PyPI - raijin-server - Versions diffs - 0.2.40__py3-none-any.whl → 0.3.0__py3-none-any.whl - Mend

raijin-server 0.2.40py3-none-any.whl → 0.3.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of raijin-server might be problematic. Click here for more details.

Files changed (18) hide show

raijin_server/__init__.py +1 -1
raijin_server/cli.py +6 -0
raijin_server/modules/__init__.py +3 -1
raijin_server/modules/grafana.py +365 -16
raijin_server/modules/internal_dns.py +446 -0
raijin_server/modules/kong.py +8 -4
raijin_server/modules/minio.py +24 -53
raijin_server/modules/observability_ingress.py +29 -1
raijin_server/modules/prometheus.py +266 -3
raijin_server/modules/traefik.py +35 -1
raijin_server/modules/vpn_client.py +438 -0
raijin_server-0.3.0.dist-info/METADATA +361 -0
{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/RECORD +17 -15
raijin_server-0.2.40.dist-info/METADATA +0 -564
{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/WHEEL +0 -0
{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/entry_points.txt +0 -0
{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/licenses/LICENSE +0 -0
{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/top_level.txt +0 -0

raijin_server-0.3.0.dist-info/METADATA ADDED Viewed

@@ -0,0 +1,361 @@
+Metadata-Version: 2.4
+Name: raijin-server
+Version: 0.3.0
+Summary: CLI para automacao de setup e hardening de servidores Ubuntu Server.
+Home-page: https://example.com/raijin-server
+Author: Equipe Raijin
+License: MIT
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.9
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Intended Audience :: System Administrators
+Classifier: Environment :: Console
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: typer>=0.12
+Requires-Dist: rich>=13.7
+Provides-Extra: yaml
+Requires-Dist: pyyaml>=6.0; extra == "yaml"
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0; extra == "dev"
+Requires-Dist: pytest-cov>=4.0; extra == "dev"
+Requires-Dist: black>=23.0; extra == "dev"
+Requires-Dist: ruff>=0.1; extra == "dev"
+Provides-Extra: all
+Requires-Dist: pyyaml>=6.0; extra == "all"
+Requires-Dist: pytest>=7.0; extra == "all"
+Requires-Dist: pytest-cov>=4.0; extra == "all"
+Requires-Dist: black>=23.0; extra == "all"
+Requires-Dist: ruff>=0.1; extra == "all"
+Dynamic: license-file
+# Raijin Server
+CLI em Python para automatizar setup e hardening de servidores Ubuntu Server. Orquestra rede, firewall, Kubernetes, observabilidade e backups de forma segura e idempotente.
+## Índice
+- [Requisitos](#requisitos)
+- [Instalação](#instalação)
+- [Primeiros Passos](#primeiros-passos)
+- [Módulos Disponíveis](#módulos-disponíveis)
+- [Acesso Remoto Seguro](#acesso-remoto-seguro)
+- [Documentação](#documentação)
+---
+## Requisitos
+- Ubuntu Server 20.04+
+- Python 3.9+
+- 4GB RAM mínimo (8GB recomendado)
+- 20GB disco livre
+```bash
+# Instalar dependências Python (se necessário)
+sudo apt update && sudo apt install -y python3 python3-venv python3-pip
+```
+---
+## Instalação
+> ⚠️ **Importante:** Sempre use um ambiente virtual (venv) para isolar dependências.
+### 1. Criar ambiente virtual
+```bash
+# Criar venv chamado "midgard"
+python3 -m venv ~/.venvs/midgard
+# Ativar o venv
+source ~/.venvs/midgard/bin/activate
+# Atualizar pip
