1.2.0

feat(cli): Add tspublish.json for CLI client and interfaces
1.1.9
2024-10-21 16:37:46 +02:00 · 2024-10-21 16:37:46 +02:00 · 2024-10-21 14:23:43 +02:00 · 2024-10-21 14:23:43 +02:00 · 2024-10-16 14:35:38 +02:00 · 2024-10-16 14:35:38 +02:00
81 changed files with 10184 additions and 6926 deletions
--- a/changelog.md
+++ b/changelog.md
@ -0,0 +1,84 @@
+# Changelog
+
+## 2024-10-21 - 1.2.0 - feat(cli)
+Add tspublish.json for CLI client and interfaces
+
+- Added registration details for publishing CLI client (@serve.zone/cli)
+- Specified npm and custom registries in the tspublish.json for better publish control
+- Updated dependency version for @git.zone/tspublish in package.json
+
+## 2024-10-21 - 1.1.9 - fix(build)
+Update Node types and other dependencies, add tspublish.json for api client
+
+- Updated Node types devDependency to version ^22.7.7 from ^22.7.5.
+- Updated smartbucket dependency to version ^3.0.23 from ^3.0.22.
+- Added tspublish configuration file to the api client.
+- Fixed the npm publish script in package.json.
+
+## 2024-10-16 - 1.1.8 - fix(big fix upgrade)
+fix: update dependency versions and address type errors
+
+- Updated all listed dependencies in the package.json to their specified ranges.
+- Fixed type mismatches and added missing imports in various TypeScript files.
+- Refined existing tests and added a new helper to manage Docker image streams.
+
+## 2024-08-25 - 1.1.7 - fix(deps)
+Update dependencies to latest versions
+
+- Updated @git.zone/tsbuild from ^2.1.80 to ^2.1.84
+- Updated @push.rocks/tapbundle from ^5.0.23 to ^5.0.24
+- Updated @types/node from ^20.14.6 to ^22.5.0
+- Updated @apiclient.xyz/docker from ^1.2.2 to ^1.2.3
+- Updated @design.estate/dees-catalog from ^1.0.289 to ^1.1.6
+- Updated @design.estate/dees-element from ^2.0.34 to ^2.0.36
+- Updated @git.zone/tsrun from ^1.2.37 to ^1.2.49
+- Updated @push.rocks/smartbucket from ^3.0.20 to ^3.0.22
+- Updated @push.rocks/smartpromise from ^4.0.3 to ^4.0.4
+- Updated @serve.zone/interfaces from ^1.0.74 to ^1.0.78
+- Updated @tsclass/tsclass from ^4.0.60 to ^4.1.2
+
+## 2024-06-20 - 1.1.6 - Updates
+Routine updates and fixes.
+
+- (fix) core: update
+
+## 2024-06-13 - 1.1.4 - Service Management Preparation
+Incorporated updates and service management preparations.
+
+- (fix) core: update
+- (feat) prepare service management
+
+## 2024-06-05 - 1.1.3 - CI Integration Improvement
+Structural improvements and better CI integration preparation.
+
+- (fix) structure: improve structure, prepare better CI integration
+
+## 2024-06-02 - 1.1.2 - Image Manager Update
+Prepared proper storage and retrieval of container images.
+
+- (fix) imagemanager: prepare proper storage and retrieval of container images
+
+## 2024-06-01 - 1.1.0 - Image Registry Work
+Initiated work on image registry.
+
+- (fix) image registry: start work on image registry
+
+## 2024-05-30 - 1.0.216 - Enhanced Smartguards
+Enhanced smartguards to verify action authorization.
+
+- (feat) guards: use better smartguards to verify action authorization
+
+## 2024-05-28 - 1.0.215 - Unified Package Update
+Updated package unification for cloudly + API + CLI.
+
+- (fix) switch to unified package for cloudly + API + CLI: update
+
+## 2024-05-05 - 1.0.214 - Core Updates
+Routine core updates.
+
+- (fix) core: update
+
+## 2024-04-20 - 1.0.213 - Core Update
+Routine core updates.
+
+- (fix) core: update
--- a/npmextra.json
+++ b/npmextra.json
@ -16,21 +16,37 @@
      "githost": "gitlab.com",
      "gitscope": "servezone/private",
      "gitrepo": "cloudly",
-      "description": "A cloud manager utilizing Docker Swarmkit, designed for operations on Cloudron, and supports various cloud platforms like DigitalOcean, Hetzner Cloud, and Cloudflare.",
+      "description": "A comprehensive multi-cloud manager leveraging Docker Swarmkit to orchestrate containerized applications across various cloud services and provide robust configuration and API integration.",
      "npmPackagename": "@serve.zone/cloudly",
      "license": "UNLICENSED",
      "keywords": [
-        "cloud",
+        "cloud management",
+        "multi-cloud management",
        "Docker Swarmkit",
+        "container orchestration",
+        "cloud services",
        "DigitalOcean",
        "Hetzner Cloud",
        "Cloudflare",
-        "container management",
        "configuration management",
-        "LetsEncrypt SSL",
-        "cloud infrastructure automation",
+        "SSL management",
+        "API integration",
+        "TypeScript",
        "node.js",
-        "TypeScript"
+        "infrastructure automation",
+        "devOps",
+        "cloud API client",
+        "system logging",
+        "secret management",
+        "CI/CD integration",
+        "task scheduling",
+        "frontend",
+        "backend",
+        "CLI",
+        "web interface",
+        "cloud providers",
+        "security",
+        "logging"
      ]
    }
  },
--- a/package.json
+++ b/package.json
@ -1,67 +1,77 @@
 {
  "name": "@serve.zone/cloudly",
-  "version": "1.0.214",
+  "version": "1.2.0",
  "private": false,
-  "description": "A cloud manager utilizing Docker Swarmkit, designed for operations on Cloudron, and supports various cloud platforms like DigitalOcean, Hetzner Cloud, and Cloudflare.",
-  "main": "dist_ts/index.js",
-  "typings": "dist_ts/index.d.ts",
+  "description": "A comprehensive multi-cloud manager leveraging Docker Swarmkit to orchestrate containerized applications across various cloud services and provide robust configuration and API integration.",
  "type": "module",
+  "exports": {
+    ".": "./dist/index.js",
+    "./apiclient": "./dist_apiclient/index.js",
+    "./cliclient": "./dist_cliclient/index.js",
+    "./web": "./dist_web/index.js"
+  },
  "author": "Task Venture Capital GmbH",
-  "license": "UNLICENSED",
+  "license": "MIT",
  "scripts": {
    "test": "(tstest test/)",
-    "build": "tsbuild --web --allowimplicitany && tsbundle website --production",
+    "build": "tsbuild tsfolders --web --allowimplicitany && tsbundle website --production",
    "start": "node cli.js",
    "startTs": "node cli.ts.js",
    "watch": "tswatch website",
-    "localPublish": "gitzone commit"
+    "publish": "tspublish"
  },
  "devDependencies": {
-    "@git.zone/tsbuild": "^2.1.65",
+    "@git.zone/tsbuild": "^2.1.84",
    "@git.zone/tsbundle": "^2.0.15",
-    "@git.zone/tstest": "^1.0.73",
+    "@git.zone/tspublish": "^1.3.0",
+    "@git.zone/tstest": "^1.0.90",
    "@git.zone/tswatch": "^2.0.23",
-    "@push.rocks/tapbundle": "^5.0.4",
-    "@types/node": "^20.11.25"
+    "@push.rocks/tapbundle": "^5.3.0",
+    "@types/node": "^22.7.7"
  },
  "dependencies": {
-    "@api.global/typedrequest": "3.0.19",
-    "@api.global/typedserver": "^3.0.27",
-    "@api.global/typedsocket": "^3.0.0",
+    "@api.global/typedrequest": "3.1.10",
+    "@api.global/typedserver": "^3.0.51",
+    "@api.global/typedsocket": "^3.0.1",
    "@apiclient.xyz/cloudflare": "^6.0.1",
-    "@apiclient.xyz/digitalocean": "^1.0.5",
-    "@apiclient.xyz/hetznercloud": "^1.0.18",
+    "@apiclient.xyz/docker": "^1.2.7",
+    "@apiclient.xyz/hetznercloud": "^1.2.0",
    "@apiclient.xyz/slack": "^3.0.9",
-    "@design.estate/dees-catalog": "^1.0.289",
-    "@design.estate/dees-domtools": "^2.0.57",
-    "@design.estate/dees-element": "^2.0.34",
-    "@git.zone/tsrun": "^1.2.37",
+    "@design.estate/dees-catalog": "^1.2.0",
+    "@design.estate/dees-domtools": "^2.0.64",
+    "@design.estate/dees-element": "^2.0.39",
+    "@git.zone/tsrun": "^1.2.49",
    "@push.rocks/early": "^4.0.3",
-    "@push.rocks/npmextra": "^5.0.10",
+    "@push.rocks/npmextra": "^5.0.23",
    "@push.rocks/projectinfo": "^5.0.1",
    "@push.rocks/qenv": "^6.0.5",
-    "@push.rocks/smartacme": "^4.0.8",
-    "@push.rocks/smartbucket": "^2.0.4",
-    "@push.rocks/smartcli": "^4.0.6",
-    "@push.rocks/smartdata": "^5.0.8",
+    "@push.rocks/smartacme": "^5.0.0",
+    "@push.rocks/smartbucket": "^3.0.23",
+    "@push.rocks/smartcli": "^4.0.11",
+    "@push.rocks/smartclickhouse": "^2.0.17",
+    "@push.rocks/smartdata": "^5.2.10",
    "@push.rocks/smartdelay": "^3.0.5",
-    "@push.rocks/smartexit": "^1.0.20",
-    "@push.rocks/smartfile": "^11.0.4",
-    "@push.rocks/smartguard": "^2.0.1",
-    "@push.rocks/smartjson": "^5.0.14",
-    "@push.rocks/smartjwt": "^2.0.4",
-    "@push.rocks/smartlog": "^3.0.1",
-    "@push.rocks/smartlog-destination-clickhouse": "^1.0.11",
-    "@push.rocks/smartpath": "^5.0.5",
-    "@push.rocks/smartpromise": "^4.0.3",
-    "@push.rocks/smartrequest": "^2.0.11",
+    "@push.rocks/smartexit": "^1.0.23",
+    "@push.rocks/smartexpect": "^1.2.1",
+    "@push.rocks/smartfile": "^11.0.21",
+    "@push.rocks/smartguard": "^3.1.0",
+    "@push.rocks/smartjson": "^5.0.19",
+    "@push.rocks/smartjwt": "^2.2.1",
+    "@push.rocks/smartlog": "^3.0.7",
+    "@push.rocks/smartlog-destination-clickhouse": "^1.0.13",
+    "@push.rocks/smartpath": "^5.0.18",
+    "@push.rocks/smartpromise": "^4.0.4",
+    "@push.rocks/smartrequest": "^2.0.22",
+    "@push.rocks/smartrx": "^3.0.7",
    "@push.rocks/smartssh": "^2.0.1",
+    "@push.rocks/smartstate": "^2.0.19",
+    "@push.rocks/smartstream": "^3.2.4",
    "@push.rocks/smartstring": "^4.0.15",
-    "@push.rocks/smartunique": "^3.0.8",
+    "@push.rocks/smartunique": "^3.0.9",
    "@push.rocks/taskbuffer": "^3.0.2",
    "@push.rocks/webjwt": "^1.0.9",
-    "@serve.zone/interfaces": "^1.0.47",
-    "@tsclass/tsclass": "^4.0.52"
+    "@serve.zone/interfaces": "^1.1.2",
+    "@tsclass/tsclass": "^4.1.2"
  },
  "files": [
    "ts/**/*",
@ -87,16 +97,32 @@
  },
  "homepage": "https://gitlab.com/servezone/private/cloudly#readme",
  "keywords": [
-    "cloud",
+    "cloud management",
+    "multi-cloud management",
    "Docker Swarmkit",
+    "container orchestration",
+    "cloud services",
    "DigitalOcean",
    "Hetzner Cloud",
    "Cloudflare",
-    "container management",
    "configuration management",
-    "LetsEncrypt SSL",
-    "cloud infrastructure automation",
+    "SSL management",
+    "API integration",
+    "TypeScript",
    "node.js",
-    "TypeScript"
+    "infrastructure automation",
+    "devOps",
+    "cloud API client",
+    "system logging",
+    "secret management",
+    "CI/CD integration",
+    "task scheduling",
+    "frontend",
+    "backend",
+    "CLI",
+    "web interface",
+    "cloud providers",
+    "security",
+    "logging"
  ]
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/readme.hints.md
+++ b/readme.hints.md
@ -0,0 +1,11 @@
+- This repository contains 4 projects around serve.zone
+  - the cloudly backend under ts/*
+  - the cloudly frontend under ts_web/*
+  - the api client under ts_apiclient
+  - the cli client under ts_cliclient
+
+- the easiest method to spawn up a cloudly instance is to use the docker image:
+  `code.foss.global/serve.zone/cloudly:latest`
+
+- Note: the exports are defined in the package.json.
+- For now, cloud wise only the setup with cloudron and hetzner cloud is supported.
--- a/readme.md
+++ b/readme.md
@ -1,21 +1,28 @@
 # @serve.zone/cloudly
-configure the cloud
+
+A comprehensive multi-cloud manager leveraging Docker Swarmkit to orchestrate containerized applications across various cloud services and integrate robust configuration and API management capabilities.

 ## Install
+
 To install `@serve.zone/cloudly`, run the following command in your terminal:
+
 ```bash
 npm install @serve.zone/cloudly --save
 ```
+
 This will install the package and add it to your project's `package.json` dependencies.

 ## Usage
+
 `@serve.zone/cloudly` is designed to help you manage and configure cloud environments. This package provides a comprehensive TypeScript and ESM-based interface for interacting with various cloud services, including Docker Swarmkit cluster management, and integration with cloud providers such as DigitalOcean, Hetzner Cloud, and Cloudflare.

 ### Getting Started
+
 Before diving into the specifics, ensure your environment is properly set up. This includes having Node.js installed (preferably the latest LTS version), and if you are working in a TypeScript project, ensure TypeScript is configured.

