141 lines
3.6 KiB
TypeScript
141 lines
3.6 KiB
TypeScript
import { SmartProxy } from '../ts/proxies/smart-proxy/index.js';
|
|
import { expect, tap } from '@push.rocks/tapbundle';
|
|
|
|
const testProxy = new SmartProxy({
|
|
routes: [{
|
|
name: 'test-route',
|
|
match: { ports: 443, domains: 'test.example.com' },
|
|
action: {
|
|
type: 'forward',
|
|
target: { host: 'localhost', port: 8080 },
|
|
tls: {
|
|
mode: 'terminate',
|
|
certificate: 'auto',
|
|
acme: {
|
|
email: 'test@example.com',
|
|
useProduction: false
|
|
}
|
|
}
|
|
}
|
|
}]
|
|
});
|
|
|
|
tap.test('should provision certificate automatically', async () => {
|
|
await testProxy.start();
|
|
|
|
// Wait for certificate provisioning
|
|
await new Promise(resolve => setTimeout(resolve, 5000));
|
|
|
|
const status = testProxy.getCertificateStatus('test-route');
|
|
expect(status).toBeDefined();
|
|
expect(status.status).toEqual('valid');
|
|
expect(status.source).toEqual('acme');
|
|
|
|
await testProxy.stop();
|
|
});
|
|
|
|
tap.test('should handle static certificates', async () => {
|
|
const proxy = new SmartProxy({
|
|
routes: [{
|
|
name: 'static-route',
|
|
match: { ports: 443, domains: 'static.example.com' },
|
|
action: {
|
|
type: 'forward',
|
|
target: { host: 'localhost', port: 8080 },
|
|
tls: {
|
|
mode: 'terminate',
|
|
certificate: {
|
|
certFile: './test/fixtures/cert.pem',
|
|
keyFile: './test/fixtures/key.pem'
|
|
}
|
|
}
|
|
}
|
|
}]
|
|
});
|
|
|
|
await proxy.start();
|
|
|
|
const status = proxy.getCertificateStatus('static-route');
|
|
expect(status).toBeDefined();
|
|
expect(status.status).toEqual('valid');
|
|
expect(status.source).toEqual('static');
|
|
|
|
await proxy.stop();
|
|
});
|
|
|
|
tap.test('should handle ACME challenge routes', async () => {
|
|
const proxy = new SmartProxy({
|
|
routes: [{
|
|
name: 'auto-cert-route',
|
|
match: { ports: 443, domains: 'acme.example.com' },
|
|
action: {
|
|
type: 'forward',
|
|
target: { host: 'localhost', port: 8080 },
|
|
tls: {
|
|
mode: 'terminate',
|
|
certificate: 'auto',
|
|
acme: {
|
|
email: 'acme@example.com',
|
|
useProduction: false,
|
|
challengePort: 80
|
|
}
|
|
}
|
|
}
|
|
}, {
|
|
name: 'port-80-route',
|
|
match: { ports: 80, domains: 'acme.example.com' },
|
|
action: {
|
|
type: 'forward',
|
|
target: { host: 'localhost', port: 8080 }
|
|
}
|
|
}]
|
|
});
|
|
|
|
await proxy.start();
|
|
|
|
// The SmartCertManager should automatically add challenge routes
|
|
// Let's verify the route manager sees them
|
|
const routes = proxy.routeManager.getAllRoutes();
|
|
const challengeRoute = routes.find(r => r.name === 'acme-challenge');
|
|
|
|
expect(challengeRoute).toBeDefined();
|
|
expect(challengeRoute?.match.path).toEqual('/.well-known/acme-challenge/*');
|
|
expect(challengeRoute?.priority).toEqual(1000);
|
|
|
|
await proxy.stop();
|
|
});
|
|
|
|
tap.test('should renew certificates', async () => {
|
|
const proxy = new SmartProxy({
|
|
routes: [{
|
|
name: 'renew-route',
|
|
match: { ports: 443, domains: 'renew.example.com' },
|
|
action: {
|
|
type: 'forward',
|
|
target: { host: 'localhost', port: 8080 },
|
|
tls: {
|
|
mode: 'terminate',
|
|
certificate: 'auto',
|
|
acme: {
|
|
email: 'renew@example.com',
|
|
useProduction: false,
|
|
renewBeforeDays: 30
|
|
}
|
|
}
|
|
}
|
|
}]
|
|
});
|
|
|
|
await proxy.start();
|
|
|
|
// Force renewal
|
|
await proxy.renewCertificate('renew-route');
|
|
|
|
const status = proxy.getCertificateStatus('renew-route');
|
|
expect(status).toBeDefined();
|
|
expect(status.status).toEqual('valid');
|
|
|
|
await proxy.stop();
|
|
});
|
|
|
|
tap.start(); |