nvoi 0.1.6 → 0.1.7

data/lib/nvoi/cli/config/command.rb

@@ -0,0 +1,219 @@
+# frozen_string_literal: true
+
+module Nvoi
+  class Cli
+    module Config
+      # Command helper for all config operations
+      # Uses CredentialStore for crypto, ConfigApi for transformations
+      class Command
+        def initialize(options)
+          @options = options
+          @working_dir = options[:dir] || "."
+        end
+
+        # Initialize new config
+        def init(name, environment)
+          result = ConfigApi.init(name:, environment:)
+
+          if result.failure?
+            error("Failed to initialize: #{result.error_message}")
+            return
+          end
+
+          # Write encrypted config
+          config_path = File.join(@working_dir, Utils::DEFAULT_ENCRYPTED_FILE)
+          key_path = File.join(@working_dir, Utils::DEFAULT_KEY_FILE)
+
+          File.binwrite(config_path, result.config)
+          File.write(key_path, "#{result.master_key}\n", perm: 0o600)
+
+          update_gitignore
+
+          success("Created #{Utils::DEFAULT_ENCRYPTED_FILE}")
+          success("Created #{Utils::DEFAULT_KEY_FILE} (keep safe, never commit)")
+          puts
+          puts "Next steps:"
+          puts "  nvoi config domain set cloudflare --api-token=TOKEN --account-id=ID"
+          puts "  nvoi config provider set hetzner --api-token=TOKEN --server-type=cx22 --location=fsn1"
+          puts "  nvoi config server set web --master"
+        end
+
+        # Domain provider
+        def domain_set(provider, api_token:, account_id:)
+          with_config do |data|
+            ConfigApi.set_domain_provider(data, provider:, api_token:, account_id:)
+          end
+        end
+
+        def domain_rm
+          with_config do |data|
+            ConfigApi.delete_domain_provider(data)
+          end
+        end
+
+        # Compute provider
+        def provider_set(provider, **opts)
+          with_config do |data|
+            ConfigApi.set_compute_provider(data, provider:, **opts)
+          end
+        end
+
+        def provider_rm
+          with_config do |data|
+            ConfigApi.delete_compute_provider(data)
+          end
+        end
+
+        # Server
+        def server_set(name, master: false, type: nil, location: nil, count: 1)
+          with_config do |data|
+            ConfigApi.set_server(data, name:, master:, type:, location:, count:)
+          end
+        end
+
+        def server_rm(name)
+          with_config do |data|
+            ConfigApi.delete_server(data, name:)
+          end
+        end
+
+        # Volume
+        def volume_set(server, name, size: 10)
+          with_config do |data|
+            ConfigApi.set_volume(data, server:, name:, size:)
+          end
+        end
+
+        def volume_rm(server, name)
+          with_config do |data|
+            ConfigApi.delete_volume(data, server:, name:)
+          end
+        end
+
+        # App
+        def app_set(name, servers:, **opts)
+          with_config do |data|
+            ConfigApi.set_app(data, name:, servers:, **opts)
+          end
+        end
+
+        def app_rm(name)
+          with_config do |data|
+            ConfigApi.delete_app(data, name:)
+          end
+        end
+
+        # Database
+        def database_set(servers:, adapter:, **opts)
+          with_config do |data|
+            ConfigApi.set_database(data, servers:, adapter:, **opts)
+          end
+        end
+
+        def database_rm
+          with_config do |data|
+            ConfigApi.delete_database(data)
+          end
+        end
+
+        # Service
+        def service_set(name, servers:, image:, **opts)
+          with_config do |data|
+            ConfigApi.set_service(data, name:, servers:, image:, **opts)
+          end
+        end
+
+        def service_rm(name)
+          with_config do |data|
+            ConfigApi.delete_service(data, name:)
+          end
+        end
+
+        # Secret
+        def secret_set(key_name, value)
+          with_config do |data|
+            ConfigApi.set_secret(data, key: key_name, value:)
+          end
+        end
+
+        def secret_rm(key_name)
+          with_config do |data|
+            ConfigApi.delete_secret(data, key: key_name)
+          end
+        end
+
+        # Env
+        def env_set(key_name, value)
+          with_config do |data|
+            ConfigApi.set_env(data, key: key_name, value:)
+          end
+        end
+
+        def env_rm(key_name)
+          with_config do |data|
+            ConfigApi.delete_env(data, key: key_name)
+          end
+        end
+
+        private
+
+          def with_config
+            store = Utils::CredentialStore.new(
+              @working_dir,
+              @options[:credentials],
+              @options[:master_key]
+            )
+
+            unless store.exists?
+              error("Config not found: #{store.encrypted_path}")
+              error("Run 'nvoi config init --name=myapp' first")
+              return
+            end
+
+            # Read and parse
+            yaml = store.read
+            data = YAML.safe_load(yaml, permitted_classes: [Symbol])
+
+            # Transform
+            result = yield(data)
+
+            if result.failure?
+              error("#{result.error_type}: #{result.error_message}")
+            else
+              # Serialize and write
+              store.write(YAML.dump(result.data))
+              success("Config updated")
+            end
+          rescue Errors::CredentialError => e
+            error(e.message)
+          rescue Errors::DecryptionError => e
+            error("Decryption failed: #{e.message}")
+          end
+
+          def update_gitignore
+            gitignore_path = File.join(@working_dir, ".gitignore")
+            entries = ["deploy.key", ".env", ".env.*", "!.env.example", "!.env.*.example"]
+
+            existing = File.exist?(gitignore_path) ? File.read(gitignore_path) : ""
+            additions = entries.reject { |e| existing.include?(e) }
+
+            return if additions.empty?
+
+            File.open(gitignore_path, "a") do |f|
+              f.puts "" unless existing.end_with?("\n") || existing.empty?
+              f.puts "# NVOI - sensitive files"
+              additions.each { |e| f.puts e }
+            end
+          end
+
+          def success(msg)
+            puts "\e[32m✓\e[0m #{msg}"
+          end
+
+          def error(msg)
+            warn "\e[31m✗\e[0m #{msg}"
+          end
+      end
+    end
+  end
+end

