsByProvider.get(provider).push(tunnel);
+    }
+    const activeTunnels = [];
+    const clients = [];
+    // Process OpenTunnel tunnels
+    const opentunnelTunnels = tunnelsByProvider.get("opentunnel") || [];
+    if (opentunnelTunnels.length > 0) {
+        const spinner = (0, ora_1.default)("Connecting to OpenTunnel server...").start();
+        const client = new TunnelClient_1.TunnelClient({
+            serverUrl,
+            token,
+            reconnect: true,
+            silent: true,
+            rejectUnauthorized: !insecure,
+        });
+        try {
+            await client.connect();
+            spinner.succeed("Connected to OpenTunnel server");
+            clients.push({ provider: "opentunnel", client });
+            for (const tunnel of opentunnelTunnels) {
+                const tunnelSpinner = (0, ora_1.default)(`Creating tunnel: ${tunnel.name}...`).start();
+                try {
+                    const { tunnelId, publicUrl } = await client.createTunnel({
+                        protocol: tunnel.protocol,
+                        localHost: tunnel.host || "localhost",
+                        localPort: tunnel.port,
+                        subdomain: tunnel.subdomain,
+                        remotePort: tunnel.remotePort,
+                    });
+                    activeTunnels.push({ name: tunnel.name, tunnelId, publicUrl, provider: "opentunnel", client });
+                    tunnelSpinner.succeed(`${tunnel.name}: ${publicUrl}`);
+                }
+                catch (err) {
+                    tunnelSpinner.fail(`${tunnel.name}: ${err.message}`);
+                }
+            }
+            // Handle reconnection events
+            client.on("disconnected", () => {
+                console.log(chalk_1.default.yellow("\n  OpenTunnel disconnected, reconnecting..."));
+            });
+            client.on("connected", () => {
+                console.log(chalk_1.default.green("  OpenTunnel reconnected!"));
+            });
         }
-        console.log(chalk_1.default.cyan("\n─────────────────────────────────────────"));
-        console.log(chalk_1.default.green(`  ${activeTunnels.length} tunnel(s) active`));
-        console.log(chalk_1.default.cyan("─────────────────────────────────────────\n"));
-        for (const t of activeTunnels) {
-            console.log(`  ${chalk_1.default.white(t.name.padEnd(15))} ${chalk_1.default.green(t.publicUrl)}`);
+        catch (err) {
+            spinner.fail(`OpenTunnel connection failed: ${err.message}`);
         }
-        console.log(chalk_1.default.gray("\n  Press Ctrl+C to stop all tunnels\n"));
-        // Keep alive with uptime counter
-        const startTime = Date.now();
-        const statsInterval = setInterval(() => {
-            const uptime = (0, utils_1.formatDuration)(Date.now() - startTime);
-            process.stdout.write(`\r  ${chalk_1.default.gray(`Uptime: ${uptime}`)}`);
-        }, 1000);
-        // Handle exit
-        const cleanup = async () => {
-            clearInterval(statsInterval);
-            console.log("\n");
-            const closeSpinner = (0, ora_1.default)("Closing tunnels...").start();
-            for (const t of activeTunnels) {
-                await client.closeTunnel(t.tunnelId);
-            }
-            await client.disconnect();
-            closeSpinner.succeed("All tunnels closed");
-            process.exit(0);
-        };
-        process.on("SIGINT", cleanup);
-        process.on("SIGTERM", cleanup);
-        // Handle reconnection
-        client.on("disconnected", () => {
-            console.log(chalk_1.default.yellow("\n  Disconnected, reconnecting..."));
+    }
+    // Process ngrok tunnels (one at a time, ngrok limitation)
+    const ngrokTunnels = tunnelsByProvider.get("ngrok") || [];
+    for (const tunnel of ngrokTunnels) {
+        const spinner = (0, ora_1.default)(`Creating ngrok tunnel: ${tunnel.name}...`).start();
+        const ngrokToken = tunnel.ngrokToken || globalConfig?.ngrok?.token;
+        const ngrokRegion = tunnel.ngrokRegion || globalConfig?.ngrok?.region || "us";
+        // Merge IP access config: tunnel-specific > global security > none
