telegram-ssh-bot 2.0.0 → 2.3.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 farhanzzg
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -26,29 +26,47 @@ A secure, production-ready Telegram bot for remote SSH server management.
 
 ### Prerequisites
 
-- Node.js 18+ (for development)
-- Linux (for production deployment)
+- Node.js 18+ (for npm/pnpm installation or development)
+- Linux (for production deployment with systemd)
 
 ### Installation
 
-#### From Binary (Recommended)
+#### Option 1: npm/pnpm Global (Recommended)
+
+```bash
+# Install globally with npm
+npm install -g telegram-ssh-bot
+
+# Or with pnpm
+pnpm add -g telegram-ssh-bot
+
+# The .env file is auto-generated at ~/.config/telegram-ssh-bot/.env
+# Edit with your credentials
+nano ~/.config/telegram-ssh-bot/.env
+
+# Start the bot
+telegram-ssh-bot
+```
+
+#### Option 2: Binary Installation
 
 ```bash
 # Download and install
 ./deploy/install.sh
 
-# Configure
+# The .env file is auto-generated at ~/.config/telegram-ssh-bot/.env
+# Edit with your credentials
 nano ~/.config/telegram-ssh-bot/.env
 
-# Start
+# Start with systemd
 ./deploy/manage.sh start
 ```
 
-#### From Source
+#### Option 3: From Source
 
 ```bash
 # Clone and build
-git clone https://github.com/user/telegram-ssh-bot.git
+git clone https://github.com/farhanzzg/telegram-ssh.git
 cd telegram-ssh-bot
 npm install
 npm run build:binary
@@ -59,40 +77,103 @@ npm run build:binary
 
 ## Configuration
 
-Create `~/.config/telegram-ssh-bot/.env`:
+The configuration file is automatically generated at `~/.config/telegram-ssh-bot/.env` during installation. The encryption key is also auto-generated for you.
 
 ```bash
 # Required
 BOT_TOKEN=your_telegram_bot_token
 BOT_CHAT_ID=your_chat_id
 BOT_OWNER_IDS=123456789,987654321
-ENCRYPTION_KEY=64_char_hex_key
+ENCRYPTION_KEY=auto_generated_64_char_hex_key
 
-# Optional
-LOG_LEVEL=info
+# SSH Configuration
+SSH_DEFAULT_PORT=22
+SSH_CONNECTION_TIMEOUT=30000
 SSH_COMMAND_TIMEOUT=30000
+SSH_DEFAULT_PRIVATE_KEY_PATH=
+
+# Rate Limiting
+RATE_LIMIT_WINDOW_MS=60000
+RATE_LIMIT_MAX_REQUESTS=100
+
+# Backup
+BACKUP_ENABLED=true
+BACKUP_INTERVAL_MS=3600000
+BACKUP_MAX_COUNT=10
+
+# Monitoring
+MONITORING_ENABLED=true
+MONITORING_INTERVAL_MS=300000
+
+# Logging (Optional)
+LOG_LEVEL=info
 ```
 
 ### Configuration Options
 
-| Variable              | Required | Description                                                       |
-| --------------------- | -------- | ----------------------------------------------------------------- |
-| `BOT_TOKEN`           | Yes      | Telegram bot token from [@BotFather](https://t.me/botfather)      |
-| `BOT_CHAT_ID`         | Yes      | Primary chat ID for notifications                                 |
-| `BOT_OWNER_IDS`       | Yes      | Comma-separated list of authorized user IDs                       |
-| `ENCRYPTION_KEY`      | Yes      | 64-character hex key for credential encryption                    |
-| `LOG_LEVEL`           | No       | Logging level: `error`, `warn`, `info`, `debug` (default: `info`) |
-| `SSH_COMMAND_TIMEOUT` | No       | Command timeout in ms (default: `30000`)                          |
-| `BACKUP_INTERVAL`     | No       | Backup interval in ms (default: `3600000`)                        |
