PyPI - raijin-server - Versions diffs - 0.1.0__py3-none-any.whl → 0.2.1__py3-none-any.whl - Mend

raijin-server 0.1.0py3-none-any.whl → 0.2.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

raijin_server/__init__.py +1 -1
raijin_server/cli.py +76 -5
raijin_server/healthchecks.py +76 -0
raijin_server/modules/__init__.py +11 -2
raijin_server/modules/apokolips_demo.py +378 -0
raijin_server/modules/bootstrap.py +65 -0
raijin_server/modules/calico.py +93 -22
raijin_server/modules/cert_manager.py +127 -0
raijin_server/modules/full_install.py +54 -19
raijin_server/modules/network.py +96 -2
raijin_server/modules/observability_dashboards.py +233 -0
raijin_server/modules/observability_ingress.py +218 -0
raijin_server/modules/sanitize.py +142 -0
raijin_server/modules/secrets.py +109 -0
raijin_server/modules/ssh_hardening.py +128 -0
raijin_server/modules/traefik.py +1 -1
raijin_server/modules/vpn.py +68 -3
raijin_server/scripts/__init__.py +1 -0
raijin_server/scripts/checklist.sh +60 -0
raijin_server/scripts/install.sh +134 -0
raijin_server/scripts/log_size_metric.sh +31 -0
raijin_server/scripts/pre-deploy-check.sh +183 -0
raijin_server/utils.py +45 -12
raijin_server/validators.py +43 -4
raijin_server-0.2.1.dist-info/METADATA +407 -0
raijin_server-0.2.1.dist-info/RECORD +44 -0
raijin_server-0.1.0.dist-info/METADATA +0 -219
raijin_server-0.1.0.dist-info/RECORD +0 -32
{raijin_server-0.1.0.dist-info → raijin_server-0.2.1.dist-info}/WHEEL +0 -0
{raijin_server-0.1.0.dist-info → raijin_server-0.2.1.dist-info}/entry_points.txt +0 -0
{raijin_server-0.1.0.dist-info → raijin_server-0.2.1.dist-info}/licenses/LICENSE +0 -0
{raijin_server-0.1.0.dist-info → raijin_server-0.2.1.dist-info}/top_level.txt +0 -0

raijin_server/__init__.py CHANGED Viewed

@@ -1,5 +1,5 @@
 """Pacote principal do CLI Raijin Server."""
-__version__ = "0.1.0"
+__version__ = "0.2.1"
 __all__ = ["__version__"]

