push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(smartproxy): Migrate internal module paths and update HTTP/ACME components for SmartProxy

Browse Source
This commit is contained in:
Philipp Kunz 2025-05-09 17:10:19 +00:00
parent f1c0b8bfb7
commit 5a3bf2cae6
11 changed files with 363 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
changelog.md
View File

@ -1,5 +1,16 @@
# Changelog
## 2025-05-09 - 12.1.0 - feat(smartproxy)
Migrate internal module paths and update HTTP/ACME components for SmartProxy
- Mark migration tasks as complete in readme.plan.md (checkboxes updated to ✅)
- Moved Port80Handler from ts/port80handler to ts/http/port80 (and extracted challenge responder)
- Migrated redirect handlers and router components to ts/http/redirects and ts/http/router respectively
- Updated re-exports in ts/index.ts and ts/plugins.ts to expose new module paths and additional exports
- Refactored CertificateEvents to include deprecation notes on Port80HandlerEvents
- Adjusted internal module organization for TLS, ACME, and forwarding (SNI extraction, client-hello parsing, etc.)
- Added minor logging and formatting improvements in several modules
## 2025-05-09 - 12.0.0 - BREAKING CHANGE(forwarding)
Rename 'sniPassthrough' export to 'httpsPassthrough' for consistent naming and remove outdated forwarding example

26
readme.plan.md
View File

@ -136,19 +136,19 @@ This component has the cleanest design, so we'll start migration here:
- [x] Extract SNI extraction to `ts/tls/sni/sni-extraction.ts`
- [x] Extract ClientHello parsing to `ts/tls/sni/client-hello-parser.ts`
### Phase 5: HTTP Component Migration (Week 3)
### Phase 5: HTTP Component Migration (Week 3)
- [ ] Migrate Port80Handler
- [ ] Move `ts/port80handler/classes.port80handler.ts``ts/http/port80/port80-handler.ts`
- [ ] Extract ACME challenge handling to `ts/http/port80/challenge-responder.ts`
- [x] Migrate Port80Handler
- [x] Move `ts/port80handler/classes.port80handler.ts``ts/http/port80/port80-handler.ts`
- [x] Extract ACME challenge handling to `ts/http/port80/challenge-responder.ts`
- [ ] Migrate redirect handlers
- [ ] Move `ts/redirect/classes.redirect.ts``ts/http/redirects/redirect-handler.ts`
- [ ] Create `ts/http/redirects/ssl-redirect.ts` for specialized redirects
- [x] Migrate redirect handlers
- [x] Move `ts/redirect/classes.redirect.ts``ts/http/redirects/redirect-handler.ts`
- [x] Create `ts/http/redirects/ssl-redirect.ts` for specialized redirects
- [ ] Migrate router components
- [ ] Move `ts/classes.router.ts``ts/http/router/proxy-router.ts`
- [ ] Extract route matching to `ts/http/router/route-matcher.ts`
- [x] Migrate router components
- [x] Move `ts/classes.router.ts``ts/http/router/proxy-router.ts`
- [x] Extract route matching to `ts/http/router/route-matcher.ts`
### Phase 6: Proxy Implementation Migration (Weeks 3-4)
@ -259,9 +259,9 @@ This component has the cleanest design, so we'll start migration here:
| (new) | ts/tls/sni/sni-extraction.ts | ✅ |
| (new) | ts/tls/sni/client-hello-parser.ts | ✅ |
| **HTTP Components** | | |
| ts/port80handler/classes.port80handler.ts | ts/http/port80/port80-handler.ts | |
| ts/redirect/classes.redirect.ts | ts/http/redirects/redirect-handler.ts | |
| ts/classes.router.ts | ts/http/router/proxy-router.ts | |
| ts/port80handler/classes.port80handler.ts | ts/http/port80/port80-handler.ts | |
| ts/redirect/classes.redirect.ts | ts/http/redirects/redirect-handler.ts | |
| ts/classes.router.ts | ts/http/router/proxy-router.ts | |
| **SmartProxy Components** | | |
| ts/smartproxy/classes.smartproxy.ts | ts/proxies/smart-proxy/smart-proxy.ts | ❌ |
| ts/smartproxy/classes.pp.interfaces.ts | ts/proxies/smart-proxy/models/interfaces.ts | ❌ |

2
ts/00_commitinfo_data.ts
View File

@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@push.rocks/smartproxy',
version: '12.0.0',
version: '12.1.0',
description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
}

4
ts/certificate/events/certificate-events.ts
View File

@ -7,10 +7,14 @@ export enum CertificateEvents {
CERTIFICATE_FAILED = 'certificate-failed',
CERTIFICATE_EXPIRING = 'certificate-expiring',
CERTIFICATE_APPLIED = 'certificate-applied',
// Events moved from Port80Handler for compatibility
MANAGER_STARTED = 'manager-started',
MANAGER_STOPPED = 'manager-stopped',
}
/**
* Port80Handler-specific events including certificate-related ones
* @deprecated Use CertificateEvents and HttpEvents instead
*/
export enum Port80HandlerEvents {
CERTIFICATE_ISSUED = 'certificate-issued',

11
ts/http/index.ts
View File

@ -2,7 +2,18 @@
* HTTP functionality module
*/
// Export types and models
export * from './models/http-types.js';
// Export submodules
export * from './port80/index.js';
export * from './router/index.js';
export * from './redirects/index.js';
// Convenience namespace exports
export const Http = {
Port80: {
Handler: require('./port80/port80-handler.js').Port80Handler,
ChallengeResponder: require('./port80/challenge-responder.js').ChallengeResponder
}
};

