simple_infrastructure 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: bb8f4aec9834f672b6d225487853b1e935d642b54fc1e6c68f2cf9de94261174
+  data.tar.gz: 0a954b0c4d971c07e47840a99aacbbdcc9022a02d2338eb40c722a475b99866c
+SHA512:
+  metadata.gz: 494eaf07fe0d6eefb7c6e2f1d8a2750b3ac7c22ef936dcaab9c91722534e9163f0333efac7654c5bb017afd792df19131f372322d0a19002a6789bc591512051
+  data.tar.gz: 23df4ef7dc6bc28d64a271d7ff83dd20965cd4ee6bfec7ad458360fd0f1fbe999fdae677a012fd3e903232280171b9cd46ace2ffd916d191944bcbcad9b16f23

data/CHANGELOG.md

@@ -0,0 +1,12 @@
+# Changelog
+
+## [0.1.0] - 2025-03-03
+
+- Initial extraction from FounderCatalyst Rails app
+- Migration-like DSL for server provisioning via SSH
+- Change types: `run`, `file`, `yaml`, `toml`, `upload`
+- Server inventory with YAML/ERB support
+- CLI with status, dry-run, and change generation
+- Rails integration via Railtie (auto-configures project_root and logger)
+- Rake tasks under `infrastructure:` namespace
+- Rails generator for new change files

