WIP

Merge pull request #1413 from basecamp/dependabot/bundler/bundler-fd41ac4d62
Bump rack from 3.1.8 to 3.1.10 in the bundler group across 1 directory
2025-03-03 15:52:50 +00:00 · 2025-03-03 14:49:37 +00:00 · 2025-02-27 10:27:27 +00:00 · 2025-02-27 09:42:57 +00:00 · 2025-02-21 13:23:08 +01:00 · 2025-02-12 19:26:36 +00:00
306 changed files with 14415 additions and 5548 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -4,25 +4,47 @@ on:
    branches:
      - main
  pull_request:
  workflow_dispatch:
 jobs:
  rubocop:
    name: RuboCop
    runs-on: ubuntu-latest
    env:
      BUNDLE_ONLY: rubocop
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Setup Ruby and install gems
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 3.3.0
          bundler-cache: true
      - name: Run Rubocop
        run: bundle exec rubocop --parallel
  tests:
    strategy:
      fail-fast: false
      matrix:
        ruby-version:
          - "2.7"
          - "3.1"
          - "3.2"
          - "3.3"
          - "3.4"
        gemfile:
          - Gemfile
          - gemfiles/rails_edge.gemfile
-        continue-on-error: [false]
+        exclude:
          - ruby-version: "3.1"
            gemfile: gemfiles/rails_edge.gemfile
    name: ${{ format('Tests (Ruby {0})', matrix.ruby-version) }}
    runs-on: ubuntu-latest
    continue-on-error: ${{ matrix.continue-on-error }}
    env:
      BUNDLE_GEMFILE: ${{ github.workspace }}/${{ matrix.gemfile }}
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
      - name: Remove gemfile.lock
        run: rm Gemfile.lock
      - name: Install Ruby
        uses: ruby/setup-ruby@v1
@@ -32,3 +54,5 @@ jobs:
      - name: Run tests
        run: bin/test
        env:
          RUBYOPT: ${{ startsWith(matrix.ruby-version, '3.4.') && '--enable=frozen-string-literal' || '' }}
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -1,6 +1,12 @@
 name: Docker
 on:
  workflow_dispatch:
    inputs:
      tagInput:
        description: 'Tag'
        required: true
  release:
    types: [created]
    tags:
@@ -29,6 +35,14 @@ jobs:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Determine version tag
        id: version-tag
        run: |
          INPUT_VALUE="${{ github.event.inputs.tagInput }}"
          if [ -z "$INPUT_VALUE" ]; then
            INPUT_VALUE="${{ github.ref_name }}"
          fi
          echo "::set-output name=value::$INPUT_VALUE"
      -
        name: Build and push
        uses: docker/build-push-action@v3
@@ -37,5 +51,5 @@ jobs:
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
-            ghcr.io/mrsked/mrsk:latest
+            ghcr.io/basecamp/kamal:latest
-            ghcr.io/mrsked/mrsk:${{ github.ref_name }}
+            ghcr.io/basecamp/kamal:${{ steps.version-tag.outputs.value }}
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -0,0 +1,2 @@
 inherit_gem:
  rubocop-rails-omakase: rubocop.yml
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -1,10 +1,10 @@
 # Contributor Code of Conduct
-As contributors and maintainers of the MRSK project, we pledge to create a welcoming and inclusive environment for everyone. We value the participation of each member of our community and want all contributors to feel respected and valued.
+As contributors and maintainers of the Kamal project, we pledge to create a welcoming and inclusive environment for everyone. We value the participation of each member of our community and want all contributors to feel respected and valued.
 We are committed to providing a harassment-free experience for everyone, regardless of gender, gender identity and expression, sexual orientation, disability, physical appearance, body size, race, age, or religion (or lack thereof). We do not tolerate harassment of participants in any form.
-This code of conduct applies to all MRSK project spaces, including but not limited to project code, issue trackers, chat rooms, and mailing lists. Violations of this code of conduct may result in removal from the project community.
+This code of conduct applies to all Kamal project spaces, including but not limited to project code, issue trackers, chat rooms, and mailing lists. Violations of this code of conduct may result in removal from the project community.
 ## Our standards
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,18 +1,18 @@
-# Contributing to MRSK development
+# Contributing to Kamal development
-Thank you for considering contributing to MRSK! This document outlines some guidelines for contributing to this open source project.
+Thank you for considering contributing to Kamal! This document outlines some guidelines for contributing to this open source project.
-Please make sure to review our [Code of Conduct](CODE_OF_CONDUCT.md) before contributing to MRSK.
+Please make sure to review our [Code of Conduct](CODE_OF_CONDUCT.md) before contributing to Kamal.
 There are several ways you can contribute to the betterment of the project:
- **Report an issue?** - If the issue isn’t reported, we can’t fix it. Please report any bugs, feature, and/or improvement requests on the [MRSK GitHub Issues tracker](https://github.com/mrsked/mrsk/issues).
+- **Report an issue?** - If the issue isn’t reported, we can’t fix it. Please report any bugs, feature, and/or improvement requests on the [Kamal GitHub Issues tracker](https://github.com/basecamp/kamal/issues).
- **Submit patches** - Do you have a new feature or a fix you'd like to share? [Submit a pull request](https://github.com/mrsked/mrsk/pulls)!
+- **Submit patches** - Do you have a new feature or a fix you'd like to share? [Submit a pull request](https://github.com/basecamp/kamal/pulls)!
- **Write blog articles** - Are you using MRSK? We'd love to hear how you're using it with your projects. Write a tutorial and post it on your blog!
+- **Write blog articles** - Are you using Kamal? We'd love to hear how you're using it with your projects. Write a tutorial and post it on your blog!
 ## Issues
-If you encounter any issues with the project, please check the [existing issues](https://github.com/mrsked/mrsk/issues) first to see if the issue has already been reported. If the issue hasn't been reported, please open a new issue with a clear description of the problem and steps to reproduce it.
+If you encounter any issues with the project, please check the [existing issues](https://github.com/basecamp/kamal/issues) first to see if the issue has already been reported. If the issue hasn't been reported, please open a new issue with a clear description of the problem and steps to reproduce it.
 ## Pull Requests
@@ -33,17 +33,17 @@ A good commit message should describe what changed and why.
 ## Development
-The `main` branch is regularly built and tested, but it is not guaranteed to be completely stable. Tags are created regularly from release branches to indicate new official, stable release versions of MRSK.
+The `main` branch is regularly built and tested, but it is not guaranteed to be completely stable. Tags are created regularly from release branches to indicate new official, stable release versions of Kamal.
-MRSK is written in Ruby. You should have Ruby 3.2+ installed on your machine in order to work on MRSK. If that's already setup, run `bundle` in the root directory to install all dependencies. Then you can run `bin/test` to run all tests.
+Kamal is written in Ruby. You should have Ruby 3.2+ installed on your machine in order to work on Kamal. If that's already setup, run `bundle` in the root directory to install all dependencies. Then you can run `bin/test` to run all tests.
 1. Fork the project repository.
 2. Create a new branch for your contribution.
 3. Write your code or make the desired changes.
 4. **Ensure that your code passes the project's minitests by running ./bin/test.**
 5. Commit your changes and push them to your forked repository.
-6. [Open a pull request](https://github.com/mrsked/mrsk/pulls) to the main project repository with a detailed description of your changes.
+6. [Open a pull request](https://github.com/basecamp/kamal/pulls) to the main project repository with a detailed description of your changes.
 ## License
-MRSK is released under the MIT License. By contributing to this project, you agree to license your contributions under the same license.
+Kamal is released under the MIT License. By contributing to this project, you agree to license your contributions under the same license.
--- a/27
+++ b/27
@@ -1,22 +1,21 @@
-# Use the official Ruby 3.2.0 Alpine image as the base image
+FROM ruby:3.4-alpine
 FROM ruby:3.2.0-alpine
 # Install docker/buildx-bin
 COPY --from=docker/buildx-bin /buildx /usr/libexec/docker/cli-plugins/docker-buildx
-# Set the working directory to /mrsk
+# Set the working directory to /kamal
-WORKDIR /mrsk
+WORKDIR /kamal
 # Copy the Gemfile, Gemfile.lock into the container
-COPY Gemfile Gemfile.lock mrsk.gemspec ./
+COPY Gemfile Gemfile.lock kamal.gemspec ./
-# Required in mrsk.gemspec
+# Required in kamal.gemspec
-COPY lib/mrsk/version.rb /mrsk/lib/mrsk/version.rb
+COPY lib/kamal/version.rb /kamal/lib/kamal/version.rb
 # Install system dependencies
-RUN apk add --no-cache --update build-base git docker openrc openssh-client-default \
+RUN apk add --no-cache build-base git docker openrc openssh-client-default yaml-dev \
    && rc-update add docker boot \
-    && gem install bundler --version=2.4.3 \
+    && gem install bundler --version=2.6.5 \
    && bundle install
 # Copy the rest of our application code into the container.
@@ -25,16 +24,16 @@ RUN apk add --no-cache --update build-base git docker openrc openssh-client-defa
 COPY . .
 # Install the gem locally from the project folder
-RUN gem build mrsk.gemspec && \
+RUN gem build kamal.gemspec && \
-    gem install ./mrsk-*.gem --no-document
+    gem install ./kamal-*.gem --no-document
 # Set the working directory to /workdir
 WORKDIR /workdir
 # Tell git it's safe to access /workdir/.git even if
 # the directory is owned by a different user
-RUN git config --global --add safe.directory /workdir
+RUN git config --global --add safe.directory '*'
 # Set the entrypoint to run the installed binary in /workdir
-# Example:  docker run -it -v "$PWD:/workdir" mrsk init
+# Example:  docker run -it -v "$PWD:/workdir" kamal init
-ENTRYPOINT ["mrsk"]
+ENTRYPOINT ["kamal"]
--- a/6
+++ b/6
@@ -1,4 +1,8 @@
-source 'https://rubygems.org'
+source "https://rubygems.org"
 git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 gemspec
 group :rubocop do
  gem "rubocop-rails-omakase", require: false
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,106 +1,196 @@
 PATH
  remote: .
  specs:
-    mrsk (0.13.2)
+    kamal (2.5.3)
      activesupport (>= 7.0)
      base64 (~> 0.2)
      bcrypt_pbkdf (~> 1.0)
-      dotenv (~> 2.8)
+      concurrent-ruby (~> 1.2)
      dotenv (~> 3.1)
      ed25519 (~> 1.2)
-      net-ssh (~> 7.0)
+      net-ssh (~> 7.3)
-      sshkit (~> 1.21)
+      sshkit (>= 1.23.0, < 2.0)
-      thor (~> 1.2)
+      thor (~> 1.3)
-      zeitwerk (~> 2.5)
+      zeitwerk (>= 2.6.18, < 3.0)
 GEM
  remote: https://rubygems.org/
  specs:
-    actionpack (7.0.4.3)
+    actionpack (8.0.0.1)
-      actionview (= 7.0.4.3)
+      actionview (= 8.0.0.1)
-      activesupport (= 7.0.4.3)
+      activesupport (= 8.0.0.1)
-      rack (~> 2.0, >= 2.2.0)
+      nokogiri (>= 1.8.5)
      rack (>= 2.2.4)
      rack-session (>= 1.0.1)
      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    actionview (7.0.4.3)
+      useragent (~> 0.16)
-      activesupport (= 7.0.4.3)
+    actionview (8.0.0.1)
      activesupport (= 8.0.0.1)
      builder (~> 3.1)
-      erubi (~> 1.4)
+      erubi (~> 1.11)
-      rails-dom-testing (~> 2.0)
+      rails-dom-testing (~> 2.2)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+      rails-html-sanitizer (~> 1.6)
-    activesupport (7.0.4.3)
+    activesupport (8.0.0.1)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      base64
      benchmark (>= 0.3)
      bigdecimal
      concurrent-ruby (~> 1.0, >= 1.3.1)
      connection_pool (>= 2.2.5)
      drb
      i18n (>= 1.6, < 2)
      logger (>= 1.4.2)
      minitest (>= 5.1)
-      tzinfo (~> 2.0)
+      securerandom (>= 0.3)
-    bcrypt_pbkdf (1.1.0)
+      tzinfo (~> 2.0, >= 2.0.5)
-    builder (3.2.4)
+      uri (>= 0.13.1)
-    concurrent-ruby (1.2.2)
+    ast (2.4.2)
    base64 (0.2.0)
    bcrypt_pbkdf (1.1.1)
    benchmark (0.4.0)
    bigdecimal (3.1.8)
    builder (3.3.0)
    concurrent-ruby (1.3.4)
    connection_pool (2.4.1)
    crass (1.0.6)
-    debug (1.7.2)
+    date (3.4.1)
-      irb (>= 1.5.0)
+    debug (1.9.2)
-      reline (>= 0.3.1)
+      irb (~> 1.10)
-    dotenv (2.8.1)
+      reline (>= 0.3.8)
    dotenv (3.1.5)
    drb (2.2.1)
    ed25519 (1.3.0)
-    erubi (1.12.0)
+    erubi (1.13.0)
-    i18n (1.12.0)
+    i18n (1.14.6)
      concurrent-ruby (~> 1.0)
-    io-console (0.6.0)
+    io-console (0.8.0)
-    irb (1.6.3)
+    irb (1.14.2)
-      reline (>= 0.3.0)
+      rdoc (>= 4.0.0)
-    loofah (2.20.0)
+      reline (>= 0.4.2)
    json (2.9.0)
    language_server-protocol (3.17.0.3)
    logger (1.6.3)
    loofah (2.23.1)
      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
+      nokogiri (>= 1.12.0)
-    method_source (1.0.0)
+    minitest (5.25.4)
-    minitest (5.18.0)
+    mocha (2.7.1)
    mocha (2.0.2)
      ruby2_keywords (>= 0.0.5)
    net-scp (4.0.0)
      net-ssh (>= 2.6.5, < 8.0.0)
-    net-ssh (7.1.0)
+    net-sftp (4.0.0)
-    nokogiri (1.14.2-arm64-darwin)
+      net-ssh (>= 5.0.0, < 8.0.0)
    net-ssh (7.3.0)
    nokogiri (1.18.3-aarch64-linux-musl)
      racc (~> 1.4)
-    nokogiri (1.14.2-x86_64-darwin)
+    nokogiri (1.18.3-arm64-darwin)
      racc (~> 1.4)
-    nokogiri (1.14.2-x86_64-linux)
+    nokogiri (1.18.3-x86_64-darwin)
      racc (~> 1.4)
-    racc (1.6.2)
+    nokogiri (1.18.3-x86_64-linux-gnu)
-    rack (2.2.6.4)
+      racc (~> 1.4)
    nokogiri (1.18.3-x86_64-linux-musl)
      racc (~> 1.4)
    ostruct (0.6.1)
    parallel (1.26.3)
    parser (3.3.6.0)
      ast (~> 2.4.1)
      racc
    psych (5.2.1)
      date
      stringio
    racc (1.8.1)
    rack (3.1.10)
    rack-session (2.0.0)
      rack (>= 3.0.0)
    rack-test (2.1.0)
      rack (>= 1.3)
-    rails-dom-testing (2.0.3)
+    rackup (2.2.1)
-      activesupport (>= 4.2.0)
+      rack (>= 3)
    rails-dom-testing (2.2.0)
      activesupport (>= 5.0.0)
      minitest
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.5.0)
+    rails-html-sanitizer (1.6.2)
-      loofah (~> 2.19, >= 2.19.1)
+      loofah (~> 2.21)
-    railties (7.0.4.3)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
-      actionpack (= 7.0.4.3)
+    railties (8.0.0.1)
-      activesupport (= 7.0.4.3)
+      actionpack (= 8.0.0.1)
-      method_source
+      activesupport (= 8.0.0.1)
      irb (~> 1.13)
      rackup (>= 1.0.0)
      rake (>= 12.2)
-      thor (~> 1.0)
+      thor (~> 1.0, >= 1.2.2)
-      zeitwerk (~> 2.5)
+      zeitwerk (~> 2.6)
-    rake (13.0.6)
+    rainbow (3.1.1)
-    reline (0.3.3)
+    rake (13.2.1)
    rdoc (6.8.1)
      psych (>= 4.0.0)
    regexp_parser (2.9.3)
    reline (0.5.12)
      io-console (~> 0.5)
    rubocop (1.69.2)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
      parser (>= 3.3.0.2)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 2.9.3, < 3.0)
      rubocop-ast (>= 1.36.2, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 4.0)
    rubocop-ast (1.36.2)
      parser (>= 3.3.1.0)
    rubocop-minitest (0.36.0)
      rubocop (>= 1.61, < 2.0)
      rubocop-ast (>= 1.31.1, < 2.0)
    rubocop-performance (1.23.0)
      rubocop (>= 1.48.1, < 2.0)
      rubocop-ast (>= 1.31.1, < 2.0)
    rubocop-rails (2.27.0)
      activesupport (>= 4.2.0)
      rack (>= 1.1)
      rubocop (>= 1.52.0, < 2.0)
      rubocop-ast (>= 1.31.1, < 2.0)
    rubocop-rails-omakase (1.0.0)
      rubocop
      rubocop-minitest
      rubocop-performance
      rubocop-rails
    ruby-progressbar (1.13.0)
    ruby2_keywords (0.0.5)
-    sshkit (1.21.4)
+    securerandom (0.4.0)
    sshkit (1.23.2)
      base64
      net-scp (>= 1.1.2)
      net-sftp (>= 2.1.2)
      net-ssh (>= 2.8.0)
-    thor (1.2.1)
+      ostruct
    stringio (3.1.2)
    thor (1.3.2)
    tzinfo (2.0.6)
      concurrent-ruby (~> 1.0)
-    zeitwerk (2.6.7)
+    unicode-display_width (3.1.2)
      unicode-emoji (~> 4.0, >= 4.0.4)
    unicode-emoji (4.0.4)
    uri (1.0.2)
    useragent (0.16.11)
    zeitwerk (2.7.1)
 PLATFORMS
  aarch64-linux-musl
  arm64-darwin
  x86_64-darwin
  x86_64-linux
  x86_64-linux-musl
 DEPENDENCIES
  debug
  kamal!
  mocha
  mrsk!
  railties
  rubocop-rails-omakase
 BUNDLED WITH
-   2.4.3
+   2.6.5
--- a/README.md
+++ b/README.md
@@ -1,929 +1,13 @@
-# MRSK
+# Kamal: Deploy web apps anywhere
-MRSK deploys web apps anywhere from bare metal to cloud VMs using Docker with zero downtime. It uses the dynamic reverse-proxy Traefik to hold requests while the new application container is started and the old one is stopped. It works seamlessly across multiple hosts, using SSHKit to execute commands. It was built for Rails applications, but works with any type of web app that can be containerized with Docker.
+From bare metal to cloud VMs, deploy web apps anywhere with zero downtime. Kamal uses [kamal-proxy](https://github.com/basecamp/kamal-proxy) to seamlessly switch requests between containers. Works seamlessly across multiple servers, using SSHKit to execute commands. Originally built for Rails apps, Kamal will work with any type of web app that can be containerized with Docker.
-Watch the screencast: https://www.youtube.com/watch?v=LL1cV2FXZ5I
+➡️ See [kamal-deploy.org](https://kamal-deploy.org) for documentation on [installation](https://kamal-deploy.org/docs/installation), [configuration](https://kamal-deploy.org/docs/configuration), and [commands](https://kamal-deploy.org/docs/commands).
-Join us on Discord: https://discord.gg/YgHVT7GCXS
+## Contributing to the documentation
-Ask questions: https://github.com/mrsked/mrsk/discussions
+Please help us improve Kamal's documentation on the [the basecamp/kamal-site repository](https://github.com/basecamp/kamal-site).
 ## Installation
 If you have a Ruby environment available, you can install MRSK globally with:
 ```sh
 gem install mrsk
 ```
 ...otherwise, you can run a dockerized version via an alias (add this to your .bashrc or similar to simplify re-use):
 ```sh
 alias mrsk='docker run --rm -it -v $HOME/.ssh:/root/.ssh -v /var/run/docker.sock:/var/run/docker.sock -v ${PWD}/:/workdir  ghcr.io/mrsked/mrsk'
 ```
 Then, inside your app directory, run `mrsk init` (or `mrsk init --bundle` within Rails 7+ apps where you want a bin/mrsk binstub). Now edit the new file `config/deploy.yml`. It could look as simple as this:
 ```yaml
 service: hey
 image: 37s/hey
 servers:
  - 192.168.0.1
  - 192.168.0.2
 registry:
  username: registry-user-name
  password:
    - MRSK_REGISTRY_PASSWORD
 env:
  secret:
    - RAILS_MASTER_KEY
 ```
 Then edit your `.env` file to add your registry password as `MRSK_REGISTRY_PASSWORD` (and your `RAILS_MASTER_KEY` for production with a Rails app).
 Now you're ready to deploy to the servers:
 ```
 mrsk setup
 ```
 This will:
 1. Connect to the servers over SSH (using root by default, authenticated by your ssh key)
 2. Install Docker and curl on any server that might be missing it (using apt-get): root access is needed via ssh for this.
 3. Log into the registry both locally and remotely
 4. Build the image using the standard Dockerfile in the root of the application.
 5. Push the image to the registry.
 6. Pull the image from the registry onto the servers.
 7. Ensure Traefik is running and accepting traffic on port 80.
 8. Ensure your app responds with `200 OK` to `GET /up` (you must have curl installed inside your app image!).
 9. Start a new container with the version of the app that matches the current git version hash.
 10. Stop the old container running the previous version of the app.
 11. Prune unused images and stopped containers to ensure servers don't fill up.
 Voila! All the servers are now serving the app on port 80. If you're just running a single server, you're ready to go. If you're running multiple servers, you need to put a load balancer in front of them. For subsequent deploys, or if your servers already have Docker and curl installed, you can just run `mrsk deploy`.
 ## Vision
 In the past decade+, there's been an explosion in commercial offerings that make deploying web apps easier. Heroku kicked it off with an incredible offering that stayed ahead of the competition seemingly forever. These days we have excellent alternatives like Fly.io and Render. And hosted Kubernetes is making things easier too on AWS, GCP, Digital Ocean, and elsewhere. But these are all offerings that have you renting computers in the cloud at a premium. If you want to run on your own hardware, or even just have a clear migration path to do so in the future, you need to carefully consider how locked in you get to these commercial platforms. Preferably before the bills swallow your business whole!
 MRSK seeks to bring the advance in ergonomics pioneered by these commercial offerings to deploying web apps anywhere. Whether that's low-cost cloud options without the managed-service markup from the likes of Digital Ocean, Hetzner, OVH, etc., or it's your own colocated bare metal. To MRSK, it's all the same. Feed the config file a list of IP addresses with vanilla Ubuntu servers that have seen no prep beyond an added SSH key, and you'll be running in literally minutes.
 This approach gives you enormous portability. You can have your web app deployed on several clouds at ease like this. Or you can buy the baseline with your own hardware, then deploy to a cloud before a big seasonal spike to get more capacity. When you're not locked into a single provider from a tooling perspective, there are a lot of compelling options available.
 Ultimately, MRSK is meant to compress the complexity of going to production using open source tooling that isn't tied to any commercial offering. Not to zero, mind you. You're probably still better off with a fully managed service if basic Linux or Docker is still difficult, but as soon as those concepts are familiar, you'll be ready to go with MRSK.
 ## Why not just run Capistrano, Kubernetes or Docker Swarm?
 MRSK basically is Capistrano for Containers, without the need to carefully prepare servers in advance. No need to ensure that the servers have just the right version of Ruby or other dependencies you need. That all lives in the Docker image now. You can boot a brand new Ubuntu (or whatever) server, add it to the list of servers in MRSK, and it'll be auto-provisioned with Docker, and run right away. Docker's layer caching also speeds up deployments with less mucking about on the server. And the images built for MRSK can be used for CI or later introspection.
 Kubernetes is a beast. Running it yourself on your own hardware is not for the faint of heart. It's a fine option if you want to run on someone else's platform, either transparently [like Render](https://thenewstack.io/render-cloud-deployment-with-less-engineering/) or explicitly on AWS/GCP, but if you'd like the freedom to move between cloud and your own hardware, or even mix the two, MRSK is much simpler. You can see everything that's going on, it's just basic Docker commands being called.
 Docker Swarm is much simpler than Kubernetes, but it's still built on the same declarative model that uses state reconciliation. MRSK is intentionally designed around imperative commands, like Capistrano.
 Ultimately, there are a myriad of ways to deploy web apps, but this is the toolkit we're using at [37signals](https://37signals.com) to bring [HEY](https://www.hey.com) [home from the cloud](https://world.hey.com/dhh/why-we-re-leaving-the-cloud-654b47e0) without losing the advantages of modern containerization tooling.
 ## Running MRSK from Docker
 MRSK is packaged up in a Docker container similarly to [rails/docked](https://github.com/rails/docked). This will allow you to run MRSK (from your application directory) without having to install any dependencies other than Docker. Add the following alias to your profile configuration to make working with the container more convenient:
 ```bash
 alias mrsk="docker run -it --rm -v '${PWD}:/workdir' -v '${SSH_AUTH_SOCK}:/ssh-agent' -v /var/run/docker.sock:/var/run/docker.sock -e 'SSH_AUTH_SOCK=/ssh-agent' ghcr.io/mrsked/mrsk:latest"
 ```
 Since MRSK uses SSH to establish a remote connection, it will need access to your SSH agent. The above command uses a volume mount to make it available inside the container and configures the SSH agent inside the container to make use of it.
 ## Configuration
 ### Using .env file to load required environment variables
 MRSK uses [dotenv](https://github.com/bkeepers/dotenv) to automatically load environment variables set in the `.env` file present in the application root. This file can be used to set variables like `MRSK_REGISTRY_PASSWORD` or database passwords. But for this reason you must ensure that .env files are not checked into Git or included in your Dockerfile! The format is just key-value like:
 ```bash
 MRSK_REGISTRY_PASSWORD=pw
 DB_PASSWORD=secret123
 ```
 ### Using a generated .env file
 #### 1Password as a secret store
 If you're using a centralized secret store, like 1Password, you can create `.env.erb` as a template which looks up the secrets. Example of a .env.erb file:
 ```erb
 <% if (session_token = `op signin --account my-one-password-account --raw`.strip) != "" %># Generated by mrsk envify
 GITHUB_TOKEN=<%= `gh config get -h github.com oauth_token`.strip %>
 MRSK_REGISTRY_PASSWORD=<%= `op read "op://Vault/Docker Hub/password" -n --session  #{session_token}` %>
 RAILS_MASTER_KEY=<%= `op read "op://Vault/My App/RAILS_MASTER_SECRET" -n --session #{session_token}` %>
 MYSQL_ROOT_PASSWORD=<%= `op read "op://Vault/My App/MYSQL_ROOT_PASSWORD" -n --session #{session_token}` %>
 <% else raise ArgumentError, "Session token missing" end %>
 ```
 This template can safely be checked into git. Then everyone deploying the app can run `mrsk envify` when they setup the app for the first time or passwords change to get the correct `.env` file.
 If you need separate env variables for different destinations, you can set them with `.env.destination.erb` for the template, which will generate `.env.staging` when run with `mrsk envify -d staging`.
 #### Bitwarden as a secret store
 If you are using open source secret store like bitwarden, you can create `.env.erb` as a template which looks up the secrets.
 You can store `SOME_SECRET` in a secure note in bitwarden vault.
 ```
 $ bw list items --search SOME_SECRET | jq
 ? Master password: [hidden]
 [
  {
    "object": "item",
    "id": "123123123-1232-4224-222f-234234234234",
    "organizationId": null,
    "folderId": null,
    "type": 2,
    "reprompt": 0,
    "name": "SOME_SECRET",
    "notes": "yyy",
    "favorite": false,
    "secureNote": {
      "type": 0
    },
    "collectionIds": [],
    "revisionDate": "2023-02-28T23:54:47.868Z",
    "creationDate": "2022-11-07T03:16:05.828Z",
    "deletedDate": null
  }
 ]
 ```
 and extract the `id` of `SOME_SECRET` from the `json` above and use in the `erb` below.
 Example `.env.erb` file:
 ```erb
 <% if (session_token=`bw unlock --raw`.strip) != "" %># Generated by mrsk envify
 SOME_SECRET=<%= `bw get notes 123123123-1232-4224-222f-234234234234 --session #{session_token}` %>
 <% else raise ArgumentError, "session_token token missing" end %>
 ```
 Then everyone deploying the app can run `mrsk envify` and mrsk will generate `.env`
 ### Using another registry than Docker Hub
 The default registry is Docker Hub, but you can change it using `registry/server`:
 ```yaml
 registry:
  server: registry.digitalocean.com
  username:
    - DOCKER_REGISTRY_TOKEN
  password:
    - DOCKER_REGISTRY_TOKEN
 ```
 A reference to secret `DOCKER_REGISTRY_TOKEN` will look for `ENV["DOCKER_REGISTRY_TOKEN"]` on the machine running MRSK.
 #### Using AWS ECR as the container registry
 AWS ECR's access token is only valid for 12hrs. In order to not have to manually regenerate the token every time, you can use ERB in the `deploy.yml` file to shell out to the `aws` cli command, and obtain the token:
 ```yaml
 registry:
  server: <your aws account id>.dkr.ecr.<your aws region id>.amazonaws.com
  username: AWS
  password: <%= %x(aws ecr get-login-password) %>
 ```
 You will need to have the `aws` CLI installed locally for this to work.
 ### Using a different SSH user than root
 The default SSH user is root, but you can change it using `ssh/user`:
 ```yaml
 ssh:
  user: app
 ```
 If you are using non-root user, you need to bootstrap your servers manually, before using them with MRSK. On Ubuntu, you'd do:
 ```bash
 sudo apt update
 sudo apt upgrade -y
 sudo apt install -y docker.io curl git
 sudo usermod -a -G docker ubuntu
 ```
 ### Using a proxy SSH host
 If you need to connect to server through a proxy host, you can use `ssh/proxy`:
 ```yaml
 ssh:
  proxy: "192.168.0.1" # defaults to root as the user
 ```
 Or with specific user:
 ```yaml
 ssh:
  proxy: "app@192.168.0.1"
 ```
 Also if you need specific proxy command to connect to the server:
 ```yaml
 ssh:
  proxy_command: aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p' --region=us-east-1 ## ssh via aws ssm
 ```
 ### Using env variables
 You can inject env variables into the app containers using `env`:
 ```yaml
 env:
  DATABASE_URL: mysql2://db1/hey_production/
  REDIS_URL: redis://redis1:6379/1
 ```
 ### Using secret env variables
 If you have env variables that are secret, you can divide the `env` block into `clear` and `secret`:
 ```yaml
 env:
  clear:
    DATABASE_URL: mysql2://db1/hey_production/
    REDIS_URL: redis://redis1:6379/1
  secret:
    - DATABASE_PASSWORD
    - REDIS_PASSWORD
 ```
 The list of secret env variables will be expanded at run time from your local machine. So a reference to a secret `DATABASE_PASSWORD` will look for `ENV["DATABASE_PASSWORD"]` on the machine running MRSK. Just like with build secrets.
