quicklify 1.0.4 → 1.1.0

package/dist/core/provision.js

@@ -0,0 +1,197 @@
+import { isValidProvider, validateServerName } from "./manage.js";
+import { getProviderToken } from "./tokens.js";
+import { createProviderWithToken } from "../utils/providerFactory.js";
+import { getCoolifyCloudInit } from "../utils/cloudInit.js";
+import { findLocalSshKey, generateSshKey, getSshKeyName } from "../utils/sshKey.js";
+import { saveServer } from "../utils/config.js";
+import { getTemplateDefaults } from "../utils/templates.js";
+import { getErrorMessage, mapProviderError } from "../utils/errorMapper.js";
+import { assertValidIp } from "../utils/ssh.js";
+// ─── Constants ───────────────────────────────────────────────────────────────
+// TODO: v1.2.0'da init.ts ile birleştirilecek — ortak modüle taşı
+const IP_WAIT = {
+    hetzner: { attempts: 10, interval: 3000 }, // 30s
+    digitalocean: { attempts: 20, interval: 3000 }, // 60s
+    vultr: { attempts: 40, interval: 5000 }, // 200s
+    linode: { attempts: 30, interval: 5000 }, // 150s
+};
+const BOOT_MAX_ATTEMPTS = 30;
+const BOOT_INTERVAL = 1000;
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function isPendingIp(ip) {
+    return !ip || ip === "pending" || ip === "0.0.0.0";
+}
+export async function uploadSshKeyBestEffort(provider) {
+    let publicKey = findLocalSshKey();
+    if (!publicKey) {
+        process.stderr.write("[provision] No local SSH key found. Generating one...\n");
+        publicKey = generateSshKey();
+        if (!publicKey) {
+            process.stderr.write("[provision] SSH key generation failed. Continuing without SSH key.\n");
+            return [];
+        }
+        process.stderr.write("[provision] SSH key generated (~/.ssh/id_ed25519)\n");
+    }
+    try {
+        const keyId = await provider.uploadSshKey(getSshKeyName(), publicKey);
+        return [keyId];
+    }
+    catch (error) {
+        process.stderr.write(`[provision] SSH key upload failed: ${getErrorMessage(error)}. Continuing without SSH key.\n`);
+        return [];
+    }
+}
+// ─── Main ────────────────────────────────────────────────────────────────────
+export async function provisionServer(config) {
+    // 1. Validate provider
+    if (!isValidProvider(config.provider)) {
+        return {
+            success: false,
+            error: `Invalid provider: ${config.provider}. Valid: hetzner, digitalocean, vultr, linode`,
+        };
+    }
+    // 2. Validate name
+    const nameError = validateServerName(config.name);
+    if (nameError) {
+        return { success: false, error: nameError };
+    }
+    // 3. Resolve region/size — explicit params override template defaults
+    const template = config.template || "starter";
+    const defaults = getTemplateDefaults(template, config.provider);
+    const region = config.region || defaults?.region;
+    const size = config.size || defaults?.size;
+    if (!region || !size) {
+        return {
+            success: false,
+            error: `Could not resolve region/size for provider "${config.provider}" with template "${template}"`,
+            hint: "Provide explicit region and size parameters, or use a valid template",
+        };
+    }
+    // 4. Resolve token
+    const token = getProviderToken(config.provider);
+    if (!token) {
+        return {
+            success: false,
+            error: `No API token found for ${config.provider}`,
+            hint: `Set ${config.provider.toUpperCase()}_TOKEN environment variable`,
+        };
+    }
+    // 5. Create provider instance
+    const provider = createProviderWithToken(config.provider, token);
+    // 6. Validate token
+    try {
+        const valid = await provider.validateToken(token);
+        if (!valid) {
+            return { success: false, error: `Invalid API token for ${config.provider}` };
+        }
+    }
+    catch (error) {
+        return {
+            success: false,
+            error: `Token validation failed: ${getErrorMessage(error)}`,
+        };
+    }
+    // 7. Upload SSH key (best-effort)
+    const sshKeyIds = await uploadSshKeyBestEffort(provider);
+    // 8. Generate cloud-init
+    const cloudInit = getCoolifyCloudInit(config.name);
+    // 9. Create server
+    let serverId;
+    let serverIp;
+    try {
+        const result = await provider.createServer({
+            name: config.name,
+            region,
+            size,
+            cloudInit,
+            sshKeyIds,
+        });
+        serverId = result.id;
+        serverIp = result.ip;
+    }
+    catch (error) {
+        const message = getErrorMessage(error);
+        const hint = mapProviderError(error, config.provider);
+        return {
+            success: false,
+            error: `Server creation failed: ${message}`,
+            ...(hint ? { hint } : {}),
+        };
+    }
+    // 10. Wait for running status
+    for (let i = 0; i < BOOT_MAX_ATTEMPTS; i++) {
+        try {
+            const status = await provider.getServerStatus(serverId);
+            if (status === "running")
+                break;
+        }
+        catch {
+            // Ignore polling errors, retry
+        }
+        if (i === BOOT_MAX_ATTEMPTS - 1) {
+            return {
+                success: false,
+                error: `Server did not reach running state within ${BOOT_MAX_ATTEMPTS}s`,
+                hint: "The server may still be booting. Check status manually.",
+            };
+        }
+        await sleep(BOOT_INTERVAL);
+    }
+    // 11. Wait for IP assignment (provider-specific timing)
+    if (isPendingIp(serverIp)) {
+        const ipConfig = IP_WAIT[config.provider] || { attempts: 20, interval: 3000 };
+        for (let i = 0; i < ipConfig.attempts; i++) {
+            await sleep(ipConfig.interval);
+            try {
+                const details = await provider.getServerDetails(serverId);
+                if (!isPendingIp(details.ip)) {
+                    try {
+                        assertValidIp(details.ip);
+                        serverIp = details.ip;
+                        break;
+                    }
+                    catch {
+                        // Invalid IP format, keep polling
+                    }
+                }
+            }
+            catch {
+                // Ignore polling errors, retry
+            }
+        }
+    }
+    else {
+        // Validate the IP we already have
+        try {
+            assertValidIp(serverIp);
+        }
+        catch {
+            process.stderr.write(`[provision] IP validation failed for ${serverIp}, marking as pending\n`);
+            serverIp = "pending";
+        }
+    }
+    // 12. Save to config
+    const record = {
+        id: serverId,
+        name: config.name,
+        provider: config.provider,
+        ip: serverIp,
+        region,
+        size,
+        createdAt: new Date().toISOString(),
+    };
+    saveServer(record);
+    // 13. Return result
+    if (isPendingIp(serverIp)) {
+        return {
+            success: true,
+            server: record,
+            hint: `IP address not yet assigned. Check status with: server_info { action: 'status', server: '${config.name}' }`,
+        };
+    }
+    return { success: true, server: record };
+}
+//# sourceMappingURL=provision.js.map