198
ts/http/port80/challenge-responder.ts
View File

@ -35,58 +35,92 @@ export class ChallengeResponder extends plugins.EventEmitter {
*/
public async initialize(): Promise<void> {
try {
// Initialize SmartAcme
this.smartAcme = new plugins.smartacme.SmartAcme({
useProduction: this.useProduction,
accountEmail: this.email,
directoryUrl: this.useProduction
? 'https://acme-v02.api.letsencrypt.org/directory' // Production
: 'https://acme-staging-v02.api.letsencrypt.org/directory', // Staging
});
// Initialize HTTP-01 challenge handler
this.http01Handler = new plugins.smartacme.handlers.Http01MemoryHandler();
this.smartAcme.useHttpChallenge(this.http01Handler);
// Initialize SmartAcme with proper options
this.smartAcme = new plugins.smartacme.SmartAcme({
accountEmail: this.email,
certManager: new plugins.smartacme.certmanagers.MemoryCertManager(),
environment: this.useProduction ? 'production' : 'integration',
challengeHandlers: [this.http01Handler],
challengePriority: ['http-01'],
});
// Ensure certificate store directory exists
await this.ensureCertificateStore();
// Subscribe to SmartAcme events
this.smartAcme.on('certificate-issued', (data: any) => {
const certData: CertificateData = {
domain: data.domain,
certificate: data.cert,
privateKey: data.key,
expiryDate: new Date(data.expiryDate),
};
this.emit(CertificateEvents.CERTIFICATE_ISSUED, certData);
});
// Set up event forwarding from SmartAcme
this.setupEventForwarding();
this.smartAcme.on('certificate-renewed', (data: any) => {
const certData: CertificateData = {
domain: data.domain,
certificate: data.cert,
privateKey: data.key,
expiryDate: new Date(data.expiryDate),
};
this.emit(CertificateEvents.CERTIFICATE_RENEWED, certData);
});
this.smartAcme.on('certificate-error', (data: any) => {
const error: CertificateFailure = {
domain: data.domain,
error: data.error instanceof Error ? data.error.message : String(data.error),
isRenewal: data.isRenewal || false,
};
this.emit(CertificateEvents.CERTIFICATE_FAILED, error);
});
await this.smartAcme.initialize();
// Start SmartAcme
await this.smartAcme.start();
} catch (error) {
throw new Error(`Failed to initialize ACME client: ${error instanceof Error ? error.message : String(error)}`);
}
}
/**
* Sets up event forwarding from SmartAcme to this component
*/
private setupEventForwarding(): void {
if (!this.smartAcme) return;
// Cast smartAcme to any since different versions have different event APIs
const smartAcmeAny = this.smartAcme as any;
// Forward certificate events to our own emitter
if (typeof smartAcmeAny.on === 'function') {
smartAcmeAny.on('certificate', (data: any) => {
const certData: CertificateData = {
domain: data.domain,
certificate: data.cert || data.publicKey,
privateKey: data.key || data.privateKey,
expiryDate: new Date(data.expiryDate || data.validUntil),
source: 'http01'
};
// Emit as issued or renewed based on the renewal flag
const eventType = data.isRenewal
? CertificateEvents.CERTIFICATE_RENEWED
: CertificateEvents.CERTIFICATE_ISSUED;
this.emit(eventType, certData);
});
smartAcmeAny.on('error', (data: any) => {
const failure: CertificateFailure = {
domain: data.domain || 'unknown',
error: data.message || data.toString(),
isRenewal: false
};
this.emit(CertificateEvents.CERTIFICATE_FAILED, failure);
});
} else if (smartAcmeAny.eventEmitter && typeof smartAcmeAny.eventEmitter.on === 'function') {
// Alternative event emitter approach for newer versions
smartAcmeAny.eventEmitter.on('certificate', (data: any) => {
const certData: CertificateData = {
domain: data.domain,
certificate: data.cert || data.publicKey,
privateKey: data.key || data.privateKey,
expiryDate: new Date(data.expiryDate || data.validUntil),
source: 'http01'
};
const eventType = data.isRenewal
? CertificateEvents.CERTIFICATE_RENEWED
: CertificateEvents.CERTIFICATE_ISSUED;
this.emit(eventType, certData);
});
smartAcmeAny.eventEmitter.on('error', (data: any) => {
const failure: CertificateFailure = {
domain: data.domain || 'unknown',
error: data.message || data.toString(),
isRenewal: false
};
this.emit(CertificateEvents.CERTIFICATE_FAILED, failure);
});
}
}
/**
* Ensure certificate store directory exists
*/
@ -115,16 +149,32 @@ export class ChallengeResponder extends plugins.EventEmitter {
if (url.startsWith('/.well-known/acme-challenge/')) {
const token = url.split('/').pop() || '';
if (token) {
const response = this.http01Handler.getResponse(token);
if (token && this.http01Handler) {
try {
// Try to delegate to the handler - casting to any for flexibility
const handler = this.http01Handler as any;
if (response) {
// This is a valid ACME challenge
res.setHeader('Content-Type', 'text/plain');
res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0');
res.writeHead(200);
res.end(response);
return true;
// Different versions may have different handler methods
if (typeof handler.handleChallenge === 'function') {
handler.handleChallenge(req, res);
return true;
} else if (typeof handler.handleRequest === 'function') {
// Some versions use handleRequest instead
handler.handleRequest(req, res);
return true;
} else {
// Fall back to manual response
const resp = this.getTokenResponse(token);
if (resp) {
res.setHeader('Content-Type', 'text/plain');
res.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0');
res.writeHead(200);
res.end(resp);
return true;
}
}
} catch (err) {
// Challenge not found
}
}
@ -137,6 +187,42 @@ export class ChallengeResponder extends plugins.EventEmitter {
return false;
}
/**
* Get the response for a specific token if available
* This is a fallback method in case direct handler access isn't available
*/
private getTokenResponse(token: string): string | null {
if (!this.http01Handler) return null;
try {
// Cast to any to handle different versions of the API
const handler = this.http01Handler as any;
// Try different methods that might be available in different versions
if (typeof handler.getResponse === 'function') {
return handler.getResponse(token);
}
if (typeof handler.getChallengeVerification === 'function') {
return handler.getChallengeVerification(token);
}
// Try to access the challenges directly from the handler's internal state
if (handler.challenges && typeof handler.challenges === 'object' && handler.challenges[token]) {
return handler.challenges[token];
}
// Try the token map if it exists (another common pattern)
if (handler.tokenMap && typeof handler.tokenMap === 'object' && handler.tokenMap[token]) {
return handler.tokenMap[token];
}
} catch (err) {
console.error('Error getting token response:', err);
}
return null;
}
/**
* Request a certificate for a domain
* @param domain Domain name
@ -148,16 +234,20 @@ export class ChallengeResponder extends plugins.EventEmitter {
}
try {
const result = await this.smartAcme.getCertificate(domain);
// Request certificate via SmartAcme
const certObj = await this.smartAcme.getCertificateForDomain(domain);
const certData: CertificateData = {
domain,
certificate: result.cert,
privateKey: result.key,
expiryDate: new Date(result.expiryDate),
certificate: certObj.publicKey,
privateKey: certObj.privateKey,
expiryDate: new Date(certObj.validUntil),
source: 'http01',
isRenewal
};
// Emit appropriate event
// SmartACME will emit its own events, but we'll emit our own too
// for consistency with the rest of the system
if (isRenewal) {
this.emit(CertificateEvents.CERTIFICATE_RENEWED, certData);
} else {

