xenfra 0.1.8__tar.gz

xenfra-0.1.8/PKG-INFO

@@ -0,0 +1,95 @@
+Metadata-Version: 2.3
+Name: xenfra
+Version: 0.1.8
+Summary: A 'Zen Mode' infrastructure engine for Python developers.
+Author: xenfra-cloud
+Author-email: xenfra-cloud <xenfracloud@gmail.com>
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Topic :: Software Development :: Build Tools
+Classifier: Topic :: System :: Systems Administration
+Requires-Dist: fabric>=3.2.2
+Requires-Dist: python-digitalocean>=1.17.0
+Requires-Dist: python-dotenv>=1.2.1
+Requires-Dist: rich>=14.2.0
+Requires-Dist: fastapi>=0.110.0
+Requires-Dist: uvicorn[standard]>=0.27.1
+Requires-Dist: click>=8.1.7
+Requires-Dist: sqlmodel>=0.0.16
+Requires-Dist: psycopg2-binary>=2.9.9
+Requires-Dist: python-jose[cryptography]>=3.3.0
+Requires-Dist: passlib>=1.7.4
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: pyyaml>=6.0.1
+Requires-Dist: python-multipart>=0.0.21
+Requires-Dist: bcrypt==4.0.1
+Requires-Dist: jinja2>=3.1.3
+Requires-Dist: pytest>=9.0.2
+Requires-Dist: pytest>=8.0.0 ; extra == 'test'
+Requires-Dist: pytest-mock>=3.12.0 ; extra == 'test'
+Requires-Python: >=3.13
+Project-URL: Homepage, https://github.com/xenfra-cloud/xenfra
+Project-URL: Issues, https://github.com/xenfra-cloud/xenfra/issues
+Provides-Extra: test
+Description-Content-Type: text/markdown
+
+# 🧘 Xenfra: Infrastructure in Zen Mode
+
+**Xenfra** is a modular infrastructure engine for Python developers that automates the deployment of applications to DigitalOcean. It is designed as a library first, with a beautiful and interactive CLI as the default frontend.
+
+It handles the complexity of server provisioning, context-aware configuration, Dockerization, and automatic HTTPS, allowing you to focus on your code.
+
+## ✨ Core Philosophy
+
+*   **Engine as the Brain**: `xenfra.engine` is the core library. It owns the DigitalOcean API, the SSH "Auto-Heal" retry loops, and the Dockerizer services. It is stateful, robust, and can be imported into any Python project.
+*   **Clients as the Face**: Frontends like the default CLI (`xenfra.cli`) are thin, stateless clients responsible only for user interaction.
+*   **Zen Mode**: If a server setup fails due to common issues like a locked package manager, the Engine automatically fixes it without exposing raw errors to the user.
+
+## 🚀 Quickstart
+
+Using the Xenfra CLI involves a simple workflow: **Configure**, **Initialize**, and then **Deploy & Manage**.
+
+### 1. Configure
+
+Xenfra needs your DigitalOcean API token to manage infrastructure on your behalf. Export it as an environment variable:
+
+```bash
+export DIGITAL_OCEAN_TOKEN="dop_v1_your_secret_token_here"
+```
+
+### 2. Initialize
+
+Navigate to your project's root directory and run the `init` command. This command scans your project, asks a few questions, and creates a `xenfra.yaml` configuration file.
+
+```bash
+xenfra init
+```
+You should review the generated `xenfra.yaml` and commit it to your repository.
+
+### 3. Deploy & Manage
+
+Once your project is initialized, you can use the following commands to manage your application:
+
+*   **`xenfra deploy`**: Deploys your application based on the settings in `xenfra.yaml`.
+*   **`xenfra list`**: Instantly lists all your deployed projects from a local cache.
+    *   Use `xenfra list --refresh` to force a sync with your cloud provider.
+*   **`xenfra logs`**: Streams real-time logs from a selected project.
+*   **`xenfra destroy`**: Decommissions and deletes a deployed project.
+
+
+## 📦 Supported Frameworks & Features
+
+*   **Smart Context Detection**: Automatically detects your package manager (`uv` or `pip`).
+*   **Automatic Dockerization**: If a web framework is detected (`FastAPI`, `Flask`), Xenfra will:
+    *   Generate a `Dockerfile`, `docker-compose.yml`, and `Caddyfile`.
+    *   Deploy your application as a container.
+    *   Configure **Caddy** as a reverse proxy with **automatic HTTPS**.
+
+## 🤝 Contributing
+
+Contributions are welcome! Please check our `CONTRIBUTING.md` for more details.
+
+## 📄 Created by DevHusnainAi