+        const { IpFilter } = await Promise.resolve().then(() => __importStar(require("../shared/ip-filter")));
+        const ipAccess = IpFilter.mergeConfigs(globalConfig?.security?.ipAccess, tunnel.ipAccess);
+        const client = new NgrokClient_1.NgrokClient({
+            authtoken: ngrokToken,
+            region: ngrokRegion,
+            ipAccess,
         });
-        client.on("connected", () => {
-            console.log(chalk_1.default.green("  Reconnected!"));
+        try {
+            await client.connect();
+            const { tunnelId, publicUrl } = await client.createTunnel({
+                protocol: tunnel.protocol,
+                localHost: tunnel.host || "localhost",
+                localPort: tunnel.port,
+                subdomain: tunnel.subdomain,
+                remotePort: tunnel.remotePort,
+            });
+            activeTunnels.push({ name: tunnel.name, tunnelId, publicUrl, provider: "ngrok", client });
+            clients.push({ provider: "ngrok", client });
+            spinner.succeed(`${tunnel.name}: ${publicUrl} (ngrok)`);
+        }
+        catch (err) {
+            spinner.fail(`${tunnel.name}: ${err.message}`);
+            console.log(chalk_1.default.yellow("  Make sure ngrok is installed: https://ngrok.com/download"));
+        }
+    }
+    // Process Cloudflare tunnels (one at a time)
+    const cloudflareTunnels = tunnelsByProvider.get("cloudflare") || [];
+    for (const tunnel of cloudflareTunnels) {
+        const spinner = (0, ora_1.default)(`Creating Cloudflare tunnel: ${tunnel.name}...`).start();
+        const cfHostname = tunnel.cfHostname || globalConfig?.cloudflare?.hostname;
+        // For Cloudflare: subdomain = tunnel name
+        const cfTunnelName = tunnel.subdomain || globalConfig?.cloudflare?.tunnelName;
+        // Merge IP access config: tunnel-specific > global security > none
+        const { IpFilter } = await Promise.resolve().then(() => __importStar(require("../shared/ip-filter")));
+        const ipAccess = IpFilter.mergeConfigs(globalConfig?.security?.ipAccess, tunnel.ipAccess);
+        const client = new CloudflareTunnelClient_1.CloudflareTunnelClient({
+            hostname: cfHostname,
+            tunnelName: cfTunnelName,
+            protocol: tunnel.protocol === "https" ? "https" : "http",
+            ipAccess,
         });
+        try {
+            await client.connect();
+            const { tunnelId, publicUrl } = await client.createTunnel({
+                protocol: tunnel.protocol,
+                localHost: tunnel.host || "localhost",
+                localPort: tunnel.port,
+            });
+            activeTunnels.push({ name: tunnel.name, tunnelId, publicUrl, provider: "cloudflare", client });
+            clients.push({ provider: "cloudflare", client });
+            const tunnelMode = cfTunnelName ? ` [${cfTunnelName}]` : "";
+            spinner.succeed(`${tunnel.name}: ${publicUrl}${tunnelMode} (cloudflare)`);
+        }
+        catch (err) {
+            spinner.fail(`${tunnel.name}: ${err.message}`);
+            console.log(chalk_1.default.yellow("  cloudflared installs automatically. Check internet connection or try: npm rebuild cloudflared"));
+        }
     }
-    catch (err) {
-        spinner.fail(`Failed: ${err.message}`);
+    if (activeTunnels.length === 0) {
+        console.log(chalk_1.default.red("\nNo tunnels created"));
         process.exit(1);
     }
+    console.log(chalk_1.default.cyan("\n─────────────────────────────────────────"));
+    console.log(chalk_1.default.green(`  ${activeTunnels.length} tunnel(s) active`));
+    console.log(chalk_1.default.cyan("─────────────────────────────────────────\n"));
+    for (const t of activeTunnels) {
+        const providerTag = t.provider !== "opentunnel" ? chalk_1.default.gray(` (${t.provider})`) : "";
+        console.log(`  ${chalk_1.default.white(t.name.padEnd(15))} ${chalk_1.default.green(t.publicUrl)}${providerTag}`);
+    }
+    console.log(chalk_1.default.gray("\n  Press Ctrl+C to stop all tunnels\n"));
+    // Keep alive with uptime counter
+    const startTime = Date.now();
+    const statsInterval = setInterval(() => {
+        const uptime = (0, utils_1.formatDuration)(Date.now() - startTime);