data/lib/nvoi/cli/delete/steps/teardown_dns.rb

@@ -15,18 +15,15 @@ module Nvoi
           def run
             @config.deploy.application.app.each do |_service_name, service|
               next unless service&.domain && !service.domain.empty?
-              next if service.subdomain.nil?
 
-              delete_dns_record(service.domain, service.subdomain)
+              delete_dns_records(service.domain, service.subdomain)
             end
           end
 
           private
 
-            def delete_dns_record(domain, subdomain)
-              hostname = Utils::Namer.build_hostname(subdomain, domain)
-
-              @log.info "Deleting DNS record: %s", hostname
+            def delete_dns_records(domain, subdomain)
+              hostnames = Utils::Namer.build_hostnames(subdomain, domain)
 
               zone = @cf_client.find_zone(domain)
               unless zone
@@ -34,13 +31,17 @@ module Nvoi
                 return
               end
 
-              record = @cf_client.find_dns_record(zone.id, hostname, "CNAME")
-              if record
-                @cf_client.delete_dns_record(zone.id, record.id)
-                @log.success "DNS record deleted: %s", hostname
+              hostnames.each do |hostname|
+                @log.info "Deleting DNS record: %s", hostname
+
+                record = @cf_client.find_dns_record(zone.id, hostname, "CNAME")
+                if record
+                  @cf_client.delete_dns_record(zone.id, record.id)
+                  @log.success "DNS record deleted: %s", hostname
+                end
               end
             rescue StandardError => e
-              @log.warning "Failed to delete DNS record: %s", e.message
+              @log.warning "Failed to delete DNS records: %s", e.message
             end
         end
       end

data/lib/nvoi/cli/deploy/steps/configure_tunnel.rb

@@ -22,7 +22,6 @@ module Nvoi
             @config.deploy.application.app.each do |service_name, service_config|
               next unless service_config.domain && !service_config.domain.empty?
               next unless service_config.port && service_config.port.positive?
-              next if service_config.subdomain.nil?
 
