Production CLI Commands

Essential CLI commands for deploying and managing nself in production environments with security, monitoring, and maintenance capabilities.

Production Deployment

`nself prod`

Generate production configuration with secure secrets:

# Generate production configuration
nself prod

# This creates:
# - .env.prod-template (production config template)
# - .env.prod-secrets (backup of generated secrets)

# Generated files:
# .env.prod-template - Ready-to-use production configuration
# .env.prod-secrets - Backup copy of generated secrets

# Generated secrets include:
# - Cryptographically secure passwords
# - JWT secrets and keys
# - API keys and tokens
# - Database connection strings

# Next steps:
# 1. Review and edit .env.prod-template
# 2. Update domain and email settings
# 3. Copy to .env: cp .env.prod-template .env
# 4. Deploy: nself up

System Management

`nself update`

Update nself to the latest version:

# ✓ Update to latest version
nself update

# ✓ Check current version
nself version

`nself status` (Planned)

Check comprehensive system status (planned for future release):

# Currently use Docker commands:
docker ps                       # View running containers
docker ps --format "table {{.Names}}	{{.Status}}	{{.Ports}}"

# Planned features for future release:
# nself status                  # Basic status check
# nself status --verbose        # Detailed status
# nself status postgres         # Check specific service

Health Monitoring

`nself doctor` (Planned)

Run comprehensive health checks (planned for future release):

# Currently use Docker and system commands:
docker ps -a                    # Check container status
docker-compose ps               # Check compose services
df -h                          # Check disk space
docker system df               # Check Docker disk usage

# Planned features for future release:
# nself doctor                  # Full system health check
# nself doctor --quick          # Quick health check
# nself doctor --check docker,database,ssl

`nself logs` (Planned)

Access and monitor service logs (planned for future release):

# Currently use Docker commands:
docker logs [container-name]              # View logs
docker logs -f [container-name]           # Follow logs
docker logs --tail 100 [container-name]   # Last 100 lines
docker-compose logs                       # All service logs

# Examples:
docker logs postgres
docker logs hasura
docker logs -f hasura --tail 50

# Planned features for future release:
# nself logs                    # View all service logs
# nself logs -f                 # Follow logs in real-time
# nself logs postgres           # View specific service logs

Performance Monitoring

`nself resources` (Planned)

Monitor resource usage (planned for future release):

# Currently use Docker commands:
docker stats                    # Real-time resource usage
docker stats --no-stream       # One-time snapshot

# Check disk usage:
df -h                          # System disk usage
docker system df               # Docker disk usage
du -sh /var/lib/docker        # Docker directory size

# Planned features for future release:
# nself resources               # View resource usage
# nself resources --watch       # Continuous monitoring
# nself resources --alert cpu:80 memory:1GB

`nself metrics`

Collect performance metrics:

# Collect system metrics
nself metrics

# Export metrics for monitoring systems
nself metrics --export prometheus
nself metrics --export grafana

# Database performance metrics
nself metrics --db

# Custom metrics collection
nself metrics --config metrics.yml

Backup and Recovery

`nself backup`

Create system backups:

# Create full system backup
nself backup

# Database only backup
nself db backup

# Include configuration files
nself backup --include-config

# Compressed backup
nself backup --compress

# Remote backup to S3
nself backup --remote s3://my-backups/nself/

`nself restore`

Restore from backups:

# Restore from latest backup
nself restore

# Restore from specific backup
nself restore --from backup-20250806-140000

# Restore database only
nself db restore backup.sql

# Restore with verification
nself restore --verify

Security Commands

`nself security`

Security auditing and hardening:

# Run security audit
nself security audit

# Check for vulnerabilities
nself security scan

# Update security configurations
nself security harden

# Generate new secrets
nself security rotate-secrets

# SSL certificate management
nself security ssl-renew
nself security ssl-status

`nself encrypt`

Data encryption utilities:

# Encrypt sensitive files
nself encrypt .env.prod

# Decrypt files
nself decrypt .env.prod.enc

# Rotate encryption keys
nself encrypt rotate-keys

Maintenance Commands

`nself cleanup`

System cleanup and optimization:

