nvoi 0.1.8 → 0.2.1

data/lib/nvoi/configuration/root.rb

@@ -0,0 +1,252 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # Root holds the complete configuration including deployment config and runtime settings
+    class Root
+      attr_accessor :deploy, :ssh_key_path, :ssh_public_key, :server_name,
+                    :firewall_name, :network_name, :docker_network_name, :container_prefix, :namer
+
+      def initialize(deploy_config)
+        @deploy = deploy_config
+        @namer = nil
+      end
+
+      def namer
+        @namer ||= Utils::Namer.new(self)
+      end
+
+      def env_for_service(service_name)
+        Utils::EnvResolver.new(self).env_for_service(service_name)
+      end
+
+      def validate_config
+        app = @deploy.application
+        validate_providers_config
+        validate_database_secrets(app.database) if app.database
+        inject_database_env_vars
+        validate_service_server_bindings
+        validate_domain_uniqueness
+      end
+
+      def provider_name
+        return "hetzner" if @deploy.application.compute_provider.hetzner
+        return "aws" if @deploy.application.compute_provider.aws
+        return "scaleway" if @deploy.application.compute_provider.scaleway
+
+        ""
+      end
+
+      def hetzner
+        @deploy.application.compute_provider.hetzner
+      end
+
+      def aws
+        @deploy.application.compute_provider.aws
+      end
+
+      def scaleway
+        @deploy.application.compute_provider.scaleway
+      end
+
+      def cloudflare
+        @deploy.application.domain_provider.cloudflare
+      end
+
+      def architecture
+        case provider_name
+        when "hetzner" then hetzner&.architecture
+        when "aws" then aws&.architecture
+        when "scaleway" then scaleway&.architecture
+        end
+      end
+
+      def docker_platform
+        case architecture
+        when "arm", "arm64" then "linux/arm64"
+        else "linux/amd64"
+        end
+      end
+
+      def keep_count_value
+        count = @deploy.application.keep_count
+        count && count.positive? ? count : 2
+      end
+
+      private
+
+        def validate_service_server_bindings
+          app = @deploy.application
+          defined_servers = {}
+          master_count = 0
+
+          app.servers.each do |server_name, server_config|
+            defined_servers[server_name] = true
+            master_count += 1 if server_config&.master
+          end
+
+          if app.servers.empty?
+            has_services = !app.app.empty? || app.database || !app.services.empty?
+            raise Errors::ConfigValidationError, "servers must be defined when deploying services" if has_services
+          end
+
+          if app.servers.size > 1
+            raise Errors::ConfigValidationError, "when multiple servers are defined, exactly one must have master: true" if master_count.zero?
+            raise Errors::ConfigValidationError, "only one server can have master: true, found #{master_count}" if master_count > 1
+          elsif app.servers.size == 1 && master_count > 1
+            raise Errors::ConfigValidationError, "only one server can have master: true, found #{master_count}"
+          end
+
+          app.app.each do |svc_name, svc_config|
+            raise Errors::ConfigValidationError, "app.#{svc_name}: servers field is required" if svc_config.servers.empty?
+
+            svc_config.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "app.#{svc_name}: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+
+          if app.database
+            raise Errors::ConfigValidationError, "database: servers field is required" if app.database.servers.empty?
+
+            app.database.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "database: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+
+          app.services.each do |svc_name, svc_config|
+            raise Errors::ConfigValidationError, "services.#{svc_name}: servers field is required" if svc_config.servers.empty?
+
+            svc_config.servers.each do |server_ref|
+              raise Errors::ConfigValidationError, "services.#{svc_name}: references undefined server '#{server_ref}'" unless defined_servers[server_ref]
+            end
+          end
+        end
+
+        def validate_database_secrets(db)
+          adapter = db.adapter&.downcase
+          return unless db.url.blank?
+
+          case adapter
+          when "postgres", "postgresql"
+            %w[POSTGRES_USER POSTGRES_PASSWORD POSTGRES_DB].each do |key|
+              raise Errors::ConfigValidationError, "postgres database requires #{key} in secrets (or provide database.url)" unless db.secrets[key]
+            end
+          when "mysql"
+            %w[MYSQL_USER MYSQL_PASSWORD MYSQL_DATABASE].each do |key|
+              raise Errors::ConfigValidationError, "mysql database requires #{key} in secrets (or provide database.url)" unless db.secrets[key]