package/dist/core/provision.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provision.js","sourceRoot":"","sources":["../../src/core/provision.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACpF,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAqBhD,gFAAgF;AAEhF,kEAAkE;AAClE,MAAM,OAAO,GAA2D;IACtE,OAAO,EAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAI,MAAM;IACxD,YAAY,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAI,MAAM;IACxD,KAAK,EAAS,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAK,OAAO;IAC1D,MAAM,EAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAK,OAAO;CAC3D,CAAC;AAEF,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAC7B,MAAM,aAAa,GAAG,IAAI,CAAC;AAE3B,gFAAgF;AAEhF,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,WAAW,CAAC,EAAU;IAC7B,OAAO,CAAC,EAAE,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,KAAK,SAAS,CAAC;AACrD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,QAAuB;IAClE,IAAI,SAAS,GAAG,eAAe,EAAE,CAAC;IAClC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAChF,SAAS,GAAG,cAAc,EAAE,CAAC;QAC7B,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sEAAsE,CAAC,CAAC;YAC7F,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,aAAa,EAAE,EAAE,SAAS,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sCAAsC,eAAe,CAAC,KAAK,CAAC,iCAAiC,CAC9F,CAAC;QACF,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,MAAuB;IAC3D,uBAAuB;IACvB,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACtC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,qBAAqB,MAAM,CAAC,QAAQ,+CAA+C;SAC3F,CAAC;IACJ,CAAC;IAED,mBAAmB;IACnB,MAAM,SAAS,GAAG,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;IAC9C,CAAC;IAED,sEAAsE;IACtE,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,SAAS,CAAC;IAC9C,MAAM,QAAQ,GAAG,mBAAmB,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,QAAQ,EAAE,MAAM,CAAC;IACjD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,QAAQ,EAAE,IAAI,CAAC;IAE3C,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACrB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,+CAA+C,MAAM,CAAC,QAAQ,oBAAoB,QAAQ,GAAG;YACpG,IAAI,EAAE,sEAAsE;SAC7E,CAAC;IACJ,CAAC;IAED,mBAAmB;IACnB,MAAM,KAAK,GAAG,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,0BAA0B,MAAM,CAAC,QAAQ,EAAE;YAClD,IAAI,EAAE,OAAO,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,6BAA6B;SACxE,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,MAAM,QAAQ,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAEjE,oBAAoB;IACpB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QAC/E,CAAC;IACH,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,4BAA4B,eAAe,CAAC,KAAK,CAAC,EAAE;SAC5D,CAAC;IACJ,CAAC;IAED,kCAAkC;IAClC,MAAM,SAAS,GAAG,MAAM,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IAEzD,yBAAyB;IACzB,MAAM,SAAS,GAAG,mBAAmB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAEnD,mBAAmB;IACnB,IAAI,QAAgB,CAAC;IACrB,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC;YACzC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,MAAM;YACN,IAAI;YACJ,SAAS;YACT,SAAS;SACV,CAAC,CAAC;QACH,QAAQ,GAAG,MAAM,CAAC,EAAE,CAAC;QACrB,QAAQ,GAAG,MAAM,CAAC,EAAE,CAAC;IACvB,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,OAAO,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;QACvC,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,2BAA2B,OAAO,EAAE;YAC3C,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,iBAAiB,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YACxD,IAAI,MAAM,KAAK,SAAS;gBAAE,MAAM;QAClC,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;QACD,IAAI,CAAC,KAAK,iBAAiB,GAAG,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,6CAA6C,iBAAiB,GAAG;gBACxE,IAAI,EAAE,yDAAyD;aAChE,CAAC;QACJ,CAAC;QACD,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IAED,wDAAwD;IACxD,IAAI,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;QAC9E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;gBAC1D,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC;wBACH,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;wBAC1B,QAAQ,GAAG,OAAO,CAAC,EAAE,CAAC;wBACtB,MAAM;oBACR,CAAC;oBAAC,MAAM,CAAC;wBACP,kCAAkC;oBACpC,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,+BAA+B;YACjC,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,kCAAkC;QAClC,IAAI,CAAC;YACH,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,QAAQ,wBAAwB,CAAC,CAAC;YAC/F,QAAQ,GAAG,SAAS,CAAC;QACvB,CAAC;IACH,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAiB;QAC3B,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,EAAE,EAAE,QAAQ;QACZ,MAAM;QACN,IAAI;QACJ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,UAAU,CAAC,MAAM,CAAC,CAAC;IAEnB,oBAAoB;IACpB,IAAI,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,4FAA4F,MAAM,CAAC,IAAI,KAAK;SACnH,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC3C,CAAC"}

