underpost 2.92.0 → 2.95.1

package/src/cli/index.js

@@ -8,7 +8,6 @@ import UnderpostLxd from './lxd.js';
 import UnderpostBaremetal from './baremetal.js';
 import UnderpostRun from './run.js';
 import Dns from '../server/dns.js';
-import { pbcopy } from '../server/process.js';
 import UnderpostStatic from './static.js';
 
 // Load environment variables from .env file
@@ -35,6 +34,8 @@ program
   .option('--sync-conf', 'Sync configuration to private repositories (requires --deploy-id)')
   .option('--purge', 'Remove deploy ID conf and all related repositories (requires --deploy-id)')
   .option('--dev', 'Sets the development cli context')
+  .option('--default-conf', 'Create default deploy ID conf env files')
+  .option('--conf-workflow-id <workflow-id>', 'Set custom configuration workflow ID for conf generation')
   .description('Initializes a new Underpost project, service, or configuration.')
   .action(Underpost.repo.new);
 
@@ -256,57 +257,7 @@ program
   .option('--ban-both-add', 'Adds IP addresses to both banned ingress and egress lists.')
   .option('--ban-both-remove', 'Removes IP addresses from both banned ingress and egress lists.')
   .description('Displays the current public machine IP addresses.')
-  .action(async (ips = '', options) => {
-    const ipList = ips
-      ? ips
-          .split(',')
-          .map((i) => i.trim())
-          .filter(Boolean)
-      : [];
-
-    if (options.banIngressAdd) {
-      return ipList.forEach((ip) => Dns.banIngress(ip));
-    }
-    if (options.banIngressRemove) {
-      return ipList.forEach((ip) => Dns.unbanIngress(ip));
-    }
-    if (options.banIngressList) {
-      return Dns.listBannedIngress();
-    }
-    if (options.banIngressClear) {
-      return Dns.clearBannedIngress();
-    }
-
-    if (options.banEgressAdd) {
-      return ipList.forEach((ip) => Dns.banEgress(ip));
-    }
-    if (options.banEgressRemove) {
-      return ipList.forEach((ip) => Dns.unbanEgress(ip));
-    }
-    if (options.banEgressList) {
-      return Dns.listBannedEgress();
-    }
-    if (options.banEgressClear) {
-      return Dns.clearBannedEgress();
-    }
-
-    if (options.banBothAdd) {
-      return ipList.forEach((ip) => {
-        Dns.banIngress(ip);
-        Dns.banEgress(ip);
-      });
-    }
-    if (options.banBothRemove) {
-      return ipList.forEach((ip) => {
-        Dns.unbanIngress(ip);
-        Dns.unbanEgress(ip);
-      });
-    }
-
-    const ip = await Dns.getPublicIp();
-    if (options.copy) return pbcopy(ip);
-    return console.log(ip);
-  });
+  .action(Dns.ipDispatcher);
 
 // 'cluster' command: Manage Kubernetes clusters
 program
@@ -412,37 +363,41 @@ program
     if (args[1].init) return Underpost.secret[args[0]].init();
   });
 
