max / mnw-cli
git clone https://makenot.work/git/max/mnw-cli.git
git clone git@ssh.makenot.work:max/mnw-cli.git
| Name | Size | |
|---|---|---|
| deploy/ | ||
| docs/ | ||
| src/ | ||
| tests/ | ||
| .gitignore | 8 B | |
| Cargo.lock | 110.1 KB | |
| Cargo.toml | 462 B | |
| README.md | 4.9 KB |
README
mnw-cli
SSH-based CLI and TUI for the Makenotwork creator platform. Authenticates via SSH key fingerprint, provides an interactive terminal UI for managing projects, and supports non-interactive commands for scripting.
Prerequisites
- Rust (stable toolchain, 2024 edition)
- Cross-compilation (for deployment):
zig,cargo-zigbuild,x86_64-unknown-linux-gnutarget
Build and Run
# Local development (needs MNW server running on localhost:3000)
cargo run
# Run with custom port
SSH_PORT=2222 MNW_API_URL=http://localhost:3000 MNW_SERVICE_TOKEN=<token> cargo run
# Cross-compile for production
cargo zigbuild --release --target x86_64-unknown-linux-gnu
Architecture
mnw-cli is an SSH server built on russh. Each connection spawns an independent handler that authenticates via SSH key fingerprint lookup against the MNW API, then dispatches to either the interactive TUI or a non-interactive command.
| Layer | Modules | Role |
|---|---|---|
| SSH | ssh/handler.rs, ssh/mod.rs | Connection handling, public key auth, channel dispatch |
| TUI | tui/mod.rs + 9 screen modules | Interactive terminal UI via ratatui |
| Commands | commands.rs | Non-interactive text output for scripting |
| API | api.rs | HTTP client for MNW internal API (50+ methods) |
| SFTP | ssh/sftp.rs | File upload handling with per-user staging |
| Git | ssh/git.rs | Git proxy (upload-pack, receive-pack) via subprocess |
| Staging | staging.rs | 1 GB per-user upload quota, 24h TTL auto-cleanup |
Authentication
- Client presents SSH public key
- Server computes SHA-256 fingerprint
- Calls MNW internal API to look up the fingerprint
- Returns user info (username, creator tier, suspended status)
- Suspended users are rejected at auth stage
Interactive TUI
Connect via ssh cli.makenot.work for a full terminal interface with these screens:
| Screen | Features |
|---|---|
| Home | Project list, revenue/sales/follower stats with period comparison |
| Project | Items in a project, publish/unpublish, navigation |
| Upload | SFTP staged files, metadata editor, S3 presigned upload flow |
| Item | Item details, versions, edit fields, delete |
| Blog | Blog posts, create with markdown, publish/draft toggle |
| Promo | Promo codes, create with discount %, delete |
| Keys | License keys, generate, revoke |
| Analytics | Timeseries revenue, period comparison, top projects |
| Settings | SSH keys, storage usage, profile info |
Navigation: vim keys (h/j/k/l), Enter to select, q/Esc to go back, Tab to switch sections.
Non-Interactive Commands
ssh cli.makenot.work projects # List projects (table format)
ssh cli.makenot.work projects --json # JSON output for scripting
ssh cli.makenot.work analytics # Revenue stats (7d default)
ssh cli.makenot.work analytics --range=30 # 30-day analytics
ssh cli.makenot.work transactions # Recent transactions
ssh cli.makenot.work export sales # Export sales as CSV
ssh cli.makenot.work promo list # List promo codes
ssh cli.makenot.work promo create CODE 20 # Create 20% discount code
ssh cli.makenot.work blog list SLUG # List blog posts for a project
ssh cli.makenot.work help # Show all commands
All commands support --json for machine-readable output.
File Upload Flow
- Upload file via SFTP to the SSH server
- File lands in per-user staging directory (1 GB quota)
- TUI shows staged files with type classification
- Fill in metadata (title, project, price)
- Server gets presigned S3 URL, uploads file, confirms with MNW API
- Staging directory auto-cleaned on 24-hour TTL
Configuration
| Variable | Default | Purpose |
|---|---|---|
SSH_PORT | 2222 | SSH listen port |
MNW_API_URL | http://localhost:3000 | MNW server base URL |
MNW_SERVICE_TOKEN | (required) | Bearer token for internal API |
SSH_HOST_KEY | host_ed25519 | Path to host key (auto-generated if missing) |
STAGING_DIR | /var/lib/mnw-cli/staging | Per-user upload staging |
GIT_SUDO_USER | git | System user for git subprocess ops |
Deployment
./deploy/deploy.sh # Full: build + upload + config + restart
./deploy/deploy.sh --quick # Build + binary + restart
./deploy/deploy.sh --config # Config files only
Deploys to hetzner (100.120.174.96) as a systemd service with security hardening (ProtectSystem=strict, PrivateTmp, NoNewPrivileges).
Key Paths
| What | Where |
|---|---|
| SSH server + auth | src/ssh/handler.rs |
| TUI app state + event loop | src/tui/mod.rs |
| API client (50+ methods) | src/api.rs |
| Non-interactive commands | src/commands.rs |
| SFTP + staging | src/ssh/sftp.rs, src/staging.rs |
| Git proxy | src/ssh/git.rs |
| Deploy script | deploy/deploy.sh |
| systemd unit | deploy/mnw-cli.service |
License
PolyForm Noncommercial 1.0.0