suthep 0.1.0 → 0.2.0-beta.1

package/dist/utils/nginx.js

@@ -1,15 +1,19 @@
 import { execa } from "execa";
 import fs from "fs-extra";
 import path from "path";
-function generateNginxConfig(service, withHttps) {
+function generateNginxConfig(service, withHttps, portOverride) {
   const serverNames = service.domains.join(" ");
-  const upstreamName = `${service.name}_backend`;
+  const primaryDomain = service.domains[0];
+  const domainSafe = primaryDomain.replace(/\./g, "_").replace(/[^a-zA-Z0-9_]/g, "_");
+  const upstreamName = `${domainSafe}_${service.name}`;
+  const servicePath = service.path || "/";
+  const port = portOverride || service.port;
   let config = `# Nginx configuration for ${service.name}
 
 `;
   config += `upstream ${upstreamName} {
 `;
-  config += `    server localhost:${service.port} max_fails=3 fail_timeout=30s;
+  config += `    server localhost:${port} max_fails=3 fail_timeout=30s;
 `;
   config += `    keepalive 32;
 `;
@@ -42,12 +46,12 @@ function generateNginxConfig(service, withHttps) {
     config += `    server_name ${serverNames};
 
 `;
-    const primaryDomain = service.domains[0];
+    const primaryDomain2 = service.domains[0];
     config += `    # SSL Configuration
 `;
-    config += `    ssl_certificate /etc/letsencrypt/live/${primaryDomain}/fullchain.pem;
+    config += `    ssl_certificate /etc/letsencrypt/live/${primaryDomain2}/fullchain.pem;
 `;
-    config += `    ssl_certificate_key /etc/letsencrypt/live/${primaryDomain}/privkey.pem;
+    config += `    ssl_certificate_key /etc/letsencrypt/live/${primaryDomain2}/privkey.pem;
 `;
     config += `    ssl_protocols TLSv1.2 TLSv1.3;
 `;
@@ -81,7 +85,7 @@ function generateNginxConfig(service, withHttps) {
 `;
   config += `    # Proxy settings
 `;
-  config += `    location / {
+  config += `    location ${servicePath} {
 `;
   config += `        proxy_pass http://${upstreamName};
 `;
@@ -126,6 +130,149 @@ function generateNginxConfig(service, withHttps) {
 `;
   return config;
 }
+function generateMultiServiceNginxConfig(services, domain, withHttps, portOverrides) {
+  const upstreams = [];
+  const locations = [];
+  const healthChecks = [];
+  const sortedServices = [...services].sort((a, b) => {
+    const pathA = (a.path || "/").length;
+    const pathB = (b.path || "/").length;
+    return pathB - pathA;
+  });
+  const usedUpstreamNames = /* @__PURE__ */ new Set();
+  for (const service of sortedServices) {
+    const domainSafe = domain.replace(/\./g, "_").replace(/[^a-zA-Z0-9_]/g, "_");
+    let upstreamName = `${domainSafe}_${service.name}`;
+    let counter = 1;
+    const originalUpstreamName = upstreamName;
+    while (usedUpstreamNames.has(upstreamName)) {
+      upstreamName = `${originalUpstreamName}_${counter}`;
+      counter++;
+    }
+    usedUpstreamNames.add(upstreamName);
+    const servicePath = service.path || "/";
+    const port = portOverrides?.get(service.name) || service.port;
+    upstreams.push(`upstream ${upstreamName} {`);
+    upstreams.push(`    server localhost:${port} max_fails=3 fail_timeout=30s;`);
+    upstreams.push(`    keepalive 32;`);
+    upstreams.push(`}`);
+    if (servicePath === "/") {
+      locations.push(`    # Service: ${service.name}`);
+      locations.push(`    location / {`);
+    } else {
+      locations.push(`    # Service: ${service.name}`);
+      locations.push(`    location ${servicePath} {`);
+    }
+    locations.push(`        proxy_pass http://${upstreamName};`);
+    locations.push(`        proxy_http_version 1.1;`);
+    locations.push(`        proxy_set_header Upgrade $http_upgrade;`);
+    locations.push(`        proxy_set_header Connection 'upgrade';`);
+    locations.push(`        proxy_set_header Host $host;`);
+    locations.push(`        proxy_set_header X-Real-IP $remote_addr;`);
+    locations.push(`        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`);
+    locations.push(`        proxy_set_header X-Forwarded-Proto $scheme;`);
+    locations.push(`        proxy_cache_bypass $http_upgrade;`);
+    locations.push(`        proxy_connect_timeout 60s;`);
+    locations.push(`        proxy_send_timeout 60s;`);
+    locations.push(`        proxy_read_timeout 60s;`);
+    locations.push(`    }`);
+    if (service.healthCheck) {
+      healthChecks.push(`    # Health check for ${service.name}`);
+      healthChecks.push(`    location ${service.healthCheck.path} {`);
+      healthChecks.push(`        proxy_pass http://${upstreamName};`);
+      healthChecks.push(`        access_log off;`);
+      healthChecks.push(`    }`);
+    }
+  }
+  let config = `# Nginx configuration for ${domain}
+`;
+  config += `# Multiple services on the same domain
+
+`;
+  config += upstreams.join("\n") + "\n\n";
+  if (withHttps) {
+    config += `server {
+`;
+    config += `    listen 80;
+`;
+    config += `    listen [::]:80;
+`;
+    config += `    server_name ${domain};
+
+`;
+    config += `    # Redirect all HTTP to HTTPS
+`;
+    config += `    return 301 https://$server_name$request_uri;
+`;
+    config += `}
+
+`;
+    config += `server {
+`;
+    config += `    listen 443 ssl http2;
+`;
+    config += `    listen [::]:443 ssl http2;
+`;
+    config += `    server_name ${domain};
+
+`;
+    config += `    # SSL Configuration
+`;
+    config += `    ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;
+`;
+    config += `    ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
+`;
+    config += `    ssl_protocols TLSv1.2 TLSv1.3;
+`;
+    config += `    ssl_ciphers HIGH:!aNULL:!MD5;
+`;
+    config += `    ssl_prefer_server_ciphers on;
+
+`;
+  } else {
+    config += `server {
+`;
+    config += `    listen 80;
+`;
+    config += `    listen [::]:80;
+`;
+    config += `    server_name ${domain};
+
+`;
+  }
+  config += `    # Logging
+`;
+  config += `    access_log /var/log/nginx/${domain}_access.log;
+`;
+  config += `    error_log /var/log/nginx/${domain}_error.log;
+
+`;
+  config += `    # Client settings
+`;
+  config += `    client_max_body_size 100M;
+
+`;
+  config += `    # Service locations
+`;
+  config += locations.join("\n") + "\n\n";
+  if (healthChecks.length > 0) {
+    config += `    # Health check endpoints
+`;
+    config += healthChecks.join("\n") + "\n";
+  }
+  config += `}
+`;
+  return config;
+}
+async function writeNginxConfig(configName, configPath, configContent) {
+  const configFilePath = path.join(configPath, `${configName}.conf`);
+  const exists = await fs.pathExists(configFilePath);
+  if (exists) {
+    await fs.remove(configFilePath);
+  }
+  await fs.writeFile(configFilePath, configContent);
+  return exists;
+}
 async function enableSite(siteName, configPath) {
   const availablePath = path.join(configPath, `${siteName}.conf`);
   const enabledPath = availablePath.replace("sites-available", "sites-enabled");
@@ -146,9 +293,21 @@ async function reloadNginx(reloadCommand) {
     throw new Error(`Failed to reload Nginx: ${error instanceof Error ? error.message : error}`);
   }
 }
+async function disableSite(siteName, configPath) {
+  const enabledPath = path.join(
+    configPath.replace("sites-available", "sites-enabled"),
+    `${siteName}.conf`
+  );
+  if (await fs.pathExists(enabledPath)) {
+    await fs.remove(enabledPath);
+  }
+}
 export {
+  disableSite,
   enableSite,
+  generateMultiServiceNginxConfig,
   generateNginxConfig,
-  reloadNginx
+  reloadNginx,
+  writeNginxConfig
 };
 //# sourceMappingURL=nginx.js.map

