feat: research on potential tools for the new installer

Author: josecelano

docs/redesign/phase2-analysis/07-summary-and-recommendations.md

@@ -87,4 +87,3 @@ proof of concept but must be addressed in a production-grade system.
   distributed-systems approach.
 - **Insecure Secret Handling**: Integrate a proper secrets management tool.
 - **Lack of Idempotency**: Ensure all automation scripts are fully idempotent.
-

docs/redesign/phase3-design/01-integrated-toolchain-workflow.md

@@ -0,0 +1,149 @@
+# Integrated Toolchain Workflow Proposal
+
+This document outlines a proposed workflow that combines the recommended tools
+(Ansible, Tera, SOPS, OpenTofu) into a cohesive, modern installer for the
+Torrust Tracker.
+
+## 🎯 Design Goals
+
+- **Automation**: Achieve 90%+ automation for a fresh deployment.
+- **Simplicity**: The user interaction should be as simple as `make deploy-local` or
+  `make deploy-production`.
+- **Security**: Secrets are managed securely using SOPS and are never stored in plaintext in
+  the repository.
+- **Flexibility**: The architecture supports multiple providers (libvirt, Hetzner, AWS) and
+  environments (local, staging, production).
+- **Idempotency**: Running the deployment process multiple times results in the same state.
+
+## Proposed Workflow
+
+The deployment is broken down into four distinct stages, orchestrated by a root `Makefile`.
+
+```mermaid
+graph TD
+    subgraph User Interaction
+        A[1. Configure Environment: <br> `local.env` or `production.env`] --> B{`make deploy`};
+    end
+
+    subgraph Stage 1: Build & Package [Local Machine]
+        B --> C{Tera <br> `render_configs.sh`};
+        D[SOPS <br> `secrets.enc.yaml`] --> C;
+        C --> E[Build Artifact <br> `build/deployment-package.tar.gz`];
+    end
+
+    subgraph Stage 2: Provision Infrastructure [IaC]
+        B --> F{OpenTofu <br> `tofu apply`};
+        F --> G[Provisioned VM <br> (e.g., Hetzner Cloud)];
+        F --> H[Ansible Inventory <br> `inventory.ini`];
+    end
+
+    subgraph Stage 3: Deploy & Configure [Remote VM]
+        E --> I{Ansible Playbook <br> `deploy_application.yml`};
+        H --> I;
+        I --> J[Copy Artifact & Unpack];
+        J --> K[Configure System <br> (Firewall, Docker)];
+        K --> L[Start Docker Services <br> `docker compose up`];
+    end
+
+    subgraph Stage 4: Validation
+        L --> M[Run Health Checks];
+    end
+
+    style A fill:#f9f,stroke:#333,stroke-width:2px
+    style E fill:#bbf,stroke:#333,stroke-width:2px
+    style G fill:#bbf,stroke:#333,stroke-width:2px
+    style L fill:#bbf,stroke:#333,stroke-width:2px
+```
+
+### Stage 1: Build & Package (Local Machine)
+
+This stage runs on the contributor's local machine and prepares a self-contained deployment
+artifact.
+
+1. **User Configuration**: The user defines their target environment by creating a `.env` file
+   (e.g., `cp env.template local.env`). This file contains all non-secret configuration
+   values like domain names, VM size, and feature flags.
+
+2. **Secrets Management (SOPS)**: All secrets (API keys, database passwords) are stored in an
+   encrypted YAML file, `secrets.enc.yaml`. This file can be safely committed to the
+   repository. The user decrypts it locally using their GPG key
+   (`sops -d secrets.enc.yaml > secrets.dec.yaml`).
+
+3. **Template Rendering (Tera)**: A build script (e.g., `scripts/build.sh`) uses **Tera** to
+   render all necessary configuration files from templates (`*.tpl`).
+
+   - It combines values from the user's `.env` file and the decrypted `secrets.dec.yaml`.
+   - **Output**: A `build/` directory containing the final, plaintext configuration files
+     (`tracker.toml`, `compose.yaml`, `prometheus.yml`, etc.).
+
+4. **Artifact Creation**: The `build/` directory is packaged into a single tarball
+   (`build/deployment-package.tar.gz`). This artifact is the only thing that will be
+   transferred to the target server.
+
+### Stage 2: Provision Infrastructure (Remote)
+
+This stage creates the remote server and prepares it for application deployment.
+
+1. **Infrastructure as Code (OpenTofu)**: `make infra-apply` triggers **OpenTofu**.
+
+   - OpenTofu reads the provider configuration (e.g., `hetzner.tf`) and variables from the
+     user's `.env` file.
+   - **Crucially**, it uses a minimal `cloud-init` to install only what's necessary for
+     Ansible to connect (e.g., Python).
+
+2. **Inventory Generation**: After provisioning, OpenTofu outputs the IP address of the new
+   VM into an **Ansible inventory file** (`inventory.ini`).
+
+   ```ini
+   [tracker]
+   torrust-tracker-demo ansible_host=123.45.67.89
+   ```
+
+### Stage 3: Deploy & Configure (Remote)
+
+This stage uses Ansible to configure the provisioned server and launch the application.
+
+1. **Ansible Playbook**: `make app-deploy` runs the main **Ansible playbook**
+   (`ansible/deploy.yml`).
+
+2. **Artifact Transfer**: The first step in the playbook is to copy the
+   `build/deployment-package.tar.gz` to the remote server and unpack it into `/opt/torrust/`.
+
+3. **System Configuration**: The playbook performs system-level setup:
+
+   - Installs Docker and Docker Compose.
+   - Configures the firewall (UFW), SSH hardening (fail2ban), and system services.
+   - Sets up persistent storage directories and permissions.
+
+4. **Application Launch**: The final step is to run `docker compose up -d` using the
+   rendered `compose.yaml` from the artifact. All services start up, configured with the
+   correct secrets and settings.
+
+### Stage 4: Validation & Monitoring
+
+This final stage ensures the deployment is healthy and observable.
+
+1. **Health Checks**: An Ansible task runs health checks against the deployed services:
+
+   - Pings API endpoints (`/api/health_check`).
+   - Verifies database connectivity.
+   - Checks that all containers are running.
+
+2. **Monitoring**: The deployed stack includes Prometheus and Grafana for monitoring.
+   - Prometheus scrapes metrics from the tracker.
+   - Grafana provides dashboards for visualizing tracker performance.
+
+## Tool Interaction Summary
+
+- **Makefile**: The main entry point, orchestrating all stages.
+- **SOPS**: Manages secrets, decrypting them for use during the build stage.
+- **Tera**: Renders configuration templates using data from `.env` files and decrypted secrets.
+- **OpenTofu**: Provisions the raw infrastructure and prepares it for Ansible.
+- **Ansible**: Handles all configuration management on the target machine, ensuring the
+  application is deployed consistently and correctly.
+
+This workflow provides a clear separation of concerns:
+
+- **Building**: Creating a deployable artifact from source (Tera).
+- **Provisioning**: Creating the required cloud infrastructure (OpenTofu).
+- **Configuration**: Applying environment-specific settings and secrets (SOPS + Ansible).