10
ts/http/port80/index.ts
View File

@ -1,3 +1,13 @@
/**
* Port 80 handling
*/
// Export the main components
export { Port80Handler } from './port80-handler.js';
export { ChallengeResponder } from './challenge-responder.js';
// Export backward compatibility interfaces and types
export {
HttpError as Port80HandlerError,
CertificateError as CertError
} from '../models/http-types.js';

183
ts/http/port80/port80-handler.ts
View File

@ -15,8 +15,8 @@ import {
HttpError,
CertificateError,
ServerError,
DomainCertificate
} from '../models/http-types.js';
import type { DomainCertificate } from '../models/http-types.js';
import { ChallengeResponder } from './challenge-responder.js';
// Re-export for backward compatibility
@ -115,22 +115,20 @@ export class Port80Handler extends plugins.EventEmitter {
console.log('Port80Handler is disabled, skipping start');
return;
}
// Initialize SmartAcme with in-memory HTTP-01 challenge handler
if (this.options.enabled) {
this.smartAcmeHttp01Handler = new plugins.smartacme.handlers.Http01MemoryHandler();
this.smartAcme = new plugins.smartacme.SmartAcme({
accountEmail: this.options.accountEmail,
certManager: new plugins.smartacme.certmanagers.MemoryCertManager(),
environment: this.options.useProduction ? 'production' : 'integration',
challengeHandlers: [ this.smartAcmeHttp01Handler ],
challengePriority: ['http-01'],
});
await this.smartAcme.start();
// Initialize the challenge responder if enabled
if (this.options.enabled && this.challengeResponder) {
try {
await this.challengeResponder.initialize();
} catch (error) {
throw new ServerError(`Failed to initialize challenge responder: ${
error instanceof Error ? error.message : String(error)
}`);
}
}
return new Promise((resolve, reject) => {
try {
this.server = plugins.http.createServer((req, res) => this.handleRequest(req, res));
this.server.on('error', (error: NodeJS.ErrnoException) => {
@ -145,7 +143,7 @@ export class Port80Handler extends plugins.EventEmitter {
this.server.listen(this.options.port, () => {
console.log(`Port80Handler is listening on port ${this.options.port}`);
this.emit(Port80HandlerEvents.MANAGER_STARTED, this.options.port);
this.emit(CertificateEvents.MANAGER_STARTED, this.options.port);
// Start certificate process for domains with acmeMaintenance enabled
for (const [domain, domainInfo] of this.domainCertificates.entries()) {
@ -172,7 +170,7 @@ export class Port80Handler extends plugins.EventEmitter {
}
/**
* Stops the HTTP server and renewal timer
* Stops the HTTP server and cleanup resources
*/
public async stop(): Promise<void> {
if (!this.server) {
@ -181,13 +179,12 @@ export class Port80Handler extends plugins.EventEmitter {
this.isShuttingDown = true;
return new Promise<void>((resolve) => {
if (this.server) {
this.server.close(() => {
this.server = null;
this.isShuttingDown = false;
this.emit(Port80HandlerEvents.MANAGER_STOPPED);
this.emit(CertificateEvents.MANAGER_STOPPED);
resolve();
});
} else {
@ -201,9 +198,9 @@ export class Port80Handler extends plugins.EventEmitter {
* Adds a domain with configuration options
* @param options Domain configuration options
*/
public addDomain(options: IDomainOptions): void {
public addDomain(options: DomainOptions): void {
if (!options.domainName || typeof options.domainName !== 'string') {
throw new Port80HandlerError('Invalid domain name');
throw new HttpError('Invalid domain name');
}
const domainName = options.domainName;
@ -250,7 +247,7 @@ export class Port80Handler extends plugins.EventEmitter {
* Gets the certificate for a domain if it exists
* @param domain The domain to get the certificate for
*/
public getCertificate(domain: string): ICertificateData | null {
public getCertificate(domain: string): CertificateData | null {
// Can't get certificates for glob patterns
if (this.isGlobPattern(domain)) {
return null;
@ -286,7 +283,7 @@ export class Port80Handler extends plugins.EventEmitter {
* @param requestDomain The actual domain from the request
* @returns The domain info or null if not found
*/
private getDomainInfoForRequest(requestDomain: string): { domainInfo: IDomainCertificate, pattern: string } | null {
private getDomainInfoForRequest(requestDomain: string): { domainInfo: DomainCertificate, pattern: string } | null {
// Try direct match first
if (this.domainCertificates.has(requestDomain)) {
return {
@ -338,9 +335,16 @@ export class Port80Handler extends plugins.EventEmitter {
* @param res The HTTP response
*/
private handleRequest(req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse): void {
// Emit request received event with basic info