 #### Initializing Cloudly
-First, import `Cloudly` class from the package and initialize it as shown below:
+
+First, import the `Cloudly` class from the package and initialize it as shown below:

 ```typescript
 import { Cloudly } from '@serve.zone/cloudly';
@ -26,6 +33,7 @@ const myCloudlyInstance = new Cloudly();
 The `Cloudly` class is the entry point to using the library features. It prepares the environment for configuring the cloud services.

 #### Configuration
+
 Configuration plays a pivotal role in how `@serve.zone/cloudly` operates. The library expects certain configurations to be provided, which can include credentials for cloud services, database connections, etc.

 For example, to configure a connection to MongoDB, specify your MongoDB details as shown:
@ -38,51 +46,373 @@ const myCloudlyConfig = {
        mongoDbUser: 'myUser',
        mongoDbPass: 'myPassword',
    },
-    // Additional configuration values...
+    cfToken: 'your_cloudflare_api_token',
+    environment: 'development',
+    letsEncryptEmail: 'lets_encrypt_email@example.com',
+    publicUrl: 'example.com',
+    publicPort: 8443,
+    hetznerToken: 'your_hetzner_api_token',
 };

 const myCloudlyInstance = new Cloudly(myCloudlyConfig);
 ```

-#### Managing Docker Swarmkit Cluster
-Cloudly allows managing Docker Swarmkit clusters through an abstracted interface, simplifying operations such as deployment and scaling.
+### Managing Docker Swarmkit Clusters
+
+Cloudly allows managing Docker Swarmkit clusters through an abstracted interface, simplifying operations such as deployment and scaling. Below are examples to demonstrate these capabilities.
+
+#### Example: Initializing a Cloudly Instance and Adding a Cluster

 ```typescript
-// Assuming myCloudlyInstance is already configured and initialized
+import { Cloudly, ClusterManager } from '@serve.zone/cloudly';

-// Start the cloud instance
+async function main() {
+    const myCloudlyConfig = {
+        mongoDescriptor: {
+            mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
+            mongoDbName: 'myDatabase',
+            mongoDbUser: 'myUser',
+            mongoDbPass: 'myPassword',
+        },
+        cfToken: 'your_cloudflare_api_token',
+        environment: 'development',
+        letsEncryptEmail: 'lets_encrypt_email@example.com',
+        publicUrl: 'example.com',
+        publicPort: 8443,
+        hetznerToken: 'your_hetzner_api_token',
+    };
+
+    const myCloudlyInstance = new Cloudly(myCloudlyConfig);
    await myCloudlyInstance.start();

-// Now you can perform various operations on your Docker Swarmkit cluster
+    const clusterManager = myCloudlyInstance.clusterManager;
+    const newCluster = await clusterManager.storeCluster({
+        id: 'example_cluster_id',
+        data: {
+            name: 'example_cluster',
+            jumpCode: 'random_jump_code',
+            jumpCodeUsedAt: null,
+            secretKey: 'example_secret_key',
+            acmeInfo: null,
+            cloudlyUrl: 'https://example.com:8443',
+            servers: [],
+            sshKeys: [],
+        },
+    });
+
+    console.log('Cluster added:', newCluster);
+}
+
+main();
 ```

-### Integration with Cloud Providers
-`@serve.zone/cloudly` integrates seamlessly with cloud providers like DigitalOcean, Hetzner Cloud, etc., by leveraging the power of APIs provided by these platforms.
+### Additional Use Cases

-#### Managing DigitalOcean Resources
-To manage DigitalOcean resources, you'll need to configure your DigitalOcean token and then use the provided interfaces to interact with the resources, such as creating droplets, managing volumes, etc.
+#### Managing Cloudflare DNS Records
+
+You can manage Cloudflare DNS records using the `CloudflareConnector` provided by Cloudly.

 ```typescript
-// Set your DigitalOcean API token
-const digitalOceanToken = "your_digital_ocean_api_token";
+import { Cloudly, CloudflareConnector } from '@serve.zone/cloudly';

-// Now you can use myCloudlyInstance to manage DigitalOcean resources
+async function manageDNSRecords() {
+    const myCloudlyConfig = {
+        mongoDescriptor: {
+            mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
+            mongoDbName: 'myDatabase',
+            mongoDbUser: 'myUser',
+            mongoDbPass: 'myPassword',
+        },
+        cfToken: 'your_cloudflare_api_token',
+        environment: 'development',
+        letsEncryptEmail: 'lets_encrypt_email@example.com',
+        publicUrl: 'example.com',
+        publicPort: 8443,
+        hetznerToken: 'your_hetzner_api_token',
+    };
+
+    const myCloudlyInstance = new Cloudly(myCloudlyConfig);
+    await myCloudlyInstance.start();
+
+    const dnsInfo = {
+        zoneName: 'example.com',
+        recordName: 'sub.example.com',
+        recordType: 'A',
+        recordContent: '127.0.0.1',
+    };
+
+    const cfConnector = myCloudlyInstance.cloudflareConnector.cloudflare;
+    const newRecord = await cfConnector.createDNSRecord(
+        dnsInfo.zoneName,
+        dnsInfo.recordName,
+        dnsInfo.recordType,
+        dnsInfo.recordContent
+    );
+
+    console.log('DNS Record created:', newRecord);
+}
+manageDNSRecords();
 ```

-#### Using the Cloudflare Integration
-Similarly, for managing DNS records and SSL certificates with Cloudflare, set up your Cloudflare API token:
+#### Integrating with DigitalOcean
+
+Integrate with DigitalOcean to manage droplets and other resources.

 ```typescript
-const cloudflareToken = "your_cloudflare_api_token";
+import { Cloudly, DigitalOceanConnector } from '@serve.zone/cloudly';

-// Use myCloudlyInstance to interact with Cloudflare, such as setting DNS records
+async function manageDroplet() {
+    const myCloudlyConfig = {
+        mongoDescriptor: {
+            mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
+            mongoDbName: 'myDatabase',
+            mongoDbUser: 'myUser',
+            mongoDbPass: 'myPassword',
+        },
+        cfToken: 'your_cloudflare_api_token',
+        environment: 'development',
+        letsEncryptEmail: 'lets_encrypt_email@example.com',
+        publicUrl: 'example.com',
+        publicPort: 8443,
+        hetznerToken: 'your_hetzner_api_token',
+    };
+
+    const myCloudlyInstance = new Cloudly(myCloudlyConfig);
+    await myCloudlyInstance.start();
+
+    const doConnector = myCloudlyInstance.digitaloceanConnector;
+    const dropletInfo = {
+        name: 'example-droplet',
+        region: 'nyc3',
+        size: 's-1vcpu-1gb',
+        image: 'ubuntu-20-04-x64',
+    };
+
+    const newDroplet = await doConnector.createDroplet(
+        dropletInfo.name,
+        dropletInfo.region,
+        dropletInfo.size,
+        dropletInfo.image
+    );
+
+    console.log('Droplet created:', newDroplet);
+}
+manageDroplet();
 ```

-### Advanced Usage
-`@serve.zone/cloudly` offers more than just cloud resource management. It integrates various modules for error logging, security, working with JSON data, and much more. Explore the comprehensive documentation and typings to leverage the full potential of the package.
+### Using Cloudly Web Interface

-### Conclusion
-With `@serve.zone/cloudly`, configuring the cloud becomes a less tedious task. By abstracting away the complexities and providing a unified interface to manage cloud resources, development efficiency is significantly improved. The examples provided above merely scratch the surface of what's possible. Dive into the detailed documentation to explore all features and capabilities.
+If your project includes a web interface to manage various sections like DNS, deployments, clusters, etc., you can use the provided elements and state management. Below is an example of setting up a dashboard using the components defined:
+
+#### Web Dashboard Example
+
+```typescript
+import { commitinfo } from '../00_commitinfo_data.js';
+import * as plugins from '../plugins.js';
+
+import * as appstate from '../appstate.js';
+
+import {
+  DeesElement,
+  css,
+  cssManager,
+  customElement,
+  html,
+  state
+} from '@design.estate/dees-element';
+import { CloudlyViewBackups } from './cloudly-view-backups.js';
+import { CloudlyViewClusters } from './cloudly-view-clusters.js';
+import { CloudlyViewDbs } from './cloudly-view-dbs.js';
+import { CloudlyViewDeployments } from './cloudly-view-deployments.js';
+import { CloudlyViewDns } from './cloudly-view-dns.js';
+import { CloudlyViewImages } from './cloudly-view-images.js';
+import { CloudlyViewLogs } from './cloudly-view-logs.js';
+import { CloudlyViewMails } from './cloudly-view-mails.js';
+import { CloudlyViewOverview } from './cloudly-view-overview.js';
+import { CloudlyViewS3 } from './cloudly-view-s3.js';
+import { CloudlyViewSecretBundles } from './cloudly-view-secretbundles.js';
+import { CloudlyViewSecretGroups } from './cloudly-view-secretgroups.js';
+import { CloudlyViewServices } from './cloudly-view-services.js';
+
+declare global {
+  interface HTMLElementTagNameMap {
+    'cloudly-dashboard': CloudlyDashboard;
+  }
+}
+
+@customElement('cloudly-dashboard')
+export class CloudlyDashboard extends DeesElement {
+  @state() private jwt: string;
+  @state() private data: appstate.IDataState = {
+    secretGroups: [],
+    secretBundles: [],
+    clusters: [],
+  };
+
+  constructor() {
+    super();
+    document.title = `cloudly v${commitinfo.version}`;
+    const subcription = appstate.dataState
+      .select((stateArg) => stateArg)
+      .subscribe((dataArg) => {
+        this.data = dataArg;
+      });
+    this.rxSubscriptions.push(subcription);
+  }
+
+  public static styles = [
+    cssManager.defaultStyles,
+    css`
+      .maincontainer {
+        position: relative;
+        width: 100vw;
+        height: 100vh;
+      }
+
+      h1 {
+        font-weight: 400;
+        font-size: 24px;
+        font-family: 'Cal Sans';
+      }
+    `,
+  ];
+  public render() {
+    return html`
+      <div class="maincontainer">
+        <dees-simple-login name="cloudly v${commitinfo.version}">
+          <dees-simple-appdash name="cloudly v${commitinfo.version}"
+            .viewTabs=${[
+              {
+                name: 'Overview',
+                element: CloudlyViewOverview,
+              },
+              {
+                name: 'SecretGroups',
+                element: CloudlyViewSecretGroups,
+              },
+              {
+                name: 'SecretBundles',
+                element: CloudlyViewSecretBundles,
+              },
+              {
+                name: 'Clusters',
+                element: CloudlyViewClusters,
+              },
+              {
+                name: 'Images',
+                element: CloudlyViewImages,
+              },
+              {
+                name: 'Services',
+                element: CloudlyViewServices,
+              },
+              {
+                name: 'Deployments',
+                element: CloudlyViewDeployments,
+              },
+              {
+                name: 'DNS',
+                element: CloudlyViewDns,
+              },
+              {
+                name: 'Mails',
+                element: CloudlyViewMails,
+              },
+              {
+                name: 'Logs',
+                element: CloudlyViewLogs,
+              },
+              {
+                name: 's3',
+                element: CloudlyViewS3,
+              },
+              {
+                name: 'DBs',
+                element: CloudlyViewDbs,
+              },
+              {
+                name: 'Backups',
+                element: CloudlyViewBackups,
+              },
+              {
+                name: 'Fleet',
+                element: CloudlyViewBackups,
+              }
+            ] as plugins.deesCatalog.IView[]}
+          ></dees-simple-appdash>
+        </dees-simple-login>
+      </div>
+    `;
+  }
+  public async firstUpdated() {
+    const simpleLogin = this.shadowRoot.querySelector('dees-simple-login');
+    simpleLogin.addEventListener('login', (e: CustomEvent) => {
+      console.log(e.detail);
+      this.login(e.detail.data.username, e.detail.data.password);
+    });
+    this.addEventListener('contextmenu', (eventArg) => {
+      plugins.deesCatalog.DeesContextmenu.openContextMenuWithOptions(eventArg, [
+        {
+          name: 'About',
+          iconName: 'mugHot',
+          action: async () => {
+            await plugins.deesCatalog.DeesModal.createAndShow({
+              heading: 'About',
+              content: html`cloudly ${commitinfo.version}`,
+              menuOptions: [
+                {
+                  name: 'close',
+                  iconName: null,
+                  action: async (modalArg) => {
+                    await modalArg.destroy();
+                  },
+                },
+              ],
+            });
+          },
+        },
+      ]);
+    });
+
+    // lets deal with initial state
+    const domtools = await this.domtoolsPromise;
+    const loginState = appstate.loginStatePart.getState();
+    console.log(loginState);
+    if (loginState.jwt) {
+      this.jwt = loginState.jwt;
+      await simpleLogin.switchToSlottedContent();
+      await appstate.dataState.dispatchAction(appstate.getAllDataAction, null);
+    }
+  }
+
+  private async login(username: string, password: string) {
+    const domtools = await this.domtoolsPromise;
+    console.log(`attempting to login...`);
+    const simpleLogin = this.shadowRoot.querySelector('dees-simple-login');
+    const form = simpleLogin.shadowRoot.querySelector('dees-form');
+    form.setStatus('pending', 'Logging in...');
+    const state = await appstate.loginStatePart.dispatchAction(appstate.loginAction, {
+      username,
+      password,
+    });
+    if (state.jwt) {
+      console.log('got jwt');
+      this.jwt = state.jwt;
+      form.setStatus('success', 'Logged in!');
+      await simpleLogin.switchToSlottedContent();
+      await appstate.dataState.dispatchAction(appstate.getAllDataAction, null);
+    } else {
+      form.setStatus('error', 'Login failed!');
+      await domtools.convenience.smartdelay.delayFor(2000);
+      form.reset();
+    }
+  }
+
+  private async logout() {}
+}
+```
+
+With the examples provided above, you should now have a good understanding of how to use `@serve.zone/cloudly` to manage your cloud infrastructure programmatically. For deeper insights and additional features, refer to the documentation relevant to specific modules and methods used in your application.

 ## License and Legal Information

--- a/test/helpers/cloudlyfactory.ts
+++ b/test/helpers/cloudlyfactory.ts
@ -0,0 +1,27 @@
+import { Qenv } from '@push.rocks/qenv';
+const testQenv = new Qenv('./', './.nogit/');
+
+import * as cloudly from '../../ts/index.js';
+
+export const createCloudly = async () => {
+  const cloudlyConfig: cloudly.ICloudlyConfig = {
+    cfToken: await testQenv.getEnvVarOnDemand('CF_TOKEN'),
+    environment: 'integration',
+    letsEncryptEmail: await testQenv.getEnvVarOnDemand('LETSENCRYPT_EMAIL'),
+    publicUrl: await testQenv.getEnvVarOnDemand('SERVEZONE_URL'),
+    publicPort: await testQenv.getEnvVarOnDemand('SERVEZONE_PORT'),
+    mongoDescriptor: {
+      mongoDbName: await testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
+      mongoDbUser: await testQenv.getEnvVarOnDemand('MONGODB_USER'),
+      mongoDbPass: await testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
+      mongoDbUrl: await testQenv.getEnvVarOnDemand('MONGODB_URL'),
+    },
+  };
+  const cloudlyInstance = new cloudly.Cloudly();
+  return cloudlyInstance;
+}
+
+export const getEnvVarOnDemand = async (envVarName: string) => {
+  return testQenv.getEnvVarOnDemand(envVarName);
+} 
+
--- a/test/helpers/docker.ts
+++ b/test/helpers/docker.ts
@ -0,0 +1,9 @@
+import * as smartstream from '@push.rocks/smartstream';
+import * as smartpath from '@push.rocks/smartpath';
+
+export const getAlpineImageReadableStream = async () => {
+  const currentDir = smartpath.get.dirnameFromImportMetaUrl(import.meta.url);
+  const imagePath = smartpath.join(currentDir, '../../.nogit/testfiles/alpine.tar');
+  const readableStream = smartstream.nodewebhelpers.createWebReadableStreamFromFile(imagePath);
+  return readableStream;
+}
--- a/test/helpers/index.ts
+++ b/test/helpers/index.ts
@ -0,0 +1,2 @@
+export * from './cloudlyfactory.js';
+export * from './docker.js';
--- a/test/test.apiclient.ts
+++ b/test/test.apiclient.ts
@ -0,0 +1,80 @@
+import { tap, expect } from '@push.rocks/tapbundle';
+import * as helpers from './helpers/index.js';
+
+import * as cloudly from '../ts/index.js';
+import * as cloudlyApiClient from '../ts_apiclient/index.js';
+import { Image } from '../ts_apiclient/classes.image.js';
+
+let testCloudly: cloudly.Cloudly;
+let testClient: cloudlyApiClient.CloudlyApiClient;
+
+tap.preTask('should start cloudly', async () => {
+  testCloudly = await helpers.createCloudly();
+  await testCloudly.start();
+});
+
+tap.preTask('should create a new machine user for testing', async () => {
+  const machineUser = new testCloudly.authManager.CUser();
+  machineUser.id = await testCloudly.authManager.CUser.getNewId();
+  machineUser.data = {
+    type: 'machine',
+    username: 'test',
+    password: 'test',
+    tokens: [{
+      token: 'test',
+      expiresAt: Date.now() + 3600 * 1000 * 24 * 365,
+      assignedRoles: ['admin'],
+    }],
+    role: 'admin',
+  };
+  await machineUser.save();
+});
+
+tap.test('should create a new cloudlyApiClient', async () => {
+  testClient = new cloudlyApiClient.CloudlyApiClient({
+    registerAs: 'api',
+    cloudlyUrl: `http://localhost:${await helpers.getEnvVarOnDemand('SERVEZONE_PORT')}`,
+  });
+  await testClient.start();
+  expect(testClient).toBeTruthy();
+});
+
+tap.test('create a new machine user', async () => {
+  const machineUser = await testCloudly.authManager.CUser.createMachineUser('test', 'api');
+  machineUser.data.tokens.push({
+    token: 'test',
+    expiresAt: Date.now() + 3600 * 1000 * 24 * 365,
+    assignedRoles: ['api'],
+  })
+  await machineUser.save();
+})
+
+tap.test('should get an identity', async () => {
+  const identity = await testClient.getIdentityByToken('test');
+  expect(identity).toBeTruthy();
+  console.log(identity);
+});
+
+let image: Image;
+tap.test('should create and upload an image', async () => {
+  image = await testClient.images.createImage({
+    name: 'test',
+    description: 'test'
+  });
+  console.log('created image: ', image);
+  expect(image).toBeInstanceOf(Image);
+})
+
+tap.test('should upload an image version', async () => {
+  const imageStream = await helpers.getAlpineImageReadableStream();
+
+  await image.pushImageVersion('v1.0.0', imageStream);
+});
+
+tap.test('should stop the apiclient', async (toolsArg) => {
+  await toolsArg.delayFor(10000);
+  await testClient.stop();
+  await testCloudly.stop();
+})
+
+export default tap.start();
--- a/test/test.ts
+++ b/test/test.ts
@ -1,29 +1,11 @@
 import { expect, tap } from '@push.rocks/tapbundle';
-import { Qenv } from '@push.rocks/qenv';
-const testQenv = new Qenv('./', './.nogit/');
-process.env.TESTING_CLOUDLY = 'true';
-
-delete process.env.CLI_CALL;
+import * as helpers from './helpers/index.js';

 import * as cloudly from '../ts/index.js';

 let testCloudly: cloudly.Cloudly;
 tap.test('first test', async () => {
-  const cloudlyConfig: cloudly.ICloudlyConfig = {
-    cfToken: testQenv.getEnvVarOnDemand('CF_TOKEN'),
-    environment: 'integration',
-    letsEncryptEmail: testQenv.getEnvVarOnDemand('LETSENCRYPT_EMAIL'),
-    publicUrl: testQenv.getEnvVarOnDemand('SERVEZONE_URL'),
-    publicPort: testQenv.getEnvVarOnDemand('SERVEZONE_PORT'),
-    mongoDescriptor: {
-      mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
-      mongoDbUser: testQenv.getEnvVarOnDemand('MONGODB_USER'),
-      mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
-      mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL'),
-    },
-    digitalOceanToken: testQenv.getEnvVarOnDemand('DIGITALOCEAN_TOKEN'),
-  };
-  testCloudly = new cloudly.Cloudly(cloudlyConfig);
+  testCloudly = await helpers.createCloudly();
  expect(testCloudly).toBeInstanceOf(cloudly.Cloudly);
 });

