nvoi 0.1.5 → 0.1.7

data/lib/nvoi/cli/unlock/command.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Nvoi
+  class Cli
+    module Unlock
+      # Command removes deployment lock from remote server
+      class Command
+        def initialize(options)
+          @options = options
+          @log = Nvoi.logger
+        end
+
+        def run
+          config_path = resolve_config_path
+          @config = Utils::ConfigLoader.load(config_path)
+
+          # Apply branch override if specified
+          apply_branch_override if @options[:branch]
+
+          # Initialize cloud provider
+          @provider = External::Cloud.for(@config)
+
+          # Find main server
+          server = @provider.find_server(@config.server_name)
+          raise Errors::ServiceError, "server not found: #{@config.server_name}" unless server
+
+          ssh = External::Ssh.new(server.public_ipv4, @config.ssh_key_path)
+          lock_file = @config.namer.deployment_lock_file_path
+
+          # Check if lock exists and show info
+          output = ssh.execute("test -f #{lock_file} && cat #{lock_file} || echo ''").strip
+
+          if output.empty?
+            @log.info "No lock file found: %s", lock_file
+            return
+          end
+
+          timestamp = output.to_i
+          if timestamp > 0
+            lock_time = Time.at(timestamp)
+            age = Time.now - lock_time
+            @log.info "Lock file age: %ds (since %s)", age.round, lock_time.strftime("%H:%M:%S")
+          end
+
+          ssh.execute("rm -f #{lock_file}")
+          @log.success "Removed lock file: %s", lock_file
+        end
+
+        private
+
+          def resolve_config_path
+            config_path = @options[:config] || "deploy.enc"
+            working_dir = @options[:dir]
+
+            if config_path == "deploy.enc" && working_dir && working_dir != "."
+              File.join(working_dir, "deploy.enc")
+            else
+              config_path
+            end
+          end
+
+          def apply_branch_override
+            branch = @options[:branch]
+            return if branch.nil? || branch.empty?
+
+            override = Objects::ConfigOverride.new(branch:)
+            override.apply(@config)
+          end
+      end
+    end
+  end
+end

data/lib/nvoi/cli.rb

@@ -3,85 +3,14 @@
 require "thor"
 
 module Nvoi
-  # CredentialsCLI handles encrypted credential management
-  class CredentialsCLI < Thor
-    class_option :credentials, desc: "Path to encrypted credentials file (default: deploy.enc)"
-    class_option :master_key, desc: "Path to master key file (default: deploy.key or $NVOI_MASTER_KEY)"
-    class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
-
-    def self.exit_on_failure?
-      true
-    end
-
-    desc "edit", "Edit encrypted credentials"
-    long_desc <<~DESC
-      Decrypt credentials, open in $EDITOR, validate, and re-encrypt.
-
-      On first run, generates a new master key and creates deploy.key (git-ignored).
-      The master key can also be provided via $NVOI_MASTER_KEY environment variable.
-    DESC
-    def edit
-      log = Nvoi.logger
-      log.info "Credentials Editor"
-
-      working_dir = resolve_working_dir
-
-      enc_path = options[:credentials]
-      enc_path = File.join(working_dir, Credentials::DEFAULT_ENCRYPTED_FILE) if enc_path.nil? || enc_path.empty?
-
-      if File.exist?(enc_path)
-        # Existing file: load manager
-        manager = Credentials::Manager.new(working_dir, options[:credentials], options[:master_key])
-      else
-        # First time: initialize
-        log.info "Creating new encrypted credentials file"
-        manager = Credentials::Manager.for_init(working_dir)
-      end
-
-      editor = Credentials::Editor.new(manager)
-      editor.edit
-
-      # Update .gitignore on first run
-      if manager.key_path
-        begin
-          manager.update_gitignore
-          log.info "Added %s to .gitignore", Credentials::DEFAULT_KEY_FILE
-        rescue StandardError => e
-          log.warning "Failed to update .gitignore: %s", e.message
-        end
-
-        log.success "Master key saved to: %s", manager.key_path
-        log.warning "Keep this key safe! You cannot decrypt credentials without it."
-      end
-    end
-
-    desc "show", "Display decrypted credentials"
-    long_desc "Decrypt and print credentials to stdout. Useful for debugging or piping to other tools."
-    def show
-      working_dir = resolve_working_dir
-      manager = Credentials::Manager.new(working_dir, options[:credentials], options[:master_key])
-      editor = Credentials::Editor.new(manager)
-      editor.show
-    end
-
-    private
-
-      def resolve_working_dir
-        wd = options[:dir]
-        if wd.nil? || wd.empty? || wd == "."
-          Dir.pwd
-        else
-          File.expand_path(wd)
-        end
-      end
-  end
-
-  # Main CLI for nvoi commands
-  class CLI < Thor
-    class_option :config, aliases: "-c", default: Constants::DEFAULT_CONFIG_FILE,
+  # Main CLI for nvoi commands - Thor routing only
+  class Cli < Thor
+    class_option :config, aliases: "-c", default: "deploy.enc",
                           desc: "Path to deployment configuration file"
     class_option :dir, aliases: "-d", default: ".",
                        desc: "Working directory containing the application code"
+    class_option :branch, aliases: "-b",
+                          desc: "Branch name for isolated deployments (prefixes app name and subdomains)"
 
