kitsune-kit 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 72a0142a3c968422bbf176e7c9166607d0cdb77bb98ad7dea178465d432be628
-  data.tar.gz: 3231de17dda946adabd4f1ed6cc3811a03bcf42e61ffce251532871cabdb51c6
+  metadata.gz: 56c28afb6d454bee7e7751b75bfa3c131183fed868f158a324de8d804e54dab3
+  data.tar.gz: 2ca2b272f8bcfc12a92736aba334f4d70139cf0f5e3988a65c419ff52c644e6c
 SHA512:
-  metadata.gz: 0f29ff9c74c0b2bfd9c224077ef958e661f13795e59ffae3d4f81f23181a38546cbf192056a35d1888cbfa55606d067cd1ae2f615c5c988ef38e291ddd02a359
-  data.tar.gz: 4186a5914e1e8746691d01c2432591dc51e2b395ccd3c5b08b3bf95327d2be175fd36cf55eece21cc0872ad548789b6ba53a12a7644432f277df18aadabe21d0
+  metadata.gz: f90bb7fec9592df584b627f0dc7a66df6da61ce70b4c2cdf4028990db77c53a6f5e965b456d1edb031551ca9f9510302261c24579e88a5b231b27e934de024f1
+  data.tar.gz: d423fab92de78e0c2468bbf2d33eac4d1ea9115253f41dbf6e5f56a39e9dded302b66672753e9b02d130cf91a8acc0f203fd393dcdfd4e006798b361d94a6f4f

data/lib/kitsune/blueprints/.env.template

@@ -1,4 +1,4 @@
-# DigitalOcean Droplet defaults
+# DigitalOcean Droplet
 DO_API_TOKEN=
 DROPLET_NAME=
 REGION=
@@ -6,12 +6,17 @@ SIZE=
 IMAGE=
 SSH_KEY_ID=
 TAG_NAME=
+ENABLE_DO_METRICS=true
 
-# SSH configuration
+# SSH
 SSH_KEY_PATH=
 # SSH_PORT=22 (optional)
 
-# PostgreSQL Docker defaults
+# System
+SWAP_SIZE_GB=2
+DISABLE_SWAP=false
+
+# PostgreSQL Docker
 POSTGRES_DB=
 POSTGRES_USER=
 POSTGRES_PASSWORD=

data/lib/kitsune/blueprints/docker/postgres.yml

@@ -8,6 +8,9 @@ services:
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
     ports:
       - "${POSTGRES_PORT:-5432}:5432"
+    command: postgres -c listen_addresses='*'
+    networks:
+      - private
     volumes:
       - pgdata:/var/lib/postgresql/data
     healthcheck:
@@ -18,3 +21,7 @@ services:
 
 volumes:
   pgdata:
+
+networks:
+  private:
+    driver: bridge

data/lib/kitsune/kit/cli.rb

@@ -7,6 +7,8 @@ require_relative "commands/provision"
 require_relative "commands/setup_user"
 require_relative "commands/setup_firewall"
 require_relative "commands/setup_unattended"
+require_relative "commands/setup_swap"
+require_relative "commands/setup_do_metrics"
 require_relative "commands/bootstrap"
 require_relative "commands/setup_docker_prereqs"
 require_relative "commands/install_docker_engine"
@@ -43,6 +45,12 @@ module Kitsune
       desc "setup_unattended SUBCOMMAND", "Configure or rollback unattended-upgrades"
       subcommand "setup_unattended", Kitsune::Kit::Commands::SetupUnattended
 
