quicklify 1.1.0 → 1.2.1

package/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2026 omrfc
+Copyright (c) 2026 Ömer Faruk CAN
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md

@@ -1,5 +1,7 @@
 # quicklify
 
+> Your self-hosted PaaS, fully managed. Deploy, secure, back up — one command at a time.
+
 > English | [Türkçe](README.tr.md)
 
 ![Tests](https://github.com/omrfc/quicklify/actions/workflows/ci.yml/badge.svg)
@@ -9,14 +11,11 @@
 ![License](https://img.shields.io/badge/license-MIT-blue)
 ![GitHub stars](https://img.shields.io/github/stars/omrfc/quicklify?style=flat-square)
 [![Socket Badge](https://socket.dev/api/badge/npm/package/quicklify)](https://socket.dev/npm/package/quicklify)
-
-**Self-hosting made simple.**
-
-Deploy, secure, back up, snapshot, and maintain your servers with confidence.
+[![Website](https://img.shields.io/website?url=https%3A%2F%2Fquicklify.omrfc.dev&label=website)](https://quicklify.omrfc.dev)
 
 ## Why Quicklify Exists
 
-Most self-hosted Coolify servers break because:
+Most self-hosted servers break because:
 
 - No backup discipline
 - No update strategy
@@ -24,19 +23,42 @@ Most self-hosted Coolify servers break because:
 - No monitoring
 - No snapshot routine
 
-Stop babysitting your Coolify server. Quicklify was built to fix that.
+Stop babysitting your servers. Quicklify was built to fix that.
 
 ## Quick Start
 
 ```bash
-# 1. Get your API token from Hetzner, DigitalOcean, Vultr, or Linode
-# 2. Run the installer
-npx quicklify init
+# Interactive mode — no commands to memorize
+npx quicklify
+```
+
+Running `quicklify` without any arguments launches an **interactive menu** where you can browse all available actions by category, pick what you need with arrow keys, and configure options step by step — no need to remember any command names or flags.
 
-# 3. Access Coolify at http://<your-ip>:8000
+```
+? What would you like to do?
+  Server Management
+❯   Deploy a new server
+    Add an existing server
+    List all servers
+    Check server status
+    ...
+  Security
+    Harden SSH & fail2ban
+    Manage firewall (UFW)
+    ...
+```
+
+Each action includes sub-options (server mode, template, log source, port number, etc.) and a **← Back** option to return to the main menu at any point.
+
+If you already know the commands, you can still use them directly:
+
+```bash
+quicklify init                    # Deploy a new server
+quicklify status my-server        # Check server status
+quicklify backup --all            # Backup all servers
 ```
 
-That's it. Quicklify handles server provisioning, SSH key setup, firewall configuration, and Coolify installation automatically.
+Quicklify handles server provisioning, SSH key setup, firewall configuration, and platform installation automatically.
 
 ## What Makes Quicklify Different?
 
@@ -47,27 +69,30 @@ That's it. Quicklify handles server provisioning, SSH key setup, firewall config
 | Security is an afterthought? | Firewall, SSH hardening, SSL, and security audits built-in |
 | Backups? Maybe someday... | One-command backup & restore with manifest tracking |
 | Managing multiple servers? | `--all` flag across backup, maintain, status, and health |
-| Existing server not tracked? | `quicklify add` brings any Coolify server under management |
+| Existing server not tracked? | `quicklify add` brings any server under management |
+| Don't want to memorize commands? | Just run `quicklify` — interactive menu guides you |
 
 ## What Can You Do?
 
 ### Deploy
 ```bash
-quicklify init                          # Interactive setup
+quicklify                               # Interactive menu (recommended)
+quicklify init                          # Interactive setup (direct)
 quicklify init --provider hetzner       # Non-interactive
 quicklify init --config quicklify.yml   # From YAML config
 quicklify init --template production    # Use a template
+quicklify init --mode bare              # Generic VPS (no Coolify)
 ```
 