raijin_server/cli.py CHANGED Viewed

@@ -10,14 +10,18 @@ import typer
 from rich import box
 from rich.console import Console
 from rich.panel import Panel
-from rich.prompt import Confirm, Prompt
+from rich.prompt import Prompt
 from rich.table import Table
 from raijin_server import __version__
 from raijin_server.modules import (
+    apokolips_demo,
+    bootstrap,
     calico,
+    cert_manager,
     essentials,
     firewall,
+    full_install,
     grafana,
     harness,
     hardening,
@@ -28,11 +32,15 @@ from raijin_server.modules import (
     loki,
     minio,
     network,
+    observability_dashboards,
+    observability_ingress,
     prometheus,
+    secrets,
+    sanitize,
+    ssh_hardening,
     traefik,
     velero,
-    bootstrap,
-    full_install,
+    vpn,
 )
 from raijin_server.utils import ExecutionContext, logger
 from raijin_server.validators import validate_system_requirements, check_module_dependencies
@@ -65,19 +73,27 @@ BANNER = r"""
 """
 MODULES: Dict[str, Callable[[ExecutionContext], None]] = {
+    "sanitize": sanitize.run,
     "bootstrap": bootstrap.run,
+    "ssh_hardening": ssh_hardening.run,
     "hardening": hardening.run,
     "network": network.run,
     "essentials": essentials.run,
     "firewall": firewall.run,
+    "vpn": vpn.run,
     "kubernetes": kubernetes.run,
     "calico": calico.run,
+    "cert_manager": cert_manager.run,
     "istio": istio.run,
     "traefik": traefik.run,
     "kong": kong.run,
     "minio": minio.run,
     "prometheus": prometheus.run,
     "grafana": grafana.run,
+    "observability_ingress": observability_ingress.run,
+    "observability_dashboards": observability_dashboards.run,
+    "apokolips_demo": apokolips_demo.run,
+    "secrets": secrets.run,
     "loki": loki.run,
     "harness": harness.run,
     "velero": velero.run,
@@ -86,19 +102,27 @@ MODULES: Dict[str, Callable[[ExecutionContext], None]] = {
 }
 MODULE_DESCRIPTIONS: Dict[str, str] = {
+    "sanitize": "Remove instalacoes antigas de Kubernetes e prepara ambiente",
     "bootstrap": "Instala ferramentas: helm, kubectl, istioctl, velero, containerd",
+    "ssh_hardening": "Configura usuario dedicado, chaves e politicas de SSH",
     "hardening": "Ajustes de kernel, auditd, fail2ban",
     "network": "Netplan, hostname, DNS",
     "essentials": "Pacotes basicos, repos, utilitarios",
     "firewall": "Regras UFW padrao e serviços basicos",
+    "vpn": "Provisiona WireGuard com cliente inicial",
     "kubernetes": "Instala kubeadm/kubelet/kubectl e inicializa cluster",
     "calico": "CNI Calico e politica default deny",
+    "cert_manager": "Instala cert-manager e ClusterIssuer ACME",
     "istio": "Service mesh Istio via Helm",
     "traefik": "Ingress controller Traefik com TLS",
     "kong": "Ingress/Gateway Kong via Helm",
     "minio": "Objeto storage S3-compat via Helm",
     "prometheus": "Stack kube-prometheus",
     "grafana": "Dashboards e datasource Prometheus",
+    "observability_ingress": "Ingress seguro com auth/TLS para Grafana/Prometheus/Alertmanager",
+    "observability_dashboards": "Dashboards Grafana + alertas default Prometheus/Alertmanager",
+    "apokolips_demo": "Landing page Apokolips para testar ingress externo",
+    "secrets": "Instala sealed-secrets e external-secrets via Helm",
     "loki": "Logs centralizados Loki",
     "harness": "Delegate Harness via Helm",
     "velero": "Backup/restore de clusters",
@@ -193,7 +217,7 @@ def _select_state_dir() -> Path:
     fallback = Path("/tmp/raijin-state")
     fallback.mkdir(parents=True, exist_ok=True)
-    console.print(f"[yellow]Usando fallback /tmp/raijin-state para marcar conclusao[/yellow]")
+    console.print("[yellow]Usando fallback /tmp/raijin-state para marcar conclusao[/yellow]")
     _STATE_DIR_CACHE = fallback
     return fallback
@@ -241,6 +265,14 @@ def _render_menu(dry_run: bool) -> int:
     return exit_idx
+def _version_callback(value: bool) -> None:
+    """Imprime a versao e encerra imediatamente."""
+    if value:
+        typer.echo(f"raijin-server {__version__}")
+        raise typer.Exit()
 def interactive_menu(ctx: typer.Context) -> None:
     exec_ctx = ctx.obj or ExecutionContext()
     current_dry_run = exec_ctx.dry_run
@@ -291,6 +323,15 @@ def main(
     module: Optional[str] = typer.Option(None, "-m", "--module", help="Modulo a executar"),
     dry_run: bool = typer.Option(False, "-n", "--dry-run", help="Mostra comandos sem executa-los."),
     skip_validation: bool = typer.Option(False, "--skip-validation", help="Pula validacoes de pre-requisitos"),
+    skip_root: bool = typer.Option(False, "--skip-root", help="Permite validar sem exigir root (nao recomendado)"),
+    version: Optional[bool] = typer.Option(
+        None,
+        "--version",
+        "-V",
+        is_eager=True,
+        callback=_version_callback,
+        help="Mostra a versao do CLI e sai",
+    ),
 ) -> None:
     """Mostra um menu simples quando nenhum subcomando e informado."""
@@ -298,7 +339,7 @@ def main(
     # Executa validacoes de pre-requisitos
     if not skip_validation and not dry_run:
-        if not validate_system_requirements(ctx.obj, skip_root=False):
+        if not validate_system_requirements(ctx.obj, skip_root=skip_root):
             typer.secho("\nAbortando devido a pre-requisitos nao atendidos.", fg=typer.colors.RED)
             typer.echo("Use --skip-validation para pular validacoes (nao recomendado).")
             raise typer.Exit(code=1)
@@ -324,6 +365,11 @@ def hardening(ctx: typer.Context) -> None:
     _run_module(ctx, "hardening")
+@app.command(name="ssh-hardening")
+def ssh_hardening_cmd(ctx: typer.Context) -> None:
+    _run_module(ctx, "ssh_hardening")
 @app.command()
 def network(ctx: typer.Context) -> None:
     _run_module(ctx, "network")
@@ -379,6 +425,21 @@ def grafana(ctx: typer.Context) -> None:
     _run_module(ctx, "grafana")
+@app.command(name="apokolips-demo")
+def apokolips_demo_cmd(ctx: typer.Context) -> None:
+    _run_module(ctx, "apokolips_demo")
+@app.command(name="observability-ingress")
+def observability_ingress_cmd(ctx: typer.Context) -> None:
+    _run_module(ctx, "observability_ingress")
+@app.command(name="observability-dashboards")
+def observability_dashboards_cmd(ctx: typer.Context) -> None:
+    _run_module(ctx, "observability_dashboards")
 @app.command()
 def loki(ctx: typer.Context) -> None:
     _run_module(ctx, "loki")
@@ -399,6 +460,16 @@ def kafka(ctx: typer.Context) -> None:
     _run_module(ctx, "kafka")
+@app.command()
+def vpn(ctx: typer.Context) -> None:
+    _run_module(ctx, "vpn")
+@app.command()
+def sanitize(ctx: typer.Context) -> None:
+    _run_module(ctx, "sanitize")
 @app.command(name="bootstrap")
 def bootstrap_cmd(ctx: typer.Context) -> None:
     """Instala todas as ferramentas necessarias: helm, kubectl, istioctl, velero, containerd."""