--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@ -1,8 +1,8 @@
 /**
- * autocreated commitinfo by @pushrocks/commitinfo
+ * autocreated commitinfo by @push.rocks/commitinfo
 */
 export const commitinfo = {
  name: '@serve.zone/cloudly',
-  version: '1.0.214',
-  description: 'A cloud manager utilizing Docker Swarmkit, designed for operations on Cloudron, and supports various cloud platforms like DigitalOcean, Hetzner Cloud, and Cloudflare.'
+  version: '1.2.0',
+  description: 'A comprehensive multi-cloud manager leveraging Docker Swarmkit to orchestrate containerized applications across various cloud services and provide robust configuration and API integration.'
 }
--- a/ts/00demo/demo.data.clusters.ts
+++ b/ts/00demo/demo.data.clusters.ts
--- a/ts/00demo/demo.data.images.ts
+++ b/ts/00demo/demo.data.images.ts
@ -0,0 +1,13 @@
+import * as plugins from '../plugins.js';
+
+export const demoImages: plugins.servezoneInterfaces.data.IImage[] = [
+  {
+    id: 'DemoImage1',
+    data: {
+      name: 'DemoImage1',
+      description: 'DemoImage1',
+      versions: [],
+    }
+  }
+];
+
--- a/ts/00demo/demo.data.secrets.ts
+++ b/ts/00demo/demo.data.secrets.ts
@ -1,4 +1,4 @@
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';

 // Create an array to hold 10 ISecretGroup objects
 const demoSecretGroups: plugins.servezoneInterfaces.data.ISecretGroup[] = [];
@ -63,6 +63,8 @@ for (let i = 0; i < demoSecretGroups.length; i++) {
    id: `configBundleId${i + 1}`,
    data: {
      name: `Demo Config Bundle ${i + 1}`,
+      includedImages: [],
+      type: 'external',
      description: 'Demo Purpose',
      includedSecretGroupIds: [secretGroup.id],
      includedTags: secretGroup.data.tags,
--- a/ts/00demo/demo.data.users.ts
+++ b/ts/00demo/demo.data.users.ts
@ -0,0 +1,20 @@
+import * as plugins from '../plugins.js';
+import * as paths from '../paths.js';
+import type { Cloudly } from '../classes.cloudly.js';
+
+export const getUsers = async (cloudlyRef: Cloudly) => {
+  const users: plugins.servezoneInterfaces.data.IUser[] = [];
+  const envAdminUser = await cloudlyRef.config.appData.waitForAndGetKey('servezoneAdminaccount');
+  if (envAdminUser) {
+    users.push({
+      id: 'envadmin',
+      data: {
+        type: 'human',
+        username: envAdminUser.split(':')[0],
+        password: envAdminUser.split(':')[1],
+        role: 'admin',
+      },
+    });
+  }
+  return users;
+};
--- a/ts/00demo/index.ts
+++ b/ts/00demo/index.ts
@ -1,4 +1,4 @@
-import type { Cloudly } from '../cloudly.classes.cloudly.js';
+import type { Cloudly } from '../classes.cloudly.js';

 export const installDemoData = async (cloudlyRef: Cloudly) => {
  
@ -35,4 +35,31 @@ export const installDemoData = async (cloudlyRef: Cloudly) => {
    await cluster.delete();
  }

+  // ================================================================================
+  // USERS
+  const users = await cloudlyRef.authManager.CUser.getInstances({});
+  for (const user of users) {
+    await user.delete();
+  }
+
+  const demoDataUsers = await import('./demo.data.users.js');
+  for (const user of await demoDataUsers.getUsers(cloudlyRef)) {
+    const userInstance = new cloudlyRef.authManager.CUser();
+    Object.assign(userInstance, user);
+    await userInstance.save();
+  }
+
+  // ================================================================================
+  // IMAGES
+  const images = await cloudlyRef.imageManager.CImage.getInstances({});
+  for (const image of images) {
+    await image.delete();
+  }
+
+  const demoDataImages = await import('./demo.data.images.js');
+  for (const image of demoDataImages.demoImages) {
+    const imageInstance = new cloudlyRef.imageManager.CImage();
+    Object.assign(imageInstance, image);
+    await imageInstance.save();
+  }
 }
--- a/ts/cloudly.classes.cloudly.ts
+++ b/ts/cloudly.classes.cloudly.ts
@ -1,12 +1,12 @@
-import * as plugins from './cloudly.plugins.js';
-import { CloudlyConfig } from './cloudly.classes.config.js';
+import * as plugins from './plugins.js';
+import { CloudlyConfig } from './classes.config.js';

 // interfaces
 import {} from '@tsclass/tsclass';

 // Cloudly mods
-import { CloudlyInfo } from './cloudly.classes.cloudlyinfo.js';
-import { CloudlyServer } from './cloudly.classes.server.js';
+import { CloudlyInfo } from './classes.cloudlyinfo.js';
+import { CloudlyServer } from './classes.server.js';

 // connectors
 import { CloudflareConnector } from './connector.cloudflare/connector.js';
@ -15,14 +15,14 @@ import { MongodbConnector } from './connector.mongodb/connector.js';

 // processes
 import { CloudlyCoreflowManager } from './manager.coreflow/coreflowmanager.js';
-import { ClusterManager } from './manager.cluster/clustermanager.js';
+import { ClusterManager } from './manager.cluster/classes.clustermanager.js';
 import { CloudlyTaskmanager } from './manager.task/taskmanager.js';
-import { CloudlyVersionManager } from './manager.version/versionmanager.js';
 import { CloudlySecretManager } from './manager.secret/classes.secretmanager.js'
-import { CloudlyServerManager } from './manager.server/servermanager.js';
+import { CloudlyServerManager } from './manager.server/classes.servermanager.js';
 import { ExternalApiManager } from './manager.status/statusmanager.js';
 import { ImageManager } from './manager.image/classes.imagemanager.js';
-import { logger } from './cloudly.logging.js';
+import { logger } from './logger.js';
+import { CloudlyAuthManager } from './manager.auth/classes.authmanager.js';

 /**
 * Cloudly class can be used to instantiate a cloudly server.
@ -49,13 +49,13 @@ export class Cloudly {
  public mongodbConnector: MongodbConnector;

  // managers
+  public authManager: CloudlyAuthManager;
  public secretManager: CloudlySecretManager;
  public clusterManager: ClusterManager;
  public coreflowManager: CloudlyCoreflowManager;
  public externalApiManager: ExternalApiManager;
  public imageManager: ImageManager;
  public taskManager: CloudlyTaskmanager;
-  public versionManager: CloudlyVersionManager;
  public serverManager: CloudlyServerManager;

  private readyDeferred = new plugins.smartpromise.Deferred();
@ -73,13 +73,13 @@ export class Cloudly {
    this.cloudflareConnector = new CloudflareConnector(this);
    this.letsencryptConnector = new LetsencryptConnector(this);

-    // processes
+    // managers
+    this.authManager = new CloudlyAuthManager(this);
    this.clusterManager = new ClusterManager(this);
    this.coreflowManager = new CloudlyCoreflowManager(this);
    this.externalApiManager = new ExternalApiManager(this);
    this.imageManager = new ImageManager(this);
    this.taskManager = new CloudlyTaskmanager(this);
-    this.versionManager = new CloudlyVersionManager(this);
    this.secretManager = new CloudlySecretManager(this);
    this.serverManager = new CloudlyServerManager(this);
  }
@ -93,6 +93,7 @@ export class Cloudly {
    await this.config.init();

    // manageers
+    await this.authManager.start();
    await this.secretManager.start();
    await this.serverManager.start();

--- a/ts/cloudly.classes.cloudlyinfo.ts
+++ b/ts/cloudly.classes.cloudlyinfo.ts
@ -1,5 +1,5 @@
-import * as plugins from './cloudly.plugins.js';
-import * as paths from './cloudly.paths.js';
+import * as plugins from './plugins.js';
+import * as paths from './paths.js';
 import { Cloudly } from './index.js';

 export class CloudlyInfo {
--- a/ts/cloudly.classes.config.ts
+++ b/ts/cloudly.classes.config.ts
@ -1,7 +1,7 @@
-import * as plugins from './cloudly.plugins.js';
-import * as paths from './cloudly.paths.js';
-import { logger } from './cloudly.logging.js';
-import type { Cloudly } from './cloudly.classes.cloudly.js';
+import * as plugins from './plugins.js';
+import * as paths from './paths.js';
+import { logger } from './logger.js';
+import type { Cloudly } from './classes.cloudly.js';

 /**
 * the main cloudly config
@ -11,9 +11,6 @@ export class CloudlyConfig {
  public appData: plugins.npmextra.AppData<plugins.servezoneInterfaces.data.ICloudlyConfig>;
  public data: plugins.servezoneInterfaces.data.ICloudlyConfig

-  // authentication and settings
-  public smartjwtInstance: plugins.smartjwt.SmartJwt;
-

  constructor(cloudlyRefArg: Cloudly) {
    this.cloudlyRef = cloudlyRefArg;
@ -43,6 +40,7 @@ export class CloudlyConfig {
          useSsl: true,
        },
        sslMode: 'SERVEZONE_SSLMODE' as plugins.servezoneInterfaces.data.ICloudlyConfig['sslMode'],
+        servezoneAdminaccount: 'SERVEZONE_ADMINACCOUNT',
      },
      requiredKeys: [
        'cfToken',
@ -56,19 +54,8 @@ export class CloudlyConfig {
      ],
    });

-    this.smartjwtInstance = new plugins.smartjwt.SmartJwt();
    const kvStore = await this.appData.getKvStore();

-    const existingJwtKeys: plugins.tsclass.network.IJwtKeypair = await kvStore.readKey('jwtKeys');
-
-    if (!existingJwtKeys) {
-      await this.smartjwtInstance.createNewKeyPair();
-      const newJwtKeys = this.smartjwtInstance.getKeyPairAsJson();
-      await kvStore.writeKey('jwtKeys', newJwtKeys);
-    } else {
-      this.smartjwtInstance.setKeyPairAsJson(existingJwtKeys);
-    }
-
    this.data = await kvStore.readAll();
    const missingKeys = await this.appData.logMissingKeys();
    if (missingKeys.length > 0) {
--- a/ts/cloudly.classes.server.ts
+++ b/ts/cloudly.classes.server.ts
@ -1,7 +1,7 @@
-import * as plugins from './cloudly.plugins.js';
-import * as paths from './cloudly.paths.js';
-import { Cloudly } from './cloudly.classes.cloudly.js';
-import { logger } from './cloudly.logging.js';
+import * as plugins from './plugins.js';
+import * as paths from './paths.js';
+import { Cloudly } from './classes.cloudly.js';
+import { logger } from './logger.js';

 /**
 * handles incoming requests from CI to deploy new versions of apps
@ -10,7 +10,8 @@ export class CloudlyServer {
  /**
   * a reference to the cloudly instance
   */
-  private cloudlyRef: Cloudly;
+  public cloudlyRef: Cloudly;
+  public additionalHandlers: plugins.typedserver.servertools.Handler[] = [];

  /**
   * the smartexpress server handling the actual requests
@ -37,18 +38,24 @@ export class CloudlyServer {
   * init the reception instance
   */
  public async start() {
-    logger.log('info', `cloudly domain is ${this.cloudlyRef.config.data.publicUrl}`)
+    logger.log('info', `cloudly domain is ${this.cloudlyRef.config.data.publicUrl}`);
    let sslCert: plugins.smartacme.Cert;

    if (this.cloudlyRef.config.data.sslMode === 'letsencrypt') {
-      logger.log('info', `Using letsencrypt for ssl mode. Trying to obtain a certificate...`)
-      logger.log('info', `This might take 10 minutes...`)
+      logger.log('info', `Using letsencrypt for ssl mode. Trying to obtain a certificate...`);
+      logger.log('info', `This might take 10 minutes...`);
      sslCert = await this.cloudlyRef.letsencryptConnector.getCertificateForDomain(
        this.cloudlyRef.config.data.publicUrl
      );
-      logger.log('success', `Successfully obtained certificate for cloudly domain ${this.cloudlyRef.config.data.publicUrl}`)
+      logger.log(
+        'success',
+        `Successfully obtained certificate for cloudly domain ${this.cloudlyRef.config.data.publicUrl}`
+      );
    } else if (this.cloudlyRef.config.data.sslMode === 'external') {
-      logger.log('info', `Using external certificate for ssl mode, meaning cloudly is not in charge of ssl termination.`)
+      logger.log(
+        'info',
+        `Using external certificate for ssl mode, meaning cloudly is not in charge of ssl termination.`
+      );
    }

    interface IRequestGuardData {
@ -72,11 +79,13 @@ export class CloudlyServer {
    this.typedServer = new plugins.typedserver.TypedServer({
      cors: true,
      forceSsl: false,
-      port: this.cloudlyRef.config.data.publicPort,
-      ...(sslCert ? {
+      port: this.cloudlyRef.config.data.publicPort,
+      ...(sslCert
+        ? {
            privateKey: sslCert.privateKey,
            publicKey: sslCert.publicKey,
-      } : {}),
+          }
+        : {}),
      injectReload: true,
      serveDir: paths.distServeDir,
      watch: true,
@ -84,6 +93,10 @@ export class CloudlyServer {
      preferredCompressionMethod: 'gzip',
    });
    this.typedServer.typedrouter.addTypedRouter(this.typedrouter);
+    this.typedServer.server.addRoute(
+      '/curlfresh/:scriptname',
+      this.cloudlyRef.serverManager.curlfreshInstance.handler
+    );
    await this.typedServer.start();
  }

--- a/ts/connector.cloudflare/connector.ts
+++ b/ts/connector.cloudflare/connector.ts
@ -1,5 +1,5 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';

 /**
 * the portion of Cloudflare responsible
--- a/ts/connector.letsencrypt/connector.ts
+++ b/ts/connector.letsencrypt/connector.ts
@ -1,5 +1,5 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';

 export class LetsencryptConnector {
  private cloudlyRef: Cloudly;
@ -34,7 +34,10 @@ export class LetsencryptConnector {
      },
      mongoDescriptor: this.cloudlyRef.config.data.mongoDescriptor,
    });
-    await this.smartacme.init();
+    await this.smartacme.start().catch(err => {
+      console.error('error in init', err);
+      console.log(`trying again in a few minutes`)
+    });
  }