     def self.exit_on_failure?
       true
@@ -92,99 +21,368 @@ module Nvoi
       puts "nvoi #{VERSION}"
     end
 
+    desc "onboard", "Interactive setup wizard"
+    def onboard
+      require_relative "cli/onboard/command"
+      Cli::Onboard::Command.new.run
+    end
+
     desc "deploy", "Deploy application"
     option :dockerfile_path, desc: "Path to Dockerfile (optional, defaults to ./Dockerfile)"
     option :config_dir, desc: "Directory containing SSH keys (optional, defaults to ~/.ssh)"
     def deploy
-      log = Nvoi.logger
-      log.info "Deploy CLI %s", VERSION
-
-      config_path = resolve_config_path
-      working_dir = options[:dir]
-      dockerfile_path = options[:dockerfile_path] || File.join(working_dir, "Dockerfile")
-
-      begin
-        svc = Service::DeployService.new(config_path, working_dir, log)
-        svc.config_dir = options[:config_dir] if options[:config_dir]
-        svc.dockerfile_path = dockerfile_path
-        svc.run
-      rescue StandardError => e
-        log.error "Deployment failed: %s", e.message
-        raise
-      end
+      require_relative "cli/deploy/command"
+      Cli::Deploy::Command.new(options).run
     end
 
     desc "delete", "Delete server, firewall, and network"
     option :config_dir, desc: "Directory containing SSH keys (optional, defaults to ~/.ssh)"
     def delete
-      log = Nvoi.logger
-      log.info "Delete CLI %s", VERSION
-
-      config_path = resolve_config_path
-
-      begin
-        svc = Service::DeleteService.new(config_path, log)
-        svc.config_dir = options[:config_dir] if options[:config_dir]
-        svc.run
-      rescue StandardError => e
-        log.error "Delete failed: %s", e.message
-        raise
-      end
+      require_relative "cli/delete/command"
+      Cli::Delete::Command.new(options).run
+    end
+
+    desc "unlock", "Remove deployment lock (use when deploy hangs)"
+    def unlock
+      require_relative "cli/unlock/command"
+      Cli::Unlock::Command.new(options).run
+    end
+
+    desc "logs APP_NAME", "Stream logs from an app"
+    option :follow, aliases: "-f", type: :boolean, default: false, desc: "Follow log output"
+    option :tail, aliases: "-n", type: :numeric, default: 100, desc: "Number of lines to show"
+    def logs(app_name)
+      require_relative "cli/logs/command"
+      Cli::Logs::Command.new(options).run(app_name)
     end
 
     desc "exec [COMMAND...]", "Execute command on remote server or open interactive shell"
-    long_desc <<~DESC
-      Execute arbitrary bash commands on remote servers using existing configuration,
-      or open an interactive SSH shell with --interactive flag.
-    DESC
     option :server, default: "main", desc: "Server to execute on (main, worker-1, worker-2, etc.)"
     option :all, type: :boolean, default: false, desc: "Execute on all servers"
     option :interactive, aliases: "-i", type: :boolean, default: false,
                          desc: "Open interactive SSH shell instead of executing command"
     def exec(*args)
-      log = Nvoi.logger
-      log.info "Exec CLI %s", VERSION
+      require_relative "cli/exec/command"
+      Cli::Exec::Command.new(options).run(args)
+    end
 