package/dist/utils/nginx.js.map

@@ -1 +1 @@
-{"version":3,"file":"nginx.js","sources":["../../src/utils/nginx.ts"],"sourcesContent":["import { execa } from 'execa'\nimport fs from 'fs-extra'\nimport path from 'path'\nimport type { ServiceConfig } from '../types/config'\n\n/**\n * Generate Nginx server block configuration for a service\n */\nexport function generateNginxConfig(service: ServiceConfig, withHttps: boolean): string {\n  const serverNames = service.domains.join(' ')\n  const upstreamName = `${service.name}_backend`\n\n  let config = `# Nginx configuration for ${service.name}\\n\\n`\n\n  // Upstream configuration\n  config += `upstream ${upstreamName} {\\n`\n  config += `    server localhost:${service.port} max_fails=3 fail_timeout=30s;\\n`\n  config += `    keepalive 32;\\n`\n  config += `}\\n\\n`\n\n  if (withHttps) {\n    // HTTP server - redirect to HTTPS\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n    config += `    # Redirect all HTTP to HTTPS\\n`\n    config += `    return 301 https://$server_name$request_uri;\\n`\n    config += `}\\n\\n`\n\n    // HTTPS server\n    config += `server {\\n`\n    config += `    listen 443 ssl http2;\\n`\n    config += `    listen [::]:443 ssl http2;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n\n    // SSL configuration\n    const primaryDomain = service.domains[0]\n    config += `    # SSL Configuration\\n`\n    config += `    ssl_certificate /etc/letsencrypt/live/${primaryDomain}/fullchain.pem;\\n`\n    config += `    ssl_certificate_key /etc/letsencrypt/live/${primaryDomain}/privkey.pem;\\n`\n    config += `    ssl_protocols TLSv1.2 TLSv1.3;\\n`\n    config += `    ssl_ciphers HIGH:!aNULL:!MD5;\\n`\n    config += `    ssl_prefer_server_ciphers on;\\n\\n`\n  } else {\n    // HTTP only server\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n  }\n\n  // Logging\n  config += `    # Logging\\n`\n  config += `    access_log /var/log/nginx/${service.name}_access.log;\\n`\n  config += `    error_log /var/log/nginx/${service.name}_error.log;\\n\\n`\n\n  // Client settings\n  config += `    # Client settings\\n`\n  config += `    client_max_body_size 100M;\\n\\n`\n\n  // Proxy settings\n  config += `    # Proxy settings\\n`\n  config += `    location / {\\n`\n  config += `        proxy_pass http://${upstreamName};\\n`\n  config += `        proxy_http_version 1.1;\\n`\n  config += `        proxy_set_header Upgrade $http_upgrade;\\n`\n  config += `        proxy_set_header Connection 'upgrade';\\n`\n  config += `        proxy_set_header Host $host;\\n`\n  config += `        proxy_set_header X-Real-IP $remote_addr;\\n`\n  config += `        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\\n`\n  config += `        proxy_set_header X-Forwarded-Proto $scheme;\\n`\n  config += `        proxy_cache_bypass $http_upgrade;\\n`\n  config += `        proxy_connect_timeout 60s;\\n`\n  config += `        proxy_send_timeout 60s;\\n`\n  config += `        proxy_read_timeout 60s;\\n`\n  config += `    }\\n`\n\n  // Health check endpoint (if configured)\n  if (service.healthCheck) {\n    config += `\\n    # Health check endpoint\\n`\n    config += `    location ${service.healthCheck.path} {\\n`\n    config += `        proxy_pass http://${upstreamName};\\n`\n    config += `        access_log off;\\n`\n    config += `    }\\n`\n  }\n\n  config += `}\\n`\n\n  return config\n}\n\n/**\n * Enable an Nginx site by creating a symbolic link\n */\nexport async function enableSite(siteName: string, configPath: string): Promise<void> {\n  const availablePath = path.join(configPath, `${siteName}.conf`)\n  const enabledPath = availablePath.replace('sites-available', 'sites-enabled')\n\n  // Create sites-enabled directory if it doesn't exist\n  await fs.ensureDir(path.dirname(enabledPath))\n\n  // Remove existing symlink if present\n  if (await fs.pathExists(enabledPath)) {\n    await fs.remove(enabledPath)\n  }\n\n  // Create symlink\n  await execa('sudo', ['ln', '-sf', availablePath, enabledPath])\n}\n\n/**\n * Test and reload Nginx configuration\n */\nexport async function reloadNginx(reloadCommand: string): Promise<void> {\n  try {\n    // Test configuration first\n    await execa('sudo', ['nginx', '-t'])\n\n    // Reload Nginx\n    const parts = reloadCommand.split(' ')\n    if (parts.length > 0) {\n      // Simple execution of provided command\n      await execa(parts[0], parts.slice(1), { shell: true })\n    }\n  } catch (error) {\n    throw new Error(`Failed to reload Nginx: ${error instanceof Error ? error.message : error}`)\n  }\n}\n\n/**\n * Disable an Nginx site\n */\nexport async function disableSite(siteName: string, configPath: string): Promise<void> {\n  const enabledPath = path.join(\n    configPath.replace('sites-available', 'sites-enabled'),\n    `${siteName}.conf`\n  )\n\n  if (await fs.pathExists(enabledPath)) {\n    await fs.remove(enabledPath)\n  }\n}\n"],"names":[],"mappings":";;;AAQO,SAAS,oBAAoB,SAAwB,WAA4B;AACtF,QAAM,cAAc,QAAQ,QAAQ,KAAK,GAAG;AAC5C,QAAM,eAAe,GAAG,QAAQ,IAAI;AAEpC,MAAI,SAAS,6BAA6B,QAAQ,IAAI;AAAA;AAAA;AAGtD,YAAU,YAAY,YAAY;AAAA;AAClC,YAAU,wBAAwB,QAAQ,IAAI;AAAA;AAC9C,YAAU;AAAA;AACV,YAAU;AAAA;AAAA;AAEV,MAAI,WAAW;AAEb,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AACxC,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAGV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AAGxC,UAAM,gBAAgB,QAAQ,QAAQ,CAAC;AACvC,cAAU;AAAA;AACV,cAAU,6CAA6C,aAAa;AAAA;AACpE,cAAU,iDAAiD,aAAa;AAAA;AACxE,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAAA,EACZ,OAAO;AAEL,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AAAA,EAC1C;AAGA,YAAU;AAAA;AACV,YAAU,iCAAiC,QAAQ,IAAI;AAAA;AACvD,YAAU,gCAAgC,QAAQ,IAAI;AAAA;AAAA;AAGtD,YAAU;AAAA;AACV,YAAU;AAAA;AAAA;AAGV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU,6BAA6B,YAAY;AAAA;AACnD,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AAGV,MAAI,QAAQ,aAAa;AACvB,cAAU;AAAA;AAAA;AACV,cAAU,gBAAgB,QAAQ,YAAY,IAAI;AAAA;AAClD,cAAU,6BAA6B,YAAY;AAAA;AACnD,cAAU;AAAA;AACV,cAAU;AAAA;AAAA,EACZ;AAEA,YAAU;AAAA;AAEV,SAAO;AACT;AAKA,eAAsB,WAAW,UAAkB,YAAmC;AACpF,QAAM,gBAAgB,KAAK,KAAK,YAAY,GAAG,QAAQ,OAAO;AAC9D,QAAM,cAAc,cAAc,QAAQ,mBAAmB,eAAe;AAG5E,QAAM,GAAG,UAAU,KAAK,QAAQ,WAAW,CAAC;AAG5C,MAAI,MAAM,GAAG,WAAW,WAAW,GAAG;AACpC,UAAM,GAAG,OAAO,WAAW;AAAA,EAC7B;AAGA,QAAM,MAAM,QAAQ,CAAC,MAAM,OAAO,eAAe,WAAW,CAAC;AAC/D;AAKA,eAAsB,YAAY,eAAsC;AACtE,MAAI;AAEF,UAAM,MAAM,QAAQ,CAAC,SAAS,IAAI,CAAC;AAGnC,UAAM,QAAQ,cAAc,MAAM,GAAG;AACrC,QAAI,MAAM,SAAS,GAAG;AAEpB,YAAM,MAAM,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,GAAG,EAAE,OAAO,MAAM;AAAA,IACvD;AAAA,EACF,SAAS,OAAO;AACd,UAAM,IAAI,MAAM,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,KAAK,EAAE;AAAA,EAC7F;AACF;"}
+{"version":3,"file":"nginx.js","sources":["../../src/utils/nginx.ts"],"sourcesContent":["import { execa } from 'execa'\nimport fs from 'fs-extra'\nimport path from 'path'\nimport type { ServiceConfig } from '../types/config'\n\n/**\n * Generate Nginx server block configuration for a service\n */\nexport function generateNginxConfig(\n  service: ServiceConfig,\n  withHttps: boolean,\n  portOverride?: number\n): string {\n  const serverNames = service.domains.join(' ')\n  // Use primary domain for upstream naming to ensure uniqueness\n  const primaryDomain = service.domains[0]\n  const domainSafe = primaryDomain.replace(/\\./g, '_').replace(/[^a-zA-Z0-9_]/g, '_')\n  const upstreamName = `${domainSafe}_${service.name}`\n  const servicePath = service.path || '/'\n  const port = portOverride || service.port\n\n  let config = `# Nginx configuration for ${service.name}\\n\\n`\n\n  // Upstream configuration\n  config += `upstream ${upstreamName} {\\n`\n  config += `    server localhost:${port} max_fails=3 fail_timeout=30s;\\n`\n  config += `    keepalive 32;\\n`\n  config += `}\\n\\n`\n\n  if (withHttps) {\n    // HTTP server - redirect to HTTPS\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n    config += `    # Redirect all HTTP to HTTPS\\n`\n    config += `    return 301 https://$server_name$request_uri;\\n`\n    config += `}\\n\\n`\n\n    // HTTPS server\n    config += `server {\\n`\n    config += `    listen 443 ssl http2;\\n`\n    config += `    listen [::]:443 ssl http2;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n\n    // SSL configuration\n    const primaryDomain = service.domains[0]\n    config += `    # SSL Configuration\\n`\n    config += `    ssl_certificate /etc/letsencrypt/live/${primaryDomain}/fullchain.pem;\\n`\n    config += `    ssl_certificate_key /etc/letsencrypt/live/${primaryDomain}/privkey.pem;\\n`\n    config += `    ssl_protocols TLSv1.2 TLSv1.3;\\n`\n    config += `    ssl_ciphers HIGH:!aNULL:!MD5;\\n`\n    config += `    ssl_prefer_server_ciphers on;\\n\\n`\n  } else {\n    // HTTP only server\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${serverNames};\\n\\n`\n  }\n\n  // Logging\n  config += `    # Logging\\n`\n  config += `    access_log /var/log/nginx/${service.name}_access.log;\\n`\n  config += `    error_log /var/log/nginx/${service.name}_error.log;\\n\\n`\n\n  // Client settings\n  config += `    # Client settings\\n`\n  config += `    