+      desc "setup_swap SUBCOMMAND", "Configure or rollback swap memory"
+      subcommand "setup_swap", Kitsune::Kit::Commands::SetupSwap
+
+      desc "setup_do_metrics SUBCOMMAND", "Install or rollback DigitalOcean Metrics Agent"
+      subcommand "setup_do_metrics", Kitsune::Kit::Commands::SetupDoMetrics
+
       desc "bootstrap SUBCOMMAND", "Run full server setup or rollback"
       subcommand "bootstrap", Kitsune::Kit::Commands::Bootstrap
 

data/lib/kitsune/kit/commands/bootstrap.rb

@@ -42,6 +42,8 @@ module Kitsune
             run_cli("setup_user create", droplet_ip, filled_options)
             run_cli("setup_firewall create", droplet_ip, filled_options)
             run_cli("setup_unattended create", droplet_ip, filled_options)
+            run_cli("setup_swap create", droplet_ip, filled_options)
+            run_cli("setup_do_metrics create", droplet_ip, filled_options)
           end
 
           def rollback_sequence(filled_options)
@@ -60,6 +62,8 @@ module Kitsune
             droplet_ip = provisioner.send(:public_ip, droplet)
             say "→ Using Droplet IP: #{droplet_ip}", :cyan
 
+            run_cli("setup_do_metrics rollback", droplet_ip, filled_options)
+
             if ssh_accessible?(droplet_ip, filled_options)
               run_cli("setup_unattended rollback", droplet_ip, filled_options)
               run_cli("setup_firewall rollback", droplet_ip, filled_options)
@@ -67,6 +71,7 @@ module Kitsune
               say "⏭️  Skipping unattended-upgrades and firewall rollback (no deploy user)", :yellow
             end
 
+            run_cli("setup_swap rollback", droplet_ip, filled_options)
             run_cli("setup_user rollback", droplet_ip, filled_options)
 
             unless filled_options[:keep_server]

data/lib/kitsune/kit/commands/setup_do_metrics.rb

@@ -0,0 +1,123 @@
+require "thor"
+require "net/ssh"
+require_relative "../defaults"
+require_relative "../options_builder"
+
+module Kitsune
+  module Kit
+    module Commands
+      class SetupDoMetrics < Thor
+        namespace "setup_do_metrics"
+
+        class_option :server_ip, aliases: "-s", required: true, desc: "Server IP address"
+        class_option :ssh_port, aliases: "-p", desc: "SSH port"
+        class_option :ssh_key_path, aliases: "-k", desc: "SSH private key path"
+
+        desc "create", "Install and enable the DigitalOcean Metrics Agent"
+        def create
+          unless Kitsune::Kit::Defaults.metrics[:enable_do_metrics]
+            say "⚠️ DigitalOcean Metrics Agent setup is disabled via ENABLE_DO_METRICS=false", :yellow
+            return
+          end
+
+          filled_options = Kitsune::Kit::OptionsBuilder.build(
+            options,
+            required: [:server_ip],
+            defaults: Kitsune::Kit::Defaults.ssh
+          )
+
+          with_ssh(filled_options) do |ssh|
+            install_agent(ssh)
+          end
+        end
+
+        desc "rollback", "Uninstall the DigitalOcean Metrics Agent"
+        def rollback
+          filled_options = Kitsune::Kit::OptionsBuilder.build(
+            options,
+            required: [:server_ip],
+            defaults: Kitsune::Kit::Defaults.ssh
+          )
+
+          with_ssh(filled_options) do |ssh|
+            uninstall_agent(ssh)
+          end
+        end
+
+        no_commands do
+          def with_ssh(filled_options)
+            Net::SSH.start(
+              filled_options[:server_ip],
+              "deploy",
+              port: filled_options[:ssh_port],
+              keys: [File.expand_path(filled_options[:ssh_key_path])],
+              non_interactive: true,
+              timeout: 5
+            ) do |ssh|
+              yield ssh
+            end
+          end
+
+          def install_agent(ssh)
+            marker = "/usr/local/backups/setup_do_metrics.after"
+
+            script = <<~BASH
+              set -e
+              sudo mkdir -p /usr/local/backups
+
+              if [ -f "#{marker}" ]; then
+                echo "🔁 Metrics Agent already installed, skipping."
+                exit 0
+              fi
+
+              echo "✍🏻 Installing DigitalOcean Metrics Agent..."
+              curl -sSL https://repos.insights.digitalocean.com/install.sh | sudo bash
+
+              sudo touch "#{marker}"
+              echo "✅ Metrics Agent installed"
+
+              ps aux | grep do-agent | grep -v grep || echo "⚠️ do-agent process not found"
+            BASH
+
+            say ssh.exec!(script)
+          end
+
+          def uninstall_agent(ssh)
+            marker = "/usr/local/backups/setup_do_metrics.after"
+
+            script = <<~BASH
+              set -e
+
+              if [ ! -f "#{marker}" ]; then
+                echo "💡 No marker for metrics agent found. Skipping rollback."
+                exit 0
+              fi
+
+              echo "🧹 Uninstalling DigitalOcean Metrics Agent..."
+
+              if dpkg -l | grep -q do-agent; then
+                echo "📦 Removing do-agent package..."
+                sudo apt-get remove --purge -y do-agent
+              else
+                echo "💡 do-agent is not installed, skipping package removal."
+              fi
+
+              if systemctl list-unit-files | grep -q do-agent.service; then
+                echo "✍🏻 Stopping do-agent service..."
+                sudo systemctl stop do-agent || true
+                sudo systemctl disable do-agent || true
+              else
+                echo "💡 do-agent.service not found in systemd, skipping stop/disable"
+              fi
+
+              sudo rm -f "#{marker}"
+              echo "✅ Metrics Agent removed"
+            BASH
+
+            say ssh.exec!(script)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kitsune/kit/commands/setup_postgres_docker.rb