+        process.stdout.write(`\r  ${chalk_1.default.gray(`Uptime: ${uptime}`)}`);
+    }, 1000);
+    // Handle exit
+    const cleanup = async () => {
+        clearInterval(statsInterval);
+        console.log("\n");
+        const closeSpinner = (0, ora_1.default)("Closing tunnels...").start();
+        for (const t of activeTunnels) {
+            try {
+                await t.client.closeTunnel(t.tunnelId);
+            }
+            catch {
+                // Ignore errors during cleanup
+            }
+        }
+        for (const { client } of clients) {
+            try {
+                await client.disconnect();
+            }
+            catch {
+                // Ignore errors during cleanup
+            }
+        }
+        closeSpinner.succeed("All tunnels closed");
+        process.exit(0);
+    };
+    process.on("SIGINT", cleanup);
+    process.on("SIGTERM", cleanup);
+    // Keep process alive
+    await new Promise(() => { });
 }
 ;
 async function runTunnelInBackground(command, port, options) {
@@ -2565,6 +2723,61 @@ async function createNgrokTunnel(options) {
     }
 }
 ;
+async function createCloudflareTunnel(options) {
+    const tunnelType = options.tunnelName ? `named tunnel '${options.tunnelName}'` : "quick tunnel";
+    const spinner = (0, ora_1.default)(`Starting Cloudflare ${tunnelType}...`).start();
+    const client = new CloudflareTunnelClient_1.CloudflareTunnelClient({
+        hostname: options.hostname,
+        tunnelName: options.tunnelName,
+        noTlsVerify: options.noTlsVerify,
+        protocol: options.protocol === "https" ? "https" : "http",
+    });
+    try {
+        await client.connect();
+        spinner.text = "Creating tunnel...";
+        const { tunnelId, publicUrl } = await client.createTunnel({
+            protocol: options.protocol,
+            localHost: options.localHost,
+            localPort: options.localPort,
+        });
+        spinner.succeed("Tunnel established!");
+        const providerInfo = options.tunnelName
+            ? `Cloudflare [${options.tunnelName}]`
+            : "Cloudflare";
+        printTunnelInfo({
+            status: "Online",
+            protocol: options.protocol,
+            localHost: options.localHost,
+            localPort: options.localPort,
+            publicUrl,
+            provider: providerInfo,
+        });
+        // Keep alive
+        const startTime = Date.now();
+        const statsInterval = setInterval(() => {
+            const uptime = (0, utils_1.formatDuration)(Date.now() - startTime);
+            process.stdout.write(`\r  ${chalk_1.default.gray(`Uptime: ${uptime}`)}`);
+        }, 1000);
+        // Handle exit
+        const cleanup = async () => {
+            clearInterval(statsInterval);
+            console.log("\n");
+            spinner.start("Closing tunnel...");
+            await client.closeTunnel(tunnelId);
+            await client.disconnect();
+            spinner.succeed("Tunnel closed");
+            process.exit(0);
+        };
+        process.on("SIGINT", cleanup);
+        process.on("SIGTERM", cleanup);
+    }
+    catch (err) {
+        spinner.fail(`Failed: ${err.message}`);
+        console.log(chalk_1.default.yellow("\ncloudflared installs automatically. Check your internet connection or try: npm rebuild cloudflared"));
+        process.exit(1);
+    }
+}
+;
 function printTunnelInfo(info) {
     console.log("");
     console.log(chalk_1.default.cyan(`  OpenTunnel ${chalk_1.default.gray(`(via ${info.provider})`)}`));
@@ -2579,5 +2792,386 @@ function printTunnelInfo(info) {
     console.log("");
 }
 ;
+// ============================================================================
+// Unified Provider Commands
+// ============================================================================
+// Login command - unified for all providers
+program
+    .command("login <provider>")
+    .description("Authenticate with a provider (cloudflare, ngrok)")
+    .option("-t, --token <token>", "Authentication token (required for ngrok)")
+    .action(async (provider, options) => {
+    const credManager = new credentials_1.CredentialsManager();
