This commit is contained in:
Philipp Kunz 2025-05-09 23:13:48 +00:00
parent 09fc71f051
commit 552f4c246b

View File

@ -1,255 +1,775 @@
# SmartProxy Interface & Type Naming Standardization Plan # SmartProxy Fully Unified Configuration Plan
## Project Goal ## Project Goal
Standardize interface and type naming throughout the SmartProxy codebase to improve maintainability, readability, and developer experience by: Redesign SmartProxy's configuration for a more elegant, unified, and comprehensible approach by:
1. Ensuring all interfaces are prefixed with "I" 1. Creating a single, unified configuration model that covers both "where to listen" and "how to forward"
2. Ensuring all type aliases are prefixed with "T" 2. Eliminating the confusion between domain configs and port forwarding
3. Maintaining backward compatibility through type aliases 3. Providing a clear, declarative API that makes the intent obvious
4. Updating documentation to reflect naming conventions 4. Enhancing maintainability and extensibility for future features
## Phase 2: Core Module Standardization ## Current Issues
- [ ] Update core module interfaces and types The current approach has several issues:
- [ ] Rename interfaces in `ts/core/models/common-types.ts`
- [ ] `AcmeOptions``IAcmeOptions`
- [ ] `DomainOptions``IDomainOptions`
- [ ] Other common interfaces
- [ ] Add backward compatibility aliases
- [ ] Update imports throughout core module
- [ ] Update core utility type definitions 1. **Dual Configuration Systems**:
- [ ] Update `ts/core/utils/validation-utils.ts` - Port configuration (`fromPort`, `toPort`, `globalPortRanges`) for "where to listen"
- [ ] Update `ts/core/utils/ip-utils.ts` - Domain configuration (`domainConfigs`) for "how to forward"
- [ ] Standardize event type definitions - Unclear relationship between these two systems
- [ ] Test core module changes 2. **Mixed Concerns**:
- [ ] Run unit tests for core modules - Port management is mixed with forwarding logic
- [ ] Verify type compatibility - Domain routing is separated from port listening
- [ ] Ensure backward compatibility - Security settings defined in multiple places
## Phase 3: Certificate Module Standardization 3. **Complex Logic**:
- PortRangeManager must coordinate with domain configuration
- Implicit rules for handling connections based on port and domain
- [ ] Update certificate interfaces 4. **Difficult to Understand and Configure**:
- [ ] Rename interfaces in `ts/certificate/models/certificate-types.ts` - Two separate configuration hierarchies that must work together
- [ ] `CertificateData``ICertificateData` - Unclear which settings take precedence
- [ ] `Certificates``ICertificates`
- [ ] `CertificateFailure``ICertificateFailure`
- [ ] `CertificateExpiring``ICertificateExpiring`
- [ ] `ForwardConfig``IForwardConfig`
- [ ] `DomainForwardConfig``IDomainForwardConfig`
- [ ] Update ACME challenge interfaces
- [ ] Standardize storage provider interfaces
- [ ] Ensure certificate provider compatibility ## Proposed Solution: Fully Unified Routing Configuration
- [ ] Update provider implementations
- [ ] Rename internal interfaces
- [ ] Maintain public API compatibility
- [ ] Test certificate module Replace both port and domain configuration with a single, unified configuration:
- [ ] Verify ACME functionality
- [ ] Test certificate provisioning
- [ ] Validate challenge handling
## Phase 4: Forwarding System Standardization ```typescript
// The core unified configuration interface
interface IRouteConfig {
// What to match
match: {
// Listen on these ports (required)
ports: number | number[] | Array<{ from: number, to: number }>;
- [ ] Update forwarding configuration interfaces // Optional domain patterns to match (default: all domains)
- [ ] Rename interfaces in `ts/forwarding/config/forwarding-types.ts` domains?: string | string[];
- [ ] `TargetConfig``ITargetConfig`
- [ ] `HttpOptions``IHttpOptions`
- [ ] `HttpsOptions``IHttpsOptions`
- [ ] `AcmeForwardingOptions``IAcmeForwardingOptions`
