Enterprise-grade server provisioning written in Rust π¦
Features β’ Quick Start β’ Modules β’ Documentation β’ Contributing
Flux is a powerful, type-safe system administration framework that automates Linux server configuration, security hardening, and ongoing maintenance. Think of it as Infrastructure-as-Code meets Security-by-Default, all in a single blazingly fast binary.
π Fast β Native Rust performance, not shell scripts
π Secure β Security-first design with sensible defaults
π― Focused β One tool for system provisioning & hardening
π¦ Portable β Single binary, no dependencies
π§ Flexible β 11 modules, 5 workflows, fully composable
β
Reliable β Idempotent operations, automatic backups
|
|
|
|
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Flux CLI β
β (Clap + Interactive) β
ββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββ
β
ββββββββββββββββ΄βββββββββββββββ
β β
βββββββββΌβββββββββ βββββββββββΌβββββββββ
β Workflows β β Modules β
β β β β
β β’ Essential ββββββββββββ€ β’ Network β
β β’ Security β β β’ Hostname β
β β’ Complete β β β’ Update β
β β’ Development β β β’ User β
β β’ Monitoring β β β’ SSH β
β β β β’ Firewall β
β β β β’ Sysctl β
β β β β’ Certs β
β β β β’ ZSH β
β β β β’ MOTD β
β β β β’ Netdata β
ββββββββββββββββββ ββββββββββββββββββββ
β β
βββββββββββββ¬ββββββββββββββββ
β
βββββββββββββΌβββββββββββββ
β Helper Functions β
β β
β β’ Logging β
β β’ Validation β
β β’ System Detection β
β β’ File Operations β
β β’ User Input β
ββββββββββββββββββββββββββ
Option 1: Build from Source (Recommended)
Before building, ensure you have the required dependencies installed:
Quick Check (Automated):
# Clone the repository
git clone https://github.com/ethanbissbort/flux-framework-rust.git
cd flux-framework-rust
# Check and install all dependencies automatically
sudo ./scripts/check_dependencies.sh --installManual Installation:
Ubuntu/Debian
# Install build tools and dependencies
sudo apt-get update
sudo apt-get install -y build-essential libssl-dev pkg-config git
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"RHEL/CentOS/Rocky/AlmaLinux/Fedora
# Install build tools and dependencies
sudo dnf install -y gcc gcc-c++ make openssl-devel pkg-config git
# OR for older systems: sudo yum install -y gcc gcc-c++ make openssl-devel pkg-config git
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"Arch/Manjaro
# Install build tools and dependencies
sudo pacman -S --noconfirm base-devel openssl pkg-config git
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"Alpine
# Install build tools and dependencies
sudo apk add build-base openssl-dev pkgconfig git
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"# Clone the repository (if not already done)
git clone https://github.com/ethanbissbort/flux-framework-rust.git
cd flux-framework-rust
# Build in release mode
cargo build --release
# Install system-wide
sudo install -m755 target/release/flux /usr/local/bin/flux
# Verify installation
flux --versionError: linker 'cc' not found or error occurred: Command "cc" ... failed
- Cause: C compiler/linker not installed
- Solution: Install build tools using the automated script:
Or install manually for your distribution (see Manual Installation above)
sudo ./scripts/check_dependencies.sh --install
Error: could not find native static library 'ssl'
- Cause: OpenSSL development headers not installed
- Solution:
- Ubuntu/Debian:
sudo apt-get install libssl-dev - RHEL/CentOS/Fedora:
sudo dnf install openssl-devel - Arch:
sudo pacman -S openssl - Alpine:
sudo apk add openssl-dev
- Ubuntu/Debian:
Error: Rust version ... is too old
- Cause: Rust version older than 1.77
- Solution: Update Rust with
rustup update
Need Help? Run the dependency checker for a detailed report:
./scripts/check_dependencies.shOption 2: From Crates.io (Future)
cargo install flux-framework# 1. Check system compatibility
flux status
# 2. List available modules
flux list modules
# 3. Run essential setup (updates, certs, hardening)
sudo flux apply essential
# 4. Harden security (firewall, SSH, kernel)
sudo flux apply security# Configure SSH hardening
sudo flux module ssh --harden
# Setup a new admin user
sudo flux module user --admin alice --github alice
# Configure firewall with web server preset
sudo flux module firewall --preset web-server
# Install ZSH with Oh-My-Zsh
sudo flux module zsh --theme powerlevel10k
# Setup monitoring
sudo flux module netdata --installFlux provides 11 specialized modules for comprehensive system management:
| Module | Status | Description | Key Features |
|---|---|---|---|
| π update | β | System updates & patches | Security updates, package management, reboot detection |
| π network | β | Network configuration | Static IP, VLANs, diagnostics, interface management |
| π·οΈ hostname | β | Hostname & FQDN setup | System naming, /etc/hosts management |
| π€ user | β | User & group management | Admin users, SSH keys, GitHub integration |
| π ssh | β | SSH hardening | Port changes, key-only auth, fail2ban |
| π‘οΈ firewall | β | Firewall management | UFW/firewalld, presets, rule management |
| βοΈ sysctl | β | Kernel hardening | IPv4/IPv6 security, ASLR, performance tuning |
| π certs | β | Certificate management | System trust store, CA certificates |