+pip install -U pip setuptools
+```
+### 2. Instalar Raijin Server
+```bash
+# Instalar do PyPI (substitua X.X.X pela versão desejada)
+pip install raijin-server==X.X.X
+```
+### 3. Executar com sudo
+O Raijin precisa de permissões root. Use `-E` para preservar o venv:
+```bash
+# Verificar instalação
+sudo -E ~/.venvs/midgard/bin/raijin-server --version
+# Abrir menu interativo
+sudo -E ~/.venvs/midgard/bin/raijin-server menu
+```
+### 4. Desativar venv (quando terminar)
+```bash
+deactivate
+```
+> 💡 **Dica:** Para reinstalar, remova o venv (`rm -rf ~/.venvs/midgard`) e repita os passos.
+---
+## Primeiros Passos
+### Validar Sistema
+Verifica se o sistema atende aos pré-requisitos:
+```bash
+sudo -E ~/.venvs/midgard/bin/raijin-server validate
+```
+### Menu Interativo
+Forma mais fácil de usar - navegue pelos módulos visualmente:
+```bash
+sudo -E ~/.venvs/midgard/bin/raijin-server menu
+```
+### Instalação Completa Automatizada
+Instala tudo de uma vez, na ordem correta:
+```bash
+sudo -E ~/.venvs/midgard/bin/raijin-server full-install
+```
+**Opções úteis:**
+| Opção | Descrição |
+|-------|-----------|
+| `--select-steps` | Escolher módulos antes de executar |
+| `--confirm-each` | Confirmar cada módulo |
+| `--dry-run` | Simular sem aplicar mudanças |
+| `--steps "a,b,c"` | Executar módulos específicos |
+### Executar Módulo Específico
+```bash
+# Exemplo: instalar apenas Kubernetes
+sudo -E ~/.venvs/midgard/bin/raijin-server kubernetes
+# Modo dry-run (apenas simula)
+sudo -E ~/.venvs/midgard/bin/raijin-server --dry-run kubernetes
+```
+---
+## Módulos Disponíveis
+### 🔧 Base do Sistema
+| Módulo | Descrição |
+|--------|-----------|
+| `sanitize` | Remove instalações antigas do Kubernetes |
+| `bootstrap` | Instala helm, kubectl, containerd |
+| `essentials` | Pacotes básicos (curl, git, jq, etc.) |
+| `hardening` | Fail2ban, sysctl, unattended-upgrades |
+| `network` | IP estático via Netplan (opcional) |
+| `firewall` | Regras UFW para SSH/HTTP/HTTPS/K8s |
+### ☸️ Kubernetes
+| Módulo | Descrição |
+|--------|-----------|
+| `kubernetes` | Inicializa cluster com kubeadm |
+| `calico` | CNI com network policies |
+| `metallb` | LoadBalancer para bare metal |
+| `secrets` | Sealed-secrets + external-secrets |
+| `cert-manager` | Certificados TLS automáticos |
+### 🌐 Ingress (escolha um)
+| Módulo | Descrição |
+|--------|-----------|
+| `traefik` | Ingress controller com TLS/ACME |
+| `kong` | API Gateway avançado |
+### 📊 Observabilidade
+| Módulo | Descrição |
+|--------|-----------|
+| `prometheus` | Métricas e alertas |
+| `grafana` | Dashboards de visualização |
+| `loki` | Agregação de logs |
+| `observability-ingress` | Ingress seguro para dashboards |
+| `observability-dashboards` | Dashboards pré-configurados |
+### 💾 Storage e Mensageria
+| Módulo | Descrição |
+|--------|-----------|
+| `minio` | Object storage S3-compatível |
+| `kafka` | Mensageria distribuída |
+| `velero` | Backup e restore do cluster |
+### 🔒 VPN e Segurança
+| Módulo | Descrição |
+|--------|-----------|
+| `vpn` | Servidor WireGuard + cliente inicial |
+| `vpn-client` | Gerenciar clientes VPN (adicionar/remover) |
+| `ssh-hardening` | Políticas seguras de SSH |
+| `internal-dns` | DNS interno (*.asgard.internal) |
+### 🚀 Service Mesh
+| Módulo | Descrição |
