nvoi 0.1.8 → 0.2.0

data/lib/nvoi/configuration/root.rb

@@ -0,0 +1,234 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # Root holds the complete configuration including deployment config and runtime settings
+    class Root
+      attr_accessor :deploy, :ssh_key_path, :ssh_public_key, :server_name,
+                    :firewall_name, :network_name, :docker_network_name, :container_prefix, :namer
+
+      def initialize(deploy_config)
+        @deploy = deploy_config
+        @namer = nil
+      end
+
+      def namer
+        @namer ||= Utils::Namer.new(self)
+      end
+
+      def env_for_service(service_name)
+        Utils::EnvResolver.new(self).env_for_service(service_name)
+      end
+
+      def validate_config
+        app = @deploy.application
+        validate_providers_config
+        validate_database_secrets(app.database) if app.database
+        inject_database_env_vars
+        validate_service_server_bindings
+        validate_domain_uniqueness
+      end
+
+      def provider_name
+        return "hetzner" if @deploy.application.compute_provider.hetzner
+        return "aws" if @deploy.application.compute_provider.aws
+        return "scaleway" if @deploy.application.compute_provider.scaleway
+
+        ""
+      end
+
+      def hetzner
+        @deploy.application.compute_provider.hetzner
+      end
+
+      def aws
+        @deploy.application.compute_provider.aws
+      end
+
+      def scaleway
+        @deploy.application.compute_provider.scaleway
+      end
+
+      def cloudflare
+        @deploy.application.domain_provider.cloudflare
+      end
+
+      def keep_count_value
+        count = @deploy.application.keep_count
+        count && count.positive? ? count : 2
+      end
+
+      private
+
+        def validate_service_server_bindings
+          app = @deploy.application
+          defined_servers = {}
+          master_count = 0
+
+          app.servers.each do |server_name, server_config|
+            defined_servers[server_name] = true
+            master_count += 1 if server_config&.master
+          end
+
+          if app.servers.empty?
+            has_services = !app.app.empty? || app.database || !app.services.empty?
+            raise Errors::ConfigValidationError, "servers must be defined when deploying services" if has_services
+          end
+
+          if app.servers.size > 1
+            raise Errors::ConfigValidationError, "when multiple servers are defined, exactly one must have master: true" if master_count.zero?
+            raise Errors::ConfigValidationError, "only one server can have master: true, found #{master_count}" if master_count > 1
+          elsif app.servers.size == 1 && master_count > 1
+            raise Errors::ConfigValidationError, "only one server can have master: true, found #{master_count}"
+          end
+
+          app.app.each do |svc_name, svc_config|
+            raise Errors::ConfigValidationError, "app.#{svc_name}: servers field is required" if svc_config.servers.empty?
+
+            svc_config.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "app.#{svc_name}: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+
+          if app.database
+            raise Errors::ConfigValidationError, "database: servers field is required" if app.database.servers.empty?
+
+            app.database.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "database: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+
+          app.services.each do |svc_name, svc_config|
+            raise Errors::ConfigValidationError, "services.#{svc_name}: servers field is required" if svc_config.servers.empty?
+
+            svc_config.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "services.#{svc_name}: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+        end
+
+        def validate_database_secrets(db)
+          adapter = db.adapter&.downcase
+          return unless db.url.blank?
+
+          case adapter
+          when "postgres", "postgresql"
+            %w[POSTGRES_USER POSTGRES_PASSWORD POSTGRES_DB].each do |key|
+              raise Errors::ConfigValidationError, "postgres database requires #{key} in secrets (or provide database.url)" unless db.secrets[key]
+            end
+          when "mysql"
+            %w[MYSQL_USER MYSQL_PASSWORD MYSQL_DATABASE].each do |key|
+              raise Errors::ConfigValidationError, "mysql database requires #{key} in secrets (or provide database.url)" unless db.secrets[key]
+            end