| π» zsh | β | ZSH shell setup | Oh-My-Zsh, themes, plugins, aliases |
| π motd | β | Dynamic MOTD | System info, resource usage, security status |
| π netdata | β | Monitoring agent | Real-time metrics, health checks, dashboards |
π‘ Tip: Run
flux module <name> --helpfor detailed usage information
π Full Module Documentation β
Workflows combine multiple modules into cohesive provisioning pipelines:
Perfect for: Fresh server setup, base configuration
sudo flux apply essentialIncludes: update β certs β sysctl β ssh
What it does:
- β Updates all packages to latest versions
- β Installs required certificates
- β Applies kernel hardening parameters
- β Configures SSH security
Perfect for: Hardening existing servers, security compliance
sudo flux apply securityIncludes: firewall β ssh β sysctl
What it does:
- β Configures firewall with deny-all default
- β SSH hardening (port change, key-only auth)
- β Kernel security parameters
Perfect for: Full server provisioning from scratch
sudo flux apply completeIncludes: All 11 modules in optimized sequence
Perfect for: Developer workstations, coding environments
sudo flux apply developmentIncludes: user β zsh β certs
Perfect for: Setting up observability stack
sudo flux apply monitoringIncludes: netdata β certs β motd
π§ Setup a Web Server
# 1. Essential baseline
sudo flux apply essential
# 2. Create admin user
sudo flux module user --admin deploy --github deploybot
# 3. Configure firewall for web traffic
sudo flux module firewall --preset web-server
# 4. Harden SSH
sudo flux module ssh --port 2222 --disable-passwords
# 5. Setup monitoring
sudo flux module netdata --install
# 6. Custom MOTD
sudo flux module motd --org "MyCompany" --banner flux-largeποΈ Database Server Hardening
# Run security workflow
sudo flux apply security
# Configure firewall for database
sudo flux module firewall --preset database-server
# Apply strict kernel parameters
sudo flux module sysctl --apply
# Setup monitoring
sudo flux module netdata --installπ» Developer Workstation Setup
# Run development workflow
sudo flux apply development
# Install ZSH with custom theme
sudo flux module zsh --theme agnoster --plugins "git docker kubectl"
# Setup custom MOTD
sudo flux module motd --org "Dev Team" --banner simpleπ More Examples β
- Installation Guide - Detailed installation instructions
- Module Reference - Complete module documentation
- Workflow Guide - Workflow usage and customization
- Configuration Reference - Config file documentation
- Examples - Real-world usage scenarios
- Contributing Guide - How to contribute
- Architecture - System design and internals
- Roadmap - Future plans and features
- claude.md - Complete framework reference for AI assistants
| Distribution | Support Status | Notes |
|---|---|---|
| π’ Ubuntu | β Full | 20.04+, 22.04+, 24.04+ |
| π’ Debian | β Full | 11, 12 |
| π’ RHEL | β Full | 8, 9 |
| π’ CentOS | β Full | Stream 8, 9 |
| π’ Rocky Linux | β Full | 8, 9 |
| π’ AlmaLinux | β Full | 8, 9 |
| π’ Fedora | β Full | 38, 39, 40 |
| π‘ Alpine | π Planned | v0.5 |
| π‘ Arch | π Planned | v0.5 |
We β€οΈ contributions! Whether it's:
- π Bug reports - Found an issue? Open an issue
- π‘ Feature requests - Have an idea? Start a discussion
- π Documentation - Improve our docs with a PR
- π§ Code contributions - See our Contributing Guide
# 1. Fork and clone
git clone https://github.com/YOUR_USERNAME/flux-framework-rust.git
# 2. Create a branch
git checkout -b feature/amazing-feature
# 3. Make your changes and test
cargo test
cargo clippy
cargo fmt
# 4. Commit with DCO sign-off
git commit -s -m "Add amazing feature"
# 5. Push and create PR
git push origin feature/amazing-featureπ Full Contributing Guide β
- Complete Rust migration from shell scripts
- All 11 modules implemented
- 5 workflows operational
- Comprehensive error handling
- Interactive & scriptable modes
- Configuration file support (
flux.toml) - Dry-run mode for all operations
- Enhanced logging with JSON output
- Module dependency resolution
- Automatic rollback on failure
- Plugin system for custom modules
- Remote execution support
- Multi-server orchestration
- Web UI dashboard
- API server mode
- Alpine & Arch Linux support
- Container-based testing
- Integration with Ansible/Terraform
- Cloud provider integrations
- Compliance reporting (CIS, NIST)
π Detailed Roadmap β
π¦ Modules: 11 β
| 0 π
π Workflows: 5 β
| 0 π
π§ͺ Tests: Coverage in progress
π Lines: ~12,000 lines of Rust
β‘ Binary Size: <5 MB (release)
Flux stands on the shoulders of giants:
- π¦ Rust - The language that makes this possible
- β‘ Tokio - Async runtime
- π― Clap - CLI framework
- π¦ Serde - Serialization framework
- π CIS Benchmarks - Security guidelines
- π‘οΈ Mozilla SSH Guidelines - SSH hardening
Special thanks to all contributors!
Flux Framework is dual-licensed under your choice of:
- Apache License 2.0 (LICENSE-APACHE)
- MIT License (LICENSE-MIT)
This means you can use Flux in your projects under either license.
- π Issues: GitHub Issues
- π¬ Discussions: GitHub Discussions
- π§ Email: flux-framework@example.com
- π Website: https://flux-framework.io
β‘ Built with β€οΈ and Rust π¦
Making Linux system administration fast, safe, and enjoyable