xenfra-0.1.8/README.md

@@ -0,0 +1,57 @@
+# 🧘 Xenfra: Infrastructure in Zen Mode
+
+**Xenfra** is a modular infrastructure engine for Python developers that automates the deployment of applications to DigitalOcean. It is designed as a library first, with a beautiful and interactive CLI as the default frontend.
+
+It handles the complexity of server provisioning, context-aware configuration, Dockerization, and automatic HTTPS, allowing you to focus on your code.
+
+## ✨ Core Philosophy
+
+*   **Engine as the Brain**: `xenfra.engine` is the core library. It owns the DigitalOcean API, the SSH "Auto-Heal" retry loops, and the Dockerizer services. It is stateful, robust, and can be imported into any Python project.
+*   **Clients as the Face**: Frontends like the default CLI (`xenfra.cli`) are thin, stateless clients responsible only for user interaction.
+*   **Zen Mode**: If a server setup fails due to common issues like a locked package manager, the Engine automatically fixes it without exposing raw errors to the user.
+
+## 🚀 Quickstart
+
+Using the Xenfra CLI involves a simple workflow: **Configure**, **Initialize**, and then **Deploy & Manage**.
+
+### 1. Configure
+
+Xenfra needs your DigitalOcean API token to manage infrastructure on your behalf. Export it as an environment variable:
+
+```bash
+export DIGITAL_OCEAN_TOKEN="dop_v1_your_secret_token_here"
+```
+
+### 2. Initialize
+
+Navigate to your project's root directory and run the `init` command. This command scans your project, asks a few questions, and creates a `xenfra.yaml` configuration file.
+
+```bash
+xenfra init
+```
+You should review the generated `xenfra.yaml` and commit it to your repository.
+
+### 3. Deploy & Manage
+
+Once your project is initialized, you can use the following commands to manage your application:
+
+*   **`xenfra deploy`**: Deploys your application based on the settings in `xenfra.yaml`.
+*   **`xenfra list`**: Instantly lists all your deployed projects from a local cache.
+    *   Use `xenfra list --refresh` to force a sync with your cloud provider.
+*   **`xenfra logs`**: Streams real-time logs from a selected project.
+*   **`xenfra destroy`**: Decommissions and deletes a deployed project.
+
+
+## 📦 Supported Frameworks & Features
+
+*   **Smart Context Detection**: Automatically detects your package manager (`uv` or `pip`).
+*   **Automatic Dockerization**: If a web framework is detected (`FastAPI`, `Flask`), Xenfra will:
+    *   Generate a `Dockerfile`, `docker-compose.yml`, and `Caddyfile`.
+    *   Deploy your application as a container.
+    *   Configure **Caddy** as a reverse proxy with **automatic HTTPS**.
+
+## 🤝 Contributing
+
+Contributions are welcome! Please check our `CONTRIBUTING.md` for more details.
+
+## 📄 Created by DevHusnainAi