+          when "sqlite", "sqlite3"
+            # SQLite doesn't require secrets
+          end
+        end
+
+        def validate_providers_config
+          app = @deploy.application
+
+          unless app.domain_provider.cloudflare
+            raise Errors::ConfigValidationError, "domain provider required: currently only cloudflare is supported"
+          end
+
+          cf = app.domain_provider.cloudflare
+          raise Errors::ConfigValidationError, "cloudflare api_token is required" if cf.api_token.blank?
+          raise Errors::ConfigValidationError, "cloudflare account_id is required" if cf.account_id.blank?
+
+          has_provider = false
+
+          if app.compute_provider.hetzner
+            has_provider = true
+            h = app.compute_provider.hetzner
+            raise Errors::ConfigValidationError, "hetzner api_token is required" if h.api_token.blank?
+            raise Errors::ConfigValidationError, "hetzner server_type is required" if h.server_type.blank?
+            raise Errors::ConfigValidationError, "hetzner server_location is required" if h.server_location.blank?
+          end
+
+          if app.compute_provider.aws
+            has_provider = true
+            a = app.compute_provider.aws
+            raise Errors::ConfigValidationError, "aws access_key_id is required" if a.access_key_id.blank?
+            raise Errors::ConfigValidationError, "aws secret_access_key is required" if a.secret_access_key.blank?
+            raise Errors::ConfigValidationError, "aws region is required" if a.region.blank?
+            raise Errors::ConfigValidationError, "aws instance_type is required" if a.instance_type.blank?
+          end
+
+          if app.compute_provider.scaleway
+            has_provider = true
+            s = app.compute_provider.scaleway
+            raise Errors::ConfigValidationError, "scaleway secret_key is required" if s.secret_key.blank?
+            raise Errors::ConfigValidationError, "scaleway project_id is required" if s.project_id.blank?
+            raise Errors::ConfigValidationError, "scaleway server_type is required" if s.server_type.blank?
+          end
+
+          raise Errors::ConfigValidationError, "compute provider required: hetzner, aws, or scaleway must be configured" unless has_provider
+        end
+
+        def inject_database_env_vars
+          app = @deploy.application
+          return unless app.database
+
+          db = app.database
+          adapter = db.adapter&.downcase
+          return unless adapter
+
+          provider = External::Database.provider_for(adapter)
+          return unless provider.needs_container?
+
+          creds = parse_database_credentials(db, provider)
+          return unless creds
+
+          db_host = namer.database_service_name
+          env_vars = provider.app_env(creds, host: db_host)
+
+          app.app.each_value do |svc_config|
+            svc_config.env ||= {}
+            env_vars.each { |key, value| svc_config.env[key] ||= value }
+          end
+        end
+
+        def parse_database_credentials(db, provider)
+          return provider.parse_url(db.url) unless db.url.blank?
+
+          adapter = db.adapter&.downcase
+          case adapter
+          when "postgres", "postgresql"
+            External::Database::Types::Credentials.new(
+              user: db.secrets["POSTGRES_USER"],
+              password: db.secrets["POSTGRES_PASSWORD"],
+              database: db.secrets["POSTGRES_DB"],
+              port: provider.default_port
+            )
+          when "mysql"
+            External::Database::Types::Credentials.new(
+              user: db.secrets["MYSQL_USER"],
+              password: db.secrets["MYSQL_PASSWORD"],
+              database: db.secrets["MYSQL_DATABASE"],
+              port: provider.default_port
+            )
+          end
+        end
+
+        def validate_domain_uniqueness
+          app = @deploy.application
+          return unless app.app
+
+          seen = {}
+          app.app.each do |name, cfg|
+            next if cfg.domain.blank?
+
+            hostnames = Utils::Namer.build_hostnames(cfg.subdomain, cfg.domain)
+            hostnames.each do |hostname|
+              if seen[hostname]
+                raise Errors::ConfigValidationError,
+                  "domain '#{hostname}' used by both '#{seen[hostname]}' and '#{name}'"
+              end
+              seen[hostname] = name
+            end
+          end
+        end
+    end
+  end
+end