 ### Manage
 ```bash
 quicklify list                  # List all servers
-quicklify status my-server      # Check server & Coolify status
+quicklify status my-server      # Check server status
 quicklify status --all          # Check all servers
 quicklify ssh my-server         # SSH into server
 quicklify restart my-server     # Restart server
 quicklify destroy my-server     # Destroy cloud server entirely
-quicklify add                   # Add existing Coolify server
+quicklify add                   # Add existing server
 quicklify remove my-server      # Remove from local config
 quicklify config set key value  # Manage default configuration
 quicklify export                # Export server list to JSON
@@ -76,7 +101,7 @@ quicklify import servers.json   # Import servers from JSON
 
 ### Update & Maintain
 ```bash
-quicklify update my-server      # Update Coolify
+quicklify update my-server      # Update Coolify (Coolify servers)
 quicklify maintain my-server    # Full maintenance (snapshot + update + health + reboot)
 quicklify maintain --all        # Maintain all servers
 ```
@@ -108,7 +133,7 @@ quicklify domain add my-server --domain example.com  # Set domain + SSL
 ### Monitor & Debug
 ```bash
 quicklify monitor my-server             # CPU, RAM, disk usage
-quicklify logs my-server                 # View Coolify logs
+quicklify logs my-server                 # View server logs
 quicklify logs my-server -f              # Follow logs
 quicklify health                         # Health check all servers
 quicklify doctor                         # Check local environment
@@ -157,7 +182,7 @@ quicklify init --template production --provider hetzner
 
 ## Security
 
-Quicklify is built with security as a priority — **1,750+ tests** across 64 suites, including dedicated security test suites.
+Quicklify is built with security as a priority — **2,099 tests** across 78 suites, including dedicated security test suites.
 
 - API tokens are never stored on disk — prompted at runtime or via environment variables
 - SSH keys are auto-generated if needed (Ed25519)
@@ -188,8 +213,8 @@ Requires Node.js 20 or later.
 **Server creation fails?**
 Run `quicklify doctor --check-tokens` to verify your API token and local environment.
 
-**Coolify not responding?**
-Use `quicklify status my-server --autostart` to check and auto-restart if needed.
+**Server not responding?**
+Use `quicklify status my-server --autostart` for Coolify servers, or `quicklify health` to check all servers at once.
 
 **Need to start fresh?**
 `quicklify destroy my-server` removes the cloud server entirely.
@@ -229,21 +254,20 @@ Available tools:
 | `server_maintain` | update, restart, maintain | Update Coolify, restart servers, run full maintenance |
 | `server_secure` | secure, firewall, domain | SSH hardening, firewall rules, domain/SSL management (10 subcommands) |
 | `server_backup` | backup, snapshot | Backup/restore databases and create/manage VPS snapshots |
-| `server_provision` | create | Provision new Coolify servers on cloud providers |
+| `server_provision` | create | Provision new servers on cloud providers |
 
 > All destructive operations (destroy, restore, snapshot-delete, provision, restart, maintain, snapshot-create) require `SAFE_MODE=false` to execute.
 
 ## What's Next
 
 - Scheduled maintenance (cron-based automatic upkeep)
-- Generic server management (non-Coolify servers)
-- Interactive TUI dashboard
+- Dokploy platform support (`--platform dokploy`)
 
 ## Philosophy
 
 > Infrastructure should be boring, predictable, and safe.
 
-Quicklify is not a script. It's your DevOps safety layer for Coolify.
+Quicklify is not a script. It's your DevOps safety layer for self-hosted infrastructure.
 
 ## License
 

package/README.tr.md

@@ -1,5 +1,7 @@
 # quicklify
 
+> Self-hosted PaaS'ınız, tamamen yönetilen. Deploy, güvenlik, yedekleme — tek komutla.
+
 > [English](README.md) | Türkçe
 
 ![Tests](https://github.com/omrfc/quicklify/actions/workflows/ci.yml/badge.svg)
@@ -9,14 +11,11 @@
 ![License](https://img.shields.io/badge/license-MIT-blue)
 ![GitHub stars](https://img.shields.io/github/stars/omrfc/quicklify?style=flat-square)
 [![Socket Badge](https://socket.dev/api/badge/npm/package/quicklify)](https://socket.dev/npm/package/quicklify)
-
-**Self-hosting basitleştirildi.**
-
-Sunucularınızı deploy edin, güvence altına alın, yedekleyin, snapshot alın ve bakımını yapın — güvenle.
+[![Website](https://img.shields.io/website?url=https%3A%2F%2Fquicklify.omrfc.dev&label=website)](https://quicklify.omrfc.dev)
 
