nvoi 0.1.5

data/lib/nvoi/remote/ssh_executor.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Remote
+    # SSHExecutor executes commands on remote servers via SSH
+    class SSHExecutor
+      attr_reader :ip, :ssh_key, :user
+
+      def initialize(ip, ssh_key)
+        @ip = ip
+        @ssh_key = ssh_key
+        @user = "deploy"
+        @strict_mode = ENV["SSH_STRICT_HOST_KEY_CHECKING"] == "true"
+      end
+
+      # Execute runs a command on the remote server
+      def execute(command, stream: false)
+        ssh_args = build_ssh_args
+        ssh_args += ["#{@user}@#{@ip}", command]
+
+        if stream
+          # Stream output to stdout/stderr for interactive commands
+          success = system("ssh", *ssh_args)
+          raise SSHCommandError, "SSH command failed" unless success
+
+          ""
+        else
+          # Capture output
+          output, status = Open3.capture2e("ssh", *ssh_args)
+
+          unless status.success?
+            raise SSHCommandError, "SSH command failed (exit code: #{status.exitstatus}): #{output}"
+          end
+
+          output.strip
+        end
+      end
+
+      # Execute quietly, ignoring errors (useful for optional cleanup)
+      def execute_quiet(command)
+        execute(command)
+      rescue StandardError
+        # Ignore errors
+      end
+
+      # Open an interactive SSH shell
+      def open_shell
+        ssh_args = build_ssh_args
+        ssh_args += ["-t", "#{@user}@#{@ip}"]
+
+        exec("ssh", *ssh_args)
+      end
+
+      private
+
+        def build_ssh_args
+          args = ["-o", "LogLevel=ERROR", "-i", @ssh_key]
+
+          if @strict_mode
+            # Use known_hosts verification
+            known_hosts_path = File.join(Dir.home, ".ssh", "known_hosts")
+            args += ["-o", "StrictHostKeyChecking=accept-new", "-o", "UserKnownHostsFile=#{known_hosts_path}"]
+          else
+            # Disable host key checking (default for cloud environments)
+            args += ["-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null"]
+          end
+
+          args
+        end
+    end
+  end
+end

data/lib/nvoi/remote/volume_manager.rb

@@ -0,0 +1,103 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Remote
+    # MountOptions contains options for mounting a volume
+    MountOptions = Struct.new(:device_path, :mount_path, :fs_type, keyword_init: true)
+
+    # VolumeManager handles volume mount operations via SSH
+    class VolumeManager
+      def initialize(ssh)
+        @ssh = ssh
+      end
+
+      # Mount formats (if needed) and mounts a volume at the specified path
+      def mount(opts)
+        fs_type = opts.fs_type || "xfs"
+
+        # Check if already mounted
+        return if mounted?(opts.mount_path)
+
+        # Wait for device to appear (Hetzner attachment is async)
+        wait_for_device(opts.device_path)
+
+        # Check if device has a filesystem
+        unless has_filesystem?(opts.device_path)
+          format_volume(opts.device_path, fs_type)
+        end
+
+        # Create mount point
+        @ssh.execute("sudo mkdir -p #{opts.mount_path}")
+
+        # Mount the volume
+        @ssh.execute("sudo mount #{opts.device_path} #{opts.mount_path}")
+
+        # Add to fstab for persistence
+        add_to_fstab(opts.device_path, opts.mount_path, fs_type)
+      end
+
+      # Unmount a volume
+      def unmount(mount_path)
+        return unless mounted?(mount_path)
+
+        @ssh.execute("sudo umount #{mount_path}")
+      end
+
+      # Check if a path is currently mounted
+      def mounted?(mount_path)
+        output = @ssh.execute("mountpoint -q #{mount_path} && echo 'mounted' || echo 'not_mounted'")
+        output.strip == "mounted"
+      rescue SSHCommandError
+        # mountpoint command might fail if path doesn't exist
+        false
+      end
+
+      # Remove a mount entry from /etc/fstab
+      def remove_from_fstab(mount_path)
+        @ssh.execute("sudo sed -i '\\|#{mount_path}|d' /etc/fstab")
+      end
+
+      private
+
+        def wait_for_device(device_path, timeout: 60)
+          attempts = 0
+          max_attempts = timeout / 2
+
+          loop do
+            output = @ssh.execute("test -e #{device_path} && echo 'exists' || echo 'missing'")
+            return if output.strip == "exists"
+
+            attempts += 1
+            if attempts >= max_attempts
+              raise VolumeError, "Timeout waiting for device #{device_path} to appear"
+            end
+
+            sleep(2)
+          end
+        end
+
+        def has_filesystem?(device_path)
+          output = @ssh.execute("sudo blkid #{device_path}")
+          output.include?("TYPE=")
+        rescue SSHCommandError
+          # blkid returns error if no filesystem
+          false
+        end
+
+        def format_volume(device_path, fs_type)
+          @ssh.execute("sudo mkfs.#{fs_type} #{device_path}")
+        end
+
+        def add_to_fstab(device_path, mount_path, fs_type)
+          # Check if entry already exists
+          output = @ssh.execute("grep -q '#{mount_path}' /etc/fstab && echo 'exists' || echo 'missing'")
+          return if output.strip == "exists"
+
+          # Add fstab entry using UUID for reliability
+          cmd = "UUID=$(sudo blkid -s UUID -o value #{device_path}) && " \
+                "echo \"UUID=$UUID #{mount_path} #{fs_type} defaults,nofail 0 2\" | sudo tee -a /etc/fstab"
+          @ssh.execute(cmd)
+        end
+    end
+  end
+end