data/lib/nvoi/configuration/server.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # ServerVolume defines a volume attached to a server
+    class ServerVolume
+      attr_accessor :size
+
+      def initialize(data = nil)
+        data ||= {}
+        raise ArgumentError, "volume config must be a hash with 'size' key" unless data.is_a?(Hash)
+
+        @size = data["size"]&.to_i || 10
+      end
+    end
+
+    # Server contains server instance configuration
+    class Server
+      attr_accessor :master, :type, :location, :count, :volumes
+
+      def initialize(data = nil)
+        data ||= {}
+        @master = data["master"] || false
+        @type = data["type"]
+        @location = data["location"]
+        @count = data["count"]&.to_i || 1
+        @volumes = (data["volumes"] || {}).transform_values { |v| ServerVolume.new(v) }
+      end
+
+      def master?
+        @master == true
+      end
+
+      def volume(name)
+        @volumes[name.to_s]
+      end
+    end
+  end
+end

data/lib/nvoi/configuration/service.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # Service defines a generic service
+    class Service
+      attr_accessor :servers, :image, :port, :command, :env, :mount
+
+      def initialize(data = nil)
+        data ||= {}
+        @servers = data["servers"] || []
+        @image = data["image"]
+        @port = data["port"]&.to_i
+        @command = data["command"]
+        @env = data["env"] || {}
+        @mount = data["mount"] || {}
+      end
+
+      def to_service_spec(app_name, service_name)
+        cmd = @command ? @command.split : []
+        port = @port && @port.positive? ? @port : infer_port_from_image
+
+        Configuration::Deployment.new(
+          name: "#{app_name}-#{service_name}",
+          image: @image,
+          port:,
+          command: cmd,
+          env: @env,
+          mounts: @mount,
+          replicas: 1,
+          stateful_set: false,
+          servers: @servers
+        )
+      end
+
+      private
+
+        def infer_port_from_image
+          case @image
+          when /redis/ then 6379
+          when /postgres/ then 5432
+          when /mysql/ then 3306
+          when /memcache/ then 11211
+          when /mongo/ then 27017
+          when /elastic/ then 9200
+          else 0
+          end
+        end
+    end
+
+    # SshKey defines SSH key content (stored in encrypted config)
+    class SshKey
+      attr_accessor :private_key, :public_key
+
+      def initialize(data = nil)
+        data ||= {}
+        @private_key = data["private_key"]
+        @public_key = data["public_key"]
+      end
+    end
+  end
+end

data/lib/nvoi/external/cloud/aws.rb

@@ -21,7 +21,7 @@ module Nvoi
         def find_or_create_network(name)
           vpc = find_vpc_by_name(name)
           if vpc
-            return Objects::Network::Record.new(
+            return Types::Network::Record.new(
               id: vpc.vpc_id,
               name:,
               ip_range: vpc.cidr_block
@@ -89,7 +89,7 @@ module Nvoi
             subnet_id: subnet_resp.subnet.subnet_id
           )
 
-          Objects::Network::Record.new(
+          Types::Network::Record.new(
             id: vpc_id,
             name:,
             ip_range: create_resp.vpc.cidr_block
@@ -100,7 +100,7 @@ module Nvoi
           vpc = find_vpc_by_name(name)
           raise Errors::NetworkError, "network not found: #{name}" unless vpc
 
-          Objects::Network::Record.new(
+          Types::Network::Record.new(
             id: vpc.vpc_id,
             name:,
             ip_range: vpc.cidr_block
@@ -116,7 +116,7 @@ module Nvoi
         def find_or_create_firewall(name)
           sg = find_security_group_by_name(name)
           if sg
-            return Objects::Firewall::Record.new(id: sg.group_id, name:)
+            return Types::Firewall::Record.new(id: sg.group_id, name:)
           end
 
           # Get default VPC
@@ -145,14 +145,14 @@ module Nvoi
             }]
           )
 
-          Objects::Firewall::Record.new(id: create_resp.group_id, name:)
+          Types::Firewall::Record.new(id: create_resp.group_id, name:)
         end
 
         def get_firewall_by_name(name)
           sg = find_security_group_by_name(name)
           raise Errors::FirewallError, "firewall not found: #{name}" unless sg
 
-          Objects::Firewall::Record.new(id: sg.group_id, name:)
+          Types::Firewall::Record.new(id: sg.group_id, name:)
         end
 
         def delete_firewall(id)
@@ -210,7 +210,7 @@ module Nvoi
           }
 
           # Add network configuration if provided
-          if opts.network_id && !opts.network_id.empty?
+          unless opts.network_id.blank?
             subnets = @client.describe_subnets(
               filters: [{ name: "vpc-id", values: [opts.network_id] }]
             )
@@ -218,7 +218,7 @@ module Nvoi
           end
 