client_max_body_size 100M;\\n\\n`\n\n  // Proxy settings\n  config += `    # Proxy settings\\n`\n  config += `    location ${servicePath} {\\n`\n  config += `        proxy_pass http://${upstreamName};\\n`\n  config += `        proxy_http_version 1.1;\\n`\n  config += `        proxy_set_header Upgrade $http_upgrade;\\n`\n  config += `        proxy_set_header Connection 'upgrade';\\n`\n  config += `        proxy_set_header Host $host;\\n`\n  config += `        proxy_set_header X-Real-IP $remote_addr;\\n`\n  config += `        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\\n`\n  config += `        proxy_set_header X-Forwarded-Proto $scheme;\\n`\n  config += `        proxy_cache_bypass $http_upgrade;\\n`\n  config += `        proxy_connect_timeout 60s;\\n`\n  config += `        proxy_send_timeout 60s;\\n`\n  config += `        proxy_read_timeout 60s;\\n`\n  config += `    }\\n`\n\n  // Health check endpoint (if configured)\n  if (service.healthCheck) {\n    config += `\\n    # Health check endpoint\\n`\n    config += `    location ${service.healthCheck.path} {\\n`\n    config += `        proxy_pass http://${upstreamName};\\n`\n    config += `        access_log off;\\n`\n    config += `    }\\n`\n  }\n\n  config += `}\\n`\n\n  return config\n}\n\n/**\n * Generate Nginx configuration for multiple services on the same domain\n * Groups services by domain and creates location blocks for each service path\n */\nexport function generateMultiServiceNginxConfig(\n  services: ServiceConfig[],\n  domain: string,\n  withHttps: boolean,\n  portOverrides?: Map<string, number>\n): string {\n  const upstreams: string[] = []\n  const locations: string[] = []\n  const healthChecks: string[] = []\n\n  // Sort services by path length (longest first) to ensure specific paths are matched before general ones\n  const sortedServices = [...services].sort((a, b) => {\n    const pathA = (a.path || '/').length\n    const pathB = (b.path || '/').length\n    return pathB - pathA\n  })\n\n  // Track upstream names to ensure uniqueness within the same domain config\n  const usedUpstreamNames = new Set<string>()\n\n  for (const service of sortedServices) {\n    // Create unique upstream name: domain_service_name to avoid conflicts\n    // Replace dots and special chars in domain for valid nginx upstream name\n    const domainSafe = domain.replace(/\\./g, '_').replace(/[^a-zA-Z0-9_]/g, '_')\n    let upstreamName = `${domainSafe}_${service.name}`\n\n    // Ensure uniqueness (in case same service name appears multiple times)\n    let counter = 1\n    const originalUpstreamName = upstreamName\n    while (usedUpstreamNames.has(upstreamName)) {\n      upstreamName = `${originalUpstreamName}_${counter}`\n      counter++\n    }\n    usedUpstreamNames.add(upstreamName)\n\n    const servicePath = service.path || '/'\n    const port = portOverrides?.get(service.name) || service.port\n\n    // Generate upstream for each service on the same domain\n    upstreams.push(`upstream ${upstreamName} {`)\n    upstreams.push(`    server localhost:${port} max_fails=3 fail_timeout=30s;`)\n    upstreams.push(`    keepalive 32;`)\n    upstreams.push(`}`)\n\n    // Generate location block\n    if (servicePath === '/') {\n      // Root path - use exact match or default\n      locations.push(`    # Service: ${service.name}`)\n      locations.push(`    location / {`)\n    } else {\n      // Specific path - use prefix match\n      locations.push(`    # Service: ${service.name}`)\n      locations.push(`    location ${servicePath} {`)\n    }\n\n    locations.push(`        proxy_pass http://${upstreamName};`)\n    locations.push(`        proxy_http_version 1.1;`)\n    locations.push(`        proxy_set_header Upgrade $http_upgrade;`)\n    locations.push(`        proxy_set_header Connection 'upgrade';`)\n    locations.push(`        proxy_set_header Host $host;`)\n    locations.push(`        proxy_set_header X-Real-IP $remote_addr;`)\n    locations.push(`        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`)\n    locations.push(`        proxy_set_header X-Forwarded-Proto $scheme;`)\n    locations.push(`        proxy_cache_bypass $http_upgrade;`)\n    locations.push(`        proxy_connect_timeout 60s;`)\n    locations.push(`        proxy_send_timeout 60s;`)\n    locations.push(`        proxy_read_timeout 60s;`)\n    locations.push(`    }`)\n\n    // Health check endpoint\n    if (service.healthCheck) {\n      healthChecks.push(`    # Health check for ${service.name}`)\n      healthChecks.push(`    location ${service.healthCheck.path} {`)\n      