-// 'dockerfile-image-build' command: Build Docker images from Dockerfiles
+// 'image'
 program
-  .command('dockerfile-image-build')
+  .command('image')
+  .option(
+    '--build',
+    'Builds a Docker image using Podman, optionally saves it as a tar archive, and loads it into a specified Kubernetes cluster (Kind, Kubeadm, or K3s).',
+  )
+  .option('--ls', 'Lists all available Underpost Dockerfile images.')
+  .option('--rm <image-id>', 'Removes specified Underpost Dockerfile images.')
   .option('--path [path]', 'The path to the Dockerfile directory.')
   .option('--image-name [image-name]', 'Sets a custom name for the Docker image.')
   .option('--image-path [image-path]', 'Sets the output path for the tar image archive.')
   .option('--dockerfile-name [dockerfile-name]', 'Sets a custom name for the Dockerfile.')
   .option('--podman-save', 'Exports the built image as a tar file using Podman.')
-  .option('--kind-load', 'Imports the tar image into a Kind cluster.')
-  .option('--kubeadm-load', 'Imports the tar image into a Kubeadm cluster.')
+  .option('--pull-base', 'Pulls base images and builds a "rockylinux9-underpost" image.')
+  .option('--spec', 'Get current cached list of container images used by all pods')
+  .option('--namespace <namespace>', 'Kubernetes namespace for image operations (defaults to "default").')
+  .option('--kind', 'Set kind cluster env image context management.')
+  .option('--kubeadm', 'Set kubeadm cluster env image context management.')
+  .option('--k3s', 'Set k3s cluster env image context management.')
+  .option('--node-name', 'Set node name for kubeadm or k3s cluster env image context management.')
   .option('--secrets', 'Includes Dockerfile environment secrets during the build.')
   .option('--secrets-path [secrets-path]', 'Specifies a custom path for Dockerfile environment secrets.')
   .option('--reset', 'Performs a build without using the cache.')
   .option('--dev', 'Use development mode.')
-  .option('--k3s-load', 'Loads the image into a K3s cluster.')
-  .description(
-    'Builds a Docker image from a specified Dockerfile with various options for naming, saving, and loading.',
-  )
-  .action(Underpost.image.dockerfile.build);
-
-// 'dockerfile-pull-base-images' command: Pull base Dockerfile images
-program
-  .command('dockerfile-pull-base-images')
-  .option('--path [path]', 'The path to the Dockerfile directory.')
-  .option('--kind-load', 'Imports the pulled image into a Kind cluster.')
-  .option('--kubeadm-load', 'Imports the pulled image into a Kubeadm cluster.')
-  .option('--version', 'Sets a custom version for the base images.')
-  .option('--k3s-load', 'Loads the image into a K3s cluster.')
-  .option('--dev', 'Use development mode.')
-  .description('Pulls required Underpost Dockerfile base images and optionally loads them into clusters.')
-  .action(Underpost.image.dockerfile.pullBaseImages);
+  .option('--pull-dockerhub <dockerhub-image>', 'Sets a custom Docker Hub image for base image pulls.')
+  .description('Manages Docker images, including building, saving, and loading into Kubernetes clusters.')
+  .action(async (options) => {
+    if (options.rm) Underpost.image.rm({ ...options, imageName: options.rm });
+    if (options.ls) Underpost.image.list({ ...options, log: true });
+    if (options.pullBase) Underpost.image.pullBaseImages(options);
+    if (options.build) Underpost.image.build(options);
+    if (options.pullDockerhub)
+      Underpost.image.pullDockerHubImage({ ...options, dockerhubImage: options.pullDockerhub });
+  });
 
 // 'install' command: Fast import npm dependencies
 program
@@ -475,7 +430,10 @@ program
   .option('--hosts <hosts>', 'Comma-separated list of database hosts to filter operations.')
   .option('--paths <paths>', 'Comma-separated list of paths to filter database operations.')
   .option('--ns <ns-name>', 'Kubernetes namespace context for database operations (defaults to "default").')
-  .option('--dry-run', 'Simulates operations without executing them (useful for testing).')
+  .option(
+    '--macro-rollback-export <n-commits-reset>',
+    'Exports a macro rollback script that reverts the last n commits (Git integration required).',
+  )
   .description(
     'Manages database operations with support for MariaDB and MongoDB, including import/export, multi-pod targeting, and Git integration.',
   )
@@ -564,9 +522,10 @@ program
   .option('--ms-interval <ms-interval>', 'Sets a custom millisecond interval for monitoring checks.')
   .option('--now', 'Executes the monitor script immediately.')
   .option('--single', 'Disables recurrence, running the monitor script only once.')
-  .option('--replicas <replicas>', 'Sets a custom number of replicas for monitoring.')
+  .option('--replicas <replicas>', 'Sets a custom number of replicas for monitoring. Defaults to 1.')
   .option('--type <type>', 'Sets a custom monitor type.')
   .option('--sync', 'Synchronizes with current proxy deployments and traffic configurations.')
+  .option('--namespace <namespace>', 'Sets the Kubernetes namespace for the deployment. Defaults to "default".')
   .description('Manages health server monitoring for specified deployments.')
   .action(Underpost.monitor.callback);
 