           # Add security group if provided
-          if opts.firewall_id && !opts.firewall_id.empty?
+          unless opts.firewall_id.blank?
             input[:security_group_ids] = [opts.firewall_id]
           end
 
@@ -266,7 +266,7 @@ module Nvoi
             }]
           )
 
-          Objects::Volume::Record.new(
+          Types::Volume::Record.new(
             id: create_resp.volume_id,
             name: opts.name,
             size: create_resp.size,
@@ -317,7 +317,7 @@ module Nvoi
             next nil if vol.attachments.empty?
 
             device = vol.attachments[0].device
-            device if device && !device.empty?
+            device unless device.blank?
           end
         end
 
@@ -417,7 +417,7 @@ module Nvoi
           def instance_to_server(instance)
             name = instance.tags&.find { |t| t.key == "Name" }&.value || ""
 
-            Objects::Server::Record.new(
+            Types::Server::Record.new(
               id: instance.instance_id,
               name:,
               status: instance.state.name,
@@ -429,7 +429,7 @@ module Nvoi
           def volume_to_object(vol)
             name = vol.tags&.find { |t| t.key == "Name" }&.value || ""
 
-            v = Objects::Volume::Record.new(
+            v = Types::Volume::Record.new(
               id: vol.volume_id,
               name:,
               size: vol.size,

data/lib/nvoi/external/cloud/hetzner.rb

@@ -122,12 +122,12 @@ module Nvoi
           }
 
           # Add network if provided
-          if opts.network_id && !opts.network_id.empty?
+          unless opts.network_id.blank?
             create_opts[:networks] = [opts.network_id.to_i]
           end
 
           # Add firewall if provided
-          if opts.firewall_id && !opts.firewall_id.empty?
+          unless opts.firewall_id.blank?
             create_opts[:firewalls] = [{ firewall: opts.firewall_id.to_i }]
           end
 
@@ -216,7 +216,7 @@ module Nvoi
           # Hetzner provides device_path in API response
           Utils::Retry.poll(max_attempts: 30, interval: 2) do
             volume = get("/volumes/#{volume_id.to_i}")["volume"]
-            volume["linux_device"] if volume && volume["linux_device"] && !volume["linux_device"].empty?
+            volume&.dig("linux_device").then { |d| d unless d.blank? }
           end
         end
 
@@ -358,7 +358,7 @@ module Nvoi
           end
 
           def to_network(data)
-            Objects::Network::Record.new(
+            Types::Network::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               ip_range: data["ip_range"]
@@ -366,7 +366,7 @@ module Nvoi
           end
 
           def to_firewall(data)
-            Objects::Firewall::Record.new(
+            Types::Firewall::Record.new(
               id: data["id"].to_s,
               name: data["name"]
             )
@@ -376,7 +376,7 @@ module Nvoi
             # Get private IP from private_net array
             private_ip = data["private_net"]&.first&.dig("ip")
 
-            Objects::Server::Record.new(
+            Types::Server::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               status: data["status"],
@@ -386,7 +386,7 @@ module Nvoi
           end
 
           def to_volume(data)
-            Objects::Volume::Record.new(
+            Types::Volume::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               size: data["size"],

data/lib/nvoi/external/cloud/scaleway.rb

@@ -146,14 +146,14 @@ module Nvoi
           }
 
           # Add security group if provided
-          if opts.firewall_id && !opts.firewall_id.empty?
+          unless opts.firewall_id.blank?
             create_opts[:security_group] = opts.firewall_id
           end
 
           server = post(instance_url("/servers"), create_opts)["server"]
 
           # Set cloud-init user data if provided
-          if opts.user_data && !opts.user_data.empty?
+          unless opts.user_data.blank?
             set_user_data(server["id"], "cloud-init", opts.user_data)
           end
 
@@ -161,7 +161,7 @@ module Nvoi
           server_action(server["id"], "poweron")
 