package/dist/core/secure.d.ts

@@ -0,0 +1,29 @@
+import type { SshdSetting, SecureAuditResult } from "../types/index.js";
+export declare function parseSshdConfig(content: string): SshdSetting[];
+export declare function parseAuditResult(stdout: string): SecureAuditResult;
+export declare function buildHardeningCommand(options?: {
+    port?: number;
+}): string;
+export declare function buildFail2banCommand(): string;
+export declare function buildAuditCommand(): string;
+export declare function buildKeyCheckCommand(): string;
+export interface SecureSetupResult {
+    success: boolean;
+    sshHardening: boolean;
+    fail2ban: boolean;
+    sshKeyCount: number;
+    error?: string;
+    hint?: string;
+}
+export interface SecureAuditFullResult {
+    audit: SecureAuditResult;
+    score: number;
+    error?: string;
+    hint?: string;
+}
+export declare function applySecureSetup(ip: string, options?: {
+    port?: number;
+}): Promise<SecureSetupResult>;
+export declare function calculateSecurityScore(audit: SecureAuditResult): number;
+export declare function runSecureAudit(ip: string): Promise<SecureAuditFullResult>;
+//# sourceMappingURL=secure.d.ts.map

package/dist/core/secure.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secure.d.ts","sourceRoot":"","sources":["../../src/core/secure.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAIxE,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,WAAW,EAAE,CA8B9D;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,iBAAiB,CA8BlE;AAED,wBAAgB,qBAAqB,CAAC,OAAO,CAAC,EAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,MAAM,CAezE;AAED,wBAAgB,oBAAoB,IAAI,MAAM,CAkB7C;AAED,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAID,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,iBAAiB,CAAC;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAID,wBAAsB,gBAAgB,CACpC,EAAE,EAAE,MAAM,EACV,OAAO,CAAC,EAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAE,GAC1B,OAAO,CAAC,iBAAiB,CAAC,CAwD5B;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,iBAAiB,GAAG,MAAM,CAOvE;AAED,wBAAsB,cAAc,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAmC/E"}