healthChecks.push(`        proxy_pass http://${upstreamName};`)\n      healthChecks.push(`        access_log off;`)\n      healthChecks.push(`    }`)\n    }\n  }\n\n  let config = `# Nginx configuration for ${domain}\\n`\n  config += `# Multiple services on the same domain\\n\\n`\n\n  // Add upstreams\n  config += upstreams.join('\\n') + '\\n\\n'\n\n  if (withHttps) {\n    // HTTP server - redirect to HTTPS\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${domain};\\n\\n`\n    config += `    # Redirect all HTTP to HTTPS\\n`\n    config += `    return 301 https://$server_name$request_uri;\\n`\n    config += `}\\n\\n`\n\n    // HTTPS server\n    config += `server {\\n`\n    config += `    listen 443 ssl http2;\\n`\n    config += `    listen [::]:443 ssl http2;\\n`\n    config += `    server_name ${domain};\\n\\n`\n\n    // SSL configuration\n    config += `    # SSL Configuration\\n`\n    config += `    ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem;\\n`\n    config += `    ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;\\n`\n    config += `    ssl_protocols TLSv1.2 TLSv1.3;\\n`\n    config += `    ssl_ciphers HIGH:!aNULL:!MD5;\\n`\n    config += `    ssl_prefer_server_ciphers on;\\n\\n`\n  } else {\n    // HTTP only server\n    config += `server {\\n`\n    config += `    listen 80;\\n`\n    config += `    listen [::]:80;\\n`\n    config += `    server_name ${domain};\\n\\n`\n  }\n\n  // Logging\n  config += `    # Logging\\n`\n  config += `    access_log /var/log/nginx/${domain}_access.log;\\n`\n  config += `    error_log /var/log/nginx/${domain}_error.log;\\n\\n`\n\n  // Client settings\n  config += `    # Client settings\\n`\n  config += `    client_max_body_size 100M;\\n\\n`\n\n  // Location blocks\n  config += `    # Service locations\\n`\n  config += locations.join('\\n') + '\\n\\n'\n\n  // Health check endpoints\n  if (healthChecks.length > 0) {\n    config += `    # Health check endpoints\\n`\n    config += healthChecks.join('\\n') + '\\n'\n  }\n\n  config += `}\\n`\n\n  return config\n}\n\n/**\n * Check if an Nginx config file exists\n */\nexport async function configExists(configName: string, configPath: string): Promise<boolean> {\n  const configFilePath = path.join(configPath, `${configName}.conf`)\n  return await fs.pathExists(configFilePath)\n}\n\n/**\n * Write Nginx configuration file, deleting existing file if it exists and creating new one\n */\nexport async function writeNginxConfig(\n  configName: string,\n  configPath: string,\n  configContent: string\n): Promise<boolean> {\n  const configFilePath = path.join(configPath, `${configName}.conf`)\n  const exists = await fs.pathExists(configFilePath)\n\n  // If config file exists, delete it first\n  if (exists) {\n    await fs.remove(configFilePath)\n  }\n\n  // Create new config file\n  await fs.writeFile(configFilePath, configContent)\n\n  return exists // Return true if file existed (was deleted and recreated)\n}\n\n/**\n * Enable an Nginx site by creating a symbolic link\n */\nexport async function enableSite(siteName: string, configPath: string): Promise<void> {\n  const availablePath = path.join(configPath, `${siteName}.conf`)\n  const enabledPath = availablePath.replace('sites-available', 'sites-enabled')\n\n  // Create sites-enabled directory if it doesn't exist\n  await fs.ensureDir(path.dirname(enabledPath))\n\n  // Remove existing symlink if present\n  if (await fs.pathExists(enabledPath)) {\n    await fs.remove(enabledPath)\n  }\n\n  // Create symlink\n  await execa('sudo', ['ln', '-sf', availablePath, enabledPath])\n}\n\n/**\n * Test and reload Nginx configuration\n */\nexport async function reloadNginx(reloadCommand: string): Promise<void> {\n  try {\n    // Test configuration first\n    await execa('sudo', ['nginx', '-t'])\n\n    // Reload Nginx\n    const parts = reloadCommand.split(' ')\n    if (parts.length > 0) {\n      // Simple execution of provided command\n      await execa(parts[0], parts.slice(1), { shell: true })\n    }\n  } catch (error) {\n    throw new Error(`Failed to reload Nginx: ${error instanceof Error ? error.message : error}`)\n  }\n}\n\n/**\n * Disable an Nginx site\n */\nexport async function disableSite(siteName: string, configPath: string): Promise<void> {\n  const enabledPath = path.join(\n    configPath.replace('sites-available', 'sites-enabled'),\n    `${siteName}.conf`\n  )\n\n  if (await fs.pathExists(enabledPath)) {\n    await fs.remove(enabledPath)\n  }\n}\n"],"names":["primaryDomain"],"mappings":";;;AAQO,SAAS,oBACd,SACA,WACA,cACQ;AACR,QAAM,cAAc,QAAQ,QAAQ,KAAK,GAAG;AAE5C,QAAM,gBAAgB,QAAQ,QAAQ,CAAC;AACvC,QAAM,aAAa,cAAc,QAAQ,OAAO,GAAG,EAAE,QAAQ,kBAAkB,GAAG;AAClF,QAAM,eAAe,GAAG,UAAU,IAAI,QAAQ,IAAI;AAClD,QAAM,cAAc,QAAQ,QAAQ;AACpC,QAAM,OAAO,gBAAgB,QAAQ;AAErC,MAAI,SAAS,6BAA6B,QAAQ,IAAI;AAAA;AAAA;AAGtD,YAAU,YAAY,YAAY;AAAA;AAClC,YAAU,wBAAwB,IAAI;AAAA;AACtC,YAAU;AAAA;AACV,YAAU;AAAA;AAAA;AAEV,MAAI,WAAW;AAEb,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AACxC,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAGV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AAGxC,UAAMA,iBAAgB,QAAQ,QAAQ,CAAC;AACvC,cAAU;AAAA;AACV,cAAU,6CAA6CA,cAAa;AAAA;AACpE,cAAU,iDAAiDA,cAAa;AAAA;AACxE,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAAA,EACZ,OAAO;AAEL,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,WAAW;AAAA;AAAA;AAAA,EAC1C;AAGA,YAAU;AAAA;AACV,YAAU,iCAAiC,QAAQ,IAAI;AAAA;AACvD,YAAU,gCAAgC,QAAQ,IAAI;AAAA;AAAA;AAGtD,YAAU;AAAA;AACV,YAAU;AAAA;AAAA;AAGV,YAAU;AAAA;AACV,YAAU,gBAAgB,WAAW;AAAA;AACrC,YAAU,6BAA6B,YAAY;AAAA;AACnD,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AACV,YAAU;AAAA;AAGV,MAAI,QAAQ,aAAa;AACvB,cAAU;AAAA;AAAA;AACV,cAAU,gBAAgB,QAAQ,YAAY,IAAI;AAAA;AAClD,cAAU,6BAA6B,YAAY;AAAA;AACnD,cAAU;AAAA;AACV,cAAU;AAAA;AAAA,EACZ;AAEA,YAAU;AAAA;AAEV,SAAO;AACT;AAMO,SAAS,gCACd,UACA,QACA,WACA,eACQ;AACR,QAAM,YAAsB,CAAA;AAC5B,QAAM,YAAsB,CAAA;AAC5B,QAAM,eAAyB,CAAA;AAG/B,QAAM,iBAAiB,CAAC,GAAG,QAAQ,EAAE,KAAK,CAAC,GAAG,MAAM;AAClD,UAAM,SAAS,EAAE,QAAQ,KAAK;AAC9B,UAAM,SAAS,EAAE,QAAQ,KAAK;AAC9B,WAAO,QAAQ;AAAA,EACjB,CAAC;AAGD,QAAM,wCAAwB,IAAA;AAE9B,aAAW,WAAW,gBAAgB;AAGpC,UAAM,aAAa,OAAO,QAAQ,OAAO,GAAG,EAAE,QAAQ,kBAAkB,GAAG;AAC3E,QAAI,eAAe,GAAG,UAAU,IAAI,QAAQ,IAAI;AAGhD,QAAI,UAAU;AACd,UAAM,uBAAuB;AAC7B,WAAO,kBAAkB,IAAI,YAAY,GAAG;AAC1C,qBAAe,GAAG,oBAAoB,IAAI,OAAO;AACjD;AAAA,IACF;AACA,sBAAkB,IAAI,YAAY;AAElC,UAAM,cAAc,QAAQ,QAAQ;AACpC,UAAM,OAAO,eAAe,IAAI,QAAQ,IAAI,KAAK,QAAQ;AAGzD,cAAU,KAAK,YAAY,YAAY,IAAI;AAC3C,cAAU,KAAK,wBAAwB,IAAI,gCAAgC;AAC3E,cAAU,KAAK,mBAAmB;AAClC,cAAU,KAAK,GAAG;AAGlB,QAAI,gBAAgB,KAAK;AAEvB,gBAAU,KAAK,kBAAkB,QAAQ,IAAI,EAAE;AAC/C,gBAAU,KAAK,kBAAkB;AAAA,IACnC,OAAO;AAEL,gBAAU,KAAK,kBAAkB,QAAQ,IAAI,EAAE;AAC/C,gBAAU,KAAK,gBAAgB,WAAW,IAAI;AAAA,IAChD;AAEA,cAAU,KAAK,6BAA6B,YAAY,GAAG;AAC3D,cAAU,KAAK,iCAAiC;AAChD,cAAU,KAAK,iDAAiD;AAChE,cAAU,KAAK,gDAAgD;AAC/D,cAAU,KAAK,sCAAsC;AACrD,cAAU,KAAK,kDAAkD;AACjE,cAAU,KAAK,sEAAsE;AACrF,cAAU,KAAK,qDAAqD;AACpE,cAAU,KAAK,2CAA2C;AAC1D,cAAU,KAAK,oCAAoC;AACnD,cAAU,KAAK,iCAAiC;AAChD,cAAU,KAAK,iCAAiC;AAChD,cAAU,KAAK,OAAO;AAGtB,QAAI,QAAQ,aAAa;AACvB,mBAAa,KAAK,0BAA0B,QAAQ,IAAI,EAAE;AAC1D,mBAAa,KAAK,gBAAgB,QAAQ,YAAY,IAAI,IAAI;AAC9D,mBAAa,KAAK,6BAA6B,YAAY,GAAG;AAC9D,mBAAa,KAAK,yBAAyB;AAC3C,mBAAa,KAAK,OAAO;AAAA,IAC3B;AAAA,EACF;AAEA,MAAI,SAAS,6BAA6B,MAAM;AAAA;AAChD,YAAU;AAAA;AAAA;AAGV,YAAU,UAAU,KAAK,IAAI,IAAI;AAEjC,MAAI,WAAW;AAEb,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,MAAM;AAAA;AAAA;AACnC,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAGV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,MAAM;AAAA;AAAA;AAGnC,cAAU;AAAA;AACV,cAAU,6CAA6C,MAAM;AAAA;AAC7D,cAAU,iDAAiD,MAAM;AAAA;AACjE,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AAAA;AAAA,EACZ,OAAO;AAEL,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU;AAAA;AACV,cAAU,mBAAmB,MAAM;AAAA;AAAA;AAAA,EACrC;AAGA,YAAU;AAAA;AACV,YAAU,iCAAiC,MAAM;AAAA;AACjD,YAAU,gCAAgC,MAAM;AAAA;AAAA;AAGhD,YAAU;AAAA;AACV,YAAU;AAAA;AAAA;AAGV,YAAU;AAAA;AACV,YAAU,UAAU,KAAK,IAAI,IAAI;AAGjC,MAAI,aAAa,SAAS,GAAG;AAC3B,cAAU;AAAA;AACV,cAAU,aAAa,KAAK,IAAI,IAAI;AAAA,EACtC;AAEA,YAAU;AAAA;AAEV,SAAO;AACT;AAaA,eAAsB,iBACpB,YACA,YACA,eACkB;AAClB,QAAM,iBAAiB,KAAK,KAAK,YAAY,GAAG,UAAU,OAAO;AACjE,QAAM,SAAS,MAAM,GAAG,WAAW,cAAc;AAGjD,MAAI,QAAQ;AACV,UAAM,GAAG,OAAO,cAAc;AAAA,EAChC;AAGA,QAAM,GAAG,UAAU,gBAAgB,aAAa;AAEhD,SAAO;AACT;AAKA,eAAsB,WAAW,UAAkB,YAAmC;AACpF,QAAM,gBAAgB,KAAK,KAAK,YAAY,GAAG,QAAQ,OAAO;AAC9D,QAAM,cAAc,cAAc,QAAQ,mBAAmB,eAAe;AAG5E,QAAM,GAAG,UAAU,KAAK,QAAQ,WAAW,CAAC;AAG5C,MAAI,MAAM,GAAG,WAAW,WAAW,GAAG;AACpC,UAAM,GAAG,OAAO,WAAW;AAAA,EAC7B;AAGA,QAAM,MAAM,QAAQ,CAAC,MAAM,OAAO,eAAe,WAAW,CAAC;AAC/D;AAKA,eAAsB,YAAY,eAAsC;AACtE,MAAI;AAEF,UAAM,MAAM,QAAQ,CAAC,SAAS,IAAI,CAAC;AAGnC,UAAM,QAAQ,cAAc,MAAM,GAAG;AACrC,QAAI,MAAM,SAAS,GAAG;AAEpB,YAAM,MAAM,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,GAAG,EAAE,OAAO,MAAM;AAAA,IACvD;AAAA,EACF,SAAS,OAAO;AACd,UAAM,IAAI,MAAM,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,KAAK,EAAE;AAAA,EAC7F;AACF;AAKA,eAAsB,YAAY,UAAkB,YAAmC;AACrF,QAAM,cAAc,KAAK;AAAA,IACvB,WAAW,QAAQ,mBAAmB,eAAe;AAAA,IACrD,GAAG,QAAQ;AAAA,EAAA;AAGb,MAAI,MAAM,GAAG,WAAW,WAAW,GAAG;AACpC,UAAM,GAAG,OAAO,WAAW;AAAA,EAC7B;AACF;"}

