suthep 0.1.0 → 0.2.0-beta.1

package/example/suthep.example.yml

@@ -0,0 +1,89 @@
+# Suthep Configuration Example
+# Copy this file to suthep.yml and customize for your project
+
+project:
+  name: my-app
+  version: 1.0.0
+
+services:
+  # Example 1: Service without Docker (runs directly on host)
+  # Perfect for Node.js with PM2, Python with Gunicorn, etc.
+  - name: api
+    port: 3000
+    domains:
+      - api.example.com
+      - www.api.example.com
+    healthCheck:
+      path: /health
+      interval: 30
+    environment:
+      NODE_ENV: production
+      PORT: 3000
+
+  # Example 2: Service with Docker image
+  # Suthep will pull the image and create the container
+  - name: webapp
+    port: 8080
+    docker:
+      image: nginx:latest
+      container: webapp-container
+      port: 80
+    domains:
+      - example.com
+      - www.example.com
+    healthCheck:
+      path: /
+      interval: 30
+
+  # Example 3: Service connecting to existing Docker container
+  # Useful when containers are managed separately (e.g., docker-compose)
+  - name: database-proxy
+    port: 5432
+    docker:
+      container: postgres-container
+      port: 5432
+    domains:
+      - db.example.com
+
+  # Example 4: Path-based routing
+  # Multiple services on the same domain using different paths
+  - name: api-v2
+    port: 3001
+    path: /api
+    domains:
+      - myapp.com
+    docker:
+      image: myapp/api:latest
+      container: api-v2-container
+      port: 3001
+    healthCheck:
+      path: /health
+      interval: 30
+
+  - name: frontend
+    port: 3000
+    path: /
+    domains:
+      - myapp.com
+    docker:
+      image: myapp/frontend:latest
+      container: frontend-container
+      port: 3000
+    healthCheck:
+      path: /
+      interval: 30
+
+# Nginx Configuration
+nginx:
+  configPath: /etc/nginx/sites-available
+  reloadCommand: sudo nginx -t && sudo systemctl reload nginx
+
+# Certbot Configuration (SSL/TLS certificates)
+certbot:
+  email: admin@example.com
+  staging: false  # Set to true for testing to avoid rate limits
+
+# Deployment Configuration
+deployment:
+  strategy: rolling  # Options: rolling, blue-green
+  healthCheckTimeout: 30000  # milliseconds

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "suthep",
-  "version": "0.1.0",
+  "version": "0.2.0-beta.1",
   "type": "module",
   "description": "CLI tool for deploying projects with automatic Nginx reverse proxy and HTTPS setup",
   "main": "dist/index.js",

package/src/commands/deploy.ts

@@ -1,11 +1,23 @@
 import chalk from 'chalk'
 import fs from 'fs-extra'
-import path from 'path'
-import { requestCertificate } from '../utils/certbot'
+import type { ServiceConfig } from '../types/config'
+import { certificateExists, requestCertificate } from '../utils/certbot'
 import { loadConfig } from '../utils/config-loader'
 import { deployService, performHealthCheck } from '../utils/deployment'
-import { startDockerContainer } from '../utils/docker'
-import { enableSite, generateNginxConfig, reloadNginx } from '../utils/nginx'
+import {
+  cleanupTempContainer,
+  startDockerContainer,
+  startDockerContainerZeroDowntime,
+  swapContainersForZeroDowntime,
+  type ZeroDowntimeContainerInfo,
+} from '../utils/docker'
+import {
+  enableSite,
+  generateMultiServiceNginxConfig,
+  generateNginxConfig,
+  reloadNginx,
+  writeNginxConfig,
+} from '../utils/nginx'
 
 interface DeployOptions {
   file: string
@@ -28,7 +40,24 @@ export async function deployCommand(options: DeployOptions): Promise<void> {
     console.log(chalk.green(`✅ Configuration loaded for project: ${config.project.name}`))
     console.log(chalk.dim(`   Services: ${config.services.map((s) => s.name).join(', ')}\n`))
 
