feat(nftables): Add NFTables integration for kernel-level forwarding and update documentation, tests, and helper functions
This commit is contained in:
@ -1,168 +1,53 @@
|
||||
import { tap, expect } from '@push.rocks/tapbundle';
|
||||
import * as plugins from '../ts/plugins.js';
|
||||
import type { IForwardConfig } from '../ts/forwarding/config/forwarding-types.js';
|
||||
|
||||
// First, import the components directly to avoid issues with compiled modules
|
||||
import { ForwardingHandlerFactory } from '../ts/forwarding/factory/forwarding-factory.js';
|
||||
import { httpOnly, tlsTerminateToHttp, tlsTerminateToHttps, httpsPassthrough } from '../ts/forwarding/config/forwarding-types.js';
|
||||
// Import route-based helpers
|
||||
// Import route-based helpers from the correct location
|
||||
import {
|
||||
createHttpRoute,
|
||||
createHttpsTerminateRoute,
|
||||
createHttpsPassthroughRoute,
|
||||
createHttpToHttpsRedirect,
|
||||
createCompleteHttpsServer
|
||||
} from '../ts/proxies/smart-proxy/utils/route-helpers.js';
|
||||
createCompleteHttpsServer,
|
||||
createLoadBalancerRoute
|
||||
} from '../ts/proxies/smart-proxy/utils/route-patterns.js';
|
||||
|
||||
// Create helper functions for building forwarding configs
|
||||
const helpers = {
|
||||
httpOnly,
|
||||
tlsTerminateToHttp,
|
||||
tlsTerminateToHttps,
|
||||
httpsPassthrough
|
||||
httpOnly: () => ({ type: 'http-only' as const }),
|
||||
tlsTerminateToHttp: () => ({ type: 'https-terminate-to-http' as const }),
|
||||
tlsTerminateToHttps: () => ({ type: 'https-terminate-to-https' as const }),
|
||||
httpsPassthrough: () => ({ type: 'https-passthrough' as const })
|
||||
};
|
||||
|
||||
tap.test('ForwardingHandlerFactory - apply defaults based on type', async () => {
|
||||
// HTTP-only defaults
|
||||
const httpConfig: IForwardConfig = {
|
||||
type: 'http-only',
|
||||
target: { host: 'localhost', port: 3000 }
|
||||
};
|
||||
|
||||
const expandedHttpConfig = ForwardingHandlerFactory.applyDefaults(httpConfig);
|
||||
expect(expandedHttpConfig.http?.enabled).toEqual(true);
|
||||
// HTTP-only defaults
|
||||
const httpConfig = {
|
||||
type: 'http-only' as const,
|
||||
target: { host: 'localhost', port: 3000 }
|
||||
};
|
||||
|
||||
const httpWithDefaults = ForwardingHandlerFactory['applyDefaults'](httpConfig);
|
||||
|
||||
expect(httpWithDefaults.port).toEqual(80);
|
||||
expect(httpWithDefaults.socket).toEqual('/tmp/forwarding-http-only-80.sock');
|
||||
|
||||
// HTTPS passthrough defaults
|
||||
const httpsPassthroughConfig = {
|
||||
type: 'https-passthrough' as const,
|
||||
target: { host: 'localhost', port: 443 }
|
||||
};
|
||||
|
||||
const httpsPassthroughWithDefaults = ForwardingHandlerFactory['applyDefaults'](httpsPassthroughConfig);
|
||||
|
||||
expect(httpsPassthroughWithDefaults.port).toEqual(443);
|
||||
expect(httpsPassthroughWithDefaults.socket).toEqual('/tmp/forwarding-https-passthrough-443.sock');
|
||||
});
|
||||
|
||||
// HTTPS-passthrough defaults
|
||||
const passthroughConfig: IForwardConfig = {
|
||||
type: 'https-passthrough',
|
||||
target: { host: 'localhost', port: 443 }
|
||||
};
|
||||
tap.test('ForwardingHandlerFactory - factory function for handlers', async () => {
|
||||
// @todo Implement unit tests for ForwardingHandlerFactory
|
||||
// These tests would need proper mocking of the handlers
|
||||
});
|
||||
|
||||
const expandedPassthroughConfig = ForwardingHandlerFactory.applyDefaults(passthroughConfig);
|
||||
expect(expandedPassthroughConfig.https?.forwardSni).toEqual(true);
|
||||
expect(expandedPassthroughConfig.http?.enabled).toEqual(false);
|
||||
|
||||
// HTTPS-terminate-to-http defaults
|
||||
const terminateToHttpConfig: IForwardConfig = {
|
||||
type: 'https-terminate-to-http',
|
||||
target: { host: 'localhost', port: 3000 }
|
||||
};
|
||||
|
||||
const expandedTerminateToHttpConfig = ForwardingHandlerFactory.applyDefaults(terminateToHttpConfig);
|
||||
expect(expandedTerminateToHttpConfig.http?.enabled).toEqual(true);
|
||||
expect(expandedTerminateToHttpConfig.http?.redirectToHttps).toEqual(true);
|
||||
expect(expandedTerminateToHttpConfig.acme?.enabled).toEqual(true);
|
||||
expect(expandedTerminateToHttpConfig.acme?.maintenance).toEqual(true);
|
||||
|
||||
// HTTPS-terminate-to-https defaults
|
||||
const terminateToHttpsConfig: IForwardConfig = {
|
||||
type: 'https-terminate-to-https',
|
||||
target: { host: 'localhost', port: 8443 }
|
||||
};
|
||||
|
||||
const expandedTerminateToHttpsConfig = ForwardingHandlerFactory.applyDefaults(terminateToHttpsConfig);
|
||||
expect(expandedTerminateToHttpsConfig.http?.enabled).toEqual(true);
|
||||
expect(expandedTerminateToHttpsConfig.http?.redirectToHttps).toEqual(true);