package/docs/README.md

@@ -1,62 +1,38 @@
 # Suthep Documentation
 
-Welcome to the Suthep documentation! This guide will help you understand and use Suthep, a powerful CLI tool for deploying projects with automatic Nginx reverse proxy setup, HTTPS with Certbot, and zero-downtime deployments.
+Welcome to the Suthep documentation! Choose your preferred language:
 
-## Table of Contents
+## Available Languages
 
-1. [Getting Started](./getting-started.md) - Installation and quick start guide
-2. [Configuration Reference](./configuration.md) - Complete configuration file reference
-3. [Commands Reference](./commands.md) - Detailed command documentation
-4. [Architecture](./architecture.md) - How Suthep works under the hood
-5. [Examples](./examples.md) - Real-world deployment examples
-6. [Troubleshooting](./troubleshooting.md) - Common issues and solutions
-7. [API Reference](./api-reference.md) - Internal utilities and functions
+- 🇬🇧 [English Documentation](./english/README.md) - English user guide
+- 🇹🇭 [Thai Documentation](./thai/README.md) - คู่มือผู้ใช้ภาษาไทย
 
-## What is Suthep?
+## Documentation Structure
 
-Suthep is a deployment automation tool that simplifies the process of deploying web services with:
+Both language versions include:
 
-- ✅ **Automatic Nginx reverse proxy setup** - No manual Nginx configuration needed
-- ✅ **Automatic HTTPS with Certbot** - Free SSL certificates from Let's Encrypt
-- ✅ **Zero-downtime deployment** - Rolling and blue-green deployment strategies
-- ✅ **Docker container support** - Deploy containerized applications easily
-- ✅ **Multiple domain/subdomain support** - One service, multiple domains
-- ✅ **Health check integration** - Ensure services are healthy before going live
-- ✅ **YAML-based configuration** - Simple, declarative configuration
+1. **Introduction** - Overview of Suthep and its features
+2. **Installation** - Step-by-step installation guide
+3. **Quick Start** - Get started in minutes
+4. **Configuration Guide** - Complete configuration reference
+5. **Commands Reference** - All available commands
+6. **Examples** - Real-world deployment examples
+7. **Troubleshooting** - Common issues and solutions
+8. **Advanced Topics** - Advanced configuration and optimization
 
-## Quick Start
+## Quick Links
 
-```bash
-# Install dependencies
-npm install
-npm link
+### English
+- [Start Here](./english/README.md)
+- [Quick Start Guide](./english/03-quick-start.md)
+- [Configuration Reference](./english/04-configuration.md)
 
-# Initialize configuration
-suthep init
+### Thai
+- [เริ่มต้นที่นี่](./thai/README.md)
+- [คู่มือเริ่มต้นใช้งาน](./thai/03-quick-start.md)
+- [คู่มือการตั้งค่า](./thai/04-configuration.md)
 
-# Setup prerequisites
-suthep setup
+---
 
-# Deploy your services
-suthep deploy
-```
+For the main project README, see [../README.md](../README.md)
 
-## Requirements
-
-- Node.js 16+
-- Nginx (installed via `suthep setup`)
-- Certbot (installed via `suthep setup`)
-- Docker (optional, for Docker-based services)
-- sudo access (for Nginx and Certbot operations)
-
-## Cost Optimization
-
-Suthep helps save costs on VMs by:
-- Efficiently managing multiple services on a single server
-- Automatic reverse proxy setup reduces manual configuration time
-- Zero-downtime deployments reduce service interruptions
-- Health checks ensure service reliability
-
-## License
-
-[MIT](../LICENSE)