 If the referenced secret ENVs are missing, the configuration will be halted with a `KeyError` exception.
 Note: Marking an ENV as secret currently only redacts its value in the output for MRSK. The ENV is still injected in the clear into the container at runtime.
 ### Using volumes
 You can add custom volumes into the app containers using `volumes`:
 ```yaml
 volumes:
  - "/local/path:/container/path"
 ```
 ### MRSK env variables
 The following env variables are set when your container runs:
 `MRSK_CONTAINER_NAME` : this contains the current container name and version
 ### Using different roles for servers
 If your application uses separate hosts for running jobs or other roles beyond the default web running, you can specify these hosts in a dedicated role with a new entrypoint command like so:
 ```yaml
 servers:
  web:
    - 192.168.0.1
    - 192.168.0.2
  job:
    hosts:
      - 192.168.0.3
      - 192.168.0.4
    cmd: bin/jobs
 ```
 Note: Traefik will only by default be installed and run on the servers in the `web` role (and on all servers if no roles are defined). If you need Traefik on hosts in other roles than `web`, add `traefik: true`:
 ```yaml
 servers:
  web:
    - 192.168.0.1
    - 192.168.0.2
  web2:
    traefik: true
    hosts:
      - 192.168.0.3
      - 192.168.0.4
 ```
 ### Using container labels
 You can specialize the default Traefik rules by setting labels on the containers that are being started:
 ```yaml
 labels:
  traefik.http.routers.hey-web.rule: Host(`app.hey.com`)
 ```
 Traefik rules are in the "service-role-destination" format. The default role will be `web` if no rule is specified. If the destination is not specified, it is not included. To give an example, the above rule would become "traefik.http.routers.hey-web-staging.rule" if it was for the "staging" destination.
 Note: The backticks are needed to ensure the rule is passed in correctly and not treated as command substitution by Bash!
 This allows you to run multiple applications on the same server sharing the same Traefik instance and port.
 See https://doc.traefik.io/traefik/routing/routers/#rule for a full list of available routing rules.
 The labels can also be applied on a per-role basis:
 ```yaml
 servers:
  web:
    - 192.168.0.1
    - 192.168.0.2
  job:
    hosts:
      - 192.168.0.3
      - 192.168.0.4
    cmd: bin/jobs
    labels:
      my-label: "50"
 ```
 ### Using shell expansion
 You can use shell expansion to interpolate values from the host machine into labels and env variables with the `${}` syntax.
 Anything within the curly braces will be executed on the host machine and the result will be interpolated into the label or env variable.
 ```yaml
 labels:
  host-machine: "${cat /etc/hostname}"
 env:
  HOST_DEPLOYMENT_DIR: "${PWD}"
 ```
 Note: Any other occurrence of `$` will be escaped to prevent unwanted shell expansion!
 ### Using container options
 You can specialize the options used to start containers using the `options` definitions:
 ```yaml
 servers:
  web:
    - 192.168.0.1
    - 192.168.0.2
  job:
    hosts:
      - 192.168.0.3
      - 192.168.0.4
    cmd: bin/jobs
    options:
      cap-add: true
      cpu-count: 4
 ```
 That'll start the job containers with `docker run ... --cap-add --cpu-count 4 ...`.
 ### Configuring logging
 You can configure the logging driver and options passed to Docker using `logging`:
 ```yaml
 logging:
  driver: awslogs
  options:
    awslogs-region: "eu-central-2"
    awslogs-group: "my-app"
 ```
 If nothing is configured, the default option `max-size=10m` is used for all containers. The default logging driver of Docker is `json-file`.
 ### Using a different stop wait time
 On a new deploy, each old running container is gracefully shut down with a `SIGTERM`, and after a grace period of `10` seconds a `SIGKILL` is sent.
 You can configure this value via the `stop_wait_time` option:
 ```yaml
 stop_wait_time: 30
 ```
 ### Using remote builder for native multi-arch
 If you're developing on ARM64 (like Apple Silicon), but you want to deploy on AMD64 (x86 64-bit), you can use multi-architecture images. By default, MRSK will setup a local buildx configuration that does this through QEMU emulation. But this can be quite slow, especially on the first build.
 If you want to speed up this process by using a remote AMD64 host to natively build the AMD64 part of the image, while natively building the ARM64 part locally, you can do so using builder options:
 ```yaml
 builder:
  local:
    arch: arm64
    host: unix:///Users/<%= `whoami`.strip %>/.docker/run/docker.sock
  remote:
    arch: amd64
    host: ssh://root@192.168.0.1
 ```
 Note: You must have Docker running on the remote host being used as a builder. This instance should only be shared for builds using the same registry and credentials.
 ### Using remote builder for single-arch
 If you're developing on ARM64 (like Apple Silicon), want to deploy on AMD64 (x86 64-bit), but don't need to run the image locally (or on other ARM64 hosts), you can configure a remote builder that just targets AMD64. This is a bit faster than building with multi-arch, as there's nothing to build locally.
 ```yaml
 builder:
  remote:
    arch: amd64
    host: ssh://root@192.168.0.1
 ```
 ### Using native builder when multi-arch isn't needed
 If you're developing on the same architecture as the one you're deploying on, you can speed up the build by forgoing both multi-arch and remote building:
 ```yaml
 builder:
  multiarch: false
 ```
 This is also a good option if you're running MRSK from a CI server that shares architecture with the deployment servers.
 ### Using a different Dockerfile or context when building
 If you need to pass a different Dockerfile or context to the build command (e.g. if you're using a monorepo or you have
 different Dockerfiles), you can do so in the builder options:
 ```yaml
 # Use a different Dockerfile
 builder:
  dockerfile: Dockerfile.xyz
 # Set context
 builder:
  context: ".."
 # Set Dockerfile and context
 builder:
  dockerfile: "../Dockerfile.xyz"
  context: ".."
 ```
 ### Using build secrets for new images
 Some images need a secret passed in during build time, like a GITHUB_TOKEN, to give access to private gem repositories. This can be done by having the secret in ENV, then referencing it in the builder configuration:
 ```yaml
 builder:
  secrets:
    - GITHUB_TOKEN
 ```
 This build secret can then be referenced in the Dockerfile:
 ```dockerfile
 # Copy Gemfiles
 COPY Gemfile Gemfile.lock ./
 # Install dependencies, including private repositories via access token (then remove bundle cache with exposed GITHUB_TOKEN)
 RUN --mount=type=secret,id=GITHUB_TOKEN \
  BUNDLE_GITHUB__COM=x-access-token:$(cat /run/secrets/GITHUB_TOKEN) \
  bundle install && \
  rm -rf /usr/local/bundle/cache
 ```
 ### Traefik command arguments
 Customize the Traefik command line using `args`:
 ```yaml
 traefik:
  args:
    accesslog: true
    accesslog.format: json
 ```
 This starts the Traefik container with `--accesslog=true --accesslog.format=json` arguments.
 ### Traefik host port binding
 Traefik binds to port 80 by default. Specify an alternative port using `host_port`:
 ```yaml
 traefik:
  host_port: 8080
 ```
 ### Traefik version, upgrades, and custom images
 MRSK runs the traefik:v2.9 image to track Traefik 2.9.x releases.
 To pin Traefik to a specific version or an image published to your registry,
 specify `image`:
 ```yaml
 traefik:
  image: traefik:v2.10.0-rc1
 ```
 This is useful for downgrading Traefik if there's an unexpected breaking
 change in a minor version release, upgrading Traefik to test forthcoming
 releases, or running your own Traefik-derived image.
 MRSK has not been tested for compatibility with Traefik 3 betas. Please do!
 ### Traefik container configuration
 Pass additional Docker configuration for the Traefik container using `options`:
 ```yaml
 traefik:
  options:
    publish:
      - 8080:8080
    volume:
      - /tmp/example.json:/tmp/example.json
    memory: 512m
 ```
 This starts the Traefik container with `--volume /tmp/example.json:/tmp/example.json --publish 8080:8080 --memory 512m` arguments to `docker run`.
 ### Traefik container labels
 Add labels to Traefik Docker container.
 ```yaml
 traefik:
  labels:
    traefik.enable: true
    traefik.http.routers.dashboard.rule: Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
    traefik.http.routers.dashboard.service: api@internal
    traefik.http.routers.dashboard.middlewares: auth
    traefik.http.middlewares.auth.basicauth.users: test:$2y$05$H2o72tMaO.TwY1wNQUV1K.fhjRgLHRDWohFvUZOJHBEtUXNKrqUKi # test:password
 ```
 This labels Traefik container with `--label traefik.http.routers.dashboard.middlewares=\"auth\"` and so on.
 ### Traefik alternate entrypoints
 You can configure multiple entrypoints for Traefik like so:
 ```yaml
 service: myservice
 labels:
  traefik.tcp.routers.other.rule: 'HostSNI(`*`)'
  traefik.tcp.routers.other.entrypoints: otherentrypoint
  traefik.tcp.services.other.loadbalancer.server.port: 9000
  traefik.http.routers.myservice.entrypoints: web
  traefik.http.services.myservice.loadbalancer.server.port: 8080
 traefik:
  options:
    publish:
      - 9000:9000
  args:
    entrypoints.web.address: ':80'
    entrypoints.otherentrypoint.address: ':9000'
 ```
 ### Configuring build args for new images
 Build arguments that aren't secret can also be configured:
 ```yaml
 builder:
  args:
    RUBY_VERSION: 3.2.0
 ```
 This build argument can then be used in the Dockerfile:
 ```
 ARG RUBY_VERSION
 FROM ruby:$RUBY_VERSION-slim as base
 ```
 ### Using accessories for database, cache, search services
 You can manage your accessory services via MRSK as well. Accessories are long-lived services that your app depends on. They are not updated when you deploy.
 ```yaml
 accessories:
  mysql:
    image: mysql:5.7
    host: 1.1.1.3
    port: 3306
    env:
      clear:
        MYSQL_ROOT_HOST: '%'
      secret:
        - MYSQL_ROOT_PASSWORD
    volumes:
      - /var/lib/mysql:/var/lib/mysql
    options:
      cpus: 4
      memory: "2GB"
  redis:
    image: redis:latest
    roles:
      - web
    port: "36379:6379"
    volumes:
      - /var/lib/redis:/data
  internal-example:
    image: registry.digitalocean.com/user/otherservice:latest
    host: 1.1.1.5
    port: 44444
 ```
 The hosts that the accessories will run on can be specified by hosts or roles:
 ```yaml
  # Single host
  mysql:
    host: 1.1.1.1
  # Multiple hosts
  redis:
    hosts:
      - 1.1.1.1
      - 1.1.1.2
  # By role
  monitoring:
    roles:
      - web
      - jobs
 ```
 Now run `mrsk accessory start mysql` to start the MySQL server on 1.1.1.3. See `mrsk accessory` for all the commands possible.
 Accessory images must be public or tagged in your private registry.
 ### Using Cron
 You can use a specific container to run your Cron jobs:
 ```yaml
 servers:
  cron:
    hosts:
      - 192.168.0.1
    cmd:
      bash -c "cat config/crontab | crontab - && cron -f"
 ```
 This assumes the Cron settings are stored in `config/crontab`.
 ### Healthcheck
 MRSK uses Docker healthchecks to check the health of your application during deployment. Traefik uses this same healthcheck status to determine when a container is ready to receive traffic.
 The healthcheck defaults to testing the HTTP response to the path `/up` on port 3000, up to 7 times. You can tailor this behaviour with the `healthcheck` setting:
 ```yaml
 healthcheck:
  path: /healthz
  port: 4000
  max_attempts: 7
  interval: 20s
 ```
 This will ensure your application is configured with a traefik label for the healthcheck against `/healthz` and that the pre-deploy healthcheck that MRSK performs is done against the same path on port 4000.
 You can also specify a custom healthcheck command, which is useful for non-HTTP services:
 ```yaml
 healthcheck:
  cmd: /bin/check_health
 ```
 The top-level healthcheck configuration applies to all services that use
 Traefik, by default. You can also specialize the configuration at the role
 level:
 ```yaml
 servers:
  job:
    hosts: ...
    cmd: bin/jobs
    healthcheck:
      cmd: bin/check
 ```
 The healthcheck allows for an optional `max_attempts` setting, which will attempt the healthcheck up to the specified number of times before failing the deploy. This is useful for applications that take a while to start up. The default is 7.
 Note: The HTTP health checks assume that the `curl` command is available inside the container. If that's not the case, use the healthcheck's `cmd` option to specify an alternative check that the container supports.
 ## Commands
 ### Running commands on servers
 You can execute one-off commands on the servers:
 ```bash
 # Runs command on all servers
 mrsk app exec 'ruby -v'
 App Host: 192.168.0.1
 ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [x86_64-linux]
 App Host: 192.168.0.2
 ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [x86_64-linux]
 # Runs command on primary server
 mrsk app exec --primary 'cat .ruby-version'
 App Host: 192.168.0.1
 3.1.3
 # Runs Rails command on all servers
 mrsk app exec 'bin/rails about'
 App Host: 192.168.0.1
 About your application's environment
 Rails version             7.1.0.alpha
 Ruby version              ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [x86_64-linux]
 RubyGems version          3.3.26
 Rack version              2.2.5
 Middleware                ActionDispatch::HostAuthorization, Rack::Sendfile, ActionDispatch::Static, ActionDispatch::Executor, Rack::Runtime, Rack::MethodOverride, ActionDispatch::RequestId, ActionDispatch::RemoteIp, Rails::Rack::Logger, ActionDispatch::ShowExceptions, ActionDispatch::DebugExceptions, ActionDispatch::Callbacks, ActionDispatch::Cookies, ActionDispatch::Session::CookieStore, ActionDispatch::Flash, ActionDispatch::ContentSecurityPolicy::Middleware, ActionDispatch::PermissionsPolicy::Middleware, Rack::Head, Rack::ConditionalGet, Rack::ETag, Rack::TempfileReaper
 Application root          /rails
 Environment               production
 Database adapter          sqlite3
 Database schema version   20221231233303
 App Host: 192.168.0.2
 About your application's environment
 Rails version             7.1.0.alpha
 Ruby version              ruby 3.1.3p185 (2022-11-24 revision 1a6b16756e) [x86_64-linux]
 RubyGems version          3.3.26
 Rack version              2.2.5
 Middleware                ActionDispatch::HostAuthorization, Rack::Sendfile, ActionDispatch::Static, ActionDispatch::Executor, Rack::Runtime, Rack::MethodOverride, ActionDispatch::RequestId, ActionDispatch::RemoteIp, Rails::Rack::Logger, ActionDispatch::ShowExceptions, ActionDispatch::DebugExceptions, ActionDispatch::Callbacks, ActionDispatch::Cookies, ActionDispatch::Session::CookieStore, ActionDispatch::Flash, ActionDispatch::ContentSecurityPolicy::Middleware, ActionDispatch::PermissionsPolicy::Middleware, Rack::Head, Rack::ConditionalGet, Rack::ETag, Rack::TempfileReaper
 Application root          /rails
 Environment               production
 Database adapter          sqlite3
 Database schema version   20221231233303
 # Run Rails runner on primary server
 mrsk app exec -p 'bin/rails runner "puts Rails.application.config.time_zone"'
 UTC
 ```
 ### Running interactive commands over SSH
 You can run interactive commands, like a Rails console or a bash session, on a server (default is primary, use `--hosts` to connect to another):
 ```bash
 # Starts a bash session in a new container made from the most recent app image
 mrsk app exec -i bash
 # Starts a bash session in the currently running container for the app
 mrsk app exec -i --reuse bash
 # Starts a Rails console in a new container made from the most recent app image
 mrsk app exec -i 'bin/rails console'
 ```
 ### Running details to show state of containers
 You can see the state of your servers by running `mrsk details`:
 ```
 Traefik Host: 192.168.0.1
 CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS                               NAMES
 6195b2a28c81   traefik   "/entrypoint.sh --pr…"   30 minutes ago   Up 19 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp   traefik
 Traefik Host: 192.168.0.2
 CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS                               NAMES
 de14a335d152   traefik   "/entrypoint.sh --pr…"   30 minutes ago   Up 19 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp   traefik
 App Host: 192.168.0.1
 CONTAINER ID   IMAGE                                                                         COMMAND                  CREATED          STATUS          PORTS      NAMES
 badb1aa51db3   registry.digitalocean.com/user/app:6ef8a6a84c525b123c5245345a8483f86d05a123   "/rails/bin/docker-e…"   13 minutes ago   Up 13 minutes   3000/tcp   chat-6ef8a6a84c525b123c5245345a8483f86d05a123
 App Host: 192.168.0.2
 CONTAINER ID   IMAGE                                                                         COMMAND                  CREATED          STATUS          PORTS      NAMES
 1d3c91ed1f55   registry.digitalocean.com/user/app:6ef8a6a84c525b123c5245345a8483f86d05a123   "/rails/bin/docker-e…"   13 minutes ago   Up 13 minutes   3000/tcp   chat-6ef8a6a84c525b123c5245345a8483f86d05a123
 ```
 You can also see just info for app containers with `mrsk app details` or just for Traefik with `mrsk traefik details`.
 ### Running rollback to fix a bad deploy
 If you've discovered a bad deploy, you can quickly rollback by reactivating the old, paused container image. You can see what old containers are available for rollback by running `mrsk app containers`. It'll give you a presentation similar to `mrsk app details`, but include all the old containers as well. Showing something like this:
 ```
 App Host: 192.168.0.1
 CONTAINER ID   IMAGE                                                                         COMMAND                  CREATED          STATUS                      PORTS      NAMES
 1d3c91ed1f51   registry.digitalocean.com/user/app:6ef8a6a84c525b123c5245345a8483f86d05a123   "/rails/bin/docker-e…"   19 minutes ago   Up 19 minutes               3000/tcp   chat-6ef8a6a84c525b123c5245345a8483f86d05a123
 539f26b28369   registry.digitalocean.com/user/app:e5d9d7c2b898289dfbc5f7f1334140d984eedae4   "/rails/bin/docker-e…"   31 minutes ago   Exited (1) 27 minutes ago              chat-e5d9d7c2b898289dfbc5f7f1334140d984eedae4
 App Host: 192.168.0.2
 CONTAINER ID   IMAGE                                                                         COMMAND                  CREATED          STATUS                      PORTS      NAMES
 badb1aa51db4   registry.digitalocean.com/user/app:6ef8a6a84c525b123c5245345a8483f86d05a123   "/rails/bin/docker-e…"   19 minutes ago   Up 19 minutes               3000/tcp   chat-6ef8a6a84c525b123c5245345a8483f86d05a123
 6f170d1172ae   registry.digitalocean.com/user/app:e5d9d7c2b898289dfbc5f7f1334140d984eedae4   "/rails/bin/docker-e…"   31 minutes ago   Exited (1) 27 minutes ago              chat-e5d9d7c2b898289dfbc5f7f1334140d984eedae4
 ```
 From the example above, we can see that `e5d9d7c2b898289dfbc5f7f1334140d984eedae4` was the last version, so it's available as a rollback target. We can perform this rollback by running `mrsk rollback e5d9d7c2b898289dfbc5f7f1334140d984eedae4`. That'll stop `6ef8a6a84c525b123c5245345a8483f86d05a123` and then start `e5d9d7c2b898289dfbc5f7f1334140d984eedae4`. Because the old container is still available, this is very quick. Nothing to download from the registry.
 Note that by default old containers are pruned after 3 days when you run `mrsk deploy`.
 ### Running removal to clean up servers
 If you wish to remove the entire application, including Traefik, containers, images, and registry session, you can run `mrsk remove`. This will leave the servers clean.
 ## Locking
 Commands that are unsafe to run concurrently will take a deploy lock while they run. The lock is the `mrsk_lock` directory on the primary server.
 You can check the lock status with:
 ```
 mrsk lock status
 Locked by: AN Other at 2023-03-24 09:49:03 UTC
 Version: 77f45c0686811c68989d6576748475a60bf53fc2
 Message: Automatic deploy lock
 ```
 You can also manually acquire and release the lock
 ```
 mrsk lock acquire -m "Doing maintenance"
 ```
 ```
 mrsk lock release
 ```
 ## Rolling deployments
 When deploying to large numbers of hosts, you might prefer not to restart your services on every host at the same time.
 MRSK's default is to boot new containers on all hosts in parallel. But you can control this by configuring `boot/limit` and `boot/wait` as options:
 ```yaml
 service: myservice
 boot:
  limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
  wait: 2
 ```
 When `limit` is specified, containers will be booted on, at most, `limit` hosts at once. MRSK will pause for `wait` seconds between batches.
 These settings only apply when booting containers (using `mrsk deploy`, or `mrsk app boot`). For other commands, MRSK continues to run commands in parallel across all hosts.
 ## Hooks
 You can run custom scripts at specific points with hooks.
 Hooks should be stored in the .mrsk/hooks folder. Running mrsk init will build that folder and add some sample scripts.
 You can change their location by setting `hooks_path` in the configuration file.
 If the script returns a non-zero exit code the command will be aborted.
 `MRSK_*` environment variables are available to the hooks command for
 fine-grained audit reporting, e.g. for triggering deployment reports or
 firing a JSON webhook. These variables include:
 - `MRSK_RECORDED_AT` - UTC timestamp in ISO 8601 format, e.g. `2023-04-14T17:07:31Z`
 - `MRSK_PERFORMER` - the local user performing the command (from `whoami`)
 - `MRSK_SERVICE_VERSION` - an abbreviated service and version for use in messages, e.g. app@150b24f
 - `MRSK_VERSION` - an full version being deployed
 - `MRSK_HOSTS` - a comma separated list of the hosts targeted by the command
 - `MRSK_COMMAND` - The command we are running
 - `MRSK_SUBCOMMAND` - optional: The subcommand we are running
 - `MRSK_DESTINATION` - optional: destination, e.g. "staging"
 - `MRSK_ROLE` - optional: role targeted, e.g. "web"
 There are four hooks:
 1. pre-connect
 Called before taking the deploy lock. For checks that need to run before connecting to remote hosts - e.g. DNS warming.
 2. pre-build
 Used for pre-build checks - e.g. there are no uncommitted changes or that CI has passed.
 3. pre-deploy
 For final checks before deploying, e.g. checking CI completed
 3. post-deploy - run after a deploy, redeploy or rollback
 This hook is also passed a `MRSK_RUNTIME` env variable.
 This could be used to broadcast a deployment message, or register the new version with an APM.
 The command could look something like:
 ```bash
 #!/usr/bin/env bash
 curl -q -d content="[My App] ${MRSK_PERFORMER} Rolled back to version ${MRSK_VERSION}" https://3.basecamp.com/XXXXX/integrations/XXXXX/buckets/XXXXX/chats/XXXXX/lines
 ```
 That'll post a line like follows to a preconfigured chatbot in Basecamp:
 ```
 [My App] [dhh] Rolled back to version d264c4e92470ad1bd18590f04466787262f605de
 ```
 Set `--skip_hooks` to avoid running the hooks.
 ## Stage of development
 This is beta software. Commands may still move around. But we're live in production at [37signals](https://37signals.com).
 ## License
-MRSK is released under the [MIT License](https://opensource.org/licenses/MIT).
+Kamal is released under the [MIT License](https://opensource.org/licenses/MIT).
--- a/bin/docs
+++ b/bin/docs
@@ -0,0 +1,141 @@
 #!/usr/bin/env ruby
 require "stringio"
 def usage
  puts "Usage: #{$0} <kamal_site_repo>"
  exit 1
 end
 usage if ARGV.size != 1
 kamal_site_repo = ARGV[0]
 if !File.directory?(kamal_site_repo)
  puts "Error: #{kamal_site_repo} is not a directory"
  exit 1
 end
 DOCS = {
  "accessory" => "Accessories",
  "alias" => "Aliases",
  "boot" => "Booting",
  "builder" => "Builders",
  "configuration" => "Configuration overview",
  "env" => "Environment variables",
  "logging" => "Logging",
  "proxy" => "Proxy",
  "registry" => "Docker Registry",
  "role" => "Roles",
  "servers" => "Servers",
  "ssh" => "SSH",
  "sshkit" => "SSHKit"
 }
 DOCS_PATH = "lib/kamal/configuration/docs"
 class DocWriter
  attr_reader :from_file, :to_file, :key, :heading, :body, :output, :in_yaml
  def initialize(from_file, to_dir)
    @from_file = from_file
    @key = File.basename(from_file, ".yml")
    @to_file = File.join(to_dir, "#{linkify(DOCS[key])}.md")
    @body = File.readlines(from_file)
    @heading = body.shift.chomp("\n")
    @output = nil
  end
  def write
    puts "Writing #{to_file}"
    generate_markdown
    File.write(to_file, output.string)
  end
  private
    def generate_markdown
      @output = StringIO.new
      generate_header
      place = :in_section
      loop do
        line = body.shift&.chomp("\n")
        break if line.nil?
        case place
        when :new_section, :in_section
          if line.empty?
            output.puts
            place = :new_section
          elsif line =~ /^ *#/
            generate_line(line, heading: place == :new_section)
            place = :in_section
          else
            output.puts
            output.puts "```yaml"
            output.puts line
            place = :in_yaml
          end
        when :in_yaml, :in_empty_line_yaml
          if line =~ /^ *#/
            output.puts "```"
            output.puts
            generate_line(line, heading: place == :in_empty_line_yaml)
            place = :in_section
          elsif line.empty?
            place = :in_empty_line_yaml
          else
            output.puts line
          end
        end
      end
      output.puts "```" if place == :in_yaml
    end
    def generate_header
      output.puts "---"
      output.puts "# This file has been generated from the Kamal source, do not edit directly."
      output.puts "# Find the source of this file at #{DOCS_PATH}/#{key}.yml in the Kamal repository."
      output.puts "title: #{heading[2..-1]}"
      output.puts "---"
      output.puts
      output.puts heading
    end
    def generate_line(line, heading: false)
      line = line.gsub(/^ *#\s?/, "")
      if line =~ /(.*)kamal docs ([a-z]*)(.*)/
        line = "#{$1}[#{DOCS[$2]}](../#{linkify(DOCS[$2])})#{$3}"
      end
      if line =~ /(.*)https:\/\/kamal-deploy.org([a-z\/-]*)(.*)/
        line = "#{$1}[#{titlify($2.split("/").last)}](#{$2})#{$3}"
      end
      if heading
        output.puts "## [#{line}](##{linkify(line)})"
      else
        output.puts line
      end
    end
    def linkify(text)
      if text == "Configuration overview"
        "overview"
      else
        text.downcase.gsub(" ", "-")
      end
    end
    def titlify(text)
      text.capitalize.gsub("-", " ")
    end
 end
 from_dir = File.join(File.dirname(__FILE__), "../#{DOCS_PATH}")
 to_dir = File.join(kamal_site_repo, "docs/configuration")
 Dir.glob("#{from_dir}/*") do |from_file|
  DocWriter.new(from_file, to_dir).write
 end
--- a/bin/kamal
+++ b/bin/kamal
@@ -3,10 +3,10 @@
 # Prevent failures from being reported twice.
 Thread.report_on_exception = false
-require "mrsk"
+require "kamal"
 begin
-  Mrsk::Cli::Main.start(ARGV)
+  Kamal::Cli::Main.start(ARGV)
 rescue SSHKit::Runner::ExecuteError => e
  puts "  \e[31mERROR (#{e.cause.class}): #{e.message}\e[0m"
  puts e.cause.backtrace if ENV["VERBOSE"]
--- a/bin/release
+++ b/bin/release
@@ -2,13 +2,13 @@
 VERSION=$1
-printf "module Mrsk\n  VERSION = \"$VERSION\"\nend\n" > ./lib/mrsk/version.rb
+printf "module Kamal\n  VERSION = \"$VERSION\"\nend\n" > ./lib/kamal/version.rb
 bundle
-git add Gemfile.lock lib/mrsk/version.rb
+git add Gemfile.lock lib/kamal/version.rb
 git commit -m "Bump version for $VERSION"
 git push
 git tag v$VERSION
 git push --tags
-gem build mrsk.gemspec
+gem build kamal.gemspec
-gem push "mrsk-$VERSION.gem" --host https://rubygems.org
+gem push "kamal-$VERSION.gem" --host https://rubygems.org
-rm "mrsk-$VERSION.gem"
+rm "kamal-$VERSION.gem"
--- a/kamal.gemspec
+++ b/kamal.gemspec
@@ -1,25 +1,26 @@
-require_relative "lib/mrsk/version"
+require_relative "lib/kamal/version"
 Gem::Specification.new do |spec|
-  spec.name        = "mrsk"
+  spec.name        = "kamal"
-  spec.version     = Mrsk::VERSION
+  spec.version     = Kamal::VERSION
  spec.authors     = [ "David Heinemeier Hansson" ]
  spec.email       = "dhh@hey.com"
-  spec.homepage    = "https://github.com/rails/mrsk"
+  spec.homepage    = "https://github.com/basecamp/kamal"
  spec.summary     = "Deploy web apps in containers to servers running Docker with zero downtime."
  spec.license     = "MIT"
  spec.files = Dir["lib/**/*", "MIT-LICENSE", "README.md"]
-  spec.executables = %w[ mrsk ]
+  spec.executables = %w[ kamal ]
  spec.add_dependency "activesupport", ">= 7.0"
-  spec.add_dependency "sshkit", "~> 1.21"
+  spec.add_dependency "sshkit", ">= 1.23.0", "< 2.0"
-  spec.add_dependency "net-ssh", "~> 7.0"
+  spec.add_dependency "net-ssh", "~> 7.3"
-  spec.add_dependency "thor", "~> 1.2"
+  spec.add_dependency "thor", "~> 1.3"
-  spec.add_dependency "dotenv", "~> 2.8"
+  spec.add_dependency "dotenv", "~> 3.1"
-  spec.add_dependency "zeitwerk", "~> 2.5"
+  spec.add_dependency "zeitwerk", ">= 2.6.18", "< 3.0"
  spec.add_dependency "ed25519", "~> 1.2"
  spec.add_dependency "bcrypt_pbkdf", "~> 1.0"
  spec.add_dependency "concurrent-ruby", "~> 1.2"
  spec.add_dependency "base64", "~> 0.2"
  spec.add_development_dependency "debug"
  spec.add_development_dependency "mocha"
--- a/lib/kamal.rb
+++ b/lib/kamal.rb
@@ -0,0 +1,14 @@
 module Kamal
  class ConfigurationError < StandardError; end
 end
 require "active_support"
 require "zeitwerk"
 require "yaml"
 require "tmpdir"
 require "pathname"
 loader = Zeitwerk::Loader.for_gem
 loader.ignore(File.join(__dir__, "kamal", "sshkit_with_ext.rb"))
 loader.setup
 loader.eager_load_namespace(Kamal::Cli) # We need all commands loaded.