- [ ] `SecurityOptions``ISecurityOptions`
- [ ] `AdvancedOptions``IAdvancedOptions`
- [ ] `ForwardConfig``IForwardConfig`
- [ ] Rename type definitions
- [ ] `ForwardingType``TForwardingType`
- [ ] Update domain configuration interfaces
- [ ] Standardize handler interfaces // Advanced matching criteria
- [ ] Update base handler interfaces path?: string; // Match specific paths
- [ ] Rename handler-specific interfaces clientIp?: string[]; // Match specific client IPs
- [ ] Update factory interfaces tlsVersion?: string[]; // Match specific TLS versions
};
- [ ] Verify forwarding system functionality // What to do with matched traffic
- [ ] Test all forwarding types action: {
- [ ] Verify configuration parsing // Basic routing
- [ ] Ensure backward compatibility type: 'forward' | 'redirect' | 'block';
## Phase 5: Proxy Implementation Standardization // Target for forwarding
target?: {
host: string | string[]; // Support single host or round-robin
port: number;
preservePort?: boolean; // Use incoming port as target port
};
- [ ] Update SmartProxy interfaces // TLS handling
- [ ] Rename interfaces in `ts/proxies/smart-proxy/models/interfaces.ts` tls?: {
- [ ] Update domain configuration interfaces mode: 'passthrough' | 'terminate' | 'terminate-and-reencrypt';
- [ ] Standardize manager interfaces certificate?: 'auto' | { // Auto = use ACME
key: string;
cert: string;
};
};
- [ ] Update NetworkProxy interfaces // For redirects
- [ ] Rename in `ts/proxies/network-proxy/models/types.ts` redirect?: {
- [ ] `NetworkProxyOptions``INetworkProxyOptions` to: string; // URL or template with {domain}, {port}, etc.
- [ ] `CertificateEntry``ICertificateEntry` status: 301 | 302 | 307 | 308;
- [ ] `ReverseProxyConfig``IReverseProxyConfig` };
- [ ] `ConnectionEntry``IConnectionEntry`
- [ ] `WebSocketWithHeartbeat``IWebSocketWithHeartbeat`
- [ ] `Logger``ILogger`
- [ ] Update request handler interfaces
- [ ] Standardize connection interfaces
- [ ] Update NfTablesProxy interfaces // Security options
- [ ] Rename interfaces in `ts/proxies/nftables-proxy/models/interfaces.ts` security?: {
- [ ] Update configuration interfaces allowedIps?: string[];
- [ ] Standardize firewall rule interfaces blockedIps?: string[];
maxConnections?: number;
authentication?: {
type: 'basic' | 'digest' | 'oauth';
// Auth-specific options
};
};
- [ ] Test proxy implementations // Advanced options
- [ ] Verify SmartProxy functionality advanced?: {
- [ ] Test NetworkProxy with renamed interfaces timeout?: number;
- [ ] Validate NfTablesProxy operations headers?: Record<string, string>;
keepAlive?: boolean;
// etc.
};
};
## Phase 6: HTTP & TLS Module Standardization // Optional metadata
name?: string; // Human-readable name for this route
description?: string; // Description of the route's purpose
priority?: number; // Controls matching order (higher = matched first)
tags?: string[]; // Arbitrary tags for categorization
}
- [ ] Update HTTP interfaces // Main SmartProxy options
- [ ] Rename in `ts/http/port80/acme-interfaces.ts` interface ISmartProxyOptions {
- [ ] `SmartAcmeCert``ISmartAcmeCert` // The unified configuration array (required)
- [ ] `SmartAcmeOptions``ISmartAcmeOptions` routes: IRouteConfig[];
- [ ] `Http01Challenge``IHttp01Challenge`
- [ ] `SmartAcme``ISmartAcme`
- [ ] Standardize router interfaces
- [ ] Update port80 handler interfaces
- [ ] Update redirect interfaces
- [ ] Update TLS/SNI interfaces // Global/default settings
- [ ] Standardize SNI handler interfaces defaults?: {
- [ ] Update client hello parser types target?: {
- [ ] Rename TLS alert interfaces host: string;
port: number;
};
security?: {
// Global security defaults
};
tls?: {
// Global TLS defaults
};
// ...other defaults
};
- [ ] Test HTTP & TLS functionality // Other global settings remain (acme, etc.)
- [ ] Verify router operation acme?: IAcmeOptions;
- [ ] Test SNI extraction
- [ ] Validate redirect functionality
## Phase 7: Backward Compatibility Layer // Advanced settings remain as well
// ...