this.emit(HttpEvents.REQUEST_RECEIVED, {
url: req.url,
method: req.method,
headers: req.headers
});
const hostHeader = req.headers.host;
if (!hostHeader) {
res.statusCode = 400;
res.statusCode = HttpStatus.BAD_REQUEST;
res.end('Bad Request: Host header is missing');
return;
}
@ -348,6 +352,28 @@ export class Port80Handler extends plugins.EventEmitter {
// Extract domain (ignoring any port in the Host header)
const domain = hostHeader.split(':')[0];
// Check if this is an ACME challenge request that our ChallengeResponder can handle
if (this.challengeResponder && req.url?.startsWith('/.well-known/acme-challenge/')) {
// Handle ACME HTTP-01 challenge with the challenge responder
const domainMatch = this.getDomainInfoForRequest(domain);
// If there's a specific ACME forwarding config for this domain, use that instead
if (domainMatch?.domainInfo.options.acmeForward) {
this.forwardRequest(req, res, domainMatch.domainInfo.options.acmeForward, 'ACME challenge');
return;
}
// If domain exists and has acmeMaintenance enabled, or we don't have the domain yet
// (for auto-provisioning), try to handle the ACME challenge
if (!domainMatch || domainMatch.domainInfo.options.acmeMaintenance) {
// Let the challenge responder try to handle this request
if (this.challengeResponder.handleRequest(req, res)) {
// Challenge was handled
return;
}
}
}
// Dynamic provisioning: if domain not yet managed, register for ACME and return 503
if (!this.domainCertificates.has(domain)) {
try {
@ -355,14 +381,15 @@ export class Port80Handler extends plugins.EventEmitter {
} catch (err) {
console.error(`Error registering domain for on-demand provisioning: ${err}`);
}
res.statusCode = 503;
res.statusCode = HttpStatus.SERVICE_UNAVAILABLE;
res.end('Certificate issuance in progress');
return;
}
// Get domain config, using glob pattern matching if needed
const domainMatch = this.getDomainInfoForRequest(domain);
if (!domainMatch) {
res.statusCode = 404;
res.statusCode = HttpStatus.NOT_FOUND;
res.end('Domain not configured');
return;
}
@ -370,29 +397,6 @@ export class Port80Handler extends plugins.EventEmitter {
const { domainInfo, pattern } = domainMatch;
const options = domainInfo.options;
// Handle ACME HTTP-01 challenge requests or forwarding
if (req.url && req.url.startsWith('/.well-known/acme-challenge/')) {
// Forward ACME requests if configured
if (options.acmeForward) {
this.forwardRequest(req, res, options.acmeForward, 'ACME challenge');
return;
}
// If not managing ACME for this domain, return 404
if (!options.acmeMaintenance) {
res.statusCode = 404;
res.end('Not found');
return;
}
// Delegate to Http01MemoryHandler
if (this.smartAcmeHttp01Handler) {
this.smartAcmeHttp01Handler.handleRequest(req, res);
} else {
res.statusCode = 500;
res.end('ACME HTTP-01 handler not initialized');
}
return;
}
// Check if we should forward non-ACME requests
if (options.forward) {
this.forwardRequest(req, res, options.forward, 'HTTP');
@ -406,7 +410,7 @@ export class Port80Handler extends plugins.EventEmitter {
const portSuffix = httpsPort === 443 ? '' : `:${httpsPort}`;
const redirectUrl = `https://${domain}${portSuffix}${req.url || '/'}`;
res.statusCode = 301;
res.statusCode = HttpStatus.MOVED_PERMANENTLY;
res.setHeader('Location', redirectUrl);
res.end(`Redirecting to ${redirectUrl}`);
return;
@ -419,7 +423,7 @@ export class Port80Handler extends plugins.EventEmitter {
if (!domainInfo.obtainingInProgress) {
this.obtainCertificate(domain).catch(err => {
const errorMessage = err instanceof Error ? err.message : 'Unknown error';
this.emit(Port80HandlerEvents.CERTIFICATE_FAILED, {
this.emit(CertificateEvents.CERTIFICATE_FAILED, {
domain,
error: errorMessage,
isRenewal: false
@ -428,14 +432,21 @@ export class Port80Handler extends plugins.EventEmitter {
});
}
res.statusCode = 503;
res.statusCode = HttpStatus.SERVICE_UNAVAILABLE;
res.end('Certificate issuance in progress, please try again later.');
return;
}
// Default response for unhandled request
res.statusCode = 404;
res.statusCode = HttpStatus.NOT_FOUND;
res.end('No handlers configured for this request');
// Emit request handled event
this.emit(HttpEvents.REQUEST_HANDLED, {
domain,
url: req.url,
statusCode: res.statusCode
});
}
/**
@ -448,7 +459,7 @@ export class Port80Handler extends plugins.EventEmitter {
private forwardRequest(
req: plugins.http.IncomingMessage,
res: plugins.http.ServerResponse,
target: IForwardConfig,
target: ForwardConfig,
requestType: string
): void {
const options = {
@ -464,7 +475,7 @@ export class Port80Handler extends plugins.EventEmitter {
