push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change to route based approach

Browse Source
This commit is contained in:
Philipp Kunz
2025-05-10 00:01:02 +00:00
parent 552f4c246b
commit 28022ebe87
13 changed files with 3594 additions and 1167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ts/proxies/smart-proxy/models/index.ts
View File

@ -2,3 +2,7 @@
* SmartProxy models
*/
export * from './interfaces.js';
export * from './route-types.js';
// Re-export IRoutedSmartProxyOptions explicitly to avoid ambiguity
export type { ISmartProxyOptions as IRoutedSmartProxyOptions } from './interfaces.js';

104
ts/proxies/smart-proxy/models/interfaces.ts
View File

@ -1,5 +1,7 @@
import * as plugins from '../../../plugins.js';
import type { IForwardConfig } from '../../../forwarding/config/forwarding-types.js';
import type { IAcmeOptions } from '../../../certificate/models/certificate-types.js';
import type { IRouteConfig } from './route-types.js';
import type { TForwardingType } from '../../../forwarding/config/forwarding-types.js';
/**
* Provision object for static or HTTP-01 certificate
@ -7,27 +9,102 @@ import type { IForwardConfig } from '../../../forwarding/config/forwarding-types
export type TSmartProxyCertProvisionObject = plugins.tsclass.network.ICert | 'http01';
/**
* Domain configuration with forwarding configuration
* Alias for backward compatibility with code that uses IRoutedSmartProxyOptions
*/
export type IRoutedSmartProxyOptions = ISmartProxyOptions;
/**
* Legacy domain configuration interface for backward compatibility
*/
export interface IDomainConfig {
domains: string[]; // Glob patterns for domain(s)
forwarding: IForwardConfig; // Unified forwarding configuration
domains: string[];
forwarding: {
type: TForwardingType;
target: {
host: string | string[];
port: number;
};
acme?: {
enabled?: boolean;
maintenance?: boolean;
production?: boolean;
forwardChallenges?: {
host: string;
port: number;
useTls?: boolean;
};
};
http?: {
enabled?: boolean;
redirectToHttps?: boolean;
headers?: Record<string, string>;
};
https?: {
customCert?: {
key: string;
cert: string;
};
forwardSni?: boolean;
};
security?: {
allowedIps?: string[];
blockedIps?: string[];
maxConnections?: number;
};
advanced?: {
portRanges?: Array<{ from: number; to: number }>;
networkProxyPort?: number;
keepAlive?: boolean;
timeout?: number;
headers?: Record<string, string>;
};
};
}
/**
* Configuration options for the SmartProxy
* Helper functions for type checking - now always assume route-based config
*/
export function isLegacyOptions(options: any): boolean {
return false; // No longer supporting legacy options
}
export function isRoutedOptions(options: any): boolean {
return true; // Always assume routed options
}
/**
* SmartProxy configuration options
*/
import type { IAcmeOptions } from '../../../certificate/models/certificate-types.js';
export interface ISmartProxyOptions {
fromPort: number;
toPort: number;
targetIP?: string; // Global target host to proxy to, defaults to 'localhost'
domainConfigs: IDomainConfig[];
// The unified configuration array (required)
routes: IRouteConfig[];
// Legacy options for backward compatibility
fromPort?: number;
toPort?: number;
sniEnabled?: boolean;
domainConfigs?: IDomainConfig[];
targetIP?: string;
defaultAllowedIPs?: string[];
defaultBlockedIPs?: string[];
globalPortRanges?: Array<{ from: number; to: number }>;
forwardAllGlobalRanges?: boolean;
preserveSourceIP?: boolean;
// Global/default settings
defaults?: {
target?: {
host: string; // Default host to use when not specified in routes
port: number; // Default port to use when not specified in routes
};
security?: {
allowedIPs?: string[]; // Default allowed IPs
blockedIPs?: string[]; // Default blocked IPs
maxConnections?: number; // Default max connections
};
preserveSourceIP?: boolean; // Default source IP preservation
};
// TLS options
pfx?: Buffer;
key?: string | Buffer | Array<Buffer | string>;
@ -50,8 +127,6 @@ export interface ISmartProxyOptions {
inactivityTimeout?: number; // Inactivity timeout (ms), default: 14400000 (4h)
gracefulShutdownTimeout?: number; // (ms) maximum time to wait for connections to close during shutdown
globalPortRanges: Array<{ from: number; to: number }>; // Global allowed port ranges
forwardAllGlobalRanges?: boolean; // When true, forwards all connections on global port ranges to the global targetIP
// Socket optimization settings
noDelay?: boolean; // Disable Nagle's algorithm (default: true)
@ -108,6 +183,9 @@ export interface IConnectionRecord {
pendingData: Buffer[]; // Buffer to hold data during connection setup
pendingDataSize: number; // Track total size of pending data
// Legacy property for backward compatibility
domainConfig?: IDomainConfig;
// Enhanced tracking fields
bytesReceived: number; // Total bytes received
bytesSent: number; // Total bytes sent
@ -116,7 +194,7 @@ export interface IConnectionRecord {
isTLS: boolean; // Whether this connection is a TLS connection
tlsHandshakeComplete: boolean; // Whether the TLS handshake is complete
hasReceivedInitialData: boolean; // Whether initial data has been received
domainConfig?: IDomainConfig; // Associated domain config for this connection
routeConfig?: IRouteConfig; // Associated route config for this connection
// Keep-alive tracking
hasKeepAlive: boolean; // Whether keep-alive is enabled for this connection