  /**
--- a/ts/connector.mongodb/connector.ts
+++ b/ts/connector.mongodb/connector.ts
@ -1,5 +1,5 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';

 export class MongodbConnector {
  // INSTANCE
--- a/ts/index.ts
+++ b/ts/index.ts
@ -1,9 +1,9 @@
 import * as early from '@push.rocks/early';
 early.start('cloudly');
-import * as plugins from './cloudly.plugins.js';
-import * as paths from './cloudly.paths.js';
-import { Cloudly } from './cloudly.classes.cloudly.js';
-import { logger } from './cloudly.logging.js';
+import * as plugins from './plugins.js';
+import * as paths from './paths.js';
+import { Cloudly } from './classes.cloudly.js';
+import { logger } from './logger.js';
 const cloudlyQenv = new plugins.qenv.Qenv(paths.packageDir, paths.nogitDir, true);
 early.stop();

@ -21,8 +21,10 @@ const runCli = async () => {
  );

  await cloudlyInstance.start();
-  const demoMod = await import('./demo/index.js');
+  const demoMod = await import('./00demo/index.js');
  demoMod.installDemoData(cloudlyInstance);
 };

 export { runCli, Cloudly };
+type ICloudlyConfig = plugins.servezoneInterfaces.data.ICloudlyConfig;
+export { type ICloudlyConfig }
--- a/ts/cloudly.logging.ts
+++ b/ts/cloudly.logging.ts
@ -1,5 +1,5 @@
-import * as plugins from './cloudly.plugins.js';
-import * as paths from './cloudly.paths.js';
+import * as plugins from './plugins.js';
+import * as paths from './paths.js';

 export const logger = new plugins.smartlog.Smartlog({
  logContext: {
--- a/ts/manager.auth/classes.authmanager.ts
+++ b/ts/manager.auth/classes.authmanager.ts
@ -0,0 +1,115 @@
+import * as plugins from '../plugins.js';
+
+import type { Cloudly } from '../classes.cloudly.js';
+import { logger } from '../logger.js';
+import { Authorization } from './classes.authorization.js';
+import { User } from './classes.user.js';
+
+
+export interface IJwtData {
+  userId: string;
+  status: 'loggedIn' | 'loggedOut';
+  expiresAt: number;
+}
+
+export class CloudlyAuthManager {
+  cloudlyRef: Cloudly
+  public get db() {
+    return this.cloudlyRef.mongodbConnector.smartdataDb;
+  }
+  public CUser = plugins.smartdata.setDefaultManagerForDoc(this, User);
+  public CAuthorization = plugins.smartdata.setDefaultManagerForDoc(this, Authorization);
+
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public smartjwtInstance: plugins.smartjwt.SmartJwt<IJwtData>;
+
+  constructor(cloudlyRef: Cloudly) {
+    this.cloudlyRef = cloudlyRef;
+    this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
+  }
+
+  public async createNewSecureToken() {
+    return plugins.smartunique.uniSimple('secureToken', 64);
+  }
+
+  public async start() {
+    // lets setup the smartjwtInstance
+    this.smartjwtInstance = new plugins.smartjwt.SmartJwt();
+    await this.smartjwtInstance.init();
+    const kvStore = await this.cloudlyRef.config.appData.getKvStore();
+
+    const existingJwtKeys: plugins.tsclass.network.IJwtKeypair = (await kvStore.readKey('jwtKeypair')) as plugins.tsclass.network.IJwtKeypair;
+
+    if (!existingJwtKeys) {
+      await this.smartjwtInstance.createNewKeyPair();
+      const newJwtKeys = this.smartjwtInstance.getKeyPairAsJson();
+      await kvStore.writeKey('jwtKeypair', newJwtKeys);
+    } else {
+      this.smartjwtInstance.setKeyPairAsJson(existingJwtKeys);
+    }
+
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_LoginWithUsernameAndPassword>(
+        'adminLoginWithUsernameAndPassword',
+        async (dataArg) => {
+          let jwt: string;
+          let expiresAtTimestamp: number = Date.now() + 3600 * 1000 * 24 * 7;
+          const user = await User.findUserByUsernameAndPassword(dataArg.username, dataArg.password);
+          if (!user) {
+            logger.log('warn', 'login failed');
+            throw new plugins.typedrequest.TypedResponseError('login failed');
+          } else {
+            jwt = await this.smartjwtInstance.createJWT({
+              userId: user.id,
+              status: 'loggedIn',
+              expiresAt: expiresAtTimestamp,
+            });
+            logger.log('success', 'login successful');
+          }
+          return {
+            identity: {
+              jwt,
+              userId: user.id,
+              name: user.data.username,
+              expiresAt: expiresAtTimestamp,
+              role: user.data.role,
+              type: user.data.type,
+            },
+          };
+        }
+      )
+    );
+  }
+
+  public async stop () {}
+
+  public validIdentityGuard = new plugins.smartguard.Guard<{identity: plugins.servezoneInterfaces.data.IIdentity}>(async (dataArg) => {
+    const jwt = dataArg.identity.jwt;
+    const jwtData: IJwtData = await this.smartjwtInstance.verifyJWTAndGetData(jwt);
+    const expired = jwtData.expiresAt < Date.now();
+    plugins.smartexpect.expect(jwtData.status).setFailMessage('user not logged in').toEqual('loggedIn');
+    plugins.smartexpect.expect(expired).setFailMessage(`jwt expired`).toBeFalse();
+    plugins.smartexpect.expect(dataArg.identity.expiresAt).setFailMessage(`expiresAt >>identity valid until:${dataArg.identity.expiresAt}, but jwt says: ${jwtData.expiresAt}<< has been tampered with`).toEqual(jwtData.expiresAt);
+    plugins.smartexpect.expect(dataArg.identity.userId).setFailMessage('userId has been tampered with').toEqual(jwtData.userId);
+    if (expired) {
+      throw new Error('identity is expired');
+    }
+    return true;
+  }, {
+    failedHint: 'identity is not valid.',
+    name: 'validIdentityGuard',
+  });
+
+  public adminIdentityGuard = new plugins.smartguard.Guard<{identity: plugins.servezoneInterfaces.data.IIdentity}>(async (dataArg) => {
+    await plugins.smartguard.passGuardsOrReject(dataArg, [this.validIdentityGuard]);
+    const jwt = dataArg.identity.jwt;
+    const jwtData: IJwtData = await this.smartjwtInstance.verifyJWTAndGetData(jwt);
+    const user = await this.CUser.getInstance({id: jwtData.userId});
+    const isAdminBool = user.data.role === 'admin';
+    console.log(`user is admin: ${isAdminBool}`);
+    return isAdminBool;
+  }, {
+    failedHint: 'user is not admin.',
+    name: 'adminIdentityGuard',
+  })
+}
--- a/ts/manager.auth/classes.authorization.ts
+++ b/ts/manager.auth/classes.authorization.ts
@ -0,0 +1,6 @@
+import * as plugins from '../plugins.js';
+
+@plugins.smartdata.managed()
+export class Authorization extends plugins.smartdata.SmartDataDbDoc<Authorization, Authorization> {
+
+}
--- a/ts/manager.auth/classes.user.ts
+++ b/ts/manager.auth/classes.user.ts
@ -0,0 +1,50 @@
+import * as plugins from '../plugins.js';
+
+@plugins.smartdata.managed()
+export class User extends plugins.smartdata.SmartDataDbDoc<
+  User,
+  plugins.servezoneInterfaces.data.IUser
+> {
+  /**
+   * creates a machine user
+   */
+  public static async createMachineUser(userNameArg: string, roleArg: 'api' | 'cluster') {
+    const user = new User();
+    user.id = await User.getNewId();
+    user.data = {
+      type: 'machine',
+      username: userNameArg,
+      tokens: [{
+        token: 'machineUser',
+        expiresAt: Date.now() + 3600 * 1000 * 24 * 365,
+        assignedRoles: ['admin'],
+      }],
+      role: 'api',
+    };
+    await user.save();
+    return user;
+  }
+
+  public static async findUserByUsernameAndPassword(usernameArg: string, passwordArg: string) {
+    return await User.getInstance({
+      data: {
+        username: usernameArg,
+        password: passwordArg,
+      },
+    });
+  }
+
+  constructor(optionsArg?: plugins.servezoneInterfaces.data.IUser) {
+    super();
+    if (optionsArg) {
+      Object.assign(this, optionsArg);
+    }
+  }
+
+  // INSTANCE
+  @plugins.smartdata.unI()
+  public id: string;
+
+  @plugins.smartdata.svDb()
+  public data: plugins.servezoneInterfaces.data.IUser['data'];
+}
--- a/ts/manager.cert/cert.ts
+++ b/ts/manager.cert/cert.ts
@ -0,0 +1,5 @@
+import * as plugins from '../plugins.js';
+
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert, Cert> {
+
+}
--- a/ts/manager.cert/certmanager.ts
+++ b/ts/manager.cert/certmanager.ts
@ -0,0 +1,14 @@
+import type { Cloudly } from '../classes.cloudly.js';
+import * as plugins from '../plugins.js';
+
+export class CertManager {
+  public cloudlyRef: Cloudly;
+
+  public get db() {
+    return this.cloudlyRef.mongodbConnector.smartdataDb;
+  }
+
+  constructor(cloudly: Cloudly) {
+    this.cloudlyRef = cloudly;
+  }
+}
--- a/ts/manager.cluster/classes.cluster.ts
+++ b/ts/manager.cluster/classes.cluster.ts
@ -1,9 +1,9 @@
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';

 /*
 * cluster defines a swarmkit cluster
 */
-@plugins.smartdata.Manager()
+@plugins.smartdata.managed()
 export class Cluster extends plugins.smartdata.SmartDataDbDoc<Cluster, plugins.servezoneInterfaces.data.ICluster> {
  // STATIC
  public static async fromConfigObject(
--- a/ts/manager.cluster/classes.clustermanager.ts
+++ b/ts/manager.cluster/classes.clustermanager.ts
@ -1,9 +1,10 @@
-import * as plugins from '../cloudly.plugins.js';
-import * as paths from '../cloudly.paths.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
-import { logger } from '../cloudly.logging.js';
+import * as plugins from '../plugins.js';
+import * as paths from '../paths.js';
+import { Cloudly } from '../classes.cloudly.js';
+import { logger } from '../logger.js';

-import { Cluster } from './cluster.js';
+import { Cluster } from './classes.cluster.js';
+import { data } from '@serve.zone/interfaces';

 export class ClusterManager {
  public ready = plugins.smartpromise.defer();
@ -22,13 +23,12 @@ export class ClusterManager {

    this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IRequest_CreateCluster>(
      new plugins.typedrequest.TypedHandler('createCluster', async (dataArg) => {
-        const cluster = await this.storeCluster({
+        // TODO: guards
+        const cluster = await this.createCluster({
          id: plugins.smartunique.uniSimple('cluster'),
          data: {
+            userId: null, // this is created by the createCluster method
            name: dataArg.clusterName,
-            jumpCode: plugins.smartunique.uniSimple('cluster'),
-            jumpCodeUsedAt: null,
-            secretKey: plugins.smartunique.shortId(16),
            acmeInfo: null,
            cloudlyUrl: `https://${this.cloudlyRef.config.data.publicUrl}:${this.cloudlyRef.config.data.publicPort}/`,
            servers: [],
@ -54,6 +54,17 @@ export class ClusterManager {
        };
      })
    );
+
+    // delete cluster
+    this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IRequest_DeleteCluster>(
+      new plugins.typedrequest.TypedHandler('deleteCluster', async (reqDataArg, toolsArg) => {
+        await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqDataArg);
+        await this.deleteCluster(reqDataArg.clusterId);
+        return {
+          success: true,
+        };
+      })
+    );
  }

  public async init() {
@ -70,25 +81,22 @@ export class ClusterManager {
    // TODO: implement getclusterConfigByServerIp
  }

-  public async getClusterConfigBy_JumpCode(jumpCodeArg: string) {
+  public async getClusterBy_UserId(userIdArg: string) {
    await this.ready.promise;

    return await Cluster.getInstance({
      data: {
-        jumpCode: jumpCodeArg,
+        userId: userIdArg,
      },
    });
  }

-  public async getClusterConfigBy_ClusterIdentifier(
-    clusterIdentifier: plugins.servezoneInterfaces.data.IClusterIdentifier
-  ) {
+  public async getClusterBy_Identity(clusterIdentity: plugins.servezoneInterfaces.data.IIdentity) {
    await this.ready.promise;

    return await Cluster.getInstance({
      data: {
-        name: clusterIdentifier.clusterName,
-        secretKey: clusterIdentifier.secretKey,
+        userId: clusterIdentity.userId,
      },
    });
  }
@ -114,18 +122,39 @@ export class ClusterManager {
  }

  /**
-   * allows storage of a config
+   * creates a cluster (and a new user for it) and saves it
   * @param configName
   * @param configObjectArg
   */
-  public async storeCluster(configObjectArg: plugins.servezoneInterfaces.data.ICluster) {
-    let clusterInstance = await Cluster.getInstance({ id: configObjectArg.id });
-    if (!clusterInstance) {
-      clusterInstance = await Cluster.fromConfigObject(configObjectArg);
-    } else {
-      Object.assign(clusterInstance, configObjectArg);
-    }
+  public async createCluster(configObjectArg: plugins.servezoneInterfaces.data.ICluster) {
+    // TODO: guards
+    // lets create the cluster user
+    const clusterUser = new this.cloudlyRef.authManager.CUser({
+      id: await this.cloudlyRef.authManager.CUser.getNewId(),
+      data: {
+        role: 'cluster',
+        type: 'machine',
+        tokens: [
+          {
+            expiresAt: Date.now() + 3600 * 1000 * 24 * 365,
+            assignedRoles: ['cluster'],
+            token: await this.cloudlyRef.authManager.createNewSecureToken(),
+          },
+        ],
+      },
+    });
+    await clusterUser.save();
+    Object.assign(configObjectArg, {
+      userId: clusterUser.id,
+    });
+    const clusterInstance = await Cluster.fromConfigObject(configObjectArg);
    await clusterInstance.save();
    return clusterInstance;
  }
+
+  public async deleteCluster(clusterId: string) {
+    await this.ready.promise;
+    const clusterInstance = await Cluster.getInstance({ id: clusterId });
+    await clusterInstance.delete();
+  }
 }
--- a/ts/manager.coreflow/coreflowmanager.ts
+++ b/ts/manager.coreflow/coreflowmanager.ts
@ -1,5 +1,6 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';
+import type { Cluster } from '../manager.cluster/classes.cluster.js';

 /**
 * in charge of talking to coreflow services on clusters
@ -13,21 +14,43 @@ export class CloudlyCoreflowManager {
    this.cloudlyRef = cloudlyRefArg;
    this.cloudlyRef.typedrouter.addTypedRouter(this.typedRouter);

-    this.typedRouter.addTypedHandler<plugins.servezoneInterfaces.requests.identity.IRequest_Any_Cloudly_CoreflowManager_GetIdentityByJumpCode>(
-      new plugins.typedrequest.TypedHandler('getIdentityByJumpCode', async (requestData) => {
-        const clusterConfig =
-          await this.cloudlyRef.clusterManager.getClusterConfigBy_JumpCode(
-            requestData.jumpCode
-          );
+    this.typedRouter.addTypedHandler<plugins.servezoneInterfaces.requests.identity.IRequest_Any_Cloudly_CoreflowManager_GetIdentityByToken>(
+      new plugins.typedrequest.TypedHandler('getIdentityByToken', async (requestData) => {
+        const user = await this.cloudlyRef.authManager.CUser.getInstance({
+          data: {
+            tokens: [{
+              token: requestData.token,
+            }] // find the proper user here.
+          } as any
+        });

