push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(smartproxy): Update documentation and route helper functions; add createPortRange, createSecurityConfig, createStaticFileRoute, and createTestRoute helpers to the readme and tests. Refactor test examples to use the new helper API and remove legacy connection handling files (including the old connection handler and PortRangeManager) to fully embrace the unified route‐based configuration.

Browse Source
This commit is contained in:
Philipp Kunz
2025-05-10 07:34:35 +00:00
parent 36bea96ac7
commit b4a0e4be6b
14 changed files with 458 additions and 193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ts/00_commitinfo_data.ts
View File

@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@push.rocks/smartproxy',
version: '15.0.0',
version: '15.1.0',
description: 'A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.'
}

0
ts/proxies/smart-proxy/connection-handler.ts → ts/proxies/smart-proxy/connection-handler.ts.bak
View File

0
ts/proxies/smart-proxy/domain-config-manager.ts → ts/proxies/smart-proxy/domain-config-manager.ts.bak
View File

81
ts/proxies/smart-proxy/models/route-types.ts
View File

@ -23,10 +23,10 @@ export type TPortRange = number | number[] | Array<{ from: number; to: number }>
export interface IRouteMatch {
// Listen on these ports (required)
ports: TPortRange;
// Optional domain patterns to match (default: all domains)
domains?: string | string[];
// Advanced matching criteria
path?: string; // Match specific paths
clientIp?: string[]; // Match specific client IPs
@ -61,6 +61,25 @@ export interface IRouteRedirect {
status: 301 | 302 | 307 | 308;
}
/**
* Authentication options
*/
export interface IRouteAuthentication {
type: 'basic' | 'digest' | 'oauth' | 'jwt';
credentials?: {
username: string;
password: string;
}[];
realm?: string;
jwtSecret?: string;
jwtIssuer?: string;
oauthProvider?: string;
oauthClientId?: string;
oauthClientSecret?: string;
oauthRedirectUri?: string;
[key: string]: any; // Allow additional auth-specific options
}
/**
* Security options for route actions
*/
@ -68,10 +87,28 @@ export interface IRouteSecurity {
allowedIps?: string[];
blockedIps?: string[];
maxConnections?: number;
authentication?: {
type: 'basic' | 'digest' | 'oauth';
// Auth-specific options would go here
};
authentication?: IRouteAuthentication;
}
/**
* Static file server configuration
*/
export interface IRouteStaticFiles {
directory: string;
indexFiles?: string[];
cacheControl?: string;
expires?: number;
followSymlinks?: boolean;
disableDirectoryListing?: boolean;
}
/**
* Test route response configuration
*/
export interface IRouteTestResponse {
status: number;
headers: Record<string, string>;
body: string;
}
/**
@ -81,6 +118,8 @@ export interface IRouteAdvanced {
timeout?: number;
headers?: Record<string, string>;
keepAlive?: boolean;
staticFiles?: IRouteStaticFiles;
testResponse?: IRouteTestResponse;
// Additional advanced options would go here
}
@ -90,19 +129,19 @@ export interface IRouteAdvanced {
export interface IRouteAction {
// Basic routing
type: TRouteActionType;
// Target for forwarding
target?: IRouteTarget;
// TLS handling
tls?: IRouteTls;
// For redirects
redirect?: IRouteRedirect;
// Security options
security?: IRouteSecurity;
// Advanced options
advanced?: IRouteAdvanced;
}
@ -113,10 +152,10 @@ export interface IRouteAction {
export interface IRouteConfig {
// What to match
match: IRouteMatch;
// What to do with matched traffic
action: IRouteAction;
// Optional metadata
name?: string; // Human-readable name for this route
description?: string; // Description of the route's purpose
@ -130,7 +169,7 @@ export interface IRouteConfig {
export interface IRoutedSmartProxyOptions {
// The unified configuration array (required)
routes: IRouteConfig[];
// Global/default settings
defaults?: {
target?: {
@ -141,10 +180,10 @@ export interface IRoutedSmartProxyOptions {
tls?: IRouteTls;
// ...other defaults
};
// Other global settings remain (acme, etc.)
acme?: IAcmeOptions;
// Connection timeouts and other global settings
initialDataTimeout?: number;
socketTimeout?: number;
@ -152,13 +191,13 @@ export interface IRoutedSmartProxyOptions {
maxConnectionLifetime?: number;
inactivityTimeout?: number;
gracefulShutdownTimeout?: number;
// Socket optimization settings
noDelay?: boolean;
keepAlive?: boolean;
keepAliveInitialDelay?: number;
maxPendingDataSize?: number;
// Enhanced features
disableInactivityCheck?: boolean;
enableKeepAliveProbes?: boolean;
@ -166,16 +205,16 @@ export interface IRoutedSmartProxyOptions {
enableTlsDebugLogging?: boolean;
enableRandomizedTimeouts?: boolean;
allowSessionTicket?: boolean;
// Rate limiting and security
maxConnectionsPerIP?: number;
connectionRateLimitPerMinute?: number;
// Enhanced keep-alive settings
keepAliveTreatment?: 'standard' | 'extended' | 'immortal';
keepAliveInactivityMultiplier?: number;
extendedKeepAliveLifetime?: number;
/**
* Optional certificate provider callback. Return 'http01' to use HTTP-01 challenges,
* or a static certificate object for immediate provisioning.