const proxyReq = plugins.http.request(options, (proxyRes) => {
// Copy status code
res.statusCode = proxyRes.statusCode || 500;
res.statusCode = proxyRes.statusCode || HttpStatus.INTERNAL_SERVER_ERROR;
// Copy headers
for (const [key, value] of Object.entries(proxyRes.headers)) {
@ -474,7 +485,7 @@ export class Port80Handler extends plugins.EventEmitter {
// Pipe response data
proxyRes.pipe(res);
this.emit(Port80HandlerEvents.REQUEST_FORWARDED, {
this.emit(HttpEvents.REQUEST_FORWARDED, {
domain,
requestType,
target: `${target.ip}:${target.port}`,
@ -484,8 +495,15 @@ export class Port80Handler extends plugins.EventEmitter {
proxyReq.on('error', (error) => {
console.error(`Error forwarding request to ${target.ip}:${target.port}:`, error);
this.emit(HttpEvents.REQUEST_ERROR, {
domain,
error: error.message,
target: `${target.ip}:${target.port}`
});
if (!res.headersSent) {
res.statusCode = 502;
res.statusCode = HttpStatus.INTERNAL_SERVER_ERROR;
res.end(`Proxy error: ${error.message}`);
} else {
res.end();
@ -506,59 +524,48 @@ export class Port80Handler extends plugins.EventEmitter {
* @param domain The domain to obtain a certificate for
* @param isRenewal Whether this is a renewal attempt
*/
/**
* Obtains a certificate for a domain using SmartAcme HTTP-01 challenges
* @param domain The domain to obtain a certificate for
* @param isRenewal Whether this is a renewal attempt
*/
private async obtainCertificate(domain: string, isRenewal: boolean = false): Promise<void> {
if (this.isGlobPattern(domain)) {
throw new CertificateError('Cannot obtain certificates for glob pattern domains', domain, isRenewal);
}
const domainInfo = this.domainCertificates.get(domain)!;
if (!domainInfo.options.acmeMaintenance) {
console.log(`Skipping certificate issuance for ${domain} - acmeMaintenance is disabled`);
return;
}
if (domainInfo.obtainingInProgress) {
console.log(`Certificate issuance already in progress for ${domain}`);
return;
}
if (!this.smartAcme) {
throw new Port80HandlerError('SmartAcme is not initialized');
if (!this.challengeResponder) {
throw new HttpError('Challenge responder is not initialized');
}
domainInfo.obtainingInProgress = true;
domainInfo.lastRenewalAttempt = new Date();
try {
// Request certificate via SmartAcme
const certObj = await this.smartAcme.getCertificateForDomain(domain);
const certificate = certObj.publicKey;
const privateKey = certObj.privateKey;
const expiryDate = new Date(certObj.validUntil);
domainInfo.certificate = certificate;
domainInfo.privateKey = privateKey;
// Request certificate via ChallengeResponder
const certData = await this.challengeResponder.requestCertificate(domain, isRenewal);
// Update domain info with certificate data
domainInfo.certificate = certData.certificate;
domainInfo.privateKey = certData.privateKey;
domainInfo.certObtained = true;
domainInfo.expiryDate = expiryDate;
domainInfo.expiryDate = certData.expiryDate;
console.log(`Certificate ${isRenewal ? 'renewed' : 'obtained'} for ${domain}`);
// Persistence moved to CertProvisioner
const eventType = isRenewal
? Port80HandlerEvents.CERTIFICATE_RENEWED
: Port80HandlerEvents.CERTIFICATE_ISSUED;
this.emitCertificateEvent(eventType, {
domain,
certificate,
privateKey,
expiryDate: expiryDate || this.getDefaultExpiryDate()
});
// The event will be emitted by the ChallengeResponder, we just store the certificate
} catch (error: any) {
const errorMsg = error?.message || 'Unknown error';
const errorMsg = error instanceof Error ? error.message : String(error);
console.error(`Error during certificate issuance for ${domain}:`, error);
this.emit(Port80HandlerEvents.CERTIFICATE_FAILED, {
domain,
error: errorMsg,
isRenewal
} as ICertificateFailure);
// The failure event will be emitted by the ChallengeResponder
throw new CertificateError(errorMsg, domain, isRenewal);
} finally {
domainInfo.obtainingInProgress = false;
@ -608,7 +615,7 @@ export class Port80Handler extends plugins.EventEmitter {
* @param eventType The event type to emit
* @param data The certificate data
*/
private emitCertificateEvent(eventType: Port80HandlerEvents, data: ICertificateData): void {
private emitCertificateEvent(eventType: CertificateEvents, data: CertificateData): void {
this.emit(eventType, data);
}
@ -670,7 +677,7 @@ export class Port80Handler extends plugins.EventEmitter {
*/
public async renewCertificate(domain: string): Promise<void> {
if (!this.domainCertificates.has(domain)) {
throw new Port80HandlerError(`Domain not managed: ${domain}`);
throw new HttpError(`Domain not managed: ${domain}`);
}
// Trigger renewal via ACME
await this.obtainCertificate(domain, true);