-    // Deploy each service
+    // Group services by domain
+    const domainToServices = new Map<string, ServiceConfig[]>()
+    const allDomains = new Set<string>()
+
+    for (const service of config.services) {
+      for (const domain of service.domains) {
+        allDomains.add(domain)
+        if (!domainToServices.has(domain)) {
+          domainToServices.set(domain, [])
+        }
+        domainToServices.get(domain)!.push(service)
+      }
+    }
+
+    // Deploy each service (Docker, health checks, etc.)
+    // Track zero-downtime info for services that need it
+    const serviceTempInfo = new Map<string, ZeroDowntimeContainerInfo | null>()
+
     for (const service of config.services) {
       console.log(chalk.cyan(`\n📦 Deploying service: ${service.name}`))
 
@@ -36,62 +65,42 @@ export async function deployCommand(options: DeployOptions): Promise<void> {
         // Start Docker container if configured
         if (service.docker) {
           console.log(chalk.dim('  🐳 Managing Docker container...'))
-          await startDockerContainer(service)
-        }
-
-        // Deploy the service
-        await deployService(service, config.deployment)
 
-        // Generate and configure Nginx
-        if (options.nginx) {
-          console.log(chalk.dim('  ⚙️  Configuring Nginx reverse proxy...'))
-          const nginxConfigContent = generateNginxConfig(service, false)
-          const nginxConfigPath = path.join(config.nginx.configPath, `${service.name}.conf`)
-
-          await fs.writeFile(nginxConfigPath, nginxConfigContent)
-          await enableSite(service.name, config.nginx.configPath)
-
-          console.log(chalk.green(`  ✅ Nginx configured for ${service.domains.join(', ')}`))
-        }
+          // Use zero-downtime deployment if strategy is blue-green or rolling
+          if (
+            config.deployment.strategy === 'blue-green' ||
+            config.deployment.strategy === 'rolling'
+          ) {
+            const tempInfo = await startDockerContainerZeroDowntime(service)
+            serviceTempInfo.set(service.name, tempInfo)
 
-        // Setup HTTPS with Certbot
-        if (options.https && service.domains.length > 0) {
-          console.log(chalk.dim('  🔐 Setting up HTTPS certificates...'))
-
-          for (const domain of service.domains) {
-            try {
-              await requestCertificate(domain, config.certbot.email, config.certbot.staging)
-              console.log(chalk.green(`  ✅ SSL certificate obtained for ${domain}`))
-            } catch (error) {
+            if (tempInfo && tempInfo.oldContainerExists) {
               console.log(
-                chalk.yellow(
-                  `  ⚠️  Failed to obtain SSL for ${domain}: ${
-                    error instanceof Error ? error.message : error
-                  }`
+                chalk.cyan(
+                  `  🔄 Zero-downtime deployment: new container on port ${tempInfo.tempPort}`
                 )
               )
             }
+          } else {
+            // Fallback to regular deployment
+            await startDockerContainer(service)
+            serviceTempInfo.set(service.name, null)
           }
-
-          // Update Nginx config with HTTPS
-          if (options.nginx) {
-            const nginxConfigContent = generateNginxConfig(service, true)
-            const nginxConfigPath = path.join(config.nginx.configPath, `${service.name}.conf`)
-            await fs.writeFile(nginxConfigPath, nginxConfigContent)
-          }
+        } else {
+          serviceTempInfo.set(service.name, null)
         }
 
-        // Reload Nginx after all configurations
-        if (options.nginx) {
-          console.log(chalk.dim('  🔄 Reloading Nginx...'))
-          await reloadNginx(config.nginx.reloadCommand)
-        }
+        // Deploy the service (with temp info for zero-downtime)
+        const tempInfo = serviceTempInfo.get(service.name) || null
+        await deployService(service, config.deployment, tempInfo)
 