raijin_server/healthchecks.py CHANGED Viewed

@@ -10,6 +10,10 @@ import typer
 from raijin_server.utils import ExecutionContext, logger
+SEALED_NS = "kube-system"
+ESO_NS = "external-secrets"
+CERT_NS = "cert-manager"
 def wait_for_condition(
     check_fn: Callable[[], bool],
@@ -259,6 +263,75 @@ def verify_helm_chart(release: str, namespace: str, ctx: ExecutionContext) -> bo
     return check_k8s_pods_in_namespace(namespace, ctx, timeout=180)
+def verify_cert_manager(ctx: ExecutionContext) -> bool:
+    """Health check para cert-manager."""
+    return verify_helm_chart("cert-manager", CERT_NS, ctx)
+def verify_secrets(ctx: ExecutionContext) -> bool:
+    """Health check para sealed-secrets e external-secrets."""
+    typer.secho("\n=== Health Check: Secrets ===", fg=typer.colors.CYAN)
+    sealed_ok = verify_helm_chart("sealed-secrets", SEALED_NS, ctx)
+    eso_ok = verify_helm_chart("external-secrets", ESO_NS, ctx)
+    return sealed_ok and eso_ok
+def verify_apokolips_demo(ctx: ExecutionContext) -> bool:
+    """Health check especifico para a landing page Apokolips."""
+    namespace = "apokolips-demo"
+    logger.info("Verificando health check: apokolips-demo")
+    typer.secho("\n=== Health Check: Apokolips Demo ===", fg=typer.colors.CYAN)
+    pods_ok = check_k8s_pods_in_namespace(namespace, ctx, timeout=120)
+    if not pods_ok:
+        return False
+    if ctx.dry_run:
+        return True
+    try:
+        import json
+        result = subprocess.run(
+            [
+                "kubectl",
+                "get",
+                "ingress",
+                "apokolips-demo",
+                "-n",
+                namespace,
+                "-o",
+                "json",
+            ],
+            capture_output=True,
+            text=True,
+            timeout=10,
+        )
+        if result.returncode != 0:
+            typer.secho("  ✗ Nao foi possivel consultar o ingress", fg=typer.colors.YELLOW)
+            logger.warning("kubectl get ingress retornou codigo != 0 para apokolips-demo")
+            return False
+        data = json.loads(result.stdout)
+        ingress_data = data.get("status", {}).get("loadBalancer", {}).get("ingress", [])
+        address = ""
+        if ingress_data:
+            entry = ingress_data[0]
+            address = entry.get("ip") or entry.get("hostname", "")
+        if address:
+            typer.secho(f"  ✓ LoadBalancer publicado ({address})", fg=typer.colors.GREEN)
+            return True
+        typer.secho("  ✗ LoadBalancer ainda sem IP/hostname", fg=typer.colors.YELLOW)
+        return False
+    except Exception as exc:
+        typer.secho(f"  ✗ Erro ao verificar ingress: {exc}", fg=typer.colors.YELLOW)
+        logger.error(f"Erro verificando ingress apokolips-demo: {exc}")
+        return False
 # Mapeamento de modulos para funcoes de health check
 HEALTH_CHECKS = {
     "essentials": verify_essentials,
@@ -273,6 +346,9 @@ HEALTH_CHECKS = {
     "minio": lambda ctx: verify_helm_chart("minio", "minio", ctx),
     "velero": lambda ctx: verify_helm_chart("velero", "velero", ctx),
     "kafka": lambda ctx: verify_helm_chart("kafka", "kafka", ctx),
+    "cert_manager": verify_cert_manager,
+    "secrets": verify_secrets,
+    "apokolips_demo": verify_apokolips_demo,
 }