package/docs/english/01-introduction.md

@@ -0,0 +1,84 @@
+# Introduction to Suthep
+
+## What is Suthep?
+
+Suthep is a command-line tool designed to simplify the deployment of web applications and services. It automates the complex process of setting up reverse proxies, SSL certificates, and managing deployments with zero downtime.
+
+## Why Use Suthep?
+
+### Simplified Deployment
+
+Traditional deployment processes require manual configuration of:
+- Nginx reverse proxy rules
+- SSL certificate management
+- Docker container orchestration
+- Health check monitoring
+- Zero-downtime deployment strategies
+
+Suthep handles all of this automatically with a simple YAML configuration file.
+
+### Key Benefits
+
+1. **Time Savings** - Deploy in minutes instead of hours
+2. **Reduced Errors** - Automated configuration reduces human error
+3. **Zero Downtime** - Rolling deployments ensure continuous service availability
+4. **Easy Management** - Simple commands to deploy, update, and manage services
+5. **Cost Effective** - Run multiple services on a single server efficiently
+
+## How It Works
+
+Suthep follows a simple workflow:
+
+1. **Configure** - Create a `suthep.yml` configuration file
+2. **Setup** - Install prerequisites (Nginx, Certbot) with `suthep setup`
+3. **Deploy** - Deploy your services with `suthep deploy`
+
+Behind the scenes, Suthep:
+- Generates Nginx configuration files
+- Obtains SSL certificates from Let's Encrypt
+- Manages Docker containers
+- Performs health checks
+- Handles zero-downtime deployments
+
+## Use Cases
+
+Suthep is ideal for:
+
+- **Small to Medium Applications** - Deploy multiple services on a single server
+- **Microservices** - Manage multiple services with different domains
+- **Docker Applications** - Deploy containerized applications easily
+- **API Services** - Set up reverse proxies for API endpoints
+- **Web Applications** - Deploy web apps with automatic HTTPS
+
+## What You'll Learn
+
+In this guide, you'll learn:
+
+- How to install and set up Suthep
+- How to create and configure deployment files
+- How to use all available commands
+- How to deploy different types of services
+- How to troubleshoot common issues
+- Advanced configuration options
+
+## Prerequisites
+
+Before using Suthep, you should have:
+
+- **Node.js 16+** installed
+- **sudo/administrator access** on your server
+- **Domain names** pointing to your server (for HTTPS)
+- **Basic knowledge** of YAML configuration files
+- **Docker** (optional, only if deploying Docker containers)
+
+## Next Steps
+
+Ready to get started? Continue to:
+
+- [Installation Guide](./02-installation.md) - Install Suthep on your system
+- [Quick Start Guide](./03-quick-start.md) - Deploy your first service
+
+---
+
+**Previous:** [README](./README.md) | **Next:** [Installation →](./02-installation.md)
+

package/docs/english/02-installation.md

@@ -0,0 +1,200 @@
+# Installation Guide
+
+This guide will walk you through installing Suthep on your system.
+
+## System Requirements
+
+Before installing Suthep, ensure your system meets these requirements:
+
+- **Node.js** version 16 or higher
+- **npm**, **yarn**, or **pnpm** package manager
+- **sudo/administrator privileges** (required for Nginx and Certbot setup)
+- **Linux** or **macOS** operating system
+
+## Installing Suthep
+
+Suthep can be installed globally using any Node.js package manager.
+
+### Using npm
+
+```bash
+npm install -g suthep
+```
+
+### Using yarn
+
+```bash
+yarn global add suthep
+```
+
+### Using pnpm
+
+```bash
+pnpm add -g suthep
+```
+
+## Verify Installation
+
+After installation, verify that Suthep is installed correctly:
+
+```bash
+suthep --version
+```
+
+You should see the version number (e.g., `0.1.0-beta.1`).
+
+You can also check the help menu:
+
+```bash
+suthep --help
+```
+
+## Installing Prerequisites
+
+Suthep requires Nginx and Certbot to function. You can install these automatically using the `setup` command:
+
+```bash
+suthep setup
+```
+
+This command will:
+- Install Nginx (if not already installed)
+- Install Certbot (if not already installed)
+- Configure system dependencies
+
+### Manual Installation (Optional)
+
+If you prefer to install prerequisites manually:
+
+#### Nginx Installation
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get update
+sudo apt-get install -y nginx
+```
+
+**CentOS/RHEL:**
+```bash
+sudo yum install -y nginx
+```
+
+**macOS:**
+```bash
+brew install nginx
+```
+
+#### Certbot Installation
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get update
+sudo apt-get install -y certbot python3-certbot-nginx
+```
+
+**CentOS/RHEL:**
+```bash
+sudo yum install -y certbot python3-certbot-nginx
+```
+
+**macOS:**
+```bash
+brew install certbot
+```
+
+## Docker (Optional)
+
+If you plan to deploy Docker containers, install Docker:
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get update
+sudo apt-get install -y docker.io
+sudo systemctl start docker
+sudo systemctl enable docker
+```
+
+**macOS:**
+```bash
+brew install docker
+```
+
+Or download Docker Desktop from [docker.com](https://www.docker.com/products/docker-desktop).
+
+## Post-Installation
+
+After installation, you're ready to:
+
+1. **Initialize your first configuration:**
+   ```bash
+   suthep init
+   ```
+
+2. **Or continue to the Quick Start guide:**
+   See [Quick Start Guide](./03-quick-start.md)
+
+## Troubleshooting Installation
+
+### Command Not Found
+
+If you get a "command not found" error:
+
+1. **Check Node.js installation:**
+   ```bash
+   node --version
+   npm --version
+   ```
+
+2. **Verify global bin path:**
+   ```bash
+   npm config get prefix
+   ```
+
+3. **Add npm global bin to PATH** (if needed):
+   ```bash
+   export PATH="$PATH:$(npm config get prefix)/bin"
+   ```
+
+### Permission Errors
+
+If you encounter permission errors:
+
+1. **Use sudo for global installation:**
+   ```bash
+   sudo npm install -g suthep
+   ```
+
+2. **Or configure npm to use a different directory:**
+   ```bash
+   mkdir ~/.npm-global
+   npm config set prefix '~/.npm-global'
+   export PATH=~/.npm-global/bin:$PATH
+   ```
+
+### Nginx/Certbot Installation Issues
+
+If `suthep setup` fails:
+
+1. **Check your package manager:**
+   - Ubuntu/Debian: Ensure `apt-get` is available
+   - CentOS/RHEL: Ensure `yum` is available
+   - macOS: Ensure Homebrew is installed
+
+2. **Run setup with verbose output:**
+   ```bash
+   suthep setup --verbose
+   ```
+
+3. **Install prerequisites manually** (see Manual Installation above)
+
+## Next Steps
+
+Now that Suthep is installed:
+
+- [Quick Start Guide](./03-quick-start.md) - Deploy your first service
+- [Configuration Guide](./04-configuration.md) - Learn about configuration options
+
+---
+
+**Previous:** [Introduction](./01-introduction.md) | **Next:** [Quick Start →](./03-quick-start.md)
+