* Add systemd-based deployment support
- micro init --server: Initialize server to receive deployments
- Creates /opt/micro/{bin,data,config} directories
- Generates systemd template unit (micro@.service)
- Creates 'micro' system user
- micro deploy: Deploy services via SSH + systemd
- Builds linux/amd64 binaries automatically
- Copies via rsync/scp to server
- Manages services via systemctl
- Helpful error messages for common issues
- micro status --remote: Check remote service status
- micro logs --remote: Stream remote logs via journalctl
- micro stop --remote: Stop services on remote server
- Config: Added 'deploy' blocks to micro.mu for named targets
The deployment model:
- systemd is the process supervisor (battle-tested)
- SSH is the transport (standard, secure)
- No custom daemons or platforms needed
Co-authored-by: Shelley <shelley@exe.dev>
* Add deployment documentation
- docs/deployment.md: Comprehensive guide for server deployment
- README.md: Updated deployment section with full workflow
Co-authored-by: Shelley <shelley@exe.dev>
* Add deployment section to CLI documentation
Co-authored-by: Shelley <shelley@exe.dev>
* Fix systemd template escaping and rsync permission warnings
- Fix %i escaping in systemd template (was being interpreted by fmt.Sprintf)
- Handle rsync exit code 23/24 gracefully (metadata permission warnings)
- Add --omit-dir-times to rsync to avoid directory timestamp errors
Co-authored-by: Shelley <shelley@exe.dev>
* Add install script for micro CLI
Co-authored-by: Shelley <shelley@exe.dev>
* Fix non-constant format string in deploy error
Co-authored-by: Shelley <shelley@exe.dev>
---------
Co-authored-by: Shelley <shelley@exe.dev>
micro build:
- Default: builds Go binaries to ./bin/
- Cross-compile with --os and --arch
- Docker is optional via --docker flag
micro deploy:
- Requires --ssh user@host
- Copies pre-built binaries (if ./bin/ exists)
- Or syncs source and builds on remote
- No Docker dependency
Go binaries are self-contained. No runtime needed.
Co-authored-by: Shelley <shelley@exe.dev>
* fix: remove deprecated rand.Seed calls
Go 1.20+ automatically seeds the global random number generator.
These calls are no-ops and generate warnings with newer Go versions.
Removed from:
- selector/strategy.go
- registry/cache/cache.go
- broker/memory.go
- broker/http.go
- cmd/cmd.go
- transport/memory.go
Co-authored-by: Shelley <shelley@exe.dev>
* fix: handle previously ignored errors
- MySQL store: properly handle prepared statement errors in initDB()
- Consul registry: handle client creation errors in Client() method
These silent failures could cause hard-to-debug issues in production.
Co-authored-by: Shelley <shelley@exe.dev>
* feat(genai): improve provider interface with context and streaming
Breaking changes:
- Generate() and Stream() now require context.Context as first parameter
- Stream.Close() added for proper resource cleanup
Improvements:
- Proper context support for cancellation and timeouts
- Real SSE streaming for OpenAI and Gemini text generation
- Better error handling with wrapped errors and API error responses
- Thread-safe provider registry with sync.RWMutex
- New options: WithMaxTokens, WithTemperature, WithTimeout
- Stream has proper Close() method for cleanup
- Results can include Error field for per-chunk errors
Provider updates:
- OpenAI: true streaming with SSE parsing, proper HTTP client with timeout
- Gemini: true streaming with streamGenerateContent endpoint
- Default model updated to gpt-4o-mini (OpenAI) and gemini-2.0-flash (Gemini)
Co-authored-by: Shelley <shelley@exe.dev>
* feat(tls): make TLS secure by default, configurable via environment
BREAKING: TLS now verifies certificates by default. Set MICRO_TLS_INSECURE=true
to restore previous behavior (NOT recommended for production).
Changes:
- Add util/tls.Config(), SecureConfig(), InsecureConfig(), ConfigFromEnv() helpers
- Update all components to use ConfigFromEnv() instead of hardcoded InsecureSkipVerify
- Set MinVersion to TLS 1.2 for all TLS configs
Affected components:
- broker/http
- broker/rabbitmq
- registry/etcd
- registry/consul
- transport/grpc
This improves security posture while allowing opt-out for development environments.
Co-authored-by: Shelley <shelley@exe.dev>
* feat(tls): add TLS helpers with opt-in secure mode
NOT a breaking change - keeps InsecureSkipVerify=true as default for
local development compatibility.
New util/tls helpers:
- Config() - returns config based on MICRO_TLS_SECURE env var
- SecureConfig() - certificate verification enabled
- InsecureConfig() - certificate verification disabled (dev only)
For production security, use one of:
- Set MICRO_TLS_SECURE=true with proper CA-signed certs
- Use a service mesh (Istio, Linkerd) for automatic mTLS
- Configure TLSConfig directly with your certificates
Also: Changed CLI alias from 'g' to 'gen' for clarity
- micro generate handler -> micro gen handler
Co-authored-by: Shelley <shelley@exe.dev>
* refactor(cli): rename generate directory to gen for consistency
Directory name now matches the command alias:
cmd/micro/cli/gen/ -> micro gen handler
Co-authored-by: Shelley <shelley@exe.dev>
---------
Co-authored-by: Shelley <shelley@exe.dev>
Asim Aslam
Copilot
Niek den Breeje