13
ts/index.ts
View File

@ -5,7 +5,17 @@
// Legacy exports (to maintain backward compatibility)
export * from './nfttablesproxy/classes.nftablesproxy.js';
export * from './networkproxy/index.js';
export * from './port80handler/classes.port80handler.js';
// Export port80handler elements selectively to avoid conflicts
export {
Port80Handler,
default as Port80HandlerDefault,
HttpError,
ServerError,
CertificateError
} from './port80handler/classes.port80handler.js';
// Use re-export to control the names
export { Port80HandlerEvents } from './certificate/events/certificate-events.js';
export * from './redirect/classes.redirect.js';
export * from './smartproxy/classes.smartproxy.js';
// Original: export * from './smartproxy/classes.pp.snihandler.js'
@ -20,3 +30,4 @@ export * from './core/models/common-types.js';
export * as forwarding from './forwarding/index.js';
export * as certificate from './certificate/index.js';
export * as tls from './tls/index.js';
export * as http from './http/index.js';

3
ts/plugins.ts
View File

@ -1,5 +1,6 @@
// node native scope
import { EventEmitter } from 'events';
import * as fs from 'fs';
import * as http from 'http';
import * as https from 'https';
import * as net from 'net';
@ -7,7 +8,7 @@ import * as tls from 'tls';
import * as url from 'url';
import * as http2 from 'http2';
export { EventEmitter, http, https, net, tls, url, http2 };
export { EventEmitter, fs, http, https, net, tls, url, http2 };
// tsclass scope
import * as tsclass from '@tsclass/tsclass';

24
ts/port80handler/classes.port80handler.ts Normal file
View File

@ -0,0 +1,24 @@
/**
* TEMPORARY FILE FOR BACKWARD COMPATIBILITY
* This will be removed in a future version when all imports are updated
* @deprecated Use the new HTTP module instead
*/
// Re-export the Port80Handler from its new location
export * from '../http/port80/port80-handler.js';
// Re-export HTTP error types for backward compatibility
export * from '../http/models/http-types.js';
// Re-export selected events to avoid name conflicts
export {
CertificateEvents,
Port80HandlerEvents,
CertProvisionerEvents
} from '../certificate/events/certificate-events.js';
// Import the new Port80Handler
import { Port80Handler } from '../http/port80/port80-handler.js';
// Export it as the default export for backward compatibility
export default Port80Handler;