--- a/lib/kamal/cli.rb
+++ b/lib/kamal/cli.rb
@@ -1,7 +1,9 @@
-module Mrsk::Cli
+module Kamal::Cli
-  class LockError < StandardError; end
+  class BootError < StandardError; end
  class HookError < StandardError; end
  class LockError < StandardError; end
  class DependencyError < StandardError; end
 end
 # SSHKit uses instance eval, so we need a global const for ergonomics
-MRSK = Mrsk::Commander.new
+KAMAL = Kamal::Commander.new
--- a/lib/kamal/cli/accessory.rb
+++ b/lib/kamal/cli/accessory.rb
@@ -0,0 +1,302 @@
 require "active_support/core_ext/array/conversions"
 class Kamal::Cli::Accessory < Kamal::Cli::Base
  desc "boot [NAME]", "Boot new accessory service on host (use NAME=all to boot all accessories)"
  def boot(name, prepare: true)
    with_lock do
      if name == "all"
        KAMAL.accessory_names.each { |accessory_name| boot(accessory_name) }
      else
        prepare(name) if prepare
        with_accessory(name) do |accessory, hosts|
          directories(name)
          upload(name)
          on(hosts) do
            execute *KAMAL.auditor.record("Booted #{name} accessory"), verbosity: :debug
            execute *accessory.ensure_env_directory
            upload! accessory.secrets_io, accessory.secrets_path, mode: "0600"
            execute *accessory.run
            if accessory.running_proxy?
              target = capture_with_info(*accessory.container_id_for(container_name: accessory.service_name, only_running: true)).strip
              execute *accessory.deploy(target: target)
            end
          end
        end
      end
    end
  end
  desc "upload [NAME]", "Upload accessory files to host", hide: true
  def upload(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          accessory.files.each do |(local, remote)|
            accessory.ensure_local_file_present(local)
            execute *accessory.make_directory_for(remote)
            upload! local, remote
            execute :chmod, "755", remote
          end
        end
      end
    end
  end
  desc "directories [NAME]", "Create accessory directories on host", hide: true
  def directories(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          accessory.directories.keys.each do |host_path|
            execute *accessory.make_directory(host_path)
          end
        end
      end
    end
  end
  desc "reboot [NAME]", "Reboot existing accessory on host (stop container, remove container, start new container; use NAME=all to boot all accessories)"
  def reboot(name)
    with_lock do
      if name == "all"
        KAMAL.accessory_names.each { |accessory_name| reboot(accessory_name) }
      else
        prepare(name)
        stop(name)
        remove_container(name)
        boot(name, prepare: false)
      end
    end
  end
  desc "start [NAME]", "Start existing accessory container on host"
  def start(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *KAMAL.auditor.record("Started #{name} accessory"), verbosity: :debug
          execute *accessory.start
          if accessory.running_proxy?
            target = capture_with_info(*accessory.container_id_for(container_name: accessory.service_name, only_running: true)).strip
            execute *accessory.deploy(target: target)
          end
        end
      end
    end
  end
  desc "stop [NAME]", "Stop existing accessory container on host"
  def stop(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *KAMAL.auditor.record("Stopped #{name} accessory"), verbosity: :debug
          execute *accessory.stop, raise_on_non_zero_exit: false
          if accessory.running_proxy?
            target = capture_with_info(*accessory.container_id_for(container_name: accessory.service_name, only_running: true)).strip
            execute *accessory.remove if target
          end
        end
      end
    end
  end
  desc "restart [NAME]", "Restart existing accessory container on host"
  def restart(name)
    with_lock do
      stop(name)
      start(name)
    end
  end
  desc "details [NAME]", "Show details about accessory on host (use NAME=all to show all accessories)"
  def details(name)
    if name == "all"
      KAMAL.accessory_names.each { |accessory_name| details(accessory_name) }
    else
      type = "Accessory #{name}"
      with_accessory(name) do |accessory, hosts|
        on(hosts) { puts_by_host host, capture_with_info(*accessory.info), type: type }
      end
    end
  end
  desc "exec [NAME] [CMD...]", "Execute a custom command on servers within the accessory container (use --help to show options)"
  option :interactive, aliases: "-i", type: :boolean, default: false, desc: "Execute command over ssh for an interactive shell (use for console/bash)"
  option :reuse, type: :boolean, default: false, desc: "Reuse currently running container instead of starting a new one"
  def exec(name, *cmd)
    cmd = Kamal::Utils.join_commands(cmd)
    with_accessory(name) do |accessory, hosts|
      case
      when options[:interactive] && options[:reuse]
        say "Launching interactive command via SSH from existing container...", :magenta
        run_locally { exec accessory.execute_in_existing_container_over_ssh(cmd) }
      when options[:interactive]
        say "Launching interactive command via SSH from new container...", :magenta
        run_locally { exec accessory.execute_in_new_container_over_ssh(cmd) }
      when options[:reuse]
        say "Launching command from existing container...", :magenta
        on(hosts) do |host|
          execute *KAMAL.auditor.record("Executed cmd '#{cmd}' on #{name} accessory"), verbosity: :debug
          puts_by_host host, capture_with_info(*accessory.execute_in_existing_container(cmd))
        end
      else
        say "Launching command from new container...", :magenta
        on(hosts) do |host|
          execute *KAMAL.auditor.record("Executed cmd '#{cmd}' on #{name} accessory"), verbosity: :debug
          puts_by_host host, capture_with_info(*accessory.execute_in_new_container(cmd))
        end
      end
    end
  end
  desc "logs [NAME]", "Show log lines from accessory on host (use --help to show options)"
  option :since, aliases: "-s", desc: "Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)"
  option :lines, type: :numeric, aliases: "-n", desc: "Number of log lines to pull from each server"
  option :grep, aliases: "-g", desc: "Show lines with grep match only (use this to fetch specific requests by id)"
  option :grep_options, desc: "Additional options supplied to grep"
  option :follow, aliases: "-f", desc: "Follow logs on primary server (or specific host set by --hosts)"
  option :skip_timestamps, type: :boolean, aliases: "-T", desc: "Skip appending timestamps to logging output"
  def logs(name)
    with_accessory(name) do |accessory, hosts|
      grep = options[:grep]
      grep_options = options[:grep_options]
      timestamps = !options[:skip_timestamps]
      if options[:follow]
        run_locally do
          info "Following logs on #{hosts}..."
          info accessory.follow_logs(timestamps: timestamps, grep: grep, grep_options: grep_options)
          exec accessory.follow_logs(timestamps: timestamps, grep: grep, grep_options: grep_options)
        end
      else
        since = options[:since]
        lines = options[:lines].presence || ((since || grep) ? nil : 100) # Default to 100 lines if since or grep isn't set
        on(hosts) do
          puts capture_with_info(*accessory.logs(timestamps: timestamps, since: since, lines: lines, grep: grep, grep_options: grep_options))
        end
      end
    end
  end
  desc "remove [NAME]", "Remove accessory container, image and data directory from host (use NAME=all to remove all accessories)"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  def remove(name)
    confirming "This will remove all containers, images and data directories for #{name}. Are you sure?" do
      with_lock do
        if name == "all"
          KAMAL.accessory_names.each { |accessory_name| remove_accessory(accessory_name) }
        else
          remove_accessory(name)
        end
      end
    end
  end
  desc "remove_container [NAME]", "Remove accessory container from host", hide: true
  def remove_container(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *KAMAL.auditor.record("Remove #{name} accessory container"), verbosity: :debug
          execute *accessory.remove_container
        end
      end
    end
  end
  desc "remove_image [NAME]", "Remove accessory image from host", hide: true
  def remove_image(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *KAMAL.auditor.record("Removed #{name} accessory image"), verbosity: :debug
          execute *accessory.remove_image
        end
      end
    end
  end
  desc "remove_service_directory [NAME]", "Remove accessory directory used for uploaded files and data directories from host", hide: true
  def remove_service_directory(name)
    with_lock do
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *accessory.remove_service_directory
        end
      end
    end
  end
  desc "upgrade", "Upgrade accessories from Kamal 1.x to 2.0 (restart them in 'kamal' network)"
  option :rolling, type: :boolean, default: false, desc: "Upgrade one host at a time"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  def upgrade(name)
    confirming "This will restart all accessories" do
      with_lock do
        host_groups = options[:rolling] ? KAMAL.accessory_hosts : [ KAMAL.accessory_hosts ]
        host_groups.each do |hosts|
          host_list = Array(hosts).join(",")
          KAMAL.with_specific_hosts(hosts) do
            say "Upgrading #{name} accessories on #{host_list}...", :magenta
            reboot name
            say "Upgraded #{name} accessories on #{host_list}...", :magenta
          end
        end
      end
    end
  end
  private
    def with_accessory(name)
      if KAMAL.config.accessory(name)
        accessory = KAMAL.accessory(name)
        yield accessory, accessory_hosts(accessory)
      else
        error_on_missing_accessory(name)
      end
    end
    def error_on_missing_accessory(name)
      options = KAMAL.accessory_names.presence
      error \
        "No accessory by the name of '#{name}'" +
        (options ? " (options: #{options.to_sentence})" : "")
    end
    def accessory_hosts(accessory)
      if KAMAL.specific_hosts&.any?
        KAMAL.specific_hosts & accessory.hosts
      else
        accessory.hosts
      end
    end
    def remove_accessory(name)
      stop(name)
      remove_container(name)
      remove_image(name)
      remove_service_directory(name)
    end
    def prepare(name)
      with_accessory(name) do |accessory, hosts|
        on(hosts) do
          execute *KAMAL.registry.login(registry_config: accessory.registry)
          execute *KAMAL.docker.create_network
        rescue SSHKit::Command::Failed => e
          raise unless e.message.include?("already exists")
        end
      end
    end
 end
--- a/lib/kamal/cli/alias/command.rb
+++ b/lib/kamal/cli/alias/command.rb
@@ -0,0 +1,10 @@
 class Kamal::Cli::Alias::Command < Thor::DynamicCommand
  def run(instance, args = [])
    if (_alias = KAMAL.config.aliases[name])
      KAMAL.reset
      Kamal::Cli::Main.start(Shellwords.split(_alias.command) + ARGV[1..-1])
    else
      super
    end
  end
 end
--- a/lib/kamal/cli/app.rb
+++ b/lib/kamal/cli/app.rb
@@ -0,0 +1,355 @@
 class Kamal::Cli::App < Kamal::Cli::Base
  desc "boot", "Boot app on servers (or reboot app if already running)"
  def boot
    with_lock do
      say "Get most recent version available as an image...", :magenta unless options[:version]
      using_version(version_or_latest) do |version|
        say "Start container with version #{version} (or reboot if already running)...", :magenta
        # Assets are prepared in a separate step to ensure they are on all hosts before booting
        on(KAMAL.hosts) do
          KAMAL.roles_on(host).each do |role|
            Kamal::Cli::App::PrepareAssets.new(host, role, self).run
          end
        end
        # Primary hosts and roles are returned first, so they can open the barrier
        barrier = Kamal::Cli::Healthcheck::Barrier.new
        host_boot_groups.each do |hosts|
          host_list = Array(hosts).join(",")
          run_hook "pre-app-boot", hosts: host_list
          on(hosts) do |host|
            KAMAL.roles_on(host).each do |role|
              Kamal::Cli::App::Boot.new(host, role, self, version, barrier).run
            end
          end
          run_hook "post-app-boot", hosts: host_list
          sleep KAMAL.config.boot.wait if KAMAL.config.boot.wait
        end
        # Tag once the app booted on all hosts
        on(KAMAL.hosts) do |host|
          execute *KAMAL.auditor.record("Tagging #{KAMAL.config.absolute_image} as the latest image"), verbosity: :debug
          execute *KAMAL.app.tag_latest_image
        end
      end
    end
  end
  desc "start", "Start existing app container on servers"
  def start
    with_lock do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          app = KAMAL.app(role: role, host: host)
          execute *KAMAL.auditor.record("Started app version #{KAMAL.config.version}"), verbosity: :debug
          execute *app.start, raise_on_non_zero_exit: false
          if role.running_proxy?
            version = capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip
            endpoint = capture_with_info(*app.container_id_for_version(version)).strip
            raise Kamal::Cli::BootError, "Failed to get endpoint for #{role} on #{host}, did the container boot?" if endpoint.empty?
            execute *app.deploy(target: endpoint)
          end
        end
      end
    end
  end
  desc "stop", "Stop app container on servers"
  def stop
    with_lock do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          app = KAMAL.app(role: role, host: host)
          execute *KAMAL.auditor.record("Stopped app", role: role), verbosity: :debug
          if role.running_proxy?
            version = capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip
            endpoint = capture_with_info(*app.container_id_for_version(version)).strip
            if endpoint.present?
              execute *app.remove, raise_on_non_zero_exit: false
            end
          end
          execute *app.stop, raise_on_non_zero_exit: false
        end
      end
    end
  end
  # FIXME: Drop in favor of just containers?
  desc "details", "Show details about app containers"
  def details
    on(KAMAL.hosts) do |host|
      roles = KAMAL.roles_on(host)
      roles.each do |role|
        puts_by_host host, capture_with_info(*KAMAL.app(role: role, host: host).info)
      end
    end
  end
  desc "exec [CMD...]", "Execute a custom command on servers within the app container (use --help to show options)"
  option :interactive, aliases: "-i", type: :boolean, default: false, desc: "Execute command over ssh for an interactive shell (use for console/bash)"
  option :reuse, type: :boolean, default: false, desc: "Reuse currently running container instead of starting a new one"
  option :env, aliases: "-e", type: :hash, desc: "Set environment variables for the command"
  option :detach, type: :boolean, default: false, desc: "Execute command in a detached container"
  def exec(*cmd)
    if (incompatible_options = [ :interactive, :reuse ].select { |key| options[:detach] && options[key] }.presence)
      raise ArgumentError, "Detach is not compatible with #{incompatible_options.join(" or ")}"
    end
    cmd = Kamal::Utils.join_commands(cmd)
    env = options[:env]
    detach = options[:detach]
    case
    when options[:interactive] && options[:reuse]
      say "Get current version of running container...", :magenta unless options[:version]
      using_version(options[:version] || current_running_version) do |version|
        say "Launching interactive command with version #{version} via SSH from existing container on #{KAMAL.primary_host}...", :magenta
        run_locally { exec KAMAL.app(role: KAMAL.primary_role, host: KAMAL.primary_host).execute_in_existing_container_over_ssh(cmd, env: env) }
      end
    when options[:interactive]
      say "Get most recent version available as an image...", :magenta unless options[:version]
      using_version(version_or_latest) do |version|
        say "Launching interactive command with version #{version} via SSH from new container on #{KAMAL.primary_host}...", :magenta
        run_locally do
          exec KAMAL.app(role: KAMAL.primary_role, host: KAMAL.primary_host).execute_in_new_container_over_ssh(cmd, env: env)
        end
      end
    when options[:reuse]
      say "Get current version of running container...", :magenta unless options[:version]
      using_version(options[:version] || current_running_version) do |version|
        say "Launching command with version #{version} from existing container...", :magenta
        on(KAMAL.hosts) do |host|
          roles = KAMAL.roles_on(host)
          roles.each do |role|
            execute *KAMAL.auditor.record("Executed cmd '#{cmd}' on app version #{version}", role: role), verbosity: :debug
            puts_by_host host, capture_with_info(*KAMAL.app(role: role, host: host).execute_in_existing_container(cmd, env: env))
          end
        end
      end
    else
      say "Get most recent version available as an image...", :magenta unless options[:version]
      using_version(version_or_latest) do |version|
        say "Launching command with version #{version} from new container...", :magenta
        on(KAMAL.hosts) do |host|
          roles = KAMAL.roles_on(host)
          roles.each do |role|
            execute *KAMAL.auditor.record("Executed cmd '#{cmd}' on app version #{version}"), verbosity: :debug
            puts_by_host host, capture_with_info(*KAMAL.app(role: role, host: host).execute_in_new_container(cmd, env: env, detach: detach))
          end
        end
      end
    end
  end
  desc "containers", "Show app containers on servers"
  def containers
    on(KAMAL.hosts) { |host| puts_by_host host, capture_with_info(*KAMAL.app.list_containers) }
  end
  desc "stale_containers", "Detect app stale containers"
  option :stop, aliases: "-s", type: :boolean, default: false, desc: "Stop the stale containers found"
  def stale_containers
    stop = options[:stop]
    with_lock_if_stopping do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          app = KAMAL.app(role: role, host: host)
          versions = capture_with_info(*app.list_versions, raise_on_non_zero_exit: false).split("\n")
          versions -= [ capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip ]
          versions.each do |version|
            if stop
              puts_by_host host, "Stopping stale container for role #{role} with version #{version}"
              execute *app.stop(version: version), raise_on_non_zero_exit: false
            else
              puts_by_host host,  "Detected stale container for role #{role} with version #{version} (use `kamal app stale_containers --stop` to stop)"
            end
          end
        end
      end
    end
  end
  desc "images", "Show app images on servers"
  def images
    on(KAMAL.hosts) { |host| puts_by_host host, capture_with_info(*KAMAL.app.list_images) }
  end
  desc "logs", "Show log lines from app on servers (use --help to show options)"
  option :since, aliases: "-s", desc: "Show lines since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)"
  option :lines, type: :numeric, aliases: "-n", desc: "Number of lines to show from each server"
  option :grep, aliases: "-g", desc: "Show lines with grep match only (use this to fetch specific requests by id)"
  option :grep_options, desc: "Additional options supplied to grep"
  option :follow, aliases: "-f", desc: "Follow log on primary server (or specific host set by --hosts)"
  option :skip_timestamps, type: :boolean, aliases: "-T", desc: "Skip appending timestamps to logging output"
  option :container_id, desc: "Docker container ID to fetch logs"
  def logs
    # FIXME: Catch when app containers aren't running
    grep = options[:grep]
    grep_options = options[:grep_options]
    since = options[:since]
    container_id = options[:container_id]
    timestamps = !options[:skip_timestamps]
    if options[:follow]
      lines = options[:lines].presence || ((since || grep) ? nil : 10) # Default to 10 lines if since or grep isn't set
      run_locally do
        info "Following logs on #{KAMAL.primary_host}..."
        KAMAL.specific_roles ||= [ KAMAL.primary_role.name ]
        role = KAMAL.roles_on(KAMAL.primary_host).first
        app = KAMAL.app(role: role, host: host)
        info app.follow_logs(host: KAMAL.primary_host, container_id: container_id, timestamps: timestamps, lines: lines, grep: grep, grep_options: grep_options)
        exec app.follow_logs(host: KAMAL.primary_host, container_id: container_id, timestamps: timestamps, lines: lines, grep: grep, grep_options: grep_options)
      end
    else
      lines = options[:lines].presence || ((since || grep) ? nil : 100) # Default to 100 lines if since or grep isn't set
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          begin
            puts_by_host host, capture_with_info(*KAMAL.app(role: role, host: host).logs(container_id: container_id, timestamps: timestamps, since: since, lines: lines, grep: grep, grep_options: grep_options))
          rescue SSHKit::Command::Failed
            puts_by_host host, "Nothing found"
          end
        end
      end
    end
  end
  desc "remove", "Remove app containers and images from servers"
  def remove
    with_lock do
      stop
      remove_containers
      remove_images
      remove_app_directory
    end
  end
  desc "remove_container [VERSION]", "Remove app container with given version from servers", hide: true
  def remove_container(version)
    with_lock do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          execute *KAMAL.auditor.record("Removed app container with version #{version}", role: role), verbosity: :debug
          execute *KAMAL.app(role: role, host: host).remove_container(version: version)
        end
      end
    end
  end
  desc "remove_containers", "Remove all app containers from servers", hide: true
  def remove_containers
    with_lock do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          execute *KAMAL.auditor.record("Removed all app containers", role: role), verbosity: :debug
          execute *KAMAL.app(role: role, host: host).remove_containers
        end
      end
    end
  end
  desc "remove_images", "Remove all app images from servers", hide: true
  def remove_images
    with_lock do
      on(KAMAL.hosts) do
        execute *KAMAL.auditor.record("Removed all app images"), verbosity: :debug
        execute *KAMAL.app.remove_images
      end
    end
  end
  desc "remove_app_directory", "Remove the service directory from servers", hide: true
  def remove_app_directory
    with_lock do
      on(KAMAL.hosts) do |host|
        roles = KAMAL.roles_on(host)
        roles.each do |role|
          execute *KAMAL.auditor.record("Removed #{KAMAL.config.app_directory} on all servers", role: role), verbosity: :debug
          execute *KAMAL.server.remove_app_directory, raise_on_non_zero_exit: false
        end
      end
    end
  end
  desc "version", "Show app version currently running on servers"
  def version
    on(KAMAL.hosts) do |host|
      role = KAMAL.roles_on(host).first
      puts_by_host host, capture_with_info(*KAMAL.app(role: role, host: host).current_running_version).strip
    end
  end
  private
    def using_version(new_version)
      if new_version
        begin
          old_version = KAMAL.config.version
          KAMAL.config.version = new_version
          yield new_version
        ensure
          KAMAL.config.version = old_version
        end
      else
        yield KAMAL.config.version
      end
    end
    def current_running_version(host: KAMAL.primary_host)
      version = nil
      on(host) do
        role = KAMAL.roles_on(host).first
        version = capture_with_info(*KAMAL.app(role: role, host: host).current_running_version).strip
      end
      version.presence
    end
    def version_or_latest
      options[:version] || KAMAL.config.latest_tag
    end
    def with_lock_if_stopping
      if options[:stop]
        with_lock { yield }
      else
        yield
      end
    end
    def host_boot_groups
      KAMAL.config.boot.limit ? KAMAL.hosts.each_slice(KAMAL.config.boot.limit).to_a : [ KAMAL.hosts ]
    end
 end
--- a/lib/kamal/cli/app/boot.rb
+++ b/lib/kamal/cli/app/boot.rb
@@ -0,0 +1,125 @@
 class Kamal::Cli::App::Boot
  attr_reader :host, :role, :version, :barrier, :sshkit
  delegate :execute, :capture_with_info, :capture_with_pretty_json, :info, :error, :upload!, to: :sshkit
  delegate :assets?, :running_proxy?, to: :role
  def initialize(host, role, sshkit, version, barrier)
    @host = host
    @role = role
    @version = version
    @barrier = barrier
    @sshkit = sshkit
  end
  def run
    old_version = old_version_renamed_if_clashing
    wait_at_barrier if queuer?
    begin
      start_new_version
    rescue => e
      close_barrier if gatekeeper?
      stop_new_version
      raise
    end
    release_barrier if gatekeeper?
    if old_version
      stop_old_version(old_version)
    end
  end
  private
    def old_version_renamed_if_clashing
      if capture_with_info(*app.container_id_for_version(version), raise_on_non_zero_exit: false).present?
        renamed_version = "#{version}_replaced_#{SecureRandom.hex(8)}"
        info "Renaming container #{version} to #{renamed_version} as already deployed on #{host}"
        audit("Renaming container #{version} to #{renamed_version}")
        execute *app.rename_container(version: version, new_version: renamed_version)
      end
      capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip.presence
    end
    def start_new_version
      audit "Booted app version #{version}"
      hostname = "#{host.to_s[0...51].chomp(".")}-#{SecureRandom.hex(6)}"
      execute *app.ensure_env_directory
      upload! role.secrets_io(host), role.secrets_path, mode: "0600"
      execute *app.run(hostname: hostname)
      if running_proxy?
        endpoint = capture_with_info(*app.container_id_for_version(version)).strip
        raise Kamal::Cli::BootError, "Failed to get endpoint for #{role} on #{host}, did the container boot?" if endpoint.empty?
        execute *app.deploy(target: endpoint)
      else
        Kamal::Cli::Healthcheck::Poller.wait_for_healthy(pause_after_ready: true) { capture_with_info(*app.status(version: version)) }
      end
    rescue => e
      error "Failed to boot #{role} on #{host}"
      raise e
    end
    def stop_new_version
      execute *app.stop(version: version), raise_on_non_zero_exit: false
    end
    def stop_old_version(version)
      execute *app.stop(version: version), raise_on_non_zero_exit: false
      execute *app.clean_up_assets if assets?
    end
    def release_barrier
      if barrier.open
        info "First #{KAMAL.primary_role} container is healthy on #{host}, booting any other roles"
      end
    end
    def wait_at_barrier
      info "Waiting for the first healthy #{KAMAL.primary_role} container before booting #{role} on #{host}..."
      barrier.wait
      info "First #{KAMAL.primary_role} container is healthy, booting #{role} on #{host}..."
    rescue Kamal::Cli::Healthcheck::Error
      info "First #{KAMAL.primary_role} container is unhealthy, not booting #{role} on #{host}"
      raise
    end
    def close_barrier
      if barrier.close
        info "First #{KAMAL.primary_role} container is unhealthy on #{host}, not booting any other roles"
        begin
          error capture_with_info(*app.logs(container_id: app.container_id_for_version(version)))
          error capture_with_info(*app.container_health_log(version: version))
        rescue SSHKit::Command::Failed
          error "Could not fetch logs for #{version}"
        end
      end
    end
    def barrier_role?
      role == KAMAL.primary_role
    end
    def app
      @app ||= KAMAL.app(role: role, host: host)
    end
    def auditor
      @auditor = KAMAL.auditor(role: role)
    end
    def audit(message)
      execute *auditor.record(message), verbosity: :debug
    end
    def gatekeeper?
      barrier && barrier_role?
    end
    def queuer?
      barrier && !barrier_role?
    end
 end
--- a/lib/kamal/cli/app/prepare_assets.rb
+++ b/lib/kamal/cli/app/prepare_assets.rb
@@ -0,0 +1,24 @@
 class Kamal::Cli::App::PrepareAssets
  attr_reader :host, :role, :sshkit
  delegate :execute, :capture_with_info, :info, to: :sshkit
  delegate :assets?, to: :role
  def initialize(host, role, sshkit)
    @host = host
    @role = role
    @sshkit = sshkit
  end
  def run
    if assets?
      execute *app.extract_assets
      old_version = capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip
      execute *app.sync_asset_volumes(old_version: old_version)
    end
  end
  private
    def app
      @app ||= KAMAL.app(role: role, host: host)
    end
 end
--- a/lib/kamal/cli/base.rb
+++ b/lib/kamal/cli/base.rb
@@ -0,0 +1,213 @@
 require "thor"
 require "kamal/sshkit_with_ext"
 module Kamal::Cli
  class Base < Thor
    include SSHKit::DSL
    def self.exit_on_failure?() true end
    def self.dynamic_command_class() Kamal::Cli::Alias::Command end
    class_option :verbose, type: :boolean, aliases: "-v", desc: "Detailed logging"
    class_option :quiet, type: :boolean, aliases: "-q", desc: "Minimal logging"
    class_option :version, desc: "Run commands against a specific app version"
    class_option :primary, type: :boolean, aliases: "-p", desc: "Run commands only on primary host instead of all"
    class_option :hosts, aliases: "-h", desc: "Run commands on these hosts instead of all (separate by comma, supports wildcards with *)"
    class_option :roles, aliases: "-r", desc: "Run commands on these roles instead of all (separate by comma, supports wildcards with *)"
    class_option :config_file, aliases: "-c", default: "config/deploy.yml", desc: "Path to config file"
    class_option :destination, aliases: "-d", desc: "Specify destination to be used for config file (staging -> deploy.staging.yml)"
    class_option :skip_hooks, aliases: "-H", type: :boolean, default: false, desc: "Don't run hooks"
    def initialize(args = [], local_options = {}, config = {})
      if config[:current_command].is_a?(Kamal::Cli::Alias::Command)
        # When Thor generates a dynamic command, it doesn't attempt to parse the arguments.
        # For our purposes, it means the arguments are passed in args rather than local_options.
        super([], args, config)
      else
        super
      end
      initialize_commander unless KAMAL.configured?
    end
    private
      def options_with_subcommand_class_options
        options.merge(@_initializer.last[:class_options] || {})
      end
      def initialize_commander
        KAMAL.tap do |commander|
          if options[:verbose]
            ENV["VERBOSE"] = "1" # For backtraces via cli/start
            commander.verbosity = :debug
          end
          if options[:quiet]
            commander.verbosity = :error
          end
          commander.configure \
            config_file: Pathname.new(File.expand_path(options[:config_file])),
            destination: options[:destination],
            version: options[:version]
          commander.specific_hosts    = options[:hosts]&.split(",")
          commander.specific_roles    = options[:roles]&.split(",")
          commander.specific_primary! if options[:primary]
        end
      end
      def print_runtime
        started_at = Time.now
        yield
        Time.now - started_at
      ensure
        runtime = Time.now - started_at
        puts "  Finished all in #{sprintf("%.1f seconds", runtime)}"
      end
      def with_lock
        if KAMAL.holding_lock?
          yield
        else
          acquire_lock
          begin
            yield
          rescue
            begin
              release_lock
            rescue => e
              say "Error releasing the deploy lock: #{e.message}", :red
            end
            raise
          end
          release_lock
        end
      end
      def confirming(question)
        return yield if options[:confirmed]
        if ask(question, limited_to: %w[ y N ], default: "N") == "y"
          yield
        else
          say "Aborted", :red
        end
      end
      def acquire_lock
        ensure_run_directory
        raise_if_locked do
          say "Acquiring the deploy lock...", :magenta
          on(KAMAL.primary_host) { execute *KAMAL.lock.acquire("Automatic deploy lock", KAMAL.config.version), verbosity: :debug }
        end
        KAMAL.holding_lock = true
      end
      def release_lock
        say "Releasing the deploy lock...", :magenta
        on(KAMAL.primary_host) { execute *KAMAL.lock.release, verbosity: :debug }
        KAMAL.holding_lock = false
      end
      def raise_if_locked
        yield
      rescue SSHKit::Runner::ExecuteError => e
        if e.message =~ /cannot create directory/
          say "Deploy lock already in place!", :red
          on(KAMAL.primary_host) { puts capture_with_debug(*KAMAL.lock.status) }
          raise LockError, "Deploy lock found. Run 'kamal lock help' for more information"
        else
          raise e
        end
      end
      def run_hook(hook, **extra_details)
        if !options[:skip_hooks] && KAMAL.hook.hook_exists?(hook)
          details = { hosts: KAMAL.hosts.join(","), command: command, subcommand: subcommand }
          say "Running the #{hook} hook...", :magenta
          with_env KAMAL.hook.env(**details, **extra_details) do
            run_locally do
              execute *KAMAL.hook.run(hook)
            end
          rescue SSHKit::Command::Failed => e
            raise HookError.new("Hook `#{hook}` failed:\n#{e.message}")
          end
        end
      end
      def on(*args, &block)
        if !KAMAL.connected?
          run_hook "pre-connect"
          KAMAL.connected = true
        end
        super
      end
      def command
        @kamal_command ||= begin
          invocation_class, invocation_commands = *first_invocation
          if invocation_class == Kamal::Cli::Main
            invocation_commands[0]
          else
            Kamal::Cli::Main.subcommand_classes.find { |command, clazz| clazz == invocation_class }[0]
          end
        end
      end
      def subcommand
        @kamal_subcommand ||= begin
          invocation_class, invocation_commands = *first_invocation
          invocation_commands[0] if invocation_class != Kamal::Cli::Main
        end
      end
      def first_invocation
        instance_variable_get("@_invocations").first
      end
      def reset_invocation(cli_class)
        instance_variable_get("@_invocations")[cli_class].pop
      end
      def ensure_run_directory
        on(KAMAL.hosts) do
          execute(*KAMAL.server.ensure_run_directory)
        end
      end
      def with_env(env)
        current_env = ENV.to_h.dup
        ENV.update(env)
        yield
      ensure
        ENV.clear
        ENV.update(current_env)
      end
      def ensure_docker_installed
        run_locally do
          begin
            execute *KAMAL.builder.ensure_docker_installed
          rescue SSHKit::Command::Failed => e
            error = e.message =~ /command not found/ ?