-| `MAX_CONNECTIONS`     | No       | Max SSH connections in pool (default: `10`)                       |
+#### Required Variables
+
+| Variable         | Description                                                     |
+| ---------------- | --------------------------------------------------------------- |
+| `BOT_TOKEN`      | Telegram bot token from [@BotFather](https://t.me/botfather)    |
+| `BOT_CHAT_ID`    | Primary chat ID for notifications                               |
+| `BOT_OWNER_IDS`  | Comma-separated list of authorized user IDs                     |
+| `ENCRYPTION_KEY` | 64-character hex key for credential encryption (auto-generated) |
 
-### Generating Encryption Key
+#### SSH Configuration
+
+| Variable                       | Default         | Description                      |
+| ------------------------------ | --------------- | -------------------------------- |
+| `SSH_DEFAULT_PORT`             | `22`            | Default SSH port for new servers |
+| `SSH_CONNECTION_TIMEOUT`       | `30000`         | Connection timeout in ms         |
+| `SSH_COMMAND_TIMEOUT`          | `30000`         | Command execution timeout in ms  |
+| `SSH_DEFAULT_PRIVATE_KEY_PATH` | `~/.ssh/id_rsa` | Default private key path         |
+
+#### Rate Limiting
+
+| Variable                  | Default | Description                        |
+| ------------------------- | ------- | ---------------------------------- |
+| `RATE_LIMIT_WINDOW_MS`    | `60000` | Rate limit window in ms (1 minute) |
+| `RATE_LIMIT_MAX_REQUESTS` | `100`   | Max requests per window            |
+
+#### Backup Configuration
+
+| Variable             | Default   | Description                    |
+| -------------------- | --------- | ------------------------------ |
+| `BACKUP_ENABLED`     | `true`    | Enable automatic backups       |
+| `BACKUP_INTERVAL_MS` | `3600000` | Backup interval in ms (1 hour) |
+| `BACKUP_MAX_COUNT`   | `10`      | Maximum backup files to keep   |
+
+#### Monitoring Configuration
+
+| Variable                 | Default  | Description                         |
+| ------------------------ | -------- | ----------------------------------- |
+| `MONITORING_ENABLED`     | `true`   | Enable health monitoring            |
+| `MONITORING_INTERVAL_MS` | `300000` | Health check interval in ms (5 min) |
+
+#### Optional Variables
+
+| Variable      | Default | Description                                           |
+| ------------- | ------- | ----------------------------------------------------- |
+| `LOG_LEVEL`   | `info`  | Logging level: `error`, `warn`, `info`, `debug`       |
+| `BOT_API_URL` | -       | Custom Telegram Bot API URL (for proxies/middlewares) |
+
+### Auto-Generated Configuration
+
+During installation, the following are automatically generated:
+
+- **Configuration file**: `~/.config/telegram-ssh-bot/.env`
+- **Encryption key**: Secure 64-character hex key (32 bytes)
+
+If you need to regenerate the encryption key:
 
 ```bash
 # Generate a secure 64-character hex key
 openssl rand -hex 32
 ```
 
+> **Note**: Changing the encryption key will make previously encrypted credentials unreadable. You'll need to re-add your servers after changing the key.