-        if (!clusterConfig) {
-          throw new plugins.typedrequest.TypedResponseError('The supplied jumpCode is not valid.');
+        if (!user) {
+          throw new plugins.typedrequest.TypedResponseError('The supplied token is not valid. No matching user found.');
        }
-
+        if (user.data.type !== 'machine') {
+          throw new plugins.typedrequest.TypedResponseError('The supplied token is not valid. The user is not a machine.');
+        }
+        let cluster: Cluster;
+        if (user.data.role === 'cluster') {
+          cluster = await this.cloudlyRef.clusterManager.getClusterBy_UserId(user.id);
+        }
+        const expiryTimestamp = Date.now() + 3600 * 1000 * 24 * 365;
        return {
-          clusterIdentifier: {
-            clusterName: clusterConfig.data.name,
-            secretKey: clusterConfig.data.secretKey,
+          identity: {
+            name: user.data.username,
+            role: user.data.role,
+            type: 'machine', // if someone authenticates by token, they are a machine, no matter what.
+            userId: user.id,
+            expiresAt: expiryTimestamp,
+            ...(cluster ? {
+              clusterId: cluster.id,
+              clusterName: cluster.data.name,
+            } : {}),
+            jwt: await this.cloudlyRef.authManager.smartjwtInstance.createJWT({
+              status: 'loggedIn',
+              userId: user.id,
+              expiresAt: expiryTimestamp,
+            })
          },
        };
      })
@ -38,16 +61,17 @@ export class CloudlyCoreflowManager {
      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetClusterConfig>(
        'getClusterConfig',
        async (dataArg) => {
-          const clusterIdentifier = dataArg.clusterIdentifier;
+          const identity = dataArg.identity;
          console.log('trying to get clusterConfigSet');
          console.log(dataArg);
-          const clusterConfigSet =
-            await this.cloudlyRef.clusterManager.getClusterConfigBy_ClusterIdentifier(
-              clusterIdentifier
+          const cluster =
+            await this.cloudlyRef.clusterManager.getClusterBy_Identity(
+              identity
            );
          console.log('got cluster config and sending it back to coreflow');
          return {
-            configData: await clusterConfigSet.createSavableObject()
+            configData: await cluster.createSavableObject(),
+            deploymentDirectives: [],
          };
        }
      )
@ -55,14 +79,14 @@ export class CloudlyCoreflowManager {

    // lets enable getting of certificates
    this.typedRouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetSslCertificate>(
-        'getSslCertificate',
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetCertificateForDomain>(
+        'getCertificateForDomain',
        async (dataArg) => {
-          console.log(`got request for certificate ${dataArg.requiredCertName}`);
+          console.log(`incoming API request for certificate ${dataArg.domainName}`);
          const cert = await this.cloudlyRef.letsencryptConnector.getCertificateForDomain(
-            dataArg.requiredCertName
+            dataArg.domainName
          );
-          console.log(`got certificate ready for reponse ${dataArg.requiredCertName}`);
+          console.log(`got certificate ready for reponse ${dataArg.domainName}`);
          return {
            certificate: await cert.createSavableObject(),
          };
--- a/ts/manager.image/classes.image.ts
+++ b/ts/manager.image/classes.image.ts
@ -1,12 +1,20 @@
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';
 import type { ImageManager } from './classes.imagemanager.js';

-@plugins.smartdata.Manager()
+@plugins.smartdata.managed()
 export class Image extends plugins.smartdata.SmartDataDbDoc<Image, plugins.servezoneInterfaces.data.IImage, ImageManager> {
  public static async create(imageDataArg: Partial<plugins.servezoneInterfaces.data.IImage['data']>) {
    const image = new Image();
-    image.id = plugins.smartunique.uni('image');
-    Object.assign(image.data, imageDataArg);
+    image.id = await this.getNewId();
+    console.log(imageDataArg);
+    Object.assign(image, {
+      data: {
+        name: imageDataArg.name,
+        description: imageDataArg.description,
+        versions: [],
+      },
+    });
+    console.log((Image as any).saveableProperties)
    await image.save();
    return image;
  }
@ -18,4 +26,20 @@ export class Image extends plugins.smartdata.SmartDataDbDoc<Image, plugins.serve
  public data: plugins.servezoneInterfaces.data.IImage['data'];

  public async getVersions() {}
+
+  /**
+   * returns a storage path
+   * note: this is relative to the storage method defined by the imageManager
+   */
+  public async getStoragePath(versionStringArg: string) {
+    return `${this.data.name}:${versionStringArg}`.replace('/', '__')
+  }
+
+  public async getWriteStream() {
+    
+  }
+
+  public async getReadStream() {
+    
+  }
 }
--- a/ts/manager.image/classes.imagemanager.ts
+++ b/ts/manager.image/classes.imagemanager.ts
@ -1,27 +1,75 @@
-import type { Cloudly } from '../cloudly.classes.cloudly.js';
-import * as plugins from '../cloudly.plugins.js';
+import type { Cloudly } from '../classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import * as paths from '../paths.js';

 import { Image } from './classes.image.js';

 export class ImageManager {
  cloudlyRef: Cloudly;
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public smartbucketInstance: plugins.smartbucket.SmartBucket;
+  public imageDir: plugins.smartbucket.Directory;
+  public dockerImageStore: plugins.docker.DockerImageStore;
+
  get db() {
    return this.cloudlyRef.mongodbConnector.smartdataDb;
  }
-  public typedrouter = new plugins.typedrequest.TypedRouter();

  public CImage = plugins.smartdata.setDefaultManagerForDoc(this, Image);

-  smartbucketInstance: plugins.smartbucket.SmartBucket;
-
  constructor(cloudlyRefArg: Cloudly) {
    this.cloudlyRef = cloudlyRefArg;

    this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
+
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_CreateImage>(
+        'createImage',
+        async (reqArg, toolsArg) => {
+          await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
+          const image = await this.CImage.create({
+            name: reqArg.name,
+            description: reqArg.description,
+            versions: [],
+          });
+          return {
+            image: await image.createSavableObject(),
+          };
+        }
+      )
+    );
+
+    this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_GetImage>(
+      new plugins.typedrequest.TypedHandler('getImage', async (reqArg, toolsArg) => {
+        await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
+        const image = await this.CImage.getInstance({
+          id: reqArg.imageId,
+        });
+        return {
+          image: await image.createSavableObject(),
+        };
+      })
+    );
+
+    this.typedrouter.addTypedHandler(
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_DeleteImage>(
+        'deleteImage',
+        async (reqArg, toolsArg) => {
+          await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
+          const image = await this.CImage.getInstance({
+            id: reqArg.imageId,
+          });
+          await image.delete();
+          return {};
+        }
+      )
+    );
+
    this.typedrouter.addTypedHandler(
      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_GetAllImages>(
        'getAllImages',
-        async (requestArg) => {
+        async (requestArg, toolsArg) => {
+          await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], requestArg);
          const images = await this.CImage.getInstances({});
          return {
            images: await Promise.all(
@ -35,35 +83,70 @@ export class ImageManager {
    );

    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_CreateImage>(
-        'createImage',
-        async (reqArg) => {
-          const image = await this.CImage.create({
-            name: reqArg.name,
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_PushImageVersion>(
+        'pushImageVersion',
+        async (reqArg, toolsArg) => {
+          await plugins.smartguard.passGuardsOrReject(reqArg, [
+            this.cloudlyRef.authManager.validIdentityGuard,
+          ]);
+          const refImage = await this.CImage.getInstance({
+            id: reqArg.imageId,
          });
+          if (!refImage) {
+            throw new plugins.typedrequest.TypedResponseError('Image not found');
+          }
+          const imageVersion = reqArg.versionString;
+          console.log(
+            `got request to push image version ${imageVersion} for image ${refImage.data.name}`
+          );
+          const imagePushStream = reqArg.imageStream;
+          (async () => {
+            const smartWebDuplex = new plugins.smartstream.webstream.WebDuplexStream<
+              Uint8Array,
+              Uint8Array
+            >({
+              writeFunction: async (chunkArg, toolsArg) => {
+                console.log(chunkArg);
+                return chunkArg;
+              },
+            });
+            imagePushStream.writeToWebstream(smartWebDuplex.writable);
+            await this.dockerImageStore.storeImage(refImage.id, plugins.smartstream.SmartDuplex.fromWebReadableStream(smartWebDuplex.readable));
+          })();
          return {
-            image: await image.createSavableObject(),
+            allowed: true,
          };
        }
      )
    );

    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_DownloadImage>(
-        'pullImage',
+      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_PullImageVersion>(
+        'pullImageVersion',
        async (reqArg) => {
          const image = await this.CImage.getInstance({
-            data: {
-              name: reqArg.name,
-            }
+            id: reqArg.imageId,
          });
-          const imageVersion = 
+          const imageVersion = image.data.versions.find(
+            (version) => version.versionString === reqArg.versionString
+          );
+          const readable = this.imageDir.fastGetStream(
+            {
+              path: await image.getStoragePath(reqArg.versionString),
+            },
+            'webstream'
+          );
+          const imageVirtualStream = new plugins.typedrequest.VirtualStream();
+          return {
+            imageStream: imageVirtualStream,
+          };
        }
      )
    );
  }

  public async start() {
+    // lets setup s3
    const s3Descriptor: plugins.tsclass.storage.IS3Descriptor =
      await this.cloudlyRef.config.appData.waitForAndGetKey('s3Descriptor');
    console.log(this.cloudlyRef.config.data.s3Descriptor);
@ -71,12 +154,17 @@ export class ImageManager {
      this.cloudlyRef.config.data.s3Descriptor
    );
    const bucket = await this.smartbucketInstance.getBucketByName('cloudly-test');
-    await bucket.fastStore('test/test.txt', 'hello');
-  }
+    await bucket.fastPut({ path: 'images/00init', contents: 'init' });

-  public async createImage(nameArg: string) {
-    const newImage = await this.CImage.create({
-      name: nameArg,
+    this.imageDir = await bucket.getDirectoryFromPath({
+      path: '/images',
+    });
+
+    // lets setup dockerstore
+    await plugins.smartfile.fs.ensureDir(paths.dockerImageStoreDir);
+    this.dockerImageStore = new plugins.docker.DockerImageStore({
+      localDirPath: paths.dockerImageStoreDir,
+      bucketDir: this.imageDir,
    });
  }
 }
--- a/ts/manager.log/logmanager.ts
+++ b/ts/manager.log/logmanager.ts
@ -1,5 +1,5 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';

 /**
 * takes care of receiving and providing logs
--- a/ts/manager.secret/classes.secretbundle.ts
+++ b/ts/manager.secret/classes.secretbundle.ts
@ -1,7 +1,7 @@
 // a secret bundle is a set of secrets ready to be used in a project.
 // it bundles secretgroups
 import { SecretGroup } from './classes.secretgroup.js';
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';

@plugins.smartdata.Manager()
 export class SecretBundle extends plugins.smartdata.SmartDataDbDoc<
--- a/ts/manager.secret/classes.secretgroup.ts
+++ b/ts/manager.secret/classes.secretgroup.ts
@ -1,7 +1,7 @@
 /**
 * a secretgroup is a set of secrets for different environments.
 */
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';

@plugins.smartdata.Manager()
 export class SecretGroup extends plugins.smartdata.SmartDataDbDoc<
--- a/ts/manager.secret/classes.secretmanager.ts
+++ b/ts/manager.secret/classes.secretmanager.ts
@ -1,9 +1,9 @@
-import * as plugins from '../cloudly.plugins.js';
-import * as paths from '../cloudly.paths.js';
+import * as plugins from '../plugins.js';
+import * as paths from '../paths.js';
 import { SecretBundle } from './classes.secretbundle.js';
 import { SecretGroup } from './classes.secretgroup.js';
-import { logger } from '../cloudly.logging.js';
-import type { Cloudly } from '../cloudly.classes.cloudly.js';
+import { logger } from '../logger.js';
+import type { Cloudly } from '../classes.cloudly.js';

 /**
 * The `ConfigVault` class provides methods for reading and writing configuration data to a file.
@ -35,32 +35,12 @@ export class CloudlySecretManager {
    this.typedrouter = new plugins.typedrequest.TypedRouter();
    this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);

-    this.typedrouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_LoginWithUsernameAndPassword>(
-        'adminLoginWithUsernameAndPassword',
-        async (dataArg) => {
-          let jwt: string;
-          // console.log(dataArg);
-          if (dataArg.username !== 'admin' || dataArg.password !== 'password') {
-            logger.log('warn', 'login failed');
-          } else {
-            jwt = await this.cloudlyRef.config.smartjwtInstance.createJWT({
-              status: 'loggedIn',
-            });
-            logger.log('success', 'login successful');
-          }
-          return {
-            jwt,
-          };
-        }
-      )
-    );
-
    this.typedrouter.addTypedHandler(
      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_GetConfigBundlesAndSecretGroups>(
        'adminGetConfigBundlesAndSecretGroups',
-        async (dataArg) => {
-          dataArg.jwt
+        async (dataArg, toolsArg) => {
+          await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
+          dataArg.identity.jwt
          const secretBundles = await SecretBundle.getInstances({});
          const secretGroups = await SecretGroup.getInstances({});
          return {
--- a/ts/manager.server/classes.curlfresh.ts
+++ b/ts/manager.server/classes.curlfresh.ts
@ -0,0 +1,87 @@
+import { logger } from '../logger.js';
+import * as plugins from '../plugins.js';
+import type { CloudlyServerManager } from './classes.servermanager.js';
+
+export class CurlFresh {
+  public optionsArg = {
+    npmRegistry: 'https://registry.npmjs.org',
+  }
+  public scripts = {
+    'setup.sh': `#!/bin/bash
+
+# lets update the system and install curl
+# might be installed already, but entrypoint could have been wget
+apt-get update
+apt-get install -y --force-yes curl
+
+# Basic updating of the software lists
+echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
+apt-get update
+apt-get upgrade -y --force-yes
+apt-get install -y --force-yes fail2ban curl git
+curl -sL https://deb.nodesource.com/setup_18.x | bash
+
+# Install docker
+curl -sSL https://get.docker.com/ | sh
+
+# Install default nodejs to run nodejs tools
+apt-get install -y nodejs zsh
+zsh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
+npm config set unsafe-perm true
+
+# lets install pnpm
+curl -fsSL https://get.pnpm.io/install.sh | sh -
+
+# lets make sure we use the correct npm registry
+bash -c "npm config set registry ${this.optionsArg.npmRegistry}"
+
+# lets install spark
+bash -c "pnpm install -g @serve.zone/spark"
+
+# lets install the spark daemon
+bash -c "spark installdaemon"
+
+# TODO: start spark with jump code
+`,
+  };
+
+  public serverManagerRef: CloudlyServerManager;
+  public curlFreshRoute: plugins.typedserver.servertools.Route;
+  public handler = new plugins.typedserver.servertools.Handler('ALL', async (req, res) => {
+    logger.log('info', 'curlfresh handler called. a server might be coming online soon :)');
+    const scriptname = req.params.scriptname;
+    switch(scriptname) {
+      case 'setup.sh':
+        logger.log('info', 'sending setup.sh');
+        res.type('application/x-sh');
+        res.send(this.scripts['setup.sh']);
+        break;
+      default:
+        res.send('no script found');
+        break;
+    }
+  });
+
+  constructor(serverManagerRefArg: CloudlyServerManager) {
+    this.serverManagerRef = serverManagerRefArg;
+  }
+  public async getServerUserData(): Promise<string> {
+    const sslMode = await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('sslMode');
+    let protocol: 'http' | 'https';
+    if (sslMode === 'none') {
+      protocol = 'http';
+    } else {
+      protocol = 'https';
+    }
+  
+    const domain = await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicUrl');
+    const port = await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicPort');
+  
+    const serverUserData = `#cloud-config
+  runcmd:
+    - curl -o- ${protocol}://${domain}:${port}/curlfresh/setup.sh | sh
+  `
+    console.log(serverUserData);
+    return serverUserData;
+  };
+}
--- a/ts/manager.server/classes.server.ts
+++ b/ts/manager.server/classes.server.ts
@ -1,4 +1,4 @@
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';

 /*
 * cluster defines a swarmkit cluster
--- a/ts/manager.server/classes.servermanager.ts
+++ b/ts/manager.server/classes.servermanager.ts
@ -1,11 +1,13 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
-import { Cluster } from '../manager.cluster/cluster.js';
-import { Server } from './server.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';
+import { Cluster } from '../manager.cluster/classes.cluster.js';
+import { Server } from './classes.server.js';
+import { CurlFresh } from './classes.curlfresh.js';

 export class CloudlyServerManager {
  public cloudlyRef: Cloudly;
  public typedRouter = new plugins.typedrequest.TypedRouter();
+  public curlfreshInstance = new CurlFresh(this);

  public hetznerAccount: plugins.hetznercloud.HetznerAccount;

