clivern / lynx Goto Github PK

View Code? Open in Web Editor NEW

245.0 5.0 6.0 37.3 MB

🐺 A Fast, Secure and Reliable Terraform Backend, Set up in Minutes.

Home Page: https://lynx.clivern.com/

License: MIT License

Elixir 95.65% Dockerfile 0.86% Makefile 0.61% JavaScript 0.61% Shell 0.05% HTML 1.90% HCL 0.28% Batchfile 0.03%

terraform terraform-backend clivern lynx terraform-http-backend terraform-project terraform-workspace

lynx's Introduction

Lynx

A Fast, Secure and Reliable Terraform Backend, Set up in Minutes.

Lynx is a Fast, Secure and Reliable Terraform Backend. It is built in Elixir with Phoenix framework.

Features:

Simplified Setup: Easy installation and maintenance for hassle-free usage.
Team Collaboration: Manage multiple teams and users seamlessly.
User-Friendly Interface: Enjoy a visually appealing dashboard for intuitive navigation.
Project Flexibility: Support for multiple projects within each team.
Environment Management: Create and manage multiple environments per project.
State Versioning: Keep track of Terraform state versions for better control.
Rollback Capability: Easily revert to previous states for efficient infrastructure management.
Terraform Locking Support: The project also supports Terraform locking, ensuring state integrity and preventing concurrent operations that could lead to data corruption
RESTful Endpoints: for seamless teams, users, projects, environments, and snapshots management.
Snapshots Support: for both projects and environments to ensure data integrity and provide recovery options at specific points in time.
Terraform Provider: Automate creation/updates of teams, users, projects, environments and snapshots with terraform.

Upcoming Features:

Single Sign-On (SSO): Support for OAuth2 Providers like Azure AD OAuth, Keycloak, Okta ... etc

Quick Start

Important

Make sure you have docker and docker-compose installed for the quick start.

Lynx requires a PostgreSQL database. No Object Storage is required.

To run Lynx alone on port 4000 on docker.

$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose.yml \
    -O docker-compose.yml

$ docker-compose up -d

To run Lynx behind nginx reverse proxy on port 80 on docker.

$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose-nginx.yml \
    -O docker-compose.yml
$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/nginx.conf \
    -O nginx.conf

$ docker-compose up -d

To run a 3 Nodes of Lynx behind nginx reverse proxy on port 80 on docker.

$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/docker-compose-cluster.yml \
    -O docker-compose.yml
$ wget https://raw.githubusercontent.com/Clivern/Lynx/main/nginx-cluster.conf \
    -O nginx.conf

$ docker-compose up -d

Here is a video demonstration

Manual Installation

Please check this guide for a manual setup on Ubuntu server.

Important Links

Name	Description
API Documentation	https://lynx.apidocumentation.com/reference
Bug Tracker	Submit issues on GitHub
Security Issues	Submit security vulnerability on GitHub
Contributing	Read the contribution guide here

License

Lynx is authored and maintained by @clivern.

lynx's People

Contributors

Stargazers

Watchers

Forkers

taraio jsvitolo navendu-creator ankek disappointingsupernova manhvu

lynx's Issues

Feature request: Workspace

Is your feature request related to a problem? Please describe.
That would be great to have same structure like in Terraform Cloud:
Project -> Terraform Workspace -> Environment

Describe the solution you'd like
Project is very basic and very high level of Software development. In one project we may have a few applications, each deployed in specific environment. That would be great to have intermediate level of grouping and management like Workspace

Additional context
Please find more details in Terraform Cloud doc. https://developer.hashicorp.com/terraform/cloud-docs/workspaces

Track changes within a project and show it in the dashboard

Is your feature request related to a problem? Please describe.
I would love to see changes made within a project in the dashboard. something like

User A created a new environment
User B update environment from v1 to v2
User C took a snapshot of project C