 ## Quicklify Neden Var?
 
-Self-hosted Coolify sunucularının çoğu şu nedenlerle çöker:
+Self-hosted sunucuların çoğu şu nedenlerle çöker:
 
 - Yedekleme disiplini yok
 - Güncelleme stratejisi yok
@@ -24,19 +23,42 @@ Self-hosted Coolify sunucularının çoğu şu nedenlerle çöker:
 - İzleme yok
 - Snapshot rutini yok
 
-Coolify sunucunuza çocuk bakıcılığı yapmayı bırakın. Quicklify bunu çözmek için yapıldı.
+Sunucularınıza çocuk bakıcılığı yapmayı bırakın. Quicklify bunu çözmek için yapıldı.
 
 ## Hızlı Başlangıç
 
 ```bash
-# 1. Hetzner, DigitalOcean, Vultr veya Linode'dan API token'ınızı alın
-# 2. Kurulumu başlatın
-npx quicklify init
+# İnteraktif mod — komut ezberlemeye gerek yok
+npx quicklify
+```
+
+`quicklify` komutunu argümansız çalıştırdığınızda **interaktif bir menü** açılır. Tüm işlemleri kategorilere göre görebilir, ok tuşlarıyla seçim yapabilir ve alt seçenekleri adım adım yapılandırabilirsiniz — komut adı veya flag ezberlemek zorunda değilsiniz.
 
-# 3. Coolify'a http://<sunucu-ip>:8000 adresinden erişin
+```
+? What would you like to do?
+  Server Management
+❯   Deploy a new server
+    Add an existing server
+    List all servers
+    Check server status
+    ...
+  Security
+    Harden SSH & fail2ban
+    Manage firewall (UFW)
+    ...
+```
+
+Her işlem alt seçenekler (sunucu modu, şablon, log kaynağı, port numarası vb.) içerir ve istediğiniz noktada ana menüye dönmek için **← Back** seçeneği sunar.
+
+Komutları zaten biliyorsanız, doğrudan da kullanabilirsiniz:
+
+```bash
+quicklify init                    # Yeni sunucu kur
+quicklify status sunucum          # Sunucu durumunu kontrol et
+quicklify backup --all            # Tüm sunucuları yedekle
 ```
 
-Hepsi bu kadar. Quicklify sunucu oluşturma, SSH anahtar kurulumu, güvenlik duvarı yapılandırması ve Coolify kurulumunu otomatik yapar.
+Quicklify sunucu oluşturma, SSH anahtar kurulumu, güvenlik duvarı yapılandırması ve platform kurulumunu otomatik yapar.
 
 ## Quicklify'ı Farklı Kılan Ne?
 
@@ -47,27 +69,30 @@ Hepsi bu kadar. Quicklify sunucu oluşturma, SSH anahtar kurulumu, güvenlik duv
 | Güvenlik sonradan mı düşünülüyor? | Güvenlik duvarı, SSH sıkılaştırma, SSL ve güvenlik denetimi hazır |
 | Yedekleme? Belki bir gün... | Tek komutla yedekleme ve geri yükleme, manifest takibiyle |
 | Birden fazla sunucu mu yönetiyorsunuz? | Yedekleme, bakım, durum ve sağlıkta `--all` desteği |
-| Mevcut sunucu takip dışı mı? | `quicklify add` ile her Coolify sunucusunu yönetime alın |
+| Mevcut sunucu takip dışı mı? | `quicklify add` ile her sunucuyu yönetime alın |
+| Komutları ezberlemek mi? | `quicklify` yazın — interaktif menü sizi yönlendirir |
 