              "Docker is not installed locally" :
              "Docker buildx plugin is not installed locally"
            raise DependencyError, error
          end
        end
      end
  end
 end
--- a/lib/kamal/cli/build.rb
+++ b/lib/kamal/cli/build.rb
@@ -0,0 +1,184 @@
 require "uri"
 class Kamal::Cli::Build < Kamal::Cli::Base
  class BuildError < StandardError; end
  desc "deliver", "Build app and push app image to registry then pull image on servers"
  def deliver
    invoke :push
    invoke :pull
  end
  desc "push", "Build and push app image to registry"
  option :output, type: :string, default: "registry", banner: "export_type", desc: "Exported type for the build result, and may be any exported type supported by 'buildx --output'."
  def push
    cli = self
    ensure_docker_installed
    run_hook "pre-build"
    uncommitted_changes = Kamal::Git.uncommitted_changes
    if KAMAL.config.builder.git_clone?
      if uncommitted_changes.present?
        say "Building from a local git clone, so ignoring these uncommitted changes:\n #{uncommitted_changes}", :yellow
      end
      run_locally do
        Clone.new(self).prepare
      end
    elsif uncommitted_changes.present?
      say "Building with uncommitted changes:\n #{uncommitted_changes}", :yellow
    end
    with_env(KAMAL.config.builder.secrets) do
      run_locally do
        begin
          execute *KAMAL.builder.inspect_builder
        rescue SSHKit::Command::Failed => e
          if e.message =~ /(context not found|no builder|no compatible builder|does not exist)/
            warn "Missing compatible builder, so creating a new one first"
            begin
              cli.remove
            rescue SSHKit::Command::Failed
              raise unless e.message =~ /(context not found|no builder|does not exist)/
            end
            cli.create
          else
            raise
          end
        end
        # Get the command here to ensure the Dir.chdir doesn't interfere with it
        push = KAMAL.builder.push(cli.options[:output])
        KAMAL.with_verbosity(:debug) do
          Dir.chdir(KAMAL.config.builder.build_directory) { execute *push }
        end
      end
    end
  end
  desc "pull", "Pull app image from registry onto servers"
  def pull
    if (first_hosts = mirror_hosts).any?
      #  Pull on a single host per mirror first to seed them
      say "Pulling image on #{first_hosts.join(", ")} to seed the #{"mirror".pluralize(first_hosts.count)}...", :magenta
      pull_on_hosts(first_hosts)
      say "Pulling image on remaining hosts...", :magenta
      pull_on_hosts(KAMAL.hosts - first_hosts)
    else
      pull_on_hosts(KAMAL.hosts)
    end
  end
  desc "create", "Create a build setup"
  def create
    if (remote_host = KAMAL.config.builder.remote)
      connect_to_remote_host(remote_host)
    end
    run_locally do
      begin
        debug "Using builder: #{KAMAL.builder.name}"
        execute *KAMAL.builder.create
      rescue SSHKit::Command::Failed => e
        if e.message =~ /stderr=(.*)/
          error "Couldn't create remote builder: #{$1}"
          false
        else
          raise
        end
      end
    end
  end
  desc "remove", "Remove build setup"
  def remove
    run_locally do
      debug "Using builder: #{KAMAL.builder.name}"
      execute *KAMAL.builder.remove
    end
  end
  desc "details", "Show build setup"
  def details
    run_locally do
      puts "Builder: #{KAMAL.builder.name}"
      puts capture(*KAMAL.builder.info)
    end
  end
  desc "dev", "Build using the working directory, tag it as dirty, and push to local image store."
  option :output, type: :string, default: "docker", banner: "export_type", desc: "Exported type for the build result, and may be any exported type supported by 'buildx --output'."
  def dev
    cli = self
    ensure_docker_installed
    docker_included_files = Set.new(Kamal::Docker.included_files)
    git_uncommitted_files = Set.new(Kamal::Git.uncommitted_files)
    git_untracked_files = Set.new(Kamal::Git.untracked_files)
    docker_uncommitted_files = docker_included_files & git_uncommitted_files
    if docker_uncommitted_files.any?
      say "WARNING: Files with uncommitted changes will be present in the dev container:", :yellow
      docker_uncommitted_files.sort.each { |f| say "  #{f}", :yellow }
      say
    end
    docker_untracked_files = docker_included_files & git_untracked_files
    if docker_untracked_files.any?
      say "WARNING: Untracked files will be present in the dev container:", :yellow
      docker_untracked_files.sort.each { |f| say "  #{f}", :yellow }
      say
    end
    with_env(KAMAL.config.builder.secrets) do
      run_locally do
        build = KAMAL.builder.push(cli.options[:output], tag_as_dirty: true)
        KAMAL.with_verbosity(:debug) do
          execute(*build)
        end
      end
    end
  end
  private
    def connect_to_remote_host(remote_host)
      remote_uri = URI.parse(remote_host)
      if remote_uri.scheme == "ssh"
        host = SSHKit::Host.new(
          hostname: remote_uri.host,
          ssh_options: { user: remote_uri.user, port: remote_uri.port }.compact
        )
        on(host, options) do
          execute "true"
        end
      end
    end
    def mirror_hosts
      if KAMAL.hosts.many?
        mirror_hosts = Concurrent::Hash.new
        on(KAMAL.hosts) do |host|
          first_mirror = capture_with_info(*KAMAL.builder.first_mirror).strip.presence
          mirror_hosts[first_mirror] ||= host.to_s if first_mirror
        rescue SSHKit::Command::Failed => e
          raise unless e.message =~ /error calling index: reflect: slice index out of range/
        end
        mirror_hosts.values
      else
        []
      end
    end
    def pull_on_hosts(hosts)
      on(hosts) do
        execute *KAMAL.auditor.record("Pulled image with version #{KAMAL.config.version}"), verbosity: :debug
        execute *KAMAL.builder.clean, raise_on_non_zero_exit: false
        execute *KAMAL.builder.pull
        execute *KAMAL.builder.validate_image
      end
    end
 end
--- a/lib/kamal/cli/build/clone.rb
+++ b/lib/kamal/cli/build/clone.rb
@@ -0,0 +1,61 @@
 require "uri"
 class Kamal::Cli::Build::Clone
  attr_reader :sshkit
  delegate :info, :error, :execute, :capture_with_info, to: :sshkit
  def initialize(sshkit)
    @sshkit = sshkit
  end
  def prepare
    begin
      clone_repo
    rescue SSHKit::Command::Failed => e
      if e.message =~ /already exists and is not an empty directory/
        reset
      else
        raise Kamal::Cli::Build::BuildError, "Failed to clone repo: #{e.message}"
      end
    end
    validate!
  rescue Kamal::Cli::Build::BuildError => e
    error "Error preparing clone: #{e.message}, deleting and retrying..."
    FileUtils.rm_rf KAMAL.config.builder.clone_directory
    clone_repo
    validate!
  end
  private
    def clone_repo
      info "Cloning repo into build directory `#{KAMAL.config.builder.build_directory}`..."
      FileUtils.mkdir_p KAMAL.config.builder.clone_directory
      execute *KAMAL.builder.clone
    end
    def reset
      info "Resetting local clone as `#{KAMAL.config.builder.build_directory}` already exists..."
      KAMAL.builder.clone_reset_steps.each { |step| execute *step }
    rescue SSHKit::Command::Failed => e
      raise Kamal::Cli::Build::BuildError, "Failed to clone repo: #{e.message}"
    end
    def validate!
      status = capture_with_info(*KAMAL.builder.clone_status).strip
      unless status.empty?
        raise Kamal::Cli::Build::BuildError, "Clone in #{KAMAL.config.builder.build_directory} is dirty, #{status}"
      end
      revision = capture_with_info(*KAMAL.builder.clone_revision).strip
      if revision != Kamal::Git.revision
        raise Kamal::Cli::Build::BuildError, "Clone in #{KAMAL.config.builder.build_directory} is not on the correct revision, expected `#{Kamal::Git.revision}` but got `#{revision}`"
      end
    rescue SSHKit::Command::Failed => e
      raise Kamal::Cli::Build::BuildError, "Failed to validate clone: #{e.message}"
    end
 end
--- a/lib/kamal/cli/healthcheck/barrier.rb
+++ b/lib/kamal/cli/healthcheck/barrier.rb
@@ -0,0 +1,33 @@
 require "concurrent/ivar"
 class Kamal::Cli::Healthcheck::Barrier
  def initialize
    @ivar = Concurrent::IVar.new
  end
  def close
    set(false)
  end
  def open
    set(true)
  end
  def wait
    unless opened?
      raise Kamal::Cli::Healthcheck::Error.new("Halted at barrier")
    end
  end
  private
    def opened?
      @ivar.value
    end
    def set(value)
      @ivar.set(value)
      true
    rescue Concurrent::MultipleAssignmentError
      false
    end
 end
--- a/lib/kamal/cli/healthcheck/error.rb
+++ b/lib/kamal/cli/healthcheck/error.rb
@@ -0,0 +1,2 @@
 class Kamal::Cli::Healthcheck::Error < StandardError
 end
--- a/lib/kamal/cli/healthcheck/poller.rb
+++ b/lib/kamal/cli/healthcheck/poller.rb
@@ -0,0 +1,42 @@
 module Kamal::Cli::Healthcheck::Poller
  extend self
  def wait_for_healthy(role, &block)
    attempt = 1
    timeout_at = Time.now + KAMAL.config.deploy_timeout
    readiness_delay = KAMAL.config.readiness_delay
    begin
      status = block.call
      if status == "running"
        # Wait for the readiness delay and confirm it is still running
        if readiness_delay > 0
          info "Container is running, waiting for readiness delay of #{readiness_delay} seconds"
          sleep readiness_delay
          status = block.call
        end
      end
      unless %w[ running healthy ].include?(status)
        raise Kamal::Cli::Healthcheck::Error, "container not ready after #{KAMAL.config.deploy_timeout} seconds (#{status})"
      end
    rescue Kamal::Cli::Healthcheck::Error => e
      time_left = timeout_at - Time.now
      if time_left > 0
        sleep [ attempt, time_left ].min
        attempt += 1
        retry
      else
        raise
      end
    end
    info "Container is healthy!"
  end
  private
    def info(message)
      SSHKit.config.output.info(message)
    end
 end
--- a/lib/kamal/cli/lock.rb
+++ b/lib/kamal/cli/lock.rb
@@ -1,8 +1,10 @@
-class Mrsk::Cli::Lock < Mrsk::Cli::Base
+class Kamal::Cli::Lock < Kamal::Cli::Base
  desc "status", "Report lock status"
  def status
    handle_missing_lock do
-      on(MRSK.primary_host) { puts capture_with_debug(*MRSK.lock.status) }
+      on(KAMAL.primary_host) do
        puts capture_with_debug(*KAMAL.lock.status)
      end
    end
  end
@@ -10,8 +12,12 @@ class Mrsk::Cli::Lock < Mrsk::Cli::Base
  option :message, aliases: "-m", type: :string, desc: "A lock message", required: true
  def acquire
    message = options[:message]
    ensure_run_directory
    raise_if_locked do
-      on(MRSK.primary_host) { execute *MRSK.lock.acquire(message, MRSK.config.version), verbosity: :debug }
+      on(KAMAL.primary_host) do
        execute *KAMAL.lock.acquire(message, KAMAL.config.version), verbosity: :debug
      end
      say "Acquired the deploy lock"
    end
  end
@@ -19,7 +25,9 @@ class Mrsk::Cli::Lock < Mrsk::Cli::Base
  desc "release", "Release the deploy lock"
  def release
    handle_missing_lock do
-      on(MRSK.primary_host) { execute *MRSK.lock.release, verbosity: :debug }
+      on(KAMAL.primary_host) do
        execute *KAMAL.lock.release, verbosity: :debug
      end
      say "Released the deploy lock"
    end
  end
--- a/lib/kamal/cli/main.rb
+++ b/lib/kamal/cli/main.rb
@@ -0,0 +1,280 @@
 class Kamal::Cli::Main < Kamal::Cli::Base
  desc "setup", "Setup all accessories, push the env, and deploy app to servers"
  option :skip_push, aliases: "-P", type: :boolean, default: false, desc: "Skip image build and push"
  def setup
    print_runtime do
      with_lock do
        invoke_options = deploy_options
        say "Ensure Docker is installed...", :magenta
        invoke "kamal:cli:server:bootstrap", [], invoke_options
        deploy(boot_accessories: true)
      end
    end
  end
  desc "deploy", "Deploy app to servers"
  option :skip_push, aliases: "-P", type: :boolean, default: false, desc: "Skip image build and push"
  def deploy(boot_accessories: false)
    runtime = print_runtime do
      invoke_options = deploy_options
      say "Log into image registry...", :magenta
      invoke "kamal:cli:registry:login", [], invoke_options.merge(skip_local: options[:skip_push])
      if options[:skip_push]
        say "Pull app image...", :magenta
        invoke "kamal:cli:build:pull", [], invoke_options
      else
        say "Build and push app image...", :magenta
        invoke "kamal:cli:build:deliver", [], invoke_options
      end
      with_lock do
        run_hook "pre-deploy", secrets: true
        say "Ensure kamal-proxy is running...", :magenta
        invoke "kamal:cli:proxy:boot", [], invoke_options
        invoke "kamal:cli:accessory:boot", [ "all" ], invoke_options if boot_accessories
        say "Detect stale containers...", :magenta
        invoke "kamal:cli:app:stale_containers", [], invoke_options.merge(stop: true)
        invoke "kamal:cli:app:boot", [], invoke_options
        say "Prune old containers and images...", :magenta
        invoke "kamal:cli:prune:all", [], invoke_options
      end
    end
    run_hook "post-deploy", secrets: true, runtime: runtime.round.to_s
  end
  desc "redeploy", "Deploy app to servers without bootstrapping servers, starting kamal-proxy, pruning, and registry login"
  option :skip_push, aliases: "-P", type: :boolean, default: false, desc: "Skip image build and push"
  def redeploy
    runtime = print_runtime do
      invoke_options = deploy_options
      if options[:skip_push]
        say "Pull app image...", :magenta
        invoke "kamal:cli:build:pull", [], invoke_options
      else
        say "Build and push app image...", :magenta
        invoke "kamal:cli:build:deliver", [], invoke_options
      end
      with_lock do
        run_hook "pre-deploy", secrets: true
        say "Detect stale containers...", :magenta
        invoke "kamal:cli:app:stale_containers", [], invoke_options.merge(stop: true)
        invoke "kamal:cli:app:boot", [], invoke_options
      end
    end
    run_hook "post-deploy", secrets: true, runtime: runtime.round.to_s
  end
  desc "rollback [VERSION]", "Rollback app to VERSION"
  def rollback(version)
    rolled_back = false
    runtime = print_runtime do
      with_lock do
        invoke_options = deploy_options
        KAMAL.config.version = version
        old_version = nil
        if container_available?(version)
          run_hook "pre-deploy", secrets: true
          invoke "kamal:cli:app:boot", [], invoke_options.merge(version: version)
          rolled_back = true
        else
          say "The app version '#{version}' is not available as a container (use 'kamal app containers' for available versions)", :red
        end
      end
    end
    run_hook "post-deploy", secrets: true, runtime: runtime.round.to_s if rolled_back
  end
  desc "details", "Show details about all containers"
  def details
    invoke "kamal:cli:proxy:details"
    invoke "kamal:cli:app:details"
    invoke "kamal:cli:accessory:details", [ "all" ]
  end
  desc "audit", "Show audit log from servers"
  def audit
    on(KAMAL.hosts) do |host|
      puts_by_host host, capture_with_info(*KAMAL.auditor.reveal)
    end
  end
  desc "config", "Show combined config (including secrets!)"
  def config
    run_locally do
      puts Kamal::Utils.redacted(KAMAL.config.to_h).to_yaml
    end
  end
  desc "docs [SECTION]", "Show Kamal configuration documentation"
  def docs(section = nil)
    case section
    when NilClass
      puts Kamal::Configuration.validation_doc
    else
      puts Kamal::Configuration.const_get(section.titlecase.to_sym).validation_doc
    end
  rescue NameError
    puts "No documentation found for #{section}"
  end
  desc "init", "Create config stub in config/deploy.yml and secrets stub in .kamal"
  option :bundle, type: :boolean, default: false, desc: "Add Kamal to the Gemfile and create a bin/kamal binstub"
  def init
    require "fileutils"
    if (deploy_file = Pathname.new(File.expand_path("config/deploy.yml"))).exist?
      puts "Config file already exists in config/deploy.yml (remove first to create a new one)"
    else
      FileUtils.mkdir_p deploy_file.dirname
      FileUtils.cp_r Pathname.new(File.expand_path("templates/deploy.yml", __dir__)), deploy_file
      puts "Created configuration file in config/deploy.yml"
    end
    unless (secrets_file = Pathname.new(File.expand_path(".kamal/secrets"))).exist?
      FileUtils.mkdir_p secrets_file.dirname
      FileUtils.cp_r Pathname.new(File.expand_path("templates/secrets", __dir__)), secrets_file
      puts "Created .kamal/secrets file"
    end
    unless (hooks_dir = Pathname.new(File.expand_path(".kamal/hooks"))).exist?
      hooks_dir.mkpath
      Pathname.new(File.expand_path("templates/sample_hooks", __dir__)).each_child do |sample_hook|
        FileUtils.cp sample_hook, hooks_dir, preserve: true
      end
      puts "Created sample hooks in .kamal/hooks"
    end
    if options[:bundle]
      if (binstub = Pathname.new(File.expand_path("bin/kamal"))).exist?
        puts "Binstub already exists in bin/kamal (remove first to create a new one)"
      else
        puts "Adding Kamal to Gemfile and bundle..."
        run_locally do
          execute :bundle, :add, :kamal
          execute :bundle, :binstubs, :kamal
        end
        puts "Created binstub file in bin/kamal"
      end
    end
  end
  desc "remove", "Remove kamal-proxy, app, accessories, and registry session from servers"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  def remove
    confirming "This will remove all containers and images. Are you sure?" do
      with_lock do
        invoke "kamal:cli:app:remove", [], options.without(:confirmed)
        invoke "kamal:cli:proxy:remove", [], options.without(:confirmed)
        invoke "kamal:cli:accessory:remove", [ "all" ], options
        invoke "kamal:cli:registry:logout", [], options.without(:confirmed).merge(skip_local: true)
      end
    end
  end
  desc "upgrade", "Upgrade from Kamal 1.x to 2.0"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  option :rolling, type: :boolean, default: false, desc: "Upgrade one host at a time"
  def upgrade
    confirming "This will replace Traefik with kamal-proxy and restart all accessories" do
      with_lock do
        if options[:rolling]
          (KAMAL.hosts | KAMAL.accessory_hosts).each do |host|
            KAMAL.with_specific_hosts(host) do
              say "Upgrading #{host}...", :magenta
              if KAMAL.hosts.include?(host)
                invoke "kamal:cli:proxy:upgrade", [], options.merge(confirmed: true, rolling: false)
                reset_invocation(Kamal::Cli::Proxy)
              end
              if KAMAL.accessory_hosts.include?(host)
                invoke "kamal:cli:accessory:upgrade", [ "all" ], options.merge(confirmed: true, rolling: false)
                reset_invocation(Kamal::Cli::Accessory)
              end
              say "Upgraded #{host}", :magenta
            end
          end
        else
          say "Upgrading all hosts...", :magenta
          invoke "kamal:cli:proxy:upgrade", [], options.merge(confirmed: true)
          invoke "kamal:cli:accessory:upgrade", [ "all" ], options.merge(confirmed: true)
          say "Upgraded all hosts", :magenta
        end
      end
    end
  end
  desc "version", "Show Kamal version"
  def version
    puts Kamal::VERSION
  end
  desc "accessory", "Manage accessories (db/redis/search)"
  subcommand "accessory", Kamal::Cli::Accessory
  desc "app", "Manage application"
  subcommand "app", Kamal::Cli::App
  desc "build", "Build application image"
  subcommand "build", Kamal::Cli::Build
  desc "lock", "Manage the deploy lock"
  subcommand "lock", Kamal::Cli::Lock
  desc "proxy", "Manage kamal-proxy"
  subcommand "proxy", Kamal::Cli::Proxy
  desc "prune", "Prune old application images and containers"
  subcommand "prune", Kamal::Cli::Prune
  desc "registry", "Login and -out of the image registry"
  subcommand "registry", Kamal::Cli::Registry
  desc "secrets", "Helpers for extracting secrets"
  subcommand "secrets", Kamal::Cli::Secrets
  desc "server", "Bootstrap servers with curl and Docker"
  subcommand "server", Kamal::Cli::Server
  private
    def container_available?(version)
      begin
        on(KAMAL.hosts) do
          KAMAL.roles_on(host).each do |role|
            container_id = capture_with_info(*KAMAL.app(role: role, host: host).container_id_for_version(version))
            raise "Container not found" unless container_id.present?
          end
        end
      rescue SSHKit::Runner::ExecuteError, SSHKit::Runner::MultipleExecuteError => e
        if e.message =~ /Container not found/
          say "Error looking for container version #{version}: #{e.message}"
          return false
        else
          raise
        end
      end
      true
    end
    def deploy_options
      { "version" => KAMAL.config.version }.merge(options.without("skip_push"))
    end
 end
--- a/lib/kamal/cli/proxy.rb
+++ b/lib/kamal/cli/proxy.rb
@@ -0,0 +1,255 @@
 class Kamal::Cli::Proxy < Kamal::Cli::Base
  desc "boot", "Boot proxy on servers"
  def boot
    with_lock do
      on(KAMAL.hosts) do |host|
        execute *KAMAL.docker.create_network
      rescue SSHKit::Command::Failed => e
        raise unless e.message.include?("already exists")
      end
      on(KAMAL.proxy_hosts) do |host|
        execute *KAMAL.registry.login
        version = capture_with_info(*KAMAL.proxy.version).strip.presence
        if version && Kamal::Utils.older_version?(version, Kamal::Configuration::PROXY_MINIMUM_VERSION)
          raise "kamal-proxy version #{version} is too old, run `kamal proxy reboot` in order to update to at least #{Kamal::Configuration::PROXY_MINIMUM_VERSION}"
        end
        execute *KAMAL.proxy.start_or_run
      end
    end
  end
  desc "boot_config <set|get|reset>", "Manage kamal-proxy boot configuration"
  option :publish, type: :boolean, default: true, desc: "Publish the proxy ports on the host"
  option :publish_host_ip, type: :string, repeatable: true, default: nil, desc: "Host IP address to bind HTTP/HTTPS traffic to. Defaults to all interfaces"
  option :http_port, type: :numeric, default: Kamal::Configuration::PROXY_HTTP_PORT, desc: "HTTP port to publish on the host"
  option :https_port, type: :numeric, default: Kamal::Configuration::PROXY_HTTPS_PORT, desc: "HTTPS port to publish on the host"
  option :log_max_size, type: :string, default: Kamal::Configuration::PROXY_LOG_MAX_SIZE, desc: "Max size of proxy logs"
  option :docker_options, type: :array, default: [], desc: "Docker options to pass to the proxy container", banner: "option=value option2=value2"
  def boot_config(subcommand)
    case subcommand
    when "set"
      boot_options = [
        *(KAMAL.config.proxy_publish_args(options[:http_port], options[:https_port], options[:publish_host_ip]) if options[:publish]),
        *(KAMAL.config.proxy_logging_args(options[:log_max_size])),
        *options[:docker_options].map { |option| "--#{option}" }
      ]
      on(KAMAL.proxy_hosts) do |host|
        execute(*KAMAL.proxy.ensure_proxy_directory)
        upload! StringIO.new(boot_options.join(" ")), KAMAL.config.proxy_options_file
      end
    when "get"
      on(KAMAL.proxy_hosts) do |host|
        puts "Host #{host}: #{capture_with_info(*KAMAL.proxy.get_boot_options)}"
      end
    when "reset"
      on(KAMAL.proxy_hosts) do |host|
        execute *KAMAL.proxy.reset_boot_options
      end
    else
      raise ArgumentError, "Unknown boot_config subcommand #{subcommand}"
    end
  end
  desc "reboot", "Reboot proxy on servers (stop container, remove container, start new container)"
  option :rolling, type: :boolean, default: false, desc: "Reboot proxy on hosts in sequence, rather than in parallel"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  def reboot
    confirming "This will cause a brief outage on each host. Are you sure?" do
      with_lock do
        host_groups = options[:rolling] ? KAMAL.proxy_hosts : [ KAMAL.proxy_hosts ]
        host_groups.each do |hosts|
          host_list = Array(hosts).join(",")
          run_hook "pre-proxy-reboot", hosts: host_list
          on(hosts) do |host|
            execute *KAMAL.auditor.record("Rebooted proxy"), verbosity: :debug
            execute *KAMAL.registry.login
            "Stopping and removing kamal-proxy on #{host}, if running..."
            execute *KAMAL.proxy.stop, raise_on_non_zero_exit: false
            execute *KAMAL.proxy.remove_container
            execute *KAMAL.proxy.run
            KAMAL.roles_on(host).select(&:running_proxy?).each do |role|
              app = KAMAL.app(role: role, host: host)
              version = capture_with_info(*app.current_running_version, raise_on_non_zero_exit: false).strip
              endpoint = capture_with_info(*app.container_id_for_version(version)).strip
              if endpoint.present?
                info "Deploying #{endpoint} for role `#{role}` on #{host}..."
                execute *app.deploy(target: endpoint)
              end
            end
          end
          run_hook "post-proxy-reboot", hosts: host_list
        end
      end
    end
  end
  desc "upgrade", "Upgrade to kamal-proxy on servers (stop container, remove container, start new container, reboot app)", hide: true
  option :rolling, type: :boolean, default: false, desc: "Reboot proxy on hosts in sequence, rather than in parallel"
  option :confirmed, aliases: "-y", type: :boolean, default: false, desc: "Proceed without confirmation question"
  def upgrade
    invoke_options = { "version" => KAMAL.config.latest_tag }.merge(options)
    confirming "This will cause a brief outage on each host. Are you sure?" do
      host_groups = options[:rolling] ? KAMAL.hosts : [ KAMAL.hosts ]
      host_groups.each do |hosts|
        host_list = Array(hosts).join(",")
        say "Upgrading proxy on #{host_list}...", :magenta
        run_hook "pre-proxy-reboot", hosts: host_list
        on(hosts) do |host|
          execute *KAMAL.auditor.record("Rebooted proxy"), verbosity: :debug
          execute *KAMAL.registry.login
          "Stopping and removing Traefik on #{host}, if running..."
          execute *KAMAL.proxy.cleanup_traefik
          "Stopping and removing kamal-proxy on #{host}, if running..."
          execute *KAMAL.proxy.stop, raise_on_non_zero_exit: false
          execute *KAMAL.proxy.remove_container
          execute *KAMAL.proxy.remove_image
        end
        KAMAL.with_specific_hosts(hosts) do
          invoke "kamal:cli:proxy:boot", [], invoke_options
          reset_invocation(Kamal::Cli::Proxy)
          invoke "kamal:cli:app:boot", [], invoke_options
          reset_invocation(Kamal::Cli::App)
          invoke "kamal:cli:prune:all", [], invoke_options
          reset_invocation(Kamal::Cli::Prune)
        end
        run_hook "post-proxy-reboot", hosts: host_list
        say "Upgraded proxy on #{host_list}", :magenta
      end
    end
  end
  desc "start", "Start existing proxy container on servers"
  def start
    with_lock do
      on(KAMAL.proxy_hosts) do |host|
        execute *KAMAL.auditor.record("Started proxy"), verbosity: :debug
        execute *KAMAL.proxy.start
      end
    end
  end
  desc "stop", "Stop existing proxy container on servers"
  def stop
    with_lock do
      on(KAMAL.proxy_hosts) do |host|
        execute *KAMAL.auditor.record("Stopped proxy"), verbosity: :debug
        execute *KAMAL.proxy.stop, raise_on_non_zero_exit: false
      end
    end
  end
  desc "restart", "Restart existing proxy container on servers"
  def restart
    with_lock do
      stop
      start
    end
  end
  desc "details", "Show details about proxy container from servers"
  def details
    on(KAMAL.proxy_hosts) { |host| puts_by_host host, capture_with_info(*KAMAL.proxy.info), type: "Proxy" }
  end
  desc "logs", "Show log lines from proxy on servers"
  option :since, aliases: "-s", desc: "Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)"
  option :lines, type: :numeric, aliases: "-n", desc: "Number of log lines to pull from each server"
  option :grep, aliases: "-g", desc: "Show lines with grep match only (use this to fetch specific requests by id)"
  option :follow, aliases: "-f", desc: "Follow logs on primary server (or specific host set by --hosts)"
  option :skip_timestamps, type: :boolean, aliases: "-T", desc: "Skip appending timestamps to logging output"
  def logs
    grep = options[:grep]
    timestamps = !options[:skip_timestamps]
    if options[:follow]
      run_locally do
        info "Following logs on #{KAMAL.primary_host}..."