-      config_path = resolve_config_path
+    desc "credentials SUBCOMMAND", "Manage encrypted deployment credentials"
+    subcommand "credentials", Class.new(Thor) {
+      def self.exit_on_failure?
+        true
+      end
 
-      begin
-        svc = Service::ExecService.new(config_path, log)
+      class_option :credentials, desc: "Path to encrypted credentials file (default: deploy.enc)"
+      class_option :master_key, desc: "Path to master key file (default: deploy.key or $NVOI_MASTER_KEY)"
+      class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
 
-        if options[:interactive]
-          log.warning "Ignoring command arguments in interactive mode" unless args.empty?
-          log.warning "Ignoring --all flag in interactive mode" if options[:all]
-          svc.open_shell(options[:server])
-        else
-          raise ArgumentError, "command required (use --interactive/-i for shell)" if args.empty?
+      desc "edit", "Edit encrypted credentials"
+      def edit
+        require_relative "cli/credentials/edit/command"
+        Nvoi::Cli::Credentials::Edit::Command.new(options).run
+      end
 
-          command = args.join(" ")
+      desc "show", "Show decrypted credentials"
+      def show
+        require_relative "cli/credentials/show/command"
+        Nvoi::Cli::Credentials::Show::Command.new(options).run
+      end
 
-          if options[:all]
-            svc.run_all(command)
-          else
-            svc.run(command, options[:server])
-          end
-        end
-      rescue StandardError => e
-        log.error "Exec failed: %s", e.message
-        raise
+      desc "set PATH VALUE", "Set a value at a dot-notation path"
+      def set(path, value)
+        require_relative "cli/credentials/edit/command"
+        Nvoi::Cli::Credentials::Edit::Command.new(options).set(path, value)
       end
-    end
+    }
 
-    desc "credentials SUBCOMMAND", "Manage encrypted deployment credentials"
-    subcommand "credentials", CredentialsCLI
+    desc "config SUBCOMMAND", "Manage deployment configuration"
+    subcommand "config", Class.new(Thor) {
+      def self.exit_on_failure?
+        true
+      end
 
-    private
+      class_option :credentials, desc: "Path to encrypted config file"
+      class_option :master_key, desc: "Path to master key file"
+      class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
 
-      def resolve_config_path
-        config_path = options[:config]
-        working_dir = options[:dir]
+      desc "init", "Initialize new config"
+      option :name, required: true, desc: "Application name"
+      option :environment, default: "production", desc: "Environment"
+      def init
+        require_relative "cli/config/command"
+        Nvoi::Cli::Config::Command.new(options).init(options[:name], options[:environment])
+      end
 