 ## Neler Yapabilirsiniz?
 
 ### Kurulum
 ```bash
-quicklify init                          # İnteraktif kurulum
+quicklify                               # İnteraktif menü (önerilen)
+quicklify init                          # İnteraktif kurulum (doğrudan)
 quicklify init --provider hetzner       # Otomatik kurulum
 quicklify init --config quicklify.yml   # YAML ile kurulum
 quicklify init --template production    # Şablon kullanarak
+quicklify init --mode bare              # Genel VPS (Coolify olmadan)
 ```
 
 ### Yönetim
 ```bash
 quicklify list                  # Sunucuları listele
-quicklify status sunucum        # Sunucu ve Coolify durumu
+quicklify status sunucum        # Sunucu durumu
 quicklify status --all          # Tüm sunucuları kontrol et
 quicklify ssh sunucum           # Sunucuya SSH bağlantısı
 quicklify restart sunucum       # Sunucuyu yeniden başlat
 quicklify destroy sunucum       # Bulut sunucusunu tamamen sil
-quicklify add                   # Mevcut Coolify sunucusu ekle
+quicklify add                   # Mevcut sunucu ekle
 quicklify remove sunucum        # Yerel yapılandırmadan kaldır
 quicklify config set key value  # Varsayılan yapılandırma yönet
 quicklify export                # Sunucu listesini JSON'a aktar
@@ -76,7 +101,7 @@ quicklify import servers.json   # JSON'dan sunucuları içe aktar
 
 ### Güncelleme ve Bakım
 ```bash
-quicklify update sunucum        # Coolify'ı güncelle
+quicklify update sunucum        # Coolify güncelle (Coolify sunucuları)
 quicklify maintain sunucum      # Tam bakım (snapshot + güncelleme + sağlık + yeniden başlatma)
 quicklify maintain --all        # Tüm sunucuları bakıma al
 ```
@@ -108,7 +133,7 @@ quicklify domain add sunucum --domain ornek.com  # Domain + SSL ayarla
 ### İzleme ve Hata Ayıklama
 ```bash
 quicklify monitor sunucum             # CPU, RAM, disk kullanımı
-quicklify logs sunucum                 # Coolify logları
+quicklify logs sunucum                 # Sunucu logları
 quicklify logs sunucum -f              # Logları canlı takip et
 quicklify health                       # Tüm sunucuların sağlık kontrolü
 quicklify doctor                       # Yerel ortam kontrolü
@@ -157,7 +182,7 @@ quicklify init --template production --provider hetzner
 
 ## Güvenlik
 
-Quicklify güvenlik öncelikli olarak geliştirilmektedir — 64 test suite'inde **1.750+ test**, özel güvenlik test suite'leri dahil.
+Quicklify güvenlik öncelikli olarak geliştirilmektedir — 78 test suite'inde **2.099 test**, özel güvenlik test suite'leri dahil.
 
 - API token'ları asla diske kaydedilmez — çalışma zamanında sorulur veya ortam değişkenlerinden alınır
 - SSH anahtarları gerekirse otomatik oluşturulur (Ed25519)
@@ -229,21 +254,20 @@ Mevcut araçlar:
 | `server_maintain` | update, restart, maintain | Coolify güncelle, sunucuları yeniden başlat, tam bakım yap |
 | `server_secure` | secure, firewall, domain | SSH sıkılaştırma, güvenlik duvarı kuralları, domain/SSL yönetimi (10 alt komut) |
 | `server_backup` | backup, snapshot | Veritabanı yedekle/geri yükle ve VPS snapshot oluştur/yönet |
-| `server_provision` | create | Bulut sağlayıcılarda yeni Coolify sunucusu oluştur |
+| `server_provision` | create | Bulut sağlayıcılarda yeni sunucu oluştur |
 
 > Tüm yıkıcı işlemler (destroy, restore, snapshot-delete, provision, restart, maintain, snapshot-create) çalıştırılmak için `SAFE_MODE=false` gerektirir.
 
 ## Gelecek Planlar
 
 - Zamanlanmış bakım (cron tabanlı otomatik bakım)
-- Genel sunucu yönetimi (Coolify olmayan sunucular)
-- İnteraktif TUI arayüzü
+- Dokploy platform desteği (`--platform dokploy`)
 
 ## Felsefe
 
 > Altyapı sıkıcı, öngörülebilir ve güvenli olmalıdır.
 