+
 ## Usage
 
 ### Bot Commands

package/deploy/.env.example

@@ -0,0 +1,86 @@
+# =============================================================================
+# Telegram SSH Bot Configuration
+# =============================================================================
+# Copy this file to ~/.config/telegram-ssh-bot/.env and fill in your values
+# =============================================================================
+
+# -----------------------------------------------------------------------------
+# Telegram Bot Configuration
+# -----------------------------------------------------------------------------
+# Your Telegram bot token obtained from @BotFather
+BOT_TOKEN=your_telegram_bot_token_here
+
+# The default chat ID for notifications (your personal chat or a group)
+# Use @userinfobot to get your chat ID
+BOT_CHAT_ID=your_chat_id_here
+
+# Comma-separated list of Telegram user IDs who can control the bot
+# These users will have full access to all bot commands
+BOT_OWNER_IDS=123456789,987654321
+
+# -----------------------------------------------------------------------------
+# Security
+# -----------------------------------------------------------------------------
+# Encryption key for sensitive data (64 hex characters = 32 bytes)
+# A secure key will be auto-generated during installation
+# You can generate a new one with: openssl rand -hex 32
+ENCRYPTION_KEY=
+
+# -----------------------------------------------------------------------------
+# SSH Configuration
+# -----------------------------------------------------------------------------
+# Default SSH port for new server connections
+SSH_DEFAULT_PORT=22
+
+# Timeout for establishing SSH connections (in milliseconds)
+SSH_CONNECTION_TIMEOUT=30000
+
+# Timeout for executing SSH commands (in milliseconds)
+SSH_COMMAND_TIMEOUT=30000
+
+# Default path to SSH private key (leave empty to use ~/.ssh/id_rsa)
+# Example: /home/user/.ssh/custom_key
+SSH_DEFAULT_PRIVATE_KEY_PATH=
+
+# -----------------------------------------------------------------------------
+# Rate Limiting
+# -----------------------------------------------------------------------------
+# Time window for rate limiting (in milliseconds)
+# Default: 60000 (1 minute)
+RATE_LIMIT_WINDOW_MS=60000
+
+# Maximum number of requests allowed within the rate limit window
+RATE_LIMIT_MAX_REQUESTS=100
+
+# -----------------------------------------------------------------------------
+# Backup Configuration
+# -----------------------------------------------------------------------------
+# Enable automatic backup of server configurations
+BACKUP_ENABLED=true
+
+# Interval between automatic backups (in milliseconds)
+# Default: 3600000 (1 hour)
+BACKUP_INTERVAL_MS=3600000
+
+# Maximum number of backup files to keep
+# Older backups will be automatically deleted
+BACKUP_MAX_COUNT=10
+
+# -----------------------------------------------------------------------------
+# Monitoring Configuration
+# -----------------------------------------------------------------------------
+# Enable automatic server health monitoring
+MONITORING_ENABLED=true
+
+# Interval between health checks (in milliseconds)
+# Default: 300000 (5 minutes)
+MONITORING_INTERVAL_MS=300000
+
+# -----------------------------------------------------------------------------
+# Logging Configuration (Optional)
+# -----------------------------------------------------------------------------
+# Log level: debug, info, warn, error
+# LOG_LEVEL=info
+
+# Log file name (stored in config directory)
+# LOG_FILE=telegram-ssh-bot.log

package/dist/config/index.d.ts

@@ -0,0 +1,77 @@
+/**
+ * Configuration loader module with hot reload support
+ */
+import "dotenv/config";
+import { EventEmitter } from "events";
+import type { AppConfig } from "../types/index.js";
+/**
+ * Configuration reload event
+ */
+export interface ConfigReloadEvent {
+    oldConfig: AppConfig;
+    newConfig: AppConfig;
+    changedKeys: string[];
+    timestamp: Date;
+}
+/**
+ * Configuration reloader for hot reload support
+ */
+export declare class ConfigReloader extends EventEmitter {
+    private currentConfig;
+    private readonly envPath;
+    private watcher;
+    private reloadDebounce;
+    private reloadPromise;
+    constructor(initialConfig: AppConfig, envPath?: string);
+    /**
+     * Start watching for configuration changes
+     */
+    startWatching(): void;
+    /**
+     * Stop watching for configuration changes