+|--------|-----------|
+| `istio` | Service mesh completo |
+---
+## Acesso Remoto Seguro
+O Raijin prioriza segurança. Dashboards administrativos **não são expostos publicamente** por padrão.
+### Opção 1: VPN (Recomendado)
+```bash
+# 1. Configurar servidor VPN
+sudo -E ~/.venvs/midgard/bin/raijin-server vpn
+# 2. Adicionar clientes
+sudo -E ~/.venvs/midgard/bin/raijin-server vpn-client
+# 3. Configurar DNS interno (opcional, mas muito útil!)
+sudo -E ~/.venvs/midgard/bin/raijin-server internal-dns
+```
+Após conectar à VPN, acesse diretamente:
+- `http://grafana.asgard.internal`
+- `http://prometheus.asgard.internal`
+- `http://minio.asgard.internal`
+### Opção 2: Port-Forward via SSH
+```bash
+# Grafana
+ssh -L 3000:localhost:3000 usuario@servidor
+kubectl port-forward svc/grafana -n observability 3000:80
+# Acesse: http://localhost:3000
+```
+### Opção 3: Script Automatizado
+```bash
+# Iniciar todos os port-forwards
+~/raijin-server/scripts/port-forward-all.sh start
+# Parar
+~/raijin-server/scripts/port-forward-all.sh stop
+```
+---
+## Documentação
+| Documento | Descrição |
+|-----------|-----------|
+| [ARCHITECTURE.md](ARCHITECTURE.md) | Arquitetura técnica do ambiente |
+| [SECURITY.md](SECURITY.md) | Políticas de segurança |
+| [AUDIT.md](AUDIT.md) | Relatório de auditoria |
+| [docs/INFRASTRUCTURE_GUIDE.md](docs/INFRASTRUCTURE_GUIDE.md) | Guia completo de infraestrutura |
+| [docs/VPN_REMOTE_ACCESS.md](docs/VPN_REMOTE_ACCESS.md) | Configuração de VPN |
+| [docs/INTERNAL_DNS.md](docs/INTERNAL_DNS.md) | DNS interno para domínios privados |
+| [docs/VISUAL_TOOLS.md](docs/VISUAL_TOOLS.md) | Ferramentas visuais (Lens, K9s) |
+| [docs/SSH_WINDOWS.md](docs/SSH_WINDOWS.md) | Acesso SSH do Windows |
+| [docs/MINIO_OPERATIONS.md](docs/MINIO_OPERATIONS.md) | Operações do MinIO |
+---
+## Comandos Úteis
+```bash
+# Atalho para o comando (após ativar venv)
+alias raijin='sudo -E ~/.venvs/midgard/bin/raijin-server'
+# Exemplos
+raijin --version
+raijin validate
+raijin menu
+raijin --dry-run kubernetes
+```
+### Logs e Debug
+```bash
+# Ver logs do CLI
+raijin debug logs --lines 200
+# Seguir logs em tempo real
+raijin debug logs --follow
+# Snapshot do cluster
+raijin debug kube --events 100
+```
+---
+## Desenvolvimento
+### Instalar em modo dev
+```bash
+# Clonar repositório
+git clone https://github.com/rafaelluisdacostacoelho/raijin-server
+cd raijin-server
+# Criar venv de desenvolvimento
+python3 -m venv .venv
+source .venv/bin/activate
+# Instalar em modo editável
+pip install -e ".[dev]"
+# Rodar testes
+pytest
+```
+### Publicar no PyPI
+```bash
+# 1. Criar venv limpo para publicação
+python3 -m venv ~/.venvs/publish
+source ~/.venvs/publish/bin/activate
+pip install -U pip build twine
+# 2. Build
+rm -rf dist build
+python -m build
+# 3. Publicar (configure TWINE_API_TOKEN no .env)
+./release.sh X.X.X
+```
+---
+## Destaques
+- ✅ **Validações automáticas** de pré-requisitos
+- ✅ **Health checks** após cada instalação
+- ✅ **Retry inteligente** com backoff exponencial
+- ✅ **Logging estruturado** com rotação
+- ✅ **Modo dry-run** para simular mudanças
+- ✅ **Idempotente** - re-execução segura
+- ✅ **VPN-first** - dashboards seguros por padrão
+---
+## Licença
+MIT License - veja [LICENSE](LICENSE) para detalhes.