-Quicklify bir script değildir. Coolify için DevOps güvenlik katmanınızdır.
+Quicklify bir script değildir. Self-hosted altyapınız için DevOps güvenlik katmanınızdır.
 
 ## Lisans
 

package/SECURITY.md

@@ -21,55 +21,81 @@ If you discover a security vulnerability in Quicklify:
 
 Response time: Within 48 hours
 
-## Security Measures
+## Security Architecture
 
-### Authentication & Tokens
-- API tokens are NEVER stored on disk — runtime prompt or env vars only
+### Token Handling (A2 — Sensitive Data Exposure)
+- API tokens are **never stored on disk** — runtime prompt or environment variables only
 - Supported env vars: `HETZNER_TOKEN`, `DIGITALOCEAN_TOKEN`, `VULTR_TOKEN`, `LINODE_TOKEN`
 - API tokens collected via interactive secure prompts (masked input) when env vars are not set
-- Provider errors sanitized via `stripSensitiveData()` — no token leakage in error output
+- `sanitizedEnv()` strips all keys containing TOKEN, SECRET, PASSWORD, CREDENTIAL from child process environments before every `spawn`/`spawnSync`/`exec` call
+- Provider errors sanitized via `stripSensitiveData()` — removes Authorization headers, request data, response headers, and non-whitelisted response body fields from axios errors before they propagate via error cause chains
 
-### Input Validation
-- All user inputs validated (server names, IPs, ports, domains, backup IDs)
-- `assertValidIp()` — IPv4 format + octet range (0-255) validation on all SSH/SCP calls
+### Input Validation (A1 — Injection)
+- All shell execution uses `spawn`/`spawnSync` with array arguments (never string interpolation into shell commands)
+- `assertValidIp()` — IPv4 format and octet range (0-255) validation applied before every SSH/SCP connection and before ssh-keygen calls (defense-in-depth)
+- `assertSafePath()` — rejects remote SCP paths containing shell metacharacters (`;`, `|`, `&`, `$`, `` ` ``, `(`, `)`, `<`, `>`, newlines, spaces)
 - Server name validation: 3-63 chars, lowercase alphanumeric + hyphens, must start with letter
-- Shell injection protection: `spawnSync`/`spawn` used instead of `execSync` for all SSH operations
+- `buildHardeningCommand()` — SSH port option validated as integer in range 1-65535 before interpolation into sed command
 - YAML config: 22+ security key patterns detected and warned
+- MCP tools: Zod schema validation on all inputs (port ranges, provider enums, backup ID regex)
 
-### File System Security
+### SSH & Network Security
+- `StrictHostKeyChecking=accept-new` for initial connections (first connect accepts key, subsequent connections verify)
+- `BatchMode=yes` on non-interactive SSH (prevents stdin hijacking — critical for MCP mode)
+- `ConnectTimeout=10` and 30s exec timeout prevent hanging connections
+- Stale host key auto-removal with IP re-validation before `ssh-keygen -R` calls
+- SSRF defense: `assertValidIp()` on all Coolify health check targets
+
+### File System Security (A5 — Security Misconfiguration)
 - Config directory (`~/.quicklify/`) created with `0o700` permissions (owner only)
 - Server config file written with `0o600` permissions (owner read/write only)
+- Backup directories created with `0o700` permissions
 - Backup manifest files written with `0o600` permissions
 - Export files written with `0o600` permissions
 - Cloud-init install log restricted to `chmod 600` (root only)
 
