feat: interactive TLS configure and shell autocomplete

Make `ecloud compute app configure tls` interactive — prompts for
domain, app port, ACME staging, and Caddy logs, then appends values
directly to .env and placeholders to .env.example. Removes the
intermediate .env.example.tls file.

Add @oclif/plugin-autocomplete so `ecloud <TAB>` completes commands
and flags instead of showing file completions.

Author: Gajesh2007

package.json

@@ -28,5 +28,6 @@
   },
   "prettier": {
     "printWidth": 100
-  }
+  },
+  "packageManager": "pnpm@9.15.0+sha512.76e2379760a4328ec4415815bcd6628dee727af3779aaa4c914e3944156c4299921a89f976381ee107d41f12cfa4b66681ca9c718f0668fa0831ed4c6d8ba56c"
 }

packages/cli/package.json

@@ -9,13 +9,15 @@
     "README.md"
   ],
   "bin": {
-    "ecloud": "./bin/run.js"
+    "ecloud": "./bin/run.js",
+    "ecloud-dev": "./bin/run.js"
   },
   "dependencies": {
     "@inquirer/prompts": "^7.10.1",
     "@layr-labs/ecloud-sdk": "workspace:*",
     "@napi-rs/keyring": "^1.0.5",
     "@oclif/core": "^4.8.0",
+    "@oclif/plugin-autocomplete": "^3.2.40",
     "axios": "^1.13.2",
     "chalk": "^5.6.2",
     "cli-table3": "^0.6.5",
@@ -43,6 +45,9 @@
     "commands": "./dist/commands",
     "dirname": "",
     "topicSeparator": " ",
+    "plugins": [
+      "@oclif/plugin-autocomplete"
+    ],
     "topics": {
       "auth": {
         "description": "Manage authentication with private keys stored in OS keyring"

packages/cli/src/commands/compute/app/configure/tls.ts

@@ -2,74 +2,147 @@ import { Command } from "@oclif/core";
 import * as fs from "fs";
 import * as path from "path";
 import chalk from "chalk";
-import { getCaddyfileTemplate, ENV_EXAMPLE_TLS } from "../../../../templates/tls/templates.js";
+import { input, confirm } from "@inquirer/prompts";
+import {
+  getCaddyfileTemplate,
+  getTlsEnvBlock,
+  TLS_ENV_EXAMPLE_BLOCK,
+} from "../../../../templates/tls/templates.js";
+
+function envFileHasTlsConfig(filePath: string): boolean {
+  if (!fs.existsSync(filePath)) return false;
+  const content = fs.readFileSync(filePath, "utf-8");
+  return /^DOMAIN=/m.test(content);
+}
 
 export default class ConfigureTLS extends Command {
   static description = "Configure TLS for your application";
 
-  static summary = `Adds TLS configuration to your EigenCloud application.
+  static summary = `Interactively configures TLS for your EigenCloud application.
 
-This command creates:
-- Caddyfile: Reverse proxy configuration for automatic HTTPS
-- .env.example.tls: Example environment variables for TLS
+Prompts for domain and TLS settings, then:
+- Creates a Caddyfile for automatic HTTPS via Caddy reverse proxy
+- Appends TLS variables to .env with your values
+- Appends TLS placeholders to .env.example
 
 TLS certificates are automatically obtained via Let's Encrypt using the tls-keygen tool.`;
 
   async run() {
     const cwd = process.cwd();
 
+    // Check if TLS is already configured in .env
+    const envPath = path.join(cwd, ".env");
+    if (envFileHasTlsConfig(envPath)) {
+      this.warn("TLS is already configured in .env (DOMAIN is set). Skipping.");
+      return;
+    }
+
     // Write Caddyfile
     const caddyfilePath = path.join(cwd, "Caddyfile");
     if (fs.existsSync(caddyfilePath)) {
-      this.warn("Caddyfile already exists. Skipping...");
+      this.log("Caddyfile already exists, keeping existing file.");
     } else {
       const caddyfileContent = getCaddyfileTemplate();
       fs.writeFileSync(caddyfilePath, caddyfileContent, { mode: 0o644 });
       this.log("Created Caddyfile");
     }
 
-    // Write .env.example.tls
-    const envTLSPath = path.join(cwd, ".env.example.tls");
-    if (fs.existsSync(envTLSPath)) {
-      this.warn(".env.example.tls already exists. Skipping...");
-    } else {
-      fs.writeFileSync(envTLSPath, ENV_EXAMPLE_TLS, { mode: 0o644 });
-      this.log("Created .env.example.tls");
-    }
-
-    // Print success message and instructions
-    this.log("");
-    this.log(chalk.green("TLS configuration added successfully"));
-    this.log("");
-    this.log("Created:");
-    this.log("  - Caddyfile");
-    this.log("  - .env.example.tls");
     this.log("");
 