        info KAMAL.proxy.follow_logs(host: KAMAL.primary_host, timestamps: timestamps, grep: grep)
        exec KAMAL.proxy.follow_logs(host: KAMAL.primary_host, timestamps: timestamps, grep: grep)
      end
    else
      since = options[:since]
      lines = options[:lines].presence || ((since || grep) ? nil : 100) # Default to 100 lines if since or grep isn't set
      on(KAMAL.proxy_hosts) do |host|
        puts_by_host host, capture(*KAMAL.proxy.logs(timestamps: timestamps, since: since, lines: lines, grep: grep)), type: "Proxy"
      end
    end
  end
  desc "remove", "Remove proxy container and image from servers"
  option :force, type: :boolean, default: false, desc: "Force removing proxy when apps are still installed"
  def remove
    with_lock do
      if removal_allowed?(options[:force])
        stop
        remove_container
        remove_image
        remove_proxy_directory
      end
    end
  end
  desc "remove_container", "Remove proxy container from servers", hide: true
  def remove_container
    with_lock do
      on(KAMAL.proxy_hosts) do
        execute *KAMAL.auditor.record("Removed proxy container"), verbosity: :debug
        execute *KAMAL.proxy.remove_container
      end
    end
  end
  desc "remove_image", "Remove proxy image from servers", hide: true
  def remove_image
    with_lock do
      on(KAMAL.proxy_hosts) do
        execute *KAMAL.auditor.record("Removed proxy image"), verbosity: :debug
        execute *KAMAL.proxy.remove_image
      end
    end
  end
  desc "remove_proxy_directory", "Remove the proxy directory from servers", hide: true
  def remove_proxy_directory
    with_lock do
      on(KAMAL.proxy_hosts) do
        execute *KAMAL.proxy.remove_proxy_directory, raise_on_non_zero_exit: false
      end
    end
  end
  private
    def removal_allowed?(force)
      on(KAMAL.proxy_hosts) do |host|
        app_count = capture_with_info(*KAMAL.server.app_directory_count).chomp.to_i
        raise "The are other applications installed on #{host}" if app_count > 0
      end
      true
    rescue SSHKit::Runner::ExecuteError => e
      raise unless e.message.include?("The are other applications installed on")
      if force
        say "Forcing, so removing the proxy, even though other apps are installed", :magenta
      else
        say "Not removing the proxy, as other apps are installed, ignore this check with kamal proxy remove --force", :magenta
      end
      force
    end
 end
--- a/lib/kamal/cli/prune.rb
+++ b/lib/kamal/cli/prune.rb
@@ -0,0 +1,34 @@
 class Kamal::Cli::Prune < Kamal::Cli::Base
  desc "all", "Prune unused images and stopped containers"
  def all
    with_lock do
      containers
      images
    end
  end
  desc "images", "Prune unused images"
  def images
    with_lock do
      on(KAMAL.hosts) do
        execute *KAMAL.auditor.record("Pruned images"), verbosity: :debug
        execute *KAMAL.prune.dangling_images
        execute *KAMAL.prune.tagged_images
      end
    end
  end
  desc "containers", "Prune all stopped containers, except the last n (default 5)"
  option :retain, type: :numeric, default: nil, desc: "Number of containers to retain"
  def containers
    retain = options.fetch(:retain, KAMAL.config.retain_containers)
    raise "retain must be at least 1" if retain < 1
    with_lock do
      on(KAMAL.hosts) do
        execute *KAMAL.auditor.record("Pruned containers"), verbosity: :debug
        execute *KAMAL.prune.app_containers(retain: retain)
      end
    end
  end
 end
--- a/lib/kamal/cli/registry.rb
+++ b/lib/kamal/cli/registry.rb
@@ -0,0 +1,19 @@
 class Kamal::Cli::Registry < Kamal::Cli::Base
  desc "login", "Log in to registry locally and remotely"
  option :skip_local, aliases: "-L", type: :boolean, default: false, desc: "Skip local login"
  option :skip_remote, aliases: "-R", type: :boolean, default: false, desc: "Skip remote login"
  def login
    ensure_docker_installed unless options[:skip_local]
    run_locally    { execute *KAMAL.registry.login } unless options[:skip_local]
    on(KAMAL.hosts) { execute *KAMAL.registry.login } unless options[:skip_remote]
  end
  desc "logout", "Log out of registry locally and remotely"
  option :skip_local, aliases: "-L", type: :boolean, default: false, desc: "Skip local login"
  option :skip_remote, aliases: "-R", type: :boolean, default: false, desc: "Skip remote login"
  def logout
    run_locally    { execute *KAMAL.registry.logout } unless options[:skip_local]
    on(KAMAL.hosts) { execute *KAMAL.registry.logout } unless options[:skip_remote]
  end
 end
--- a/lib/kamal/cli/secrets.rb
+++ b/lib/kamal/cli/secrets.rb
@@ -0,0 +1,49 @@
 class Kamal::Cli::Secrets < Kamal::Cli::Base
  desc "fetch [SECRETS...]", "Fetch secrets from a vault"
  option :adapter, type: :string, aliases: "-a", required: true, desc: "Which vault adapter to use"
  option :account, type: :string, required: false, desc: "The account identifier or username"
  option :from, type: :string, required: false, desc: "A vault or folder to fetch the secrets from"
  option :inline, type: :boolean, required: false, hidden: true
  def fetch(*secrets)
    adapter = initialize_adapter(options[:adapter])
    if adapter.requires_account? && options[:account].blank?
      return puts "No value provided for required options '--account'"
    end
    results = adapter.fetch(secrets, **options.slice(:account, :from).symbolize_keys)
    return_or_puts JSON.dump(results).shellescape, inline: options[:inline]
  end
  desc "extract", "Extract a single secret from the results of a fetch call"
  option :inline, type: :boolean, required: false, hidden: true
  def extract(name, secrets)
    parsed_secrets = JSON.parse(secrets)
    value = parsed_secrets[name] || parsed_secrets.find { |k, v| k.end_with?("/#{name}") }&.last
    raise "Could not find secret #{name}" if value.nil?
    return_or_puts value, inline: options[:inline]
  end
  desc "print", "Print the secrets (for debugging)"
  def print
    KAMAL.config.secrets.to_h.each do |key, value|
      puts "#{key}=#{value}"
    end
  end
  private
    def initialize_adapter(adapter)
      Kamal::Secrets::Adapters.lookup(adapter)
    end
    def return_or_puts(value, inline: nil)
      if inline
        value
      else
        puts value
      end
    end
 end
--- a/lib/kamal/cli/server.rb
+++ b/lib/kamal/cli/server.rb
@@ -0,0 +1,48 @@
 class Kamal::Cli::Server < Kamal::Cli::Base
  desc "exec", "Run a custom command on the server (use --help to show options)"
  option :interactive, type: :boolean, aliases: "-i", default: false, desc: "Run the command interactively (use for console/bash)"
  def exec(*cmd)
    cmd = Kamal::Utils.join_commands(cmd)
    hosts = KAMAL.hosts | KAMAL.accessory_hosts
    case
    when options[:interactive]
      host = KAMAL.primary_host
      say "Running '#{cmd}' on #{host} interactively...", :magenta
      run_locally { exec KAMAL.server.run_over_ssh(cmd, host: host) }
    else
      say "Running '#{cmd}' on #{hosts.join(', ')}...", :magenta
      on(hosts) do |host|
        execute *KAMAL.auditor.record("Executed cmd '#{cmd}' on #{host}"), verbosity: :debug
        puts_by_host host, capture_with_info(cmd)
      end
    end
  end
  desc "bootstrap", "Set up Docker to run Kamal apps"
  def bootstrap
    with_lock do
      missing = []
      on(KAMAL.hosts | KAMAL.accessory_hosts) do |host|
        unless execute(*KAMAL.docker.installed?, raise_on_non_zero_exit: false)
          if execute(*KAMAL.docker.superuser?, raise_on_non_zero_exit: false)
            info "Missing Docker on #{host}. Installing…"
            execute *KAMAL.docker.install
          else
            missing << host
          end
        end
      end
      if missing.any?
        raise "Docker is not installed on #{missing.join(", ")} and can't be automatically installed without having root access and either `wget` or `curl`. Install Docker manually: https://docs.docker.com/engine/install/"
      end
      run_hook "docker-setup"
    end
  end
 end
--- a/lib/kamal/cli/templates/deploy.yml
+++ b/lib/kamal/cli/templates/deploy.yml
@@ -0,0 +1,101 @@
 # Name of your application. Used to uniquely configure containers.
 service: my-app
 # Name of the container image.
 image: my-user/my-app
 # Deploy to these servers.
 servers:
  web:
    - 192.168.0.1
  # job:
  #   hosts:
  #     - 192.168.0.1
  #   cmd: bin/jobs
 # Enable SSL auto certification via Let's Encrypt and allow for multiple apps on a single web server.
 # Remove this section when using multiple web servers and ensure you terminate SSL at your load balancer.
 #
 # Note: If using Cloudflare, set encryption mode in SSL/TLS setting to "Full" to enable CF-to-app encryption.
 proxy:
  ssl: true
  host: app.example.com
  # Proxy connects to your container on port 80 by default.
  # app_port: 3000
 # Credentials for your image host.
 registry:
  # Specify the registry server, if you're not using Docker Hub
  # server: registry.digitalocean.com / ghcr.io / ...
  username: my-user
  # Always use an access token rather than real password (pulled from .kamal/secrets).
  password:
    - KAMAL_REGISTRY_PASSWORD
 # Configure builder setup.
 builder:
  arch: amd64
  # Pass in additional build args needed for your Dockerfile.
  # args:
  #   RUBY_VERSION: <%= ENV["RBENV_VERSION"] || ENV["rvm_ruby_string"] || "#{RUBY_ENGINE}-#{RUBY_ENGINE_VERSION}" %>
 # Inject ENV variables into containers (secrets come from .kamal/secrets).
 #
 # env:
 #   clear:
 #     DB_HOST: 192.168.0.2
 #   secret:
 #     - RAILS_MASTER_KEY
 # Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
 # "bin/kamal app logs -r job" will tail logs from the first server in the job section.
 #
 # aliases:
 #   shell: app exec --interactive --reuse "bash"
 # Use a different ssh user than root
 #
 # ssh:
 #   user: app
 # Use a persistent storage volume.
 #
 # volumes:
 #   - "app_storage:/app/storage"
 # Bridge fingerprinted assets, like JS and CSS, between versions to avoid
 # hitting 404 on in-flight requests. Combines all files from new and old
 # version inside the asset_path.
 #
 # asset_path: /app/public/assets
 # Configure rolling deploys by setting a wait time between batches of restarts.
 #
 # boot:
 #   limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
 #   wait: 2
 # Use accessory services (secrets come from .kamal/secrets).
 #
 # accessories:
 #   db:
 #     image: mysql:8.0
 #     host: 192.168.0.2
 #     port: 3306
 #     env:
 #       clear:
 #         MYSQL_ROOT_HOST: '%'
 #       secret:
 #         - MYSQL_ROOT_PASSWORD
 #     files:
 #       - config/mysql/production.cnf:/etc/mysql/my.cnf
 #       - db/production.sql:/docker-entrypoint-initdb.d/setup.sql
 #     directories:
 #       - data:/var/lib/mysql
 #   redis:
 #     image: valkey/valkey:8
 #     host: 192.168.0.2
 #     port: 6379
 #     directories:
 #       - data:/data
--- a/lib/kamal/cli/templates/sample_hooks/docker-setup.sample
+++ b/lib/kamal/cli/templates/sample_hooks/docker-setup.sample
@@ -0,0 +1,3 @@
 #!/bin/sh
 echo "Docker set up on $KAMAL_HOSTS..."
--- a/lib/kamal/cli/templates/sample_hooks/post-app-boot.sample
+++ b/lib/kamal/cli/templates/sample_hooks/post-app-boot.sample
@@ -0,0 +1,3 @@
 #!/bin/sh
 echo "Booted app version $KAMAL_VERSION on $KAMAL_HOSTS..."
--- a/lib/kamal/cli/templates/sample_hooks/post-deploy.sample
+++ b/lib/kamal/cli/templates/sample_hooks/post-deploy.sample
@@ -0,0 +1,14 @@
 #!/bin/sh
 # A sample post-deploy hook
 #
 # These environment variables are available:
 # KAMAL_RECORDED_AT
 # KAMAL_PERFORMER
 # KAMAL_VERSION
 # KAMAL_HOSTS
 # KAMAL_ROLE (if set)
 # KAMAL_DESTINATION (if set)
 # KAMAL_RUNTIME
 echo "$KAMAL_PERFORMER deployed $KAMAL_VERSION to $KAMAL_DESTINATION in $KAMAL_RUNTIME seconds"
--- a/lib/kamal/cli/templates/sample_hooks/post-proxy-reboot.sample
+++ b/lib/kamal/cli/templates/sample_hooks/post-proxy-reboot.sample
@@ -0,0 +1,3 @@
 #!/bin/sh
 echo "Rebooted kamal-proxy on $KAMAL_HOSTS"
--- a/lib/kamal/cli/templates/sample_hooks/pre-app-boot.sample
+++ b/lib/kamal/cli/templates/sample_hooks/pre-app-boot.sample
@@ -0,0 +1,3 @@
 #!/bin/sh
 echo "Booting app version $KAMAL_VERSION on $KAMAL_HOSTS..."
--- a/lib/kamal/cli/templates/sample_hooks/pre-build.sample
+++ b/lib/kamal/cli/templates/sample_hooks/pre-build.sample
@@ -9,12 +9,12 @@
 # 4. The version we are deploying matches the remote
 #
 # These environment variables are available:
-# MRSK_RECORDED_AT
+# KAMAL_RECORDED_AT
-# MRSK_PERFORMER
+# KAMAL_PERFORMER
-# MRSK_VERSION
+# KAMAL_VERSION
-# MRSK_HOSTS
+# KAMAL_HOSTS
-# MRSK_ROLE (if set)
+# KAMAL_ROLE (if set)
-# MRSK_DESTINATION (if set)
+# KAMAL_DESTINATION (if set)
 if [ -n "$(git status --porcelain)" ]; then
  echo "Git checkout is not clean, aborting..." >&2
@@ -32,7 +32,7 @@ fi
 current_branch=$(git branch --show-current)
 if [ -z "$current_branch" ]; then
-  echo "No git remote set, aborting..." >&2
+  echo "Not on a git branch, aborting..." >&2
  exit 1
 fi
@@ -43,8 +43,8 @@ if [ -z "$remote_head" ]; then
  exit 1
 fi
-if [ "$MRSK_VERSION" != "$remote_head" ]; then
+if [ "$KAMAL_VERSION" != "$remote_head" ]; then
-  echo "Version ($MRSK_VERSION) does not match remote HEAD ($remote_head), aborting..." >&2
+  echo "Version ($KAMAL_VERSION) does not match remote HEAD ($remote_head), aborting..." >&2
  exit 1
 fi
--- a/lib/kamal/cli/templates/sample_hooks/pre-connect.sample
+++ b/lib/kamal/cli/templates/sample_hooks/pre-connect.sample
@@ -5,15 +5,15 @@
 # Warms DNS before connecting to hosts in parallel
 #
 # These environment variables are available:
-# MRSK_RECORDED_AT
+# KAMAL_RECORDED_AT
-# MRSK_PERFORMER
+# KAMAL_PERFORMER
-# MRSK_VERSION
+# KAMAL_VERSION
-# MRSK_HOSTS
+# KAMAL_HOSTS
-# MRSK_ROLE (if set)
+# KAMAL_ROLE (if set)
-# MRSK_DESTINATION (if set)
+# KAMAL_DESTINATION (if set)
-# MRSK_RUNTIME
+# KAMAL_RUNTIME
-hosts = ENV["MRSK_HOSTS"].split(",")
+hosts = ENV["KAMAL_HOSTS"].split(",")
 results = nil
 max = 3
--- a/lib/kamal/cli/templates/sample_hooks/pre-deploy.sample
+++ b/lib/kamal/cli/templates/sample_hooks/pre-deploy.sample
@@ -0,0 +1,109 @@
 #!/usr/bin/env ruby
 # A sample pre-deploy hook
 #
 # Checks the Github status of the build, waiting for a pending build to complete for up to 720 seconds.
 #
 # Fails unless the combined status is "success"
 #
 # These environment variables are available:
 # KAMAL_RECORDED_AT
 # KAMAL_PERFORMER
 # KAMAL_VERSION
 # KAMAL_HOSTS
 # KAMAL_COMMAND
 # KAMAL_SUBCOMMAND
 # KAMAL_ROLE (if set)
 # KAMAL_DESTINATION (if set)
 # Only check the build status for production deployments
 if ENV["KAMAL_COMMAND"] == "rollback" || ENV["KAMAL_DESTINATION"] != "production"
  exit 0
 end
 require "bundler/inline"
 # true = install gems so this is fast on repeat invocations
 gemfile(true, quiet: true) do
  source "https://rubygems.org"
  gem "octokit"
  gem "faraday-retry"
 end
 MAX_ATTEMPTS = 72
 ATTEMPTS_GAP = 10
 def exit_with_error(message)
  $stderr.puts message
  exit 1
 end
 class GithubStatusChecks
  attr_reader :remote_url, :git_sha, :github_client, :combined_status
  def initialize
    @remote_url = `git config --get remote.origin.url`.strip.delete_prefix("https://github.com/")
    @git_sha = `git rev-parse HEAD`.strip
    @github_client = Octokit::Client.new(access_token: ENV["GITHUB_TOKEN"])
    refresh!
  end
  def refresh!
    @combined_status = github_client.combined_status(remote_url, git_sha)
  end
  def state
    combined_status[:state]
  end
  def first_status_url
    first_status = combined_status[:statuses].find { |status| status[:state] == state }
    first_status && first_status[:target_url]
  end
  def complete_count
    combined_status[:statuses].count { |status| status[:state] != "pending"}
  end
  def total_count
    combined_status[:statuses].count
  end
  def current_status
    if total_count > 0
      "Completed #{complete_count}/#{total_count} checks, see #{first_status_url} ..."
    else
      "Build not started..."
    end
  end
 end
 $stdout.sync = true
 puts "Checking build status..."
 attempts = 0
 checks = GithubStatusChecks.new
 begin
  loop do
    case checks.state
    when "success"
      puts "Checks passed, see #{checks.first_status_url}"
      exit 0
    when "failure"
      exit_with_error "Checks failed, see #{checks.first_status_url}"
    when "pending"
      attempts += 1
    end
    exit_with_error "Checks are still pending, gave up after #{MAX_ATTEMPTS * ATTEMPTS_GAP} seconds" if attempts == MAX_ATTEMPTS
    puts checks.current_status
    sleep(ATTEMPTS_GAP)
    checks.refresh!
  end
 rescue Octokit::NotFound
  exit_with_error "Build status could not be found"
 end
--- a/lib/kamal/cli/templates/sample_hooks/pre-proxy-reboot.sample
+++ b/lib/kamal/cli/templates/sample_hooks/pre-proxy-reboot.sample
@@ -0,0 +1,3 @@
 #!/bin/sh
 echo "Rebooting kamal-proxy on $KAMAL_HOSTS..."
--- a/lib/kamal/cli/templates/secrets
+++ b/lib/kamal/cli/templates/secrets
@@ -0,0 +1,17 @@
 # Secrets defined here are available for reference under registry/password, env/secret, builder/secrets,
 # and accessories/*/env/secret in config/deploy.yml. All secrets should be pulled from either
 # password manager, ENV, or a file. DO NOT ENTER RAW CREDENTIALS HERE! This file needs to be safe for git.
 # Option 1: Read secrets from the environment
 KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD
 # Option 2: Read secrets via a command
 # RAILS_MASTER_KEY=$(cat config/master.key)
 # Option 3: Read secrets via kamal secrets helpers
 # These will handle logging in and fetching the secrets in as few calls as possible
 # There are adapters for 1Password, LastPass + Bitwarden
 #
 # SECRETS=$(kamal secrets fetch --adapter 1password --account my-account --from MyVault/MyItem KAMAL_REGISTRY_PASSWORD RAILS_MASTER_KEY)
 # KAMAL_REGISTRY_PASSWORD=$(kamal secrets extract KAMAL_REGISTRY_PASSWORD $SECRETS)
 # RAILS_MASTER_KEY=$(kamal secrets extract RAILS_MASTER_KEY $SECRETS)
--- a/lib/kamal/commander.rb
+++ b/lib/kamal/commander.rb
@@ -0,0 +1,167 @@
 require "active_support/core_ext/enumerable"
 require "active_support/core_ext/module/delegation"
 require "active_support/core_ext/object/blank"
 class Kamal::Commander
  attr_accessor :verbosity, :holding_lock, :connected
  attr_reader :specific_roles, :specific_hosts
  delegate :hosts, :roles, :primary_host, :primary_role, :roles_on, :proxy_hosts, :accessory_hosts, to: :specifics
  def initialize
    reset
  end
  def reset
    self.verbosity = :info
    self.holding_lock = false
    self.connected = false
    @specifics = @specific_roles = @specific_hosts = nil
    @config = @config_kwargs = nil
    @commands = {}
  end
  def config
    @config ||= Kamal::Configuration.create_from(**@config_kwargs).tap do |config|
      @config_kwargs = nil
      configure_sshkit_with(config)
    end
  end
  def configure(**kwargs)
    @config, @config_kwargs = nil, kwargs
  end
  def configured?
    @config || @config_kwargs
  end
  def specific_primary!
    @specifics = nil
    if specific_roles.present?
      self.specific_hosts = [ specific_roles.first.primary_host ]
    else
      self.specific_hosts = [ config.primary_host ]
    end
  end
  def specific_roles=(role_names)
    @specifics = nil
    if role_names.present?
      @specific_roles = Kamal::Utils.filter_specific_items(role_names, config.roles)
      if @specific_roles.empty?
        raise ArgumentError, "No --roles match for #{role_names.join(',')}"
      end
      @specific_roles
    end
  end
  def specific_hosts=(hosts)
    @specifics = nil
    if hosts.present?
      @specific_hosts = Kamal::Utils.filter_specific_items(hosts, config.all_hosts)
      if @specific_hosts.empty?
        raise ArgumentError, "No --hosts match for #{hosts.join(',')}"
      end
      @specific_hosts
    end
  end
  def with_specific_hosts(hosts)
    original_hosts, self.specific_hosts = specific_hosts, hosts
    yield
  ensure
    self.specific_hosts = original_hosts
  end
  def accessory_names
    config.accessories&.collect(&:name) || []
  end
  def app(role: nil, host: nil)
    Kamal::Commands::App.new(config, role: role, host: host)
  end
  def accessory(name)
    Kamal::Commands::Accessory.new(config, name: name)
  end
  def auditor(**details)
    Kamal::Commands::Auditor.new(config, **details)
  end
  def builder
    @commands[:builder] ||= Kamal::Commands::Builder.new(config)
  end
  def docker
    @commands[:docker] ||= Kamal::Commands::Docker.new(config)
  end
  def hook
    @commands[:hook] ||= Kamal::Commands::Hook.new(config)
  end
  def lock
    @commands[:lock] ||= Kamal::Commands::Lock.new(config)
  end
  def proxy
    @commands[:proxy] ||= Kamal::Commands::Proxy.new(config)
  end
  def prune
    @commands[:prune] ||= Kamal::Commands::Prune.new(config)
  end
  def registry
    @commands[:registry] ||= Kamal::Commands::Registry.new(config)
  end
  def server
    @commands[:server] ||= Kamal::Commands::Server.new(config)
  end
  def alias(name)
    config.aliases[name]
  end
  def with_verbosity(level)
    old_level = self.verbosity
    self.verbosity = level
    SSHKit.config.output_verbosity = level
    yield
  ensure
    self.verbosity = old_level
    SSHKit.config.output_verbosity = old_level
  end
  def holding_lock?
    self.holding_lock
  end
  def connected?
    self.connected
  end
  private
    # Lazy setup of SSHKit
    def configure_sshkit_with(config)
      SSHKit::Backend::Netssh.pool.idle_timeout = config.sshkit.pool_idle_timeout
      SSHKit::Backend::Netssh.configure do |sshkit|
        sshkit.max_concurrent_starts = config.sshkit.max_concurrent_starts
        sshkit.ssh_options = config.ssh.options
      end
      SSHKit.config.command_map[:docker] = "docker" # No need to use /usr/bin/env, just clogs up the logs
      SSHKit.config.output_verbosity = verbosity
    end
    def specifics
      @specifics ||= Kamal::Commander::Specifics.new(config, specific_hosts, specific_roles)
    end
 end
--- a/lib/kamal/commander/specifics.rb
+++ b/lib/kamal/commander/specifics.rb
@@ -0,0 +1,54 @@
 class Kamal::Commander::Specifics
  attr_reader :primary_host, :primary_role, :hosts, :roles
  delegate :stable_sort!, to: Kamal::Utils
  def initialize(config, specific_hosts, specific_roles)
    @config, @specific_hosts, @specific_roles = config, specific_hosts, specific_roles
    @roles, @hosts = specified_roles, specified_hosts
    @primary_host = specific_hosts&.first || primary_specific_role&.primary_host || config.primary_host
    @primary_role = primary_or_first_role(roles_on(primary_host))
    stable_sort!(roles) { |role| role == primary_role ? 0 : 1 }
    stable_sort!(hosts) { |host| roles_on(host).any? { |role| role == primary_role } ? 0 : 1 }
  end
  def roles_on(host)
    roles.select { |role| role.hosts.include?(host.to_s) }
  end
  def proxy_hosts
    config.proxy_hosts & specified_hosts
  end
  def accessory_hosts
    config.accessories.flat_map(&:hosts) & specified_hosts
  end
  private
    attr_reader :config, :specific_hosts, :specific_roles
    def primary_specific_role
      primary_or_first_role(specific_roles) if specific_roles.present?
    end
    def primary_or_first_role(roles)
      roles.detect { |role| role == config.primary_role } || roles.first
    end
    def specified_roles
      (specific_roles || config.roles) \
        .select { |role| ((specific_hosts || config.all_hosts) & role.hosts).any? }
    end
    def specified_hosts
      specified_hosts = specific_hosts || config.all_hosts
      if (specific_role_hosts = specific_roles&.flat_map(&:hosts)).present?
        specified_hosts.select { |host| specific_role_hosts.include?(host) }
      else
        specified_hosts
      end
    end
 end
--- a/lib/kamal/commands.rb
+++ b/lib/kamal/commands.rb
@@ -0,0 +1,2 @@
 module Kamal::Commands
 end
--- a/lib/kamal/commands/accessory.rb
+++ b/lib/kamal/commands/accessory.rb
@@ -1,7 +1,12 @@
-class Mrsk::Commands::Accessory < Mrsk::Commands::Base
+class Kamal::Commands::Accessory < Kamal::Commands::Base
  include Proxy
  attr_reader :accessory_config
  delegate :service_name, :image, :hosts, :port, :files, :directories, :cmd,
-           :publish_args, :env_args, :volume_args, :label_args, :option_args, to: :accessory_config
+           :network_args, :publish_args, :env_args, :volume_args, :label_args, :option_args,
           :secrets_io, :secrets_path, :env_directory, :proxy, :running_proxy?, :registry,
           to: :accessory_config
  delegate :proxy_container_name, to: :config
  def initialize(config, name:)
    super(config)
@@ -13,6 +18,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
      "--name", service_name,
      "--detach",
      "--restart", "unless-stopped",
      *network_args,
      *config.logging_args,
      *publish_args,
      *env_args,
@@ -35,21 +41,19 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
    docker :ps, *service_filter
  end
-
+  def logs(timestamps: true, since: nil, lines: nil, grep: nil, grep_options: nil)
  def logs(since: nil, lines: nil, grep: nil)
    pipe \
-      docker(:logs, service_name, (" --since #{since}" if since), (" --tail #{lines}" if lines), "--timestamps", "2>&1"),
+      docker(:logs, service_name, (" --since #{since}" if since), (" --tail #{lines}" if lines), ("--timestamps" if timestamps), "2>&1"),
-      ("grep '#{grep}'" if grep)
+      ("grep '#{grep}'#{" #{grep_options}" if grep_options}" if grep)
  end
-  def follow_logs(grep: nil)
+  def follow_logs(timestamps: true, grep: nil, grep_options: nil)
    run_over_ssh \
      pipe \
-        docker(:logs, service_name, "--timestamps", "--tail", "10", "--follow", "2>&1"),
+        docker(:logs, service_name, ("--timestamps" if timestamps), "--tail", "10", "--follow", "2>&1"),
-        (%(grep "#{grep}") if grep)
+        (%(grep "#{grep}"#{" #{grep_options}" if grep_options}) if grep)
  end
  def execute_in_existing_container(*command, interactive: false)
    docker :exec,
      ("-it" if interactive),
@@ -61,6 +65,7 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
    docker :run,
      ("-it" if interactive),
      "--rm",
      *network_args,
      *env_args,
      *volume_args,
      image,
@@ -79,21 +84,12 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
    super command, host: hosts.first
  end
  def ensure_local_file_present(local_file)
    if !local_file.is_a?(StringIO) && !Pathname.new(local_file).exist?