+    const normalizedProvider = provider.toLowerCase();
+    if (normalizedProvider === "cloudflare" || normalizedProvider === "cf") {
+        const spinner = (0, ora_1.default)("Running cloudflared login...").start();
+        try {
+            const binPath = await CloudflareTunnelClient_1.CloudflareTunnelClient.ensureInstalled();
+            const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+            spinner.stop();
+            console.log(chalk_1.default.cyan("\n  Opening browser for Cloudflare authentication...\n"));
+            const proc = spawn(binPath, ["login"], {
+                stdio: "inherit",
+                shell: process.platform === "win32",
+            });
+            await new Promise((resolve, reject) => {
+                proc.on("close", (code) => {
+                    if (code === 0) {
+                        const os = require("os");
+                        const defaultCertPath = path.join(os.homedir(), ".cloudflared", "cert.pem");
+                        credManager.setCloudflare({ certPath: defaultCertPath });
+                        console.log(chalk_1.default.green("\n  Cloudflare credentials saved"));
+                        console.log(chalk_1.default.gray(`  Cert path: ${defaultCertPath}`));
+                        resolve();
+                    }
+                    else {
+                        reject(new Error(`cloudflared login exited with code ${code}`));
+                    }
+                });
+                proc.on("error", reject);
+            });
+        }
+        catch (err) {
+            spinner.fail(`Login failed: ${err.message}`);
+            process.exit(1);
+        }
+    }
+    else if (normalizedProvider === "ngrok") {
+        if (!options.token) {
+            console.log(chalk_1.default.red("Error: ngrok requires --token <token>"));
+            console.log(chalk_1.default.gray("\nGet your token from: https://dashboard.ngrok.com/get-started/your-authtoken"));
+            console.log(chalk_1.default.cyan("\nUsage: opentunnel login ngrok --token <your-token>"));
+            process.exit(1);
+        }
+        credManager.setNgrok({ token: options.token });
+        console.log(chalk_1.default.green("\n  ngrok credentials saved"));
+        console.log(chalk_1.default.gray(`  Token: ${options.token.slice(0, 8)}...`));
+        console.log(chalk_1.default.gray(`  Stored at: ${credentials_1.CredentialsManager.getCredentialsFile()}\n`));
+    }
+    else {
+        console.log(chalk_1.default.red(`Unknown provider: ${provider}`));
+        console.log(chalk_1.default.gray("\nSupported providers: cloudflare (cf), ngrok"));
+        process.exit(1);
+    }
+});
+// Logout command - unified for all providers
+program
+    .command("logout <provider>")
+    .description("Remove stored credentials for a provider")
+    .action(async (provider) => {
+    const credManager = new credentials_1.CredentialsManager();
+    const normalizedProvider = provider.toLowerCase();
+    if (normalizedProvider === "cloudflare" || normalizedProvider === "cf") {
+        const removed = credManager.removeProvider("cloudflare");
+        if (removed) {
+            console.log(chalk_1.default.green("\n  Cloudflare credentials removed\n"));
+        }
+        else {
+            console.log(chalk_1.default.yellow("\n  No Cloudflare credentials found\n"));
+        }
+    }
+    else if (normalizedProvider === "ngrok") {
+        const removed = credManager.removeProvider("ngrok");
+        if (removed) {
+            console.log(chalk_1.default.green("\n  ngrok credentials removed\n"));
+        }
+        else {
+            console.log(chalk_1.default.yellow("\n  No ngrok credentials found\n"));
+        }
+    }
+    else {
+        console.log(chalk_1.default.red(`Unknown provider: ${provider}`));
+        console.log(chalk_1.default.gray("\nSupported providers: cloudflare (cf), ngrok"));
+        process.exit(1);
+    }
+});
+// Create tunnel command (for named tunnels)
+program
+    .command("create <name>")
+    .description("Create a named tunnel")
+    .option("--cf, --cloudflare", "Create Cloudflare named tunnel")
+    .option("--provider <provider>", "Provider (cloudflare)")