package/dist/core/secure.js

@@ -0,0 +1,198 @@
+import { sshExec, assertValidIp } from "../utils/ssh.js";
+import { getErrorMessage, mapSshError } from "../utils/errorMapper.js";
+// ─── Pure Functions ─────────────────────────────────────────────────────────
+export function parseSshdConfig(content) {
+    const settings = [];
+    const checks = [
+        { key: "PasswordAuthentication", secureValue: "no" },
+        { key: "PermitRootLogin", secureValue: "prohibit-password" },
+        { key: "PubkeyAuthentication", secureValue: "yes" },
+        { key: "MaxAuthTries", secureValue: "3" },
+    ];
+    for (const check of checks) {
+        const regex = new RegExp(`^\\s*${check.key}\\s+(.+)`, "m");
+        const match = content.match(regex);
+        if (match) {
+            const value = match[1].trim();
+            settings.push({
+                key: check.key,
+                value,
+                status: value.toLowerCase() === check.secureValue.toLowerCase() ? "secure" : "insecure",
+            });
+        }
+        else {
+            settings.push({
+                key: check.key,
+                value: "",
+                status: "missing",
+            });
+        }
+    }
+    return settings;
+}
+export function parseAuditResult(stdout) {
+    const sections = stdout.split("---SEPARATOR---");
+    const sshdContent = sections[0] || "";
+    const fail2banStatus = sections[1] || "";
+    const sshdSettings = parseSshdConfig(sshdContent);
+    const passwordAuth = sshdSettings.find((s) => s.key === "PasswordAuthentication") || {
+        key: "PasswordAuthentication",
+        value: "",
+        status: "missing",
+    };
+    const rootLogin = sshdSettings.find((s) => s.key === "PermitRootLogin") || {
+        key: "PermitRootLogin",
+        value: "",
+        status: "missing",
+    };
+    const fail2banInstalled = fail2banStatus.includes("active") || fail2banStatus.includes("inactive");
+    const fail2banActive = fail2banStatus.includes("active (running)");
+    const portMatch = sshdContent.match(/^\s*Port\s+(\d+)/m);
+    const sshPort = portMatch ? parseInt(portMatch[1], 10) : 22;
+    return {
+        passwordAuth,
+        rootLogin,
+        fail2ban: { installed: fail2banInstalled, active: fail2banActive },
+        sshPort,
+    };
+}
+export function buildHardeningCommand(options) {
+    const commands = [
+        "cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak",
+        `sed -i 's/^#\\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config`,
+        `sed -i 's/^#\\?PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config`,
+        `sed -i 's/^#\\?PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config`,
+        `sed -i 's/^#\\?MaxAuthTries.*/MaxAuthTries 3/' /etc/ssh/sshd_config`,
+    ];
+    if (options?.port && options.port !== 22) {
+        commands.push(`sed -i 's/^#\\?Port.*/Port ${options.port}/' /etc/ssh/sshd_config`);
+    }
+    commands.push("systemctl restart sshd 2>/dev/null || systemctl restart ssh");
+    return commands.join(" && ");
+}
+export function buildFail2banCommand() {
+    const jailContent = [
+        "[sshd]",
+        "enabled = true",
+        "port = ssh",
+        "filter = sshd",
+        "backend = systemd",
+        "maxretry = 5",
+        "bantime = 3600",
+        "findtime = 600",
+    ].join("\\n");
+    return [
+        "apt-get install -y fail2ban python3-systemd",
+        `printf '${jailContent}\\n' > /etc/fail2ban/jail.local`,
+        "systemctl enable fail2ban",
+        "systemctl restart fail2ban",
+    ].join(" && ");
+}
+export function buildAuditCommand() {
+    return `cat /etc/ssh/sshd_config && echo '---SEPARATOR---' && systemctl status fail2ban 2>&1 || true`;
+}
+export function buildKeyCheckCommand() {
+    return "test -f /root/.ssh/authorized_keys && wc -l < /root/.ssh/authorized_keys || echo 0";