xenfra-0.1.8/pyproject.toml

@@ -0,0 +1,54 @@
+[project]
+name = "xenfra"
+version = "0.1.8"
+description = "A 'Zen Mode' infrastructure engine for Python developers."
+readme = "README.md"
+authors = [
+    { name = "xenfra-cloud", email = "xenfracloud@gmail.com" }
+]
+requires-python = ">=3.13"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Development Status :: 3 - Alpha",
+    "Intended Audience :: Developers",
+    "Topic :: Software Development :: Build Tools",
+    "Topic :: System :: Systems Administration",
+]
+dependencies = [
+    "fabric>=3.2.2",
+    "python-digitalocean>=1.17.0",
+    "python-dotenv>=1.2.1",
+    "rich>=14.2.0",
+    "fastapi>=0.110.0",
+    "uvicorn[standard]>=0.27.1",
+    "click>=8.1.7",
+    "sqlmodel>=0.0.16",
+    "psycopg2-binary>=2.9.9",
+    "python-jose[cryptography]>=3.3.0",
+    "passlib>=1.7.4", # No longer need [bcrypt] extra
+    "httpx>=0.27.0",
+    "PyYAML>=6.0.1", # Explicitly add bcrypt backend
+    "python-multipart>=0.0.21",
+    "bcrypt==4.0.1",
+    "Jinja2>=3.1.3",
+    "pytest>=9.0.2",
+]
+
+[project.urls]
+Homepage = "https://github.com/xenfra-cloud/xenfra"
+Issues = "https://github.com/xenfra-cloud/xenfra/issues"
+
+[project.scripts]
+xenfra = "xenfra.cli.main:main"
+
+[project.optional-dependencies]
+test = [
+    "pytest>=8.0.0",
+    "pytest-mock>=3.12.0",
+]
+
+[build-system]
+requires = ["uv_build>=0.9.18,<0.10.0"]
+build-backend = "uv_build"

xenfra-0.1.8/src/xenfra/__init__.py

@@ -0,0 +1 @@
+# This file makes src/xenfra a Python package.

xenfra-0.1.8/src/xenfra/api/auth.py

@@ -0,0 +1,51 @@
+# src/xenfra/api/auth.py
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlmodel import Session, select
+
+from xenfra.db.session import get_session
+from xenfra.db.models import User, UserCreate, UserRead
+from xenfra.security import get_password_hash, verify_password, create_access_token
+
+router = APIRouter()
+
+@router.post("/register", response_model=UserRead)
+def register_user(user: UserCreate, session: Session = Depends(get_session)):
+    """
+    Create a new user.
+    """
+    db_user = session.exec(select(User).where(User.email == user.email)).first()
+    if db_user:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Email already registered",
+        )
+    
+    hashed_password = get_password_hash(user.password)
+    new_user = User(email=user.email, hashed_password=hashed_password, is_active=True)
+    
+    session.add(new_user)
+    session.commit()
+    session.refresh(new_user)
+    
+    return new_user
+
+@router.post("/token")
+def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), session: Session = Depends(get_session)):
+    """
+    Login user and return a JWT access token.
+    """
+    user = session.exec(select(User).where(User.email == form_data.username)).first()
+    if not user or not verify_password(form_data.password, user.hashed_password):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    
+    if not user.is_active:
+        raise HTTPException(status_code=400, detail="Inactive user")
+
+    access_token = create_access_token(data={"sub": user.email})
+    return {"access_token": access_token, "token_type": "bearer"}