}
```
- [ ] Implement comprehensive type aliases ### Example Configuration
- [ ] Create aliases for all renamed interfaces
- [ ] Add deprecation notices via JSDoc
- [ ] Ensure all exports include both named versions
- [ ] Update main entry point ```typescript
- [ ] Update `ts/index.ts` with all exports const proxy = new SmartProxy({
- [ ] Include both prefixed and non-prefixed names // All routing is configured in a single array
- [ ] Organize exports by module routes: [
// Basic HTTPS server with automatic certificates
{
match: {
ports: 443,
domains: ['example.com', '*.example.com']
},
action: {
type: 'forward',
target: {
host: 'localhost',
port: 8080
},
tls: {
mode: 'terminate',
certificate: 'auto' // Use ACME
}
},
name: 'Main HTTPS Server'
},
- [ ] Add compatibility documentation // HTTP to HTTPS redirect
- [ ] Document renaming strategy {
- [ ] Provide migration examples match: {
- [ ] Create deprecation timeline ports: 80,
domains: ['example.com', '*.example.com']
},
action: {
type: 'redirect',
redirect: {
to: 'https://{domain}{path}',
status: 301
}
},
name: 'HTTP to HTTPS Redirect'
},
## Phase 8: Documentation & Examples // Admin portal with IP restriction
{
match: {
ports: 8443,
domains: 'admin.example.com'
},
action: {
type: 'forward',
target: {
host: 'admin-backend',
port: 3000
},
tls: {
mode: 'terminate',
certificate: 'auto'
},
security: {
allowedIps: ['192.168.1.*', '10.0.0.*'],
maxConnections: 10
}
},
priority: 100, // Higher priority than default rules
name: 'Admin Portal'
},
- [ ] Update README and API documentation // Port range for direct forwarding
- [ ] Update interface references in README.md {
- [ ] Document naming convention in README.md match: {
- [ ] Update API reference documentation ports: [{ from: 10000, to: 10010 }],
// No domains = all domains or direct IP
},
action: {
type: 'forward',
target: {
host: 'backend-server',
port: 10000,
preservePort: true // Use same port number as incoming
},
tls: {
mode: 'passthrough' // Direct TCP forwarding
}
},
name: 'Dynamic Port Range'
},
- [ ] Update examples // Path-based routing
- [ ] Modify example code to use new interface names {
- [ ] Add compatibility notes match: {
- [ ] Create migration examples ports: 443,
domains: 'api.example.com',
path: '/v1/*'
},
action: {
type: 'forward',
target: {
host: 'api-v1-service',
port: 8001
},
tls: {
mode: 'terminate'
}
},
name: 'API v1 Endpoints'
},
- [ ] Add contributor guidelines // Load balanced backend
- [ ] Document naming conventions {
- [ ] Add interface/type style guide match: {
- [ ] Update PR templates ports: 443,
domains: 'app.example.com'
},
action: {
type: 'forward',
target: {
// Round-robin load balancing
host: [
'app-server-1',
'app-server-2',
'app-server-3'
],
port: 8080
},
tls: {
mode: 'terminate'
},
advanced: {
headers: {
'X-Served-By': '{server}',
'X-Client-IP': '{clientIp}'
}
}
},
name: 'Load Balanced App Servers'
}
],
## Phase 9: Testing & Validation // Global defaults
defaults: {
target: {
host: 'localhost',
port: 8080
},
security: {
maxConnections: 1000,
// Global security defaults
}
},
- [ ] Run comprehensive test suite // ACME configuration for auto certificates
- [ ] Run all unit tests acme: {
- [ ] Execute integration tests enabled: true,
- [ ] Verify example code email: 'admin@example.com',
production: true,
renewThresholdDays: 30
},
- [ ] Build type declarations // Other global settings
- [ ] Generate TypeScript declaration files // ...
- [ ] Verify exported types });
- [ ] Validate documentation generation ```
- [ ] Final compatibility check ## Implementation Plan
- [ ] Verify import compatibility
- [ ] Test with existing dependent projects ### Phase 1: Core Design & Interface Definition
- [ ] Validate backward compatibility claims
1. **Define New Core Interfaces**:
- Create `IRouteConfig` interface with `match` and `action` branches
- Define all sub-interfaces for matching and actions
- Update `ISmartProxyOptions` to use `routes` array
- Define template variable system for dynamic values
2. **Create Helper Functions**:
- `createRoute()` - Basic route creation with reasonable defaults
- `createHttpRoute()`, `createHttpsRoute()`, `createRedirect()` - Common scenarios
- `createLoadBalancer()` - For multi-target setups
- `mergeSecurity()`, `mergeDefaults()` - For combining configs
3. **Design Router**:
- Decision tree for route matching algorithm
- Priority system for route ordering
- Optimized lookup strategy for fast routing
### Phase 2: Core Implementation
1. **Create RouteManager**:
- Replaces both PortRangeManager and DomainConfigManager
- Handles all routing decisions in one place
- Provides fast lookup from port+domain+path to action
- Manages server instances for different ports
2. **Update ConnectionHandler**:
- Simplify to work with the unified route system
- Implement templating system for dynamic values
- Support more sophisticated routing rules
3. **Implement New SmartProxy Core**:
- Rewrite initialization to use route-based configuration
- Create network servers based on port specifications
- Manage TLS contexts and certificates
### Phase 3: Feature Implementation
1. **Path-Based Routing**:
- Implement HTTP path matching
- Add wildcard and regex support for paths
- Create route differentiation based on HTTP method
2. **Enhanced Security**:
- Implement per-route security rules
- Add authentication methods (basic, digest, etc.)