+}
+// ─── Async Wrappers ─────────────────────────────────────────────────────────
+export async function applySecureSetup(ip, options) {
+    assertValidIp(ip);
+    // Step 1: Check SSH keys
+    try {
+        const keyResult = await sshExec(ip, buildKeyCheckCommand());
+        const keyCount = parseInt(keyResult.stdout.trim(), 10);
+        if (isNaN(keyCount) || keyCount === 0) {
+            return {
+                success: false,
+                sshHardening: false,
+                fail2ban: false,
+                sshKeyCount: 0,
+                error: "No SSH keys found in /root/.ssh/authorized_keys. Cannot disable password authentication without SSH keys — this would permanently lock you out.",
+                hint: `Add an SSH key first: ssh-copy-id root@${ip}`,
+            };
+        }
+        // Step 2: Apply SSH hardening
+        const hardenResult = await sshExec(ip, buildHardeningCommand(options));
+        if (hardenResult.code !== 0) {
+            return {
+                success: false,
+                sshHardening: false,
+                fail2ban: false,
+                sshKeyCount: keyCount,
+                error: `SSH hardening failed (exit code ${hardenResult.code})`,
+            };
+        }
+        // Step 3: Install fail2ban (non-fatal)
+        let fail2banOk = true;
+        const f2bResult = await sshExec(ip, buildFail2banCommand());
+        if (f2bResult.code !== 0) {
+            fail2banOk = false;
+        }
+        return {
+            success: true,
+            sshHardening: true,
+            fail2ban: fail2banOk,
+            sshKeyCount: keyCount,
+            ...(!fail2banOk ? { hint: "Fail2ban installation failed. Retry with secure-setup." } : {}),
+        };
+    }
+    catch (error) {
+        const hint = mapSshError(error, ip);
+        return {
+            success: false,
+            sshHardening: false,
+            fail2ban: false,
+            sshKeyCount: -1,
+            error: getErrorMessage(error),
+            ...(hint ? { hint } : {}),
+        };
+    }
+}
+export function calculateSecurityScore(audit) {
+    let score = 0;
+    if (audit.passwordAuth.status === "secure")
+        score += 25;
+    if (audit.rootLogin.status === "secure")
+        score += 25;
+    if (audit.fail2ban.active)
+        score += 25;
+    if (audit.sshPort !== 22)
+        score += 25;
+    return score;
+}
+export async function runSecureAudit(ip) {
+    assertValidIp(ip);
+    try {
+        const result = await sshExec(ip, buildAuditCommand());
+        if (result.code !== 0 && !result.stdout) {
+            return {
+                audit: {
+                    passwordAuth: { key: "PasswordAuthentication", value: "", status: "missing" },
+                    rootLogin: { key: "PermitRootLogin", value: "", status: "missing" },
+                    fail2ban: { installed: false, active: false },
+                    sshPort: 22,
+                },
+                score: 0,
+                error: `Audit command failed (exit code ${result.code})`,
+            };
+        }
+        const audit = parseAuditResult(result.stdout);
+        const score = calculateSecurityScore(audit);
+        return { audit, score };
+    }
+    catch (error) {
+        const hint = mapSshError(error, ip);
+        return {
+            audit: {
+                passwordAuth: { key: "PasswordAuthentication", value: "", status: "missing" },
+                rootLogin: { key: "PermitRootLogin", value: "", status: "missing" },
+                fail2ban: { installed: false, active: false },
+                sshPort: 22,
+            },
+            score: 0,
+            error: getErrorMessage(error),
+            ...(hint ? { hint } : {}),
+        };
+    }
+}
+//# sourceMappingURL=secure.js.map