raijin_server/modules/__init__.py CHANGED Viewed

@@ -1,6 +1,7 @@
 """Colecao de modulos suportados pelo CLI."""
 __all__ = [
+    "sanitize",
     "hardening",
     "network",
     "essentials",
@@ -18,9 +19,17 @@ __all__ = [
     "velero",
     "kafka",
     "bootstrap",
+    "ssh_hardening",
+    "vpn",
+    "observability_ingress",
+    "observability_dashboards",
+    "apokolips_demo",
+    "cert_manager",
+    "secrets",
     "full_install",
 ]
 from raijin_server.modules import calico, essentials, firewall, grafana, harness, hardening, istio
-from raijin_server.modules import kafka, kong, kubernetes, loki, minio, network, prometheus, traefik
-from raijin_server.modules import velero, bootstrap, full_install
+from raijin_server.modules import kafka, kong, kubernetes, loki, minio, network, observability_dashboards
+from raijin_server.modules import observability_ingress, prometheus, traefik, velero, apokolips_demo, secrets, cert_manager
+from raijin_server.modules import bootstrap, full_install, sanitize, ssh_hardening, vpn

raijin_server/modules/apokolips_demo.py ADDED Viewed

@@ -0,0 +1,378 @@
+"""Provisiona uma landing page tema Apokolips para validar ingress."""
+from __future__ import annotations
+import os
+from pathlib import Path
+from textwrap import dedent, indent
+import typer
+from raijin_server.utils import ExecutionContext, ensure_tool, run_cmd, write_file
+NAMESPACE = "apokolips-demo"
+TMP_MANIFEST = Path("/tmp/raijin-apokolips.yaml")
+DEFAULT_HOST = "apokolips.raijin.local"
+HTML_TEMPLATE = dedent(
+    """
+    <!DOCTYPE html>
+    <html lang="pt-BR">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>Apokolips Signal Check</title>
+        <link rel="preconnect" href="https://fonts.googleapis.com">
+        <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+        <link href="https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;600&family=Unica+One&display=swap" rel="stylesheet">
+        <style>
+            :root {
+                --lava: #ff4d00;
+                --ember: #ff9500;
+                --ash: #2c2c34;
+                --void: #050007;
+                --smoke: #a0a3b1;
+            }
+            * {
+                box-sizing: border-box;
+            }
+            body {
+                margin: 0;
+                padding: 0;
+                min-height: 100vh;
+                font-family: 'Space Grotesk', sans-serif;
+                color: #f7f7ff;
+                background: radial-gradient(circle at top, rgba(255,77,0,0.45), rgba(5,0,7,0.9)), #050007;
+                display: flex;
+                align-items: center;
+                justify-content: center;
+                overflow: hidden;
+            }
+            .atmosphere {
+                position: absolute;
+                inset: 0;
+                background: url('https://www.transparenttextures.com/patterns/asfalt-dark.png');
+                opacity: 0.35;
+                mix-blend-mode: screen;
+                pointer-events: none;
+            }
+            .container {
+                width: min(960px, 90vw);
+                background: linear-gradient(135deg, rgba(20,22,35,0.9), rgba(10,12,22,0.95));
+                border: 1px solid rgba(255,255,255,0.08);
+                border-radius: 28px;
+                padding: 48px;
+                position: relative;
+                overflow: hidden;
+                box-shadow: 0 40px 120px rgba(0,0,0,0.55);
+                animation: rise 1.2s ease forwards;
+            }
+            .container::before, .container::after {
+                content: '';
+                position: absolute;
+                width: 320px;
+                height: 320px;
+                border-radius: 50%;
+                background: radial-gradient(circle, rgba(255,77,0,0.45), transparent 60%);
+                filter: blur(20px);
+                z-index: 0;
+            }
+            .container::before {
+                top: -120px;
+                right: -60px;
+            }
+            .container::after {
+                bottom: -140px;
+                left: -80px;
+                background: radial-gradient(circle, rgba(255,149,0,0.4), transparent 60%);
+            }
+            @keyframes rise {
+                from { transform: translateY(40px); opacity: 0; }
+                to { transform: translateY(0); opacity: 1; }
+            }
+            h1 {
+                font-family: 'Unica One', sans-serif;
+                font-size: clamp(3rem, 5vw, 4.5rem);
+                letter-spacing: 0.08em;
+                text-transform: uppercase;