@@ -46,6 +46,8 @@ module Kitsune
 
         desc "rollback", "Remove PostgreSQL Docker setup from remote server"
         def rollback
+          postgres_defaults = Kitsune::Kit::Defaults.postgres
+
           filled_options = Kitsune::Kit::OptionsBuilder.build(
             options,
             required: [:server_ip],
@@ -53,7 +55,7 @@ module Kitsune
           )
 
           with_ssh_connection(filled_options) do |ssh|
-            perform_rollback(ssh)
+            perform_rollback(ssh, postgres_defaults)
           end
         end
 
@@ -184,7 +186,7 @@ module Kitsune
                 if ! sudo ufw status | grep -q "#{postgres_defaults[:postgres_port]}"; then
                   sudo ufw allow #{postgres_defaults[:postgres_port]}
                 else
-                  echo "🔸 Port #{postgres_defaults[:postgres_port]} is already allowed in ufw."
+                  echo "💡 Port #{postgres_defaults[:postgres_port]} is already allowed in ufw."
                 fi
               else
                 echo "⚠️ ufw not found. Skipping firewall configuration."
@@ -193,7 +195,7 @@ module Kitsune
             ssh.exec!(firewall)
           end
 
-          def perform_rollback(ssh)
+          def perform_rollback(ssh, postgres_defaults)
             output = ssh.exec! <<~EOH
               set -e
 
@@ -213,7 +215,7 @@ module Kitsune
 
                 if command -v ufw >/dev/null; then
                   echo "🛡️ Removing PostgreSQL port from firewall..."
-                  sudo ufw delete allow 5432 || true
+                  sudo ufw delete allow #{postgres_defaults[:postgres_port]} || true
                 fi
               else
                 echo "💡 Nothing to rollback"