# Clean up unused resources
nself cleanup

# Deep clean (removes old images, volumes)
nself cleanup --deep

# Clean specific components
nself cleanup docker
nself cleanup logs
nself cleanup backups

# Dry run (show what would be cleaned)
nself cleanup --dry-run

`nself optimize`

Performance optimization:

# Optimize database performance
nself optimize database

# Optimize Docker images
nself optimize images

# Full system optimization
nself optimize --all

# Generate optimization report
nself optimize --report

Configuration Management

`nself config`

Production configuration management:

# Validate configuration
nself config validate

# Show configuration (sanitized)
nself config show

# Update configuration value
nself config set POSTGRES_MAX_CONNECTIONS 200

# Generate new configuration template
nself config generate --environment production

# Import configuration from file
nself config import production.env

# Export configuration
nself config export --sanitize > config-backup.env

Service Management

`nself scale`

Scale services for production load:

# Scale specific service
nself scale hasura 3

# Auto-scale based on load
nself scale --auto

# Scale all services
nself scale --replicas 2

# Scale with resource limits
nself scale hasura 3 --memory 512MB --cpu 0.5

`nself reload`

Reload services without downtime:

# Reload specific service
nself reload hasura

# Reload configuration
nself reload --config

# Rolling reload (zero downtime)
nself reload --rolling

Network and Connectivity

`nself network`

Network diagnostics and configuration:

# Test network connectivity
nself network test

# Show network configuration
nself network show

# Test external connectivity
nself network test-external

# Diagnose network issues
nself network diagnose

Automated Scripts

Production Deployment Script

#!/bin/bash
# production-deploy.sh

set -e

echo "🚀 Starting production deployment..."

# Backup current state
echo "Creating backup..."
nself backup --name "pre-deploy-$(date +%Y%m%d-%H%M%S)"

# Update system
echo "Updating nself..."
nself update

# Deploy new version
echo "Deploying services..."
nself prod
cp .env.prod-template .env
nself build
nself up --no-deps

# Run health checks
echo "Running health checks..."
sleep 30
nself doctor

# Verify deployment
if nself status --check; then
    echo "✅ Deployment successful!"
else
    echo "❌ Deployment failed, rolling back..."
    nself restore
    exit 1
fi

Monitoring Script

#!/bin/bash
# monitor.sh - Add to cron for continuous monitoring

# Check system health
if ! nself doctor --quick; then
    echo "Health check failed" | mail -s "nself Alert" admin@example.com
fi

# Check resource usage
CPU_USAGE=$(nself resources --format json | jq '.total.cpu')
if (( $(echo "$CPU_USAGE > 80" | bc -l) )); then
    echo "High CPU usage: $CPU_USAGE%" | mail -s "nself Resource Alert" admin@example.com
fi

# Check disk space
DISK_USAGE=$(df / | tail -1 | awk '{print $5}' | sed 's/%//')
if [ "$DISK_USAGE" -gt 85 ]; then
    nself cleanup --auto
fi

# Rotate logs
find logs/ -name "*.log" -mtime +7 -delete

Integration with CI/CD

GitHub Actions Example

# .github/workflows/deploy.yml
name: Deploy to Production
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      
      - name: Install nself
        run: |
          curl -fsSL https://raw.githubusercontent.com/acamarata/nself/main/install.sh | bash
          
      - name: Deploy to production
        run: |
          echo "${{ secrets.ENV_PROD }}" > .env
          nself build
          nself up --detach
          
      - name: Health check
        run: |
          sleep 30
          nself doctor

Best Practices

Automated Backups - Schedule regular database and system backups
Health Monitoring - Run nself doctor regularly via cron
Resource Monitoring - Monitor CPU, memory, and disk usage
Log Management - Implement log rotation and retention policies
Security Updates - Keep nself and Docker images updated
Testing - Test backup restoration procedures regularly
Alerts - Set up alerts for critical system events
Documentation - Document your production setup and procedures

Production CLI Commands

Production Deployment

nself prod

System Management

nself update

nself status (Planned)

Health Monitoring

nself doctor (Planned)

nself logs (Planned)

Performance Monitoring

nself resources (Planned)

nself metrics