+            end
+          when "sqlite", "sqlite3"
+            # SQLite doesn't require secrets
+          end
+        end
+
+        def validate_providers_config
+          app = @deploy.application
+
+          unless app.domain_provider.cloudflare
+            raise Errors::ConfigValidationError, "domain provider required: currently only cloudflare is supported"
+          end
+
+          cf = app.domain_provider.cloudflare
+          raise Errors::ConfigValidationError, "cloudflare api_token is required" if cf.api_token.blank?
+          raise Errors::ConfigValidationError, "cloudflare account_id is required" if cf.account_id.blank?
+
+          has_provider = false
+
+          if app.compute_provider.hetzner
+            has_provider = true
+            h = app.compute_provider.hetzner
+            raise Errors::ConfigValidationError, "hetzner api_token is required" if h.api_token.blank?
+            raise Errors::ConfigValidationError, "hetzner server_type is required" if h.server_type.blank?
+            raise Errors::ConfigValidationError, "hetzner server_location is required" if h.server_location.blank?
+            raise Errors::ConfigValidationError, "hetzner architecture is required" if h.architecture.blank?
+          end
+
+          if app.compute_provider.aws
+            has_provider = true
+            a = app.compute_provider.aws
+            raise Errors::ConfigValidationError, "aws access_key_id is required" if a.access_key_id.blank?
+            raise Errors::ConfigValidationError, "aws secret_access_key is required" if a.secret_access_key.blank?
+            raise Errors::ConfigValidationError, "aws region is required" if a.region.blank?
+            raise Errors::ConfigValidationError, "aws instance_type is required" if a.instance_type.blank?
+            raise Errors::ConfigValidationError, "aws architecture is required" if a.architecture.blank?
+          end
+
+          if app.compute_provider.scaleway
+            has_provider = true
+            s = app.compute_provider.scaleway
+            raise Errors::ConfigValidationError, "scaleway secret_key is required" if s.secret_key.blank?
+            raise Errors::ConfigValidationError, "scaleway project_id is required" if s.project_id.blank?
+            raise Errors::ConfigValidationError, "scaleway server_type is required" if s.server_type.blank?
+            raise Errors::ConfigValidationError, "scaleway architecture is required" if s.architecture.blank?
+          end
+
+          raise Errors::ConfigValidationError, "compute provider required: hetzner, aws, or scaleway must be configured" unless has_provider
+        end
+
+        def inject_database_env_vars
+          app = @deploy.application
+          return unless app.database
+
+          db = app.database
+          adapter = db.adapter&.downcase
+          return unless adapter
+
+          provider = External::Database.provider_for(adapter)
+          return unless provider.needs_container?
+
+          creds = parse_database_credentials(db, provider)
+          return unless creds
+
+          db_host = namer.database_service_name
+          env_vars = provider.app_env(creds, host: db_host)
+
+          app.app.each_value do |svc_config|
+            svc_config.env ||= {}
+            env_vars.each { |key, value| svc_config.env[key] ||= value }
+          end
+        end
+
+        def parse_database_credentials(db, provider)
+          return provider.parse_url(db.url) unless db.url.blank?
+
+          adapter = db.adapter&.downcase
+          case adapter
+          when "postgres", "postgresql"
+            External::Database::Types::Credentials.new(
+              user: db.secrets["POSTGRES_USER"],
+              password: db.secrets["POSTGRES_PASSWORD"],
+              database: db.secrets["POSTGRES_DB"],
+              port: provider.default_port
+            )
+          when "mysql"
+            External::Database::Types::Credentials.new(
+              user: db.secrets["MYSQL_USER"],
+              password: db.secrets["MYSQL_PASSWORD"],
+              database: db.secrets["MYSQL_DATABASE"],
+              port: provider.default_port
+            )
+          end
+        end
+
+        def validate_domain_uniqueness
+          app = @deploy.application
+          return unless app.app
+
+          seen = {}
+          app.app.each do |name, cfg|
+            next if cfg.domain.blank?
+
+            hostnames = Utils::Namer.build_hostnames(cfg.subdomain, cfg.domain)
+            hostnames.each do |hostname|
+              if seen[hostname]
+                raise Errors::ConfigValidationError,
+                  "domain '#{hostname}' used by both '#{seen[hostname]}' and '#{name}'"
+              end
+              seen[hostname] = name
+            end
+          end
+        end
+    end
+  end
+end