@ -63,7 +65,8 @@ export class CloudlyServerManager {
          labels: {
            clusterId: cluster.id,
            priority: '1',
-          }
+          },
+          userData: await this.curlfreshInstance.getServerUserData()
        });
        const newServer = await Server.createFromHetznerServer(server);
        console.log(`cluster created new server for cluster ${cluster.id}`);
--- a/ts/manager.service/classes.service.ts
+++ b/ts/manager.service/classes.service.ts
@ -0,0 +1,13 @@
+import * as plugins from '../plugins.js';
+import { ServiceManager } from './classes.servicemanager.js';
+
+export class Service extends plugins.smartdata.SmartDataDbDoc<Service, plugins.servezoneInterfaces.data.IService, ServiceManager> {
+  
+  @plugins.smartdata.svDb()
+  public id: string;
+
+  @plugins.smartdata.svDb()
+  public data: plugins.servezoneInterfaces.data.IService['data'];
+
+
+}
--- a/ts/manager.service/classes.servicemanager.ts
+++ b/ts/manager.service/classes.servicemanager.ts
@ -0,0 +1,18 @@
+import type { Cloudly } from '../classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Service } from './classes.service.js';
+
+export class ServiceManager {
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public cloudlyRef: Cloudly;
+  
+  get db() {
+    return this.cloudlyRef.mongodbConnector.smartdataDb;
+  }
+
+  public CService = plugins.smartdata.setDefaultManagerForDoc(this, Service);
+
+  constructor(cloudlyRef: Cloudly) {
+    this.cloudlyRef = cloudlyRef;
+  }
+}
--- a/ts/manager.status/statusmanager.ts
+++ b/ts/manager.status/statusmanager.ts
@ -1,4 +1,4 @@
-import * as plugins from '../cloudly.plugins.js';
+import * as plugins from '../plugins.js';
 import { Cloudly } from '../index.js';

 /**
--- a/ts/manager.task/taskmanager.ts
+++ b/ts/manager.task/taskmanager.ts
@ -1,7 +1,7 @@
-import * as plugins from '../cloudly.plugins.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
+import * as plugins from '../plugins.js';
+import { Cloudly } from '../classes.cloudly.js';

-import { logger } from '../cloudly.logging.js';
+import { logger } from '../logger.js';

 export class CloudlyTaskmanager {
  public cloudlyRef: Cloudly;
--- a/ts/manager.version/containerversion.ts
+++ b/ts/manager.version/containerversion.ts
@ -1,32 +0,0 @@
-import * as plugins from '../cloudly.plugins.js';
-
-/*
-A container version is managed by the versionmanager
-*/
-@plugins.smartdata.Manager()
-export class ContainerVersion
-  extends plugins.smartdata.SmartDataDbDoc<ContainerVersion, unknown>
-  implements plugins.servezoneInterfaces.data.IContainerVersionData
-{
-  public static async fromIVersionData(
-    dataArg: plugins.servezoneInterfaces.data.IContainerVersionData
-  ) {
-    const containerVersionInstance = new ContainerVersion();
-    containerVersionInstance.id = plugins.smartunique.shortId();
-    Object.assign(containerVersionInstance, dataArg);
-    return containerVersionInstance;
-  }
-
-  @plugins.smartdata.unI()
-  public id: string;
-
-  @plugins.smartdata.svDb()
-  public dockerImageUrl: string;
-
-  @plugins.smartdata.svDb()
-  public dockerImageVersion: string;
-
-  constructor() {
-    super();
-  }
-}
--- a/ts/manager.version/versionmanager.ts
+++ b/ts/manager.version/versionmanager.ts
@ -1,149 +0,0 @@
-import * as plugins from '../cloudly.plugins.js';
-
-import { ContainerVersion } from './containerversion.js';
-import { Cloudly } from '../cloudly.classes.cloudly.js';
-
-export class CloudlyVersionManager {
-  // INSTANCE
-  public cloudlyRef: Cloudly;
-  public get db() {
-    return this.cloudlyRef.mongodbConnector.smartdataDb;
-  }
-  public typedRouter = new plugins.typedrequest.TypedRouter();
-
-  // connected classes
-  public CContainerVersion = plugins.smartdata.setDefaultManagerForDoc(this, ContainerVersion);
-
-  constructor(cloudlyRefArg: Cloudly) {
-    this.cloudlyRef = cloudlyRefArg;
-    this.cloudlyRef.typedrouter.addTypedRouter(this.typedRouter);
-    // get version
-    this.typedRouter.addTypedHandler<plugins.servezoneInterfaces.requests.version.IRequest_Any_Cloudly_VersionManager_GetLatestContainerVersion>(
-      new plugins.typedrequest.TypedHandler(
-        'getLatestContainerVersion',
-        async (typedRequestData) => {
-          const containerVersionGet: ContainerVersion =
-            await ContainerVersion.getInstance<ContainerVersion>({
-              dockerImageUrl: typedRequestData.dockerImageUrl,
-            });
-          return {
-            dockerImageUrl: containerVersionGet.dockerImageUrl,
-            dockerImageVersion: containerVersionGet.dockerImageVersion,
-          };
-        }
-      )
-    );
-
-    // update version
-    this.typedRouter.addTypedHandler<plugins.servezoneInterfaces.requests.version.IRequest_Any_Cloudly_VersionManager_InformCloudlyAboutNewContainerVersion>(
-      new plugins.typedrequest.TypedHandler(
-        'informCloudlyAboutNewContainerVersion',
-        async (dataArg) => {
-          console.log(`Got a container version announcement! "${dataArg.dockerImageUrl}"`);
-          let containerVersion: ContainerVersion =
-            await ContainerVersion.getInstance<ContainerVersion>({
-              dockerImageUrl: dataArg.dockerImageUrl,
-            });
-
-          if (containerVersion) {
-            containerVersion.dockerImageVersion = dataArg.dockerImageVersion;
-            await containerVersion.save();
-          } else {
-            containerVersion = await ContainerVersion.fromIVersionData(dataArg);
-            await containerVersion.save();
-          }
-
-          // lets push this info to the relevant clusters
-          const clusters = await this.cloudlyRef.clusterManager.getAllClusters();
-          let foundServices: plugins.servezoneInterfaces.data.IService;
-          let relevantClusterIdentifier: plugins.servezoneInterfaces.data.IClusterIdentifier;
-          for (const clusterArg of clusters) {
-            console.log(clusterArg);
-            for (const serviceArg of await clusterArg.getServices()) {
-              if (serviceArg.image === containerVersion.dockerImageUrl) {
-                foundServices = serviceArg;
-                break;
-              }
-            }
-            if (foundServices) {
-              relevantClusterIdentifier = {
-                clusterName: clusterArg.data.name,
-                secretKey: clusterArg.data.secretKey,
-              };
-              break;
-            }
-          }
-
-          if (!relevantClusterIdentifier) {
-            console.log('no cluster found that needs to update');
-            return {};
-          } else {
-            console.log('found relevant cluster identifier:');
-            console.log(relevantClusterIdentifier);
-          }
-
-          const targetConnection =
-            await this.cloudlyRef.server.typedsocketServer.findTargetConnection(
-              async (connectionArg) => {
-                const identityTag = await connectionArg.getTagById('identity');
-                if (!identityTag) {
-                  return false;
-                }
-                const result =
-                  plugins.smartjson.stringify(identityTag.payload) ===
-                  plugins.smartjson.stringify(relevantClusterIdentifier);
-                return result;
-              }
-            );
-
-          if (targetConnection) {
-            console.log(`the relevant cluster is connected and is now being informed.`);
-            const informCoreflowTR =
-              this.cloudlyRef.server.typedsocketServer.createTypedRequest<plugins.servezoneInterfaces.requests.version.IRequest_Cloudly_Coreflow_VersionManager_InformCoreflowAboutNewContainerVersion>(
-                'informCoreflowAboutNewContainerVersion',
-                targetConnection
-              );
-            informCoreflowTR.fire({
-              dockerImageUrl: containerVersion.dockerImageUrl,
-              dockerImageVersion: containerVersion.dockerImageVersion,
-            });
-          } else {
-            console.log('the relevant cluster is not connected at this time.');
-          }
-
-          return {};
-        }
-      )
-    );
-
-    // lets support the servezone standard
-    this.typedRouter.addTypedHandler(
-      new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.IRequest_InformAboutNewContainerImage>(
-        'servezonestandard_InformAboutNewContainerVersion',
-        async (dataArg) => {
-          const result =
-            await this.typedRouter.routeAndAddResponse<plugins.servezoneInterfaces.requests.version.IRequest_Any_Cloudly_VersionManager_InformCloudlyAboutNewContainerVersion>(
-              {
-                method: 'informCloudlyAboutNewContainerVersion',
-                request: {
-                  dockerImageUrl: dataArg.containerImageInfo.registryUrl,
-                  dockerImageVersion: dataArg.containerImageInfo.version,
-                },
-                response: null
-              },
-              true
-            );
-          return result.response;
-        }
-      )
-    );
-  }
-
-  /**
-   * gets all versions
-   */
-  public async getAllVersions() {
-    const result = await ContainerVersion.getInstances<ContainerVersion>({});
-    return result;
-  }
-}
--- a/ts/cloudly.paths.ts
+++ b/ts/cloudly.paths.ts
@ -1,5 +1,6 @@
-import * as plugins from './cloudly.plugins.js';
+import * as plugins from './plugins.js';

 export const packageDir = plugins.path.join(plugins.smartpath.get.dirnameFromImportMetaUrl(import.meta.url), '../');
 export const nogitDir = plugins.path.join(packageDir, '.nogit/');
+export const dockerImageStoreDir = plugins.path.join(nogitDir, './dockerimagestore/');
 export const distServeDir = plugins.path.join(packageDir, './dist_serve');
--- a/ts/cloudly.plugins.ts
+++ b/ts/cloudly.plugins.ts
@ -9,13 +9,13 @@ import * as typedsocket from '@api.global/typedsocket';

 export { typedrequest, typedsocket };

-// @mojoio scope
+// @apiclient.xyz scope
 import * as cloudflare from '@apiclient.xyz/cloudflare';
-import * as digitalocean from '@apiclient.xyz/digitalocean';
+import * as docker from '@apiclient.xyz/docker';
 import * as hetznercloud from '@apiclient.xyz/hetznercloud';
 import * as slack from '@apiclient.xyz/slack';

-export { cloudflare, digitalocean, hetznercloud, slack };
+export { cloudflare, docker, hetznercloud, slack };

 // @tsclass scope
 import * as tsclass from '@tsclass/tsclass';
@ -29,10 +29,11 @@ import * as qenv from '@push.rocks/qenv';
 import * as smartacme from '@push.rocks/smartacme';
 import * as smartbucket from '@push.rocks/smartbucket';
 import * as smartcli from '@push.rocks/smartcli';
+import * as smartclickhouse from '@push.rocks/smartclickhouse';
 import * as smartdata from '@push.rocks/smartdata';
 import * as smartdelay from '@push.rocks/smartdelay';
 import * as smartexit from '@push.rocks/smartexit';
-import * as typedserver from '@api.global/typedserver';
+import * as smartexpect from '@push.rocks/smartexpect';
 import * as smartfile from '@push.rocks/smartfile';
 import * as smartguard from '@push.rocks/smartguard';
 import * as smartjson from '@push.rocks/smartjson';
@ -42,9 +43,11 @@ import * as smartpath from '@push.rocks/smartpath';
 import * as smartpromise from '@push.rocks/smartpromise';
 import * as smartrequest from '@push.rocks/smartrequest';
 import * as smartssh from '@push.rocks/smartssh';
+import * as smartstream from '@push.rocks/smartstream';
 import * as smartstring from '@push.rocks/smartstring';
 import * as smartunique from '@push.rocks/smartunique';
 import * as taskbuffer from '@push.rocks/taskbuffer';
+import * as typedserver from '@api.global/typedserver';

 export {
  npmextra,
@ -53,9 +56,10 @@ export {
  smartacme,
  smartbucket,
  smartcli,
+  smartclickhouse,
  smartdata,
  smartexit,
-  typedserver,
+  smartexpect,
  smartdelay,
  smartfile,
  smartguard,
@ -66,9 +70,11 @@ export {
  smartpromise,
  smartrequest,
  smartssh,
+  smartstream,
  smartstring,
  smartunique,
  taskbuffer,
+  typedserver,
 };

 // @servezone scope
--- a/ts_apiclient/classes.cloudlyapiclient.ts
+++ b/ts_apiclient/classes.cloudlyapiclient.ts
@ -0,0 +1,167 @@
+import * as plugins from './plugins.js';
+
+export type TClientType = 'api' | 'ci' | 'coreflow' | 'cli' | 'serverconfig';
+
+import { Image } from './classes.image.js';
+
+export class CloudlyApiClient {
+  private cloudlyUrl: string;
+  private registerAs: string;
+
+  public typedrouter = new plugins.typedrequest.TypedRouter();
+  public typedsocketClient: plugins.typedsocket.TypedSocket;
+
+  // Subjects
+  public configUpdateSubject = new plugins.smartrx.rxjs.Subject<
+    plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig['request']
+  >();
+
+  public serverActionSubject = new plugins.smartrx.rxjs.Subject<
+    plugins.servezoneInterfaces.requests.server.IRequest_TriggerServerAction['request']
+  >();
+
+  constructor(optionsArg?: {
+    registerAs: TClientType;
+    cloudlyUrl?: string;
+  }) {
+    this.registerAs = optionsArg.registerAs;
+    this.cloudlyUrl =
+      optionsArg?.cloudlyUrl || process.env.CLOUDLY_URL || 'https://cloudly.layer.io:443';
+
+    console.log(
+      `creating LoleCloudlyClient: registering as ${this.registerAs} and target url ${this.cloudlyUrl}`
+    );
+
+    this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig>(
+      new plugins.typedrequest.TypedHandler('pushClusterConfig', async (dataArg) => {
+        this.configUpdateSubject.next(dataArg);
+        return {};
+      })
+    );
+
+    this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.server.IRequest_TriggerServerAction>(
+      new plugins.typedrequest.TypedHandler('triggerServerAction', async (dataArg) => {
+        this.serverActionSubject.next(dataArg);
+        return {
+          actionConfirmed: true,
+        };
+      })
+    );
+  }
+
+  public async start() {
+    this.typedsocketClient = await plugins.typedsocket.TypedSocket.createClient(
+      this.typedrouter,
+      this.cloudlyUrl
+    );
+    console.log(
+      `CloudlyClient connected to cloudly at ${this.cloudlyUrl}. Remember to get an identity.`
+    );
+  }
+
+  public async stop() {
+    await this.typedsocketClient.stop();
+  }
+
+  public identity: plugins.servezoneInterfaces.data.IIdentity;
+  public async getIdentityByToken(
+    token: string,
+    optionsArg?: {
+      tagConnection?: boolean;
+      statefullIdentity?: boolean;
+    }
+  ): Promise<plugins.servezoneInterfaces.data.IIdentity> {
+    optionsArg = Object.assign({}, {
+      tagConnection: false,
+      statefullIdentity: true,
+    }, optionsArg);
+
+    const identityRequest =
+      this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.identity.IRequest_Any_Cloudly_CoreflowManager_GetIdentityByToken>(
+        'getIdentityByToken'
+      );
+    console.log(`trying to get identity from cloudly with supplied jumpCodeArg: ${token}`);
+    const response = await identityRequest.fire({
+      token: token,
+    });
+    console.log('got identity response');
+    const identity = response.identity;
+
+    if (optionsArg.tagConnection) {
+      this.typedsocketClient.addTag('identity', identity);
+    }
+
+    if (optionsArg.statefullIdentity) {
+      this.identity = identity;
+    }
+
+    return identity;
+  }
+
+  /**
+   * will use statefull identity by default
+   */
+  public async getClusterConfigFromCloudlyByIdentity(
+    identityArg: plugins.servezoneInterfaces.data.IIdentity = this.identity
+  ): Promise<plugins.servezoneInterfaces.data.ICluster> {
+    const clusterConfigRequest =
+      this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetClusterConfig>(
+        'getClusterConfig'
+      );
+    const response = await clusterConfigRequest.fire({
+      identity: identityArg,
+    });
+    return response.configData;
+  }
+
+  /**
+   * will use statefull identity by default
+   */
+  public async getServerConfigFromCloudlyByIdentity(
+    identityArg: plugins.servezoneInterfaces.data.IIdentity = this.identity
+  ): Promise<plugins.servezoneInterfaces.data.IServer> {
+    const serverConfigRequest =
+      this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetServerConfig>(
+        'getServerConfig'
+      );
+    const response = await serverConfigRequest.fire({
+      identity: identityArg,
+      serverId: '', // TODO: get server id here
+    });
+    return response.configData;
+  }
+
+  /**
+   * gets a certificate for a domain used by a service
+   */
+  public async getCertificateForDomain(optionsArg: {
+    domainName: string;
+    type: plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetCertificateForDomain['request']['type'];
+    identity?: plugins.servezoneInterfaces.data.IIdentity;
+  }): Promise<plugins.tsclass.network.ICert> {
+    optionsArg.identity = optionsArg.identity || this.identity;
+    if (!optionsArg.identity) {
+      throw new Error('identity is required. Either provide one or login first.');
+    }
+    const typedCertificateRequest =
+      this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetCertificateForDomain>(
+        'getCertificateForDomain'
+      );
+    const typedResponse = await typedCertificateRequest.fire({
+      identity: this.identity, // do proper auth here
+      domainName: optionsArg.domainName,
+      type: optionsArg.type,
+    });
+    return typedResponse.certificate;
+  }
+
+  public images = {
+    // Images
+    getImages: async () => {
+      return Image.getImages(this);
+    },
+    createImage: async (optionsArg: Parameters<typeof Image.createImage>[1]) => {
+      return Image.createImage(this, optionsArg);
+    }
+  }
+}
--- a/ts_apiclient/classes.cloudlyclient.ts
+++ b/ts_apiclient/classes.cloudlyclient.ts
@ -1,13 +0,0 @@
-import * as plugins from './plugins.js';
-
-export class CloudlyClient {
-  public clientToken: string;
-
-  constructor(clientToken: string) {
-    this.clientToken = clientToken;
-  }
-
-  public async getClusters() {
-    
-  }
-}
--- a/ts_apiclient/classes.cluster.ts
+++ b/ts_apiclient/classes.cluster.ts
@ -2,4 +2,5 @@ import * as plugins from './plugins.js';