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2025 FounderCatalyst
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,301 @@
+# Simple Infrastructure
+
+A migration-like DSL for server provisioning via SSH. Provides a change-based approach to server configuration, similar to how Rails database migrations work but for infrastructure.
+
+## Features
+
+- **Idempotency**: Changes can be run multiple times safely
+- **Auditability**: All changes are tracked in version control
+- **Consistency**: All servers in an environment receive the same configuration
+- **Incremental updates**: Only pending changes are applied
+- **Change tracking**: State stored on each server, automatically re-applied on rebuild
+
+## Installation
+
+Add to your Gemfile:
+
+```ruby
+gem "simple_infrastructure"
+```
+
+Then run:
+
+```bash
+bundle install
+```
+
+For Rails apps, the gem auto-configures via Railtie (sets `project_root` to `Rails.root` and `logger` to `Rails.logger`).
+
+For standalone use:
+
+```ruby
+require "simple_infrastructure"
+
+SimpleInfrastructure.configure do |config|
+  config.project_root = "/path/to/project"
+end
+```
+
+## Directory Structure
+
+```
+config/infrastructure/
+├── inventory.yml          # Server inventory
+└── changes/               # Change files
+    ├── 20250121000100_install_essentials.rb
+    ├── 20250121000200_configure_storage.rb
+    └── ...
+```
+
+## Server Inventory
+
+Servers are defined in `config/infrastructure/inventory.yml`, grouped by environment:
+
+```yaml
+defaults:
+  user: civo
+
+servers:
+  production:
+    - hostname: web1.production.example.com
+    - hostname: web2.production.example.com
+    - hostname: db.production.example.com
+
+  staging:
+    - hostname: app1.staging.example.com
+```
+
+The `defaults` section provides default values for all servers. Each server entry can override these defaults.
+
+## CLI Usage
+
+### Check Status
+
+View change status for all servers:
+
+```bash
+bin/infrastructure status
+```
+
+Output shows which servers have pending changes:
+
+```
+Production -------------------------------------------------------------
+  ✗ web1.production.example.com (6 pending)
+  ✔︎ web2.production.example.com (up to date)
+
+Staging ----------------------------------------------------------------
+  ✗ app1.staging.example.com (2 pending)
+```
+
+Use `-v` or `--verbose` to see the list of pending changes:
+
+```bash
+bin/infrastructure status -v
+```
+
+### Dry Run
+
+Preview what changes would be made without executing them:
+
+```bash
+bin/infrastructure --dry-run staging
+bin/infrastructure --dry-run production
+bin/infrastructure --dry-run web1.production.example.com
+```
+
+### Run Changes
+
+Apply pending changes:
+
+```bash
+# All servers in an environment
+bin/infrastructure staging
+bin/infrastructure production
+
+# Specific server
+bin/infrastructure web1.production.example.com
+```
+
+### Generate New Change
+
+Create a new change file:
+
+```bash
+bin/infrastructure new setup_redis
+
+# Or using the Rails generator:
+rails generate simple_infrastructure:change setup_redis
+```
+
+This creates a timestamped file like `config/infrastructure/changes/20250121143000_setup_redis.rb`.
+
+## Writing Changes
+
+### Basic Structure
+
+```ruby
+# Target specific servers (omit target line for all servers)
+target env: :production                    # All production servers
+target env: :staging                       # All staging servers
+target hostname: "db.production.example.com"  # Specific server
+
+# Run shell commands
+run "apt update", sudo: true
+run "systemctl restart nginx", sudo: true
+
+# Manage file contents
+file "/etc/ssh/sshd_config", sudo: true do
+  contains "PermitRootLogin no"           # Ensure line exists
+  remove "PermitRootLogin yes"            # Remove line if present
+  on_change { run "systemctl restart sshd", sudo: true }
+end
+
+# Manage YAML files
+yaml "/etc/config.yml", sudo: true do
+  set "server.port", 8080
+  remove "deprecated.setting"
+end
+
+# Manage TOML files
+toml "/etc/config.toml", sudo: true do
+  set "database.host", "localhost"
+end
+
+# Upload local files
+upload "config/backup/script.sh", "/root/bin/script.sh", sudo: true, mode: "700"
+```
+
+### Targeting Servers
+
+By default, changes apply to all servers. Use `target` to restrict to specific servers:
+
+```ruby
+# All servers in production
+target env: :production
+
+# Specific hostname
+target hostname: "db.production.example.com"
+
+# Hostname pattern (regex)
+target hostname: /^web\d+\.production\./
+```
+
+### DSL Reference
+
+#### `run(command, sudo: false)`
+
+Execute a shell command on the remote server.
+
+```ruby
+run "apt update", sudo: true
+run "docker compose up -d"
+```
+
+#### `file(path, sudo: false, &block)`
+
+Manage plain text file contents.
+
+```ruby
+file "/etc/fstab", sudo: true do
+  contains "/swapfile none swap sw 0 0"  # Add if missing
+  remove "/old/swap none swap sw 0 0"    # Remove if present
+  on_change { run "mount -a", sudo: true }  # Run only if file changed
+end
+```
+
+#### `yaml(path, sudo: false, &block)`
+
+Manage YAML configuration files.
+
+```ruby
+yaml "/etc/app/config.yml", sudo: true do
+  set "database.host", "localhost"
+  set "database.port", 3306
+  remove "deprecated_key"
+end
+```
+
+#### `toml(path, sudo: false, &block)`
+
+Manage TOML configuration files.
+
+```ruby
+toml "/etc/app/config.toml", sudo: true do
+  set "server.bind", "0.0.0.0"
+  set "server.port", 8080
+end
+```
+
+#### `upload(local_path, remote_path, sudo: false, mode: nil)`
+
+Upload a local file to the remote server.
+
+```ruby
+upload "bin/backup", "/root/bin/backup", sudo: true, mode: "700"
+upload "config/nginx.conf", "/etc/nginx/nginx.conf", sudo: true
+```
+
+### The `on_change` Callback
+
+The `file` DSL supports an `on_change` callback that only executes when the file was actually modified:
+
+```ruby
+file "/etc/ssh/sshd_config", sudo: true do
+  remove "PermitRootLogin yes"
+  contains "PermitRootLogin no"
+  on_change { run "systemctl restart sshd", sudo: true }
+end
+```
+
+This is useful for restarting services only when their configuration changes, avoiding unnecessary service restarts.
+
+## Rake Tasks
+
+Alternative to the CLI:
+
+```bash
+# Show status
+rake infrastructure:status
+
+# Run changes
+rake infrastructure:run[production]
+rake infrastructure:run[staging]
+
+# Dry run
+rake infrastructure:dry_run[production]
+
+# Generate change
+rake infrastructure:generate[setup_redis]
+```
+
+## Change Tracking
+
+The system tracks which changes have been applied by storing log files on each server in `~/.infrastructure/`:
+
+```
+~/.infrastructure/
+├── 20250121000100_install_essentials.log
+├── 20250121000200_configure_storage.log
+├── 20250121000300_configure_swap.log
+└── ...
+```
+
+Each log file contains the timestamp when the change was applied and any output from the commands.
+
+This approach means:
+- State lives on the server itself, not in your local repository
+- If a server is deleted and recreated, changes will be re-applied automatically
+- Log files provide debugging information if something goes wrong
+
+## Best Practices
+
+1. **Make changes idempotent**: Use `contains` instead of blindly appending, check if files exist before creating them
+2. **Use `on_change` for service restarts**: Avoid unnecessary restarts by only restarting when config actually changes
+3. **Test with dry-run first**: Always preview changes before applying to production
+4. **Target narrowly when appropriate**: Use specific hostnames for server-specific configuration (like database backups)
+5. **Keep changes small and focused**: One concern per change makes troubleshooting easier
+
+## License
+
+MIT License. See [LICENSE.txt](LICENSE.txt).