@@ -589,13 +548,18 @@ program
   .option('--keys-list', 'Lists all ssh keys from current private keys file storage.')
   .option('--hosts-list', 'Lists all ssh hosts from current private keys file storage.')
   .option('--disable-password', 'Disables password authentication for the SSH session.')
+  .option('--key-test', 'Tests the SSH key using ssh-keygen.')
+  .option('--stop', 'Stops the SSH service.')
+  .option('--status', 'Checks the status of the SSH service.')
+  .option('--connect-uri', 'Displays the connection URI.')
+  .option('--copy', 'Copies the connection URI to clipboard.')
   .action(Underpost.ssh.callback);
 
 // 'run' command: Run a script
 program
   .command('run')
   .argument('<runner-id>', `The runner ID to run. Options: ${Object.keys(UnderpostRun.RUNNERS).join(', ')}.`)
-  .argument('[path]', 'The absolute or relative directory path where the script is located.')
+  .argument('[path]', 'The input value, identifier, or path for the operation.')
   .option('--command <command-array>', 'Array of commands to run.')
   .option('--args <args-array>', 'Array of arguments to pass to the command.')
   .option('--dev', 'Sets the development context environment for the script.')
@@ -622,9 +586,10 @@ program
     'Optional: Specifies a comma-separated list of key-value pairs for labels (e.g., "app=my-app,env=prod").',
   )
   .option('--claim-name <name>', 'Optional: Specifies the claim name for volume mounting in deploy-job.')
-  .option('--kind <kind-type>', 'Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.')
-  .option('--kubeadm', 'Flag to indicate Kubeadm cluster type context')
-  .option('--k3s', 'Flag to indicate K3s cluster type context')
+  .option(
+    '--kind-type <kind-type>',
+    'Specifies the kind of Kubernetes resource (e.g., Job, Deployment) for deploy-job.',
+  )
   .option('--force', 'Forces operation, overriding any warnings or conflicts.')
   .option('--tls', 'Enables TLS for the runner execution.')
   .option('--reset', 'Resets the runner state before execution.')
@@ -642,7 +607,17 @@ program
   .option('--expose', 'Enables service exposure for the runner execution.')
   .option('--conf-server-path <conf-server-path>', 'Sets a custom configuration server path.')
   .option('--underpost-root <underpost-root>', 'Sets a custom Underpost root path.')
-  .description('Runs a script from the specified path.')
+  .option('--cron-jobs <jobs>', 'Comma-separated list of cron jobs to run before executing the script.')
+  .option('--timezone <timezone>', 'Sets the timezone for the runner execution.')
+  .option('--kubeadm', 'Sets the kubeadm cluster context for the runner execution.')
+  .option('--k3s', 'Sets the k3s cluster context for the runner execution.')
+  .option('--kind', 'Sets the kind cluster context for the runner execution.')
+  .option('--log-type <log-type>', 'Sets the log type for the runner execution.')
+  .option('--deploy-id <deploy-id>', 'Sets deploy id context for the runner execution.')
+  .option('--user <user>', 'Sets user context for the runner execution.')
+  .option('--hosts <hosts>', 'Comma-separated list of hosts for the runner execution.')
+  .option('--instance-id <instance-id>', 'Sets instance id context for the runner execution.')
+  .description('Runs specified scripts using various runners.')
   .action(UnderpostRun.API.callback);
 
