Skip to content

dev-guy/CommandStudio

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Command Studio

!Warning! this is not meant for production since the goal of this project is remote code execution. For learning purposes only.

Configure and monitor the remote execution of remote shell commands with the abilty to pass secrets to them. Secrets are encrypted at rest.

Technologies

UX

The React application lets users:

  • Define commands (shell scripts) to run with constraints (currently only maximum execution time). Secrets can be emedded in commands by referring to them by name, such as $secret_name.
  • Define execution environments
  • Manage encrypted secrets that can be embedded into commands securely
    • They don't appear, for example, in history files or ps
    • Secrets can have one value per environment
  • Schedule commands to run on specified environments using crontab expressions
  • Monitor command execution events with filters and pagination
  • View additional details via Oban Web

Command Studio UI CommandStudio Oban Web panel

Installation

1. Install Postgres

brew install postgresql@18

2. Install Elixir

brew install elixir

Verify:

elixir --version
mix --version

3. Install nvm

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash

Reload your shell:

source ~/.nvm/nvm.sh

4. Clone the repository

git clone https://github.com/dev-guy/CommandStudio.git
cd CommandStudio

5. Install NodeJS

cd webapp/studio
nvm install
nvm use
node -v

6. Install dependencies

Backend:

cd phoenix
mix deps.get

Frontend:

cd webapp/studio
npm install

7. Prepare the database

cd phoenix
mix setup

8. Add the admin user

The admin user is admin@example.com

cd phoenix
mix run priv/repo/seeds.exs

This command outputs a random password. Take a note of it.

9. Run the app

Start Phoenix:

cd phoenix
mix phx.server

Run the React UI:

cd webapp/studio
npm run dev

Usage

Go to:

AI-Assisted Development

Ash Highlights

  • The model has many to many relationships. These are harder than you might think.
  • Contains nontrivial searches with pagination
  • The AI assistant added password-based authentication via Ash Authentication plus username/password form + a logout menu in about 10 minutes. The most time I spent was deciding how I wanted the admin account to be seeded.

Ash + Oban Collaboration

The Command resource defines Ash generic actions (action :enqueue_run, :enqueue_run_in, :enqueue_run_force) that call Jobs.enqueue_command/2, and that function enqueues the Oban job via Oban.insert/1.

See the Mermaid sequence document: docs/ash-oban-sequence.md

Why use Oban? Oban is robust and has a fantastic operational UI. It has the following benefits that took years to perfect:

  • Durability: jobs are persisted in Postgres, so work survives restarts
  • Reliability: retries, backoff, and failure tracking are built in
  • Observability: Oban Web provides real-time queue and job introspection
  • Control: queue-level tuning and worker isolation keep execution predictable
  • It works with Ecto/Postgres

Project Creation

The following documents were generated with ChatGPT 5.2 and then fed into Codex 5.3 Medium:

Development did not start until AGENTS.md was generated via Usage_Rules.

React

  1. TanStack Start was initialized by Codex. However, manual installation is recommended.
  2. I didn't specify using class-variance-authority. Models already know about it.
  3. webapp/studio/eslint.config.js was configured with globalIgnores(['dist', 'src/lib/ash_rpc.ts']) so ESLint skips the generated Ash RPC client file. Otherwise, eslint will report many errors.

About

Elixir+Ash+Oban+React Shell Command Runner

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors