@sysnee/pgs 0.1.2 → 0.1.4

package/haproxy.cfg

@@ -0,0 +1,35 @@
+global
+    log stdout format raw local0 info
+    maxconn 4096
+    lua-load /etc/haproxy/lua/pg-route.lua
+
+defaults
+    log global
+    mode tcp
+    option tcplog
+    timeout connect 5s
+    timeout client 30s
+    timeout server 30s
+    retries 3
+
+frontend postgres_frontend
+    bind *:5432
+    mode tcp
+    
+    # Use Lua script to parse PostgreSQL startup packet and route by username
+    tcp-request inspect-delay 5s
+    tcp-request content lua.pg_route
+    tcp-request content reject if { var(txn.pg_blocked) -m bool }
+    
+    # Route to backend based on username extracted by Lua
+    use_backend %[var(txn.pg_backend)] if { var(txn.pg_backend) -m found }
+    
+    # Default backend for unknown connections
+    default_backend pg_reject
+
+backend pg_reject
+    mode tcp
+    timeout server 1s
+
+backend pg_ssl_pool
+    mode tcp

package/manager.js

@@ -1,42 +1,47 @@
 #!/usr/bin/env node
 
-import fs, { readFileSync } from 'fs';
+import fs, { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs';
 import path from 'path';
 import yaml from 'js-yaml';
+import os from 'os';
 import { Command } from 'commander';
 import { execSync } from 'child_process';
 
-const COMPOSE_FILE = path.join(process.cwd(), 'docker-compose.yml');
-const INIT_DIR = path.join(process.cwd(), 'init');
-const HAPROXY_CFG = path.join(process.cwd(), 'haproxy.cfg');
-const TENANT_ACCESS_FILE = path.join(process.cwd(), 'tenant-access.json');
+const CONFIG_DIR = path.join(os.homedir(), '.sysnee-config');
+
+const COMPOSE_FILE_PATH = path.join(CONFIG_DIR, 'docker-compose.yml');
+const INIT_DIR_PATH = path.join(CONFIG_DIR, 'init');
+const HAPROXY_CFG_PATH = path.join(CONFIG_DIR, 'haproxy.cfg');
+const TENANT_ACCESS_FILE_PATH = path.join(CONFIG_DIR, 'tenant-access.json');
+const SETUP_STATUS_PATH = path.join(CONFIG_DIR, 'status.txt');
 
 function loadCompose() {
-    if (!fs.existsSync(COMPOSE_FILE)) {
-        throw new Error('docker-compose.yml not found');
+    if (!fs.existsSync(COMPOSE_FILE_PATH)) {
+        const dockerComposeInitialContent = readFileSync(path.join(path.dirname(''), 'docker-compose.yml'), 'utf8')
+        writeFileSync(COMPOSE_FILE_PATH, dockerComposeInitialContent)
     }
-    const content = fs.readFileSync(COMPOSE_FILE, 'utf8');
+    const content = fs.readFileSync(COMPOSE_FILE_PATH, 'utf8');
     return yaml.load(content);
 }
 
 function saveCompose(doc) {
     const content = yaml.dump(doc, { indent: 2, lineWidth: -1 });
-    fs.writeFileSync(COMPOSE_FILE, content);
+    fs.writeFileSync(COMPOSE_FILE_PATH, content);
 }
 
 // ==================== Tenant Access Management ====================
 
 function loadTenantAccess() {
-    if (!fs.existsSync(TENANT_ACCESS_FILE)) {
-        fs.writeFileSync(TENANT_ACCESS_FILE, '{}');
+    if (!fs.existsSync(TENANT_ACCESS_FILE_PATH)) {
+        fs.writeFileSync(TENANT_ACCESS_FILE_PATH, '{}');
     }
-    const content = fs.readFileSync(TENANT_ACCESS_FILE, 'utf8');
+    const content = fs.readFileSync(TENANT_ACCESS_FILE_PATH, 'utf8');
     return JSON.parse(content) || {};
 }
 
 function saveTenantAccess(access) {
     const content = JSON.stringify(access, null, 2);
-    fs.writeFileSync(TENANT_ACCESS_FILE, content);
+    fs.writeFileSync(TENANT_ACCESS_FILE_PATH, content);
 }
 
 function setTenantAccess(tenantId, enabled) {
@@ -60,43 +65,9 @@ function generateHAProxyConfig() {
     const tenants = Object.keys(doc.services || {})
         .filter(name => name.startsWith('pgs_') && name !== 'haproxy');
 