+     */
+    stopWatching(): void;
+    /**
+     * Get current configuration
+     */
+    getConfig(): AppConfig;
+    /**
+     * Schedule a configuration reload (debounced)
+     */
+    private scheduleReload;
+    /**
+     * Reload configuration from environment
+     * Uses promise-based locking to prevent race conditions
+     */
+    reload(): Promise<boolean>;
+    /**
+     * Internal reload implementation
+     */
+    private doReload;
+    /**
+     * Load .env file manually
+     */
+    private loadEnvFile;
+    /**
+     * Find changed keys between two configurations
+     */
+    private findChangedKeys;
+}
+/**
+ * Load and validate configuration from environment
+ */
+export declare function loadConfig(): Promise<AppConfig>;
+/**
+ * Validate that owner IDs are configured
+ */
+export declare function validateOwnerIds(config: AppConfig): void;
+/**
+ * Check if the installation wizard should run
+ * Returns true if required environment variables are missing
+ */
+export declare function shouldRunWizard(): boolean;
+/**
+ * Get list of missing required configuration keys
+ */
+export declare function getMissingConfigKeys(): string[];
+//# sourceMappingURL=index.d.ts.map

package/dist/config/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,eAAe,CAAC;AACvB,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAItC,OAAO,KAAK,EACV,SAAS,EAIV,MAAM,mBAAmB,CAAC;AAI3B;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,SAAS,CAAC;IACrB,SAAS,EAAE,SAAS,CAAC;IACrB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,cAAe,SAAQ,YAAY;IAC9C,OAAO,CAAC,aAAa,CAAY;IACjC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,OAAO,CAAyC;IACxD,OAAO,CAAC,cAAc,CAA+B;IACrD,OAAO,CAAC,aAAa,CAAiC;gBAE1C,aAAa,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,MAAM;IAMtD;;OAEG;IACH,aAAa,IAAI,IAAI;IAqBrB;;OAEG;IACH,YAAY,IAAI,IAAI;IAWpB;;OAEG;IACH,SAAS,IAAI,SAAS;IAItB;;OAEG;IACH,OAAO,CAAC,cAAc;IAUtB;;;OAGG;IACG,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;IAgBhC;;OAEG;YACW,QAAQ;IAqCtB;;OAEG;YACW,WAAW;IAqBzB;;OAEG;IACH,OAAO,CAAC,eAAe;CAiCxB;AAkFD;;GAEG;AACH,wBAAsB,UAAU,IAAI,OAAO,CAAC,SAAS,CAAC,CAsFrD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAMxD;AAED;;;GAGG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAGzC;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,EAAE,CAE/C"}

package/dist/config/index.js

@@ -0,0 +1,333 @@
+/**
+ * Configuration loader module with hot reload support
+ */
+import "dotenv/config";
+import { EventEmitter } from "events";
+import { existsSync, watch } from "fs";
+import * as path from "path";
+import { InvalidConfigError, MissingConfigError } from "../errors/index.js";
+import { expandTilde } from "../utils/pathUtils.js";
+import { configSchema } from "./schema.js";
+/**
+ * Configuration reloader for hot reload support
+ */
+export class ConfigReloader extends EventEmitter {
+    currentConfig;
+    envPath;
+    watcher = null;
+    reloadDebounce = null;
+    reloadPromise = null;
+    constructor(initialConfig, envPath) {
+        super();
+        this.currentConfig = initialConfig;
+        this.envPath = envPath ?? path.resolve(process.cwd(), ".env");
+    }
+    /**
+     * Start watching for configuration changes
+     */
+    startWatching() {
+        if (this.watcher) {
+            return;
+        }
+        // Check if .env file exists
+        if (!existsSync(this.envPath)) {
+            return;
+        }
+        this.watcher = watch(this.envPath, (eventType) => {
+            if (eventType === "change") {
+                this.scheduleReload();
+            }
+        });
+        this.watcher.on("error", (error) => {
+            this.emit("error", error);
+        });
+    }
+    /**
+     * Stop watching for configuration changes
+     */
+    stopWatching() {
+        if (this.watcher) {
+            this.watcher.close();
+            this.watcher = null;
+        }
+        if (this.reloadDebounce) {
+            clearTimeout(this.reloadDebounce);
+            this.reloadDebounce = null;
+        }
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return this.currentConfig;
+    }
+    /**
+     * Schedule a configuration reload (debounced)
+     */
+    scheduleReload() {
+        if (this.reloadDebounce) {
+            clearTimeout(this.reloadDebounce);
+        }
+        this.reloadDebounce = setTimeout(() => {
+            this.reload();
+        }, 1000); // 1 second debounce