data/bin/simple_infrastructure

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "simple_infrastructure"
+
+SimpleInfrastructure::Cli.new(ARGV).run

data/lib/generators/simple_infrastructure/change_generator.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require "rails/generators"
+
+module SimpleInfrastructure
+  module Generators
+    class ChangeGenerator < Rails::Generators::NamedBase
+      source_root File.expand_path("templates", __dir__)
+
+      def create_change_file
+        timestamp = Time.now.strftime("%Y%m%d%H%M%S")
+        template "change.rb.tt", "config/infrastructure/changes/#{timestamp}_#{file_name}.rb"
+      end
+    end
+  end
+end

data/lib/generators/simple_infrastructure/templates/change.rb.tt

@@ -0,0 +1,21 @@
+target env: :production
+
+# run "command", sudo: true
+
+# file "/path/to/file", sudo: true do
+#   contains "line that must exist"
+#   remove "line that must not exist"
+#   on_change { run "systemctl restart service", sudo: true }
+# end
+
+# yaml "/path/to/config.yml", sudo: true do
+#   set "key.path", "value"
+#   remove "old.key"
+# end
+
+# toml "/path/to/config.toml", sudo: true do
+#   set "key.path", "value"
+#   remove "old.key"
+# end
+
+# upload "config/backup/script.sh", "/root/bin/script.sh", sudo: true, mode: "700"