package/dist/core/secure.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secure.js","sourceRoot":"","sources":["../../src/core/secure.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGvE,+EAA+E;AAE/E,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,MAAM,QAAQ,GAAkB,EAAE,CAAC;IACnC,MAAM,MAAM,GAA2C;QACrD,EAAE,GAAG,EAAE,wBAAwB,EAAE,WAAW,EAAE,IAAI,EAAE;QACpD,EAAE,GAAG,EAAE,iBAAiB,EAAE,WAAW,EAAE,mBAAmB,EAAE;QAC5D,EAAE,GAAG,EAAE,sBAAsB,EAAE,WAAW,EAAE,KAAK,EAAE;QACnD,EAAE,GAAG,EAAE,cAAc,EAAE,WAAW,EAAE,GAAG,EAAE;KAC1C,CAAC;IAEF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,GAAG,UAAU,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEnC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC;gBACZ,GAAG,EAAE,KAAK,CAAC,GAAG;gBACd,KAAK;gBACL,MAAM,EAAE,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU;aACxF,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC;gBACZ,GAAG,EAAE,KAAK,CAAC,GAAG;gBACd,KAAK,EAAE,EAAE;gBACT,MAAM,EAAE,SAAS;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACtC,MAAM,cAAc,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACzC,MAAM,YAAY,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAElD,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,wBAAwB,CAAC,IAAI;QACnF,GAAG,EAAE,wBAAwB;QAC7B,KAAK,EAAE,EAAE;QACT,MAAM,EAAE,SAAkB;KAC3B,CAAC;IACF,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,iBAAiB,CAAC,IAAI;QACzE,GAAG,EAAE,iBAAiB;QACtB,KAAK,EAAE,EAAE;QACT,MAAM,EAAE,SAAkB;KAC3B,CAAC;IAEF,MAAM,iBAAiB,GACrB,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC3E,MAAM,cAAc,GAAG,cAAc,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IAEnE,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACzD,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE5D,OAAO;QACL,YAAY;QACZ,SAAS;QACT,QAAQ,EAAE,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,EAAE,cAAc,EAAE;QAClE,OAAO;KACR,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAA2B;IAC/D,MAAM,QAAQ,GAAG;QACf,kDAAkD;QAClD,0FAA0F;QAC1F,2FAA2F;QAC3F,uFAAuF;QACvF,qEAAqE;KACtE,CAAC;IAEF,IAAI,OAAO,EAAE,IAAI,IAAI,OAAO,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC,8BAA8B,OAAO,CAAC,IAAI,yBAAyB,CAAC,CAAC;IACrF,CAAC;IAED,QAAQ,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC7E,OAAO,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,MAAM,WAAW,GAAG;QAClB,QAAQ;QACR,gBAAgB;QAChB,YAAY;QACZ,eAAe;QACf,mBAAmB;QACnB,cAAc;QACd,gBAAgB;QAChB,gBAAgB;KACjB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAEd,OAAO;QACL,6CAA6C;QAC7C,WAAW,WAAW,iCAAiC;QACvD,2BAA2B;QAC3B,4BAA4B;KAC7B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,8FAA8F,CAAC;AACxG,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,OAAO,oFAAoF,CAAC;AAC9F,CAAC;AAoBD,+EAA+E;AAE/E,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,EAAU,EACV,OAA2B;IAE3B,aAAa,CAAC,EAAE,CAAC,CAAC;IAElB,yBAAyB;IACzB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAC5D,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QAEvD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,KAAK;gBACf,WAAW,EAAE,CAAC;gBACd,KAAK,EAAE,iJAAiJ;gBACxJ,IAAI,EAAE,0CAA0C,EAAE,EAAE;aACrD,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC;QACvE,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,YAAY,EAAE,KAAK;gBACnB,QAAQ,EAAE,KAAK;gBACf,WAAW,EAAE,QAAQ;gBACrB,KAAK,EAAE,mCAAmC,YAAY,CAAC,IAAI,GAAG;aAC/D,CAAC;QACJ,CAAC;QAED,uCAAuC;QACvC,IAAI,UAAU,GAAG,IAAI,CAAC;QACtB,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAC5D,IAAI,SAAS,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACzB,UAAU,GAAG,KAAK,CAAC;QACrB,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,YAAY,EAAE,IAAI;YAClB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,QAAQ;YACrB,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,wDAAwD,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC3F,CAAC;IACJ,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACpC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,KAAK;YACnB,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,CAAC,CAAC;YACf,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAwB;IAC7D,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,CAAC,YAAY,CAAC,MAAM,KAAK,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IACxD,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,KAAK,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IACrD,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM;QAAE,KAAK,IAAI,EAAE,CAAC;IACvC,IAAI,KAAK,CAAC,OAAO,KAAK,EAAE;QAAE,KAAK,IAAI,EAAE,CAAC;IACtC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,EAAU;IAC7C,aAAa,CAAC,EAAE,CAAC,CAAC;IAElB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,iBAAiB,EAAE,CAAC,CAAC;QACtD,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACxC,OAAO;gBACL,KAAK,EAAE;oBACL,YAAY,EAAE,EAAE,GAAG,EAAE,wBAAwB,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;oBAC7E,SAAS,EAAE,EAAE,GAAG,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;oBACnE,QAAQ,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE;oBAC7C,OAAO,EAAE,EAAE;iBACZ;gBACD,KAAK,EAAE,CAAC;gBACR,KAAK,EAAE,mCAAmC,MAAM,CAAC,IAAI,GAAG;aACzD,CAAC;QACJ,CAAC;QAED,MAAM,KAAK,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAG,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAC5C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IAC1B,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACpC,OAAO;YACL,KAAK,EAAE;gBACL,YAAY,EAAE,EAAE,GAAG,EAAE,wBAAwB,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;gBAC7E,SAAS,EAAE,EAAE,GAAG,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;gBACnE,QAAQ,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE;gBAC7C,OAAO,EAAE,EAAE;aACZ;YACD,KAAK,EAAE,CAAC;YACR,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/core/snapshot.d.ts