data/lib/kitsune/kit/commands/setup_swap.rb

@@ -0,0 +1,151 @@
+require "thor"
+require "net/ssh"
+require_relative "../defaults"
+require_relative "../options_builder"
+
+module Kitsune
+  module Kit
+    module Commands
+      class SetupSwap < Thor
+        namespace "setup_swap"
+
+        class_option :server_ip, aliases: "-s", required: true, desc: "Server IP address"
+        class_option :ssh_port, aliases: "-p", desc: "SSH port"
+        class_option :ssh_key_path, aliases: "-k", desc: "SSH private key path"
+        class_option :size_gb, type: :numeric, desc: "Swap size in GB"
+        class_option :swappiness, type: :numeric, desc: "vm.swappiness value (0-100)"
+
+        desc "create", "Create and activate a swap file on the remote server"
+        def create
+          if Kitsune::Kit::Defaults.system[:disable_swap]
+            say "⚠️ Swap setup is disabled via DISABLE_SWAP=true", :yellow
+            return
+          end
+
+          filled_options = Kitsune::Kit::OptionsBuilder.build(
+            options,
+            required: [:server_ip],
+            defaults: Kitsune::Kit::Defaults.system.merge(Kitsune::Kit::Defaults.ssh)
+          )
+
+          with_ssh_connection(filled_options) do |ssh|
+            perform_setup(ssh, filled_options)
+          end
+        end
+
+        desc "rollback", "Disable and remove swap file from remote server"
+        def rollback
+          filled_options = Kitsune::Kit::OptionsBuilder.build(
+            options,
+            required: [:server_ip],
+            defaults: Kitsune::Kit::Defaults.system.merge(Kitsune::Kit::Defaults.ssh)
+          )
+
+          with_ssh_connection(filled_options) do |ssh|
+            perform_rollback(ssh)
+          end
+        end
+
+        no_commands do
+          def with_ssh_connection(filled)
+            server = filled[:server_ip]
+            port   = filled[:ssh_port]
+            key    = File.expand_path(filled[:ssh_key_path])
+
+            say "🔑 Connecting as deploy@#{server}:#{port}", :green
+            Net::SSH.start(server, "deploy", port: port, keys: [key], non_interactive: true, timeout: 5) do |ssh|
+              yield ssh
+            end
+          end
+
+          def perform_setup(ssh, filled_options)
+            size_gb = filled_options[:swap_size_gb].to_i
+            swappiness = filled_options[:swap_swappiness].to_i
+
+            abort "❌ Invalid swap size" if size_gb <= 0
+
+            script = <<~EOH
+              set -e
+
+              BACKUP_DIR="/usr/local/backups"
+              MARKER_FILE="${BACKUP_DIR}/setup_swap.after"
+              SWAPPINESS_BEFORE_FILE="${BACKUP_DIR}/setup_swap.swappiness.before"
+
+              if [ -f "$MARKER_FILE" ]; then
+                echo "🔁 Swap already set up, skipping."
+                exit 0
+              fi
+
+              SWAPFILE="/swapfile"
+              SIZE_GB=#{size_gb}
+              SIZE_BYTES=$((SIZE_GB * 1024 * 1024 * 1024))
+
+              echo "📝 Creating ${SIZE_GB}GB swap file..."
+              sudo fallocate -l ${SIZE_BYTES} ${SWAPFILE}
+              sudo chmod 600 ${SWAPFILE}
+              sudo mkswap ${SWAPFILE}
+              sudo swapon ${SWAPFILE}
+              echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
+
+              # Backup swappiness if not already backed up
+              if [ ! -f "$SWAPPINESS_BEFORE_FILE" ]; then
+                CURRENT=$(cat /proc/sys/vm/swappiness)
+                echo "$CURRENT" | sudo tee "$SWAPPINESS_BEFORE_FILE"
+                echo "✍🏻 Backed up vm.swappiness: $CURRENT"
+              fi
+
+              echo "🛠️ Setting vm.swappiness=#{swappiness}"
+              sudo sysctl vm.swappiness=#{swappiness}
+              echo "vm.swappiness=#{swappiness}" | sudo tee -a /etc/sysctl.conf
+
+              sudo mkdir -p "$BACKUP_DIR"
+              sudo touch "$MARKER_FILE"
+
+              echo "✅ Swap file created and swappiness set"
+              free -h
+            EOH
+
+            say ssh.exec!(script)
+          end
+
+          def perform_rollback(ssh)
+            script = <<~EOH
+              set -e
+
+              BACKUP_DIR="/usr/local/backups"
+              MARKER_FILE="${BACKUP_DIR}/setup_swap.after"
+              SWAPPINESS_BEFORE_FILE="${BACKUP_DIR}/setup_swap.swappiness.before"
+
+              if [ ! -f "$MARKER_FILE" ]; then
+                echo "💡 No swap marker found, skipping rollback."
+                exit 0
+              fi
+
+              echo "🧹 Removing swap..."
+              sudo swapoff /swapfile || true
+              sudo rm -f /swapfile
+              sudo sed -i '/\\/swapfile none swap sw 0 0/d' /etc/fstab
+              sudo rm -f "$MARKER_FILE"
+
+              if [ -f "$SWAPPINESS_BEFORE_FILE" ]; then
+                ORIGINAL=$(cat "$SWAPPINESS_BEFORE_FILE")
+                echo "🔁 Restoring vm.swappiness: $ORIGINAL"
+                sudo sysctl vm.swappiness=$ORIGINAL
+                sudo sed -i '/vm.swappiness=/d' /etc/sysctl.conf
+                echo "vm.swappiness=$ORIGINAL" | sudo tee -a /etc/sysctl.conf
+                sudo rm -f "$SWAPPINESS_BEFORE_FILE"
+              else
+                echo "💡 No swappiness backup found, skipping restore."
+              fi
+
+              echo "✅ Swap rollback completed"
+              free -h
+            EOH
+
+            say ssh.exec!(script)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kitsune/kit/defaults.rb