data/lib/simple_infrastructure/change.rb

@@ -0,0 +1,187 @@
+# frozen_string_literal: true
+
+module SimpleInfrastructure
+  class Change
+    attr_reader :name, :target_criteria, :steps
+
+    def initialize(name)
+      @name = name
+      @target_criteria = {}
+      @steps = []
+    end
+
+    def target(criteria)
+      @target_criteria = criteria
+    end
+
+    def targets?(server)
+      server.matches?(target_criteria)
+    end
+
+    def add_step(step)
+      @steps << step
+    end
+
+    def <=>(other)
+      name <=> other.name
+    end
+
+    def self.load_all
+      changes_dir = SimpleInfrastructure.configuration.changes_dir
+      return [] unless Dir.exist?(changes_dir)
+
+      Dir.glob(File.join(changes_dir, "*.rb")).map do |file|
+        Dsl.load_file(file)
+      end
+    end
+  end
+
+  # Step types
+  class RunStep
+    attr_reader :command, :sudo
+
+    def initialize(command, sudo: false)
+      @command = command
+      @sudo = sudo
+    end
+
+    def execute(connection, dry_run: false)
+      full_command = sudo ? "sudo #{command}" : command
+      SimpleInfrastructure.logger.debug "  RUN: #{full_command}"
+      return true if dry_run
+
+      result = connection.exec(full_command)
+      unless result[:success]
+        raise "Command failed with exit code #{result[:exit_code]}: #{result[:stderr]}"
+      end
+
+      true
+    end
+  end
+
+  class FileStep
+    attr_reader :path, :operations, :sudo, :on_change_callback
+
+    def initialize(path, sudo: false)
+      @path = path
+      @operations = []
+      @sudo = sudo
+      @on_change_callback = nil
+    end
+
+    def contains(line)
+      @operations << [:contains, line]
+    end
+
+    def remove(line)
+      @operations << [:remove, line]
+    end
+
+    def on_change(&block)
+      @on_change_callback = block
+    end
+
+    def execute(connection, dry_run: false)
+      SimpleInfrastructure.logger.debug "  FILE: #{path}#{' (sudo)' if sudo}"
+      modified = FileOperations.new(connection, path, sudo: sudo, dry_run: dry_run).apply(@operations)
+
+      if modified && @on_change_callback && !dry_run
+        SimpleInfrastructure.logger.debug "  ON_CHANGE: Executing callback..."
+        callback_context = OnChangeContext.new(connection)
+        callback_context.instance_eval(&@on_change_callback)
+      end
+
+      true
+    end
+  end
+
+  class OnChangeContext
+    def initialize(connection)
+      @connection = connection
+    end
+
+    def run(command, sudo: false)
+      full_command = sudo ? "sudo #{command}" : command
+      SimpleInfrastructure.logger.debug "    RUN: #{full_command}"
+      result = @connection.exec(full_command)
+      unless result[:success]
+        raise "Command failed with exit code #{result[:exit_code]}: #{result[:stderr]}"
+      end
+
+      true
+    end
+  end
+
+  class YamlStep
+    attr_reader :path, :operations, :sudo
+
+    def initialize(path, sudo: false)
+      @path = path
+      @operations = []
+      @sudo = sudo
+    end
+
+    def set(key, value)
+      @operations << [:set, key, value]
+    end
+
+    def remove(key)
+      @operations << [:remove, key]
+    end
+
+    def execute(connection, dry_run: false)
+      SimpleInfrastructure.logger.debug "  YAML: #{path}#{' (sudo)' if sudo}"
+      YamlOperations.new(connection, path, sudo: sudo, dry_run: dry_run).apply(@operations)
+    end
+  end
+
+  class TomlStep
+    attr_reader :path, :operations, :sudo
+
+    def initialize(path, sudo: false)
+      @path = path
+      @operations = []
+      @sudo = sudo
+    end
+
+    def set(key, value)
+      @operations << [:set, key, value]
+    end
+
+    def remove(key)
+      @operations << [:remove, key]
+    end
+
+    def execute(connection, dry_run: false)
+      SimpleInfrastructure.logger.debug "  TOML: #{path}#{' (sudo)' if sudo}"
+      TomlOperations.new(connection, path, sudo: sudo, dry_run: dry_run).apply(@operations)
+    end
+  end
+
+  class UploadStep
+    attr_reader :local_path, :remote_path, :sudo, :mode
+
+    def initialize(local_path, remote_path, sudo: false, mode: nil)
+      @local_path = local_path
+      @remote_path = remote_path
+      @sudo = sudo
+      @mode = mode
+    end
+
+    def execute(connection, dry_run: false)
+      SimpleInfrastructure.logger.debug "  UPLOAD: #{local_path} -> #{remote_path}#{' (sudo)' if sudo}"
+      return true if dry_run
+
+      content = File.read(File.join(SimpleInfrastructure.project_root, local_path))
+      connection.write_file(remote_path, content, sudo: sudo)
+
+      if mode
+        chmod_cmd = "chmod #{mode} #{remote_path}"
+        chmod_cmd = "sudo #{chmod_cmd}" if sudo
+        connection.exec(chmod_cmd)
+      end
+
+      true
+    end
+  end
+end