cli/cmd/prod/cmd_dns.go

package prod

import (
	"context"
	"fmt"
	"os"
	"time"

	"forge.lthn.ai/core/go/pkg/cli"
	"forge.lthn.ai/core/go-devops/infra"
	"github.com/spf13/cobra"
)

var dnsCmd = &cobra.Command{
	Use:   "dns",
	Short: "Manage DNS records via CloudNS",
	Long: `View and manage DNS records for host.uk.com via CloudNS API.

Requires:
  CLOUDNS_AUTH_ID        CloudNS auth ID
  CLOUDNS_AUTH_PASSWORD  CloudNS auth password`,
}

var dnsListCmd = &cobra.Command{
	Use:   "list [zone]",
	Short: "List DNS records",
	Args:  cobra.MaximumNArgs(1),
	RunE:  runDNSList,
}

var dnsSetCmd = &cobra.Command{
	Use:   "set <host> <type> <value>",
	Short: "Create or update a DNS record",
	Long: `Create or update a DNS record. Example:
  core prod dns set hermes.lb A 1.2.3.4
  core prod dns set "*.host.uk.com" CNAME hermes.lb.host.uk.com`,
	Args: cobra.ExactArgs(3),
	RunE: runDNSSet,
}

var (
	dnsZone string
	dnsTTL  int
)

func init() {
	dnsCmd.PersistentFlags().StringVar(&dnsZone, "zone", "host.uk.com", "DNS zone")

	dnsSetCmd.Flags().IntVar(&dnsTTL, "ttl", 300, "Record TTL in seconds")

	dnsCmd.AddCommand(dnsListCmd)
	dnsCmd.AddCommand(dnsSetCmd)
}

func getDNSClient() (*infra.CloudNSClient, error) {
	authID := os.Getenv("CLOUDNS_AUTH_ID")
	authPass := os.Getenv("CLOUDNS_AUTH_PASSWORD")
	if authID == "" || authPass == "" {
		return nil, fmt.Errorf("CLOUDNS_AUTH_ID and CLOUDNS_AUTH_PASSWORD required")
	}
	return infra.NewCloudNSClient(authID, authPass), nil
}

func runDNSList(cmd *cobra.Command, args []string) error {
	dns, err := getDNSClient()
	if err != nil {
		return err
	}

	zone := dnsZone
	if len(args) > 0 {
		zone = args[0]
	}

	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	records, err := dns.ListRecords(ctx, zone)
	if err != nil {
		return fmt.Errorf("list records: %w", err)
	}

	cli.Print("%s DNS records for %s\n\n", cli.BoldStyle.Render("▶"), cli.TitleStyle.Render(zone))

	if len(records) == 0 {
		cli.Print("  No records found\n")
		return nil
	}

	for id, r := range records {
		cli.Print("  %s  %-6s  %-30s  %s  TTL:%s\n",
			cli.DimStyle.Render(id),
			cli.BoldStyle.Render(r.Type),
			r.Host,
			r.Record,
			r.TTL)
	}

	return nil
}

func runDNSSet(cmd *cobra.Command, args []string) error {
	dns, err := getDNSClient()
	if err != nil {
		return err
	}

	host := args[0]
	recordType := args[1]
	value := args[2]

	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()

	changed, err := dns.EnsureRecord(ctx, dnsZone, host, recordType, value, dnsTTL)
	if err != nil {
		return fmt.Errorf("set record: %w", err)
	}

	if changed {
		cli.Print("%s %s %s %s -> %s\n",
			cli.SuccessStyle.Render("✓"),
			recordType, host, dnsZone, value)
	} else {
		cli.Print("%s Record already correct\n", cli.DimStyle.Render("·"))
	}