+    .action(async (name, options) => {
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : null);
+    if (!provider) {
+        console.log(chalk_1.default.red("Error: Provider required"));
+        console.log(chalk_1.default.gray("\nUsage: opentunnel create <name> --cf"));
+        console.log(chalk_1.default.gray("       opentunnel create <name> --provider cloudflare"));
+        process.exit(1);
+    }
+    if (provider === "cloudflare" || provider === "cf") {
+        const spinner = (0, ora_1.default)(`Creating Cloudflare tunnel '${name}'...`).start();
+        try {
+            const binPath = await CloudflareTunnelClient_1.CloudflareTunnelClient.ensureInstalled();
+            const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+            const proc = spawn(binPath, ["tunnel", "create", name], {
+                stdio: ["ignore", "pipe", "pipe"],
+                shell: process.platform === "win32",
+            });
+            let output = "";
+            let errorOutput = "";
+            proc.stdout?.on("data", (data) => { output += data.toString(); });
+            proc.stderr?.on("data", (data) => { errorOutput += data.toString(); });
+            await new Promise((resolve, reject) => {
+                proc.on("close", (code) => {
+                    if (code === 0) {
+                        spinner.succeed(`Tunnel '${name}' created`);
+                        if (output)
+                            console.log(chalk_1.default.gray(output.trim()));
+                        resolve();
+                    }
+                    else {
+                        reject(new Error(errorOutput || `Exit code ${code}`));
+                    }
+                });
+                proc.on("error", reject);
+            });
+        }
+        catch (err) {
+            spinner.fail(`Failed to create tunnel: ${err.message}`);
+            if (err.message.includes("login")) {
+                console.log(chalk_1.default.yellow("\nRun 'opentunnel login cloudflare' first"));
+            }
+            process.exit(1);
+        }
+    }
+    else {
+        console.log(chalk_1.default.red(`Provider '${provider}' doesn't support named tunnels`));
+        process.exit(1);
+    }
+});
+// Delete tunnel command
+program
+    .command("delete <name>")
+    .description("Delete a named tunnel")
+    .option("--cf, --cloudflare", "Delete Cloudflare named tunnel")
+    .option("--provider <provider>", "Provider (cloudflare)")
+    .option("-f, --force", "Force deletion without confirmation")
+    .action(async (name, options) => {
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : null);
+    if (!provider) {
+        console.log(chalk_1.default.red("Error: Provider required"));
+        console.log(chalk_1.default.gray("\nUsage: opentunnel delete <name> --cf"));
+        process.exit(1);
+    }
+    if (provider === "cloudflare" || provider === "cf") {
+        if (!options.force) {
+            console.log(chalk_1.default.yellow(`\n  This will delete tunnel '${name}' permanently.`));
+            console.log(chalk_1.default.gray("  Use --force to skip this confirmation.\n"));
+            const readline = await Promise.resolve().then(() => __importStar(require("readline")));
+            const rl = readline.createInterface({
+                input: process.stdin,
+                output: process.stdout,
+            });
+            const answer = await new Promise((resolve) => {
+                rl.question("  Type the tunnel name to confirm: ", resolve);
+            });
+            rl.close();
+            if (answer !== name) {
+                console.log(chalk_1.default.red("\n  Cancelled: name didn't match\n"));
+                return;
+            }
+        }
+        const spinner = (0, ora_1.default)(`Deleting tunnel '${name}'...`).start();
+        try {
+            const binPath = await CloudflareTunnelClient_1.CloudflareTunnelClient.ensureInstalled();
+            const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+            const proc = spawn(binPath, ["tunnel", "delete", name], {
+                stdio: ["ignore", "pipe", "pipe"],
+                shell: process.platform === "win32",