184
ts/proxies/smart-proxy/models/route-types.ts Normal file
View File

@ -0,0 +1,184 @@
import * as plugins from '../../../plugins.js';
import type { IAcmeOptions } from '../../../certificate/models/certificate-types.js';
import type { TForwardingType } from '../../../forwarding/config/forwarding-types.js';
/**
* Supported action types for route configurations
*/
export type TRouteActionType = 'forward' | 'redirect' | 'block';
/**
* TLS handling modes for route configurations
*/
export type TTlsMode = 'passthrough' | 'terminate' | 'terminate-and-reencrypt';
/**
* Port range specification format
*/
export type TPortRange = number | number[] | Array<{ from: number; to: number }>;
/**
* Route match criteria for incoming requests
*/
export interface IRouteMatch {
// Listen on these ports (required)
ports: TPortRange;
// Optional domain patterns to match (default: all domains)
domains?: string | string[];
// Advanced matching criteria
path?: string; // Match specific paths
clientIp?: string[]; // Match specific client IPs
tlsVersion?: string[]; // Match specific TLS versions
}
/**
* Target configuration for forwarding
*/
export interface IRouteTarget {
host: string | string[]; // Support single host or round-robin
port: number;
preservePort?: boolean; // Use incoming port as target port
}
/**
* TLS configuration for route actions
*/
export interface IRouteTls {
mode: TTlsMode;
certificate?: 'auto' | { // Auto = use ACME
key: string;
cert: string;
};
}
/**
* Redirect configuration for route actions
*/
export interface IRouteRedirect {
to: string; // URL or template with {domain}, {port}, etc.
status: 301 | 302 | 307 | 308;
}
/**
* Security options for route actions
*/
export interface IRouteSecurity {
allowedIps?: string[];
blockedIps?: string[];
maxConnections?: number;
authentication?: {
type: 'basic' | 'digest' | 'oauth';
// Auth-specific options would go here
};
}
/**
* Advanced options for route actions
*/
export interface IRouteAdvanced {
timeout?: number;
headers?: Record<string, string>;
keepAlive?: boolean;
// Additional advanced options would go here
}
/**
* Action configuration for route handling
*/
export interface IRouteAction {
// Basic routing
type: TRouteActionType;
// Target for forwarding
target?: IRouteTarget;
// TLS handling
tls?: IRouteTls;
// For redirects
redirect?: IRouteRedirect;
// Security options
security?: IRouteSecurity;
// Advanced options
advanced?: IRouteAdvanced;
}
/**
* The core unified configuration interface
*/
export interface IRouteConfig {
// What to match
match: IRouteMatch;
// What to do with matched traffic
action: IRouteAction;
// Optional metadata
name?: string; // Human-readable name for this route
description?: string; // Description of the route's purpose
priority?: number; // Controls matching order (higher = matched first)
tags?: string[]; // Arbitrary tags for categorization
}
/**
* Unified SmartProxy options with routes-based configuration
*/
export interface IRoutedSmartProxyOptions {
// The unified configuration array (required)
routes: IRouteConfig[];
// Global/default settings
defaults?: {
target?: {
host: string;
port: number;
};
security?: IRouteSecurity;
tls?: IRouteTls;
// ...other defaults
};
// Other global settings remain (acme, etc.)
acme?: IAcmeOptions;
// Connection timeouts and other global settings
initialDataTimeout?: number;
socketTimeout?: number;
inactivityCheckInterval?: number;
maxConnectionLifetime?: number;
inactivityTimeout?: number;
gracefulShutdownTimeout?: number;
// Socket optimization settings
noDelay?: boolean;
keepAlive?: boolean;
keepAliveInitialDelay?: number;
maxPendingDataSize?: number;
// Enhanced features
disableInactivityCheck?: boolean;
enableKeepAliveProbes?: boolean;
enableDetailedLogging?: boolean;
enableTlsDebugLogging?: boolean;
enableRandomizedTimeouts?: boolean;
allowSessionTicket?: boolean;
// Rate limiting and security
maxConnectionsPerIP?: number;
connectionRateLimitPerMinute?: number;
// Enhanced keep-alive settings
keepAliveTreatment?: 'standard' | 'extended' | 'immortal';
keepAliveInactivityMultiplier?: number;
extendedKeepAliveLifetime?: number;
/**
* Optional certificate provider callback. Return 'http01' to use HTTP-01 challenges,
* or a static certificate object for immediate provisioning.
*/
certProvisionFunction?: (domain: string) => Promise<any>;
}