 // 'lxd' command: LXD management
@@ -674,7 +649,10 @@ program
     '--delete-expose <vm-name-ports>',
     'Removes exposed ports on a VM (e.g., "k8s-control:80,443"). Multiple VM-port pairs can be comma-separated.',
   )
-  .option('--auto-expose-k8s-ports <vm-id>', 'Automatically exposes common Kubernetes ports for the specified VM.')
+  .option('--workflow-id <workflow-id>', 'Sets the workflow ID context for LXD operations.')
+  .option('--vm-id <vm-id>', 'Sets the VM ID context for LXD operations.')
+  .option('--deploy-id <deploy-id>', 'Sets the deployment ID context for LXD operations.')
+  .option('--namespace <namespace>', 'Kubernetes namespace for LXD operations (defaults to "default").')
   .description('Manages LXD containers and virtual machines.')
   .action(UnderpostLxd.API.callback);
 

package/src/cli/lxd.js

@@ -8,6 +8,9 @@ import { getNpmRootPath } from '../server/conf.js';
 import { getLocalIPv4Address } from '../server/dns.js';
 import { pbcopy, shellExec } from '../server/process.js';
 import fs from 'fs-extra';
+import { loggerFactory } from '../server/logger.js';
+
+const logger = loggerFactory(import.meta);
 
 /**
  * @class UnderpostLxd
@@ -37,7 +40,10 @@ class UnderpostLxd {
      * @param {string} [options.expose=''] - Expose ports from a VM to the host (format: 'vmName:port1,port2').
      * @param {string} [options.deleteExpose=''] - Delete exposed ports from a VM (format: 'vmName:port1,port2').
      * @param {string} [options.test=''] - Test health, status and network connectivity for a VM.
-     * @param {string} [options.autoExposeK8sPorts=''] - Automatically expose common Kubernetes ports for the VM.
+     * @param {string} [options.workflowId=''] - Workflow identifier for workflow execution.
+     * @param {string} [options.vmId=''] - VM identifier for workflow execution.
+     * @param {string} [options.deployId=''] - Deployment identifier for workflow execution.
+     * @param {string} [options.namespace=''] - Namespace for workflow execution.
      * @memberof UnderpostLxd
      */
     async callback(
@@ -59,7 +65,10 @@ class UnderpostLxd {
         expose: '',
         deleteExpose: '',
         test: '',
-        autoExposeK8sPorts: '',
+        workflowId: '',
+        vmId: '',
+        deployId: '',
+        namespace: '',
       },
     ) {
       const npmRoot = getNpmRootPath();
@@ -86,9 +95,21 @@ ipv4.dhcp=true \
 ipv6.address=none`);
       }
       if (options.createAdminProfile === true) {
-        pbcopy(`lxc profile create admin-profile`);
-        shellExec(`cat ${underpostRoot}/manifests/lxd/lxd-admin-profile.yaml | lxc profile edit admin-profile`);
-        shellExec(`lxc profile show admin-profile`);
+        const existingProfiles = await new Promise((resolve) => {
+          shellExec(`lxc profile show admin-profile`, {
+            silent: true,
+            callback: (...args) => {
+              return resolve(JSON.stringify(args));
+            },
+          });
+        });
+        if (existingProfiles.toLowerCase().match('error')) {
+          logger.warn('Profile does not exist. Using following command to create admin-profile:');
+          pbcopy(`lxc profile create admin-profile`);
+        } else {
+          shellExec(`cat ${underpostRoot}/manifests/lxd/lxd-admin-profile.yaml | lxc profile edit admin-profile`);
+          shellExec(`lxc profile show admin-profile`);
+        }
       }
       if (options.createVm && typeof options.createVm === 'string') {
         pbcopy(
@@ -108,9 +129,10 @@ ipv6.address=none`);
             // Default to kubeadm if not K3s
             flag = ' -s -- --kubeadm';
           }
-          shellExec(`lxc exec ${options.initVm} -- bash -c 'mkdir -p /home/dd/engine'`);
-          shellExec(`lxc file push /home/dd/engine/engine-private ${options.initVm}/home/dd/engine --recursive`);
-          shellExec(`lxc file push /home/dd/engine/manifests ${options.initVm}/home/dd/engine --recursive`);
+          await UnderpostLxd.API.runWorkflow({
+            workflowId: 'engine',
+            vmName: options.initVm,
+          });
         } else if (options.worker == true) {
           if (options.k3s === true) {
             flag = ' -s -- --worker --k3s';
@@ -123,74 +145,16 @@ ipv6.address=none`);
         shellExec(`cat ${underpostRoot}/manifests/lxd/underpost-setup.sh | lxc exec ${options.initVm} -- bash${flag}`);
         console.log(`underpost-setup.sh execution completed on VM: ${options.initVm}`);
       }
-      // --- Automatic Kubernetes Port Exposure ---
-      if (options.autoExposeK8sPorts && typeof options.autoExposeK8sPorts === 'string') {
-        console.log(`Automatically exposing Kubernetes ports for VM: ${options.autoExposeK8sPorts}`);
-        const vmName = options.autoExposeK8sPorts;
-        const hostIp = getLocalIPv4Address();
-        let vmIp = '';
-        let retries = 0;
-        const maxRetries = 10;
-        const delayMs = 5000; // 5 seconds
 