docs/redesign/phase3-design/research/tools-evaluation.md

@@ -0,0 +1,187 @@
+# Tools Evaluation for Torrust Tracker Redesign
+
+This document provides a high-level evaluation of potential tools that could fit into
+the new design of the Torrust Tracker deployment system.
+
+## 1. Configuration Management: Ansible
+
+### Overview
+
+Ansible is an open-source automation tool that automates software provisioning,
+configuration management, and application deployment. It uses YAML for its playbooks,
+which makes it relatively easy to read and write.
+
+### Potential Fit
+
+- **Strengths**:
+
+  - **Agentless**: No need to install any client software on the managed nodes.
+  - **Idempotent**: Ensures that running a playbook multiple times will result in the
+    same system state.
+  - **Large Community**: A vast number of pre-built modules and roles are available.
+  - **Good for Orchestration**: Can manage complex workflows across multiple servers.
+
+- **Weaknesses**:
+
+  - **Performance**: Can be slower than agent-based systems for a large number of
+    nodes.
+  - **YAML Complexity**: While easy to start, complex logic can make YAML files hard
+    to manage.
+
+- **Use Case for Torrust**:
+  - Could replace many of the existing shell scripts for application configuration
+    and deployment (`deploy-app.sh`).
+  - Could manage the setup of the tracker, nginx, prometheus, etc., in a more
+    structured way than cloud-init alone.
+
+## 2. Build System: Meson
+
+### Overview
+
+Meson is an open-source build system that is designed to be both fast and
+user-friendly. It uses a simple, non-Turing-complete DSL to define builds.
+
+### Potential Fit
+
+- **Strengths**:
+
+  - **Fast**: Designed for speed, both in configuration and build execution.
+  - **Cross-Platform**: Excellent support for building on different operating systems.
+  - **User-Friendly**: The syntax is generally considered easier to learn than
+    Makefiles or CMake.
+
+- **Weaknesses**:
+
+  - **Less Common**: Not as widespread as Make or CMake, so there's a smaller
+    community.
+
+- **Use Case for Torrust**:
+  - While the current project is more about deployment than building from source, if
+    the new design involves compiling components (like the tracker itself or other
+    tools), Meson could be a modern alternative to the current `Makefile`-based
+    system. It might be overkill if we are only orchestrating Docker containers.
+
+## 3. Templating Libraries
+
+The current system uses `envsubst` for templating. While effective, more powerful
+templating engines could provide more flexibility.
+
+### Potential Options
+
+- **Jinja2 (via Python)**:
+
+  - **Strengths**: Very powerful, with loops, conditionals, filters, and macros.
+    Widely used in tools like Ansible.
+  - **Weaknesses**: Requires a Python environment to run.
+
+- **Go Templates**:
+
+  - **Strengths**: Built into Go, so it's fast and has no external dependencies if we
+    use Go for our tooling.
+  - **Weaknesses**: Syntax can be more verbose than Jinja2.
+
+- **Tera (Rust)**:
+
+  - **Strengths**: A powerful templating engine for Rust, inspired by Jinja2. If we
+    build our deployment tools in Rust, this is a natural fit.
+  - **Weaknesses**: Requires a Rust environment.
+
+- **Use Case for Torrust**:
+  - A better templating engine could simplify the generation of complex
+    configuration files like `nginx.conf` or `prometheus.yml`, especially if we
+    need to support multiple providers with different configurations.
+
+## 4. Secrets Management
+
+Currently, secrets are managed via environment variables in git-ignored files. This
+is a good baseline, but more robust solutions exist.
+
+### Potential Options
+
+- **HashiCorp Vault**:
+
+  - **Strengths**: A dedicated secrets management tool. Provides dynamic secrets,