-### SSH & Network
-- IP validation (`assertValidIp()`) before every SSH/SCP connection
-- Sensitive environment variables filtered from child processes (`sanitizedEnv()`)
-- `StrictHostKeyChecking` enabled on interactive SSH connections
-- `sanitizeStderr()` redacts IPs, home paths, tokens, and secrets from error output (200 char limit)
-
-### MCP Server Security
-- **SAFE_MODE** (default: enabled) — Blocks destructive operations: `destroy`, `restore`, `snapshot-delete`, `provision`, `restart`, `maintain`, `snapshot-create`
-- Zod schema validation on all MCP tool inputs (port ranges, provider enums, backup ID regex)
-- Path traversal protection on backup restore (`backupId` regex + `path.resolve()` guard)
-- `serverIp` excluded from backup manifests — no IP persistence in local files
-- Stack trace sanitization in MCP error responses via `getErrorMessage()`
-- SSRF defense: `assertValidIp()` on Coolify health checks
-
-### Import/Export
+### Error Handling & Data Exposure
+- `getErrorMessage()` returns only `error.message` — never exposes stack traces to users
+- `sanitizeStderr()` redacts home directory paths, IP addresses, `password=`, `token=`, `secret=` patterns from SSH stderr output (200 char limit)
+- MCP error responses use `getErrorMessage()` — no stack trace disclosure
+
+### Path Traversal Protection (A5)
+- Backup restore: `backupId` regex validation + `path.resolve()` guard ensures backup path stays within the server's backup directory
+- Remote SCP paths validated by `assertSafePath()` before use
+
+### Access Control (A3 — Broken Access Control)
+- **SAFE_MODE** (`QUICKLIFY_SAFE_MODE=true`, default enabled for MCP) blocks destructive operations: `destroy`, `restore`, `snapshot-delete`, `provision`, `restart`, `maintain`, `snapshot-create`
+- Mode guard (`requireCoolifyMode()`) prevents Coolify-specific operations on bare servers
+
+### Import/Export Security
 - Sensitive field stripping on import
 - Strict file permissions on export
 - Format validation with field-level checking
 - Duplicate detection by server ID
 
-## HTTP Usage
-
-Quicklify accesses Coolify at `http://IP:8000` during initial setup. This is expected because SSL/TLS is not configured on a fresh Coolify installation. Users are warned to set up a domain and enable SSL for production use.
-
-## Third-party Dependencies
-
-Quicklify uses audited dependencies:
+## OWASP Top 10 Compliance Summary
+
+| Category | Status | Implementation |
+|----------|--------|----------------|
+| A1 - Injection | Mitigated | `spawn` array args, `assertValidIp`, `assertSafePath`, port integer validation |
+| A2 - Sensitive Data Exposure | Mitigated | `sanitizedEnv()` on all child processes, `stripSensitiveData()` on provider errors, tokens never on disk |
+| A3 - Broken Access Control | Mitigated | SAFE_MODE blocks destructive ops, mode guard on Coolify-only ops |
+| A4 - Insecure Design | N/A | CLI tool, minimal attack surface |
+| A5 - Security Misconfiguration | Mitigated | Restrictive file permissions (0o600/0o700), timeout limits, buffer caps |
+| A6 - Vulnerable Components | See below | Production: 0 vulnerabilities |
+| A7 - XSS | N/A | CLI tool, no web UI |
+| A8 - Insecure Deserialization | Mitigated | JSON.parse wrapped in try/catch with safe defaults |
+| A9 - Logging & Monitoring | Partial | `sanitizeStderr()` prevents sensitive data in logs |
+| A10 - SSRF | Mitigated | `assertValidIp()` on all outbound SSH/HTTP targets |
+
+## Dependency Security
+
+### Production Dependencies (0 known vulnerabilities)
+```
+npm audit --omit=dev → found 0 vulnerabilities
+```
+
+All production dependencies use audited, versioned packages:
 - Hetzner Cloud API v1 (via Axios, HTTPS)
 - DigitalOcean API v2 (via Axios, HTTPS)
 - Vultr API v2 (via Axios, HTTPS)
@@ -77,9 +103,12 @@ Quicklify uses audited dependencies:
 - Model Context Protocol SDK (`@modelcontextprotocol/sdk`) for MCP server
 - Zod for runtime input validation
 - Coolify installed via `curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash` (official method, HTTPS)
-- All dependencies regularly updated
-- Socket.dev security monitoring enabled
 
-**Note:** The `curl | bash` installation method is the official Coolify installation procedure. The script is fetched over HTTPS from Coolify's CDN.
+### Dev Dependencies
+One moderate-severity ReDoS vulnerability remains in `test-exclude` → `glob` → `minimatch@10.0.0-10.2.2` (jest code coverage toolchain). This is a dev-only dependency not present in production builds. Remediation is blocked by the dependency chain — `npm audit fix --force` would cause lock file breakage per project policy. Risk accepted as dev-only, not exploitable in production.
 
