suthep 0.1.0 → 0.2.0-beta.1

package/src/types/config.ts

@@ -3,49 +3,50 @@
  */
 
 export interface ProjectConfig {
-  name: string;
-  version: string;
+  name: string
+  version: string
 }
 
 export interface HealthCheckConfig {
-  path: string;
-  interval: number;
+  path: string
+  interval: number
 }
 
 export interface DockerConfig {
-  image?: string;
-  container: string;
-  port: number;
+  image?: string
+  container: string
+  port: number
 }
 
 export interface ServiceConfig {
-  name: string;
-  port: number;
-  domains: string[];
-  docker?: DockerConfig;
-  healthCheck?: HealthCheckConfig;
-  environment?: Record<string, string>;
+  name: string
+  port: number
+  domains: string[]
+  path?: string // Path prefix for this service (e.g., '/api', '/'). Defaults to '/'
+  docker?: DockerConfig
+  healthCheck?: HealthCheckConfig
+  environment?: Record<string, string>
 }
 
 export interface NginxConfig {
-  configPath: string;
-  reloadCommand: string;
+  configPath: string
+  reloadCommand: string
 }
 
 export interface CertbotConfig {
-  email: string;
-  staging: boolean;
+  email: string
+  staging: boolean
 }
 
 export interface DeploymentConfig {
-  strategy: 'rolling' | 'blue-green';
-  healthCheckTimeout: number;
+  strategy: 'rolling' | 'blue-green'
+  healthCheckTimeout: number
 }
 
 export interface DeployConfig {
-  project: ProjectConfig;
-  services: ServiceConfig[];
-  nginx: NginxConfig;
-  certbot: CertbotConfig;
-  deployment: DeploymentConfig;
+  project: ProjectConfig
+  services: ServiceConfig[]
+  nginx: NginxConfig
+  certbot: CertbotConfig
+  deployment: DeploymentConfig
 }

package/src/utils/certbot.ts

@@ -8,6 +8,14 @@ export async function requestCertificate(
   email: string,
   staging: boolean = false
 ): Promise<void> {
+  // Check if certificate already exists before requesting
+  const exists = await certificateExists(domain)
+  if (exists) {
+    throw new Error(
+      `Certificate for ${domain} already exists. Use certificateExists() to check before calling this function.`
+    )
+  }
+
   const args = [
     'certonly',
     '--nginx',
@@ -25,12 +33,20 @@ export async function requestCertificate(
 
   try {
     await execa('sudo', ['certbot', ...args])
-  } catch (error) {
-    throw new Error(
-      `Failed to obtain SSL certificate for ${domain}: ${
-        error instanceof Error ? error.message : error
-      }`
-    )
+  } catch (error: any) {
+    const errorMessage = error?.stderr || error?.message || String(error) || 'Unknown error'
+    const errorLower = errorMessage.toLowerCase()
+
+    // Check if error is due to certificate already existing
+    if (
+      errorLower.includes('certificate already exists') ||
+      errorLower.includes('already have a certificate') ||
+      errorLower.includes('duplicate certificate')
+    ) {
+      throw new Error(`Certificate for ${domain} already exists. Skipping certificate creation.`)
+    }
+
+    throw new Error(`Failed to obtain SSL certificate for ${domain}: ${errorMessage}`)
   }
 }
 
@@ -47,6 +63,52 @@ export async function renewCertificates(): Promise<void> {
   }
 }
 