-        if config_path == Constants::DEFAULT_CONFIG_FILE && working_dir && working_dir != "."
-          File.join(working_dir, Constants::DEFAULT_CONFIG_FILE)
-        else
-          config_path
+      desc "provider SUBCOMMAND", "Manage compute provider"
+      subcommand "provider", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set PROVIDER", "Set compute provider (hetzner, aws, scaleway)"
+        option :api_token, desc: "API token (hetzner)"
+        option :server_type, desc: "Server type (cx22, etc)"
+        option :server_location, desc: "Location (fsn1, etc)"
+        option :access_key_id, desc: "AWS access key ID"
+        option :secret_access_key, desc: "AWS secret access key"
+        option :region, desc: "AWS region"
+        option :instance_type, desc: "AWS instance type"
+        option :secret_key, desc: "Scaleway secret key"
+        option :project_id, desc: "Scaleway project ID"
+        option :zone, desc: "Scaleway zone"
+        def set(provider)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).provider_set(provider, **options.slice(
+            :api_token, :server_type, :server_location,
+            :access_key_id, :secret_access_key, :region, :instance_type,
+            :secret_key, :project_id, :zone
+          ).transform_keys(&:to_sym).compact)
         end
+
+        desc "rm", "Remove compute provider"
+        def rm
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).provider_rm
+        end
+      }
+
+      desc "domain SUBCOMMAND", "Manage domain provider"
+      subcommand "domain", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set PROVIDER", "Set domain provider (cloudflare)"
+        option :api_token, required: true, desc: "API token"
+        option :account_id, required: true, desc: "Account ID"
+        def set(provider)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).domain_set(provider, api_token: options[:api_token], account_id: options[:account_id])
+        end
+
+        desc "rm", "Remove domain provider"
+        def rm
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).domain_rm
+        end
+      }
+
+      desc "server SUBCOMMAND", "Manage servers"
+      subcommand "server", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set NAME", "Add or update server"
+        option :master, type: :boolean, default: false, desc: "Set as master server"
+        option :type, desc: "Server type override"
+        option :location, desc: "Location override"
+        option :count, type: :numeric, default: 1, desc: "Number of servers"
+        def set(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).server_set(name, master: options[:master], type: options[:type], location: options[:location], count: options[:count])
+        end
+
+        desc "rm NAME", "Remove server"
+        def rm(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).server_rm(name)
+        end
+      }
+
+      desc "volume SUBCOMMAND", "Manage volumes"
+      subcommand "volume", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set SERVER NAME", "Add or update volume"
+        option :size, type: :numeric, default: 10, desc: "Volume size in GB"
+        def set(server, name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).volume_set(server, name, size: options[:size])
+        end
+
+        desc "rm SERVER NAME", "Remove volume"
+        def rm(server, name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).volume_rm(server, name)
+        end
+      }
+
+      desc "app SUBCOMMAND", "Manage applications"
+      subcommand "app", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set NAME", "Add or update app"
+        option :servers, type: :array, required: true, desc: "Server names to run on"
+        option :domain, desc: "Domain"
+        option :subdomain, desc: "Subdomain"
+        option :port, type: :numeric, desc: "Port"
+        option :command, desc: "Run command"
+        option :pre_run_command, desc: "Pre-run command (migrations, etc)"
+        def set(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).app_set(name, **options.slice(:servers, :domain, :subdomain, :port, :command, :pre_run_command).transform_keys(&:to_sym).compact)
+        end
+
+        desc "rm NAME", "Remove app"
+        def rm(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).app_rm(name)
+        end
+      }
+
+      desc "database SUBCOMMAND", "Manage database"
+      subcommand "database", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set", "Set database configuration"
+        option :servers, type: :array, required: true, desc: "Server names"
+        option :adapter, required: true, desc: "Database adapter (postgres, mysql, sqlite3)"
+        option :user, desc: "Database user"
+        option :password, desc: "Database password"
+        option :database, desc: "Database name"
+        option :url, desc: "Database URL (alternative to user/pass/db)"
+        option :image, desc: "Custom Docker image"
+        def set
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).database_set(**options.slice(:servers, :adapter, :user, :password, :database, :url, :image).transform_keys(&:to_sym).compact)
+        end
+
+        desc "rm", "Remove database"
+        def rm
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).database_rm
+        end
+      }
+
+      desc "service SUBCOMMAND", "Manage services (redis, etc)"
+      subcommand "service", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set NAME", "Add or update service"
+        option :servers, type: :array, required: true, desc: "Server names"
+        option :image, required: true, desc: "Docker image"
+        option :port, type: :numeric, desc: "Port"
+        option :command, desc: "Command"
+        def set(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).service_set(name, **options.slice(:servers, :image, :port, :command).transform_keys(&:to_sym).compact)
+        end
+
+        desc "rm NAME", "Remove service"
+        def rm(name)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).service_rm(name)
+        end
+      }
+
+      desc "secret SUBCOMMAND", "Manage secrets"
+      subcommand "secret", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set KEY VALUE", "Set secret"
+        def set(key, value)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).secret_set(key, value)
+        end
+
+        desc "rm KEY", "Remove secret"
+        def rm(key)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).secret_rm(key)
+        end
+      }
+
+      desc "env SUBCOMMAND", "Manage environment variables"
+      subcommand "env", Class.new(Thor) {
+        def self.exit_on_failure? = true
+        class_option :credentials, desc: "Path to encrypted config file"
+        class_option :master_key, desc: "Path to master key file"
+        class_option :dir, aliases: "-d", default: ".", desc: "Working directory"
+
+        desc "set KEY VALUE", "Set environment variable"
+        def set(key, value)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).env_set(key, value)
+        end
+
+        desc "rm KEY", "Remove environment variable"
+        def rm(key)
+          require_relative "cli/config/command"
+          Nvoi::Cli::Config::Command.new(options).env_rm(key)
+        end
+      }
+    }
+
+    desc "db SUBCOMMAND", "Database operations"
+    subcommand "db", Class.new(Thor) {
+      def self.exit_on_failure?
+        true
       end
+
+      class_option :config, aliases: "-c", default: "deploy.enc",
+                            desc: "Path to deployment configuration file"
+      class_option :dir, aliases: "-d", default: ".",
+                         desc: "Working directory"
+      class_option :branch, aliases: "-b",
+                            desc: "Branch name for isolated deployments"
+
+      desc "branch SUBCOMMAND", "Database branch operations"
+      subcommand "branch", Class.new(Thor) {
+        def self.exit_on_failure?
+          true
+        end
+
+        class_option :config, aliases: "-c", default: "deploy.enc",
+                              desc: "Path to deployment configuration file"
+        class_option :dir, aliases: "-d", default: ".",
+                           desc: "Working directory"
+        class_option :branch, aliases: "-b",
+                              desc: "Branch name for isolated deployments"
+
+        desc "create [NAME]", "Create a new database branch (snapshot)"
+        def create(name = nil)
+          require_relative "cli/db/command"
+          Nvoi::Cli::Db::Command.new(options).branch_create(name)
+        end
+
+        desc "list", "List all database branches"
+        def list
+          require_relative "cli/db/command"
+          Nvoi::Cli::Db::Command.new(options).branch_list
+        end
+
+        desc "restore ID [NEW_DB_NAME]", "Restore a database branch to a new database"
+        def restore(branch_id, new_db_name = nil)
+          require_relative "cli/db/command"
+          Nvoi::Cli::Db::Command.new(options).branch_restore(branch_id, new_db_name)
+        end
+
+        desc "download ID", "Download a database branch dump"
+        option :path, aliases: "-p", desc: "Output file path (default: {branch_id}.sql)"
+        def download(branch_id)
+          require_relative "cli/db/command"
+          Nvoi::Cli::Db::Command.new(options).branch_download(branch_id)
+        end
+      }
+    }
   end
 end