+                color: var(--lava);
+                margin: 0 0 12px;
+                z-index: 1;
+            }
+            .subhead {
+                font-size: 1.15rem;
+                color: var(--smoke);
+                letter-spacing: 0.05em;
+                margin-bottom: 32px;
+                text-transform: uppercase;
+            }
+            .panels {
+                display: grid;
+                grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
+                gap: 24px;
+                z-index: 1;
+            }
+            .panel {
+                background: rgba(12,14,24,0.85);
+                border-radius: 18px;
+                padding: 20px;
+                border: 1px solid rgba(255,255,255,0.05);
+            }
+            .panel h2 {
+                font-size: 0.95rem;
+                text-transform: uppercase;
+                letter-spacing: 0.08em;
+                color: var(--ember);
+                margin: 0 0 12px;
+            }
+            .status {
+                display: flex;
+                flex-direction: column;
+                gap: 6px;
+                font-size: 1rem;
+                color: var(--smoke);
+            }
+            .status span::before {
+                content: '●';
+                margin-right: 8px;
+                color: var(--lava);
+            }
+            .cta {
+                margin-top: 36px;
+                display: flex;
+                flex-wrap: wrap;
+                gap: 18px;
+                z-index: 1;
+            }
+            a.button {
+                background: linear-gradient(135deg, var(--lava), var(--ember));
+                color: #050007;
+                text-decoration: none;
+                padding: 14px 26px;
+                border-radius: 999px;
+                font-weight: 600;
+                letter-spacing: 0.08em;
+                text-transform: uppercase;
+                transition: transform 0.2s ease, box-shadow 0.2s ease;
+            }
+            a.button:hover {
+                transform: translateY(-2px);
+                box-shadow: 0 20px 35px rgba(255,77,0,0.25);
+            }
+            pre {
+                background: rgba(5,0,7,0.75);
+                border-radius: 16px;
+                padding: 16px;
+                color: var(--smoke);
+                font-size: 0.95rem;
+                line-height: 1.5;
+                overflow-x: auto;
+            }
+            footer {
+                margin-top: 28px;
+                font-size: 0.85rem;
+                letter-spacing: 0.04em;
+                color: rgba(247,247,255,0.7);
+            }
+            @media (max-width: 640px) {
+                .container {
+                    padding: 32px 24px;
+                }
+                .cta {
+                    flex-direction: column;
+                }
+            }
+        </style>
+    </head>
+    <body>
+        <div class="atmosphere"></div>
+        <main class="container">
+            <h1>Apokolips Online</h1>
+            <p class="subhead">Canal de prova para ingress / load balancer</p>
+            <section class="panels">
+                <article class="panel">
+                    <h2>Estado</h2>
+                    <div class="status">
+                        <span>Pods sincronizados</span>
+                        <span>ConfigMap montado</span>
+                        <span>Ingress publicado</span>
+                    </div>
+                </article>
+                <article class="panel">
+                    <h2>Checklist</h2>
+                    <div class="status">
+                        <span>DNS aponta para balanceador</span>
+                        <span>TLS (opcional) emitido</span>
+                        <span>Firewall libera HTTP/S</span>
+                    </div>
+                </article>
+                <article class="panel">
+                    <h2>Debug Rápido</h2>
+                    <pre>kubectl -n apokolips-demo get all
+kubectl -n apokolips-demo describe ingress apokolips-demo
+curl -H "Host: SEU_HOST" https://LB_IP/</pre>
+                </article>
+            </section>
+            <div class="cta">
+                <a class="button" href="https://github.com/darkseid/raijin-server" target="_blank" rel="noreferrer noopener">Docs Raijin</a>
+                <a class="button" href="https://status.cloudflare.com/" target="_blank" rel="noreferrer noopener">Status Externo</a>
+            </div>
+            <footer>