@@ -22,6 +22,16 @@ module Kitsune
         image: "postgres:15"
       }.freeze
 
+      SYSTEM = {
+        swap_size_gb: 2,
+        swap_swappiness: 10,
+        disable_swap: false
+      }.freeze
+
+      METRICS = {
+        enable_do_metrics: true
+      }.freeze
+
       def self.infra
         {
           droplet_name: ENV.fetch('DROPLET_NAME', DROPLET[:droplet_name]),
@@ -51,6 +61,20 @@ module Kitsune
           postgres_image: ENV.fetch('POSTGRES_IMAGE', POSTGRES[:image])
         }
       end
+
+      def self.system
+        {
+          swap_size_gb: ENV.fetch("SWAP_SIZE_GB", SYSTEM[:swap_size_gb]).to_i,
+          swap_swappiness: ENV.fetch("SWAP_SWAPPINESS", SYSTEM[:swap_swappiness]).to_i,
+          disable_swap: ENV.fetch("DISABLE_SWAP", SYSTEM[:disable_swap].to_s) == "true"
+        }
+      end
+
+      def self.metrics
+        {
+          enable_do_metrics: ENV.fetch("ENABLE_DO_METRICS", METRICS[:enable_do_metrics].to_s) == "true"
+        }
+      end
     end
   end
 end

data/lib/kitsune/kit/version.rb

@@ -2,6 +2,6 @@
 
 module Kitsune
   module Kit
-    VERSION = "0.1.1"
+    VERSION = "0.2.0"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitsune-kit
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Omar Herrera
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-05-01 00:00:00.000000000 Z
+date: 2025-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ssh
@@ -193,9 +193,11 @@ files:
 - lib/kitsune/kit/commands/install_docker_engine.rb
 - lib/kitsune/kit/commands/postinstall_docker.rb
 - lib/kitsune/kit/commands/provision.rb
+- lib/kitsune/kit/commands/setup_do_metrics.rb
 - lib/kitsune/kit/commands/setup_docker_prereqs.rb
 - lib/kitsune/kit/commands/setup_firewall.rb
 - lib/kitsune/kit/commands/setup_postgres_docker.rb
+- lib/kitsune/kit/commands/setup_swap.rb
 - lib/kitsune/kit/commands/setup_unattended.rb
 - lib/kitsune/kit/commands/setup_user.rb
 - lib/kitsune/kit/commands/switch_env.rb