-        // Wait for VM to get an IP address
-        while (!vmIp && retries < maxRetries) {
-          try {
-            console.log(`Attempting to get IPv4 address for ${vmName} (Attempt ${retries + 1}/${maxRetries})...`);
-            vmIp = shellExec(
-              `lxc list ${vmName} --format json | jq -r '.[0].state.network.enp5s0.addresses[] | select(.family=="inet") | .address'`,
-              { stdout: true },
-            ).trim();
-            if (vmIp) {
-              console.log(`IPv4 address found for ${vmName}: ${vmIp}`);
-            } else {
-              console.log(`IPv4 address not yet available for ${vmName}. Retrying in ${delayMs / 1000} seconds...`);
-              await new Promise((resolve) => setTimeout(resolve, delayMs));
-            }
-          } catch (error) {
-            console.error(`Error getting IPv4 address for exposure: ${error.message}`);
-            console.log(`Retrying in ${delayMs / 1000} seconds...`);
-            await new Promise((resolve) => setTimeout(resolve, delayMs));
-          }
-          retries++;
-        }
-
-        if (!vmIp) {
-          console.error(`Failed to get VM IP for ${vmName} after ${maxRetries} attempts. Cannot expose ports.`);
-          return;
-        }
-
-        let portsToExpose = [];
-        if (options.control === true) {
-          // Kubernetes API Server (Kubeadm and K3s both use 6443 by default)
-          portsToExpose.push('6443');
-          // Standard HTTP/HTTPS for Ingress if deployed
-          portsToExpose.push('80');
-          portsToExpose.push('443');
-        }
-        // Add common NodePorts if needed, or rely on explicit 'expose'
-        portsToExpose.push('30000'); // Example NodePort
-        portsToExpose.push('30001'); // Example NodePort
-        portsToExpose.push('30002'); // Example NodePort
-
-        const protocols = ['tcp']; // Most K8s services are TCP, UDP for some like DNS
-
-        for (const port of portsToExpose) {
-          for (const protocol of protocols) {
-            const deviceName = `${vmName}-${protocol}-port-${port}`;
-            try {
-              // Remove existing device first to avoid conflicts if re-running
-              shellExec(`lxc config device remove ${vmName} ${deviceName} || true`);
-              shellExec(
-                `lxc config device add ${vmName} ${deviceName} proxy listen=${protocol}:${hostIp}:${port} connect=${protocol}:${vmIp}:${port} nat=true`,
-              );
-              console.log(`Exposed ${protocol}:${hostIp}:${port} -> ${vmIp}:${port} for ${vmName}`);
-            } catch (error) {
-              console.error(`Failed to expose port ${port} for ${vmName}: ${error.message}`);
-            }
-          }
-        }
+      if (options.workflowId) {
+        await UnderpostLxd.API.runWorkflow({
+          workflowId: options.workflowId,
+          vmName: options.vmId,
+          deployId: options.deployId,
+          dev: options.dev,
+        });
       }
+
       if (options.joinNode && typeof options.joinNode === 'string') {
         const [workerNode, controlNode] = options.joinNode.split(',');
         // Determine if it's a Kubeadm or K3s join
@@ -396,6 +360,41 @@ ipv6.address=none`);
         console.log(`\nComprehensive test for VM: ${vmName} completed.`);
       }
     },
+    /**
+     * @method runWorkflow
+     * @description Executes predefined workflows on LXD VMs.
+     * @param {object} params - Parameters for the workflow.
+     * @param {string} params.workflowId - The workflow id to execute (e.g., 'init').
+     * @param {string} params.vmName - The name of the VM to run the workflow on.
+     * @param {string} [params.deployId] - Optional deployment identifier.
+     * @param {boolean} [params.dev=false] - Run in development mode (adjusts paths).
+     * @memberof UnderpostLxd
+     */
+    async runWorkflow({ workflowId, vmName, deployId, dev }) {
+      switch (workflowId) {
+        case 'engine': {
+          const basePath = `/home/dd`;
+          const subDir = 'engine';
+          shellExec(`lxc exec ${vmName} -- bash -c 'rm ${basePath} && mkdir -p ${basePath}/${subDir}'`);
+          shellExec(`lxc file push ${basePath}/${subDir}/package.json ${vmName}${basePath}/${subDir}/package.json`);
+          shellExec(`lxc file push ${basePath}/${subDir}/src ${vmName}${basePath}/${subDir} --recursive`);
+          shellExec(`lxc file push ${basePath}/${subDir}/${subDir}-private ${vmName}${basePath}/${subDir} --recursive`);
+          break;
+        }
+        case 'setup-underpost-engine': {
+          const basePath = `/home/dd/engine`;
+          shellExec(`lxc exec ${vmName} -- bash -lc 'nvm use $(node --version) && cd ${basePath} && npm install'`);
+          shellExec(`lxc exec ${vmName} -- bash -lc 'underpost run secret'`);
+          break;
+        }
+        case 'k3s-setup': {
+          shellExec(
+            `lxc exec ${vmName} -- bash -lc 'cd /home/dd/engine && node bin cluster --dev --reset && node bin cluster --dev --k3s'`,
+          );
+          break;
+        }
+      }
+    },
   };
 }
 