+            });
+            let errorOutput = "";
+            proc.stderr?.on("data", (data) => { errorOutput += data.toString(); });
+            await new Promise((resolve, reject) => {
+                proc.on("close", (code) => {
+                    if (code === 0) {
+                        spinner.succeed(`Tunnel '${name}' deleted`);
+                        resolve();
+                    }
+                    else {
+                        reject(new Error(errorOutput || `Exit code ${code}`));
+                    }
+                });
+                proc.on("error", reject);
+            });
+        }
+        catch (err) {
+            spinner.fail(`Failed to delete tunnel: ${err.message}`);
+            process.exit(1);
+        }
+    }
+});
+// Route DNS command (Cloudflare specific)
+program
+    .command("route <name> <hostname>")
+    .description("Route a hostname to a tunnel (Cloudflare DNS)")
+    .option("--cf, --cloudflare", "Route via Cloudflare")
+    .option("--provider <provider>", "Provider (cloudflare)")
+    .action(async (name, hostname, options) => {
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : "cloudflare"); // Default to cloudflare
+    if (provider === "cloudflare" || provider === "cf") {
+        const spinner = (0, ora_1.default)(`Routing ${hostname} to tunnel '${name}'...`).start();
+        try {
+            const binPath = await CloudflareTunnelClient_1.CloudflareTunnelClient.ensureInstalled();
+            const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+            const proc = spawn(binPath, ["tunnel", "route", "dns", name, hostname], {
+                stdio: ["ignore", "pipe", "pipe"],
+                shell: process.platform === "win32",
+            });
+            let output = "";
+            let errorOutput = "";
+            proc.stdout?.on("data", (data) => { output += data.toString(); });
+            proc.stderr?.on("data", (data) => { errorOutput += data.toString(); });
+            await new Promise((resolve, reject) => {
+                proc.on("close", (code) => {
+                    if (code === 0) {
+                        spinner.succeed(`DNS route created: ${hostname} -> ${name}`);
+                        if (output)
+                            console.log(chalk_1.default.gray(output.trim()));
+                        resolve();
+                    }
+                    else {
+                        reject(new Error(errorOutput || `Exit code ${code}`));
+                    }
+                });
+                proc.on("error", reject);
+            });
+        }
+        catch (err) {
+            spinner.fail(`Failed to create route: ${err.message}`);
+            process.exit(1);
+        }
+    }
+});
+// List tunnels command - extend existing list command
+program
+    .command("tunnels")
+    .description("List named tunnels")
+    .option("--cf, --cloudflare", "List Cloudflare tunnels")
+    .option("--provider <provider>", "Provider (cloudflare)")
+    .action(async (options) => {
+    const provider = options.provider?.toLowerCase() ||
+        (options.cloudflare || options.cf ? "cloudflare" : null);
+    if (!provider) {
+        console.log(chalk_1.default.red("Error: Provider required"));
+        console.log(chalk_1.default.gray("\nUsage: opentunnel tunnels --cf"));
+        process.exit(1);
+    }
+    if (provider === "cloudflare" || provider === "cf") {
+        const spinner = (0, ora_1.default)("Listing Cloudflare tunnels...").start();
+        try {
+            const binPath = await CloudflareTunnelClient_1.CloudflareTunnelClient.ensureInstalled();
+            const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+            const proc = spawn(binPath, ["tunnel", "list"], {
+                stdio: ["ignore", "pipe", "pipe"],
+                shell: process.platform === "win32",
+            });
+            let output = "";
+            let errorOutput = "";
+            proc.stdout?.on("data", (data) => { output += data.toString(); });
+            proc.stderr?.on("data", (data) => { errorOutput += data.toString(); });
+            await new Promise((resolve, reject) => {
+                proc.on("close", (code) => {