 Security scan: https://socket.dev/npm/package/quicklify
+
+## HTTP Usage
+
+Quicklify accesses Coolify at `http://IP:8000` during initial setup. This is expected because SSL/TLS is not configured on a fresh Coolify installation. Users are warned to set up a domain and enable SSL for production use.

package/dist/commands/add.d.ts

@@ -3,6 +3,7 @@ interface AddOptions {
     ip?: string;
     name?: string;
     skipVerify?: boolean;
+    mode?: string;
 }
 export declare function addCommand(options?: AddOptions): Promise<void>;
 export {};

package/dist/commands/add.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"add.d.ts","sourceRoot":"","sources":["../../src/commands/add.ts"],"names":[],"mappings":"AAUA,UAAU,UAAU;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,wBAAsB,UAAU,CAAC,OAAO,GAAE,UAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAyJxE"}
+{"version":3,"file":"add.d.ts","sourceRoot":"","sources":["../../src/commands/add.ts"],"names":[],"mappings":"AASA,UAAU,UAAU;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,wBAAsB,UAAU,CAAC,OAAO,GAAE,UAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CA0HxE"}

package/dist/commands/add.js

@@ -1,11 +1,10 @@
 import inquirer from "inquirer";
 import ora from "ora";
 import chalk from "chalk";
-import { getServers, saveServer } from "../utils/config.js";
 import { promptApiToken } from "../utils/serverSelect.js";
-import { createProviderWithToken } from "../utils/providerFactory.js";
-import { sshExec, checkSshAvailable } from "../utils/ssh.js";
+import { addServerRecord } from "../core/manage.js";
 import { logger } from "../utils/logger.js";
+import { SUPPORTED_PROVIDERS, PROVIDER_DISPLAY_NAMES, invalidProviderError } from "../constants.js";
 export async function addCommand(options = {}) {
     // Step 1: Select provider
     let providerName = options.provider;
@@ -15,35 +14,22 @@ export async function addCommand(options = {}) {
                 type: "list",
                 name: "provider",
                 message: "Select cloud provider:",
-                choices: [
-                    { name: "Hetzner Cloud", value: "hetzner" },
-                    { name: "DigitalOcean", value: "digitalocean" },
-                    { name: "Vultr", value: "vultr" },
-                    { name: "Linode (Akamai)", value: "linode" },
-                ],
+                choices: SUPPORTED_PROVIDERS.map((p) => ({
+                    name: PROVIDER_DISPLAY_NAMES[p],
+                    value: p,
+                })),
             },
         ]);
         providerName = provider;
     }
-    const validProviders = ["hetzner", "digitalocean", "vultr", "linode"];
-    if (!validProviders.includes(providerName)) {
-        logger.error(`Invalid provider: ${providerName}. Use: ${validProviders.join(", ")}`);
+    if (!SUPPORTED_PROVIDERS.includes(providerName)) {
+        logger.error(invalidProviderError(providerName));
         process.exit(1);
         return;
     }
     // Step 2: Get API token
-    const token = await promptApiToken(providerName);
-    const provider = createProviderWithToken(providerName, token);
-    // Step 3: Validate token
-    const spinner = ora("Validating API token...").start();
-    const valid = await provider.validateToken(token);
-    if (!valid) {
-        spinner.fail("Invalid API token");
-        process.exit(1);
-        return;
-    }
-    spinner.succeed("Token validated");
-    // Step 4: Get server IP
+    const apiToken = await promptApiToken(providerName);
+    // Step 3: Get server IP
     let serverIp = options.ip;
     if (!serverIp) {
         const { ip } = await inquirer.prompt([
@@ -68,23 +54,16 @@ export async function addCommand(options = {}) {
         ]);
         serverIp = ip.trim();
     }
-    // Step 5: Check for duplicate
-    const existingServers = getServers();
-    const duplicate = existingServers.find((s) => s.ip === serverIp);
-    if (duplicate) {
-        logger.error(`Server with IP ${serverIp} already exists: ${duplicate.name}`);