	return nil
}
feat(prod): add production infrastructure management Add `core prod` command with full production infrastructure tooling: - `core prod status` — parallel SSH health checks across all hosts, Galera cluster state, Redis sentinel, Docker, LB health - `core prod setup` — Phase 1 foundation: Hetzner topology discovery, managed LB creation, CloudNS DNS record management - `core prod dns` — CloudNS record CRUD with idempotent EnsureRecord - `core prod lb` — Hetzner Cloud LB status and creation - `core prod ssh <host>` — SSH into hosts defined in infra.yaml New packages: - pkg/infra: config parsing, Hetzner Cloud/Robot API, CloudNS DNS API - infra.yaml: declarative production topology (hosts, LB, DNS, SSL, Galera, Redis, containers, S3, CDN, CI/CD, monitoring, backups) Docker: - Dockerfile.app (PHP 8.3-FPM, multi-stage) - Dockerfile.web (Nginx + security headers) - docker-compose.prod.yml (app, web, horizon, scheduler, mcp, redis, galera) Ansible playbooks (runnable via `core deploy ansible`): - galera-deploy.yml, redis-deploy.yml, galera-backup.yml - inventory.yml with all production hosts CI/CD: - .forgejo/workflows/deploy.yml for Forgejo Actions pipeline Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-06 03:03:29 +00:00			`package prod`

			`import (`
			`"context"`
			`"fmt"`
			`"os"`
			`"time"`

refactor: split CLI from monorepo, import core/go as library (#1) - Change module from forge.lthn.ai/core/go to forge.lthn.ai/core/cli - Remove pkg/ directory (now served from core/go) - Add require + replace for forge.lthn.ai/core/go => ../go - Update go.work to include ../go workspace module - Fix all internal/cmd/* imports: pkg/ refs → forge.lthn.ai/core/go/pkg/ - Rename internal/cmd/sdk package to sdkcmd (avoids conflict with pkg/sdk) - Remove SDK library files from internal/cmd/sdk/ (now in core/go/pkg/sdk/) - Remove duplicate RAG helper functions from internal/cmd/rag/ - Remove stale cmd/core-ide/ (now in core/ide repo) - Update IDE variant to remove core-ide import - Fix test assertion for new module name - Run go mod tidy to sync dependencies core/cli is now a pure CLI application importing core/go for packages. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <developers@lethean.io> Reviewed-on: https://forge.lthn.ai/core/cli/pulls/1 2026-02-16 14:24:37 +00:00			`"forge.lthn.ai/core/go/pkg/cli"`
chore: update module paths and daemon refactor Sync CLI module imports across all command packages. Refactor daemon command with expanded functionality. Update go.mod and go.work dependencies. Co-Authored-By: Virgil <virgil@lethean.io> 2026-02-17 19:19:40 +00:00			`"forge.lthn.ai/core/go-devops/infra"`
feat(prod): add production infrastructure management Add `core prod` command with full production infrastructure tooling: - `core prod status` — parallel SSH health checks across all hosts, Galera cluster state, Redis sentinel, Docker, LB health - `core prod setup` — Phase 1 foundation: Hetzner topology discovery, managed LB creation, CloudNS DNS record management - `core prod dns` — CloudNS record CRUD with idempotent EnsureRecord - `core prod lb` — Hetzner Cloud LB status and creation - `core prod ssh <host>` — SSH into hosts defined in infra.yaml New packages: - pkg/infra: config parsing, Hetzner Cloud/Robot API, CloudNS DNS API - infra.yaml: declarative production topology (hosts, LB, DNS, SSL, Galera, Redis, containers, S3, CDN, CI/CD, monitoring, backups) Docker: - Dockerfile.app (PHP 8.3-FPM, multi-stage) - Dockerfile.web (Nginx + security headers) - docker-compose.prod.yml (app, web, horizon, scheduler, mcp, redis, galera) Ansible playbooks (runnable via `core deploy ansible`): - galera-deploy.yml, redis-deploy.yml, galera-backup.yml - inventory.yml with all production hosts CI/CD: - .forgejo/workflows/deploy.yml for Forgejo Actions pipeline Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-06 03:03:29 +00:00			`"github.com/spf13/cobra"`
			`)`

			`var dnsCmd = &cobra.Command{`
			`Use: "dns",`
			`Short: "Manage DNS records via CloudNS",`
			Long: `View and manage DNS records for host.uk.com via CloudNS API.