xenfra-0.1.8/src/xenfra/api/billing.py

@@ -0,0 +1,80 @@
+# src/xenfra/api/billing.py
+
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlmodel import Session, select
+from pydantic import BaseModel
+
+from xenfra.db.session import get_session
+from xenfra.db.models import User, Credential
+from xenfra.dependencies import get_current_active_user # Corrected import
+from xenfra.engine import InfraEngine
+from xenfra.security import decrypt_token
+from xenfra.models import DropletCostRead # Import new model
+
+router = APIRouter()
+
+class BalanceRead(BaseModel):
+    month_to_date_balance: str
+    account_balance: str
+    month_to_date_usage: str
+    generated_at: str
+    error: str | None = None
+
+@router.get("/balance", response_model=BalanceRead)
+def get_billing_balance(
+    session: Session = Depends(get_session), 
+    user: User = Depends(get_current_active_user)
+):
+    """
+    Get the current DigitalOcean account balance and month-to-date usage.
+    """
+    # Find the user's DigitalOcean credential
+    do_credential = session.exec(
+        select(Credential).where(Credential.user_id == user.id, Credential.service == "digitalocean")
+    ).first()
+    
+    if not do_credential:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="DigitalOcean credential not found for this user. Please connect your account.",
+        )
+
+    try:
+        do_token = decrypt_token(do_credential.encrypted_token)
+        engine = InfraEngine(token=do_token)
+        balance_data = engine.get_account_balance()
+        return BalanceRead(**balance_data)
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to fetch balance from DigitalOcean: {e}",
+        )
+
+@router.get("/droplets", response_model=list[DropletCostRead])
+def get_billing_droplets(
+    session: Session = Depends(get_session), 
+    user: User = Depends(get_current_active_user)
+):
+    """
+    Get a list of Xenfra-managed DigitalOcean droplets with their estimated monthly costs.
+    """
+    do_credential = session.exec(
+        select(Credential).where(Credential.user_id == user.id, Credential.service == "digitalocean")
+    ).first()
+    
+    if not do_credential:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="DigitalOcean credential not found for this user. Please connect your account.",
+        )
+
+    try:
+        do_token = decrypt_token(do_credential.encrypted_token)
+        engine = InfraEngine(token=do_token)
+        droplets_data = engine.get_droplet_cost_estimates()
+        return [DropletCostRead(**d) for d in droplets_data]
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to fetch droplet cost estimates from DigitalOcean: {e}",
+        )