+    }
+    /**
+     * Reload configuration from environment
+     * Uses promise-based locking to prevent race conditions
+     */
+    async reload() {
+        // If already reloading, return the existing promise
+        if (this.reloadPromise) {
+            return this.reloadPromise;
+        }
+        // Create a new reload operation
+        this.reloadPromise = this.doReload();
+        try {
+            return await this.reloadPromise;
+        }
+        finally {
+            this.reloadPromise = null;
+        }
+    }
+    /**
+     * Internal reload implementation
+     */
+    async doReload() {
+        try {
+            // Re-read .env file
+            const result = await this.loadEnvFile();
+            if (!result.success) {
+                this.emit("error", new Error(`Failed to reload .env: ${result.error}`));
+                return false;
+            }
+            // Load new configuration
+            const newConfig = await loadConfig();
+            const changedKeys = this.findChangedKeys(this.currentConfig, newConfig);
+            if (changedKeys.length === 0) {
+                return false;
+            }
+            const event = {
+                oldConfig: this.currentConfig,
+                newConfig,
+                changedKeys,
+                timestamp: new Date(),
+            };
+            this.currentConfig = newConfig;
+            this.emit("reload", event);
+            return true;
+        }
+        catch (error) {
+            this.emit("error", error instanceof Error ? error : new Error(String(error)));
+            return false;
+        }
+    }
+    /**
+     * Load .env file manually
+     */
+    async loadEnvFile() {
+        try {
+            if (!existsSync(this.envPath)) {
+                return { success: false, error: ".env file not found" };
+            }
+            // Re-import dotenv to reload
+            // Note: This is a simplified approach; in production you might want
+            // to manually parse the .env file and update process.env
+            const { config } = await import("dotenv");
+            config({ path: this.envPath, override: true });
+            return { success: true };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+        }
+    }
+    /**
+     * Find changed keys between two configurations
+     */
+    findChangedKeys(old, new_) {
+        const changed = [];
+        // Compare telegram config
+        if (old.telegram.token !== new_.telegram.token)
+            changed.push("telegram.token");
+        if (old.telegram.chatId !== new_.telegram.chatId)
+            changed.push("telegram.chatId");
+        if (JSON.stringify(old.telegram.ownerIds) !==
+            JSON.stringify(new_.telegram.ownerIds)) {
+            changed.push("telegram.ownerIds");
+        }
+        // Compare security config
+        if (old.security.encryptionKey !== new_.security.encryptionKey) {
+            changed.push("security.encryptionKey");
+        }
+        if (old.security.rateLimit.enabled !== new_.security.rateLimit.enabled) {
+            changed.push("security.rateLimit.enabled");
+        }
+        if (old.security.rateLimit.maxRequests !== new_.security.rateLimit.maxRequests) {
+            changed.push("security.rateLimit.maxRequests");
+        }
+        // Compare logging config
+        if (old.logging.level !== new_.logging.level)
+            changed.push("logging.level");
+        return changed;
+    }
+}
+/**
+ * Required environment variable keys
+ */
+const REQUIRED_ENV_KEYS = [
+    "BOT_TOKEN",
+    "BOT_CHAT_ID",
+    "ENCRYPTION_KEY",
+];
+/**
+ * Collect all missing required environment variables
+ */
+function getMissingEnvKeys() {
+    const missing = [];
+    for (const key of REQUIRED_ENV_KEYS) {
+        if (!process.env[key]) {
+            missing.push(key);
+        }
+    }
+    return missing;
+}
+/**
+ * Get required environment variable or throw error
+ */
+function getRequiredEnv(key) {
+    const value = process.env[key];
+    if (!value) {
+        throw new MissingConfigError(key);
+    }
+    return value;
+}
+/**
+ * Get optional environment variable with default
+ */
+function getOptionalEnv(key, defaultValue) {
+    return process.env[key] ?? defaultValue;
+}
+/**
+ * Parse comma-separated string to array
+ */
+function parseArray(value, defaultValue) {
+    if (!value) {
+        return defaultValue;
