// ============================================================================ // Transport options // ============================================================================ export interface IVpnTransportStdio { transport: 'stdio'; } export interface IVpnTransportSocket { transport: 'socket'; socketPath: string; autoReconnect?: boolean; reconnectBaseDelayMs?: number; reconnectMaxDelayMs?: number; maxReconnectAttempts?: number; } export type TVpnTransportOptions = IVpnTransportStdio | IVpnTransportSocket; // ============================================================================ // Client configuration // ============================================================================ export interface IVpnClientConfig { /** Server WebSocket URL, e.g. wss://vpn.example.com/tunnel */ serverUrl: string; /** Server's static public key (base64) for Noise NK handshake */ serverPublicKey: string; /** Optional DNS servers to use while connected */ dns?: string[]; /** Optional MTU for the TUN device */ mtu?: number; /** Keepalive interval in seconds (default: 30) */ keepaliveIntervalSecs?: number; } export interface IVpnClientOptions { transport: TVpnTransportOptions; config?: IVpnClientConfig; } // ============================================================================ // Server configuration // ============================================================================ export interface IVpnServerConfig { /** Listen address for WebSocket, e.g. 0.0.0.0:443 */ listenAddr: string; /** TLS certificate PEM (optional — can be behind reverse proxy) */ tlsCert?: string; /** TLS private key PEM */ tlsKey?: string; /** Server's Noise static private key (base64) */ privateKey: string; /** Server's Noise static public key (base64) */ publicKey: string; /** IP subnet for VPN clients, e.g. 10.8.0.0/24 */ subnet: string; /** DNS servers pushed to clients */ dns?: string[]; /** MTU for TUN device */ mtu?: number; /** Keepalive interval in seconds (default: 30) */ keepaliveIntervalSecs?: number; /** Enable NAT/masquerade for client traffic */ enableNat?: boolean; /** Default rate limit for new clients (bytes/sec). Omit for unlimited. */ defaultRateLimitBytesPerSec?: number; /** Default burst size for new clients (bytes). Omit for unlimited. */ defaultBurstBytes?: number; } export interface IVpnServerOptions { transport: TVpnTransportOptions; config?: IVpnServerConfig; } // ============================================================================ // Status and statistics // ============================================================================ export type TVpnConnectionState = | 'disconnected' | 'connecting' | 'handshaking' | 'connected' | 'reconnecting' | 'error'; export interface IVpnStatus { state: TVpnConnectionState; assignedIp?: string; serverAddr?: string; connectedSince?: string; lastError?: string; } export interface IVpnStatistics { bytesSent: number; bytesReceived: number; packetsSent: number; packetsReceived: number; keepalivesSent: number; keepalivesReceived: number; uptimeSeconds: number; quality?: IVpnConnectionQuality; } export interface IVpnClientInfo { clientId: string; assignedIp: string; connectedSince: string; bytesSent: number; bytesReceived: number; packetsDropped: number; bytesDropped: number; lastKeepaliveAt?: string; keepalivesReceived: number; rateLimitBytesPerSec?: number; burstBytes?: number; } export interface IVpnServerStatistics extends IVpnStatistics { activeClients: number; totalConnections: number; } export interface IVpnKeypair { publicKey: string; privateKey: string; } // ============================================================================ // QoS: Connection quality // ============================================================================ export type TVpnLinkHealth = 'healthy' | 'degraded' | 'critical'; export interface IVpnConnectionQuality { srttMs: number; jitterMs: number; minRttMs: number; maxRttMs: number; lossRatio: number; consecutiveTimeouts: number; linkHealth: TVpnLinkHealth; currentKeepaliveIntervalSecs: number; } // ============================================================================ // QoS: MTU info // ============================================================================ export interface IVpnMtuInfo { tunMtu: number; effectiveMtu: number; linkMtu: number; overheadBytes: number; oversizedPacketsDropped: number; icmpTooBigSent: number; } // ============================================================================ // QoS: Client telemetry (server-side per-client) // ============================================================================ export interface IVpnClientTelemetry { clientId: string; assignedIp: string; lastKeepaliveAt?: string; keepalivesReceived: number; packetsDropped: number; bytesDropped: number; bytesReceived: number; bytesSent: number; rateLimitBytesPerSec?: number; burstBytes?: number; } // ============================================================================ // IPC Command maps (used by smartrust RustBridge) // ============================================================================ export type TVpnClientCommands = { connect: { params: { config: IVpnClientConfig }; result: { assignedIp: string } }; disconnect: { params: Record; result: void }; getStatus: { params: Record; result: IVpnStatus }; getStatistics: { params: Record; result: IVpnStatistics }; getConnectionQuality: { params: Record; result: IVpnConnectionQuality }; getMtuInfo: { params: Record; result: IVpnMtuInfo }; }; export type TVpnServerCommands = { start: { params: { config: IVpnServerConfig }; result: void }; stop: { params: Record; result: void }; getStatus: { params: Record; result: IVpnStatus }; getStatistics: { params: Record; result: IVpnServerStatistics }; listClients: { params: Record; result: { clients: IVpnClientInfo[] } }; disconnectClient: { params: { clientId: string }; result: void }; generateKeypair: { params: Record; result: IVpnKeypair }; setClientRateLimit: { params: { clientId: string; rateBytesPerSec: number; burstBytes: number }; result: void }; removeClientRateLimit: { params: { clientId: string }; result: void }; getClientTelemetry: { params: { clientId: string }; result: IVpnClientTelemetry }; }; // ============================================================================ // Installer // ============================================================================ export type TVpnPlatform = 'linux' | 'macos' | 'windows' | 'unknown'; export interface IVpnServiceUnit { platform: TVpnPlatform; content: string; installPath: string; } // ============================================================================ // Events emitted by VpnClient / VpnServer // ============================================================================ export interface IVpnEventMap { 'status': IVpnStatus; 'error': { message: string; code?: string }; 'client-connected': IVpnClientInfo; 'client-disconnected': { clientId: string; reason?: string }; 'exit': { code: number | null; signal: string | null }; 'reconnected': void; }