xenfra-0.1.8/src/xenfra/api/connections.py

@@ -0,0 +1,163 @@
+# src/xenfra/api/connections.py
+
+import httpx
+from fastapi import APIRouter, Depends, HTTPException, status, Request
+from fastapi.responses import RedirectResponse
+from sqlmodel import Session, select
+import secrets
+
+from xenfra.db.session import get_session
+from xenfra.db.models import User, Credential, CredentialCreate
+from xenfra.dependencies import get_current_active_user # Corrected import
+from xenfra.security import encrypt_token
+from xenfra.config import settings
+
+router = APIRouter()
+
+# --- GitHub OAuth ---
+# GITHUB_CLIENT_ID = os.getenv("GITHUB_CLIENT_ID") # Moved inside function
+# GITHUB_CLIENT_SECRET = os.getenv("GITHUB_CLIENT_SECRET") # Moved inside function
+# GITHUB_REDIRECT_URI = os.getenv("GITHUB_REDIRECT_URI", "http://localhost:8000/connections/github/callback") # Moved inside function
+
+@router.get("/github/login")
+def github_login(request: Request): # Add request: Request
+    """Redirects the user to GitHub for authorization."""
+    GITHUB_CLIENT_ID = settings.GITHUB_CLIENT_ID
+    GITHUB_REDIRECT_URI = settings.GITHUB_REDIRECT_URI
+    
+    state = secrets.token_urlsafe(32)
+    request.session["github_oauth_state"] = state
+    
+    return RedirectResponse(
+        f"https://github.com/login/oauth/authorize?client_id={GITHUB_CLIENT_ID}&scope=repo%20user:email&redirect_uri={GITHUB_REDIRECT_URI}&state={state}",
+        status_code=302
+    )
+
+@router.get("/github/callback")
+async def github_callback(code: str, request: Request, session: Session = Depends(get_session), user: User = Depends(get_current_active_user)):
+    """
+    Handles the callback from GitHub, exchanges the code for a token,
+    and stores the encrypted token.
+    """
+    received_state = request.query_params.get("state")
+    stored_state = request.session.pop("github_oauth_state", None)
+
+    if not received_state or not stored_state or received_state != stored_state:
+        raise HTTPException(status_code=400, detail="Invalid OAuth state. Possible CSRF attack.")
+
+    GITHUB_CLIENT_ID = settings.GITHUB_CLIENT_ID
+    GITHUB_CLIENT_SECRET = settings.GITHUB_CLIENT_SECRET
+    if not GITHUB_CLIENT_SECRET: # Explicit check for client secret
+        raise HTTPException(status_code=500, detail="GitHub client secret not configured.")
+    # GITHUB_REDIRECT_URI is not needed here
+    
+    async with httpx.AsyncClient() as client:
+        token_response = await client.post(
+            "https://github.com/login/oauth/access_token",
+            json={"client_id": GITHUB_CLIENT_ID, "client_secret": GITHUB_CLIENT_SECRET, "code": code},
+            headers={"Accept": "application/json"}
+        )
+    
+    token_data = await token_response.json() # Await the json() coroutine
+    access_token = token_data.get("access_token")
+
+    if not access_token:
+        # GitHub might return an error in token_data, e.g., {'error': 'bad_verification_code'}
+        error_detail = token_data.get("error_description", token_data.get("error", "Unknown error during token exchange"))
+        raise HTTPException(status_code=400, detail=f"Could not fetch GitHub access token: {error_detail}")
+
+    # Encrypt and store the token
+    encrypted_token = encrypt_token(access_token)
+
+    # Fetch GitHub App installation ID
+    async with httpx.AsyncClient() as client:
+        installations_response = await client.get(
+            "https://api.github.com/user/installations",
+            headers={
+                "Authorization": f"token {access_token}",
+                "Accept": "application/vnd.github.v3+json"
+            }
+        )
+    installations_data = await installations_response.json()
+    installation_id = None