+    }
+    return value
+        .split(",")
+        .map((s) => s.trim())
+        .filter((s) => s.length > 0);
+}
+/**
+ * Parse boolean from string
+ */
+function parseBoolean(value, defaultValue) {
+    if (value === undefined) {
+        return defaultValue;
+    }
+    return value.toLowerCase() === "true" || value === "1";
+}
+/**
+ * Parse number from string
+ */
+function parseNumber(value, defaultValue) {
+    if (value === undefined) {
+        return defaultValue;
+    }
+    const parsed = parseInt(value, 10);
+    return isNaN(parsed) ? defaultValue : parsed;
+}
+/**
+ * Load and validate configuration from environment
+ */
+export async function loadConfig() {
+    // Check for all missing required environment variables upfront
+    const missingKeys = getMissingEnvKeys();
+    if (missingKeys.length > 0) {
+        throw new InvalidConfigError(`Missing required environment variables: ${missingKeys.join(", ")}. ` +
+            `Please set these in your .env file or environment.`);
+    }
+    // Build config from environment variables
+    const envConfig = {
+        telegram: {
+            token: getRequiredEnv("BOT_TOKEN"),
+            chatId: getRequiredEnv("BOT_CHAT_ID"),
+            ownerIds: parseArray(process.env.BOT_OWNER_IDS, []),
+            polling: parseBoolean(process.env.BOT_POLLING, true),
+        },
+        security: {
+            encryptionKey: getRequiredEnv("ENCRYPTION_KEY"),
+            rateLimit: {
+                enabled: parseBoolean(process.env.RATE_LIMIT_ENABLED, true),
+                windowMs: parseNumber(process.env.RATE_LIMIT_WINDOW_MS, 60000),
+                maxRequests: parseNumber(process.env.RATE_LIMIT_MAX_REQUESTS, 30),
+                skipFailedRequests: parseBoolean(process.env.RATE_LIMIT_SKIP_FAILED, false),
+            },
+            allowedCommands: parseArray(process.env.ALLOWED_COMMANDS, []),
+            blockedCommands: parseArray(process.env.BLOCKED_COMMANDS, []),
+        },
+        ssh: {
+            defaultPrivateKeyPath: expandTilde(getOptionalEnv("SSH_DEFAULT_PRIVATE_KEY_PATH", "~/.ssh/id_rsa")),
+            defaultPort: parseNumber(process.env.SSH_DEFAULT_PORT, 22),
+            connectionTimeout: parseNumber(process.env.SSH_CONNECTION_TIMEOUT, 30000),
+            keepaliveInterval: parseNumber(process.env.SSH_KEEPALIVE_INTERVAL, 10000),
+            maxConnections: parseNumber(process.env.SSH_MAX_CONNECTIONS, 5),
+            commandTimeout: parseNumber(process.env.SSH_COMMAND_TIMEOUT, 60000),
+        },
+        logging: {
+            level: getOptionalEnv("LOG_LEVEL", "info"),
+            format: getOptionalEnv("LOG_FORMAT", "json"),
+            file: process.env.LOG_FILE,
+        },
+        storage: {
+            serversFile: getOptionalEnv("STORAGE_SERVERS_FILE", "./conf/servers.json"),
+            encryptionEnabled: parseBoolean(process.env.STORAGE_ENCRYPTION_ENABLED, true),
+        },
+        backup: {
+            enabled: parseBoolean(process.env.BACKUP_ENABLED, true),
+            intervalMs: parseNumber(process.env.BACKUP_INTERVAL_MS, 3600000),
+            maxCount: parseNumber(process.env.BACKUP_MAX_COUNT, 10),
+        },
+        monitoring: {
+            enabled: parseBoolean(process.env.MONITORING_ENABLED, true),
+            intervalMs: parseNumber(process.env.MONITORING_INTERVAL_MS, 300000),
+        },
+    };
+    // Validate configuration
+    const { error, value } = configSchema.validate(envConfig, {
+        abortEarly: false,
+        allowUnknown: false,
+    });
+    if (error) {
+        const messages = error.details.map((d) => d.message).join(", ");
+        throw new InvalidConfigError(`Configuration validation failed: ${messages}`);
+    }
+    return value;
+}
+/**
+ * Validate that owner IDs are configured
+ */
+export function validateOwnerIds(config) {
+    if (config.telegram.ownerIds.length === 0) {
+        throw new InvalidConfigError("At least one owner ID must be configured via BOT_OWNER_IDS");
+    }
+}
+/**
+ * Check if the installation wizard should run
+ * Returns true if required environment variables are missing
+ */
+export function shouldRunWizard() {
+    const missingKeys = getMissingEnvKeys();
+    return missingKeys.length > 0;
+}
+/**
+ * Get list of missing required configuration keys
+ */
+export function getMissingConfigKeys() {
+    return getMissingEnvKeys();
+}
+//# sourceMappingURL=index.js.map