+                    if (code === 0) {
+                        spinner.stop();
+                        console.log(chalk_1.default.cyan("\n  Cloudflare Tunnels"));
+                        console.log(chalk_1.default.gray("  " + "─".repeat(60)));
+                        if (output.trim()) {
+                            console.log(output);
+                        }
+                        else {
+                            console.log(chalk_1.default.yellow("  No tunnels found"));
+                            console.log(chalk_1.default.gray("\n  Create one with: opentunnel create <name> --cf"));
+                        }
+                        resolve();
+                    }
+                    else {
+                        reject(new Error(errorOutput || `Exit code ${code}`));
+                    }
+                });
+                proc.on("error", reject);
+            });
+        }
+        catch (err) {
+            spinner.fail(`Failed to list tunnels: ${err.message}`);
+            if (err.message.includes("login")) {
+                console.log(chalk_1.default.yellow("\nRun 'opentunnel login cloudflare' first"));
+            }
+            process.exit(1);
+        }
+    }
+});
+// ============================================================================
+// Config Commands
+// ============================================================================
+const configCommand = program
+    .command("config")
+    .description("Manage OpenTunnel configuration");
+configCommand
+    .command("set <key> <value>")
+    .description("Set a configuration value (e.g., ngrok.token, cloudflare.accountId)")
+    .action(async (key, value) => {
+    const credManager = new credentials_1.CredentialsManager();
+    const validKeys = [
+        "ngrok.token",
+        "cloudflare.accountId",
+        "cloudflare.tunnelToken",
+        "cloudflare.certPath",
+    ];
+    if (!validKeys.includes(key)) {
+        console.log(chalk_1.default.red(`Invalid key: ${key}`));
+        console.log(chalk_1.default.gray("\nValid keys:"));
+        for (const k of validKeys) {
+            console.log(chalk_1.default.cyan(`  ${k}`));
+        }
+        process.exit(1);
+    }
+    credManager.set(key, value);
+    console.log(chalk_1.default.green(`\n  ${key} = ${value.slice(0, 20)}${value.length > 20 ? "..." : ""}\n`));
+});
+configCommand
+    .command("get <key>")
+    .description("Get a configuration value")
+    .action(async (key) => {
+    const credManager = new credentials_1.CredentialsManager();
+    const value = credManager.get(key);
+    if (value) {
+        // Mask sensitive values
+        const masked = key.includes("token") || key.includes("Token")
+            ? value.slice(0, 8) + "..." + value.slice(-4)
+            : value;
+        console.log(chalk_1.default.cyan(`\n  ${key} = ${masked}\n`));
+    }
+    else {
+        console.log(chalk_1.default.yellow(`\n  ${key} is not set\n`));
+    }
+});
+configCommand
+    .command("list")
+    .description("List all stored configuration")
+    .action(async () => {
+    const credManager = new credentials_1.CredentialsManager();
+    const keys = credManager.listKeys();
+    console.log(chalk_1.default.cyan("\n  Stored Configuration"));
+    console.log(chalk_1.default.gray("  " + "─".repeat(40)));
+    if (keys.length === 0) {
+        console.log(chalk_1.default.yellow("  No configuration stored"));
+        console.log(chalk_1.default.gray("\n  Use 'opentunnel login' or 'opentunnel config set' to add credentials"));
+    }
+    else {
+        for (const key of keys) {
+            const value = credManager.get(key);
+            const masked = (key.includes("token") || key.includes("Token")) && value
+                ? value.slice(0, 8) + "..." + value.slice(-4)
+                : value;
+            console.log(`  ${chalk_1.default.white(key.padEnd(25))} ${chalk_1.default.gray(masked || "")}`);
+        }
+    }
+    console.log(chalk_1.default.gray("  " + "─".repeat(40)));
+    console.log(chalk_1.default.gray(`\n  Config file: ${credentials_1.CredentialsManager.getCredentialsFile()}\n`));
+});
 program.parse();
 //# sourceMappingURL=index.js.map