package/src/cli/monitor.js

@@ -37,9 +37,9 @@ class UnderpostMonitor {
      * @param {boolean} [options.single=false] - Perform a single health check and exit.
      * @param {string} [options.msInterval=''] - Interval in milliseconds for periodic health checks.
      * @param {string} [options.type=''] - Type of deployment (e.g., 'blue-green', 'remote').
-     * @param {string} [options.replicas=''] - Number of replicas for the deployment.
+     * @param {string} [options.replicas='1'] - Number of replicas for the deployment. Defaults to 1.
      * @param {boolean} [options.sync=false] - Synchronize traffic switching with the deployment.
-     * @param {string} [options.namespace=''] - Kubernetes namespace for the deployment.
+     * @param {string} [options.namespace='default'] - Kubernetes namespace for the deployment. Defaults to 'default'.
      * @param {object} [commanderOptions] - Options passed from the command line interface.
      * @param {object} [auxRouter] - Optional router configuration for the deployment.
      * @memberof UnderpostMonitor
@@ -47,11 +47,20 @@ class UnderpostMonitor {
     async callback(
       deployId,
       env = 'development',
-      options = { now: false, single: false, msInterval: '', type: '', replicas: '', sync: false, namespace: '' },
+      options = {
+        now: false,
+        single: false,
+        msInterval: '',
+        type: '',
+        replicas: '1',
+        sync: false,
+        namespace: 'default',
+      },
       commanderOptions,
       auxRouter,
     ) {
       if (!options.namespace) options.namespace = 'default';
+      if (!options.replicas) options.replicas = '1';
       if (deployId === 'dd' && fs.existsSync(`./engine-private/deploy/dd.router`)) {
         for (const _deployId of fs.readFileSync(`./engine-private/deploy/dd.router`, 'utf8').split(','))
           UnderpostMonitor.API.callback(
@@ -97,10 +106,10 @@ class UnderpostMonitor {
         if (traffic === 'blue') traffic = 'green';
         else traffic = 'blue';
         UnderpostRootEnv.API.set(`${deployId}-${env}-traffic`, traffic);
-        const namespace = options.namespace || 'default';
+        const namespace = options.namespace;
         shellExec(
           `node bin deploy --info-router --build-manifest --traffic ${traffic} --replicas ${
-            options.replicas ? options.replicas : 1
+            options.replicas
           } --namespace ${namespace} ${deployId} ${env}`,
         );
         shellExec(`sudo kubectl apply -f ./engine-private/conf/${deployId}/build/${env}/proxy.yaml -n ${namespace}`);
@@ -155,7 +164,7 @@ class UnderpostMonitor {
                           fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'),
                         );
 