      raise "Missing file: #{local_file}"
    end
  end
  def make_directory_for(remote_file)
    make_directory Pathname.new(remote_file).dirname.to_s
  end
  def make_directory(path)
    [ :mkdir, "-p", path ]
  end
  def remove_service_directory
    [ :rm, "-rf", service_name ]
  end
@@ -106,6 +102,10 @@ class Mrsk::Commands::Accessory < Mrsk::Commands::Base
    docker :image, :rm, "--force", image
  end
  def ensure_env_directory
    make_directory env_directory
  end
  private
    def service_filter
      [ "--filter", "label=service=#{service_name}" ]
--- a/lib/kamal/commands/accessory/proxy.rb
+++ b/lib/kamal/commands/accessory/proxy.rb
@@ -0,0 +1,16 @@
 module Kamal::Commands::Accessory::Proxy
  delegate :proxy_container_name, to: :config
  def deploy(target:)
    proxy_exec :deploy, service_name, *proxy.deploy_command_args(target: target)
  end
  def remove
    proxy_exec :remove, service_name
  end
  private
    def proxy_exec(*command)
      docker :exec, proxy_container_name, "kamal-proxy", *command
    end
 end
--- a/lib/kamal/commands/app.rb
+++ b/lib/kamal/commands/app.rb
@@ -0,0 +1,123 @@
 class Kamal::Commands::App < Kamal::Commands::Base
  include Assets, Containers, Execution, Images, Logging, Proxy
  ACTIVE_DOCKER_STATUSES = [ :running, :restarting ]
  attr_reader :role, :host
  delegate :container_name, to: :role
  def initialize(config, role: nil, host: nil)
    super(config)
    @role = role
    @host = host
  end
  def run(hostname: nil)
    docker :run,
      "--detach",
      "--restart unless-stopped",
      "--name", container_name,
      "--network", "kamal",
      *([ "--hostname", hostname ] if hostname),
      "-e", "KAMAL_CONTAINER_NAME=\"#{container_name}\"",
      "-e", "KAMAL_VERSION=\"#{config.version}\"",
      *role.env_args(host),
      *role.logging_args,
      *config.volume_args,
      *role.asset_volume_args,
      *role.label_args,
      *role.option_args,
      config.absolute_image,
      role.cmd
  end
  def start
    docker :start, container_name
  end
  def status(version:)
    pipe container_id_for_version(version), xargs(docker(:inspect, "--format", DOCKER_HEALTH_STATUS_FORMAT))
  end
  def stop(version: nil)
    pipe \
      version ? container_id_for_version(version) : current_running_container_id,
      xargs(docker(:stop, *role.stop_args))
  end
  def info
    docker :ps, *container_filter_args
  end
  def current_running_container_id
    current_running_container(format: "--quiet")
  end
  def container_id_for_version(version, only_running: false)
    container_id_for(container_name: container_name(version), only_running: only_running)
  end
  def current_running_version
    pipe \
      current_running_container(format: "--format '{{.Names}}'"),
      extract_version_from_name
  end
  def list_versions(*docker_args, statuses: nil)
    pipe \
      docker(:ps, *container_filter_args(statuses: statuses), *docker_args, "--format", '"{{.Names}}"'),
      extract_version_from_name
  end
  def ensure_env_directory
    make_directory role.env_directory
  end
  private
    def latest_image_id
      docker :image, :ls, *argumentize("--filter", "reference=#{config.latest_image}"), "--format", "'{{.ID}}'"
    end
    def current_running_container(format:)
      pipe \
        shell(chain(latest_image_container(format: format), latest_container(format: format))),
        [ :head, "-1" ]
    end
    def latest_image_container(format:)
      latest_container format: format, filters: [ "ancestor=$(#{latest_image_id.join(" ")})" ]
    end
    def latest_container(format:, filters: nil)
      docker :ps, "--latest", *format, *container_filter_args(statuses: ACTIVE_DOCKER_STATUSES), argumentize("--filter", filters)
    end
    def container_filter_args(statuses: nil)
      argumentize "--filter", container_filters(statuses: statuses)
    end
    def image_filter_args
      argumentize "--filter", image_filters
    end
    def extract_version_from_name
      # Extract SHA from "service-role-dest-SHA"
      %(while read line; do echo ${line##{role.container_prefix}-}; done)
    end
    def container_filters(statuses: nil)
      [ "label=service=#{config.service}" ].tap do |filters|
        filters << "label=destination=#{config.destination}"
        filters << "label=role=#{role}" if role
        statuses&.each do |status|
          filters << "status=#{status}"
        end
      end
    end
    def image_filters
      [ "label=service=#{config.service}" ]
    end
 end
--- a/lib/kamal/commands/app/assets.rb
+++ b/lib/kamal/commands/app/assets.rb
@@ -0,0 +1,51 @@
 module Kamal::Commands::App::Assets
  def extract_assets
    asset_container = "#{role.container_prefix}-assets"
    combine \
      make_directory(role.asset_extracted_directory),
      [ *docker(:container, :rm, asset_container, "2> /dev/null"), "|| true" ],
      docker(:container, :create, "--name", asset_container, config.absolute_image),
      docker(:container, :cp, "-L", "#{asset_container}:#{role.asset_path}/.", role.asset_extracted_directory),
      docker(:container, :rm, asset_container),
      by: "&&"
  end
  def sync_asset_volumes(old_version: nil)
    new_extracted_path, new_volume_path = role.asset_extracted_directory(config.version), role.asset_volume.host_path
    if old_version.present?
      old_extracted_path, old_volume_path = role.asset_extracted_directory(old_version), role.asset_volume(old_version).host_path
    end
    commands = [ make_directory(new_volume_path), copy_contents(new_extracted_path, new_volume_path) ]
    if old_version.present?
      commands << copy_contents(new_extracted_path, old_volume_path, continue_on_error: true)
      commands << copy_contents(old_extracted_path, new_volume_path, continue_on_error: true)
    end
    chain *commands
  end
  def clean_up_assets
    chain \
      find_and_remove_older_siblings(role.asset_extracted_directory),
      find_and_remove_older_siblings(role.asset_volume_directory)
  end
  private
    def find_and_remove_older_siblings(path)
      [
        :find,
        Pathname.new(path).dirname.to_s,
        "-maxdepth 1",
        "-name", "'#{role.name}-*'",
        "!", "-name", Pathname.new(path).basename.to_s,
        "-exec rm -rf \"{}\" +"
      ]
    end
    def copy_contents(source, destination, continue_on_error: false)
      [ :cp, "-rnT", "#{source}", destination, *("|| true" if continue_on_error) ]
    end
 end
--- a/lib/kamal/commands/app/containers.rb
+++ b/lib/kamal/commands/app/containers.rb
@@ -0,0 +1,31 @@
 module Kamal::Commands::App::Containers
  DOCKER_HEALTH_LOG_FORMAT    = "'{{json .State.Health}}'"
  def list_containers
    docker :container, :ls, "--all", *container_filter_args
  end
  def list_container_names
    [ *list_containers, "--format", "'{{ .Names }}'" ]
  end
  def remove_container(version:)
    pipe \
      container_id_for(container_name: container_name(version)),
      xargs(docker(:container, :rm))
  end
  def rename_container(version:, new_version:)
    docker :rename, container_name(version), container_name(new_version)
  end
  def remove_containers
    docker :container, :prune, "--force", *container_filter_args
  end
  def container_health_log(version:)
    pipe \
      container_id_for(container_name: container_name(version)),
      xargs(docker(:inspect, "--format", DOCKER_HEALTH_LOG_FORMAT))
  end
 end
--- a/lib/kamal/commands/app/execution.rb
+++ b/lib/kamal/commands/app/execution.rb
@@ -0,0 +1,32 @@
 module Kamal::Commands::App::Execution
  def execute_in_existing_container(*command, interactive: false, env:)
    docker :exec,
      ("-it" if interactive),
      *argumentize("--env", env),
      container_name,
      *command
  end
  def execute_in_new_container(*command, interactive: false, detach: false, env:)
    docker :run,
      ("-it" if interactive),
      ("--detach" if detach),
      ("--rm" unless detach),
      "--network", "kamal",
      *role&.env_args(host),
      *argumentize("--env", env),
      *role.logging_args,
      *config.volume_args,
      *role&.option_args,
      config.absolute_image,
      *command
  end
  def execute_in_existing_container_over_ssh(*command,  env:)
    run_over_ssh execute_in_existing_container(*command, interactive: true, env: env), host: host
  end
  def execute_in_new_container_over_ssh(*command, env:)
    run_over_ssh execute_in_new_container(*command, interactive: true, env: env), host: host
  end
 end
--- a/lib/kamal/commands/app/images.rb
+++ b/lib/kamal/commands/app/images.rb
@@ -0,0 +1,13 @@
 module Kamal::Commands::App::Images
  def list_images
    docker :image, :ls, config.repository
  end
  def remove_images
    docker :image, :prune, "--all", "--force", *image_filter_args
  end
  def tag_latest_image
    docker :tag, config.absolute_image, config.latest_image
  end
 end
--- a/lib/kamal/commands/app/logging.rb
+++ b/lib/kamal/commands/app/logging.rb
@@ -0,0 +1,28 @@
 module Kamal::Commands::App::Logging
  def logs(container_id: nil, timestamps: true, since: nil, lines: nil, grep: nil, grep_options: nil)
    pipe \
      container_id_command(container_id),
      "xargs docker logs#{" --timestamps" if timestamps}#{" --since #{since}" if since}#{" --tail #{lines}" if lines} 2>&1",
      ("grep '#{grep}'#{" #{grep_options}" if grep_options}" if grep)
  end
  def follow_logs(host:, container_id: nil, timestamps: true, lines: nil, grep: nil, grep_options: nil)
    run_over_ssh \
      pipe(
        container_id_command(container_id),
        "xargs docker logs#{" --timestamps" if timestamps}#{" --tail #{lines}" if lines} --follow 2>&1",
        (%(grep "#{grep}"#{" #{grep_options}" if grep_options}) if grep)
      ),
      host: host
  end
  private
  def container_id_command(container_id)
    case container_id
    when Array then container_id
    when String, Symbol then "echo #{container_id}"
    else current_running_container_id
    end
  end
 end
--- a/lib/kamal/commands/app/proxy.rb
+++ b/lib/kamal/commands/app/proxy.rb
@@ -0,0 +1,16 @@
 module Kamal::Commands::App::Proxy
  delegate :proxy_container_name, to: :config
  def deploy(target:)
    proxy_exec :deploy, role.container_prefix, *role.proxy.deploy_command_args(target: target)
  end
  def remove
    proxy_exec :remove, role.container_prefix
  end
  private
    def proxy_exec(*command)
      docker :exec, proxy_container_name, "kamal-proxy", *command
    end
 end
--- a/lib/kamal/commands/auditor.rb
+++ b/lib/kamal/commands/auditor.rb
@@ -0,0 +1,33 @@
 class Kamal::Commands::Auditor < Kamal::Commands::Base
  attr_reader :details
  def initialize(config, **details)
    super(config)
    @details = details
  end
  # Runs remotely
  def record(line, **details)
    combine \
      [ :mkdir, "-p", config.run_directory ],
      append(
        [ :echo, audit_tags(**details).except(:version, :service_version, :service).to_s, line ],
        audit_log_file
      )
  end
  def reveal
    [ :tail, "-n", 50, audit_log_file ]
  end
  private
    def audit_log_file
      file = [ config.service, config.destination, "audit.log" ].compact.join("-")
      File.join(config.run_directory, file)
    end
    def audit_tags(**details)
      tags(**self.details, **details)
    end
 end
--- a/lib/kamal/commands/base.rb
+++ b/lib/kamal/commands/base.rb
@@ -0,0 +1,122 @@
 module Kamal::Commands
  class Base
    delegate :sensitive, :argumentize, to: Kamal::Utils
    DOCKER_HEALTH_STATUS_FORMAT = "'{{if .State.Health}}{{.State.Health.Status}}{{else}}{{.State.Status}}{{end}}'"
    attr_accessor :config
    def initialize(config)
      @config = config
    end
    def run_over_ssh(*command, host:)
      "ssh#{ssh_proxy_args}#{ssh_keys_args} -t #{config.ssh.user}@#{host} -p #{config.ssh.port} '#{command.join(" ").gsub("'", "'\\\\''")}'"
    end
    def container_id_for(container_name:, only_running: false)
      docker :container, :ls, *("--all" unless only_running), "--filter", "name=^#{container_name}$", "--quiet"
    end
    def make_directory_for(remote_file)
      make_directory Pathname.new(remote_file).dirname.to_s
    end
    def make_directory(path)
      [ :mkdir, "-p", path ]
    end
    def remove_directory(path)
      [ :rm, "-r", path ]
    end
    def remove_file(path)
      [ :rm, path ]
    end
    def ensure_docker_installed
      combine \
        ensure_local_docker_installed,
        ensure_local_buildx_installed
    end
    private
      def combine(*commands, by: "&&")
        commands
          .compact
          .collect { |command| Array(command) + [ by ] }.flatten # Join commands
          .tap     { |commands| commands.pop } # Remove trailing combiner
      end
      def chain(*commands)
        combine *commands, by: ";"
      end
      def pipe(*commands)
        combine *commands, by: "|"
      end
      def append(*commands)
        combine *commands, by: ">>"
      end
      def write(*commands)
        combine *commands, by: ">"
      end
      def any(*commands)
        combine *commands, by: "||"
      end
      def xargs(command)
        [ :xargs, command ].flatten
      end
      def shell(command)
        [ :sh, "-c", "'#{command.flatten.join(" ").gsub("'", "'\\\\''")}'" ]
      end
      def docker(*args)
        args.compact.unshift :docker
      end
      def git(*args, path: nil)
        [ :git, *([ "-C", path ] if path), *args.compact ]
      end
      def grep(*args)
        args.compact.unshift :grep
      end
      def tags(**details)
        Kamal::Tags.from_config(config, **details)
      end
      def ssh_proxy_args
        case config.ssh.proxy
        when Net::SSH::Proxy::Jump
          " -J #{config.ssh.proxy.jump_proxies}"
        when Net::SSH::Proxy::Command
          " -o ProxyCommand='#{config.ssh.proxy.command_line_template}'"
        end
      end
      def ssh_keys_args
        "#{ ssh_keys.join("") if ssh_keys}" + "#{" -o IdentitiesOnly=yes" if config.ssh&.keys_only}"
      end
      def ssh_keys
        config.ssh.keys&.map do |key|
          " -i #{key}"
        end
      end
      def ensure_local_docker_installed
        docker "--version"
      end
      def ensure_local_buildx_installed
        docker :buildx, "version"
      end
  end
 end
--- a/lib/kamal/commands/builder.rb
+++ b/lib/kamal/commands/builder.rb
@@ -0,0 +1,42 @@
 require "active_support/core_ext/string/filters"
 class Kamal::Commands::Builder < Kamal::Commands::Base
  delegate :create, :remove, :dev, :push, :clean, :pull, :info, :inspect_builder, :validate_image, :first_mirror, to: :target
  delegate :local?, :remote?, :cloud?, to: "config.builder"
  include Clone
  def name
    target.class.to_s.remove("Kamal::Commands::Builder::").underscore.inquiry
  end
  def target
    if remote?
      if local?
        hybrid
      else
        remote
      end
    elsif cloud?
      cloud
    else
      local
    end
  end
  def remote
    @remote ||= Kamal::Commands::Builder::Remote.new(config)
  end
  def local
    @local ||= Kamal::Commands::Builder::Local.new(config)
  end
  def hybrid
    @hybrid ||= Kamal::Commands::Builder::Hybrid.new(config)
  end
  def cloud
    @cloud ||= Kamal::Commands::Builder::Cloud.new(config)
  end
 end
--- a/lib/kamal/commands/builder/base.rb
+++ b/lib/kamal/commands/builder/base.rb
@@ -0,0 +1,122 @@
 class Kamal::Commands::Builder::Base < Kamal::Commands::Base
  class BuilderError < StandardError; end
  ENDPOINT_DOCKER_HOST_INSPECT = "'{{.Endpoints.docker.Host}}'"
  delegate :argumentize, to: Kamal::Utils
  delegate \
    :args, :secrets, :dockerfile, :target, :arches, :local_arches, :remote_arches, :remote,
    :cache_from, :cache_to, :ssh, :provenance, :sbom, :driver, :docker_driver?,
    to: :builder_config
  def clean
    docker :image, :rm, "--force", config.absolute_image
  end
  def push(export_action = "registry", tag_as_dirty: false)
    docker :buildx, :build,
      "--output=type=#{export_action}",
      *platform_options(arches),
      *([ "--builder", builder_name ] unless docker_driver?),
      *build_tag_options(tag_as_dirty: tag_as_dirty),
      *build_options,
      build_context
  end
  def pull
    docker :pull, config.absolute_image
  end
  def info
    combine \
      docker(:context, :ls),
      docker(:buildx, :ls)
  end
  def inspect_builder
    docker :buildx, :inspect, builder_name unless docker_driver?
  end
  def build_options
    [ *build_cache, *build_labels, *build_args, *build_secrets, *build_dockerfile, *build_target, *build_ssh, *builder_provenance, *builder_sbom ]
  end
  def build_context
    config.builder.context
  end
  def validate_image
    pipe \
      docker(:inspect, "-f", "'{{ .Config.Labels.service }}'", config.absolute_image),
      any(
        [ :grep, "-x", config.service ],
        "(echo \"Image #{config.absolute_image} is missing the 'service' label\" && exit 1)"
      )
  end
  def first_mirror
    docker(:info, "--format '{{index .RegistryConfig.Mirrors 0}}'")
  end
  private
    def build_tag_names(tag_as_dirty: false)
      tag_names = [ config.absolute_image, config.latest_image ]
      tag_names.map! { |t| "#{t}-dirty" } if tag_as_dirty
      tag_names
    end
    def build_tag_options(tag_as_dirty: false)
      build_tag_names(tag_as_dirty: tag_as_dirty).flat_map { |name| [ "-t", name ] }
    end
    def build_cache
      if cache_to && cache_from
        [ "--cache-to", cache_to,
          "--cache-from", cache_from ]
      end
    end
    def build_labels
      argumentize "--label", { service: config.service }
    end
    def build_args
      argumentize "--build-arg", args, sensitive: true
    end
    def build_secrets
      argumentize "--secret", secrets.keys.collect { |secret| [ "id", secret ] }
    end
    def build_dockerfile
      if Pathname.new(File.expand_path(dockerfile)).exist?
        argumentize "--file", dockerfile
      else
        raise BuilderError, "Missing #{dockerfile}"
      end
    end
    def build_target
      argumentize "--target", target if target.present?
    end
    def build_ssh
      argumentize "--ssh", ssh if ssh.present?
    end
    def builder_provenance
      argumentize "--provenance", provenance unless provenance.nil?
    end
    def builder_sbom
      argumentize "--sbom", sbom unless sbom.nil?
    end
    def builder_config
      config.builder
    end
    def platform_options(arches)
      argumentize "--platform", arches.map { |arch| "linux/#{arch}" }.join(",") if arches.any?
    end
 end
--- a/lib/kamal/commands/builder/clone.rb
+++ b/lib/kamal/commands/builder/clone.rb
@@ -0,0 +1,31 @@
 module Kamal::Commands::Builder::Clone
  def clone
    git :clone, escaped_root, "--recurse-submodules", path: config.builder.clone_directory.shellescape
  end
  def clone_reset_steps
    [
      git(:remote, "set-url", :origin, escaped_root, path: escaped_build_directory),
      git(:fetch, :origin, path: escaped_build_directory),
      git(:reset, "--hard", Kamal::Git.revision, path: escaped_build_directory),
      git(:clean, "-fdx", path: escaped_build_directory),
      git(:submodule, :update, "--init", path: escaped_build_directory)
    ]
  end
  def clone_status
    git :status, "--porcelain", path: escaped_build_directory
  end
  def clone_revision
    git :"rev-parse", :HEAD, path: escaped_build_directory
  end
  def escaped_root
    Kamal::Git.root.shellescape
  end
  def escaped_build_directory
    config.builder.build_directory.shellescape
  end
 end
--- a/lib/kamal/commands/builder/cloud.rb
+++ b/lib/kamal/commands/builder/cloud.rb
@@ -0,0 +1,22 @@
 class Kamal::Commands::Builder::Cloud < Kamal::Commands::Builder::Base
  # Expects `driver` to be of format "cloud docker-org-name/builder-name"
  def create
    docker :buildx, :create, "--driver", driver
  end
  def remove
    docker :buildx, :rm, builder_name
  end
  private
    def builder_name
      driver.gsub(/[ \/]/, "-")
    end
    def inspect_buildx
      pipe \
        docker(:buildx, :inspect, builder_name),
        grep("-q", "Endpoint:.*cloud://.*")
    end
 end
--- a/lib/kamal/commands/builder/hybrid.rb
+++ b/lib/kamal/commands/builder/hybrid.rb
@@ -0,0 +1,21 @@
 class Kamal::Commands::Builder::Hybrid < Kamal::Commands::Builder::Remote
  def create
    combine \
      create_local_buildx,
      create_remote_context,
      append_remote_buildx
  end
  private
    def builder_name
      "kamal-hybrid-#{driver}-#{remote.gsub(/[^a-z0-9_-]/, "-")}"
    end
    def create_local_buildx
      docker :buildx, :create, *platform_options(local_arches), "--name", builder_name, "--driver=#{driver}"
    end
    def append_remote_buildx
      docker :buildx, :create, *platform_options(remote_arches), "--append", "--name", builder_name, remote_context_name
    end
 end
--- a/lib/kamal/commands/builder/local.rb
+++ b/lib/kamal/commands/builder/local.rb
@@ -0,0 +1,14 @@
 class Kamal::Commands::Builder::Local < Kamal::Commands::Builder::Base
  def create
    docker :buildx, :create, "--name", builder_name, "--driver=#{driver}" unless docker_driver?
  end
  def remove
    docker :buildx, :rm, builder_name unless docker_driver?
  end
  private
    def builder_name
      "kamal-local-#{driver}"
    end
 end
--- a/lib/kamal/commands/builder/remote.rb
+++ b/lib/kamal/commands/builder/remote.rb
@@ -0,0 +1,63 @@
 class Kamal::Commands::Builder::Remote < Kamal::Commands::Builder::Base
  def create
    chain \
      create_remote_context,
      create_buildx
  end
  def remove
    chain \
      remove_remote_context,
      remove_buildx
  end
  def info
    chain \
      docker(:context, :ls),
      docker(:buildx, :ls)
  end
  def inspect_builder
    combine \
      combine inspect_buildx, inspect_remote_context,
      [ "(echo no compatible builder && exit 1)" ],
      by: "||"
  end
  private
    def builder_name
      "kamal-remote-#{remote.gsub(/[^a-z0-9_-]/, "-")}"
    end
    def remote_context_name
      "#{builder_name}-context"
    end
    def inspect_buildx
      pipe \
        docker(:buildx, :inspect, builder_name),
        grep("-q", "Endpoint:.*#{remote_context_name}")
    end
    def inspect_remote_context
      pipe \
        docker(:context, :inspect, remote_context_name, "--format", ENDPOINT_DOCKER_HOST_INSPECT),
        grep("-xq", remote)
    end
    def create_remote_context
      docker :context, :create, remote_context_name, "--description", "'#{builder_name} host'", "--docker", "'host=#{remote}'"
    end
    def remove_remote_context
      docker :context, :rm, remote_context_name
    end
    def create_buildx
      docker :buildx, :create, "--name", builder_name, remote_context_name
    end
    def remove_buildx
      docker :buildx, :rm, builder_name
    end
 end
--- a/lib/kamal/commands/docker.rb
+++ b/lib/kamal/commands/docker.rb
@@ -0,0 +1,34 @@
 class Kamal::Commands::Docker < Kamal::Commands::Base
  # Install Docker using the https://github.com/docker/docker-install convenience script.
  def install
    pipe get_docker, :sh
  end
  # Checks the Docker client version. Fails if Docker is not installed.
  def installed?
    docker "-v"
  end
  # Checks the Docker server version. Fails if Docker is not running.
  def running?
    docker :version
  end
  # Do we have superuser access to install Docker and start system services?
  def superuser?
    [ '[ "${EUID:-$(id -u)}" -eq 0 ] || command -v sudo >/dev/null || command -v su >/dev/null' ]
  end
  def create_network
    docker :network, :create, :kamal
  end
  private
    def get_docker
      shell \
        any \
          [ :curl, "-fsSL", "https://get.docker.com" ],
          [ :wget, "-O -", "https://get.docker.com" ],
          [ :echo, "\"exit 1\"" ]
    end
 end
--- a/lib/kamal/commands/hook.rb
+++ b/lib/kamal/commands/hook.rb
@@ -0,0 +1,20 @@
 class Kamal::Commands::Hook < Kamal::Commands::Base
  def run(hook)
    [ hook_file(hook) ]
  end
  def env(secrets: false, **details)
    tags(**details).env.tap do |env|
      env.merge!(config.secrets.to_h) if secrets
    end
  end
  def hook_exists?(hook)
    Pathname.new(hook_file(hook)).exist?
  end
  private
    def hook_file(hook)
      File.join(config.hooks_path, hook)
    end
 end
--- a/lib/kamal/commands/lock.rb
+++ b/lib/kamal/commands/lock.rb
@@ -1,17 +1,18 @@
 require "active_support/duration"
 require "time"
 require "base64"
-class Mrsk::Commands::Lock < Mrsk::Commands::Base
+class Kamal::Commands::Lock < Kamal::Commands::Base
  def acquire(message, version)
    combine \
-      [:mkdir, lock_dir],
+      [ :mkdir, lock_dir ],
      write_lock_details(message, version)
  end
  def release
    combine \
-      [:rm, lock_details_file],
+      [ :rm, lock_details_file ],
-      [:rm, "-r", lock_dir]
+      [ :rm, "-r", lock_dir ]
  end
  def status
@@ -20,31 +21,37 @@ class Mrsk::Commands::Lock < Mrsk::Commands::Base
      read_lock_details
  end
  def ensure_locks_directory
    [ :mkdir, "-p", locks_dir ]
  end
  private
    def write_lock_details(message, version)
      write \
-        [:echo, "\"#{Base64.encode64(lock_details(message, version))}\""],
+        [ :echo, "\"#{Base64.encode64(lock_details(message, version))}\"" ],
        lock_details_file
    end
    def read_lock_details
      pipe \
-        [:cat, lock_details_file],
+        [ :cat, lock_details_file ],
-        [:base64, "-d"]
+        [ :base64, "-d" ]
    end
    def stat_lock_dir
      write \
-        [:stat, lock_dir],
+        [ :stat, lock_dir ],
        "/dev/null"
    end
    def lock_dir
-      :mrsk_lock
+      dir_name = [ "lock", config.service, config.destination ].compact.join("-")
      File.join(config.run_directory, dir_name)
    end
    def lock_details_file
-      [lock_dir, :details].join("/")
+      File.join(lock_dir, "details")
    end
    def lock_details(message, version)
@@ -56,7 +63,7 @@ class Mrsk::Commands::Lock < Mrsk::Commands::Base
    end
    def locked_by
-      `git config user.name`.strip
+      Kamal::Git.user_name
    rescue Errno::ENOENT
      "Unknown"
    end
--- a/lib/kamal/commands/proxy.rb
+++ b/lib/kamal/commands/proxy.rb
@@ -0,0 +1,87 @@
 class Kamal::Commands::Proxy < Kamal::Commands::Base
  delegate :argumentize, :optionize, to: Kamal::Utils
  def run
    docker :run,
      "--name", container_name,
      "--network", "kamal",
      "--detach",
      "--restart", "unless-stopped",
      "--volume", "kamal-proxy-config:/home/kamal-proxy/.config/kamal-proxy",
      "\$\(#{get_boot_options.join(" ")}\)",
      config.proxy_image
  end
  def start
    docker :container, :start, container_name
  end
  def stop(name: container_name)
    docker :container, :stop, name
  end
  def start_or_run
    combine start, run, by: "||"
  end
  def info
    docker :ps, "--filter", "name=^#{container_name}$"
  end
  def version
    pipe \
      docker(:inspect, container_name, "--format '{{.Config.Image}}'"),
      [ :cut, "-d:", "-f2" ]
  end
  def logs(timestamps: true, since: nil, lines: nil, grep: nil, grep_options: nil)
    pipe \
      docker(:logs, container_name, ("--since #{since}" if since), ("--tail #{lines}" if lines), ("--timestamps" if timestamps), "2>&1"),
      ("grep '#{grep}'#{" #{grep_options}" if grep_options}" if grep)
  end
  def follow_logs(host:, timestamps: true, grep: nil, grep_options: nil)
    run_over_ssh pipe(
      docker(:logs, container_name, ("--timestamps" if timestamps), "--tail", "10", "--follow", "2>&1"),
      (%(grep "#{grep}"#{" #{grep_options}" if grep_options}) if grep)
    ).join(" "), host: host
  end
  def remove_container
    docker :container, :prune, "--force", "--filter", "label=org.opencontainers.image.title=kamal-proxy"
  end
  def remove_image
    docker :image, :prune, "--all", "--force", "--filter", "label=org.opencontainers.image.title=kamal-proxy"
  end
  def cleanup_traefik
    chain \
      docker(:container, :stop, "traefik"),
      combine(
        docker(:container, :prune, "--force", "--filter", "label=org.opencontainers.image.title=Traefik"),
        docker(:image, :prune, "--all", "--force", "--filter", "label=org.opencontainers.image.title=Traefik")
      )
  end
  def ensure_proxy_directory
    make_directory config.proxy_directory
  end
  def remove_proxy_directory
    remove_directory config.proxy_directory
  end
  def get_boot_options
    combine [ :cat, config.proxy_options_file ], [ :echo, "\"#{config.proxy_options_default.join(" ")}\"" ], by: "||"
  end
  def reset_boot_options
    remove_file config.proxy_options_file
  end
  private
    def container_name
      config.proxy_container_name
    end
 end
--- a/lib/kamal/commands/prune.rb
+++ b/lib/kamal/commands/prune.rb
@@ -1,28 +1,28 @@
 require "active_support/duration"
 require "active_support/core_ext/numeric/time"
-class Mrsk::Commands::Prune < Mrsk::Commands::Base
+class Kamal::Commands::Prune < Kamal::Commands::Base
  def dangling_images
-    docker :image, :prune, "--force", "--filter", "label=service=#{config.service}", "--filter", "dangling=true"
+    docker :image, :prune, "--force", "--filter", "label=service=#{config.service}"
  end
  def tagged_images
    pipe \
      docker(:image, :ls, *service_filter, "--format", "'{{.ID}} {{.Repository}}:{{.Tag}}'"),
-      "grep -v -w \"#{active_image_list}\"",
+      grep("-v -w \"#{active_image_list}\""),
      "while read image tag; do docker rmi $tag; done"
  end
-  def containers(keep_last: 5)
+  def app_containers(retain:)
    pipe \
      docker(:ps, "-q", "-a", *service_filter, *stopped_containers_filters),
-      "tail -n +#{keep_last + 1}",
+      "tail -n +#{retain + 1}",
      "while read container_id; do docker rm $container_id; done"
  end
  private
    def stopped_containers_filters
-      [ "created", "exited", "dead" ].flat_map { |status| ["--filter", "status=#{status}"] }
+      [ "created", "exited", "dead" ].flat_map { |status| [ "--filter", "status=#{status}" ] }
    end
    def active_image_list
--- a/lib/kamal/commands/registry.rb
+++ b/lib/kamal/commands/registry.rb
@@ -0,0 +1,16 @@
 class Kamal::Commands::Registry < Kamal::Commands::Base
  def login(registry_config: nil)
    registry_config ||= config.registry
    docker :login,
      registry_config.server,
      "-u", sensitive(Kamal::Utils.escape_shell_value(registry_config.username)),
      "-p", sensitive(Kamal::Utils.escape_shell_value(registry_config.password))
  end
  def logout(registry_config: nil)
    registry_config ||= config.registry
    docker :logout, registry_config.server
  end
 end
--- a/lib/kamal/commands/server.rb
+++ b/lib/kamal/commands/server.rb
@@ -0,0 +1,15 @@
 class Kamal::Commands::Server < Kamal::Commands::Base
  def ensure_run_directory
    make_directory config.run_directory
  end
  def remove_app_directory
    remove_directory config.app_directory
  end
  def app_directory_count
    pipe \
      [ :ls, config.apps_directory ],
      [ :wc, "-l" ]
  end
 end
--- a/lib/kamal/configuration.rb
+++ b/lib/kamal/configuration.rb
@@ -0,0 +1,410 @@
 require "active_support/ordered_options"
 require "active_support/core_ext/string/inquiry"
 require "active_support/core_ext/module/delegation"
 require "active_support/core_ext/hash/keys"
 require "erb"
 require "net/ssh/proxy/jump"
 class Kamal::Configuration
  delegate :service, :image, :labels, :hooks_path, to: :raw_config, allow_nil: true
  delegate :argumentize, :optionize, to: Kamal::Utils
  attr_reader :destination, :raw_config, :secrets
  attr_reader :accessories, :aliases, :boot, :builder, :env, :logging, :proxy, :servers, :ssh, :sshkit, :registry
  include Validation
  PROXY_MINIMUM_VERSION = "v0.8.4"
  PROXY_HTTP_PORT = 80
  PROXY_HTTPS_PORT = 443
  PROXY_LOG_MAX_SIZE = "10m"
  class << self
    def create_from(config_file:, destination: nil, version: nil)
      ENV["KAMAL_DESTINATION"] = destination
      raw_config = load_config_files(config_file, *destination_config_file(config_file, destination))
      new raw_config, destination: destination, version: version
    end
    private
      def load_config_files(*files)
        files.inject({}) { |config, file| config.deep_merge! load_config_file(file) }
      end
      def load_config_file(file)
        if file.exist?