+/**
+ * Check if a certificate exists for a domain
+ */
+export async function certificateExists(domain: string): Promise<boolean> {
+  try {
+    // First, check if certificate files exist using test command (most reliable)
+    try {
+      await execa('sudo', ['test', '-f', `/etc/letsencrypt/live/${domain}/fullchain.pem`])
+      await execa('sudo', ['test', '-f', `/etc/letsencrypt/live/${domain}/privkey.pem`])
+      // Both files exist
+      return true
+    } catch {
+      // Files don't exist, continue to certbot check
+    }
+
+    // Fallback: Check using certbot certificates command
+    try {
+      const { stdout } = await execa('sudo', ['certbot', 'certificates'])
+
+      // Check if the domain appears in the certificates list
+      const lines = stdout.split('\n')
+      for (let i = 0; i < lines.length; i++) {
+        const line = lines[i]
+        // Check if this line contains "Domains:" and includes our domain
+        if (line.includes('Domains:') && line.includes(domain)) {
+          return true
+        }
+        // Also check for the domain in certificate paths
+        if (
+          line.includes(domain) &&
+          (line.includes('/live/') || line.includes('Certificate Name:'))
+        ) {
+          return true
+        }
+      }
+    } catch {
+      // If certbot command fails, assume no certificate exists
+    }
+
+    return false
+  } catch (error) {
+    // If all checks fail, assume no certificate exists
+    return false
+  }
+}
+
 /**
  * Check certificate expiration for a domain
  */

package/src/utils/config-loader.ts

@@ -33,6 +33,10 @@ function validateConfig(config: any): asserts config is DeployConfig {
     throw new Error('Configuration must include at least one service')
   }
 
+  // Track ports and container names to detect conflicts
+  const usedPorts = new Map<number, string[]>()
+  const usedContainers = new Map<string, string>()
+
   for (const service of config.services) {
     if (!service.name) {
       throw new Error('Each service must have a name')
@@ -43,6 +47,42 @@ function validateConfig(config: any): asserts config is DeployConfig {
     if (!service.domains || !Array.isArray(service.domains) || service.domains.length === 0) {
       throw new Error(`Service ${service.name} must have at least one domain`)
     }
+
+    // Check for port conflicts
+    if (usedPorts.has(service.port)) {
+      const conflictingServices = usedPorts.get(service.port)!
+      throw new Error(
+        `Port conflict: Service "${service.name}" uses port ${
+          service.port
+        } which is already used by: ${conflictingServices.join(
+          ', '
+        )}. Each service must use a unique port.`
+      )
+    }
+    usedPorts.set(service.port, [service.name])
+
+    // Check for Docker container name conflicts
+    if (service.docker) {
+      const containerName = service.docker.container
+      if (usedContainers.has(containerName)) {
+        const conflictingService = usedContainers.get(containerName)!
+        throw new Error(
+          `Docker container name conflict: Service "${service.name}" uses container name "${containerName}" which is already used by service "${conflictingService}". Each Docker container must have a unique name.`
+        )
+      }
+      usedContainers.set(containerName, service.name)
+    }
+  }
+
+  // Check for duplicate service names
+  const serviceNames = new Set<string>()
+  for (const service of config.services) {
+    if (serviceNames.has(service.name)) {
+      throw new Error(
+        `Duplicate service name: "${service.name}" is used multiple times. Each service must have a unique name.`
+      )
+    }
+    serviceNames.add(service.name)
   }
 
   if (!config.nginx) {

package/src/utils/deployment.ts

@@ -1,4 +1,5 @@
 import type { DeploymentConfig, ServiceConfig } from '../types/config'
+import type { ZeroDowntimeContainerInfo } from './docker'
 
 /**
  * Perform a health check on a service endpoint
@@ -33,12 +34,13 @@ export async function performHealthCheck(url: string, timeout: number = 30000):
  */
 export async function deployService(
   service: ServiceConfig,
-  deploymentConfig: DeploymentConfig
+  deploymentConfig: DeploymentConfig,
+  tempInfo: ZeroDowntimeContainerInfo | null = null
 ): Promise<void> {
   if (deploymentConfig.strategy === 'rolling') {
-    await rollingDeploy(service, deploymentConfig)
+    await rollingDeploy(service, deploymentConfig, tempInfo)
   } else if (deploymentConfig.strategy === 'blue-green') {
-    await blueGreenDeploy(service, deploymentConfig)
+    await blueGreenDeploy(service, deploymentConfig, tempInfo)
   } else {
     throw new Error(`Unknown deployment strategy: ${deploymentConfig.strategy}`)
   }
@@ -46,27 +48,37 @@ export async function deployService(
 