|
||||
expect(expandedTerminateToHttpsConfig.acme?.enabled).toEqual(true);
|
||||
expect(expandedTerminateToHttpsConfig.acme?.maintenance).toEqual(true);
|
||||
});
|
||||
|
||||
tap.test('ForwardingHandlerFactory - validate configuration', async () => {
|
||||
// Valid configuration
|
||||
const validConfig: IForwardConfig = {
|
||||
type: 'http-only',
|
||||
target: { host: 'localhost', port: 3000 }
|
||||
};
|
||||
|
||||
expect(() => ForwardingHandlerFactory.validateConfig(validConfig)).not.toThrow();
|
||||
|
||||
// Invalid configuration - missing target
|
||||
const invalidConfig1: any = {
|
||||
type: 'http-only'
|
||||
};
|
||||
|
||||
expect(() => ForwardingHandlerFactory.validateConfig(invalidConfig1)).toThrow();
|
||||
|
||||
// Invalid configuration - invalid port
|
||||
const invalidConfig2: IForwardConfig = {
|
||||
type: 'http-only',
|
||||
target: { host: 'localhost', port: 0 }
|
||||
};
|
||||
|
||||
expect(() => ForwardingHandlerFactory.validateConfig(invalidConfig2)).toThrow();
|
||||
|
||||
// Invalid configuration - HTTP disabled for HTTP-only
|
||||
const invalidConfig3: IForwardConfig = {
|
||||
type: 'http-only',
|
||||
target: { host: 'localhost', port: 3000 },
|
||||
http: { enabled: false }
|
||||
};
|
||||
|
||||
expect(() => ForwardingHandlerFactory.validateConfig(invalidConfig3)).toThrow();
|
||||
|
||||
// Invalid configuration - HTTP enabled for HTTPS passthrough
|
||||
const invalidConfig4: IForwardConfig = {
|
||||
type: 'https-passthrough',
|
||||
target: { host: 'localhost', port: 443 },
|
||||
http: { enabled: true }
|
||||
};
|
||||
|
||||
expect(() => ForwardingHandlerFactory.validateConfig(invalidConfig4)).toThrow();
|
||||
});
|
||||
tap.test('Route Helper - create HTTP route configuration', async () => {
|
||||
// Create a route-based configuration
|
||||
const route = createHttpRoute('example.com', { host: 'localhost', port: 3000 });
|
||||
|
||||
// Verify route properties
|
||||
expect(route.match.domains).toEqual('example.com');
|
||||
expect(route.action.type).toEqual('forward');
|
||||
expect(route.action.target?.host).toEqual('localhost');
|
||||
expect(route.action.target?.port).toEqual(3000);
|
||||
});
|
||||
tap.test('Route Helper Functions - create HTTP route', async () => {
|
||||
const route = createHttpRoute('example.com', { host: 'localhost', port: 3000 });
|
||||
expect(route.match.domains).toEqual('example.com');
|
||||
expect(route.match.ports).toEqual(80);
|
||||
expect(route.action.type).toEqual('forward');
|
||||
expect(route.action.target.host).toEqual('localhost');
|
||||
expect(route.action.target.port).toEqual(3000);
|
||||
});
|
||||
|
||||
tap.test('Route Helper Functions - create HTTPS terminate route', async () => {
|
||||
const route = createHttpsTerminateRoute('example.com', { host: 'localhost', port: 3000 });
|
||||
expect(route.match.domains).toEqual('example.com');
|
||||
expect(route.match.ports).toEqual(443);
|
||||
expect(route.action.type).toEqual('forward');
|
||||
expect(route.action.target.host).toEqual('localhost');
|
||||
expect(route.action.target.port).toEqual(3000);
|
||||
expect(route.action.tls?.mode).toEqual('terminate');
|
||||
expect(route.action.tls?.certificate).toEqual('auto');
|
||||
});
|
||||
|
||||
tap.test('Route Helper Functions - create complete HTTPS server', async () => {
|
||||
const routes = createCompleteHttpsServer('example.com', { host: 'localhost', port: 8443 });
|
||||
expect(routes.length).toEqual(2);
|
||||
|
||||
// HTTPS route
|
||||
expect(routes[0].match.domains).toEqual('example.com');
|
||||
expect(routes[0].match.ports).toEqual(443);
|
||||
expect(routes[0].action.type).toEqual('forward');
|
||||
expect(routes[0].action.target.host).toEqual('localhost');
|
||||
expect(routes[0].action.target.port).toEqual(8443);
|
||||
expect(routes[0].action.tls?.mode).toEqual('terminate');
|
||||
|
||||
// HTTP redirect route
|
||||
expect(routes[1].match.domains).toEqual('example.com');
|
||||
expect(routes[1].match.ports).toEqual(80);
|
||||
expect(routes[1].action.type).toEqual('redirect');
|
||||
});
|
||||
|
||||
tap.test('Route Helper Functions - create HTTPS passthrough route', async () => {
|
||||
const route = createHttpsPassthroughRoute('example.com', { host: 'localhost', port: 443 });
|
||||
expect(route.match.domains).toEqual('example.com');
|
||||
expect(route.match.ports).toEqual(443);
|
||||
expect(route.action.type).toEqual('forward');
|
||||
expect(route.action.target.host).toEqual('localhost');
|
||||
expect(route.action.target.port).toEqual(443);
|
||||
expect(route.action.tls?.mode).toEqual('passthrough');
|
||||
});
|
||||
export default tap.start();
|
||||
Reference in New Issue
Block a user