14
ts/proxies/smart-proxy/network-proxy-bridge.ts
View File

@ -377,16 +377,10 @@ export class NetworkProxyBridge {
publicKey: certCert,
destinationIps: targetHosts,
destinationPorts: [targetPort],
proxyConfig: {
targetIsTls: route.action.tls.mode === 'terminate-and-reencrypt',
allowHTTP1: true,
// Apply any other NetworkProxy-specific settings
...(route.action.advanced ? {
preserveHost: true,
timeout: route.action.advanced.timeout,
headers: route.action.advanced.headers
} : {})
}
// Use backendProtocol for TLS re-encryption:
backendProtocol: route.action.tls.mode === 'terminate-and-reencrypt' ? 'http2' : 'http1',
// Add rewriteHostHeader for host header handling:
rewriteHostHeader: route.action.advanced?.headers ? true : false
};
configs.push(config);

0
ts/proxies/smart-proxy/port-range-manager.ts → ts/proxies/smart-proxy/port-range-manager.ts.bak
View File

23
ts/proxies/smart-proxy/route-connection-handler.ts
View File

@ -741,20 +741,7 @@ export class RouteConnectionHandler {
this.connectionManager.incrementTerminationStat('outgoing', 'connection_failed');
}
// If we have a forwarding handler for this domain, let it handle the error
if (domainConfig) {
try {
const forwardingHandler = this.domainConfigManager.getForwardingHandler(domainConfig);
forwardingHandler.emit('connection_error', {
socket,
error: err,
connectionId
});
} catch (handlerErr) {
// If getting the handler fails, just log and continue with normal cleanup
console.log(`Error getting forwarding handler for error handling: ${handlerErr}`);
}
}
// Route-based configuration doesn't use domain handlers
// Clean up the connection
this.connectionManager.initiateCleanupOnce(record, `connection_failed_${code}`);
@ -887,8 +874,8 @@ export class RouteConnectionHandler {
`${
serverName
? ` (SNI: ${serverName})`
: domainConfig
? ` (Port-based for domain: ${domainConfig.domains.join(', ')})`
: record.lockedDomain
? ` (Domain: ${record.lockedDomain})`
: ''
}` +
` TLS: ${record.isTLS ? 'Yes' : 'No'}, Keep-Alive: ${
@ -901,8 +888,8 @@ export class RouteConnectionHandler {
`${
serverName
? ` (SNI: ${serverName})`
: domainConfig
? ` (Port-based for domain: ${domainConfig.domains.join(', ')})`
: record.lockedDomain
? ` (Domain: ${record.lockedDomain})`
: ''
}`
);