data/lib/nvoi/configuration/server.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # ServerVolume defines a volume attached to a server
+    class ServerVolume
+      attr_accessor :size
+
+      def initialize(data = nil)
+        data ||= {}
+        raise ArgumentError, "volume config must be a hash with 'size' key" unless data.is_a?(Hash)
+
+        @size = data["size"]&.to_i || 10
+      end
+    end
+
+    # Server contains server instance configuration
+    class Server
+      attr_accessor :master, :type, :location, :count, :volumes
+
+      def initialize(data = nil)
+        data ||= {}
+        @master = data["master"] || false
+        @type = data["type"]
+        @location = data["location"]
+        @count = data["count"]&.to_i || 1
+        @volumes = (data["volumes"] || {}).transform_values { |v| ServerVolume.new(v) }
+      end
+
+      def master?
+        @master == true
+      end
+
+      def volume(name)
+        @volumes[name.to_s]
+      end
+    end
+  end
+end

data/lib/nvoi/configuration/service.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # Service defines a generic service
+    class Service
+      attr_accessor :servers, :image, :port, :command, :env, :mount
+
+      def initialize(data = nil)
+        data ||= {}
+        @servers = data["servers"] || []
+        @image = data["image"]
+        @port = data["port"]&.to_i
+        @command = data["command"]
+        @env = data["env"] || {}
+        @mount = data["mount"] || {}
+      end
+
+      def to_service_spec(app_name, service_name)
+        cmd = @command ? @command.split : []
+        port = @port && @port.positive? ? @port : infer_port_from_image
+
+        Configuration::Deployment.new(
+          name: "#{app_name}-#{service_name}",
+          image: @image,
+          port:,
+          command: cmd,
+          env: @env,
+          mounts: @mount,
+          replicas: 1,
+          stateful_set: false,
+          servers: @servers
+        )
+      end
+
+      private
+
+        def infer_port_from_image
+          case @image
+          when /redis/ then 6379
+          when /postgres/ then 5432
+          when /mysql/ then 3306
+          when /memcache/ then 11211
+          when /mongo/ then 27017
+          when /elastic/ then 9200
+          else 0
+          end
+        end
+    end
+  end
+end

data/lib/nvoi/configuration/ssh_key.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Nvoi
+  module Configuration
+    # SshKey defines SSH key content (stored in encrypted config)
+    class SshKey
+      attr_accessor :private_key, :public_key
+
+      def initialize(data = nil)
+        data ||= {}
+        @private_key = data["private_key"]
+        @public_key = data["public_key"]
+      end
+    end
+  end
+end

data/lib/nvoi/external/cloud/aws.rb

@@ -21,7 +21,7 @@ module Nvoi
         def find_or_create_network(name)
           vpc = find_vpc_by_name(name)
           if vpc
-            return Objects::Network::Record.new(
+            return Types::Network::Record.new(
               id: vpc.vpc_id,
               name:,
               ip_range: vpc.cidr_block
@@ -89,7 +89,7 @@ module Nvoi
             subnet_id: subnet_resp.subnet.subnet_id
           )
 
-          Objects::Network::Record.new(
+          Types::Network::Record.new(
             id: vpc_id,
             name:,
             ip_range: create_resp.vpc.cidr_block
@@ -100,7 +100,7 @@ module Nvoi
           vpc = find_vpc_by_name(name)
           raise Errors::NetworkError, "network not found: #{name}" unless vpc
 
-          Objects::Network::Record.new(
+          Types::Network::Record.new(
             id: vpc.vpc_id,
             name:,
             ip_range: vpc.cidr_block
@@ -116,7 +116,7 @@ module Nvoi
         def find_or_create_firewall(name)
           sg = find_security_group_by_name(name)
           if sg
-            return Objects::Firewall::Record.new(id: sg.group_id, name:)
+            return Types::Firewall::Record.new(id: sg.group_id, name:)
           end
 