               tunnel_info = configure_service_tunnel(service_name, service_config)
               tunnels << tunnel_info
@@ -36,23 +35,24 @@ module Nvoi
 
             def configure_service_tunnel(service_name, service_config)
               tunnel_name = @config.namer.tunnel_name(service_name)
-              hostname = Utils::Namer.build_hostname(service_config.subdomain, service_config.domain)
+              hostnames = Utils::Namer.build_hostnames(service_config.subdomain, service_config.domain)
+              primary_hostname = hostnames.first
 
               # Service URL points to the NGINX Ingress Controller
               service_url = "http://ingress-nginx-controller.ingress-nginx.svc.cluster.local:80"
 
-              tunnel = setup_tunnel(tunnel_name, hostname, service_url, service_config.domain)
+              tunnel = setup_tunnel(tunnel_name, hostnames, service_url, service_config.domain)
 
               Objects::Tunnel::Info.new(
                 service_name:,
-                hostname:,
+                hostname: primary_hostname,
                 tunnel_id: tunnel.tunnel_id,
                 tunnel_token: tunnel.tunnel_token
               )
             end
 
-            def setup_tunnel(tunnel_name, hostname, service_url, domain)
-              @log.info "Setting up tunnel: %s -> %s", tunnel_name, hostname
+            def setup_tunnel(tunnel_name, hostnames, service_url, domain)
+              @log.info "Setting up tunnel: %s -> %s", tunnel_name, hostnames.join(", ")
 
               # Find or create tunnel
               tunnel = @cf_client.find_tunnel(tunnel_name)
@@ -70,21 +70,23 @@ module Nvoi
                 token = @cf_client.get_tunnel_token(tunnel.id)
               end
 
-              # Configure tunnel ingress
-              @log.info "Configuring tunnel ingress: %s -> %s", hostname, service_url
-              @cf_client.update_tunnel_configuration(tunnel.id, hostname, service_url)
+              # Configure tunnel ingress for all hostnames
+              @log.info "Configuring tunnel ingress: %s -> %s", hostnames.join(", "), service_url
+              @cf_client.update_tunnel_configuration(tunnel.id, hostnames, service_url)
 
               # Verify configuration propagated
               @log.info "Verifying tunnel configuration..."
-              @cf_client.verify_tunnel_configuration(tunnel.id, hostname, service_url, Utils::Constants::TUNNEL_CONFIG_VERIFY_ATTEMPTS)
+              @cf_client.verify_tunnel_configuration(tunnel.id, hostnames, service_url, Utils::Constants::TUNNEL_CONFIG_VERIFY_ATTEMPTS)
 
-              # Create DNS record
-              @log.info "Creating DNS CNAME record: %s", hostname
+              # Create DNS records for all hostnames
               zone = @cf_client.find_zone(domain)
               raise Errors::CloudflareError, "zone not found: #{domain}" unless zone
 
               tunnel_cname = "#{tunnel.id}.cfargotunnel.com"
-              @cf_client.create_or_update_dns_record(zone.id, hostname, "CNAME", tunnel_cname, proxied: true)
+              hostnames.each do |hostname|
+                @log.info "Creating DNS CNAME record: %s", hostname
+                @cf_client.create_or_update_dns_record(zone.id, hostname, "CNAME", tunnel_cname, proxied: true)
+              end
 
               @log.success "Tunnel configured: %s", tunnel_name
 

data/lib/nvoi/cli/deploy/steps/deploy_service.rb

@@ -247,11 +247,11 @@ module Nvoi
 
               # Deploy ingress if domain is specified
               if service_config.domain && !service_config.domain.empty?
-                hostname = Utils::Namer.build_hostname(service_config.subdomain, service_config.domain)
+                hostnames = Utils::Namer.build_hostnames(service_config.subdomain, service_config.domain)
 