- Support for IP-based access control
3. **TLS Management**:
- Support multiple certificate types (auto, manual, wildcard)
- Implement certificate selection based on SNI
- Support different TLS modes per route
4. **Metrics & Monitoring**:
- Per-route statistics
- Named route tracking for better visibility
- Tag-based grouping of metrics
### Phase 4: Backward Compatibility
1. **Legacy Adapter Layer**:
- Convert old configuration format to route-based format
- Map fromPort/toPort/domainConfigs to unified routes
- Preserve all functionality during migration
2. **API Compatibility**:
- Support both old and new configuration methods
- Add deprecation warnings when using legacy properties
- Provide migration utilities
3. **Documentation**:
- Clear migration guide for existing users
- Examples mapping old config to new config
- Timeline for deprecation
### Phase 5: Documentation & Examples
1. **Update Core Documentation**:
- Rewrite README.md with a focus on route-based configuration
- Create interface reference documentation
- Document all template variables
2. **Create Example Library**:
- Common configuration patterns
- Complex use cases for advanced features
- Infrastructure-as-code examples
3. **Add Validation Tooling**:
- Configuration validator to check for issues
- Schema definitions for IDE autocomplete
- Runtime validation helpers
### Phase 6: Testing
1. **Unit Tests**:
- Test route matching logic
- Validate priority handling
- Test template processing
2. **Integration Tests**:
- Verify full proxy flows
- Test complex routing scenarios
- Check backward compatibility
3. **Performance Testing**:
- Benchmark routing performance
- Evaluate memory usage
- Test with large numbers of routes
## Benefits of the New Approach
1. **Truly Unified Configuration**:
- One "source of truth" for all routing
- Entire routing flow visible in a single configuration
- No overlapping or conflicting configuration systems
2. **Declarative Intent**:
- Configuration clearly states what to match and what action to take
- Metadata provides context and documentation inline
- Easy to understand the purpose of each route
3. **Advanced Routing Capabilities**:
- Path-based routing with pattern matching
- Client IP-based conditional routing
- Fine-grained security controls
4. **Composable and Extensible**:
- Each route is a self-contained unit of configuration
- Routes can be grouped by tags or priority
- New match criteria or actions can be added without breaking changes
5. **Better Developer Experience**:
- Clear, consistent configuration pattern
- Helper functions for common scenarios
- Better error messages and validation
## Example Use Cases
### 1. Complete Reverse Proxy with Auto SSL
```typescript
const proxy = new SmartProxy({
routes: [
// HTTPS server for all domains
{
match: { ports: 443 },
action: {
type: 'forward',
target: { host: 'localhost', port: 8080 },
tls: { mode: 'terminate', certificate: 'auto' }
}
},
// HTTP to HTTPS redirect
{
match: { ports: 80 },
action: {
type: 'redirect',
redirect: { to: 'https://{domain}{path}', status: 301 }
}
}
],
acme: {
enabled: true,
email: 'admin@example.com',
production: true
}
});
```
### 2. Microservices API Gateway
```typescript
const apiGateway = new SmartProxy({
routes: [
// Users API
{
match: {
ports: 443,
domains: 'api.example.com',
path: '/users/*'
},
action: {
type: 'forward',
target: { host: 'users-service', port: 8001 },
tls: { mode: 'terminate', certificate: 'auto' }
},
name: 'Users Service'
},
// Products API
{
match: {
ports: 443,
domains: 'api.example.com',
path: '/products/*'
},
action: {
type: 'forward',
target: { host: 'products-service', port: 8002 },
tls: { mode: 'terminate', certificate: 'auto' }
},
name: 'Products Service'
},
// Orders API with authentication
{
match: {
ports: 443,
domains: 'api.example.com',
path: '/orders/*'
},
action: {
type: 'forward',
target: { host: 'orders-service', port: 8003 },
tls: { mode: 'terminate', certificate: 'auto' },
security: {
authentication: {
type: 'basic',
users: { 'admin': 'password' }
}
}
},