-    // Generate full HAProxy config
-    let config = `global
-    log stdout format raw local0 info
-    maxconn 4096
-    lua-load /etc/haproxy/lua/pg-route.lua
-
-defaults
-    log global
-    mode tcp
-    option tcplog
-    timeout connect 5s
-    timeout client 30s
-    timeout server 30s
-    retries 3
-
-frontend postgres_frontend
-    bind *:5432
-    mode tcp
-    
-    # Use Lua script to parse PostgreSQL startup packet and route by username
-    tcp-request inspect-delay 5s
-    tcp-request content lua.pg_route
-    tcp-request content reject if { var(txn.pg_blocked) -m bool }
-    
-    # Route to backend based on username extracted by Lua
-    use_backend %[var(txn.pg_backend)] if { var(txn.pg_backend) -m found }
-    
-    # Default backend for unknown connections
-    default_backend pg_reject
-
-backend pg_reject
-    mode tcp
-    timeout server 1s
-
-backend pg_ssl_pool
-    mode tcp
-`;
+    // Get initial HAProxy config
+    const templateFilePath = path.join(path.dirname(''), 'haproxy.cfg')
+    let config = readFileSync(templateFilePath, 'utf8');
 
     // Add all tenant backends to SSL pool for SSL negotiation
     // PostgreSQL will respond 'N' (no SSL) during negotiation, then client retries without SSL
@@ -121,7 +92,7 @@ backend pg_ssl_pool
 `;
     }
 
-    fs.writeFileSync(HAPROXY_CFG, config);
+    fs.writeFileSync(HAPROXY_CFG_PATH, config);
 }
 
 function updateHAProxyDependsOn() {
@@ -157,15 +128,15 @@ function updateHAProxyDependsOn() {
     saveCompose(doc);
 
     // Restart HAProxy
-    executeCommand('sudo docker restart postgres_proxy');
+    executeCommand('docker restart postgres_proxy');
 }
 
 function createInitScript({ tenantId, password, databaseName }) {
-    if (!fs.existsSync(INIT_DIR)) {
-        fs.mkdirSync(INIT_DIR, { recursive: true });
+    if (!fs.existsSync(INIT_DIR_PATH)) {
+        fs.mkdirSync(INIT_DIR_PATH, { recursive: true });
     }
 
-    const initFile = path.join(INIT_DIR, `init-${tenantId}.sql`);
+    const initFile = path.join(INIT_DIR_PATH, `init-${tenantId}.sql`);
     const sql = `CREATE ROLE ${tenantId} WITH LOGIN PASSWORD '${password}' SUPERUSER CREATEDB CREATEROLE;
     CREATE DATABASE ${databaseName} OWNER ${tenantId};
     GRANT ALL PRIVILEGES ON DATABASE ${databaseName} TO ${tenantId};
@@ -217,6 +188,30 @@ function ensureNetwork(doc) {
     }
 }
 
+function ensureDockerPrivilegies() {
+    if (!existsSync(CONFIG_DIR)) {
+        mkdirSync(CONFIG_DIR, { recursive: true });
+    }
+    execSync('sudo usermod -aG docker $USER && newgrp docker')
+    writeFileSync(SETUP_STATUS_PATH, 'container:ok')
+    console.log('All ready!')
+}
+
+function checkSetupStatus() {
+    try {
+        const content = readFileSync(SETUP_STATUS_PATH, 'utf8')
+        if (content === 'container:ok') {
+            return true
+        } else {
+            console.warn('Missing setup config. Please run "pgs setup"')
+            process.exit(0)
+        }
+    } catch (error) {
+        console.warn('Missing setup config. Please run "pgs setup"')
+        process.exit(0)
+    }
+}
+
 function createTenant(tenantId, options = {}) {
     const { version = '18', password, limits = DEFAULT_LIMITS } = options;
     const doc = loadCompose();
@@ -255,7 +250,7 @@ function createTenant(tenantId, options = {}) {
     updateHAProxyDependsOn();
 
     // start the tenant
-    executeCommand(`sudo docker compose up -d ${serviceName}`.trim());
+    executeCommand(`docker compose up -d ${serviceName}`.trim());
 
     console.log(`✓ Created tenant: ${tenantId}`);
     console.log(`  Service: ${serviceName}`);
@@ -315,7 +310,7 @@ function enableTenantAccess(tenantId) {
     setTenantAccess(tenantId, true);
 
     // Restart HAProxy
-    executeCommand('sudo docker restart postgres_proxy');
+    executeCommand('docker restart postgres_proxy');
 
     console.log(`✓ External access enabled for tenant: ${tenantId}`);
 }
@@ -332,7 +327,7 @@ function disableTenantAccess(tenantId) {
     setTenantAccess(tenantId, false);
 
     // Restart HAProxy
-    executeCommand('sudo docker restart postgres_proxy');
+    executeCommand('docker restart postgres_proxy');
 
     console.log(`✓ External access disabled for tenant: ${tenantId}`);
 }
@@ -352,7 +347,7 @@ function removeTenant(tenantId) {
         delete doc.volumes[volumeName];
     }
 
-    const initFile = path.join(INIT_DIR, `init-${tenantId}.sql`);
+    const initFile = path.join(INIT_DIR_PATH, `init-${tenantId}.sql`);
     if (fs.existsSync(initFile)) {
         fs.unlinkSync(initFile);
     }
@@ -371,7 +366,7 @@ function removeTenant(tenantId) {
 
 function executeCommand(command) {
     try {
-        execSync(command, { stdio: 'inherit', cwd: process.cwd() });
+        execSync(command, { stdio: 'inherit', cwd: CONFIG_DIR });
     } catch (error) {
         console.error(`Error executing: ${command}`);
         process.exit(1);
@@ -389,6 +384,13 @@ program
     .description('Manage PostgreSQL tenant instances')
     .version('1.0.0');
 