+    if installations_data and "installations" in installations_data and len(installations_data["installations"]) > 0:
+        installation_id = installations_data["installations"][0]["id"]
+    
+    new_credential = CredentialCreate(
+        service="github", 
+        encrypted_token=encrypted_token, 
+        user_id=user.id, 
+        github_installation_id=installation_id
+    )
+    db_credential = Credential.model_validate(new_credential)
+    session.add(db_credential)
+    session.commit()
+
+    # Redirect user back to the frontend (URL should be configurable)
+    return RedirectResponse(url=f"{settings.FRONTEND_OAUTH_REDIRECT_SUCCESS}?success=github", status_code=302)
+
+
+# --- DigitalOcean OAuth ---
+# DO_CLIENT_ID = os.getenv("DO_CLIENT_ID") # Moved inside function
+# DO_CLIENT_SECRET = os.getenv("DO_CLIENT_SECRET") # Moved inside function
+# DO_REDIRECT_URI = os.getenv("DO_REDIRECT_URI", "http://localhost:8000/connections/digitalocean/callback") # Moved inside function
+
+@router.get("/digitalocean/login")
+def digitalocean_login(request: Request): # Add request: Request
+    """Redirects the user to DigitalOcean for authorization."""
+    DO_CLIENT_ID = settings.DO_CLIENT_ID
+    DO_REDIRECT_URI = settings.DO_REDIRECT_URI
+        
+    state = secrets.token_urlsafe(32)
+    request.session["digitalocean_oauth_state"] = state
+
+    return RedirectResponse(
+        f"https://cloud.digitalocean.com/v1/oauth/authorize?client_id={DO_CLIENT_ID}&response_type=code&scope=read%20write&redirect_uri={DO_REDIRECT_URI}&state={state}",
+        status_code=302
+    )
+
+@router.get("/digitalocean/callback")
+async def digitalocean_callback(code: str, request: Request, session: Session = Depends(get_session), user: User = Depends(get_current_active_user)):
+    """
+    Handles the callback from DigitalOcean, exchanges the code for a token,
+    and stores the encrypted token.
+    """
+    received_state = request.query_params.get("state")
+    stored_state = request.session.pop("digitalocean_oauth_state", None)
+
+    if not received_state or not stored_state or received_state != stored_state:
+        raise HTTPException(status_code=400, detail="Invalid OAuth state. Possible CSRF attack.")
+
+    DO_CLIENT_ID = settings.DO_CLIENT_ID
+    DO_CLIENT_SECRET = settings.DO_CLIENT_SECRET
+    DO_REDIRECT_URI = settings.DO_REDIRECT_URI
+    if not DO_CLIENT_SECRET: # Explicit check for client secret
+        raise HTTPException(status_code=500, detail="DigitalOcean client secret not configured.")
+    
+    
+    async with httpx.AsyncClient() as client:
+        token_response = await client.post(
+            "https://cloud.digitalocean.com/v1/oauth/token",
+            params={
+                "grant_type": "authorization_code",
+                "client_id": DO_CLIENT_ID,
+                "client_secret": DO_CLIENT_SECRET,
+                "code": code,
+                "redirect_uri": DO_REDIRECT_URI
+            }
+        )
+
+    token_data = await token_response.json() # Await the json() coroutine
+    access_token = token_data.get("access_token")
+
+    if not access_token:
+        error_detail = token_data.get("error_description", token_data.get("error", "Unknown error during token exchange"))
+        raise HTTPException(status_code=400, detail=f"Could not fetch DigitalOcean access token: {error_detail}")
+
+    encrypted_token = encrypt_token(access_token)
+    new_credential = CredentialCreate(service="digitalocean", encrypted_token=encrypted_token, user_id=user.id)
+    db_credential = Credential.model_validate(new_credential)
+    session.add(db_credential)
+    session.commit()
+    
+    return RedirectResponse(url=f"{settings.FRONTEND_OAUTH_REDIRECT_SUCCESS}?success=digitalocean", status_code=302)