data/lib/nvoi/service/delete.rb

@@ -0,0 +1,234 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Service
+    # DeleteService handles cleanup of cloud resources
+    class DeleteService
+      include ProviderHelper
+
+      attr_accessor :config_dir
+
+      def initialize(config_path, log)
+        @log = log
+
+        # Load configuration
+        @config = Config.load(config_path)
+
+        # Initialize provider
+        @provider = init_provider(@config)
+
+        # Initialize Cloudflare client
+        cf = @config.cloudflare
+        @cf_client = Cloudflare::Client.new(cf.api_token, cf.account_id)
+      end
+
+      def run
+        @log.info "Using %s Cloud provider", @config.provider_name
+
+        # Detach volumes first (must happen before server deletion)
+        detach_volumes
+
+        # Delete all servers from all groups
+        delete_all_servers
+
+        # Delete volumes (already detached)
+        delete_volumes
+
+        # Delete firewall
+        @log.info "Deleting firewall: %s", @config.firewall_name
+        begin
+          firewall = @provider.get_firewall_by_name(@config.firewall_name)
+          delete_firewall_with_retry(firewall.id) if firewall
+        rescue FirewallError => e
+          @log.warning "Firewall not found: %s", e.message
+        end
+
+        # Delete network
+        @log.info "Deleting network: %s", @config.network_name
+        begin
+          network = @provider.get_network_by_name(@config.network_name)
+          if network
+            @provider.delete_network(network.id)
+            @log.success "Network deleted"
+          end
+        rescue NetworkError => e
+          @log.warning "Network not found: %s", e.message
+        end
+
+        # Delete Cloudflare resources
+        delete_cloudflare_resources
+
+        @log.success "Cleanup complete"
+      end
+
+      private
+
+        def delete_firewall_with_retry(firewall_id, max_retries: 5)
+          max_retries.times do |i|
+            begin
+              @provider.delete_firewall(firewall_id)
+              @log.success "Firewall deleted"
+              return
+            rescue StandardError => e
+              if i == max_retries - 1
+                raise ServiceError, "failed to delete firewall after #{max_retries} attempts: #{e.message}"
+              end
+
+              @log.info "Firewall still in use, waiting 3s before retry (%d/%d)", i + 1, max_retries
+              sleep(3)
+            end
+          end
+        end
+
+        def detach_volumes
+          volume_names = collect_volume_names
+          return if volume_names.empty?
+
+          @log.info "Detaching %d volume(s)", volume_names.size
+
+          volume_names.each do |vol_name|
+            begin
+              volume = @provider.get_volume_by_name(vol_name)
+              next unless volume&.server_id && !volume.server_id.empty?
+
+              @log.info "Detaching volume: %s", vol_name
+              @provider.detach_volume(volume.id)
+              @log.success "Volume detached: %s", vol_name
+            rescue StandardError => e
+              @log.warning "Failed to detach volume %s: %s", vol_name, e.message
+            end
+          end
+        end
+
+        def delete_volumes
+          volume_names = collect_volume_names
+          return if volume_names.empty?
+
+          @log.info "Deleting %d volume(s)", volume_names.size
+
+          volume_names.each do |vol_name|
+            @log.info "Deleting volume: %s", vol_name
+
+            begin
+              volume = @provider.get_volume_by_name(vol_name)
+              unless volume
+                @log.info "Volume not found: %s", vol_name
+                next
+              end
+
+              @provider.delete_volume(volume.id)
+              @log.success "Volume deleted: %s", vol_name
+            rescue StandardError => e