 /**
  * Rolling deployment strategy
- * Gradually replaces old instances with new ones
+ * For single instance, uses zero-downtime approach similar to blue-green
  */
 async function rollingDeploy(
   service: ServiceConfig,
-  deploymentConfig: DeploymentConfig
+  deploymentConfig: DeploymentConfig,
+  tempInfo: ZeroDowntimeContainerInfo | null
 ): Promise<void> {
-  // For rolling deployment:
-  // 1. Start new service instance
-  // 2. Wait for health check
-  // 3. Switch traffic to new instance
-  // 4. Stop old instance (if applicable)
+  // For rolling deployment with single instance:
+  // Similar to blue-green - use temporary container and port
 
-  // In this implementation, we assume the service is already running
-  // and we're just verifying it's healthy before proceeding
+  if (!tempInfo || !tempInfo.oldContainerExists) {
+    // No existing container, just check health on the new container
+    if (service.healthCheck) {
+      const healthUrl = `http://localhost:${service.port}${service.healthCheck.path}`
+      const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
 
-  if (service.healthCheck) {
-    const healthUrl = `http://localhost:${service.port}${service.healthCheck.path}`
-    const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
-
-    if (!isHealthy) {
-      throw new Error(`Service ${service.name} failed health check during rolling deployment`)
+      if (!isHealthy) {
+        throw new Error(`Service ${service.name} failed health check during rolling deployment`)
+      }
+    }
+  } else {
+    // Check health on temporary port
+    if (service.healthCheck) {
+      const healthUrl = `http://localhost:${tempInfo.tempPort}${service.healthCheck.path}`
+      const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
+
+      if (!isHealthy) {
+        throw new Error(
+          `Service ${service.name} failed health check on temporary container during rolling deployment`
+        )
+      }
     }
   }
 
@@ -75,28 +87,41 @@ async function rollingDeploy(
 }
 
 /**
- * Blue-green deployment strategy
- * Maintains two identical environments and switches between them
+ * Blue-green deployment strategy for single instance
+ * Uses temporary container and port for zero-downtime deployment
  */
 async function blueGreenDeploy(
   service: ServiceConfig,
-  deploymentConfig: DeploymentConfig
+  deploymentConfig: DeploymentConfig,
+  tempInfo: ZeroDowntimeContainerInfo | null
 ): Promise<void> {
-  // For blue-green deployment:
-  // 1. Deploy to "green" environment
-  // 2. Run health checks on green
-  // 3. Switch router/load balancer to green
-  // 4. Keep blue as backup
-
-  // This is a simplified implementation
-  // In production, you'd manage multiple service instances
-
-  if (service.healthCheck) {
-    const healthUrl = `http://localhost:${service.port}${service.healthCheck.path}`
-    const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
-
-    if (!isHealthy) {
-      throw new Error(`Service ${service.name} failed health check during blue-green deployment`)
+  // For blue-green deployment with single instance:
+  // 1. New container is already started on temporary port (handled in deploy command)
+  // 2. Run health checks on new container
+  // 3. Switch nginx to new port (handled in deploy command)
+  // 4. Stop old container and promote new one (handled in deploy command)
+
+  if (!tempInfo || !tempInfo.oldContainerExists) {
+    // No existing container, just check health on the new container
+    if (service.healthCheck) {
+      const healthUrl = `http://localhost:${service.port}${service.healthCheck.path}`
+      const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
+
+      if (!isHealthy) {
+        throw new Error(`Service ${service.name} failed health check during blue-green deployment`)
+      }
+    }
+  } else {
+    // Check health on temporary port
+    if (service.healthCheck) {
+      const healthUrl = `http://localhost:${tempInfo.tempPort}${service.healthCheck.path}`
+      const isHealthy = await performHealthCheck(healthUrl, deploymentConfig.healthCheckTimeout)
+
+      if (!isHealthy) {
+        throw new Error(
+          `Service ${service.name} failed health check on temporary container during blue-green deployment`
+        )
+      }
     }
   }
 }