xenfra-0.1.8/src/xenfra/api/main.py

@@ -0,0 +1,175 @@
+from fastapi import FastAPI, Depends, HTTPException, status, Request, BackgroundTasks
+from fastapi.middleware.cors import CORSMiddleware
+from starlette.middleware.sessions import SessionMiddleware # Import SessionMiddleware
+from fastapi.security import OAuth2PasswordBearer # This will be removed, as oauth2_scheme is in dependencies
+from sqlmodel import Session, select
+from jose import JWTError
+from typing import List
+from datetime import datetime
+
+import os # Keep os import for now as it is used in other places.
+
+from xenfra.engine import InfraEngine
+from xenfra.models import Deployment, ProjectRead # Import ProjectRead
+from xenfra.db.session import create_db_and_tables, get_session
+from xenfra.db.models import User, UserRead, Credential, CredentialRead
+from xenfra.security import decode_token, decrypt_token
+from xenfra.dependencies import get_current_user, get_current_active_user, oauth2_scheme # Import oauth2_scheme from dependencies
+from pydantic import BaseModel
+from xenfra.config import settings
+
+
+# --- Lifespan ---
+from contextlib import asynccontextmanager
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    create_db_and_tables()
+    yield
+
+# --- App Initialization ---
+app = FastAPI(
+    title="Xenfra API",
+    description="API for the Xenfra deployment engine.",
+    version="0.1.0",
+    lifespan=lifespan
+)
+
+# --- Middleware ---
+app.add_middleware(SessionMiddleware, secret_key=settings.SECRET_KEY) # Use settings.SECRET_KEY here
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],  # For dev, allow all. In prod, strict listing.
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+# --- Router Imports (Moved after app initialization) ---
+from xenfra.api import auth, connections, webhooks, billing
+
+# --- Routers ---
+app.include_router(auth.router, prefix="/auth", tags=["Authentication"])
+app.include_router(connections.router, prefix="/connections", tags=["Connections"])
+app.include_router(webhooks.router, prefix="/webhooks", tags=["Webhooks"])
+app.include_router(billing.router, prefix="/billing", tags=["Billing"])
+
+
+# --- Models for Frontend Requests ---
+class DeploymentCreateRequest(BaseModel):
+    name: str
+    region: str
+    size: str
+    image: str
+    email: str
+    domain: str | None = None
+    repo_url: str | None = None # For future Git deployments via web UI
+
+
+# --- Endpoints ---
+@app.get("/")
+def read_root():
+    return {"message": "Welcome to the Xenfra API"}
+
+@app.post("/deployments/new")
+def create_new_deployment(
+    request: DeploymentCreateRequest,
+    background_tasks: BackgroundTasks,
+    session: Session = Depends(get_session),
+    user: User = Depends(get_current_active_user)
+):
+    """
+    Triggers a new deployment based on provided configuration.
+    """
+    do_credential = session.exec(
+        select(Credential).where(Credential.user_id == user.id, Credential.service == "digitalocean")
+    ).first()
+    
+    if not do_credential:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="DigitalOcean credential not found for this user. Please connect your account.",
+        )
+
+    try:
+        do_token = decrypt_token(do_credential.encrypted_token)
+        engine = InfraEngine(token=do_token)
+        
+        # Offload the deployment to a background task
+        background_tasks.add_task(
+            engine.deploy_server,
+            name=request.name,
+            region=request.region,
+            size=request.size,
+            image=request.image,
+            email=request.email,
+            domain=request.domain,
+            repo_url=request.repo_url
+        )
+        return {"status": "success", "message": "Deployment initiated in background."}
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Deployment failed: {e}",
+        )
+
+@app.get("/users/me", response_model=UserRead)
+def read_users_me(current_user: User = Depends(get_current_active_user)):
+    """
+    Fetch the current logged in user.
+    """
+    return current_user
+
+@app.get("/users/me/connections", response_model=List[CredentialRead])
+def read_user_connections(current_user: User = Depends(get_current_active_user), session: Session = Depends(get_session)):
+    """
+    Fetch the current logged in user's connected credentials (GitHub, DigitalOcean).
+    """
+    credentials = session.exec(select(Credential).where(Credential.user_id == current_user.id)).all()
+    return credentials
+
+@app.get("/projects", response_model=List[ProjectRead])
+def list_projects(
+    session: Session = Depends(get_session),
+    user: User = Depends(get_current_active_user)
+):
+    """
+    Lists Xenfra-managed Droplets as projects.
+    """
+    do_credential = session.exec(
+        select(Credential).where(Credential.user_id == user.id, Credential.service == "digitalocean")
+    ).first()
+    
+    if not do_credential:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="DigitalOcean credential not found for this user. Please connect your account.",
+        )
+    
+    try:
+        do_token = decrypt_token(do_credential.encrypted_token)
+        engine = InfraEngine(token=do_token)
+        
+        droplets = engine.list_servers()
+        projects = []
+        for droplet in droplets:
+            # For V0, a "project" is simply a Xenfra-managed Droplet
+            # We filter by name convention 'xenfra-'
+            if droplet.name.startswith("xenfra-"):
+                estimated_monthly_cost = droplet.size['price_monthly'] if droplet.size else None
+                projects.append(ProjectRead(
+                    id=droplet.id,
+                    name=droplet.name,
+                    ip_address=droplet.ip_address,
+                    status=droplet.status,
+                    region=droplet.region['slug'],
+                    size_slug=droplet.size['slug'],
+                    estimated_monthly_cost=estimated_monthly_cost,
+                    created_at=datetime.fromisoformat(droplet.created_at.replace('Z', '+00:00')) # Ensure datetime is timezone aware
+                ))
+        return projects
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to list projects from DigitalOcean: {e}",
+        )