Update terraform credentials tab to use environment variables

Simplify Terrform Backend configuration

Current configuration of TF Backend.
backend "http" {
username = "hs2d21pk"
password = "pO(BwDTjs5ND"
address = "http://localhost:4000/client/clivern/monitoring/prod/state"
lock_address = "http://localhost:4000/client/clivern/monitoring/prod/lock"
unlock_address = "http://localhost:4000/client/clivern/monitoring/prod/unlock"
lock_method = "POST"
unlock_method = "POST"
}

Desired configuration of TF Backend.

terraform {
backend "remote" {
hostname = "http://localhost:4000/api_path"
organization = "company"
token = "tXXkgPPOYDk4Sx5wxWtrXT4qPZxYq72yqOe2HpUQNjedW"
workspaces {
name = "clivern-monitoring-prod" # ${project}-${workspace}-${environment}
}
}

Additional context
I want to propose you use "remote" backend instead of "http". There are a lot of benefits like:

No need to create unique username and password for each environment in Project. Mostly project managed by team and you can create "team" token for authentication and authorization within team creation. Segregation and isolation resources created in one project could be based on environment definition (or workspace+environment, if you would have a will/chance/etc. to do this (-: ).
No need to redefine it in back-end configurations each time.
This is very brief explanation. Feel free to ping me if you will needed more details.
Please find more details in

Docker Compose: Module Lynx.Repo.Migrations.CreateConfigs is already compiled

Describe the bug
A clear and concise description of what the bug is.

Development or production environment

OS: Docker

Additional context


user@computer Terraform-Lynx % docker compose up --abort-on-container-exit
[+] Running 7/7
 ✔ app 6 layers [⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                                            14.8s 
   ✔ 70ba6f391a98 Already exists                                                                                            0.0s 
   ✔ 03253c46bc5e Pull complete                                                                                             9.5s 
   ✔ 70b3bbd10c18 Pull complete                                                                                             0.7s 
   ✔ 40eef8e53e37 Pull complete                                                                                             1.4s 
   ✔ 5d19a66e937c Pull complete                                                                                             4.8s 
   ✔ 2974444833c0 Pull complete                                                                                             4.2s 
[+] Running 4/3
 ✔ Container terraform-lynx-nginx-1                                                                                                                   Created0.5s     Created                                                                                0.0s 
 ✔ Container terraform-lynx-db-1                                                                                                                      Created0.0s 
 ✔ Container terraform-lynx-app-1                                                                                                                     Recreated0.5s 
 ! app The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested 0.0s 
Attaching to app-1, db-1, nginx-1
db-1     | 
db-1     | PostgreSQL Database directory appears to contain a database; Skipping initialization
db-1     | 
nginx-1  | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
nginx-1  | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
nginx-1  | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
db-1     | 2024-05-26 21:53:28.541 UTC [1] LOG:  starting PostgreSQL 16.3 (Debian 16.3-1.pgdg120+1) on aarch64-unknown-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
db-1     | 2024-05-26 21:53:28.541 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
db-1     | 2024-05-26 21:53:28.541 UTC [1] LOG:  listening on IPv6 address "::", port 5432
nginx-1  | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
db-1     | 2024-05-26 21:53:28.552 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
nginx-1  | 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
nginx-1  | /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
db-1     | 2024-05-26 21:53:28.573 UTC [29] LOG:  database system was shut down at 2024-05-26 21:52:58 UTC
nginx-1  | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
nginx-1  | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
nginx-1  | /docker-entrypoint.sh: Configuration complete; ready for start up
db-1     | 2024-05-26 21:53:28.583 UTC [1] LOG:  database system is ready to accept connections
app-1    | ** (ArgumentError) could not call Module.put_attribute/3 because the module Lynx.Repo.Migrations.CreateConfigs is already compiled
app-1    |     (elixir 1.16.1) lib/module.ex:2360: Module.assert_not_readonly!/2
app-1    |     (elixir 1.16.1) lib/module.ex:2041: Module.__put_attribute__/5
app-1    |     /app/lib/lynx-0.11.7/priv/repo/migrations/20230304233120_create_users.exs:6: (module)
app-1 exited with code 1
Aborting on container exit...
[+] Stopping 3/3
 ✔ Container terraform-lynx-nginx-1  Stopped                                                                                0.2s 
 ✔ Container terraform-lynx-app-1    Stopped                                                                                0.0s 
 ✔ Container terraform-lynx-db-1     Stopped                                                                                0.1s

Unhealthy container because of lack of curl package in docker image

When I launch docker-compose from master, container is unhealthy. This is caused by lack of curl package in
docker image.