+program
+    .command('setup')
+    .description('Initial required setup')
+    .action(() => {
+        ensureDockerPrivilegies()
+    })
+
 program
     .command('create')
     .description('Create a new PostgreSQL tenant instance')
@@ -399,7 +401,9 @@ program
     .option('--cpu <cpu>', 'CPU limit (cores)', '0.5')
     .option('--memory <memory>', 'Memory limit (MB)', '256')
     .action((...args) => {
+        checkSetupStatus()
         try {
+
             const providedTenantId = args[0];
             const randomSuffix = Math.random().toString(36).substring(2, 8);
             const tenantId = `${providedTenantId}_${randomSuffix}`;
@@ -411,17 +415,18 @@ program
                 version: null,
                 limits: null
             }
-            
+
             if (opts.file) {
                 const manifestFilePath = path.resolve(opts.file)
                 const optsFromManifest = JSON.parse(readFileSync(manifestFilePath))
-                
+
                 if (optsFromManifest.type !== 'postgres') {
                     throw new Error(`The type "${optsFromManifest.type}" is not valid for this agent.`)
                 }
                 console.log('optsFromManifest', optsFromManifest)
 
                 tenantOptions.limits = optsFromManifest.shared_limits
+                tenantOptions.version = optsFromManifest.version
             } else {
                 tenantOptions.version = opts.version;
                 tenantOptions.limits = {
@@ -429,9 +434,9 @@ program
                     memory: parseInt(opts.memory, 10),
                 };
             }
-            
+
             tenantOptions.password = opts.password || generateRandomPassword();
-            
+
             createTenant(tenantId, tenantOptions);
         } catch (error) {
             console.error(`Error: ${error}`);
@@ -443,6 +448,7 @@ program
     .command('list')
     .description('List all tenant instances')
     .action(() => {
+        checkSetupStatus()
         try {
             listTenants();
         } catch (error) {
@@ -456,6 +462,7 @@ program
     .description('Remove a tenant instance')
     .argument('<tenant-id>', 'Tenant identifier')
     .action((tenantId) => {
+        checkSetupStatus()
         try {
             removeTenant(tenantId);
         } catch (error) {
@@ -469,8 +476,9 @@ program
     .description('Start all PostgreSQL services')
     .argument('[tenant-id]', 'Tenant identifier (optional, starts all if omitted)')
     .action((tenantId) => {
+        checkSetupStatus()
         const service = tenantId ? `pgs_${tenantId}` : '';
-        executeCommand(`sudo docker compose up -d ${service}`.trim());
+        executeCommand(`docker compose up -d ${service}`.trim());
     });
 
 program
@@ -478,9 +486,10 @@ program
     .description('Stop all PostgreSQL services')
     .argument('[tenant-id]', 'Tenant identifier (optional, stops all if omitted)')
     .action((tenantId) => {
+        checkSetupStatus()
         const service = tenantId ? `pgs_${tenantId}` : '';
-        executeCommand(`sudo docker compose stop ${service}`.trim());
-        executeCommand('sudo docker restart postgres_proxy');
+        executeCommand(`docker compose stop ${service}`.trim());
+        executeCommand('docker restart postgres_proxy');
     });
 
 program
@@ -488,6 +497,7 @@ program
     .description('Enable external access for a tenant')
     .argument('<tenant-id>', 'Tenant identifier')
     .action((tenantId) => {
+        checkSetupStatus()
         try {
             enableTenantAccess(tenantId);
         } catch (error) {
@@ -501,6 +511,7 @@ program
     .description('Disable external access for a tenant')
     .argument('<tenant-id>', 'Tenant identifier')
     .action((tenantId) => {
+        checkSetupStatus()
         try {
             disableTenantAccess(tenantId);
         } catch (error) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sysnee/pgs",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "description": "Dynamic PostgreSQL service instance manager",
   "type": "module",
   "bin": {

package/manifest.json

@@ -1,32 +0,0 @@
-{
-    "type": "deploy",
-    "version": "18",
-    "tier": 1,
-    "purpose": "development",
-    "storage": 2,
-    "region": "us-central-1",
-    "provider": "gcp",
-    "zone": "a",
-    "shared": true,
-    "shared_limits": {
-        "cpu": 0.5,
-        "memory": 512
-    },
-    "postgres": {
-        "port": 5432,
-        "username": "postgres",
-        "password": "postgres",
-        "default_database": "postgres"
-    },
-    "firewall": {
-        "rules": [
-            {
-                "description": "Allow all traffic",
-                "type": "allow",
-                "protocol": "tcp",
-                "port": 5432,
-                "source": "0.0.0.0/0"
-            }
-        ]
-    }
-}