-        // Perform health check
+        // Perform health check on appropriate port
         if (service.healthCheck) {
           console.log(chalk.dim(`  🏥 Performing health check...`))
+          const checkPort =
+            tempInfo && tempInfo.oldContainerExists ? tempInfo.tempPort : service.port
           const isHealthy = await performHealthCheck(
-            `http://localhost:${service.port}${service.healthCheck.path}`,
+            `http://localhost:${checkPort}${service.healthCheck.path}`,
             config.deployment.healthCheckTimeout
           )
 
@@ -102,7 +111,7 @@ export async function deployCommand(options: DeployOptions): Promise<void> {
           }
         }
 
-        console.log(chalk.green.bold(`\n✨ Service ${service.name} deployed successfully!`))
+        console.log(chalk.green.bold(`✨ Service ${service.name} deployed successfully!`))
       } catch (error) {
         console.error(
           chalk.red(`\n❌ Failed to deploy service ${service.name}:`),
@@ -112,6 +121,267 @@ export async function deployCommand(options: DeployOptions): Promise<void> {
       }
     }
 
+    // Helper function to generate nginx configs with optional port overrides
+    const generateNginxConfigsForDomain = (
+      domain: string,
+      withHttps: boolean,
+      portOverrides?: Map<string, number>
+    ): string => {
+      const servicesForDomain = domainToServices.get(domain)!
+      if (servicesForDomain.length === 1) {
+        const service = servicesForDomain[0]
+        const portOverride = portOverrides?.get(service.name)
+        return generateNginxConfig(service, withHttps, portOverride)
+      } else {
+        return generateMultiServiceNginxConfig(servicesForDomain, domain, withHttps, portOverrides)
+      }
+    }
+
+    // Check if we need zero-downtime nginx updates (any service has temp container)
+    const needsZeroDowntimeNginx = Array.from(serviceTempInfo.values()).some(
+      (info) => info !== null && info.oldContainerExists
+    )
+
+    // Configure Nginx per domain
+    if (options.nginx) {
+      // If zero-downtime, first update nginx to point to temp ports
+      if (needsZeroDowntimeNginx) {
+        console.log(chalk.cyan(`\n⚙️  Updating Nginx for zero-downtime deployment...`))
+
+        // Build port override map for temp ports
+        const tempPortOverrides = new Map<string, number>()
+        for (const service of config.services) {
+          const tempInfo = serviceTempInfo.get(service.name)
+          if (tempInfo && tempInfo.oldContainerExists) {
+            tempPortOverrides.set(service.name, tempInfo.tempPort)
+          }
+        }
+
+        for (const domain of allDomains) {
+          const configName = domain.replace(/\./g, '_')
+          try {
+            const nginxConfigContent = generateNginxConfigsForDomain(
+              domain,
+              false,
+              tempPortOverrides
+            )
+            await writeNginxConfig(configName, config.nginx.configPath, nginxConfigContent)
+            await enableSite(configName, config.nginx.configPath)
+            console.log(chalk.green(`  ✅ Nginx updated for ${domain} (temporary ports)`))
+          } catch (error) {
+            console.error(
+              chalk.red(`  ❌ Failed to update Nginx for ${domain}:`),
+              error instanceof Error ? error.message : error
+            )
+            throw error
+          }
+        }
+
+        // Reload nginx to switch to temp ports (graceful reload, no connection drops)
+        console.log(chalk.cyan(`\n🔄 Reloading Nginx to switch to new containers...`))
+        await reloadNginx(config.nginx.reloadCommand)
+        console.log(chalk.green(`  ✅ Nginx reloaded, traffic now routed to new containers`))
+
+        // Now swap containers (stop old, promote new)
+        console.log(chalk.cyan(`\n🔄 Swapping containers for zero-downtime...`))
+        for (const service of config.services) {
+          const tempInfo = serviceTempInfo.get(service.name)
+          if (tempInfo && tempInfo.oldContainerExists && service.docker) {
+            try {
+              await swapContainersForZeroDowntime(service, tempInfo)