@@ -0,0 +1,22 @@
+import type { ServerRecord, SnapshotInfo } from "../types/index.js";
+export interface SnapshotCreateResult {
+    success: boolean;
+    snapshot?: SnapshotInfo;
+    costEstimate?: string;
+    error?: string;
+    hint?: string;
+}
+export interface SnapshotListResult {
+    snapshots: SnapshotInfo[];
+    error?: string;
+    hint?: string;
+}
+export interface SnapshotDeleteResult {
+    success: boolean;
+    error?: string;
+    hint?: string;
+}
+export declare function createSnapshot(server: ServerRecord, apiToken: string): Promise<SnapshotCreateResult>;
+export declare function listSnapshots(server: ServerRecord, apiToken: string): Promise<SnapshotListResult>;
+export declare function deleteSnapshot(server: ServerRecord, apiToken: string, snapshotId: string): Promise<SnapshotDeleteResult>;
+//# sourceMappingURL=snapshot.d.ts.map

package/dist/core/snapshot.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"snapshot.d.ts","sourceRoot":"","sources":["../../src/core/snapshot.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAIpE,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,YAAY,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,YAAY,EAAE,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAID,wBAAsB,cAAc,CAClC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,oBAAoB,CAAC,CAwB/B;AAED,wBAAsB,aAAa,CACjC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,kBAAkB,CAAC,CAa7B;AAED,wBAAsB,cAAc,CAClC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,oBAAoB,CAAC,CAa/B"}

package/dist/core/snapshot.js

@@ -0,0 +1,58 @@
+import { createProviderWithToken } from "../utils/providerFactory.js";
+import { getErrorMessage, mapProviderError } from "../utils/errorMapper.js";
+// ─── Async Wrappers ──────────────────────────────────────────────────────────
+export async function createSnapshot(server, apiToken) {
+    try {
+        const provider = createProviderWithToken(server.provider, apiToken);
+        // Best-effort cost estimate
+        let costEstimate;
+        try {
+            costEstimate = await provider.getSnapshotCostEstimate(server.id);
+        }
+        catch {
+            costEstimate = "unknown";
+        }
+        const snapshotName = `quicklify-${Date.now()}`;
+        const snapshot = await provider.createSnapshot(server.id, snapshotName);
+        return { success: true, snapshot, costEstimate };
+    }
+    catch (error) {
+        const hint = mapProviderError(error, server.provider);
+        return {
+            success: false,
+            error: getErrorMessage(error),
+            ...(hint ? { hint } : {}),
+        };
+    }
+}
+export async function listSnapshots(server, apiToken) {
+    try {
+        const provider = createProviderWithToken(server.provider, apiToken);
+        const snapshots = await provider.listSnapshots(server.id);
+        return { snapshots };
+    }
+    catch (error) {
+        const hint = mapProviderError(error, server.provider);
+        return {
+            snapshots: [],
+            error: getErrorMessage(error),
+            ...(hint ? { hint } : {}),
+        };
+    }
+}
+export async function deleteSnapshot(server, apiToken, snapshotId) {
+    try {
+        const provider = createProviderWithToken(server.provider, apiToken);
+        await provider.deleteSnapshot(snapshotId);
+        return { success: true };
+    }
+    catch (error) {
+        const hint = mapProviderError(error, server.provider);
+        return {
+            success: false,
+            error: getErrorMessage(error),
+            ...(hint ? { hint } : {}),
+        };
+    }
+}
+//# sourceMappingURL=snapshot.js.map

package/dist/core/snapshot.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"snapshot.js","sourceRoot":"","sources":["../../src/core/snapshot.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAyB5E,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAoB,EACpB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAEpE,4BAA4B;QAC5B,IAAI,YAAgC,CAAC;QACrC,IAAI,CAAC;YACH,YAAY,GAAG,MAAM,QAAQ,CAAC,uBAAuB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;QAAC,MAAM,CAAC;YACP,YAAY,GAAG,SAAS,CAAC;QAC3B,CAAC;QAED,MAAM,YAAY,GAAG,aAAa,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAC/C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAExE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;IACnD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAoB,EACpB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACpE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC1D,OAAO,EAAE,SAAS,EAAE,CAAC;IACvB,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO;YACL,SAAS,EAAE,EAAE;YACb,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAoB,EACpB,QAAgB,EAChB,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACpE,MAAM,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QAC1C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QACtD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC1B,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/core/status.d.ts

@@ -0,0 +1,12 @@
+import type { ServerRecord } from "../types/index.js";
+export interface StatusResult {
+    server: ServerRecord;
+    serverStatus: string;
+    coolifyStatus: string;
+    error?: string;
+}
+export declare function checkCoolifyHealth(ip: string): Promise<"running" | "not reachable">;
+export declare function getCloudServerStatus(server: ServerRecord, apiToken: string): Promise<string>;
+export declare function checkServerStatus(server: ServerRecord, apiToken: string): Promise<StatusResult>;
+export declare function checkAllServersStatus(servers: ServerRecord[], tokenMap: Map<string, string>): Promise<StatusResult[]>;
+//# sourceMappingURL=status.d.ts.map

package/dist/core/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/core/status.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,YAAY,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAsB,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,eAAe,CAAC,CAWzF;AAED,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAMjB;AAED,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,YAAY,EACpB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,YAAY,CAAC,CAavB;AAED,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,YAAY,EAAE,EACvB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAC5B,OAAO,CAAC,YAAY,EAAE,CAAC,CAIzB"}