           # Attach to private network if provided
-          if opts.network_id && !opts.network_id.empty?
+          unless opts.network_id.blank?
             wait_for_server_state(server["id"], "running", 30)
             create_private_nic(server["id"], opts.network_id)
           end
@@ -511,7 +511,7 @@ module Nvoi
           end
 
           def to_network(data)
-            Objects::Network::Record.new(
+            Types::Network::Record.new(
               id: data["id"],
               name: data["name"],
               ip_range: data.dig("subnets", 0, "subnet") || data["subnets"]&.first
@@ -519,7 +519,7 @@ module Nvoi
           end
 
           def to_firewall(data)
-            Objects::Firewall::Record.new(
+            Types::Firewall::Record.new(
               id: data["id"],
               name: data["name"]
             )
@@ -529,7 +529,7 @@ module Nvoi
             # Scaleway doesn't include private_ips in the NIC response directly
             # We'd need to call IPAM API which adds complexity
             # Instead, private IP discovery happens via SSH in setup_k3s
-            Objects::Server::Record.new(
+            Types::Server::Record.new(
               id: data["id"],
               name: data["name"],
               status: data["state"],
@@ -543,7 +543,7 @@ module Nvoi
               r["product_resource_type"] == "instance_server"
             }&.dig("product_resource_id")
 
-            Objects::Volume::Record.new(
+            Types::Volume::Record.new(
               id: data["id"],
               name: data["name"],
               size: (data["size"] || 0) / 1_000_000_000,

data/lib/nvoi/external/cloud/types.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module External
+    module Cloud
+      module Types
+        # Server-related structs
+        module Server
+          # Record represents a compute server/instance
+          Record = Struct.new(:id, :name, :status, :public_ipv4, :private_ipv4, keyword_init: true)
+
+          # CreateOptions contains options for creating a server
+          CreateOptions = Struct.new(:name, :type, :image, :location, :user_data, :network_id, :firewall_id, :ssh_keys, keyword_init: true)
+        end
+
+        # Volume-related structs
+        module Volume
+          # Record represents a block storage volume
+          Record = Struct.new(:id, :name, :size, :location, :status, :server_id, :device_path, keyword_init: true)
+
+          # CreateOptions contains options for creating a volume
+          CreateOptions = Struct.new(:name, :size, :server_id, :location, keyword_init: true)
+
+          # MountOptions contains options for mounting a volume
+          MountOptions = Struct.new(:device_path, :mount_path, :fs_type, keyword_init: true)
+        end
+
+        # Network-related structs
+        module Network
+          # Record represents a virtual network
+          Record = Struct.new(:id, :name, :ip_range, keyword_init: true)
+        end
+
+        # Firewall-related structs
+        module Firewall
+          # Record represents a firewall configuration
+          Record = Struct.new(:id, :name, keyword_init: true)
+        end
+      end
+    end
+  end
+end

data/lib/nvoi/external/database/mysql.rb

@@ -48,7 +48,7 @@ module Nvoi
         end
 
         def restore(ssh, data, opts)
-          create_database(ssh, Objects::Database::CreateOptions.new(
+          create_database(ssh, Types::CreateOptions.new(
             pod_name: opts.pod_name,
             database: opts.database,
             user: opts.user,

data/lib/nvoi/external/database/postgres.rb

@@ -46,7 +46,7 @@ module Nvoi
         end
 
         def restore(ssh, data, opts)
-          create_database(ssh, Objects::Database::CreateOptions.new(
+          create_database(ssh, Types::CreateOptions.new(
             pod_name: opts.pod_name,
             database: opts.database,
             user: opts.user,

data/lib/nvoi/external/database/provider.rb

@@ -49,7 +49,7 @@ module Nvoi
 
           def parse_standard_url(url, default_port)
             uri = URI.parse(url)
-            Objects::Database::Credentials.new(
+            Types::Credentials.new(
               user: uri.user,
               password: uri.password,
               host: uri.host,

data/lib/nvoi/external/database/sqlite.rb

@@ -15,7 +15,7 @@ module Nvoi
 
         def parse_url(url)
           path = url.sub(%r{^sqlite3?:///?}, "")
-          Objects::Database::Credentials.new(
+          Types::Credentials.new(
             path:,
             database: File.basename(path)
           )