name: 'Orders Service (Protected)'
}
],
acme: {
enabled: true,
email: 'admin@example.com'
}
});
```
### 3. Multi-Environment Setup
```typescript
const environments = {
production: {
target: { host: 'prod-backend', port: 8080 },
security: { maxConnections: 1000 }
},
staging: {
target: { host: 'staging-backend', port: 8080 },
security: {
allowedIps: ['10.0.0.*', '192.168.1.*'],
maxConnections: 100
}
},
development: {
target: { host: 'localhost', port: 3000 },
security: {
allowedIps: ['127.0.0.1'],
maxConnections: 10
}
}
};
// Select environment based on hostname
const proxy = new SmartProxy({
routes: [
// Production environment
{
match: {
ports: [80, 443],
domains: ['app.example.com', 'www.example.com']
},
action: {
type: 'forward',
target: environments.production.target,
tls: { mode: 'terminate', certificate: 'auto' },
security: environments.production.security
},
name: 'Production Environment'
},
// Staging environment
{
match: {
ports: [80, 443],
domains: 'staging.example.com'
},
action: {
type: 'forward',
target: environments.staging.target,
tls: { mode: 'terminate', certificate: 'auto' },
security: environments.staging.security
},
name: 'Staging Environment'
},
// Development environment
{
match: {
ports: [80, 443],
domains: 'dev.example.com'
},
action: {
type: 'forward',
target: environments.development.target,
tls: { mode: 'terminate', certificate: 'auto' },
security: environments.development.security
},
name: 'Development Environment'
}
],
acme: { enabled: true, email: 'admin@example.com' }
});
```
## Implementation Strategy ## Implementation Strategy
### Naming Pattern Rules ### Code Organization
1. **Interfaces**: 1. **New Files**:
- All interfaces should be prefixed with "I" - `route-manager.ts` (core routing engine)
- Example: `DomainConfig``IDomainConfig` - `route-types.ts` (interface definitions)
- `route-helpers.ts` (helper functions)
- `route-matcher.ts` (matching logic)
- `template-engine.ts` (for variable substitution)
2. **Type Aliases**: 2. **Modified Files**:
- All type aliases should be prefixed with "T" - `smart-proxy.ts` (update to use route-based configuration)
- Example: `ForwardingType``TForwardingType` - `connection-handler.ts` (simplify using route-based approach)
- Replace `port-range-manager.ts` and `domain-config-manager.ts`
3. **Enums**: ### Backward Compatibility
- Enums should be named in PascalCase without prefix
- Example: `CertificateSource`
4. **Backward Compatibility**: The backward compatibility layer will convert the legacy configuration to the new format:
- No Backward compatibility. Remove old names.
### Module Implementation Order ```typescript
function convertLegacyConfig(legacy: ILegacySmartProxyOptions): ISmartProxyOptions {
const routes: IRouteConfig[] = [];
1. Core module // Convert main port configuration
2. Certificate module if (legacy.fromPort) {
3. Forwarding module // Add main listener for fromPort
4. Proxy implementations routes.push({
5. HTTP & TLS modules match: { ports: legacy.fromPort },
6. Main exports and entry points action: {
type: 'forward',
target: { host: legacy.targetIP || 'localhost', port: legacy.toPort },
tls: { mode: legacy.sniEnabled ? 'passthrough' : 'terminate' }
},
name: 'Main Listener (Legacy)'
});
### Testing Strategy // If ACME is enabled, add HTTP listener for challenges
if (legacy.acme?.enabled) {
routes.push({
match: { ports: 80 },
action: {
type: 'forward',
target: { host: 'localhost', port: 80 },
// Special flag for ACME handler
acmeEnabled: true
},
name: 'ACME Challenge Handler (Legacy)'
});
}
}
For each module: // Convert domain configs
1. Rename interfaces and types if (legacy.domainConfigs) {
2. Add backward compatibility aliases for (const domainConfig of legacy.domainConfigs) {
3. Update imports throughout the module const { domains, forwarding } = domainConfig;
4. Run tests to verify functionality
5. Commit changes module by module
## File-Specific Changes // Determine action based on forwarding type
let action: Partial<IRouteAction> = {
type: 'forward',
target: {
host: forwarding.target.host,