-                        const namespace = options.namespace || 'default';
+                        const namespace = options.namespace;
                         UnderpostDeploy.API.configMap(env, namespace);
 
                         for (const host of Object.keys(confServer)) {
@@ -208,11 +217,13 @@ class UnderpostMonitor {
                     monitorTrafficName = undefined;
                     monitorPodName = undefined;
                   }
-                  const checkDeploymentReadyStatus = () => {
-                    const { ready, notReadyPods, readyPods } = UnderpostDeploy.API.checkDeploymentReadyStatus(
+                  const checkDeploymentReadyStatus = async () => {
+                    const { ready, notReadyPods, readyPods } = await UnderpostDeploy.API.checkDeploymentReadyStatus(
                       deployId,
                       env,
                       traffic,
+                      [],
+                      options.namespace,
                     );
                     if (ready) {
                       monitorPodName = readyPods[0].NAME;
@@ -220,7 +231,7 @@ class UnderpostMonitor {
                     }
                   };
                   if (!monitorPodName) {
-                    checkDeploymentReadyStatus();
+                    await checkDeploymentReadyStatus();
                     monitorCallBack(resolve, reject);
                     return;
                   }

package/src/cli/repository.js

@@ -10,8 +10,8 @@ import { pbcopy, shellCd, shellExec } from '../server/process.js';
 import { actionInitLog, loggerFactory } from '../server/logger.js';
 import fs from 'fs-extra';
 import { getNpmRootPath } from '../server/conf.js';
-import UnderpostStartUp from '../server/start.js';
 import { Config } from '../server/conf.js';
+import { DefaultConf } from '../../conf.js';
 
 dotenv.config();
 
@@ -244,6 +244,8 @@ class UnderpostRepository {
      * @param {boolean} [options.cleanTemplate=false] - If true, cleans the pwa-microservices-template build directory.
      * @param {boolean} [options.build=false] - If true, builds the deployment to pwa-microservices-template (requires deployId).
      * @param {boolean} [options.syncConf=false] - If true, syncs configuration to private repositories (requires deployId).
+     * @param {boolean} [options.defaultConf=false] - If true, updates the default configuration file (requires deployId).
+     * @param {string} [options.confWorkflowId=''] - If provided, uses this configuration workflow ID.
      * @returns {Promise<boolean>} A promise that resolves when the initialization is complete.
      * @memberof UnderpostRepository
      */
@@ -259,6 +261,8 @@ class UnderpostRepository {
         cleanTemplate: false,
         build: false,
         syncConf: false,
+        defaultConf: false,
+        confWorkflowId: '',
       },
     ) {
       return new Promise(async (resolve, reject) => {
@@ -277,10 +281,15 @@ class UnderpostRepository {
             return resolve(true);
           }
 