-    this.log("To enable TLS:");
+    // Prompt for TLS variables
+    const domain = await input({
+      message: "Domain name:",
+      validate: (value) => {
+        const trimmed = value.trim();
+        if (!trimmed) return "Domain is required";
+        if (trimmed.toLowerCase() === "localhost") return "Domain cannot be localhost";
+        if (!/^[a-zA-Z0-9]([a-zA-Z0-9-]*\.)+[a-zA-Z]{2,}$/.test(trimmed))
+          return "Enter a valid domain (e.g. myapp.example.com)";
+        return true;
+      },
+    });
+
+    const appPort = await input({
+      message: "App port:",
+      default: "3000",
+      validate: (value) => {
+        const num = Number(value.trim());
+        if (!Number.isInteger(num) || num < 1 || num > 65535) return "Enter a valid port (1-65535)";
+        return true;
+      },
+    });
+
+    const acmeStaging = await confirm({
+      message: "Use Let's Encrypt staging? (recommended for first deploy to avoid rate limits)",
+      default: true,
+    });
+
+    const enableCaddyLogs = await confirm({
+      message: "Enable Caddy debug logs?",
+      default: false,
+    });
+
+    // Show summary
     this.log("");
-    this.log("1. Add TLS variables to .env:");
-    this.log("   cat .env.example.tls >> .env");
+    this.log(chalk.bold("TLS Configuration:"));
+    this.log(`  Domain:          ${domain.trim()}`);
+    this.log(`  App port:        ${appPort.trim()}`);
+    this.log(`  ACME staging:    ${acmeStaging}`);
+    this.log(`  Caddy logs:      ${enableCaddyLogs}`);
     this.log("");
 
-    this.log("2. Configure required variables:");
-    this.log("   DOMAIN=yourdomain.com");
+    const confirmed = await confirm({
+      message: "Write these settings to .env?",
+      default: true,
+    });
+
+    if (!confirmed) {
+      this.log("Cancelled.");
+      return;
+    }
+
+    const vars = {
+      domain: domain.trim(),
+      appPort: appPort.trim(),
+      acmeStaging,
+      enableCaddyLogs,
+    };
+
+    // Append to .env
+    const envBlock = getTlsEnvBlock(vars);
+    fs.appendFileSync(envPath, envBlock, { mode: 0o644 });
+    this.log(`Updated .env`);
+
+    // Append to .env.example (with placeholders, skip if already has DOMAIN)
+    const envExamplePath = path.join(cwd, ".env.example");
+    if (!envFileHasTlsConfig(envExamplePath)) {
+      fs.appendFileSync(envExamplePath, TLS_ENV_EXAMPLE_BLOCK, { mode: 0o644 });
+      this.log(`Updated .env.example`);
+    }
+
+    // Print next steps
     this.log("");
-    this.log("   For first deployment (recommended):");
-    this.log("   ENABLE_CADDY_LOGS=true");
-    this.log("   ACME_STAGING=true");
+    this.log(chalk.green("TLS configured successfully"));
     this.log("");
-
-    this.log("3. Set up DNS A record pointing to instance IP");
+    this.log("Next steps:");
+    this.log("");
+    this.log("1. Set up DNS A record pointing to your instance IP");
     this.log("   Run 'ecloud compute app list' to get IP address");
     this.log("");
-
-    this.log("4. Upgrade:");
-    this.log("   ecloud compute app upgrade");
+    this.log("2. Deploy or upgrade:");
+    this.log("   ecloud compute app deploy    # new app");
+    this.log("   ecloud compute app upgrade   # existing app");
     this.log("");
 
-    this.log("Note: Let's Encrypt rate limit is 5 certificates/week per domain");
-    this.log("      To switch staging -> production: set ACME_STAGING=false");
-    this.log("      If cert exists, use ACME_FORCE_ISSUE=true once to replace");
+    if (acmeStaging) {
+      this.log(chalk.yellow("Note: ACME_STAGING is enabled (recommended for first deploy)"));
+      this.log("Once verified, switch to production certs:");
+      this.log("  1. Set ACME_STAGING=false in .env");
+      this.log("  2. Set ACME_FORCE_ISSUE=true in .env (one-time)");
+      this.log("  3. Run: ecloud compute app upgrade");
+      this.log("");
+    }
+
+    this.log("Let's Encrypt rate limit: 5 certificates/week per domain");
   }
 }

packages/cli/src/templates/tls/templates.ts

@@ -11,27 +11,35 @@ export function getCaddyfileTemplate(): string {
   return caddyfileTemplate;
 }
 
+export interface TlsEnvVars {
+  domain: string;
+  appPort: string;
+  acmeStaging: boolean;
+  enableCaddyLogs: boolean;
+}
+
 /**
- * Embedded .env.example.tls content
- * (embedded directly since .env files are gitignored)
+ * Generate the TLS env block with user-provided values for .env
  */
-export const ENV_EXAMPLE_TLS = `# TLS Configuration
-# Set these variables to enable TLS for your application
-
-# Your domain name (required for TLS)
-DOMAIN=yourdomain.com
-
-# Port your application listens on
-APP_PORT=3000
-
-# Enable Caddy debug logs
-ENABLE_CADDY_LOGS=false
-
-# Use Let's Encrypt staging environment (for testing)
-# Set to true to avoid rate limits during development
-ACME_STAGING=false
-
-# Force certificate reissue even if a valid one exists
-# Useful when you need to update SANs or force a renewal
+export function getTlsEnvBlock(vars: TlsEnvVars): string {
+  return `
+# TLS Configuration
+DOMAIN=${vars.domain}
+APP_PORT=${vars.appPort}
+ENABLE_CADDY_LOGS=${vars.enableCaddyLogs}
+ACME_STAGING=${vars.acmeStaging}
 ACME_FORCE_ISSUE=false
 `;
+}
+
+/**
+ * Placeholder TLS block for .env.example
+ */
+export const TLS_ENV_EXAMPLE_BLOCK = `
+# TLS Configuration
+# DOMAIN=yourdomain.com
+# APP_PORT=3000
+# ENABLE_CADDY_LOGS=false
+# ACME_STAGING=false
+# ACME_FORCE_ISSUE=false
+`;