package/dist/core/status.js

@@ -0,0 +1,43 @@
+import axios from "axios";
+import { createProviderWithToken } from "../utils/providerFactory.js";
+import { getErrorMessage } from "../utils/errorMapper.js";
+import { assertValidIp } from "../utils/ssh.js";
+export async function checkCoolifyHealth(ip) {
+    assertValidIp(ip);
+    try {
+        await axios.get(`http://${ip}:8000`, {
+            timeout: 5000,
+            validateStatus: () => true,
+        });
+        return "running";
+    }
+    catch {
+        return "not reachable";
+    }
+}
+export async function getCloudServerStatus(server, apiToken) {
+    if (server.id.startsWith("manual-")) {
+        return "unknown (manual)";
+    }
+    const provider = createProviderWithToken(server.provider, apiToken);
+    return provider.getServerStatus(server.id);
+}
+export async function checkServerStatus(server, apiToken) {
+    try {
+        const serverStatus = await getCloudServerStatus(server, apiToken);
+        const coolifyStatus = await checkCoolifyHealth(server.ip);
+        return { server, serverStatus, coolifyStatus };
+    }
+    catch (error) {
+        return {
+            server,
+            serverStatus: "error",
+            coolifyStatus: "unknown",
+            error: getErrorMessage(error),
+        };
+    }
+}
+export async function checkAllServersStatus(servers, tokenMap) {
+    return Promise.all(servers.map((s) => checkServerStatus(s, tokenMap.get(s.provider) ?? "")));
+}
+//# sourceMappingURL=status.js.map

package/dist/core/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/core/status.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAUhD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,EAAU;IACjD,aAAa,CAAC,EAAE,CAAC,CAAC;IAClB,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE;YACnC,OAAO,EAAE,IAAI;YACb,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI;SAC3B,CAAC,CAAC;QACH,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,eAAe,CAAC;IACzB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAoB,EACpB,QAAgB;IAEhB,IAAI,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACpC,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IACD,MAAM,QAAQ,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACpE,OAAO,QAAQ,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAoB,EACpB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,oBAAoB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC1D,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;IACjD,CAAC;IAAC,OAAO,KAAc,EAAE,CAAC;QACxB,OAAO;YACL,MAAM;YACN,YAAY,EAAE,OAAO;YACrB,aAAa,EAAE,SAAS;YACxB,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;SAC9B,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,OAAuB,EACvB,QAA6B;IAE7B,OAAO,OAAO,CAAC,GAAG,CAChB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CACzE,CAAC;AACJ,CAAC"}

package/dist/core/tokens.d.ts

@@ -0,0 +1,4 @@
+import type { ServerRecord } from "../types/index.js";
+export declare function getProviderToken(provider: string): string | undefined;
+export declare function collectProviderTokensFromEnv(servers: ServerRecord[]): Map<string, string>;
+//# sourceMappingURL=tokens.d.ts.map

package/dist/core/tokens.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../src/core/tokens.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAStD,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAGrE;AAED,wBAAgB,4BAA4B,CAC1C,OAAO,EAAE,YAAY,EAAE,GACtB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAYrB"}

package/dist/core/tokens.js

@@ -0,0 +1,23 @@
+const ENV_KEYS = {
+    hetzner: "HETZNER_TOKEN",
+    digitalocean: "DIGITALOCEAN_TOKEN",
+    vultr: "VULTR_TOKEN",
+    linode: "LINODE_TOKEN",
+};
+export function getProviderToken(provider) {
+    const envKey = ENV_KEYS[provider];
+    return envKey ? process.env[envKey] : undefined;
+}
+export function collectProviderTokensFromEnv(servers) {
+    const tokenMap = new Map();
+    const providers = [
+        ...new Set(servers.filter((s) => !s.id.startsWith("manual-")).map((s) => s.provider)),
+    ];
+    for (const provider of providers) {
+        const token = getProviderToken(provider);
+        if (token)
+            tokenMap.set(provider, token);
+    }
+    return tokenMap;
+}
+//# sourceMappingURL=tokens.js.map

package/dist/core/tokens.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../src/core/tokens.ts"],"names":[],"mappings":"AAEA,MAAM,QAAQ,GAA2B;IACvC,OAAO,EAAE,eAAe;IACxB,YAAY,EAAE,oBAAoB;IAClC,KAAK,EAAE,aAAa;IACpB,MAAM,EAAE,cAAc;CACvB,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,4BAA4B,CAC1C,OAAuB;IAEvB,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,SAAS,GAAG;QAChB,GAAG,IAAI,GAAG,CACR,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAC1E;KACF,CAAC;IACF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,KAAK;YAAE,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC"}