+          // Handle defaultConf operation
+          if (options.defaultConf) {
+            UnderpostRepository.API.updateDefaultConf(options);
+            return resolve(true);
+          }
+
           if (options.deployId) {
             let deployId = options.deployId;
             if (!deployId.startsWith('dd-')) deployId = `dd-${deployId}`;
-
             // Handle purge operation
             if (options.purge) {
               logger.info(`Purging deploy ID: ${deployId}`);
@@ -450,7 +459,9 @@ class UnderpostRepository {
       const privateRepoPath = `../${privateRepoName}`;
       if (fs.existsSync(privateRepoPath)) fs.removeSync(privateRepoPath);
       shellExec(`cd .. && underpost clone ${process.env.GITHUB_USERNAME}/${privateRepoName}`);
-      shellExec(`cd ${privateRepoPath} && underpost pull . ${process.env.GITHUB_USERNAME}/${privateRepoName}`);
+      shellExec(`cd ${privateRepoPath} && underpost pull . ${process.env.GITHUB_USERNAME}/${privateRepoName}`, {
+        silent: true,
+      });
       shellExec(`underpost run secret`);
       shellExec(`underpost run underpost-config`);
       const packageJsonDeploy = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/package.json`, 'utf8'));
@@ -504,6 +515,78 @@ Prevent build private config repo.`,
           return line;
         });
     },
+    /**
+     * Updates the default configuration file based on the provided options.
+     * @param {object} [options={ deployId: '' }] - The options for updating the configuration.
+     * @param {string} [options.deployId=''] - The deployment ID to use for configuration.
+     * @param {string} [options.confWorkflowId=''] - The configuration workflow ID to use.
+     * @memberof UnderpostRepository
+     */
+    updateDefaultConf(options = { deployId: '', confWorkflowId: '' }) {
+      const defaultServer = DefaultConf.server['default.net']['/'];
+      let { deployId, confWorkflowId } = options;
+      let defaultConf = false;
+
+      // Custom workflow configurations
+      if (confWorkflowId)
+        switch (confWorkflowId) {
+          case 'dd-github-pages': {
+            const host = `${process.env.GITHUB_USERNAME ? process.env.GITHUB_USERNAME : 'underpostnet'}.github.io`;
+            const path = '/pwa-microservices-template-ghpkg';
+            DefaultConf.server = {
+              [host]: { [path]: defaultServer },
+            };
+            DefaultConf.server[host][path].apiBaseProxyPath = '/';
+            DefaultConf.server[host][path].apiBaseHost = 'www.nexodev.org';
+            defaultConf = true;
+            break;
+          }
+          case 'template': {
+            const host = 'default.net';
+            const path = '/';
+            DefaultConf.server[host][path].valkey = {
+              port: 6379,
+              host: 'valkey-service.default.svc.cluster.local',
+            };
+            // mongodb-0.mongodb-service
+            DefaultConf.server[host][path].db.host = 'mongodb://mongodb-service:27017';
+            defaultConf = true;
+            break;
+          }
+          default:
+            logger.error(`Unknown confWorkflowId: ${confWorkflowId}.`);
+            return;
+        }
+      else if (deployId && fs.existsSync(`./engine-private/conf/${deployId}`)) {
+        DefaultConf.client = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.client.json`, 'utf8'));
+        DefaultConf.server = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'));
+        DefaultConf.ssr = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.ssr.json`, 'utf8'));
+        // DefaultConf.cron = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.cron.json`, 'utf8'));
+
+        for (const host of Object.keys(DefaultConf.server)) {
+          for (const path of Object.keys(DefaultConf.server[host])) {
+            DefaultConf.server[host][path].db = defaultServer.db;
+            DefaultConf.server[host][path].mailer = defaultServer.mailer;
+
+            delete DefaultConf.server[host][path]._wp_client;
+            delete DefaultConf.server[host][path]._wp_git;
+            delete DefaultConf.server[host][path]._wp_directory;
+            delete DefaultConf.server[host][path].wp;
+            delete DefaultConf.server[host][path].git;
+            delete DefaultConf.server[host][path].directory;
+          }
+        }
+      } else
+        logger.warn(
+          `Deploy ID configuration not found: ./engine-private/conf/${deployId}, using default configuration.`,
+        );
+      const sepRender = '/**/';
+      const confRawPaths = fs.readFileSync('./conf.js', 'utf8').split(sepRender);
+      confRawPaths[1] = `${JSON.stringify(DefaultConf)};`;
+      const targetConfPath = `./conf${defaultConf ? '' : `.${deployId}`}.js`;
+      fs.writeFileSync(targetConfPath, confRawPaths.join(sepRender), 'utf8');
+      shellExec(`prettier --write ${targetConfPath}`);
+    },
   };
 }