          # Newer Psych doesn't load aliases by default
          load_method = YAML.respond_to?(:unsafe_load) ? :unsafe_load : :load
          YAML.send(load_method, ERB.new(File.read(file)).result).symbolize_keys
        else
          raise "Configuration file not found in #{file}"
        end
      end
      def destination_config_file(base_config_file, destination)
        base_config_file.sub_ext(".#{destination}.yml") if destination
      end
  end
  def initialize(raw_config, destination: nil, version: nil, validate: true)
    @raw_config = ActiveSupport::InheritableOptions.new(raw_config)
    @destination = destination
    @declared_version = version
    validate! raw_config, example: validation_yml.symbolize_keys, context: "", with: Kamal::Configuration::Validator::Configuration
    @secrets = Kamal::Secrets.new(destination: destination)
    # Eager load config to validate it, these are first as they have dependencies later on
    @servers = Servers.new(config: self)
    @registry = Registry.new(config: @raw_config, secrets: secrets)
    @accessories = @raw_config.accessories&.keys&.collect { |name| Accessory.new(name, config: self) } || []
    @aliases = @raw_config.aliases&.keys&.to_h { |name| [ name, Alias.new(name, config: self) ] } || {}
    @boot = Boot.new(config: self)
    @builder = Builder.new(config: self)
    @env = Env.new(config: @raw_config.env || {}, secrets: secrets)
    @logging = Logging.new(logging_config: @raw_config.logging)
    @proxy = Proxy.new(config: self, proxy_config: @raw_config.proxy || {})
    @ssh = Ssh.new(config: self)
    @sshkit = Sshkit.new(config: self)
    ensure_destination_if_required
    ensure_required_keys_present
    ensure_valid_kamal_version
    ensure_retain_containers_valid
    ensure_valid_service_name
    ensure_no_traefik_reboot_hooks
    ensure_one_host_for_ssl_roles
    ensure_unique_hosts_for_ssl_roles
  end
  def version=(version)
    @declared_version = version
  end
  def version
    @declared_version.presence || ENV["VERSION"] || git_version
  end
  def abbreviated_version
    if version
      # Don't abbreviate <sha>_uncommitted_<etc>
      if version.include?("_")
        version
      else
        version[0...7]
      end
    end
  end
  def minimum_version
    raw_config.minimum_version
  end
  def roles
    servers.roles
  end
  def role(name)
    roles.detect { |r| r.name == name.to_s }
  end
  def accessory(name)
    accessories.detect { |a| a.name == name.to_s }
  end
  def all_hosts
    (roles + accessories).flat_map(&:hosts).uniq
  end
  def primary_host
    primary_role&.primary_host
  end
  def primary_role_name
    raw_config.primary_role || "web"
  end
  def primary_role
    role(primary_role_name)
  end
  def allow_empty_roles?
    raw_config.allow_empty_roles
  end
  def proxy_roles
    roles.select(&:running_proxy?)
  end
  def proxy_role_names
    proxy_roles.flat_map(&:name)
  end
  def proxy_hosts
    proxy_roles.flat_map(&:hosts).uniq
  end
  def repository
    [ registry.server, image ].compact.join("/")
  end
  def absolute_image
    "#{repository}:#{version}"
  end
  def latest_image
    "#{repository}:#{latest_tag}"
  end
  def latest_tag
    [ "latest", *destination ].join("-")
  end
  def service_with_version
    "#{service}-#{version}"
  end
  def require_destination?
    raw_config.require_destination
  end
  def retain_containers
    raw_config.retain_containers || 5
  end
  def volume_args
    if raw_config.volumes.present?
      argumentize "--volume", raw_config.volumes
    else
      []
    end
  end
  def logging_args
    logging.args
  end
  def readiness_delay
    raw_config.readiness_delay || 7
  end
  def deploy_timeout
    raw_config.deploy_timeout || 30
  end
  def drain_timeout
    raw_config.drain_timeout || 30
  end
  def run_directory
    ".kamal"
  end
  def apps_directory
    File.join run_directory, "apps"
  end
  def app_directory
    File.join apps_directory, [ service, destination ].compact.join("-")
  end
  def env_directory
    File.join app_directory, "env"
  end
  def assets_directory
    File.join app_directory, "assets"
  end
  def hooks_path
    raw_config.hooks_path || ".kamal/hooks"
  end
  def asset_path
    raw_config.asset_path
  end
  def env_tags
    @env_tags ||= if (tags = raw_config.env["tags"])
      tags.collect { |name, config| Env::Tag.new(name, config: config, secrets: secrets) }
    else
      []
    end
  end
  def env_tag(name)
    env_tags.detect { |t| t.name == name.to_s }
  end
  def proxy_publish_args(http_port, https_port, bind_ips = nil)
    ensure_valid_bind_ips(bind_ips)
    (bind_ips || [ nil ]).map do |bind_ip|
      bind_ip = format_bind_ip(bind_ip)
      publish_http = [ bind_ip, http_port, PROXY_HTTP_PORT ].compact.join(":")
      publish_https = [ bind_ip, https_port, PROXY_HTTPS_PORT ].compact.join(":")
      argumentize "--publish", [ publish_http, publish_https ]
    end.join(" ")
  end
  def proxy_logging_args(max_size)
    argumentize "--log-opt", "max-size=#{max_size}" if max_size.present?
  end
  def proxy_options_default
    [ *proxy_publish_args(PROXY_HTTP_PORT, PROXY_HTTPS_PORT), *proxy_logging_args(PROXY_LOG_MAX_SIZE) ]
  end
  def proxy_image
    "basecamp/kamal-proxy:#{PROXY_MINIMUM_VERSION}"
  end
  def proxy_container_name
    "kamal-proxy"
  end
  def proxy_directory
    File.join run_directory, "proxy"
  end
  def proxy_options_file
    File.join proxy_directory, "options"
  end
  def to_h
    {
      roles: role_names,
      hosts: all_hosts,
      primary_host: primary_host,
      version: version,
      repository: repository,
      absolute_image: absolute_image,
      service_with_version: service_with_version,
      volume_args: volume_args,
      ssh_options: ssh.to_h,
      sshkit: sshkit.to_h,
      builder: builder.to_h,
      accessories: raw_config.accessories,
      logging: logging_args
    }.compact
  end
  private
    # Will raise ArgumentError if any required config keys are missing
    def ensure_destination_if_required
      if require_destination? && destination.nil?
        raise ArgumentError, "You must specify a destination"
      end
      true
    end
    def ensure_required_keys_present
      %i[ service image registry servers ].each do |key|
        raise Kamal::ConfigurationError, "Missing required configuration for #{key}" unless raw_config[key].present?
      end
      unless role(primary_role_name).present?
        raise Kamal::ConfigurationError, "The primary_role #{primary_role_name} isn't defined"
      end
      if primary_role.hosts.empty?
        raise Kamal::ConfigurationError, "No servers specified for the #{primary_role.name} primary_role"
      end
      unless allow_empty_roles?
        roles.each do |role|
          if role.hosts.empty?
            raise Kamal::ConfigurationError, "No servers specified for the #{role.name} role. You can ignore this with allow_empty_roles: true"
          end
        end
      end
      true
    end
    def ensure_valid_service_name
      raise Kamal::ConfigurationError, "Service name can only include alphanumeric characters, hyphens, and underscores" unless raw_config[:service] =~ /^[a-z0-9_-]+$/i
      true
    end
    def ensure_valid_kamal_version
      if minimum_version && Gem::Version.new(minimum_version) > Gem::Version.new(Kamal::VERSION)
        raise Kamal::ConfigurationError, "Current version is #{Kamal::VERSION}, minimum required is #{minimum_version}"
      end
      true
    end
    def ensure_valid_bind_ips(bind_ips)
      bind_ips.present? && bind_ips.each do |ip|
        next if ip =~ Resolv::IPv4::Regex || ip =~ Resolv::IPv6::Regex
        raise ArgumentError, "Invalid publish IP address: #{ip}"
      end
      true
    end
    def ensure_retain_containers_valid
      raise Kamal::ConfigurationError, "Must retain at least 1 container" if retain_containers < 1
      true
    end
    def ensure_no_traefik_reboot_hooks
      hooks = %w[ pre-traefik-reboot post-traefik-reboot ].select { |hook_file| File.exist?(File.join(hooks_path, hook_file)) }
      if hooks.any?
        raise Kamal::ConfigurationError, "Found #{hooks.join(", ")}, these should be renamed to (pre|post)-proxy-reboot"
      end
      true
    end
    def ensure_one_host_for_ssl_roles
      roles.each(&:ensure_one_host_for_ssl)
      true
    end
    def ensure_unique_hosts_for_ssl_roles
      hosts = roles.select(&:ssl?).flat_map { |role| role.proxy.hosts }
      duplicates = hosts.tally.filter_map { |host, count| host if count > 1 }
      raise Kamal::ConfigurationError, "Different roles can't share the same host for SSL: #{duplicates.join(", ")}" if duplicates.any?
      true
    end
    def format_bind_ip(ip)
      # Ensure IPv6 address inside square brackets - e.g. [::1]
      if ip =~ Resolv::IPv6::Regex && ip !~ /\[.*\]/
        "[#{ip}]"
      else
        ip
      end
    end
    def role_names
      raw_config.servers.is_a?(Array) ? [ "web" ] : raw_config.servers.keys.sort
    end
    def git_version
      @git_version ||=
        if Kamal::Git.used?
          if Kamal::Git.uncommitted_changes.present? && !builder.git_clone?
            uncommitted_suffix = "_uncommitted_#{SecureRandom.hex(8)}"
          end
          [ Kamal::Git.revision, uncommitted_suffix ].compact.join
        else
          raise "Can't use commit hash as version, no git repository found in #{Dir.pwd}"
        end
    end
 end
--- a/lib/kamal/configuration/accessory.rb
+++ b/lib/kamal/configuration/accessory.rb
@@ -0,0 +1,218 @@
 class Kamal::Configuration::Accessory
  include Kamal::Configuration::Validation
  DEFAULT_NETWORK = "kamal"
  delegate :argumentize, :optionize, to: Kamal::Utils
  attr_reader :name, :env, :proxy, :registry
  def initialize(name, config:)
    @name, @config, @accessory_config = name.inquiry, config, config.raw_config["accessories"][name]
    validate! \
      accessory_config,
      example: validation_yml["accessories"]["mysql"],
      context: "accessories/#{name}",
      with: Kamal::Configuration::Validator::Accessory
    ensure_valid_roles
    @env = initialize_env
    @proxy = initialize_proxy if running_proxy?
    @registry = initialize_registry if accessory_config["registry"].present?
  end
  def service_name
    accessory_config["service"] || "#{config.service}-#{name}"
  end
  def image
    [ registry&.server, accessory_config["image"] ].compact.join("/")
  end
  def hosts
    hosts_from_host || hosts_from_hosts || hosts_from_roles
  end
  def port
    if port = accessory_config["port"]&.to_s
      port.include?(":") ? port : "#{port}:#{port}"
    end
  end
  def network_args
    argumentize "--network", network
  end
  def publish_args
    argumentize "--publish", port if port
  end
  def labels
    default_labels.merge(accessory_config["labels"] || {})
  end
  def label_args
    argumentize "--label", labels
  end
  def env_args
    [ *env.clear_args, *argumentize("--env-file", secrets_path) ]
  end
  def env_directory
    File.join(config.env_directory, "accessories")
  end
  def secrets_io
    env.secrets_io
  end
  def secrets_path
    File.join(config.env_directory, "accessories", "#{name}.env")
  end
  def files
    accessory_config["files"]&.to_h do |local_to_remote_mapping|
      local_file, remote_file = local_to_remote_mapping.split(":")
      [ expand_local_file(local_file), expand_remote_file(remote_file) ]
    end || {}
  end
  def directories
    accessory_config["directories"]&.to_h do |host_to_container_mapping|
      host_path, container_path = host_to_container_mapping.split(":")
      [ expand_host_path(host_path), container_path ]
    end || {}
  end
  def volumes
    specific_volumes + remote_files_as_volumes + remote_directories_as_volumes
  end
  def volume_args
    argumentize "--volume", volumes
  end
  def option_args
    if args = accessory_config["options"]
      optionize args
    else
      []
    end
  end
  def cmd
    accessory_config["cmd"]
  end
  def running_proxy?
    accessory_config["proxy"].present?
  end
  private
    attr_reader :config, :accessory_config
    def initialize_env
      Kamal::Configuration::Env.new \
        config: accessory_config.fetch("env", {}),
        secrets: config.secrets,
        context: "accessories/#{name}/env"
    end
    def initialize_proxy
      Kamal::Configuration::Proxy.new \
        config: config,
        proxy_config: accessory_config["proxy"],
        context: "accessories/#{name}/proxy"
    end
    def initialize_registry
      Kamal::Configuration::Registry.new \
        config: accessory_config,
        secrets: config.secrets,
        context: "accessories/#{name}/registry"
    end
    def default_labels
      { "service" => service_name }
    end
    def expand_local_file(local_file)
      if local_file.end_with?("erb")
        with_clear_env_loaded { read_dynamic_file(local_file) }
      else
        Pathname.new(File.expand_path(local_file)).to_s
      end
    end
    def with_clear_env_loaded
      env.clear.each { |k, v| ENV[k] = v }
      yield
    ensure
      env.clear.each { |k, v| ENV.delete(k) }
    end
    def read_dynamic_file(local_file)
      StringIO.new(ERB.new(File.read(local_file)).result)
    end
    def expand_remote_file(remote_file)
      service_name + remote_file
    end
    def specific_volumes
      accessory_config["volumes"] || []
    end
    def remote_files_as_volumes
      accessory_config["files"]&.collect do |local_to_remote_mapping|
        _, remote_file = local_to_remote_mapping.split(":")
        "#{service_data_directory + remote_file}:#{remote_file}"
      end || []
    end
    def remote_directories_as_volumes
      accessory_config["directories"]&.collect do |host_to_container_mapping|
        host_path, container_path = host_to_container_mapping.split(":")
        [ expand_host_path(host_path), container_path ].join(":")
      end || []
    end
    def expand_host_path(host_path)
      absolute_path?(host_path) ? host_path : File.join(service_data_directory, host_path)
    end
    def absolute_path?(path)
      Pathname.new(path).absolute?
    end
    def service_data_directory
      "$PWD/#{service_name}"
    end
    def hosts_from_host
      [ accessory_config["host"] ] if accessory_config.key?("host")
    end
    def hosts_from_hosts
      accessory_config["hosts"] if accessory_config.key?("hosts")
    end
    def hosts_from_roles
      if accessory_config.key?("roles")
        accessory_config["roles"].flat_map { |role| config.role(role)&.hosts }
      end
    end
    def network
      accessory_config["network"] || DEFAULT_NETWORK
    end
    def ensure_valid_roles
      if accessory_config["roles"] && (missing_roles = accessory_config["roles"] - config.roles.map(&:name)).any?
        raise Kamal::ConfigurationError, "accessories/#{name}: unknown roles #{missing_roles.join(", ")}"
      end
    end
 end
--- a/lib/kamal/configuration/alias.rb
+++ b/lib/kamal/configuration/alias.rb
@@ -0,0 +1,15 @@
 class Kamal::Configuration::Alias
  include Kamal::Configuration::Validation
  attr_reader :name, :command
  def initialize(name, config:)
    @name, @command = name.inquiry, config.raw_config["aliases"][name]
    validate! \
      command,
      example: validation_yml["aliases"]["uname"],
      context: "aliases/#{name}",
      with: Kamal::Configuration::Validator::Alias
  end
 end
--- a/lib/kamal/configuration/boot.rb
+++ b/lib/kamal/configuration/boot.rb
@@ -0,0 +1,25 @@
 class Kamal::Configuration::Boot
  include Kamal::Configuration::Validation
  attr_reader :boot_config, :host_count
  def initialize(config:)
    @boot_config = config.raw_config.boot || {}
    @host_count = config.all_hosts.count
    validate! boot_config
  end
  def limit
    limit = boot_config["limit"]
    if limit.to_s.end_with?("%")
      [ host_count * limit.to_i / 100, 1 ].max
    else
      limit
    end
  end
  def wait
    boot_config["wait"]
  end
 end
--- a/lib/kamal/configuration/builder.rb
+++ b/lib/kamal/configuration/builder.rb
@@ -0,0 +1,199 @@
 class Kamal::Configuration::Builder
  include Kamal::Configuration::Validation
  attr_reader :config, :builder_config
  delegate :image, :service, to: :config
  delegate :server, to: :"config.registry"
  def initialize(config:)
    @config = config
    @builder_config = config.raw_config.builder || {}
    @image = config.image
    @server = config.registry.server
    @service = config.service
    validate! builder_config, with: Kamal::Configuration::Validator::Builder
  end
  def to_h
    builder_config
  end
  def remote
    builder_config["remote"]
  end
  def arches
    Array(builder_config.fetch("arch", default_arch))
  end
  def local_arches
    @local_arches ||= if local_disabled?
      []
    elsif remote
      arches & [ Kamal::Utils.docker_arch ]
    else
      arches
    end
  end
  def remote_arches
    @remote_arches ||= if remote
      arches - local_arches
    else
      []
    end
  end
  def remote?
    remote_arches.any?
  end
  def local?
    !local_disabled? && (arches.empty? || local_arches.any?)
  end
  def cloud?
    driver.start_with? "cloud"
  end
  def cached?
    !!builder_config["cache"]
  end
  def args
    builder_config["args"] || {}
  end
  def secrets
    (builder_config["secrets"] || []).to_h { |key| [ key, config.secrets[key] ] }
  end
  def dockerfile
    builder_config["dockerfile"] || "Dockerfile"
  end
  def target
    builder_config["target"]
  end
  def context
    builder_config["context"] || "."
  end
  def driver
    builder_config.fetch("driver", "docker-container")
  end
  def local_disabled?
    builder_config["local"] == false
  end
  def cache_from
    if cached?
      case builder_config["cache"]["type"]
      when "gha"
        cache_from_config_for_gha
      when "registry"
        cache_from_config_for_registry
      end
    end
  end
  def cache_to
    if cached?
      case builder_config["cache"]["type"]
      when "gha"
        cache_to_config_for_gha
      when "registry"
        cache_to_config_for_registry
      end
    end
  end
  def ssh
    builder_config["ssh"]
  end
  def provenance
    builder_config["provenance"]
  end
  def sbom
    builder_config["sbom"]
  end
  def git_clone?
    Kamal::Git.used? && builder_config["context"].nil?
  end
  def clone_directory
    @clone_directory ||= File.join Dir.tmpdir, "kamal-clones", [ service, pwd_sha ].compact.join("-")
  end
  def build_directory
    @build_directory ||=
      if git_clone?
        File.join clone_directory, repo_basename, repo_relative_pwd
      else
        "."
      end
  end
  def docker_driver?
    driver == "docker"
  end
  private
    def valid?
      if docker_driver?
        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support remote builders" if remote
        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support caching" if cached?
        raise ArgumentError, "Invalid builder configuration: the `docker` driver does not not support multiple arches" if arches.many?
      end
      if @options["cache"] && @options["cache"]["type"]
        raise ArgumentError, "Invalid cache type: #{@options["cache"]["type"]}" unless [ "gha", "registry" ].include?(@options["cache"]["type"])
      end
    end
    def cache_image
      builder_config["cache"]&.fetch("image", nil) || "#{image}-build-cache"
    end
    def cache_image_ref
      [ server, cache_image ].compact.join("/")
    end
    def cache_from_config_for_gha
      "type=gha"
    end
    def cache_from_config_for_registry
      [ "type=registry", "ref=#{cache_image_ref}" ].compact.join(",")
    end
    def cache_to_config_for_gha
      [ "type=gha", builder_config["cache"]&.fetch("options", nil) ].compact.join(",")
    end
    def cache_to_config_for_registry
      [ "type=registry", "ref=#{cache_image_ref}", builder_config["cache"]&.fetch("options", nil) ].compact.join(",")
    end
    def repo_basename
      File.basename(Kamal::Git.root)
    end
    def repo_relative_pwd
      Dir.pwd.delete_prefix(Kamal::Git.root)
    end
    def pwd_sha
      Digest::SHA256.hexdigest(Dir.pwd)[0..12]
    end
    def default_arch
      docker_driver? ? [] : [ "amd64", "arm64" ]
    end
 end
--- a/lib/kamal/configuration/docs/accessory.yml
+++ b/lib/kamal/configuration/docs/accessory.yml
@@ -0,0 +1,123 @@
 # Accessories
 #
 # Accessories can be booted on a single host, a list of hosts, or on specific roles.
 # The hosts do not need to be defined in the Kamal servers configuration.
 #
 # Accessories are managed separately from the main service — they are not updated
 # when you deploy, and they do not have zero-downtime deployments.
 #
 # Run `kamal accessory boot <accessory>` to boot an accessory.
 # See `kamal accessory --help` for more information.
 # Configuring accessories
 #
 # First, define the accessory in the `accessories`:
 accessories:
  mysql:
    # Service name
    #
    # This is used in the service label and defaults to `<service>-<accessory>`,
    # where `<service>` is the main service name from the root configuration:
    service: mysql
    # Image
    #
    # The Docker image to use.
    # Prefix it with its server when using root level registry different from Docker Hub.
    # Define registry directly or via anchors when it differs from root level registry.
    image: mysql:8.0
    # Registry
    #
    # By default accessories use Docker Hub registry.
    # You can specify different registry per accessory with this option.
    # Don't prefix image with this registry server.
    # Use anchors if you need to set the same specific registry for several accessories.
    #
    # ```yml
    # registry:
    #   <<: *specific-registry
    # ```
    #
    # See kamal docs registry for more information:
    registry:
      ...
    # Accessory hosts
    #
    # Specify one of `host`, `hosts`, or `roles`:
    host: mysql-db1
    hosts:
      - mysql-db1
      - mysql-db2
    roles:
      - mysql
    # Custom command
    #
    # You can set a custom command to run in the container if you do not want to use the default:
    cmd: "bin/mysqld"
    # Port mappings
    #
    # See [https://docs.docker.com/network/](https://docs.docker.com/network/), and
    # especially note the warning about the security implications of exposing ports publicly.
    port: "127.0.0.1:3306:3306"
    # Labels
    labels:
      app: myapp
    # Options
    #
    # These are passed to the Docker run command in the form `--<name> <value>`:
    options:
      restart: always
      cpus: 2
    # Environment variables
    #
    # See kamal docs env for more information:
    env:
      ...
    # Copying files
    #
    # You can specify files to mount into the container.
    # The format is `local:remote`, where `local` is the path to the file on the local machine
    # and `remote` is the path to the file in the container.
    #
    # They will be uploaded from the local repo to the host and then mounted.
    #
    # ERB files will be evaluated before being copied.
    files:
      - config/my.cnf.erb:/etc/mysql/my.cnf
      - config/myoptions.cnf:/etc/mysql/myoptions.cnf
    # Directories
    #
    # You can specify directories to mount into the container. They will be created on the host
    # before being mounted:
    directories:
      - mysql-logs:/var/log/mysql
    # Volumes
    #
    # Any other volumes to mount, in addition to the files and directories.
    # They are not created or copied before mounting:
    volumes:
      - /path/to/mysql-logs:/var/log/mysql
    # Network
    #
    # The network the accessory will be attached to.
    #
    # Defaults to kamal:
    network: custom
    # Proxy
    #
    # You can run your accessory behind the Kamal proxy. See kamal docs proxy for more information
    proxy:
      ...
--- a/lib/kamal/configuration/docs/alias.yml
+++ b/lib/kamal/configuration/docs/alias.yml
@@ -0,0 +1,26 @@
 # Aliases
 #
 # Aliases are shortcuts for Kamal commands.
 #
 # For example, for a Rails app, you might open a console with:
 #
 # ```shell
 # kamal app exec -i --reuse "bin/rails console"
 # ```
 #
 # By defining an alias, like this:
 aliases:
  console: app exec -i --reuse "bin/rails console"
 # You can now open the console with:
 #
 # ```shell
 # kamal console
 # ```
 # Configuring aliases
 #
 # Aliases are defined in the root config under the alias key.
 #
 # Each alias is named and can only contain lowercase letters, numbers, dashes, and underscores:
 aliases:
  uname: app exec -p -q -r web "uname -a"
--- a/lib/kamal/configuration/docs/boot.yml
+++ b/lib/kamal/configuration/docs/boot.yml
@@ -0,0 +1,19 @@
 # Booting
 #
 # When deploying to large numbers of hosts, you might prefer not to restart your services on every host at the same time.
 #
 # Kamal’s default is to boot new containers on all hosts in parallel. However, you can control this with the boot configuration.
 # Fixed group sizes
 #
 # Here, we boot 2 hosts at a time with a 10-second gap between each group:
 boot:
  limit: 2
  wait: 10
 # Percentage of hosts
 #
 # Here, we boot 25% of the hosts at a time with a 2-second gap between each group:
 boot:
  limit: 25%
  wait: 2
--- a/lib/kamal/configuration/docs/builder.yml
+++ b/lib/kamal/configuration/docs/builder.yml
@@ -0,0 +1,119 @@
 # Builder
 #
 # The builder configuration controls how the application is built with `docker build`.
 #
 # See https://kamal-deploy.org/docs/configuration/builder-examples/ for more information.
 # Builder options
 #
 # Options go under the builder key in the root configuration.
 builder:
  # Arch
  #
  # The architectures to build for — you can set an array or just a single value.
  #
  # Allowed values are `amd64` and `arm64`:
  arch:
    - amd64
  # Remote
  #
  # The connection string for a remote builder. If supplied, Kamal will use this
  # for builds that do not match the local architecture of the deployment host.
  remote: ssh://docker@docker-builder
  # Local
  #
  # If set to false, Kamal will always use the remote builder even when building
  # the local architecture.
  #
  # Defaults to true:
  local: true
  # Builder cache
  #
  # The type must be either 'gha' or 'registry'.
  #
  # The image is only used for registry cache and is not compatible with the Docker driver:
  cache:
    type: registry
    options: mode=max
    image: kamal-app-build-cache
  # Build context
  #
  # If this is not set, then a local Git clone of the repo is used.
  # This ensures a clean build with no uncommitted changes.
  #
  # To use the local checkout instead, you can set the context to `.`, or a path to another directory.
  context: .
  # Dockerfile
  #
  # The Dockerfile to use for building, defaults to `Dockerfile`:
  dockerfile: Dockerfile.production
  # Build target
  #
  # If not set, then the default target is used:
  target: production
  # Build arguments
  #
  # Any additional build arguments, passed to `docker build` with `--build-arg <key>=<value>`:
  args:
    ENVIRONMENT: production
  # Referencing build arguments
  #
  # ```shell
  # ARG RUBY_VERSION
  # FROM ruby:$RUBY_VERSION-slim as base
  # ```
  # Build secrets
  #
  # Values are read from `.kamal/secrets`:
  secrets:
    - SECRET1
    - SECRET2
  # Referencing build secrets
  #
  # ```shell
  # # Copy Gemfiles
  # COPY Gemfile Gemfile.lock ./
  #
  # # Install dependencies, including private repositories via access token
  # # Then remove bundle cache with exposed GITHUB_TOKEN
  # RUN --mount=type=secret,id=GITHUB_TOKEN \
  #   BUNDLE_GITHUB__COM=x-access-token:$(cat /run/secrets/GITHUB_TOKEN) \
  #   bundle install && \
  #   rm -rf /usr/local/bundle/cache
  # ```
  # SSH
  #
  # SSH agent socket or keys to expose to the build:
  ssh: default=$SSH_AUTH_SOCK
  # Driver
  #
  # The build driver to use, defaults to `docker-container`:
  driver: docker
  #
  # If you want to use Docker Build Cloud (https://www.docker.com/products/build-cloud/), you can set the driver to:
  driver: cloud org-name/builder-name
  # Provenance
  #
  # It is used to configure provenance attestations for the build result.
  # The value can also be a boolean to enable or disable provenance attestations.
  provenance: mode=max
  # SBOM (Software Bill of Materials)
  #
  # It is used to configure SBOM generation for the build result.
  # The value can also be a boolean to enable or disable SBOM generation.
  sbom: true
--- a/lib/kamal/configuration/docs/configuration.yml
+++ b/lib/kamal/configuration/docs/configuration.yml
@@ -0,0 +1,178 @@
 # Kamal Configuration
 #
 # Configuration is read from the `config/deploy.yml`.
 # Destinations
 #
 # When running commands, you can specify a destination with the `-d` flag,
 # e.g., `kamal deploy -d staging`.
 #
 # In this case, the configuration will also be read from `config/deploy.staging.yml`
 # and merged with the base configuration.
 # Extensions
 #
 # Kamal will not accept unrecognized keys in the configuration file.
 #
 # However, you might want to declare a configuration block using YAML anchors
 # and aliases to avoid repetition.
 #
 # You can prefix a configuration section with `x-` to indicate that it is an
 # extension. Kamal will ignore the extension and not raise an error.
 # The service name
 #
 # This is a required value. It is used as the container name prefix.
 service: myapp
 # The Docker image name
 #
 # The image will be pushed to the configured registry.
 image: my-image
 # Labels
 #
 # Additional labels to add to the container:
 labels:
  my-label: my-value
 # Volumes
 #
 # Additional volumes to mount into the container:
 volumes:
  - /path/on/host:/path/in/container:ro
 # Registry
 #
 # The Docker registry configuration, see kamal docs registry:
 registry:
  ...
 # Servers
 #
 # The servers to deploy to, optionally with custom roles, see kamal docs servers:
 servers:
  ...
 # Environment variables
 #
 # See kamal docs env:
 env:
  ...
 # Asset path
 #
 # Used for asset bridging across deployments, default to `nil`.
 #
 # If there are changes to CSS or JS files, we may get requests
 # for the old versions on the new container, and vice versa.
 #
 # To avoid 404s, we can specify an asset path.
 # Kamal will replace that path in the container with a mapped
 # volume containing both sets of files.
 # This requires that file names change when the contents change
 # (e.g., by including a hash of the contents in the name).
 #
 # To configure this, set the path to the assets:
 asset_path: /path/to/assets
 # Hooks path
 #
 # Path to hooks, defaults to `.kamal/hooks`.
 # See https://kamal-deploy.org/docs/hooks for more information:
 hooks_path: /user_home/kamal/hooks
 # Require destinations
 #
 # Whether deployments require a destination to be specified, defaults to `false`:
 require_destination: true
 # Primary role
 #
 # This defaults to `web`, but if you have no web role, you can change this:
 primary_role: workers
 # Allowing empty roles
 #
 # Whether roles with no servers are allowed. Defaults to `false`:
 allow_empty_roles: false
 # Retain containers
 #
 # How many old containers and images we retain, defaults to 5:
 retain_containers: 3
 # Minimum version
 #
 # The minimum version of Kamal required to deploy this configuration, defaults to `nil`:
 minimum_version: 1.3.0
 # Readiness delay
 #
 # Seconds to wait for a container to boot after it is running, default 7.
 #
 # This only applies to containers that do not run a proxy or specify a healthcheck:
 readiness_delay: 4
 # Deploy timeout
 #
 # How long to wait for a container to become ready, default 30:
 deploy_timeout: 10
 # Drain timeout
 #
 # How long to wait for a container to drain, default 30:
 drain_timeout: 10
 # Run directory
 #
 # Directory to store kamal runtime files in on the host, default `.kamal`:
 run_directory: /etc/kamal
 # SSH options
 #
 # See kamal docs ssh:
 ssh:
  ...