 export class Cluster {
  public getServers() {}
+  
 }
--- a/ts_apiclient/classes.image.ts
+++ b/ts_apiclient/classes.image.ts
@ -1,5 +1,100 @@
+import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
 import * as plugins from './plugins.js';

-export class Image {
-  public getImages() {}
+export class Image implements plugins.servezoneInterfaces.data.IImage {
+  public static async getImages(cloudlyClientRef: CloudlyApiClient) {
+    const getAllImagesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_GetAllImages>(
+      'getAllImages'
+    );
+    const response = await getAllImagesTR.fire({
+      identity: cloudlyClientRef.identity,
+    });
+    const resultImages: Image[] = [];
+    for (const image of response.images) {
+      const newImage = new Image(cloudlyClientRef);
+      Object.assign(newImage, image);
+      resultImages.push(newImage);
+    }
+    return resultImages;
+  }
+
+  /**
+   * creates a new image 
+   */
+  public static async createImage(cloudlyClientRef: CloudlyApiClient, imageDataArg: Partial<plugins.servezoneInterfaces.data.IImage['data']>) {
+    const createImageTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_CreateImage>(
+      'createImage'
+    );
+    const response = await createImageTR.fire({
+      identity: cloudlyClientRef.identity,
+      name: imageDataArg.name,
+      description: imageDataArg.description,
+    });
+    const newImage = new Image(cloudlyClientRef);
+    Object.assign(newImage, response.image);
+    return newImage;
+  }
+
+  // INSTANCE
+  cloudlyClientRef: CloudlyApiClient;
+
+  id: plugins.servezoneInterfaces.data.IImage['id'];
+  data: plugins.servezoneInterfaces.data.IImage['data'];
+
+  constructor(cloudlyClientRef: CloudlyApiClient) {
+    this.cloudlyClientRef = cloudlyClientRef;
+  }
+
+  /**
+   * updates the image data
+   */
+  public async update() {
+    const getVersionsTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_GetImage>(
+      'getImage'
+    );
+    const response = await getVersionsTR.fire({
+      identity: this.cloudlyClientRef.identity,
+      imageId: this.id,
+    });
+    Object.assign(this, response.image);
+  }
+
+  /**
+   * pushes a new version of the image
+   * @param imageVersion 
+   * @param imageReadableArg 
+   */
+  public async pushImageVersion(imageVersion: string, imageReadableArg: ReadableStream<Uint8Array>): Promise<void> {
+    const done = plugins.smartpromise.defer();
+    const pushImageTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_PushImageVersion>(
+      'pushImageVersion'
+    );
+    const virtualStream = new plugins.typedrequest.VirtualStream();
+    const response = await pushImageTR.fire({
+      identity: this.cloudlyClientRef.identity,
+      imageId: this.id,
+      versionString: '',
+      imageStream: virtualStream,
+    });
+    await virtualStream.readFromWebstream(imageReadableArg);
+    await this.update();
+  };
+
+  /**
+   * pulls a version of the image
+   */
+  public async pullImageVersion(versionStringArg: string): Promise<ReadableStream<Uint8Array>> {
+    const pullImageTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_PullImageVersion>(
+      'pullImageVersion'
+    );
+    const response = await pullImageTR.fire({
+      identity: this.cloudlyClientRef.identity,
+      imageId: this.id,
+      versionString: versionStringArg,
+    });
+    const imageStream = response.imageStream;
+    const webduplexStream = new plugins.webstream.WebDuplexStream({});
+    imageStream.writeToWebstream(webduplexStream.writable);
+    return webduplexStream.readable;
+  };
 }
--- a/ts_apiclient/classes.server.ts
+++ b/ts_apiclient/classes.server.ts
@ -0,0 +1,7 @@
+import * as plugins from './plugins.js';
+
+export class Server {
+  public static getServers() {
+    
+  }
+}
--- a/ts_apiclient/index.ts
+++ b/ts_apiclient/index.ts
@ -1 +1 @@
-export * from './classes.cloudlyclient.js';
+export * from './classes.cloudlyapiclient.js';
--- a/ts_apiclient/plugins.ts
+++ b/ts_apiclient/plugins.ts
@ -1,5 +1,33 @@
-import * as typedrequest from '@api.global/typedrequest';
+// @serve.zone scope
+import * as servezoneInterfaces from '@serve.zone/interfaces';

 export {
-  typedrequest
+  servezoneInterfaces
+}
+
+// @push.rocks scope
+import * as smartpromise from '@push.rocks/smartpromise';
+import * as smartrx from '@push.rocks/smartrx';
+import * as webstream from '@push.rocks/smartstream/web';
+
+export {
+  smartpromise,
+  smartrx,
+  webstream,
+}
+
+// @api.global scope
+import * as typedrequest from '@api.global/typedrequest';
+import * as typedsocket from '@api.global/typedsocket';
+
+export {
+  typedrequest,
+  typedsocket
+}
+
+// @tsclass scope
+import * as tsclass from '@tsclass/tsclass';
+
+export {
+  tsclass,
 }
--- a/ts_apiclient/tspublish.json
+++ b/ts_apiclient/tspublish.json
@ -0,0 +1,16 @@
+{
+  "name": "@serve.zone/api",
+  "dependencies": [
+    "@serve.zone/interfaces",
+    "@push.rocks/smartpromise",
+    "@push.rocks/smartrx",
+    "@push.rocks/smartstream",
+    "@api.global/typedrequest",
+    "@api.global/typedsocket",
+    "@tsclass/tsclass"
+  ],
+  "registries": [
+    "registry.npmjs.org:public",
+    "verdaccio.lossless.digital:public"
+  ]
+}
--- a/ts_cliclient/tspublish.json
+++ b/ts_cliclient/tspublish.json
@ -0,0 +1,3 @@
+{
+  "name": "@serve.zone/cli"
+}
--- a/ts_interfaces/tspublish.json
+++ b/ts_interfaces/tspublish.json
@ -0,0 +1,10 @@
+{
+  "name": "@serve.zone/interfaces",
+  "dependencies": [
+    "@tsclass/tsclass"
+  ],
+  "registries": [
+    "registry.npmjs.org:public",
+    "verdaccio.lossless.digital:public"
+  ]
+}
--- a/ts_web/00_commitinfo_data.ts
+++ b/ts_web/00_commitinfo_data.ts
@ -1,8 +1,8 @@
 /**
- * autocreated commitinfo by @pushrocks/commitinfo
+ * autocreated commitinfo by @push.rocks/commitinfo
 */
 export const commitinfo = {
  name: '@serve.zone/cloudly',
-  version: '1.0.214',
-  description: 'A cloud manager utilizing Docker Swarmkit, designed for operations on Cloudron, and supports various cloud platforms like DigitalOcean, Hetzner Cloud, and Cloudflare.'
+  version: '1.2.0',
+  description: 'A comprehensive multi-cloud manager leveraging Docker Swarmkit to orchestrate containerized applications across various cloud services and provide robust configuration and API integration.'
 }
--- a/ts_web/appstate.ts
+++ b/ts_web/appstate.ts
@ -3,11 +3,11 @@ import * as domtools from '@design.estate/dees-domtools';

 const appstate = new plugins.deesDomtools.plugins.smartstate.Smartstate();
 export interface ILoginState {
-  jwt: string;
+  identity: plugins.interfaces.data.IIdentity;
 }
-export const loginStatePart = await appstate.getStatePart<ILoginState>(
+export const loginStatePart: plugins.smartstate.StatePart<unknown, ILoginState> = await appstate.getStatePart<ILoginState>(
  'login',
-  { jwt: null },
+  { identity: null },
  'persistent'
 );

@ -22,10 +22,15 @@ export const loginAction = loginStatePart.createAction<{ username: string; passw
    const response = await trLogin.fire({
      username: payloadArg.username,
      password: payloadArg.password,
+    }).catch(err => {
+      console.log(err);
+      return {
+        ...statePartArg.getState(),
+      }
    });
    return {
      ...currentState,
-      ...(response.jwt ? { jwt: response.jwt } : {}),
+      ...(response.identity ? { identity: response.identity } : {}),
    };
  }
 );
@ -34,7 +39,7 @@ export const logoutAction = loginStatePart.createAction(async (statePartArg) =>
  const currentState = statePartArg.getState();
  return {
    ...currentState,
-    jwt: null,
+    identity: null,
  };
 });

@ -72,7 +77,7 @@ export const dataState = await appstate.getStatePart<IDataState>(
 );

 // Getting data
-export const getDataAction = dataState.createAction(async (statePartArg) => {
+export const getAllDataAction = dataState.createAction(async (statePartArg, partialArg?: 'secrets' | 'images') => {
  let currentState = statePartArg.getState();
  // Secrets
  const trGetSecrets =
@ -81,13 +86,27 @@ export const getDataAction = dataState.createAction(async (statePartArg) => {
      'adminGetConfigBundlesAndSecretGroups'
    );
  const response = await trGetSecrets.fire({
-    jwt: loginStatePart.getState().jwt,
+    identity: loginStatePart.getState().identity,
  });
  currentState = {
    ...currentState,
    ...response,
  };

+  // images
+  const trGetImages =
+    new domtools.plugins.typedrequest.TypedRequest<plugins.interfaces.requests.image.IRequest_GetAllImages>(
+      '/typedrequest',
+      'getAllImages'
+    );
+  const responseImages = await trGetImages.fire({
+    identity: loginStatePart.getState().identity,
+  });
+  currentState = {
+    ...currentState,
+    ...responseImages,
+  };
+
  // Clusters
  const trGetClusters =
    new domtools.plugins.typedrequest.TypedRequest<plugins.interfaces.requests.cluster.IRequest_GetAllClusters>(
@ -95,7 +114,7 @@ export const getDataAction = dataState.createAction(async (statePartArg) => {
      'getAllClusters'
    );
  const responseClusters = await trGetClusters.fire({
-    jwt: loginStatePart.getState().jwt,
+    identity: loginStatePart.getState().identity,
  });

  currentState = {
@ -116,11 +135,11 @@ export const createSecretGroupAction = dataState.createAction(
        'adminCreateConfigBundlesAndSecretGroups'
      );
    const response = await trCreateSecretGroup.fire({
-      jwt: loginStatePart.getState().jwt,
+      identity: loginStatePart.getState().identity,
      secretBundles: [],
      secretGroups: [payloadArg],
    });
-    currentState = await dataState.dispatchAction(getDataAction, null);
+    currentState = await dataState.dispatchAction(getAllDataAction, null);
    return currentState;
    return currentState;
  }
@ -135,11 +154,11 @@ export const deleteSecretGroupAction = dataState.createAction(
        'adminDeleteConfigBundlesAndSecretGroups'
      );
    const response = await trDeleteSecretGroup.fire({
-      jwt: loginStatePart.getState().jwt,
+      identity: loginStatePart.getState().identity,
      secretBundleIds: [],
      secretGroupIds: [payloadArg.secretGroupId],
    });
-    currentState = await dataState.dispatchAction(getDataAction, null);
+    currentState = await dataState.dispatchAction(getAllDataAction, null);
    return currentState;
  }
 );
@ -154,11 +173,57 @@ export const deleteSecretBundleAction = dataState.createAction(
        'adminDeleteConfigBundlesAndSecretGroups'
      );
    const response = await trDeleteConfigBundle.fire({
-      jwt: loginStatePart.getState().jwt,
+      identity: loginStatePart.getState().identity,
      secretBundleIds: [payloadArg.configBundleId],
      secretGroupIds: [],
    });
-    currentState = await dataState.dispatchAction(getDataAction, null);
+    currentState = await dataState.dispatchAction(getAllDataAction, null);
+    return currentState;
+  }
+);
+
+// image actions
+export const createImageAction = dataState.createAction(
+  async (statePartArg, payloadArg: { imageName: string, description: string }) => {
+    let currentState = statePartArg.getState();
+    const trCreateImage =
+      new domtools.plugins.typedrequest.TypedRequest<plugins.interfaces.requests.image.IRequest_CreateImage>(
+        '/typedrequest',
+        'createImage'
+      );
+    const response = await trCreateImage.fire({
+      identity: loginStatePart.getState().identity,
+      name: payloadArg.imageName,
+      description: payloadArg.description,
+    });
+    currentState = {
+      ...currentState,
+      ...{
+        images: [...currentState.images, response.image],
+      },
+    };
+    return currentState;
+  }
+);
+
+export const deleteImageAction = dataState.createAction(
+  async (statePartArg, payloadArg: { imageId: string }) => {
+    let currentState = statePartArg.getState();
+    const trDeleteImage =
+      new domtools.plugins.typedrequest.TypedRequest<plugins.interfaces.requests.image.IRequest_DeleteImage>(
+        '/typedrequest',
+        'deleteImage'
+      );
+    const response = await trDeleteImage.fire({
+      identity: loginStatePart.getState().identity,
+      imageId: payloadArg.imageId,
+    });
+    currentState = {
+      ...currentState,
+      ...{
+        images: currentState.images.filter((image) => image.id !== payloadArg.imageId),
+      },
+    };
    return currentState;
  }
 );
@ -178,7 +243,7 @@ export const addClusterAction = dataState.createAction(
        'createCluster'
      );
    const response = await trAddCluster.fire({
-      jwt: loginStatePart.getState().jwt,
+      identity: loginStatePart.getState().identity,
      ...payloadArg,
    });
    currentState = {
--- a/ts_web/elements/cloudly-dashboard.ts
+++ b/ts_web/elements/cloudly-dashboard.ts
@ -33,7 +33,7 @@ declare global {

@customElement('cloudly-dashboard')
 export class CloudlyDashboard extends DeesElement {
-  @state() private jwt: string;
+  @state() private identity: plugins.interfaces.data.IIdentity;
  @state() private data: appstate.IDataState = {
    secretGroups: [],
    secretBundles: [],
@ -42,6 +42,7 @@ export class CloudlyDashboard extends DeesElement {

  constructor() {
    super();
+    document.title = `cloudly v${commitinfo.version}`;
    const subcription = appstate.dataState
      .select((stateArg) => stateArg)
      .subscribe((dataArg) => {
@ -96,6 +97,10 @@ export class CloudlyDashboard extends DeesElement {
                name: 'Services',
                element: CloudlyViewServices,
              },
+              {
+                name: 'Testing & Building',
+                element: CloudlyViewServices,
+              },
              {
                name: 'Deployments',
                element: CloudlyViewDeployments,
@ -148,7 +153,7 @@ export class CloudlyDashboard extends DeesElement {
          action: async () => {
            await plugins.deesCatalog.DeesModal.createAndShow({
              heading: 'About',
-              content: html`configvault ${commitinfo.version}`,
+              content: html`cloudly ${commitinfo.version}`,
              menuOptions: [
                {
                  name: 'close',
@ -168,10 +173,10 @@ export class CloudlyDashboard extends DeesElement {
    const domtools = await this.domtoolsPromise;
    const loginState = appstate.loginStatePart.getState();
    console.log(loginState);
-    if (loginState.jwt) {
-      this.jwt = loginState.jwt;
+    if (loginState.identity) {
+      this.identity = loginState.identity;
      await simpleLogin.switchToSlottedContent();
-      await appstate.dataState.dispatchAction(appstate.getDataAction, null);
+      await appstate.dataState.dispatchAction(appstate.getAllDataAction, null);
    }
  }

@ -185,12 +190,12 @@ export class CloudlyDashboard extends DeesElement {
      username,
      password,
    });
-    if (state.jwt) {
+    if (state.identity) {
      console.log('got jwt');
-      this.jwt = state.jwt;
+      this.identity = state.identity;
      form.setStatus('success', 'Logged in!');
      await simpleLogin.switchToSlottedContent();
-      await appstate.dataState.dispatchAction(appstate.getDataAction, null);
+      await appstate.dataState.dispatchAction(appstate.getAllDataAction, null);
    } else {
      form.setStatus('error', 'Login failed!');
      await domtools.convenience.smartdelay.delayFor(2000);
--- a/ts_web/elements/cloudly-view-backups.ts
+++ b/ts_web/elements/cloudly-view-backups.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewBackups extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-clusters.ts
+++ b/ts_web/elements/cloudly-view-clusters.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewClusters extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-dbs.ts
+++ b/ts_web/elements/cloudly-view-dbs.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewDbs extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-deployments.ts
+++ b/ts_web/elements/cloudly-view-deployments.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewDeployments extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+     
    `,
  ];

--- a/ts_web/elements/cloudly-view-dns.ts
+++ b/ts_web/elements/cloudly-view-dns.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,8 @@ export class CloudlyViewDns extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css` 
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
    `,
  ];

--- a/ts_web/elements/cloudly-view-images.ts
+++ b/ts_web/elements/cloudly-view-images.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import { DeesElement, customElement, html, state, css, cssManager } from '@design.estate/dees-element';

@ -23,13 +24,9 @@ export class CloudlyViewImages extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

@ -37,35 +34,25 @@ export class CloudlyViewImages extends DeesElement {
    return html`
      <cloudly-sectionheading>Images</cloudly-sectionheading>
      <dees-table
-        heading1="SecretGroups"
-        heading2="decoded in client"
+        heading1="Images"
+        heading2="an image is needed for running a service"
        .data=${this.data.images}
-        .displayFunction=${(secretGroup: plugins.interfaces.data.ISecretGroup) => {
+        .displayFunction=${(image: plugins.interfaces.data.IImage) => {
          return {
-            name: secretGroup.data.name,
-            priority: secretGroup.data.priority,
-            tags: html`<dees-chips
-              .selectionMode=${'none'}
-              .selectableChips=${secretGroup.data.tags}
-            ></dees-chips>`,
-            key: secretGroup.data.key,
-            history: (() => {
-              const allHistory = [];
-              for (const environment in secretGroup.data.environments) {
-                allHistory.push(...secretGroup.data.environments[environment].history);
-              }
-              return allHistory.length;
-            })(),
+            id: image.id,
+            name: image.data.name,
+            description: image.data.description,
+            versions: image.data.versions.length,
          };
        }}
        .dataActions=${[
          {
-            name: 'add SecretGroup',
+            name: 'create Image',
            type: ['header', 'footer'],
            iconName: 'plus',
            actionFunc: async () => {
              plugins.deesCatalog.DeesModal.createAndShow({
-                heading: 'create new SecretGroup',
+                heading: 'create new Image',
                content: html`
                  <dees-form>
                    <dees-input-text
@ -78,50 +65,6 @@ export class CloudlyViewImages extends DeesElement {
                      .key=${'data.description'}
                      .value=${''}
                    ></dees-input-text>
-                    <dees-input-text
-                      .label=${'Secret Key (data.key)'}
-                      .key=${'data.key'}
-                      .value=${''}
-                    ></dees-input-text>
-                    <dees-table
-                      .heading1=${'Environments'}
-                      .heading2=${'keys need to be unique'}
-                      key="environments"
-                      .data=${[
-                        {
-                          environment: 'production',
-                          value: '',
-                        },
-                        {
-                          environment: 'staging',
-                          value: '',
-                        },
-                      ]}
-                      .dataActions=${[
-                        {
-                          name: 'add environment',
-                          iconName: 'plus',
-                          type: ['footer'],
-                          actionFunc: async (dataArg) => {
-                            dataArg.table.data.push({
-                              environment: 'new environment',
-                              value: '',
-                            });
-                            dataArg.table.requestUpdate('data');
-                          },
-                        },
-                        {
-                          name: 'delete environment',
-                          iconName: 'trash',
-                          type: ['inRow'],
-                          actionFunc: async (dataArg) => {
-                            dataArg.table.data.splice(dataArg.table.data.indexOf(dataArg.item), 1);
-                            dataArg.table.requestUpdate('data');
-                          },
-                        },
-                      ] as plugins.deesCatalog.ITableAction[]}
-                      .editableFields=${['environment', 'value']}
-                    ></dees-table>
                  </dees-form>
                `,
                menuOptions: [
@ -138,24 +81,9 @@ export class CloudlyViewImages extends DeesElement {
                      const formData = await deesForm.collectFormData();
                      console.log(`Prepare saving of data:`);
                      console.log(formData);
-                      const environments: plugins.interfaces.data.ISecretGroup['data']['environments'] =
-                        {};
-                      for (const itemArg of formData['environments'] as any[]) {
-                        environments[itemArg.environment] = {
-                          value: itemArg.value,
-                          history: [],
-                          lastUpdated: Date.now(),
-                        };
-                      }
-                      await appstate.dataState.dispatchAction(appstate.createSecretGroupAction, {
-                        id: null,
-                        data: {
-                          name: formData['data.name'] as string,
+                      await appstate.dataState.dispatchAction(appstate.createImageAction, {
+                        imageName: formData['data.name'] as string,
                        description: formData['data.description'] as string,
-                          key: formData['data.key'] as string,
-                          environments,
-                          tags: [],
-                        },
                      });
                      await modalArg.destroy();
                    },
@ -327,16 +255,16 @@ export class CloudlyViewImages extends DeesElement {
            iconName: 'trash',
            type: ['contextmenu', 'inRow'],
            actionFunc: async (
-              itemArg: plugins.deesCatalog.ITableActionDataArg<plugins.interfaces.data.ISecretGroup>
+              itemArg: plugins.deesCatalog.ITableActionDataArg<plugins.interfaces.data.IImage>
            ) => {
              plugins.deesCatalog.DeesModal.createAndShow({
-                heading: `Delete ${itemArg.item.data.key}`,
+                heading: `Delete Image "${itemArg.item.data.name}"`,
                content: html`
-                  <div style="text-align:center">Do you really want to delete the secret?</div>
+                  <div style="text-align:center">Do you really want to delete the image?</div>
                  <div
                    style="font-size: 0.8em; color: red; text-align:center; padding: 16px; margin-top: 24px; border: 1px solid #444; font-family: Intel One Mono; font-size: 16px;"
                  >
-                    ${itemArg.item.data.key}
+                    ${itemArg.item.id}
                  </div>
                `,
                menuOptions: [
@ -350,8 +278,8 @@ export class CloudlyViewImages extends DeesElement {
                    name: 'delete',
                    action: async (modalArg) => {
                      console.log(`Delete ${itemArg.item.id}`);
-                      await appstate.dataState.dispatchAction(appstate.deleteSecretGroupAction, {
-                        secretGroupId: itemArg.item.id,
+                      await appstate.dataState.dispatchAction(appstate.deleteImageAction, {
+                        imageId: itemArg.item.id,
                      });
                      await modalArg.destroy();
                    },
--- a/ts_web/elements/cloudly-view-logs.ts
+++ b/ts_web/elements/cloudly-view-logs.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewLogs extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-mails.ts
+++ b/ts_web/elements/cloudly-view-mails.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,14 +32,8 @@ export class CloudlyViewMails extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
-    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
-    `,
+    shared.viewHostCss,
+    css``
  ];

  public render() {
--- a/ts_web/elements/cloudly-view-overview.ts
+++ b/ts_web/elements/cloudly-view-overview.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,8 @@ export class CloudlyViewOverview extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 8px 16px;
-      }
      .clusterGrid {
        display: grid;
        grid-template-columns: ${cssManager.cssGridColumns(3, 8)};
--- a/ts_web/elements/cloudly-view-s3.ts
+++ b/ts_web/elements/cloudly-view-s3.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewS3 extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-secretbundles.ts
+++ b/ts_web/elements/cloudly-view-secretbundles.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -21,23 +22,19 @@ export class CloudlyViewSecretBundles extends DeesElement {

  constructor() {
    super();
-    const subecription = appstate.dataState
+    const subscription = appstate.dataState
      .select((stateArg) => stateArg)
      .subscribe((dataArg) => {
        this.data = dataArg;
      });
-    this.rxSubscriptions.push(subecription);
+    this.rxSubscriptions.push(subscription);
  }

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

@ -144,7 +141,7 @@ export class CloudlyViewSecretBundles extends DeesElement {
          },
          {
            name: 'edit',
-            iconName: 'edit',
+            iconName: 'penToSquare',
            type: ['doubleClick', 'contextmenu', 'inRow'],
            actionFunc: async (actionDataArg) => {
              const modal = await plugins.deesCatalog.DeesModal.createAndShow({
--- a/ts_web/elements/cloudly-view-secretgroups.ts
+++ b/ts_web/elements/cloudly-view-secretgroups.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import { DeesElement, customElement, html, state, css, cssManager } from '@design.estate/dees-element';

@ -23,13 +24,9 @@ export class CloudlyViewSecretGroups extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/cloudly-view-services.ts
+++ b/ts_web/elements/cloudly-view-services.ts
@ -1,4 +1,5 @@
 import * as plugins from '../plugins.js';
+import * as shared from '../elements/shared/index.js';

 import {
  DeesElement,
@ -31,13 +32,9 @@ export class CloudlyViewServices extends DeesElement {

  public static styles = [
    cssManager.defaultStyles,
+    shared.viewHostCss,
    css`
-      :host {
-        display: block;
-        margin: auto;
-        max-width: 1280px;
-        padding: 16px 16px;
-      }
+      
    `,
  ];

--- a/ts_web/elements/shared/cloudly-sectionheading.ts
+++ b/ts_web/elements/shared/cloudly-sectionheading.ts
@ -21,6 +21,8 @@ export class CloudlySectionheading extends DeesElement {
      h1 {
        font-family: 'Cal Sans';
        letter-spacing: 0.025em;
+        margin: 0px;
+        margin-bottom: 16px;
      }
    `,
  ]
--- a/ts_web/elements/shared/css.ts
+++ b/ts_web/elements/shared/css.ts
@ -0,0 +1,10 @@
+import { css } from '@design.estate/dees-element';
+
+export const viewHostCss = css`
+  :host {
+    display: block;
+    margin: auto;
+    max-width: 1280px;
+    padding: 16px 16px;
+  }
+`;
--- a/ts_web/elements/shared/index.ts
+++ b/ts_web/elements/shared/index.ts
@ -1 +1,2 @@
 export * from './cloudly-sectionheading.js';
+export * from './css.js';
--- a/ts_web/plugins.ts
+++ b/ts_web/plugins.ts
@ -13,7 +13,9 @@ export { deesDomtools, deesElement, deesCatalog };

 // @push.rocks scope
 import * as webjwt from '@push.rocks/webjwt';
+import * as smartstate from '@push.rocks/smartstate';

 export {
  webjwt,
+  smartstate,
 }
Author	SHA1	Message	Date
Philipp Kunz	5aa136b8d9	1.2.0 Some checks failed Docker (tags) / security (push) Failing after 16s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-10-21 16:37:46 +02:00
Philipp Kunz	240516520a	feat(cli): Add tspublish.json for CLI client and interfaces	2024-10-21 16:37:46 +02:00
Philipp Kunz	4e1f9464fe	1.1.9 Some checks failed Docker (tags) / security (push) Failing after 18s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-10-21 14:23:43 +02:00
Philipp Kunz	41f9f93d1c	fix(build): Update Node types and other dependencies, add tspublish.json for api client	2024-10-21 14:23:43 +02:00
Philipp Kunz	c502d410b1	1.1.8 Some checks failed Docker (tags) / security (push) Failing after 19s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-10-16 14:35:38 +02:00
Philipp Kunz	53f96095c7	fix(big fix upgrade): upgrade multiple areas of the core functionalities	2024-10-16 14:35:38 +02:00
Philipp Kunz	d212dfb9f9	1.1.7 Some checks failed Docker (tags) / security (push) Failing after 18s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-08-25 14:29:26 +02:00
Philipp Kunz	0ec665516d	fix(deps): Update dependencies to latest versions	2024-08-25 14:29:26 +02:00
Philipp Kunz	acc642adf9	1.1.6 Some checks failed Docker (tags) / security (push) Failing after 16s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-20 19:20:17 +02:00
Philipp Kunz	a6521708f7	fix(core): update	2024-06-20 19:20:16 +02:00
Philipp Kunz	206fe445bc	1.1.5 Some checks failed Docker (tags) / security (push) Failing after 18s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-20 19:00:58 +02:00
Philipp Kunz	a7ee92cde9	fix(core): update	2024-06-20 19:00:58 +02:00
Philipp Kunz	cdbab26008	1.1.4 Some checks failed Docker (tags) / security (push) Failing after 19s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-13 10:07:54 +02:00
Philipp Kunz	1983c64b77	fix(core): update	2024-06-13 10:07:53 +02:00
Philipp Kunz	a6e3a7f5fe	prepare service management	2024-06-13 09:36:02 +02:00
Philipp Kunz	6dd687012f	1.1.3 Some checks failed Docker (tags) / security (push) Failing after 15s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-05 14:13:04 +02:00
Philipp Kunz	55b2872ffc	fix(structure): improve structure, prepare better CI integration	2024-06-05 14:13:03 +02:00
Philipp Kunz	2e6e7f6ca8	1.1.2 Some checks failed Docker (tags) / security (push) Failing after 14s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-02 21:39:32 +02:00
Philipp Kunz	f453ce3126	fix(imagemanager): prepare proper storage and retrieval of container images	2024-06-02 21:39:31 +02:00
Philipp Kunz	b8dd84b8a6	1.1.1 Some checks failed Docker (tags) / security (push) Failing after 14s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-06-01 05:48:57 +02:00
Philipp Kunz	338ed5ed75	fix(image registry): start work on image registry	2024-06-01 05:48:57 +02:00
Philipp Kunz	482a6a101c	1.1.0 Some checks failed Docker (tags) / security (push) Failing after 15s Details Docker (tags) / test (push) Has been skipped Details Docker (tags) / release (push) Has been skipped Details Docker (tags) / metadata (push) Has been skipped Details	2024-05-30 22:49:39 +02:00
Philipp Kunz	929f250006	feat(gaurds): use better smartguards to verify action authorization	2024-05-30 22:49:39 +02:00
Philipp Kunz	6b3fd2ce31	1.0.216	2024-05-28 18:45:34 +02:00
Philipp Kunz	21961fa2d7	fix(switch to unified package for cloudly + api + cli): update	2024-05-28 18:45:34 +02:00
Philipp Kunz	33aa48b0b1	1.0.215	2024-05-05 17:21:04 +02:00
Philipp Kunz	c7d30dd46e	fix(core): update	2024-05-05 17:21:04 +02:00