175
ts/proxies/smart-proxy/route-helpers.ts
View File

@ -1,12 +1,13 @@
import type {
IRouteConfig,
IRouteMatch,
IRouteAction,
import type {
IRouteConfig,
IRouteMatch,
IRouteAction,
IRouteTarget,
IRouteTls,
IRouteRedirect,
IRouteSecurity,
IRouteAdvanced
IRouteAdvanced,
TPortRange
} from './models/route-types.js';
/**
@ -30,7 +31,7 @@ export function createRoute(
}
/**
* Create a basic HTTP route configuration
* Create a basic HTTP route configuration
*/
export function createHttpRoute(
options: {
@ -206,7 +207,7 @@ export function createHttpToHttpsRedirect(
}
): IRouteConfig {
const domainArray = Array.isArray(options.domains) ? options.domains : [options.domains];
return createRedirectRoute({
ports: 80,
domains: options.domains,
@ -270,7 +271,7 @@ export function createLoadBalancerRoute(
): IRouteConfig {
const useTls = options.tlsMode !== undefined;
const defaultPort = useTls ? 443 : 80;
return createRoute(
{
ports: options.ports || defaultPort,
@ -321,7 +322,7 @@ export function createHttpsServer(
): IRouteConfig[] {
const routes: IRouteConfig[] = [];
const domainArray = Array.isArray(options.domains) ? options.domains : [options.domains];
// Add HTTPS route
routes.push(createHttpsRoute({
domains: options.domains,
@ -330,7 +331,7 @@ export function createHttpsServer(
security: options.security,
name: options.name || `HTTPS Server for ${domainArray.join(', ')}`
}));
// Add HTTP to HTTPS redirect if requested
if (options.addHttpRedirect !== false) {
routes.push(createHttpToHttpsRedirect({
@ -339,6 +340,158 @@ export function createHttpsServer(
priority: 100
}));
}
return routes;
}
/**
* Create a port range configuration from various input formats
*/
export function createPortRange(
ports: number | number[] | string | Array<{ from: number; to: number }>
): TPortRange {
// If it's a string like "80,443" or "8000-9000", parse it
if (typeof ports === 'string') {
if (ports.includes('-')) {
// Handle range like "8000-9000"
const [start, end] = ports.split('-').map(p => parseInt(p.trim(), 10));
return [{ from: start, to: end }];
} else if (ports.includes(',')) {
// Handle comma-separated list like "80,443,8080"
return ports.split(',').map(p => parseInt(p.trim(), 10));
} else {
// Handle single port as string
return parseInt(ports.trim(), 10);
}
}
// Otherwise return as is
return ports;
}
/**
* Create a security configuration object
*/
export function createSecurityConfig(
options: {
allowedIps?: string[];
blockedIps?: string[];
maxConnections?: number;
authentication?: {
type: 'basic' | 'digest' | 'oauth';
// Auth-specific options
[key: string]: any;
};
}
): IRouteSecurity {
return {
...(options.allowedIps ? { allowedIps: options.allowedIps } : {}),
...(options.blockedIps ? { blockedIps: options.blockedIps } : {}),
...(options.maxConnections ? { maxConnections: options.maxConnections } : {}),
...(options.authentication ? { authentication: options.authentication } : {})
};
}
/**
* Create a static file server route
*/
export function createStaticFileRoute(
options: {
ports?: number | number[]; // Default: 80
domains: string | string[];
path?: string;
targetDirectory: string;
tlsMode?: 'terminate' | 'terminate-and-reencrypt';
certificate?: 'auto' | { key: string; cert: string };
headers?: Record<string, string>;
security?: IRouteSecurity;
name?: string;
description?: string;
priority?: number;
tags?: string[];
}
): IRouteConfig {
const useTls = options.tlsMode !== undefined;
const defaultPort = useTls ? 443 : 80;
return createRoute(
{
ports: options.ports || defaultPort,
domains: options.domains,
...(options.path ? { path: options.path } : {})
},
{
type: 'forward',
target: {
host: 'localhost', // Static file serving is typically handled locally
port: 0, // Special value indicating a static file server
preservePort: false
},
...(useTls ? {
tls: {
mode: options.tlsMode!,
certificate: options.certificate || 'auto'
}
} : {}),
advanced: {
...(options.headers ? { headers: options.headers } : {}),
staticFiles: {
directory: options.targetDirectory,
indexFiles: ['index.html', 'index.htm']
}
},
...(options.security ? { security: options.security } : {})
},
{
name: options.name || 'Static File Server',
description: options.description || `Serving static files from ${options.targetDirectory}`,
priority: options.priority,
tags: options.tags
}
);
}
/**
* Create a test route for debugging purposes
*/
export function createTestRoute(
options: {
ports?: number | number[]; // Default: 8000
domains?: string | string[];
path?: string;
response?: {
status?: number;
headers?: Record<string, string>;
body?: string;
};
name?: string;
}
): IRouteConfig {
return createRoute(
{
ports: options.ports || 8000,
...(options.domains ? { domains: options.domains } : {}),
...(options.path ? { path: options.path } : {})
},
{
type: 'forward',
target: {
host: 'test', // Special value indicating a test route
port: 0
},
advanced: {
testResponse: {
status: options.response?.status || 200,
headers: options.response?.headers || { 'Content-Type': 'text/plain' },
body: options.response?.body || 'Test route is working!'
}
}
},
{
name: options.name || 'Test Route',
description: 'Route for testing and debugging',
priority: 500,
tags: ['test', 'debug']
}
);
}

9
ts/proxies/smart-proxy/route-helpers/index.ts Normal file
View File

@ -0,0 +1,9 @@
/**
* Route helpers for SmartProxy
*
* This module provides helper functions for creating various types of route configurations
* to be used with the SmartProxy system.
*/
// Re-export all functions from the route-helpers.ts file
export * from '../route-helpers.js';