+              console.log(chalk.green(`  ✅ Container swapped for ${service.name}`))
+            } catch (error) {
+              console.error(
+                chalk.red(`  ❌ Failed to swap container for ${service.name}:`),
+                error instanceof Error ? error.message : error
+              )
+              throw error
+            }
+          }
+        }
+
+        // Update nginx back to original ports (before stopping temp containers)
+        console.log(chalk.cyan(`\n⚙️  Updating Nginx back to production ports...`))
+        for (const domain of allDomains) {
+          const configName = domain.replace(/\./g, '_')
+          try {
+            const nginxConfigContent = generateNginxConfigsForDomain(domain, false)
+            await writeNginxConfig(configName, config.nginx.configPath, nginxConfigContent)
+            await enableSite(configName, config.nginx.configPath)
+            console.log(chalk.green(`  ✅ Nginx updated for ${domain} (production ports)`))
+          } catch (error) {
+            console.error(
+              chalk.red(`  ❌ Failed to update Nginx for ${domain}:`),
+              error instanceof Error ? error.message : error
+            )
+            throw error
+          }
+        }
+
+        // Reload nginx to switch to production ports (graceful reload)
+        console.log(chalk.cyan(`\n🔄 Reloading Nginx to switch to production ports...`))
+        await reloadNginx(config.nginx.reloadCommand)
+        console.log(chalk.green(`  ✅ Nginx reloaded, traffic now routed to production containers`))
+
+        // Clean up temp containers (nginx already pointing to production, so safe to remove)
+        console.log(chalk.cyan(`\n🧹 Cleaning up temporary containers...`))
+        for (const service of config.services) {
+          const tempInfo = serviceTempInfo.get(service.name)
+          if (tempInfo && tempInfo.oldContainerExists) {
+            await cleanupTempContainer(tempInfo.tempContainerName)
+          }
+        }
+      } else {
+        // Regular nginx configuration (no zero-downtime needed)
+        console.log(chalk.cyan(`\n⚙️  Configuring Nginx reverse proxy...`))
+
+        for (const domain of allDomains) {
+          const servicesForDomain = domainToServices.get(domain)!
+          const configName = domain.replace(/\./g, '_')
+
+          try {
+            // Log domain and services configuration
+            if (servicesForDomain.length > 1) {
+              console.log(
+                chalk.cyan(
+                  `  📋 Configuring ${domain} with ${
+                    servicesForDomain.length
+                  } services: ${servicesForDomain.map((s) => s.name).join(', ')}`
+                )
+              )
+              console.log(
+                chalk.dim(
+                  `     All services will share the same nginx config file: ${configName}.conf`
+                )
+              )
+            }
+
+            // Generate Nginx config
+            const nginxConfigContent = generateNginxConfigsForDomain(domain, false)
+
+            // Check if config file already exists and write/override it
+            const wasOverridden = await writeNginxConfig(
+              configName,
+              config.nginx.configPath,
+              nginxConfigContent
+            )
+
+            if (wasOverridden) {
+              console.log(
+                chalk.yellow(
+                  `  🔄 Nginx config "${configName}.conf" already exists, deleting and recreating with new configuration...`
+                )
+              )
+            }
+
+            await enableSite(configName, config.nginx.configPath)
+
+            console.log(chalk.green(`  ✅ Nginx configured for ${domain}`))
+          } catch (error) {
+            console.error(
+              chalk.red(`  ❌ Failed to configure Nginx for ${domain}:`),
+              error instanceof Error ? error.message : error
+            )
+            throw error
+          }
+        }
+      }
+    }
+
+    // Setup HTTPS with Certbot (per domain, not per service)
+    if (options.https && allDomains.size > 0) {
+      console.log(chalk.cyan(`\n🔐 Setting up HTTPS certificates...`))
+