           # Get default VPC
@@ -145,14 +145,14 @@ module Nvoi
             }]
           )
 
-          Objects::Firewall::Record.new(id: create_resp.group_id, name:)
+          Types::Firewall::Record.new(id: create_resp.group_id, name:)
         end
 
         def get_firewall_by_name(name)
           sg = find_security_group_by_name(name)
           raise Errors::FirewallError, "firewall not found: #{name}" unless sg
 
-          Objects::Firewall::Record.new(id: sg.group_id, name:)
+          Types::Firewall::Record.new(id: sg.group_id, name:)
         end
 
         def delete_firewall(id)
@@ -210,7 +210,7 @@ module Nvoi
           }
 
           # Add network configuration if provided
-          if opts.network_id && !opts.network_id.empty?
+          unless opts.network_id.blank?
             subnets = @client.describe_subnets(
               filters: [{ name: "vpc-id", values: [opts.network_id] }]
             )
@@ -218,7 +218,7 @@ module Nvoi
           end
 
           # Add security group if provided
-          if opts.firewall_id && !opts.firewall_id.empty?
+          unless opts.firewall_id.blank?
             input[:security_group_ids] = [opts.firewall_id]
           end
 
@@ -266,7 +266,7 @@ module Nvoi
             }]
           )
 
-          Objects::Volume::Record.new(
+          Types::Volume::Record.new(
             id: create_resp.volume_id,
             name: opts.name,
             size: create_resp.size,
@@ -317,7 +317,7 @@ module Nvoi
             next nil if vol.attachments.empty?
 
             device = vol.attachments[0].device
-            device if device && !device.empty?
+            device unless device.blank?
           end
         end
 
@@ -346,19 +346,29 @@ module Nvoi
 
         # List available instance types for onboarding
         def list_instance_types
-          # Common instance types (full list is huge)
-          common_types = %w[t3.micro t3.small t3.medium t3.large t3.xlarge m5.large m5.xlarge c5.large c5.xlarge]
+          # Common instance types including ARM (Graviton)
+          common_types = %w[
+            t3.micro t3.small t3.medium t3.large t3.xlarge
+            t4g.micro t4g.small t4g.medium t4g.large t4g.xlarge
+            m5.large m5.xlarge m6g.large m6g.xlarge
+            c5.large c5.xlarge c6g.large c6g.xlarge
+          ]
           resp = @client.describe_instance_types(instance_types: common_types)
           resp.instance_types.map do |t|
+            arch = t.processor_info&.supported_architectures&.first || "x86_64"
             {
               name: t.instance_type,
               vcpus: t.v_cpu_info.default_v_cpus,
-              memory: t.memory_info.size_in_mi_b
+              memory: t.memory_info.size_in_mi_b,
+              architecture: arch.include?("arm") ? "arm64" : "x86"
             }
           end
         rescue StandardError
           # Fallback to static list if API fails
-          common_types.map { |t| { name: t, vcpus: nil, memory: nil } }
+          common_types.map do |t|
+            arch = t.include?("g.") ? "arm64" : "x86"  # Graviton types have 'g' suffix
+            { name: t, vcpus: nil, memory: nil, architecture: arch }
+          end
         end
 
         # List available regions for onboarding
@@ -417,7 +427,7 @@ module Nvoi
           def instance_to_server(instance)
             name = instance.tags&.find { |t| t.key == "Name" }&.value || ""
 
-            Objects::Server::Record.new(
+            Types::Server::Record.new(
               id: instance.instance_id,
               name:,
               status: instance.state.name,
@@ -429,7 +439,7 @@ module Nvoi
           def volume_to_object(vol)
             name = vol.tags&.find { |t| t.key == "Name" }&.value || ""
 
-            v = Objects::Volume::Record.new(
+            v = Types::Volume::Record.new(
               id: vol.volume_id,
               name:,
               size: vol.size,

data/lib/nvoi/external/cloud/hetzner.rb

@@ -109,25 +109,22 @@ module Nvoi
           image = find_image(opts.image)
           raise Errors::ValidationError, "invalid image: #{opts.image}" unless image
 
-          location = find_location(opts.location)
-          raise Errors::ValidationError, "invalid location: #{opts.location}" unless location
-
           create_opts = {
             name: opts.name,
             server_type: server_type["name"],
             image: image["name"],
-            location: location["name"],
+            datacenter: opts.location,
             user_data: opts.user_data,
             start_after_create: true
           }
 