+    leasing, and auditing. The industry standard for secrets management.
+  - **Weaknesses**: Adds another service to manage and maintain. Can be complex to set
+    up.
+
+- **SOPS (Secrets OPerationS)**:
+
+  - **Strengths**: Encrypts values in YAML/JSON files. The encrypted file can be
+    committed to git, and decrypted at deployment time using KMS, GPG, etc.
+  - **Weaknesses**: Requires setting up GPG keys or cloud KMS.
+
+- **Ansible Vault**:
+
+  - **Strengths**: Integrated with Ansible. Allows encrypting variables or entire
+    files within an Ansible project.
+  - **Weaknesses**: Tied to using Ansible.
+
+- **Use Case for Torrust**:
+  - For the goal of a simple, automated deployment for a single server, a
+    full-blown Vault instance is likely overkill.
+  - **SOPS** could be a very good fit. It would allow us to have a single,
+    encrypted `secrets.yaml` file per environment that can be safely stored in git,
+    simplifying configuration management.
+
+## 5. Infrastructure as Code (IaC)
+
+The current system uses a combination of shell scripts and manual steps to provision
+infrastructure. Adopting a proper IaC tool would be a significant improvement.
+
+### Potential Options
+
+- **Terraform**:
+
+  - **Strengths**: The industry standard for IaC. Supports a vast number of
+    providers. Large community and extensive documentation.
+  - **Weaknesses**: Can be complex. The recent license change to BSL is a concern
+    for some.
+
+- **OpenTofu**:
+
+  - **Strengths**: A fork of Terraform, created in response to the license change.
+    It is open-source and community-driven. It is a drop-in replacement for
+    Terraform.
+  - **Weaknesses**: Younger than Terraform, so the community is smaller.
+
+- **Pulumi**:
+
+  - **Strengths**: Allows defining infrastructure using general-purpose programming
+    languages like Python, Go, TypeScript, etc. This can be a significant
+    advantage for teams that are more comfortable with these languages than with
+    HCL.
+  - **Weaknesses**: Smaller community than Terraform.
+
+- **Use Case for Torrust**:
+  - The goal is to automate the provisioning of the server, DNS records, and other
+    infrastructure components. Both Terraform and OpenTofu are excellent choices for
+    this.
+  - Given the project's open-source nature, **OpenTofu** might be a better fit to
+    avoid any future licensing issues.
+  - Pulumi is also a strong contender, especially if the team prefers to use a
+    general-purpose programming language.
+
+## 6. Summary of Recommendations
+
+Based on the evaluation, here is a summary of the recommended tools for the new
+Torrust Tracker deployment system:
+
+- **Configuration Management**: **Ansible** is the recommended choice. Its
+  agentless nature and idempotency are well-suited for this project. It can
+  replace the existing shell scripts and provide a more structured way to manage
+  the application configuration.
+
+- **Build System**: **Meson** is a good option if the project requires compiling
+  components. However, if the project is only orchestrating Docker containers, it
+  might be overkill.
+
+- **Templating**: **Tera** is the recommended choice if the deployment tools are
+  built in Rust. Otherwise, **Jinja2** is a solid alternative.
+
+- **Secrets Management**: **SOPS** is the recommended choice. It allows encrypting
+  secrets in a file that can be committed to git, which simplifies configuration
+  management.
+
+- **Infrastructure as Code**: **OpenTofu** is the recommended choice. It is a
+  drop-in replacement for Terraform and is open-source and community-driven.

project-words.txt

@@ -104,6 +104,7 @@ poweroff
 prereq
 privkey
 publickey
+Pulumi
 pwauth
 Pydantic
 pytest
@@ -126,6 +127,7 @@ showcerts
 somaxconn
 sshpass
 Taplo
+Tera
 Terratest
 testpass
 testuser