+              @log.warning "Failed to delete volume %s: %s", vol_name, e.message
+            end
+          end
+        end
+
+        def collect_volume_names
+          namer = @config.namer
+          names = []
+
+          # Database volume
+          db = @config.deploy.application.database
+          names << namer.database_volume_name if db&.volume && !db.volume.empty?
+
+          # Service volumes
+          @config.deploy.application.services.each do |svc_name, svc|
+            names << namer.service_volume_name(svc_name, "data") if svc&.volume && !svc.volume.empty?
+          end
+
+          # App volumes
+          @config.deploy.application.app.each do |app_name, app|
+            next unless app&.volumes && !app.volumes.empty?
+
+            app.volumes.keys.each do |vol_key|
+              names << namer.app_volume_name(app_name, vol_key)
+            end
+          end
+
+          names
+        end
+
+        def delete_all_servers
+          servers = @config.deploy.application.servers
+          return if servers.empty?
+
+          servers.each do |group_name, group_config|
+            next unless group_config
+
+            count = group_config.count.positive? ? group_config.count : 1
+            @log.info "Deleting %d server(s) from group '%s'", count, group_name
+
+            (1..count).each do |i|
+              server_name = @config.namer.server_name(group_name, i)
+              @log.info "Deleting server: %s", server_name
+
+              begin
+                server = @provider.find_server(server_name)
+                if server
+                  @provider.delete_server(server.id)
+                  @log.success "Server deleted: %s", server_name
+                end
+              rescue StandardError => e
+                @log.warning "Failed to delete server %s: %s", server_name, e.message
+              end
+            end
+          end
+        end
+
+        def delete_cloudflare_resources
+          @config.deploy.application.app.each do |service_name, service|
+            next unless service&.domain && !service.domain.empty?
+            next if service.subdomain.nil?
+
+            delete_tunnel_and_dns(service_name, service.domain, service.subdomain)
+          end
+        end
+
+        def delete_tunnel_and_dns(service_name, domain, subdomain)
+          tunnel_name = @config.namer.tunnel_name(service_name)
+          hostname = build_hostname(subdomain, domain)
+
+          # Delete tunnel
+          @log.info "Deleting Cloudflare tunnel: %s", tunnel_name
+          begin
+            tunnel = @cf_client.find_tunnel(tunnel_name)
+            if tunnel
+              @cf_client.delete_tunnel(tunnel.id)
+              @log.success "Tunnel deleted: %s", tunnel_name
+            end
+          rescue StandardError => e
+            @log.warning "Failed to delete tunnel: %s", e.message
+          end
+
+          # Delete DNS record
+          @log.info "Deleting DNS record: %s", hostname
+          begin
+            zone = @cf_client.find_zone(domain)
+            unless zone
+              @log.warning "Zone not found: %s", domain
+              return
+            end
+
+            record = @cf_client.find_dns_record(zone.id, hostname, "CNAME")
+            if record
+              @cf_client.delete_dns_record(zone.id, record.id)
+              @log.success "DNS record deleted: %s", hostname
+            end
+          rescue StandardError => e
+            @log.warning "Failed to delete DNS record: %s", e.message
+          end
+        end
+
+        # Build hostname from subdomain and domain
+        # Supports: "app" -> "app.example.com", "" or "@" -> "example.com", "*" -> "*.example.com"
+        def build_hostname(subdomain, domain)
+          if subdomain.nil? || subdomain.empty? || subdomain == "@"
+            domain
+          else
+            "#{subdomain}.#{domain}"
+          end
+        end
+    end
+  end
+end