{raijin_server-0.2.40.dist-info → raijin_server-0.3.0.dist-info}/RECORD RENAMED Viewed

@@ -1,11 +1,11 @@
-raijin_server/__init__.py,sha256=PET19zpBabvgsdbOZwr8T9CyQlc69zOhgFzYRP5DDI8,95
-raijin_server/cli.py,sha256=2m7q1znMLbBdnUwN6oOUrCZXEqC2e7SfbjYkymbP4lQ,37884
+raijin_server/__init__.py,sha256=MvrRbjHr0fpwAuK-h3JmhGK1xckNu_HpfUU0CsifboQ,94
+raijin_server/cli.py,sha256=rqkAQCU5imi52YJCIeEuZqWo8bWYkVErOQh3JpKIDok,38149
 raijin_server/config.py,sha256=QNiEVvrbW56XgvNn5-h3bkJm46Xc8mjNqPbvixXD8N0,4829
 raijin_server/healthchecks.py,sha256=lzXdFw6S0hOYbUKbqksh4phb04lXgXdTspP1Dsz4dx8,15401
 raijin_server/module_manager.py,sha256=Wmhj603CN0XGUVr7_Fo8CHzKd9yIbS9x5BJLqDj78kw,10259
 raijin_server/utils.py,sha256=9RnGnPoUTYOpMVRLNa4P4lIQrJNQLkSkPUxycZRGv78,20827
 raijin_server/validators.py,sha256=EATYPy2pllAb6IX4gUZKnELvospWwyGV3DHrzxb_RMg,11761
-raijin_server/modules/__init__.py,sha256=e_IbkhLGPcF8to9QUmIESP6fpcTOYcIhaXLKIvqRJMY,920
+raijin_server/modules/__init__.py,sha256=ojxAdnJfXifNUVa4WuLVh97jHqeVzIi6DZ_fAtXB9tM,984
 raijin_server/modules/apokolips_demo.py,sha256=8ltsXRbVDwlDwLMIvh02NG-FeAfBWw_v6lh7IGOyNqs,13725
 raijin_server/modules/bootstrap.py,sha256=oVIGNRW_JbgY8zXNHGAIP0vGbbHNHyQexthxo5zhbcw,9762
 raijin_server/modules/calico.py,sha256=TTPF1bLFdAKb3IVOqFqRxNblULkRmMMRylsIBp4w8I8,6700
@@ -13,34 +13,36 @@ raijin_server/modules/cert_manager.py,sha256=XkFlXJjiP4_9It_PJaFcVYMS-QKTzzFAt83
 raijin_server/modules/essentials.py,sha256=2xUXCyCQtFGd2DnCKV81N1R6bEJqH8zaet8mLovtQ1I,689
 raijin_server/modules/firewall.py,sha256=h6AISqiZeTinVT7BjmQIS872qRAFZJLg7meqlth3cfw,757
 raijin_server/modules/full_install.py,sha256=xiKe2GLuZ97c4YdTmhP-kwDVuJJ9Xq3dlgcLlqSPeYM,15518
-raijin_server/modules/grafana.py,sha256=DdDLxmTeFnDRvcRLkpg1RuR9o1ZAArk2W-DTLLyfWHg,6009
+raijin_server/modules/grafana.py,sha256=r4U6FJZ9OeTk4d3LDJT0NbN8wumB3REMtd3E3PRL_oE,17383
 raijin_server/modules/hardening.py,sha256=4hz3ifkMhPlXa2n7gPxN0gitQgzALZ-073vuU3LM4RI,1616
 raijin_server/modules/harness.py,sha256=uWTxTVJlY_VB6xi4ftMtTSaIb96HA8WJQS-RbyxU45M,5391
+raijin_server/modules/internal_dns.py,sha256=Jynngq0TEEUo3jkAR4m8F1ihF10rkQuKHVP-gZYyDFY,15191
 raijin_server/modules/istio.py,sha256=o0K5-Fw4LRs-kbAVgwzYxHzEt_aPFJG8suqOqvg2748,7297
 raijin_server/modules/kafka.py,sha256=n7ZpLPWv6sKBJhdBiPe7VgeDB24YiCIOWvOQkWwt03Y,5664
-raijin_server/modules/kong.py,sha256=eDSagvEP9_BCs9pZ-pCVs1BDdlYOoJfY5PnUSiTvvgc,13416
+raijin_server/modules/kong.py,sha256=_w1VIkND6zZuUwIl_CNDxbwWdzaEdXZEO_Iqc1ngPwQ,13654
 raijin_server/modules/kubernetes.py,sha256=9E6zV0zGQWZW92NVpxwYctpi-4JDmi6YzF3tKRI4HlU,13343
 raijin_server/modules/loki.py,sha256=aNiUpnOFppZMXoQwYhn7IoPMzwUz4aHi6pbiqj1PRjc,5022
 raijin_server/modules/metallb.py,sha256=uUuklc_RsQ-W2qDVRMQAxQm9HKGEqso444b1IwBpM6w,8554
-raijin_server/modules/minio.py,sha256=XvWg4XJ2URZhiJYHrqf1Eg5tvLGXMxu45Rr_9C58SP4,18915