data/lib/nvoi/config_api/actions/app.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module ConfigApi
+    module Actions
+      class SetApp < Base
+        protected
+
+          def mutate(data, name:, servers:, domain: nil, subdomain: nil, port: nil, command: nil, pre_run_command: nil, env: nil, mounts: nil)
+            raise ArgumentError, "name is required" if name.nil? || name.to_s.empty?
+            raise ArgumentError, "servers is required" if servers.nil? || servers.empty?
+            raise ArgumentError, "servers must be an array" unless servers.is_a?(Array)
+
+            validate_server_refs(data, servers)
+
+            app(data)["app"] ||= {}
+            app(data)["app"][name.to_s] = {
+              "servers" => servers.map(&:to_s),
+              "domain" => domain,
+              "subdomain" => subdomain,
+              "port" => port,
+              "command" => command,
+              "pre_run_command" => pre_run_command,
+              "env" => env,
+              "mounts" => mounts
+            }.compact
+          end
+
+        private
+
+          def validate_server_refs(data, servers)
+            defined = (app(data)["servers"] || {}).keys
+            servers.each do |ref|
+              raise Errors::ConfigValidationError, "server '#{ref}' not found" unless defined.include?(ref.to_s)
+            end
+          end
+      end
+
+      class DeleteApp < Base
+        protected
+
+          def mutate(data, name:)
+            raise ArgumentError, "name is required" if name.nil? || name.to_s.empty?
+
+            apps = app(data)["app"] || {}
+            raise Errors::ConfigValidationError, "app '#{name}' not found" unless apps.key?(name.to_s)
+
+            apps.delete(name.to_s)
+          end
+      end
+    end
+  end
+end