data/lib/nvoi/service/deploy.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Service
+    # DeployService orchestrates the deployment process
+    class DeployService
+      include ProviderHelper
+
+      attr_accessor :config_dir, :dockerfile_path
+
+      def initialize(config_path, working_dir, log)
+        @working_dir = working_dir
+        @log = log
+
+        # Load configuration
+        @config = Config.load(config_path)
+
+        # Initialize provider
+        @provider = init_provider(@config)
+
+        # Validate provider-specific configuration
+        validate_provider_config(@config, @provider)
+
+        @log.info "Using %s Cloud provider", @config.provider_name
+      end
+
+      def run
+        @log.info "Starting deployment"
+        @log.separator
+
+        # Step 1: Provision server
+        server_ip = provision_server
+        raise DeploymentError.new("server provisioning", "failed") unless server_ip
+
+        # Step 2: Configure tunnels
+        tunnels = configure_tunnels
+
+        # Step 3: Deploy application
+        deploy_application(server_ip, tunnels)
+
+        # Success
+        @log.separator
+        @log.success "Deployment complete"
+
+        # Log service URLs
+        tunnels.each do |tunnel|
+          @log.info "Service %s: https://%s", tunnel.service_name, tunnel.hostname
+        end
+      end
+
+      private
+
+        def provision_server
+          # Step 1: Provision all servers (main + workers)
+          provisioner = Steps::ServerProvisioner.new(@config, @provider, @log)
+          main_server_ip = provisioner.run
+
+          # Step 2: Provision volumes (create, attach, mount)
+          volume_provisioner = Steps::VolumeProvisioner.new(@config, @provider, @log)
+          volume_provisioner.run
+
+          # Step 3: Setup K3s cluster (main server + join workers)
+          cluster_setup = Steps::K3sClusterSetup.new(@config, @provider, @log, main_server_ip)
+          cluster_setup.run
+
+          main_server_ip
+        end
+
+        def configure_tunnels
+          configurator = Steps::TunnelConfigurator.new(@config, @log)
+          configurator.run
+        end
+
+        def deploy_application(server_ip, tunnels)
+          app_deployer = Steps::ApplicationDeployer.new(@config, @provider, @working_dir, server_ip, tunnels, @log)
+          app_deployer.run
+        end
+    end
+  end
+end