3
ts/proxies/smart-proxy/route-manager.ts
View File

@ -7,8 +7,7 @@ import type {
} from './models/route-types.js';
import type {
ISmartProxyOptions,
IRoutedSmartProxyOptions,
IDomainConfig
IRoutedSmartProxyOptions
} from './models/interfaces.js';
import {
isRoutedOptions,

54
ts/proxies/smart-proxy/smart-proxy.ts
View File

@ -6,7 +6,7 @@ import { SecurityManager } from './security-manager.js';
import { TlsManager } from './tls-manager.js';
import { NetworkProxyBridge } from './network-proxy-bridge.js';
import { TimeoutManager } from './timeout-manager.js';
import { PortRangeManager } from './port-range-manager.js';
// import { PortRangeManager } from './port-range-manager.js';
import { RouteManager } from './route-manager.js';
import { RouteConnectionHandler } from './route-connection-handler.js';
@ -22,7 +22,7 @@ import type {
ISmartProxyOptions,
IRoutedSmartProxyOptions
} from './models/interfaces.js';
import { isRoutedOptions } from './models/interfaces.js';
import { isRoutedOptions, isLegacyOptions } from './models/interfaces.js';
import type { IRouteConfig } from './models/route-types.js';
/**
@ -49,7 +49,7 @@ export class SmartProxy extends plugins.EventEmitter {
private tlsManager: TlsManager;
private networkProxyBridge: NetworkProxyBridge;
private timeoutManager: TimeoutManager;
private portRangeManager: PortRangeManager;
// private portRangeManager: PortRangeManager;
private routeManager: RouteManager;
private routeConnectionHandler: RouteConnectionHandler;
@ -133,7 +133,7 @@ export class SmartProxy extends plugins.EventEmitter {
autoRenew: true,
certificateStore: './certs',
skipConfiguredCerts: false,
httpsRedirectPort: this.settings.fromPort || 443,
httpsRedirectPort: 443,
renewCheckIntervalHours: 24,
domainForwards: []
};
@ -152,7 +152,7 @@ export class SmartProxy extends plugins.EventEmitter {
this.routeManager = new RouteManager(this.settings);
// Create port range manager
this.portRangeManager = new PortRangeManager(this.settings);
// this.portRangeManager = new PortRangeManager(this.settings);
// Create other required components
this.tlsManager = new TlsManager(this.settings);
@ -220,22 +220,22 @@ export class SmartProxy extends plugins.EventEmitter {
if (this.port80Handler) {
const acme = this.settings.acme!;
// Setup domain forwards based on configuration type
// Setup domain forwards
const domainForwards = acme.domainForwards?.map(f => {
if (isLegacyOptions(this.settings)) {
// If using legacy mode, check if domain config exists
const domainConfig = this.settings.domainConfigs.find(
dc => dc.domains.some(d => d === f.domain)
);
// Check if a matching route exists
const matchingRoute = this.settings.routes.find(
route => Array.isArray(route.match.domains)
? route.match.domains.some(d => d === f.domain)
: route.match.domains === f.domain
);
if (domainConfig?.forwarding) {
return {
domain: f.domain,
forwardConfig: f.forwardConfig,
acmeForwardConfig: f.acmeForwardConfig,
sslRedirect: f.sslRedirect || domainConfig.forwarding.http?.redirectToHttps || false
if (matchingRoute) {
return {
domain: f.domain,
forwardConfig: f.forwardConfig,
acmeForwardConfig: f.acmeForwardConfig,
sslRedirect: f.sslRedirect || false
};
}
} else {
// In route mode, look for matching route
const route = this.routeManager.findMatchingRoute({
@ -332,10 +332,8 @@ export class SmartProxy extends plugins.EventEmitter {
const isNetworkProxyPort = this.settings.useNetworkProxy?.includes(port);
console.log(
`SmartProxy -> OK: Now listening on port ${port}${
isLegacyOptions(this.settings) && this.settings.sniEnabled && !isNetworkProxyPort ?
' (SNI passthrough enabled)' :
''
}${isNetworkProxyPort ? ' (NetworkProxy forwarding enabled)' : ''}`
isNetworkProxyPort ? ' (NetworkProxy forwarding enabled)' : ''
}`
);
});
@ -723,17 +721,7 @@ export class SmartProxy extends plugins.EventEmitter {
domains.push(...eligibleDomains);
}
// For legacy mode, also get domains from domain configs
if (isLegacyOptions(this.settings)) {
for (const config of this.settings.domainConfigs) {
// Skip domains that can't be used with ACME
const eligibleDomains = config.domains.filter(domain =>
!domain.includes('*') && this.isValidDomain(domain)
);
domains.push(...eligibleDomains);
}
}
// Legacy mode is no longer supported
return domains;
}