                 Utils::Templates.apply_manifest(@ssh, "app-ingress.yaml", {
                   name: deployment_name,
-                  domain: hostname,
+                  domains: hostnames,
                   port: service_config.port
                 })
               end
@@ -323,6 +323,9 @@ module Nvoi
                   result = check_public_url(public_url)
 
                   if result[:success]
+                    if consecutive_success == 0
+                      @log.info "[%d/%d] App responding, verifying stability...", attempt + 1, max_attempts
+                    end
                     consecutive_success += 1
                     @log.success "[%d/%d] Public URL responding: %s", consecutive_success, required_consecutive, result[:http_code]
 

data/lib/nvoi/cli/deploy/steps/setup_k3s.rb

@@ -467,7 +467,16 @@ module Nvoi
                 ssh.execute(patch_deployment)
 
                 @log.info "Waiting for ingress controller to restart..."
-                ssh.execute("kubectl rollout status deployment/ingress-nginx-controller -n ingress-nginx --timeout=120s")
+                ready = Utils::Retry.poll(max_attempts: 60, interval: 2) do
+                  begin
+                    ready_replicas = ssh.execute("kubectl get deployment ingress-nginx-controller -n ingress-nginx -o jsonpath='{.status.readyReplicas}'").strip
+                    desired_replicas = ssh.execute("kubectl get deployment ingress-nginx-controller -n ingress-nginx -o jsonpath='{.spec.replicas}'").strip
+                    !ready_replicas.empty? && !desired_replicas.empty? && ready_replicas == desired_replicas
+                  rescue Errors::SshCommandError
+                    false
+                  end
+                end
+                raise Errors::K8sError, "Ingress controller failed to restart" unless ready
               else
                 @log.info "Custom error backend already configured"
               end

data/lib/nvoi/cli/logs/command.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module Nvoi
+  class Cli
+    module Logs
+      # Command streams logs from app pods
+      class Command
+        def initialize(options)
+          @options = options
+          @log = Nvoi.logger
+        end
+
+        def run(app_name)
+          config_path = resolve_config_path
+          @config = Utils::ConfigLoader.load(config_path)
+
+          # Apply branch override if specified
+          apply_branch_override if @options[:branch]
+
+          # Initialize cloud provider
+          @provider = External::Cloud.for(@config)
+
+          # Find main server
+          server = @provider.find_server(@config.server_name)
+          raise Errors::ServiceError, "server not found: #{@config.server_name}" unless server
+
+          # Build deployment name from app name
+          deployment_name = @config.namer.app_deployment_name(app_name)
+
+          # Build kubectl logs command
+          # --prefix shows pod name, --all-containers handles multi-container pods
+          follow_flag = @options[:follow] ? "-f" : ""
+          tail_flag = "--tail=#{@options[:tail]}"
+
+          kubectl_cmd = "kubectl logs -l app=#{deployment_name} --prefix --all-containers #{follow_flag} #{tail_flag}".strip.squeeze(" ")
+
+          @log.info "Streaming logs for %s", deployment_name
+
+          ssh = External::Ssh.new(server.public_ipv4, @config.ssh_key_path)
+          ssh.execute(kubectl_cmd, stream: true)
+        end
+
+        private
+
+          def resolve_config_path
+            config_path = @options[:config] || "deploy.enc"
+            working_dir = @options[:dir]
+
+            if config_path == "deploy.enc" && working_dir && working_dir != "."
+              File.join(working_dir, "deploy.enc")
+            else
+              config_path
+            end
+          end
+
+          def apply_branch_override
+            branch = @options[:branch]
+            return if branch.nil? || branch.empty?
+
+            override = Objects::ConfigOverride.new(branch:)
+            override.apply(@config)
+          end
+      end
+    end
+  end
+end