data/lib/nvoi/service/exec.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Service
+    # ExecService handles remote command execution on servers
+    class ExecService
+      include ProviderHelper
+
+      def initialize(config_path, log)
+        @log = log
+
+        # Load configuration
+        @config = Config.load(config_path)
+
+        # Initialize provider
+        @provider = init_provider(@config)
+      end
+
+      # Run executes a command on a specific server
+      def run(command, server_name)
+        # Resolve server name (main, worker-1, etc. -> actual server name)
+        actual_server_name = resolve_server_name(server_name)
+
+        # Find server using provider
+        server = find_server(actual_server_name)
+
+        @log.info "Connecting to %s (%s)", actual_server_name, server.public_ipv4
+
+        # Create SSH executor
+        ssh = Remote::SSHExecutor.new(server.public_ipv4, @config.ssh_key_path)
+
+        # Execute command with streaming output
+        @log.info "Executing: %s", command
+        output = ssh.execute(command, stream: true)
+
+        # Output is already streamed, but if there's buffered output, show it
+        puts output if !output.empty? && !output.include?("\n")
+
+        @log.success "Command completed successfully"
+      end
+
+      # RunAll executes a command on all servers (main + workers)
+      def run_all(command)
+        # Get all server names
+        server_names = get_all_server_names
+
+        raise ServiceError, "no servers found in configuration" if server_names.empty?
+
+        @log.info "Executing on %d server(s): %s", server_names.size, server_names.join(", ")
+        @log.separator
+
+        # Execute in parallel with threads
+        results = {}
+        mutex = Mutex.new
+        threads = server_names.map do |name|
+          Thread.new do
+            actual_name = resolve_server_name(name)
+            begin
+              server = find_server(actual_name)
+              ssh = Remote::SSHExecutor.new(server.public_ipv4, @config.ssh_key_path)
+
+              @log.info "[%s] Executing...", name
+              output = ssh.execute(command)
+
+              # Print output with server prefix
+              output.strip.split("\n").each do |line|
+                puts "[#{name}] #{line}"
+              end
+
+              mutex.synchronize { results[name] = nil }
+            rescue StandardError => e
+              @log.error "[%s] Failed: %s", name, e.message
+              mutex.synchronize { results[name] = e }
+            end
+          end
+        end
+
+        threads.each(&:join)
+
+        @log.separator
+
+        failures = results.select { |_, err| err }.keys
+        if failures.any?
+          @log.warning "Command failed on %d server(s): %s", failures.size, failures.join(", ")
+          raise ServiceError, "command failed on some servers"
+        end
+
+        @log.success "Command completed successfully on all servers"
+      end
+
+      # OpenShell opens an interactive SSH shell on a specific server
+      def open_shell(server_name)
+        actual_server_name = resolve_server_name(server_name)
+        server = find_server(actual_server_name)
+
+        @log.info "Opening SSH shell to %s (%s)", actual_server_name, server.public_ipv4
+
+        ssh = Remote::SSHExecutor.new(server.public_ipv4, @config.ssh_key_path)
+        ssh.open_shell
+      end
+
+      private
+
+        def resolve_server_name(name)
+          return @config.server_name if name.nil? || name.empty? || name == "main"
+
+          # Check if name matches "{group}-{n}" pattern
+          parts = name.split("-")
+          if parts.length >= 2
+            num_str = parts.last
+            if num_str.match?(/^\d+$/)
+              group_name = parts[0...-1].join("-")
+              return @config.namer.server_name(group_name, num_str.to_i)
+            end
+          end
+
+          # Assume it's a group name, return first server
+          @config.namer.server_name(name, 1)
+        end
+
+        def get_all_server_names
+          names = []
+
+          @config.deploy.application.servers.each do |group_name, group_config|
+            next unless group_config
+
+            count = group_config.count.positive? ? group_config.count : 1
+            (1..count).each do |i|
+              names << @config.namer.server_name(group_name, i)
+            end
+          end
+
+          names
+        end
+
+        def find_server(server_name)
+          server = @provider.find_server(server_name)
+          raise ServiceError, "server not found: #{server_name}" unless server
+
+          server
+        end
+    end
+  end
+end

data/lib/nvoi/service/provider.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Service
+    # Provider initialization helpers
+    module ProviderHelper
+      def init_provider(config)
+        case config.provider_name
+        when "hetzner"
+          h = config.hetzner
+          Providers::Hetzner.new(h.api_token)
+        when "aws"
+          a = config.aws
+          Providers::AWS.new(a.access_key_id, a.secret_access_key, a.region)
+        else
+          raise ProviderError, "unknown provider: #{config.provider_name}"
+        end
+      end
+
+      def validate_provider_config(config, provider)
+        case config.provider_name
+        when "hetzner"
+          h = config.hetzner
+          provider.validate_credentials
+          provider.validate_instance_type(h.server_type)
+          provider.validate_region(h.server_location)
+        when "aws"
+          a = config.aws
+          provider.validate_credentials
+          provider.validate_instance_type(a.instance_type)
+          provider.validate_region(a.region)
+        end
+      end
+    end
+  end
+end

data/lib/nvoi/steps/application_deployer.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Steps
+    # ApplicationDeployer orchestrates the full application deployment
+    class ApplicationDeployer
+      def initialize(config, provider, working_dir, server_ip, tunnels, log)
+        @config = config
+        @provider = provider
+        @working_dir = working_dir
+        @server_ip = server_ip
+        @tunnels = tunnels
+        @log = log
+      end
+
+      def run
+        @log.info "Deploying application"
+
+        orchestrator = Deployer::Orchestrator.new(@config, @provider, @log)
+        orchestrator.run(@server_ip, @tunnels, @working_dir)
+
+        @log.success "Application deployed"
+      end
+    end
+  end
+end