           # Add network if provided
-          if opts.network_id && !opts.network_id.empty?
+          unless opts.network_id.blank?
             create_opts[:networks] = [opts.network_id.to_i]
           end
 
           # Add firewall if provided
-          if opts.firewall_id && !opts.firewall_id.empty?
+          unless opts.firewall_id.blank?
             create_opts[:firewalls] = [{ firewall: opts.firewall_id.to_i }]
           end
 
@@ -216,7 +213,7 @@ module Nvoi
           # Hetzner provides device_path in API response
           Utils::Retry.poll(max_attempts: 30, interval: 2) do
             volume = get("/volumes/#{volume_id.to_i}")["volume"]
-            volume["linux_device"] if volume && volume["linux_device"] && !volume["linux_device"].empty?
+            volume&.dig("linux_device").then { |d| d unless d.blank? }
           end
         end
 
@@ -230,8 +227,8 @@ module Nvoi
         end
 
         def validate_region(region)
-          location = find_location(region)
-          raise Errors::ValidationError, "invalid hetzner location: #{region}" unless location
+          datacenter = find_datacenter(region)
+          raise Errors::ValidationError, "invalid hetzner datacenter: #{region}" unless datacenter
 
           true
         end
@@ -244,27 +241,45 @@ module Nvoi
         end
 
         # List available server types for onboarding
-        def list_server_types
-          get("/server_types")["server_types"].map do |t|
-            {
+        # When location (datacenter) is provided, filters to only actually available types
+        def list_server_types(location: nil)
+          all_types = get("/server_types")["server_types"]
+
+          # If no location specified, return all with basic info
+          types_hash = all_types.each_with_object({}) do |t, h|
+            h[t["id"]] = {
+              id: t["id"],
               name: t["name"],
               description: t["description"],
               cores: t["cores"],
               memory: t["memory"],
               disk: t["disk"],
-              price: t.dig("prices", 0, "price_monthly", "gross")
+              cpu_type: t["cpu_type"],
+              architecture: t["architecture"],
+              prices: t["prices"]
             }
           end
+
+          if location
+            # Filter by datacenter's actually available server types
+            datacenter = get("/datacenters")["datacenters"].find { |d| d["name"] == location }
+            return [] unless datacenter
+
+            available_ids = datacenter.dig("server_types", "available") || []
+            types_hash.values_at(*available_ids).compact
+          else
+            types_hash.values
+          end
         end
 
-        # List available locations for onboarding
+        # List available datacenters for onboarding (returns datacenter-level granularity)
         def list_locations
-          get("/locations")["locations"].map do |l|
+          get("/datacenters")["datacenters"].map do |d|
             {
-              name: l["name"],
-              city: l["city"],
-              country: l["country"],
-              description: l["description"]
+              name: d["name"],
+              city: d.dig("location", "city"),
+              country: d.dig("location", "country"),
+              description: d["description"]
             }
           end
         end
@@ -331,8 +346,8 @@ module Nvoi
             response["images"]&.first
           end
 
-          def find_location(name)
-            get("/locations")["locations"].find { |l| l["name"] == name }
+          def find_datacenter(name)
+            get("/datacenters")["datacenters"].find { |d| d["name"] == name }
           end
 
           def create_network_api(payload)
@@ -358,7 +373,7 @@ module Nvoi
           end
 
           def to_network(data)
-            Objects::Network::Record.new(
+            Types::Network::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               ip_range: data["ip_range"]
@@ -366,7 +381,7 @@ module Nvoi
           end
 
           def to_firewall(data)
-            Objects::Firewall::Record.new(
+            Types::Firewall::Record.new(
               id: data["id"].to_s,
               name: data["name"]
             )
@@ -376,7 +391,7 @@ module Nvoi
             # Get private IP from private_net array
             private_ip = data["private_net"]&.first&.dig("ip")
 
-            Objects::Server::Record.new(
+            Types::Server::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               status: data["status"],
@@ -386,7 +401,7 @@ module Nvoi
           end
 
           def to_volume(data)
-            Objects::Volume::Record.new(
+            Types::Volume::Record.new(
               id: data["id"].to_s,
               name: data["name"],
               size: data["size"],