+                Se esta página carregou via ingress, seu cluster respondeu à chamada de Apokolips.
+            </footer>
+        </main>
+    </body>
+    </html>
+    """
+)
+def _resolve_host() -> str:
+    env_host = os.environ.get("APOKOLIPS_HOST")
+    if env_host:
+        return env_host.strip()
+    return typer.prompt("Host (FQDN) para o ingress", default=DEFAULT_HOST).strip()
+def _resolve_tls_secret() -> str | None:
+    env_secret = os.environ.get("APOKOLIPS_TLS_SECRET")
+    if env_secret:
+        return env_secret.strip()
+    use_tls = typer.confirm("Deseja referenciar um Secret TLS existente?", default=False)
+    if not use_tls:
+        return None
+    secret = typer.prompt("Nome do Secret TLS", default="apokolips-demo-tls")
+    return secret.strip() or None
+def _build_manifest(host: str, tls_secret: str | None) -> str:
+        html_block = indent(HTML_TEMPLATE.strip("\n"), " " * 4)
+        tls_block = ""
+        if tls_secret:
+                tls_block = (
+                        "  tls:\n"
+                        "  - hosts:\n"
+                        f"    - {host}\n"
+                        f"    secretName: {tls_secret}\n"
+                )
+        template = """\
+apiVersion: v1
+kind: Namespace
+metadata:
+    name: {namespace}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+    name: apokolips-html
+    namespace: {namespace}
+data:
+    index.html: |
+__HTML__
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+    name: apokolips-demo
+    namespace: {namespace}
+    labels:
+        app: apokolips-demo
+spec:
+    replicas: 1
+    selector:
+        matchLabels:
+            app: apokolips-demo
+    template:
+        metadata:
+            labels:
+                app: apokolips-demo
+        spec:
+            containers:
+            - name: apokolips-web
+                image: nginx:1.25
+                ports:
+                - containerPort: 80
+                resources:
+                    limits:
+                        cpu: 100m
+                        memory: 128Mi
+                    requests:
+                        cpu: 50m
+                        memory: 64Mi
+                volumeMounts:
+                - name: site
+                    mountPath: /usr/share/nginx/html
+                    readOnly: true
+            volumes:
+            - name: site
+                configMap:
+                    name: apokolips-html
+---
+apiVersion: v1
+kind: Service
+metadata:
+    name: apokolips-demo
+    namespace: {namespace}
+spec:
+    type: ClusterIP
+    selector:
+        app: apokolips-demo
+    ports:
+    - port: 80
+        targetPort: 80
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+    name: apokolips-demo
+    namespace: {namespace}
+    annotations:
+        traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
+spec:
+    ingressClassName: traefik
+    rules:
+    - host: {host}
+        http:
+            paths:
+            - path: /
+                pathType: Prefix
+                backend:
+                    service:
+                        name: apokolips-demo
+                        port:
+                            number: 80
+__TLS__
+"""
+        manifest = template.format(namespace=NAMESPACE, host=host)
+        manifest = manifest.replace("__HTML__", html_block)
+        manifest = manifest.replace("__TLS__", tls_block.rstrip())
+        return f"{manifest.strip()}\n"
+def run(ctx: ExecutionContext) -> None:
+    ensure_tool("kubectl", ctx, install_hint="Instale kubectl para aplicar o manifesto do site.")
+    host = _resolve_host()
+    tls_secret = _resolve_tls_secret()
+    manifest = _build_manifest(host, tls_secret)
+    typer.echo("Gerando manifesto Apokolips...")
+    write_file(TMP_MANIFEST, manifest, ctx)
+    try:
+        run_cmd(["kubectl", "apply", "-f", str(TMP_MANIFEST)], ctx)
+    finally:
+        TMP_MANIFEST.unlink(missing_ok=True)
+    typer.secho("\nLanding page implantada!", fg=typer.colors.GREEN, bold=True)
+    typer.echo(f"  • Namespace: {NAMESPACE}")
+    typer.echo(f"  • Host: {host}")
+    if tls_secret:
+        typer.echo(f"  • Secret TLS: {tls_secret}")
+    typer.echo("\nTestes sugeridos:")
+    typer.echo(f"  curl -H 'Host: {host}' https://<IP_DO_LOAD_BALANCER>/ --insecure")
+    typer.echo(f"  kubectl -n {NAMESPACE} get ingress {NAMESPACE}")
+    typer.echo(f"  kubectl -n {NAMESPACE} get pods")
+    typer.echo("\nPara remover:")
+    typer.echo(f"  kubectl delete namespace {NAMESPACE}")

raijin-server 0.1.0__py3-none-any.whl → 0.2.1__py3-none-any.whl

raijin-server 0.1.0py3-none-any.whl → 0.2.1py3-none-any.whl