-        process.exit(1);
-        return;
-    }
-    // Step 6: Get server name
+    // Step 4: Get server name
     let serverName = options.name;
     if (!serverName) {
+        const defaultName = options.mode === "bare" ? "bare-server" : "coolify-server";
         const { name } = await inquirer.prompt([
             {
                 type: "input",
                 name: "name",
                 message: "Server name:",
-                default: "coolify-server",
+                default: defaultName,
                 validate: (input) => {
                     const trimmed = input.trim();
                     if (!trimmed)
@@ -101,50 +80,45 @@ export async function addCommand(options = {}) {
         ]);
         serverName = name.trim();
     }
-    // Step 7: Verify Coolify is installed (unless --skip-verify)
-    if (!options.skipVerify) {
-        if (!checkSshAvailable()) {
-            logger.warning("SSH not available. Use --skip-verify to skip Coolify verification.");
-            process.exit(1);
-            return;
-        }
-        const verifySpinner = ora("Verifying Coolify installation...").start();
-        try {
-            const result = await sshExec(serverIp, "curl -s -o /dev/null -w '%{http_code}' http://localhost:8000/api/health");
-            if (result.code === 0 && result.stdout.trim().includes("200")) {
-                verifySpinner.succeed("Coolify is running");
-            }
-            else {
-                // Fallback: check docker containers
-                const dockerResult = await sshExec(serverIp, "docker ps --format '{{.Names}}' 2>/dev/null | grep -q coolify && echo OK");
-                if (dockerResult.code === 0 && dockerResult.stdout.trim().includes("OK")) {
-                    verifySpinner.succeed("Coolify containers detected");
-                }
-                else {
-                    verifySpinner.warn("Coolify not detected. Server added anyway.");
-                }
-            }
-        }
-        catch {
-            verifySpinner.warn("Could not verify Coolify. Server added anyway.");
-        }
-    }
-    // Step 8: Save to config
-    const record = {
-        id: `manual-${Date.now()}`,
-        name: serverName,
+    const spinner = ora("Adding server...").start();
+    // Delegate all business logic to core
+    const result = await addServerRecord({
         provider: providerName,
         ip: serverIp,
-        region: "unknown",
-        size: "unknown",
-        createdAt: new Date().toISOString(),
-    };
-    saveServer(record);
+        name: serverName,
+        skipVerify: options.skipVerify,
+        apiToken,
+        ...(options.mode ? { mode: options.mode } : {}),
+    });
+    if (!result.success) {
+        spinner.fail(result.error ?? "Failed to add server");
+        process.exit(1);
+        return;
+    }
+    // Handle SSH unavailable (non-fatal)
+    if (result.coolifyStatus === "ssh_unavailable") {
+        spinner.warn("SSH not available. Use --skip-verify to skip Coolify verification.");
+        process.exit(1);
+        return;
+    }
+    const server = result.server;
+    if (result.coolifyStatus === "running") {
+        spinner.succeed("Coolify is running");
+    }
+    else if (result.coolifyStatus === "containers_detected") {
+        spinner.succeed("Coolify containers detected");
+    }
+    else if (result.coolifyStatus === "skipped") {
+        spinner.succeed("Token validated");
+    }
+    else {
+        spinner.warn("Could not verify Coolify. Server added anyway.");
+    }
     console.log();
     console.log(chalk.green("Server added successfully!"));
-    console.log(`  Name: ${record.name}`);
-    console.log(`  IP: ${record.ip}`);
-    console.log(`  Provider: ${provider.displayName}`);
+    console.log(`  Name: ${server.name}`);
+    console.log(`  IP: ${server.ip}`);
+    console.log(`  Provider: ${server.provider}`);
     console.log();
     console.log("All commands now work for this server (status, update, backup, etc.)");
 }