port: forwarding.target.port
}
};
### Core Module Files // Set TLS mode based on forwarding type
- `ts/core/models/common-types.ts` - Primary interfaces switch (forwarding.type) {
- `ts/core/utils/validation-utils.ts` - Validation type definitions case 'http-only':
- `ts/core/utils/ip-utils.ts` - IP utility type definitions // No TLS
- `ts/core/utils/event-utils.ts` - Event type definitions break;
case 'https-passthrough':
action.tls = { mode: 'passthrough' };
break;
case 'https-terminate-to-http':
action.tls = {
mode: 'terminate',
certificate: forwarding.https?.customCert || 'auto'
};
break;
case 'https-terminate-to-https':
action.tls = {
mode: 'terminate-and-reencrypt',
certificate: forwarding.https?.customCert || 'auto'
};
break;
}
### Certificate Module Files // Security settings
- `ts/certificate/models/certificate-types.ts` - Certificate interfaces if (forwarding.security) {
- `ts/certificate/acme/acme-factory.ts` - ACME factory types action.security = forwarding.security;
- `ts/certificate/providers/cert-provisioner.ts` - Provider interfaces }
- `ts/certificate/storage/file-storage.ts` - Storage interfaces
### Forwarding Module Files // Add HTTP redirect if needed
- `ts/forwarding/config/forwarding-types.ts` - Forwarding interfaces and types if (forwarding.http?.redirectToHttps) {
- `ts/forwarding/config/domain-config.ts` - Domain configuration routes.push({
- `ts/forwarding/factory/forwarding-factory.ts` - Factory interfaces match: { ports: 80, domains },
- `ts/forwarding/handlers/*.ts` - Handler interfaces action: {
type: 'redirect',
redirect: { to: 'https://{domain}{path}', status: 301 }
},
name: `HTTP Redirect for ${domains.join(', ')} (Legacy)`
});
}
### Proxy Module Files // Add main route
- `ts/proxies/network-proxy/models/types.ts` - NetworkProxy interfaces routes.push({
- `ts/proxies/smart-proxy/models/interfaces.ts` - SmartProxy interfaces match: {
- `ts/proxies/nftables-proxy/models/interfaces.ts` - NfTables interfaces ports: forwarding.type.startsWith('https') ? 443 : 80,
- `ts/proxies/smart-proxy/connection-manager.ts` - Connection types domains
},
action: action as IRouteAction,
name: `Route for ${domains.join(', ')} (Legacy)`
});
### HTTP/TLS Module Files // Add port ranges if specified
- `ts/http/models/http-types.ts` - HTTP module interfaces if (forwarding.advanced?.portRanges) {
- `ts/http/port80/acme-interfaces.ts` - ACME interfaces for (const range of forwarding.advanced.portRanges) {
- `ts/tls/sni/client-hello-parser.ts` - TLS parser types routes.push({
- `ts/tls/alerts/tls-alert.ts` - TLS alert interfaces match: {
ports: { from: range.from, to: range.to },
domains
},
action: action as IRouteAction,
name: `Port Range ${range.from}-${range.to} for ${domains.join(', ')} (Legacy)`
});
}
}
}
}
// Global port ranges
if (legacy.globalPortRanges) {
for (const range of legacy.globalPortRanges) {
routes.push({
match: { ports: { from: range.from, to: range.to } },
action: {
type: 'forward',
target: {
host: legacy.targetIP || 'localhost',
port: legacy.forwardAllGlobalRanges ? 0 : legacy.toPort,
preservePort: !!legacy.forwardAllGlobalRanges
},
tls: { mode: 'passthrough' }
},
name: `Global Port Range ${range.from}-${range.to} (Legacy)`
});
}
}
return {
routes,
defaults: {
target: {
host: legacy.targetIP || 'localhost',
port: legacy.toPort
}
},
acme: legacy.acme
};
}
```
## Success Criteria ## Success Criteria
- All interfaces are prefixed with "I" - All existing functionality works with the new route-based configuration
- All type aliases are prefixed with "T" - Performance is equal or better than the current implementation
- All tests pass with new naming conventions - Configuration is more intuitive and easier to understand
- Documentation is updated with new naming conventions - New features can be added without breaking existing code
- Backward compatibility is maintained through type aliases - Code is more maintainable with clear separation of concerns
- Declaration files correctly export both naming conventions - Migration from old configuration to new is straightforward