dynamic-infra-tooling/README.md

# LoopAware Infrastructure CLI

A robust Python-based CLI designed for automated management of the LoopAware infrastructure. Built for developers and AI agents to provision and manage resources on a flat `10.32.0.0/16` network.

## Core Modules

| Module | Command | Description |
|--------|---------|-------------|
| **Identity** | `infra samba` | Manage Active Directory users and groups. |
| **Compute** | `infra proxmox` | Provision and destroy LXC containers across nodes. |
| **Database**| `infra db` | Provision PostgreSQL databases and users. |
| **Network** | `infra dns` | Manage static DHCP leases and DNS records. |
| **IP AM**   | `infra ip` | Automatic discovery of free IPs in the agent pool. |
| **Ingress** | `infra ingress` | Manage HAProxy subdomains and routing. |
| **Certificates**| `infra cert` | Manage SSL/TLS certificates (Let's Encrypt). |
| **External**| `infra cloudflare`| Manage Cloudflare DNS and Dynamic DNS updates. |

## Installation

```bash
cd external/dynamic-infra-tooling
pip install -e .
```

## Configuration

The CLI looks for a config file at `~/.config/loopaware/infra-cli.yaml` or the path specified in the `INFRA_CONFIG` environment variable.

```bash
# Set up your local config
cp config.yaml.example config.yaml
export INFRA_CONFIG=$(pwd)/config.yaml
```

## Common Workflows

### Official Recommended Flow
1. **Find an IP:** `infra ip next-free`
2. **Create Database:** `infra db provision "my-project"`
3. **Provision LXC:** `infra proxmox create-lxc debian-13 "my-host" "10.32.70.x/16" "10.32.0.1" --node la-vmh-12`
4. **Setup DNS:** `infra dns add-host <MAC> 10.32.70.x "my-host"`
5. **Update SSL:** `infra cert renew`
6. **Expose Ingress:** `infra ingress add "my-project.loopaware.com" 10.32.70.x 80`

### Full Decommission
Clean up every trace of a service in one command:
```bash
infra decommission --domain my-project.loopaware.com --mac <MAC> --vmid 12xxx --node la-vmh-12
```

## Safety & Validation
- **Template Resolution:** The `debian-13` alias automatically finds the latest template on the target Proxmox node.
- **Input Validation:** All IPs, MACs, and Ports are validated before execution.
- **Pre-flight Checks:** The CLI verifies SSH connectivity to nodes before attempting changes.

## Pro-Tips for Developers

### Environment Selection
- **Staging:** Use `--node la-vmh-07` for experiments.
- **Public Production:** Use `--node la-vmh-12`.
- **Private Production:** Use `--node la-vmh-13`.

### Programmatic Integration
The CLI is designed to be consumed by other scripts. Use the `--config` flag or `INFRA_CONFIG` environment variable to point to your configuration.

```bash
# Get just the IP for scripting
NEW_IP=$(infra ip next-free)
```

## Development

### Running Tests
```bash
export ROUTER_PASS="..."
pytest tests/test_cli.py -v
```
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00			`# LoopAware Infrastructure CLI`

feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			A robust Python-based CLI designed for automated management of the LoopAware infrastructure. Built for developers and AI agents to provision and manage resources on a flat `10.32.0.0/16` network.
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`## Core Modules`
docs: improve readme and add robust lifecycle tests 2026-02-05 19:06:07 +01:00
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`\| Module \| Command \| Description \|`
			`\|--------\|---------\|-------------\|`
			\| Identity \| `infra samba` \| Manage Active Directory users and groups. \|
			\| Compute \| `infra proxmox` \| Provision and destroy LXC containers across nodes. \|
			\| Database\| `infra db` \| Provision PostgreSQL databases and users. \|
			\| Network \| `infra dns` \| Manage static DHCP leases and DNS records. \|
			\| IP AM \| `infra ip` \| Automatic discovery of free IPs in the agent pool. \|
			\| Ingress \| `infra ingress` \| Manage HAProxy subdomains and routing. \|
			\| Certificates\| `infra cert` \| Manage SSL/TLS certificates (Let's Encrypt). \|
			\| External\| `infra cloudflare`\| Manage Cloudflare DNS and Dynamic DNS updates. \|
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00
			`## Installation`

			```bash
			`cd external/dynamic-infra-tooling`
			`pip install -e .`
			```

			`## Configuration`

feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			The CLI looks for a config file at `~/.config/loopaware/infra-cli.yaml` or the path specified in the `INFRA_CONFIG` environment variable.
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00
			```bash
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`# Set up your local config`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00			`cp config.yaml.example config.yaml`
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`export INFRA_CONFIG=$(pwd)/config.yaml`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00			```

feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`## Common Workflows`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00
docs: standardize recommended workflow in readme 2026-02-06 08:27:29 +01:00			`### Official Recommended Flow`
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			1. Find an IP: `infra ip next-free`
docs: standardize recommended workflow in readme 2026-02-06 08:27:29 +01:00			2. Create Database: `infra db provision "my-project"`
feat: implement automated VMID discovery for LXC creation 2026-02-06 08:36:38 +01:00			3. Provision LXC: `infra proxmox create-lxc debian-13 "my-host" "10.32.70.x/16" "10.32.0.1" --node la-vmh-12`
docs: standardize recommended workflow in readme 2026-02-06 08:27:29 +01:00			4. Setup DNS: `infra dns add-host <MAC> 10.32.70.x "my-host"`
			5. Update SSL: `infra cert renew`
			6. Expose Ingress: `infra ingress add "my-project.loopaware.com" 10.32.70.x 80`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`### Full Decommission`
			`Clean up every trace of a service in one command:`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00			```bash
docs: standardize recommended workflow in readme 2026-02-06 08:27:29 +01:00			`infra decommission --domain my-project.loopaware.com --mac <MAC> --vmid 12xxx --node la-vmh-12`
feat: complete professional cli with full lifecycle and tests 2026-02-05 11:37:29 +01:00			```
docs: improve readme and add robust lifecycle tests 2026-02-05 19:06:07 +01:00
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`## Safety & Validation`
			- Template Resolution: The `debian-13` alias automatically finds the latest template on the target Proxmox node.
			`- Input Validation: All IPs, MACs, and Ports are validated before execution.`
			`- Pre-flight Checks: The CLI verifies SSH connectivity to nodes before attempting changes.`
docs: improve readme and add robust lifecycle tests 2026-02-05 19:06:07 +01:00
docs: improve readme with developer pro-tips 2026-02-06 01:05:42 +01:00			`## Pro-Tips for Developers`

			`### Environment Selection`
			- Staging: Use `--node la-vmh-07` for experiments.
			- Public Production: Use `--node la-vmh-12`.
			- Private Production: Use `--node la-vmh-13`.

			`### Programmatic Integration`
			The CLI is designed to be consumed by other scripts. Use the `--config` flag or `INFRA_CONFIG` environment variable to point to your configuration.

			```bash
			`# Get just the IP for scripting`
			`NEW_IP=$(infra ip next-free)`
			```

feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`## Development`
docs: improve readme and add robust lifecycle tests 2026-02-05 19:06:07 +01:00
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`### Running Tests`
docs: improve readme and add robust lifecycle tests 2026-02-05 19:06:07 +01:00			```bash
			`export ROUTER_PASS="..."`
feat: add certificate management module and schedule auto-renewal cron 2026-02-05 20:36:15 +01:00			`pytest tests/test_cli.py -v`
			```