serve.zone/dcrouter
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(vpn): add tag-aware WireGuard AllowedIPs for VPN-gated routes

Browse Source
This commit is contained in:
Jürgen Kunz
2026-03-31 00:45:46 +00:00
parent 450ec4816e
commit 6807aefce8
6 changed files with 87 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
test_watch/devserver.ts
View File

@@ -1,6 +1,8 @@
import { DcRouter } from '../ts/index.js';
const devRouter = new DcRouter({
// Server public IP (used for VPN AllowedIPs)
publicIp: '203.0.113.1',
// SmartProxy routes for development/demo
smartProxyConfig: {
routes: [
@@ -23,7 +25,19 @@ const devRouter = new DcRouter({
tls: { mode: 'passthrough' },
},
},
],
{
name: 'vpn-internal-app',
match: { ports: [18080], domains: ['internal.example.com'] },
action: { type: 'forward', targets: [{ host: 'localhost', port: 5000 }] },
vpn: { required: true },
},
{
name: 'vpn-eng-dashboard',
match: { ports: [18080], domains: ['eng.example.com'] },
action: { type: 'forward', targets: [{ host: 'localhost', port: 5001 }] },
vpn: { required: true, allowedServerDefinedClientTags: ['engineering'] },
},
] as any[],
},
// VPN with pre-defined clients
vpnConfig: {