Implement Keystone environment deployments

tests/Feature/ProvisionScriptTest.php

@@ -0,0 +1,43 @@
+<?php
+
+use App\Models\Provider;
+use App\Models\Server;
+use Illuminate\Support\Facades\File;
+
+it('renders the v1 provisioning script with docker compose and management keys', function () {
+    File::ensureDirectoryExists(storage_path('app/private/ssh'));
+    File::put(storage_path('app/private/ssh/id_ed25519.pub'), 'ssh-ed25519 keystone-public-key');
+
+    $organisation = \App\Models\Organisation::factory()->create();
+    $provider = Provider::factory()->forOrganisation($organisation)->create();
+    $network = $organisation->networks()->create([
+        'name' => 'keystone',
+        'external_id' => 'net-12345',
+        'provider_id' => $provider->id,
+        'ip_range' => fake()->ipv4().'/24',
+    ]);
+    $server = Server::factory()->create([
+        'organisation_id' => $organisation->id,
+        'provider_id' => $provider->id,
+        'network_id' => $network->id,
+    ]);
+
+    $response = $this->get(route('provision-script', [
+        'sudo_password' => 'secret-password',
+        'hostname' => 'keystone-test',
+        'server_id' => $server->id,
+    ]));
+
+    $response->assertOk();
+    expect($response->content())
+        ->toContain('docker-compose-plugin')
+        ->toContain('fail2ban')
+        ->toContain('ufw --force enable')
+        ->toContain('PasswordAuthentication no')
+        ->toContain('ssh-ed25519 keystone-public-key')
+        ->toContain('chmod 600 /home/keystone/.ssh/id_ed25519')
+        ->not->toContain('[!hostname!]')
+        ->not->toContain('[!sudo_password!]')
+        ->not->toContain('[!server_id!]')
+        ->not->toContain('[!keystonepublickey!]');
+});