+      for (const domain of allDomains) {
+        try {
+          // Check if certificate already exists
+          const exists = await certificateExists(domain)
+          if (exists) {
+            console.log(
+              chalk.green(
+                `  ✅ SSL certificate already exists for ${domain}, skipping certificate creation`
+              )
+            )
+            console.log(
+              chalk.dim(`     Using existing certificate from /etc/letsencrypt/live/${domain}/`)
+            )
+          } else {
+            // Request new certificate
+            console.log(chalk.cyan(`  📜 Requesting SSL certificate for ${domain}...`))
+            try {
+              await requestCertificate(domain, config.certbot.email, config.certbot.staging)
+              console.log(chalk.green(`  ✅ SSL certificate obtained for ${domain}`))
+            } catch (error: any) {
+              // Check if error is because certificate already exists (race condition or check missed it)
+              const errorMessage = error?.message || String(error) || ''
+              if (
+                errorMessage.includes('already exists') ||
+                errorMessage.includes('Skipping certificate creation')
+              ) {
+                console.log(
+                  chalk.green(
+                    `  ✅ SSL certificate already exists for ${domain} (detected during request), skipping...`
+                  )
+                )
+              } else {
+                throw error // Re-throw if it's a different error
+              }
+            }
+          }
+        } catch (error) {
+          console.log(
+            chalk.yellow(
+              `  ⚠️  Failed to obtain SSL for ${domain}: ${
+                error instanceof Error ? error.message : error
+              }`
+            )
+          )
+        }
+      }
+
+      // Update Nginx configs with HTTPS
+      if (options.nginx) {
+        console.log(chalk.cyan(`\n🔄 Updating Nginx configs with HTTPS...`))
+        for (const domain of allDomains) {
+          const configName = domain.replace(/\./g, '_')
+
+          try {
+            const nginxConfigContent = generateNginxConfigsForDomain(domain, true)
+            const wasOverridden = await writeNginxConfig(
+              configName,
+              config.nginx.configPath,
+              nginxConfigContent
+            )
+
+            if (wasOverridden) {
+              console.log(
+                chalk.yellow(
+                  `  🔄 Nginx config "${configName}.conf" already exists, deleting and recreating with new HTTPS configuration...`
+                )
+              )
+            }
+            console.log(chalk.green(`  ✅ HTTPS config updated for ${domain}`))
+          } catch (error) {
+            console.error(
+              chalk.red(`  ❌ Failed to update HTTPS config for ${domain}:`),
+              error instanceof Error ? error.message : error
+            )
+            throw error
+          }
+        }
+      }
+    }
+
+    // Final reload Nginx after all configurations (only if we didn't already reload for zero-downtime)
+    if (options.nginx && !needsZeroDowntimeNginx) {
+      console.log(chalk.cyan(`\n🔄 Reloading Nginx...`))
+      await reloadNginx(config.nginx.reloadCommand)
+    } else if (options.nginx && needsZeroDowntimeNginx) {
+      // Final reload after HTTPS update
+      console.log(chalk.cyan(`\n🔄 Final Nginx reload with HTTPS...`))
+      await reloadNginx(config.nginx.reloadCommand)
+    }
+
     console.log(chalk.green.bold('\n🎉 All services deployed successfully!\n'))
 
     // Print service URLs
@@ -119,7 +389,9 @@ export async function deployCommand(options: DeployOptions): Promise<void> {
     for (const service of config.services) {
       for (const domain of service.domains) {
         const protocol = options.https ? 'https' : 'http'
-        console.log(chalk.dim(`   ${service.name}: ${protocol}://${domain}`))
+        const servicePath = service.path || '/'
+        const fullPath = servicePath === '/' ? '' : servicePath
+        console.log(chalk.dim(`   ${service.name}: ${protocol}://${domain}${fullPath}`))
       }
     }
     console.log()