fredrick/dynamic-infra-tooling
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Professional CLI tooling for managing LoopAware dynamic infrastructure
24 commits 1 branch 0 tags 143 KiB
Find a file
Fredrick Amnehagen cd505b9994 test: add end-to-end agent deployment lifecycle test
2026-02-06 00:51:51 +01:00
bin initial commit: dynamic infra tooling cli 2026-02-05 11:29:34 +01:00
infra_cli refactor: improve config and ssh core and add iac integration tests 2026-02-06 00:20:36 +01:00
tests test: add end-to-end agent deployment lifecycle test 2026-02-06 00:51:51 +01:00
.gitignore chore: add gitignore and cleanup cache 2026-02-05 11:37:39 +01:00
config.yaml.example initial commit: dynamic infra tooling cli 2026-02-05 11:29:34 +01:00
README.md fix: refactor certificate manager for rate-limit safety and consolidated SANs 2026-02-05 20:43:44 +01:00
setup.py feat: add cloudflare module for dynamic dns updates 2026-02-05 19:15:50 +01:00

README.md

LoopAware Infrastructure CLI

A robust Python-based CLI designed for automated management of the LoopAware infrastructure. Built for developers and AI agents to provision and manage resources on a flat 10.32.0.0/16 network.

Core Modules

Module Command Description
Identity infra samba Manage Active Directory users and groups.
Compute infra proxmox Provision and destroy LXC containers across nodes.
Database infra db Provision PostgreSQL databases and users.
Network infra dns Manage static DHCP leases and DNS records.
IP AM infra ip Automatic discovery of free IPs in the agent pool.
Ingress infra ingress Manage HAProxy subdomains and routing.
Certificates infra cert Manage SSL/TLS certificates (Let's Encrypt).
External infra cloudflare Manage Cloudflare DNS and Dynamic DNS updates.

Installation

cd external/dynamic-infra-tooling
pip install -e .

Configuration

The CLI looks for a config file at ~/.config/loopaware/infra-cli.yaml or the path specified in the INFRA_CONFIG environment variable.

# Set up your local config
cp config.yaml.example config.yaml
export INFRA_CONFIG=$(pwd)/config.yaml

Common Workflows

Provisioning a New Service

  1. Find an IP: infra ip next-free
  2. Create Database: infra db provision "project-name"
  3. Provision LXC: infra proxmox create-lxc 12345 debian-13 "project-host" "10.32.70.x/16" "10.32.0.1" --node la-vmh-12
  4. Setup DNS: infra dns add-host <MAC> 10.32.70.x "project-host"
  5. Expose Ingress: infra ingress add "project.loopaware.com" 10.32.70.x 80

Full Decommission

Clean up every trace of a service in one command:

infra decommission --domain project.loopaware.com --mac <MAC> --vmid 12345 --node la-vmh-12 --port-name project_udp

4. Certificates (Let's Encrypt)

The infrastructure uses a consolidated SAN (Subject Alternative Name) strategy to optimize Let's Encrypt rate limits.

  • loopaware.com.pem: Wildcard cert for all public services.
  • la-infra-san.pem: Consolidated SAN cert for all internal *.fe.loopaware.com hosts.

The system automatically discovers new internal hosts and adds them to the SAN certificate nightly at 3:00 AM.

# List all active certificates in shared storage
infra cert list

# Check expiry date of the main wildcard cert
infra cert status

# Manually trigger discovery and renewal (Rate-limit safe)
infra cert renew

5. Cloudflare DDNS

Safety & Validation

  • Template Resolution: The debian-13 alias automatically finds the latest template on the target Proxmox node.
  • Input Validation: All IPs, MACs, and Ports are validated before execution.
  • Pre-flight Checks: The CLI verifies SSH connectivity to nodes before attempting changes.

Development

Running Tests

export ROUTER_PASS="..."
pytest tests/test_cli.py -v