			`Requires:`
			`CLOUDNS_AUTH_ID CloudNS auth ID`
			CLOUDNS_AUTH_PASSWORD CloudNS auth password`,
			`}`

			`var dnsListCmd = &cobra.Command{`
			`Use: "list [zone]",`
			`Short: "List DNS records",`
			`Args: cobra.MaximumNArgs(1),`
			`RunE: runDNSList,`
			`}`

			`var dnsSetCmd = &cobra.Command{`
			`Use: "set <host> <type> <value>",`
			`Short: "Create or update a DNS record",`
			Long: `Create or update a DNS record. Example:
			`core prod dns set hermes.lb A 1.2.3.4`
			core prod dns set "*.host.uk.com" CNAME hermes.lb.host.uk.com`,
			`Args: cobra.ExactArgs(3),`
			`RunE: runDNSSet,`
			`}`

			`var (`
			`dnsZone string`
			`dnsTTL int`
			`)`

			`func init() {`
			`dnsCmd.PersistentFlags().StringVar(&dnsZone, "zone", "host.uk.com", "DNS zone")`

			`dnsSetCmd.Flags().IntVar(&dnsTTL, "ttl", 300, "Record TTL in seconds")`

			`dnsCmd.AddCommand(dnsListCmd)`
			`dnsCmd.AddCommand(dnsSetCmd)`
			`}`

			`func getDNSClient() (*infra.CloudNSClient, error) {`
			`authID := os.Getenv("CLOUDNS_AUTH_ID")`
			`authPass := os.Getenv("CLOUDNS_AUTH_PASSWORD")`
			`if authID == "" \|\| authPass == "" {`
			`return nil, fmt.Errorf("CLOUDNS_AUTH_ID and CLOUDNS_AUTH_PASSWORD required")`
			`}`
			`return infra.NewCloudNSClient(authID, authPass), nil`
			`}`

			`func runDNSList(cmd *cobra.Command, args []string) error {`
			`dns, err := getDNSClient()`
			`if err != nil {`
			`return err`
			`}`

			`zone := dnsZone`
			`if len(args) > 0 {`
			`zone = args[0]`
			`}`

			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer cancel()`

			`records, err := dns.ListRecords(ctx, zone)`
			`if err != nil {`
			`return fmt.Errorf("list records: %w", err)`
			`}`

			`cli.Print("%s DNS records for %s\n\n", cli.BoldStyle.Render("▶"), cli.TitleStyle.Render(zone))`

			`if len(records) == 0 {`
			`cli.Print(" No records found\n")`
			`return nil`
			`}`

			`for id, r := range records {`
			`cli.Print(" %s %-6s %-30s %s TTL:%s\n",`
			`cli.DimStyle.Render(id),`
			`cli.BoldStyle.Render(r.Type),`
			`r.Host,`
			`r.Record,`
			`r.TTL)`
			`}`

			`return nil`
			`}`

			`func runDNSSet(cmd *cobra.Command, args []string) error {`
			`dns, err := getDNSClient()`
			`if err != nil {`
			`return err`
			`}`

			`host := args[0]`
			`recordType := args[1]`
			`value := args[2]`

			`ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)`
			`defer cancel()`

			`changed, err := dns.EnsureRecord(ctx, dnsZone, host, recordType, value, dnsTTL)`
			`if err != nil {`
			`return fmt.Errorf("set record: %w", err)`
			`}`

			`if changed {`
			`cli.Print("%s %s %s %s -> %s\n",`
			`cli.SuccessStyle.Render("✓"),`
			`recordType, host, dnsZone, value)`
			`} else {`
			`cli.Print("%s Record already correct\n", cli.DimStyle.Render("·"))`
			`}`

			`return nil`
			`}`