 # Builder options
 #
 # See kamal docs builder:
 builder:
  ...
 # Accessories
 #
 # Additional services to run in Docker, see kamal docs accessory:
 accessories:
  ...
 # Proxy
 #
 # Configuration for kamal-proxy, see kamal docs proxy:
 proxy:
  ...
 # SSHKit
 #
 # See kamal docs sshkit:
 sshkit:
  ...
 # Boot options
 #
 # See kamal docs boot:
 boot:
  ...
 # Logging
 #
 # Docker logging configuration, see kamal docs logging:
 logging:
  ...
 # Aliases
 #
 # Alias configuration, see kamal docs alias:
 aliases:
  ...
--- a/lib/kamal/configuration/docs/env.yml
+++ b/lib/kamal/configuration/docs/env.yml
@@ -0,0 +1,85 @@
 # Environment variables
 #
 # Environment variables can be set directly in the Kamal configuration or
 # read from `.kamal/secrets`.
 # Reading environment variables from the configuration
 #
 # Environment variables can be set directly in the configuration file.
 #
 # These are passed to the `docker run` command when deploying.
 env:
  DATABASE_HOST: mysql-db1
  DATABASE_PORT: 3306
 # Secrets
 #
 # Kamal uses dotenv to automatically load environment variables set in the `.kamal/secrets` file.
 #
 # If you are using destinations, secrets will instead be read from `.kamal/secrets.<DESTINATION>` if
 # it exists.
 #
 # Common secrets across all destinations can be set in `.kamal/secrets-common`.
 #
 # This file can be used to set variables like `KAMAL_REGISTRY_PASSWORD` or database passwords.
 # You can use variable or command substitution in the secrets file.
 #
 # ```shell
 # KAMAL_REGISTRY_PASSWORD=$KAMAL_REGISTRY_PASSWORD
 # RAILS_MASTER_KEY=$(cat config/master.key)
 # ```
 #
 # You can also use [secret helpers](../../commands/secrets) for some common password managers.
 #
 # ```shell
 # SECRETS=$(kamal secrets fetch ...)
 #
 # REGISTRY_PASSWORD=$(kamal secrets extract REGISTRY_PASSWORD $SECRETS)
 # DB_PASSWORD=$(kamal secrets extract DB_PASSWORD $SECRETS)
 # ```
 #
 # If you store secrets directly in `.kamal/secrets`, ensure that it is not checked into version control.
 #
 # To pass the secrets, you should list them under the `secret` key. When you do this, the
 # other variables need to be moved under the `clear` key.
 #
 # Unlike clear values, secrets are not passed directly to the container
 # but are stored in an env file on the host:
 env:
  clear:
    DB_USER: app
  secret:
    - DB_PASSWORD
 # Tags
 #
 # Tags are used to add extra env variables to specific hosts.
 # See kamal docs servers for how to tag hosts.
 #
 # Tags are only allowed in the top-level env configuration (i.e., not under a role-specific env).
 #
 # The env variables can be specified with secret and clear values as explained above.
 env:
  tags:
    <tag1>:
      MYSQL_USER: monitoring
    <tag2>:
      clear:
        MYSQL_USER: readonly
      secret:
        - MYSQL_PASSWORD
 # Example configuration
 env:
  clear:
    MYSQL_USER: app
  secret:
    - MYSQL_PASSWORD
  tags:
    monitoring:
      MYSQL_USER: monitoring
    replica:
      clear:
        MYSQL_USER: readonly
      secret:
        - READONLY_PASSWORD
--- a/lib/kamal/configuration/docs/logging.yml
+++ b/lib/kamal/configuration/docs/logging.yml
@@ -0,0 +1,21 @@
 # Custom logging configuration
 #
 # Set these to control the Docker logging driver and options.
 # Logging settings
 #
 # These go under the logging key in the configuration file.
 #
 # This can be specified at the root level or for a specific role.
 logging:
  # Driver
  #
  # The logging driver to use, passed to Docker via `--log-driver`:
  driver: json-file
  # Options
  #
  # Any logging options to pass to the driver, passed to Docker via `--log-opt`:
  options:
    max-size: 100m
--- a/lib/kamal/configuration/docs/proxy.yml
+++ b/lib/kamal/configuration/docs/proxy.yml
@@ -0,0 +1,108 @@
 # Proxy
 #
 # Kamal uses [kamal-proxy](https://github.com/basecamp/kamal-proxy) to provide
 # gapless deployments. It runs on ports 80 and 443 and forwards requests to the
 # application container.
 #
 # The proxy is configured in the root configuration under `proxy`. These are
 # options that are set when deploying the application, not when booting the proxy.
 #
 # They are application-specific, so they are not shared when multiple applications
 # run on the same proxy.
 #
 # The proxy is enabled by default on the primary role but can be disabled by
 # setting `proxy: false`.
 #
 # It is disabled by default on all other roles but can be enabled by setting
 # `proxy: true` or providing a proxy configuration.
 proxy:
  # Hosts
  #
  # The hosts that will be used to serve the app. The proxy will only route requests
  # to this host to your app.
  #
  # If no hosts are set, then all requests will be forwarded, except for matching
  # requests for other apps deployed on that server that do have a host set.
  #
  # Specify one of `host` or `hosts`.
  host: foo.example.com
  hosts:
    - foo.example.com
    - bar.example.com
  # App port
  #
  # The port the application container is exposed on.
  #
  # Defaults to 80:
  app_port: 3000
  # SSL
  #
  # kamal-proxy can provide automatic HTTPS for your application via Let's Encrypt.
  #
  # This requires that we are deploying to one server and the host option is set.
  # The host value must point to the server we are deploying to, and port 443 must be
  # open for the Let's Encrypt challenge to succeed.
  #
  # If you set `ssl` to `true`, `kamal-proxy` will stop forwarding headers to your app,
  # unless you explicitly set `forward_headers: true`
  #
  # Defaults to `false`:
  ssl: true
  # Forward headers
  #
  # Whether to forward the `X-Forwarded-For` and `X-Forwarded-Proto` headers.
  #
  # If you are behind a trusted proxy, you can set this to `true` to forward the headers.
  #
  # By default, kamal-proxy will not forward the headers if the `ssl` option is set to `true`, and
  # will forward them if it is set to `false`.
  forward_headers: true
  # Response timeout
  #
  # How long to wait for requests to complete before timing out, defaults to 30 seconds:
  response_timeout: 10
  # Healthcheck
  #
  # When deploying, the proxy will by default hit `/up` once every second until we hit
  # the deploy timeout, with a 5-second timeout for each request.
  #
  # Once the app is up, the proxy will stop hitting the healthcheck endpoint.
  healthcheck:
    interval: 3
    path: /health
    timeout: 3
  # Buffering
  #
  # Whether to buffer request and response bodies in the proxy.
  #
  # By default, buffering is enabled with a max request body size of 1GB and no limit
  # for response size.
  #
  # You can also set the memory limit for buffering, which defaults to 1MB; anything
  # larger than that is written to disk.
  buffering:
    requests: true
    responses: true
    max_request_body: 40_000_000
    max_response_body: 0
    memory: 2_000_000
  # Logging
  #
  # Configure request logging for the proxy.
  # You can specify request and response headers to log.
  # By default, `Cache-Control`, `Last-Modified`, and `User-Agent` request headers are logged:
  logging:
    request_headers:
      - Cache-Control
      - X-Forwarded-Proto
    response_headers:
      - X-Request-ID
      - X-Request-Start
--- a/lib/kamal/configuration/docs/registry.yml
+++ b/lib/kamal/configuration/docs/registry.yml
@@ -0,0 +1,56 @@
 # Registry
 #
 # The default registry is Docker Hub, but you can change it using `registry/server`.
 #
 # By default, Docker Hub creates public repositories. To avoid making your images public,
 # set up a private repository before deploying, or change the default repository privacy
 # settings to private in your [Docker Hub settings](https://hub.docker.com/repository-settings/default-privacy).
 #
 # A reference to a secret (in this case, `DOCKER_REGISTRY_TOKEN`) will look up the secret
 # in the local environment:
 registry:
  server: registry.digitalocean.com
  username:
    - DOCKER_REGISTRY_TOKEN
  password:
    - DOCKER_REGISTRY_TOKEN
 # Using AWS ECR as the container registry
 #
 # You will need to have the AWS CLI installed locally for this to work.
 # AWS ECR’s access token is only valid for 12 hours. In order to avoid having to manually regenerate the token every time, you can use ERB in the `deploy.yml` file to shell out to the AWS CLI command and obtain the token:
 registry:
  server: <your aws account id>.dkr.ecr.<your aws region id>.amazonaws.com
  username: AWS
  password: <%= %x(aws ecr get-login-password) %>
 # Using GCP Artifact Registry as the container registry
 #
 # To sign into Artifact Registry, you need to
 # [create a service account](https://cloud.google.com/iam/docs/service-accounts-create#creating)
 # and [set up roles and permissions](https://cloud.google.com/artifact-registry/docs/access-control#permissions).
 # Normally, assigning the `roles/artifactregistry.writer` role should be sufficient.
 #
 # Once the service account is ready, you need to generate and download a JSON key and base64 encode it:
 #
 # ```shell
 # base64 -i /path/to/key.json | tr -d "\\n"
 # ```
 #
 # You'll then need to set the `KAMAL_REGISTRY_PASSWORD` secret to that value.
 #
 # Use the environment variable as the password along with `_json_key_base64` as the username.
 # Here’s the final configuration:
 registry:
  server: <your registry region>-docker.pkg.dev
  username: _json_key_base64
  password:
    - KAMAL_REGISTRY_PASSWORD
 # Validating the configuration
 #
 # You can validate the configuration by running:
 #
 # ```shell
 # kamal registry login
 # ```
--- a/lib/kamal/configuration/docs/role.yml
+++ b/lib/kamal/configuration/docs/role.yml
@@ -0,0 +1,53 @@
 # Roles
 #
 # Roles are used to configure different types of servers in the deployment.
 # The most common use for this is to run web servers and job servers.
 #
 # Kamal expects there to be a `web` role, unless you set a different `primary_role`
 # in the root configuration.
 # Role configuration
 #
 # Roles are specified under the servers key:
 servers:
  # Simple role configuration
  #
  # This can be a list of hosts if you don't need custom configuration for the role.
  #
  # You can set tags on the hosts for custom env variables (see kamal docs env):
  web:
    - 172.1.0.1
    - 172.1.0.2: experiment1
    - 172.1.0.2: [ experiment1, experiment2 ]
  # Custom role configuration
  #
  # When there are other options to set, the list of hosts goes under the `hosts` key.
  #
  # By default, only the primary role uses a proxy.
  #
  # For other roles, you can set it to `proxy: true` to enable it and inherit the root proxy
  # configuration or provide a map of options to override the root configuration.
  #
  # For the primary role, you can set `proxy: false` to disable the proxy.
  #
  # You can also set a custom `cmd` to run in the container and overwrite other settings
  # from the root configuration.
  workers:
    hosts:
      - 172.1.0.3
      - 172.1.0.4: experiment1
    cmd: "bin/jobs"
    options:
      memory: 2g
      cpus: 4
    logging:
      ...
    proxy:
      ...
    labels:
      my-label: workers
    env:
      ...
    asset_path: /public
--- a/lib/kamal/configuration/docs/servers.yml
+++ b/lib/kamal/configuration/docs/servers.yml
@@ -0,0 +1,27 @@
 # Servers
 #
 # Servers are split into different roles, with each role having its own configuration.
 #
 # For simpler deployments, though, where all servers are identical, you can just specify a list of servers.
 # They will be implicitly assigned to the `web` role.
 servers:
  - 172.0.0.1
  - 172.0.0.2
  - 172.0.0.3
 # Tagging servers
 #
 # Servers can be tagged, with the tags used to add custom env variables (see kamal docs env).
 servers:
  - 172.0.0.1
  - 172.0.0.2: experiments
  - 172.0.0.3: [ experiments, three ]
 # Roles
 #
 # For more complex deployments (e.g., if you are running job hosts), you can specify roles and configure each separately (see kamal docs role):
 servers:
  web:
    ...
  workers:
    ...
--- a/lib/kamal/configuration/docs/ssh.yml
+++ b/lib/kamal/configuration/docs/ssh.yml
@@ -0,0 +1,70 @@
 # SSH configuration
 #
 # Kamal uses SSH to connect and run commands on your hosts.
 # By default, it will attempt to connect to the root user on port 22.
 #
 # If you are using a non-root user, you may need to bootstrap your servers manually before using them with Kamal. On Ubuntu, you’d do:
 #
 # ```shell
 # sudo apt update
 # sudo apt upgrade -y
 # sudo apt install -y docker.io curl git
 # sudo usermod -a -G docker app
 # ```
 # SSH options
 #
 # The options are specified under the ssh key in the configuration file.
 ssh:
  # The SSH user
  #
  # Defaults to `root`:
  user: app
  # The SSH port
  #
  # Defaults to 22:
  port: "2222"
  # Proxy host
  #
  # Specified in the form <host> or <user>@<host>:
  proxy: root@proxy-host
  # Proxy command
  #
  # A custom proxy command, required for older versions of SSH:
  proxy_command: "ssh -W %h:%p user@proxy"
  # Log level
  #
  # Defaults to `fatal`. Set this to `debug` if you are having SSH connection issues.
  log_level: debug
  # Keys only
  #
  # Set to `true` to use only private keys from the `keys` and `key_data` parameters,
  # even if ssh-agent offers more identities. This option is intended for
  # situations where ssh-agent offers many different identities or you
  # need to overwrite all identities and force a single one.
  keys_only: false
  # Keys
  #
  # An array of file names of private keys to use for public key
  # and host-based authentication:
  keys: [ "~/.ssh/id.pem" ]
  # Key data
  #
  # An array of strings, with each element of the array being
  # a raw private key in PEM format.
  key_data: [ "-----BEGIN OPENSSH PRIVATE KEY-----" ]
  # Config
  #
  # Set to true to load the default OpenSSH config files (~/.ssh/config,
  # /etc/ssh_config), to false ignore config files, or to a file path
  # (or array of paths) to load specific configuration. Defaults to true.
  config: true
--- a/lib/kamal/configuration/docs/sshkit.yml
+++ b/lib/kamal/configuration/docs/sshkit.yml
@@ -0,0 +1,23 @@
 # SSHKit
 #
 # [SSHKit](https://github.com/capistrano/sshkit) is the SSH toolkit used by Kamal.
 #
 # The default, settings should be sufficient for most use cases, but
 # when connecting to a large number of hosts, you may need to adjust.
 # SSHKit options
 #
 # The options are specified under the sshkit key in the configuration file.
 sshkit:
  # Max concurrent starts
  #
  # Creating SSH connections concurrently can be an issue when deploying to many servers.
  # By default, Kamal will limit concurrent connection starts to 30 at a time.
  max_concurrent_starts: 10
  # Pool idle timeout
  #
  # Kamal sets a long idle timeout of 900 seconds on connections to try to avoid
  # re-connection storms after an idle period, such as building an image or waiting for CI.
  pool_idle_timeout: 300
--- a/lib/kamal/configuration/env.rb
+++ b/lib/kamal/configuration/env.rb
@@ -0,0 +1,29 @@
 class Kamal::Configuration::Env
  include Kamal::Configuration::Validation
  attr_reader :context, :secrets
  attr_reader :clear, :secret_keys
  delegate :argumentize, to: Kamal::Utils
  def initialize(config:, secrets:, context: "env")
    @clear = config.fetch("clear", config.key?("secret") || config.key?("tags") ? {} : config)
    @secrets = secrets
    @secret_keys = config.fetch("secret", [])
    @context = context
    validate! config, context: context, with: Kamal::Configuration::Validator::Env
  end
  def clear_args
    argumentize("--env", clear)
  end
  def secrets_io
    Kamal::EnvFile.new(secret_keys.to_h { |key| [ key, secrets[key] ] }).to_io
  end
  def merge(other)
    self.class.new \
      config: { "clear" => clear.merge(other.clear), "secret" => secret_keys | other.secret_keys },
      secrets: secrets
  end
 end
--- a/lib/kamal/configuration/env/tag.rb
+++ b/lib/kamal/configuration/env/tag.rb
@@ -0,0 +1,13 @@
 class Kamal::Configuration::Env::Tag
  attr_reader :name, :config, :secrets
  def initialize(name, config:, secrets:)
    @name = name
    @config = config
    @secrets = secrets
  end
  def env
    Kamal::Configuration::Env.new(config: config, secrets: secrets)
  end
 end
--- a/lib/kamal/configuration/logging.rb
+++ b/lib/kamal/configuration/logging.rb
@@ -0,0 +1,33 @@
 class Kamal::Configuration::Logging
  delegate :optionize, :argumentize, to: Kamal::Utils
  include Kamal::Configuration::Validation
  attr_reader :logging_config
  def initialize(logging_config:, context: "logging")
    @logging_config = logging_config || {}
    validate! @logging_config, context: context
  end
  def driver
    logging_config["driver"]
  end
  def options
    logging_config.fetch("options", {})
  end
  def merge(other)
    self.class.new logging_config: logging_config.deep_merge(other.logging_config)
  end
  def args
    if driver.present? || options.present?
      optionize({ "log-driver" => driver }.compact) +
        argumentize("--log-opt", options)
    else
      argumentize("--log-opt", { "max-size" => "10m" })
    end
  end
 end
--- a/lib/kamal/configuration/proxy.rb
+++ b/lib/kamal/configuration/proxy.rb
@@ -0,0 +1,62 @@
 class Kamal::Configuration::Proxy
  include Kamal::Configuration::Validation
  DEFAULT_LOG_REQUEST_HEADERS = [ "Cache-Control", "Last-Modified", "User-Agent" ]
  CONTAINER_NAME = "kamal-proxy"
  delegate :argumentize, :optionize, to: Kamal::Utils
  attr_reader :config, :proxy_config
  def initialize(config:, proxy_config:, context: "proxy")
    @config = config
    @proxy_config = proxy_config
    validate! @proxy_config, with: Kamal::Configuration::Validator::Proxy, context: context
  end
  def app_port
    proxy_config.fetch("app_port", 80)
  end
  def ssl?
    proxy_config.fetch("ssl", false)
  end
  def hosts
    proxy_config["hosts"] || proxy_config["host"]&.split(",") || []
  end
  def deploy_options
    {
      host: hosts,
      tls: proxy_config["ssl"].presence,
      "deploy-timeout": seconds_duration(config.deploy_timeout),
      "drain-timeout": seconds_duration(config.drain_timeout),
      "health-check-interval": seconds_duration(proxy_config.dig("healthcheck", "interval")),
      "health-check-timeout": seconds_duration(proxy_config.dig("healthcheck", "timeout")),
      "health-check-path": proxy_config.dig("healthcheck", "path"),
      "target-timeout": seconds_duration(proxy_config["response_timeout"]),
      "buffer-requests": proxy_config.fetch("buffering", { "requests": true }).fetch("requests", true),
      "buffer-responses": proxy_config.fetch("buffering", { "responses": true }).fetch("responses", true),
      "buffer-memory": proxy_config.dig("buffering", "memory"),
      "max-request-body": proxy_config.dig("buffering", "max_request_body"),
      "max-response-body": proxy_config.dig("buffering", "max_response_body"),
      "forward-headers": proxy_config.dig("forward_headers"),
      "log-request-header": proxy_config.dig("logging", "request_headers") || DEFAULT_LOG_REQUEST_HEADERS,
      "log-response-header": proxy_config.dig("logging", "response_headers")
    }.compact
  end
  def deploy_command_args(target:)
    optionize ({ target: "#{target}:#{app_port}" }).merge(deploy_options), with: "="
  end
  def merge(other)
    self.class.new config: config, proxy_config: proxy_config.deep_merge(other.proxy_config)
  end
  private
    def seconds_duration(value)
      value ? "#{value}s" : nil
    end
 end
--- a/lib/kamal/configuration/registry.rb
+++ b/lib/kamal/configuration/registry.rb
@@ -0,0 +1,32 @@
 class Kamal::Configuration::Registry
  include Kamal::Configuration::Validation
  def initialize(config:, secrets:, context: "registry")
    @registry_config = config["registry"] || {}
    @secrets = secrets
    validate! registry_config, context: context, with: Kamal::Configuration::Validator::Registry
  end
  def server
    registry_config["server"]
  end
  def username
    lookup("username")
  end
  def password
    lookup("password")
  end
  private
    attr_reader :registry_config, :secrets
    def lookup(key)
      if registry_config[key].is_a?(Array)
        secrets[registry_config[key].first]
      else
        registry_config[key]
      end
    end
 end
--- a/lib/kamal/configuration/role.rb
+++ b/lib/kamal/configuration/role.rb
@@ -0,0 +1,220 @@
 class Kamal::Configuration::Role
  include Kamal::Configuration::Validation
  delegate :argumentize, :optionize, to: Kamal::Utils
  attr_reader :name, :config, :specialized_env, :specialized_logging, :specialized_proxy
  alias to_s name
  def initialize(name, config:)
    @name, @config = name.inquiry, config
    validate! \
      role_config,
      example: validation_yml["servers"]["workers"],
      context: "servers/#{name}",
      with: Kamal::Configuration::Validator::Role
    @specialized_env = Kamal::Configuration::Env.new \
      config: specializations.fetch("env", {}),
      secrets: config.secrets,
      context: "servers/#{name}/env"
    @specialized_logging = Kamal::Configuration::Logging.new \
      logging_config: specializations.fetch("logging", {}),
      context: "servers/#{name}/logging"
    initialize_specialized_proxy
  end
  def primary_host
    hosts.first
  end
  def hosts
    tagged_hosts.keys
  end
  def env_tags(host)
    tagged_hosts.fetch(host).collect { |tag| config.env_tag(tag) }
  end
  def cmd
    specializations["cmd"]
  end
  def option_args
    if args = specializations["options"]
      optionize args
    else
      []
    end
  end
  def labels
    default_labels.merge(custom_labels)
  end
  def label_args
    argumentize "--label", labels
  end
  def logging_args
    logging.args
  end
  def logging
    @logging ||= config.logging.merge(specialized_logging)
  end
  def proxy
    @proxy ||= config.proxy.merge(specialized_proxy) if running_proxy?
  end
  def running_proxy?
    @running_proxy
  end
  def ssl?
    running_proxy? && proxy.ssl?
  end
  def stop_args
    # When deploying with the proxy, kamal-proxy will drain request before returning so we don't need to wait.
    timeout = running_proxy? ? nil : config.drain_timeout
    [ *argumentize("-t", timeout) ]
  end
  def env(host)
    @envs ||= {}
    @envs[host] ||= [ config.env, specialized_env, *env_tags(host).map(&:env) ].reduce(:merge)
  end
  def env_args(host)
    [ *env(host).clear_args, *argumentize("--env-file", secrets_path) ]
  end
  def env_directory
    File.join(config.env_directory, "roles")
  end
  def secrets_io(host)
    env(host).secrets_io
  end
  def secrets_path
    File.join(config.env_directory, "roles", "#{name}.env")
  end
  def asset_volume_args
    asset_volume&.docker_args
  end
  def primary?
    name == @config.primary_role_name
  end
  def container_name(version = nil)
    [ container_prefix, version || config.version ].compact.join("-")
  end
  def container_prefix
    [ config.service, name, config.destination ].compact.join("-")
  end
  def asset_path
    specializations["asset_path"] || config.asset_path
  end
  def assets?
    asset_path.present? && running_proxy?
  end
  def asset_volume(version = config.version)
    if assets?
      Kamal::Configuration::Volume.new \
        host_path: asset_volume_directory(version), container_path: asset_path
    end
  end
  def asset_extracted_directory(version = config.version)
    File.join config.assets_directory, "extracted", [ name, version ].join("-")
  end
  def asset_volume_directory(version = config.version)
    File.join config.assets_directory, "volumes", [ name, version ].join("-")
  end
  def ensure_one_host_for_ssl
    if running_proxy? && proxy.ssl? && hosts.size > 1
      raise Kamal::ConfigurationError, "SSL is only supported on a single server, found #{hosts.size} servers for role #{name}"
    end
  end
  private
    def initialize_specialized_proxy
      proxy_specializations = specializations["proxy"]
      if primary?
        # only false means no proxy for non-primary roles
        @running_proxy = proxy_specializations != false
      else
        # false and nil both mean no proxy for non-primary roles
        @running_proxy = !!proxy_specializations
      end
      if running_proxy?
        proxy_config = proxy_specializations == true || proxy_specializations.nil? ? {} : proxy_specializations
        @specialized_proxy = Kamal::Configuration::Proxy.new \
          config: config,
          proxy_config: proxy_config,
          context: "servers/#{name}/proxy"
      end
    end
    def tagged_hosts
      {}.tap do |tagged_hosts|
        extract_hosts_from_config.map do |host_config|
          if host_config.is_a?(Hash)
            host, tags = host_config.first
            tagged_hosts[host] = Array(tags)
          elsif host_config.is_a?(String)
            tagged_hosts[host_config] = []
          end
        end
      end
    end
    def extract_hosts_from_config
      if config.raw_config.servers.is_a?(Array)
        config.raw_config.servers
      else
        servers = config.raw_config.servers[name]
        servers.is_a?(Array) ? servers : Array(servers["hosts"])
      end
    end
    def default_labels
      { "service" => config.service, "role" => name, "destination" => config.destination }
    end
    def specializations
      @specializations ||= role_config.is_a?(Array) ? {} : role_config
    end
    def role_config
      @role_config ||= config.raw_config.servers.is_a?(Array) ? {} : config.raw_config.servers[name]
    end
    def custom_labels
      Hash.new.tap do |labels|
        labels.merge!(config.labels) if config.labels.present?
        labels.merge!(specializations["labels"]) if specializations["labels"].present?
      end
    end
 end
--- a/lib/kamal/configuration/servers.rb
+++ b/lib/kamal/configuration/servers.rb
@@ -0,0 +1,18 @@
 class Kamal::Configuration::Servers
  include Kamal::Configuration::Validation
  attr_reader :config, :servers_config, :roles
  def initialize(config:)
    @config = config
    @servers_config = config.raw_config.servers
    validate! servers_config, with: Kamal::Configuration::Validator::Servers
    @roles = role_names.map { |role_name| Kamal::Configuration::Role.new role_name, config: config }
  end
  private
    def role_names
      servers_config.is_a?(Array) ? [ "web" ] : servers_config.keys.sort
    end
 end
--- a/lib/kamal/configuration/ssh.rb
+++ b/lib/kamal/configuration/ssh.rb
@@ -0,0 +1,57 @@
 class Kamal::Configuration::Ssh
  LOGGER = ::Logger.new(STDERR)
  include Kamal::Configuration::Validation
  attr_reader :ssh_config
  def initialize(config:)
    @ssh_config = config.raw_config.ssh || {}
    validate! ssh_config
  end
  def user
    ssh_config.fetch("user", "root")
  end
  def port
    ssh_config.fetch("port", 22)
  end
  def proxy
    if (proxy = ssh_config["proxy"])
      Net::SSH::Proxy::Jump.new(proxy.include?("@") ? proxy : "root@#{proxy}")
    elsif (proxy_command = ssh_config["proxy_command"])
      Net::SSH::Proxy::Command.new(proxy_command)
    end
  end
  def keys_only
    ssh_config["keys_only"]
  end
  def keys
    ssh_config["keys"]
  end
  def key_data
    ssh_config["key_data"]
  end
  def options
    { user: user, port: port, proxy: proxy, logger: logger, keepalive: true, keepalive_interval: 30, keys_only: keys_only, keys: keys, key_data: key_data }.compact
  end
  def to_h
    options.except(:logger).merge(log_level: log_level)
  end
  private
    def logger
      LOGGER.tap { |logger| logger.level = log_level }
    end
    def log_level
      ssh_config.fetch("log_level", :fatal)
    end
 end
--- a/lib/kamal/configuration/sshkit.rb
+++ b/lib/kamal/configuration/sshkit.rb
@@ -0,0 +1,22 @@
 class Kamal::Configuration::Sshkit
  include Kamal::Configuration::Validation
  attr_reader :sshkit_config
  def initialize(config:)
    @sshkit_config = config.raw_config.sshkit || {}
    validate! sshkit_config
  end
  def max_concurrent_starts
    sshkit_config.fetch("max_concurrent_starts", 30)
  end
  def pool_idle_timeout
    sshkit_config.fetch("pool_idle_timeout", 900)
  end
  def to_h
    sshkit_config
  end
 end
--- a/lib/kamal/configuration/validation.rb
+++ b/lib/kamal/configuration/validation.rb
@@ -0,0 +1,27 @@
 require "yaml"
 require "active_support/inflector"
 module Kamal::Configuration::Validation
  extend ActiveSupport::Concern
  class_methods do
    def validation_doc
      @validation_doc ||= File.read(File.join(File.dirname(__FILE__), "docs", "#{validation_config_key}.yml"))
    end
    def validation_config_key
      @validation_config_key ||= name.demodulize.underscore
    end
  end
  def validate!(config, example: nil, context: nil, with: Kamal::Configuration::Validator)
    context ||= self.class.validation_config_key
    example ||= validation_yml[self.class.validation_config_key]
    with.new(config, example: example, context: context).validate!
  end
  def validation_yml
    @validation_yml ||= YAML.load(self.class.validation_doc)
  end
 end
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,2 @@`
							`inherit_gem:`
							`rubocop-rails-omakase: rubocop.yml`
		`@@ -0,0 +1,2 @@`
							`class Kamal::Cli::Healthcheck::Error < StandardError`
							`end`
		`@@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`echo "Docker set up on $KAMAL_HOSTS..."`
		`@@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`echo "Booted app version $KAMAL_VERSION on $KAMAL_HOSTS..."`
		`@@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`echo "Rebooted kamal-proxy on $KAMAL_HOSTS"`
		`@@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`echo "Booting app version $KAMAL_VERSION on $KAMAL_HOSTS..."`
		`@@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`echo "Rebooting kamal-proxy on $KAMAL_HOSTS..."`