+raijin_server/modules/minio.py,sha256=QbladHGefZBZ8l3f9D7t45nwfwVcuAgHi78E4Ygi300,17614
 raijin_server/modules/network.py,sha256=QRlYdcryCCPAWG3QQ_W7ld9gJgETI7H8gwntOU7UqFE,4818
 raijin_server/modules/observability_dashboards.py,sha256=fVz0WEOQrUTF5rJ__Nu_onyBuwL_exFmysWMmg8AE9w,7319
-raijin_server/modules/observability_ingress.py,sha256=Fh1rlFWueBNHnOkHuoHYyhILmpO-iQXINybSUYbYsHQ,5738
-raijin_server/modules/prometheus.py,sha256=wT9jdcC-8vVysVKgMR5isGbxxpvGFPRf7fhMAGd9kJU,10761
+raijin_server/modules/observability_ingress.py,sha256=S4MtJKahiZ1qSx0P71P3IhKvq4RY-g01Z4IogW3c1hs,7045
+raijin_server/modules/prometheus.py,sha256=y5sy_mH1YeQWTOt5CNqqj5JD92-GMxbWQaaZKwx505U,19728
 raijin_server/modules/sanitize.py,sha256=_RnWn1DUuNrzx3NnKEbMvf5iicgjiN_ubwT59e0rYWY,6040
 raijin_server/modules/secrets.py,sha256=d4j12feQL8m_4-hYN5FfboQHvBc75TFeGno3OzrXokE,9266
 raijin_server/modules/ssh_hardening.py,sha256=Zd0dlylUBr01SkrI1CS05-0DB9xIto5rWH1bUVs80ow,5422
-raijin_server/modules/traefik.py,sha256=crEYIqAidAhh_H93qIvCbTtJ7BjO-3ef77alLc_--Gg,3535
+raijin_server/modules/traefik.py,sha256=omziywss4o-8t64Kj-upLqbXdFYm2JwqOoOukDUmqxY,5008
 raijin_server/modules/velero.py,sha256=yDtqd6yUu0L5wzLCjYXqvvxB_RyaAoZtntb6HoHVAOo,5642
 raijin_server/modules/vpn.py,sha256=hF-0vA17VKTxhQLDBSEeqI5aPQpiaaj4IpUf9l6lr64,8297
+raijin_server/modules/vpn_client.py,sha256=sea5PtJB3Q612cVvW4Pz8_fEN7Zu0eNf34D2uEfHnkw,13463
 raijin_server/scripts/__init__.py,sha256=deduGfHf8BMVWred4ux5LfBDT2NJ5XYeJAt2sDEU4qs,53
 raijin_server/scripts/checklist.sh,sha256=j6E0Kmk1EfjLvKK1VpCqzXJAXI_7Bm67LK4ndyCxWh0,1842
 raijin_server/scripts/install.sh,sha256=Y1ickbQ4siQ0NIPs6UgrqUr8WWy7U0LHmaTQbEgavoI,3949
 raijin_server/scripts/log_size_metric.sh,sha256=Iv4SsX8AuCYRou-klYn32mX41xB6j0xJGLBO6riw4rU,1208
 raijin_server/scripts/pre-deploy-check.sh,sha256=XqMo7IMIpwUHF17YEmU0-cVmTDMoCGMBFnmS39FidI4,4912
-raijin_server-0.2.40.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
-raijin_server-0.2.40.dist-info/METADATA,sha256=gpXIeSzpsrBImaDzxLWQgddp1QZa3rOJmn3fZJ18HfA,22851
-raijin_server-0.2.40.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-raijin_server-0.2.40.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
-raijin_server-0.2.40.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
-raijin_server-0.2.40.dist-info/RECORD,,
+raijin_server-0.3.0.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
+raijin_server-0.3.0.dist-info/METADATA,sha256=nyqyXiUg4iGNViT9GKvXT1zelFsKUya3HO3QBBAjeVM,8761
+raijin_server-0.3.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+raijin_server-0.3.0.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
+raijin_server-0.3.0.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
+raijin_server-0.3.0.dist-info/RECORD,,

raijin-server 0.2.40__py3-none-any.whl → 0.3.0__py3-none-any.whl

Potentially problematic release.

raijin-server 0.2.40py3-none-any.whl → 0.3.0py3-none-any.whl