Support the edit actions in the dashboard

Create Helm Chart for K8s Deployment

Is your feature request related to a problem? Please describe.

As a DevOps Engineer, I have a given base Infrastructure on hand where I want to deploy this software to deploy another cluster with terraform in the cloud.

Describe the solution you'd like

...so I need to deploy it inside my existing cluster via helm. So, I don't want to define my own Kubernetes resources, so I would appreciate it, if we could share one resource definition for this inside the community

Additional context

Add any other context or screenshots about the feature request here.

Move documentation to Jekyll website

Creation of Environment fails with Message status "uuid: can't be blank"

Describe the bug
Issue with creating Environment in Project. Creation of Environment always fails with Message status "uuid: can't be blank"

Development or production environment
Docker image: clivern/lynx:0.11.8
TF Provider version: Clivern/lynx 0.3.0

Additional context
Return error "uuid: can't be blank" for Web UI and Terraform provider

TF Output:
lynx_environment.prod: Creating...
╷
│ Error: Client Error
│
│ with lynx_environment.prod,
│ on main.tf line 16, in resource "lynx_environment" "prod":
│ 16: resource "lynx_environment" "prod" {
│
│ Unable to create environment, got error: status: 400, body: {"errorMessage":"uuid: can't be blank"}

Support SQLite as a database

Is your feature request related to a problem? Please describe.
Add support for sqlite using ecto_sqlite3 https://github.com/elixir-sqlite/ecto_sqlite3

Upload production ready docker image to ghcr

Dependency for #59

CI/CD Pipeline has to upload docker image into the ghcr so it is pullable by helm or to easy deployment without pulling the whole repo

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Detected dependencies

bundler

docs/Gemfile

webrick "~> 1.8"

docker-compose

docker-compose-cluster.yml

clivern/lynx 0.11.15

clivern/lynx 0.11.15

clivern/lynx 0.11.15

postgres 16.4

nginx 1.25.4-alpine3.18

docker-compose-nginx.yml

clivern/lynx 0.11.15

postgres 16.4

nginx 1.25.4-alpine3.18

docker-compose.yml

clivern/lynx 0.11.15

postgres 16.4

dockerfile

Dockerfile

github-actions

.github/workflows/docker.yml

actions/checkout v4

docker/login-action 3b8fed7e4b60203b2aa0ecc6c6d6d91d12c06760

docker/metadata-action 70b2cdc6480c1a8b86edf1777157f8f437de2166

docker/build-push-action 5cd11c3a4ced054e52742c5fd54dca954e0edd85

.github/workflows/server_ci.yml

actions/checkout v3

erlef/setup-beam v1

mix

mix.exs

phoenix ~> 1.6.13

phoenix_ecto ~> 4.4

ecto_sql ~> 3.6

postgrex >= 0.0.0

phoenix_html ~> 3.0

phoenix_live_reload ~> 1.2

phoenix_live_view ~> 0.17.5

floki >= 0.30.0

phoenix_live_dashboard ~> 0.6

esbuild ~> 0.7

swoosh ~> 1.3

telemetry_metrics ~> 0.6

telemetry_poller ~> 1.0

gettext ~> 0.25

jason ~> 1.4

plug_cowboy ~> 2.5

bcrypt_elixir ~> 3.0

terraform

example/main.tf

time 0.12.1

hashicorp/terraform >= 1.3.7

Check this box to trigger a request for Renovate to run again on this repository

Avoid repo clone to deploy Lynx

Depends on: #60 , #59 (optional)

As a user of Lynx, I just want to deploy this application via portainer or helm and don't clone the code locally.
Therefore I need an updated Readme File to simplify the deployment process