serve.zone/dcrouter
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: serve.zone:v6.5.0
Branches Tags
serve.zone:main
serve.zone:v11.2.1 serve.zone:v11.2.0 serve.zone:v11.1.0 serve.zone:v11.0.51 serve.zone:v11.0.50 serve.zone:v11.0.49 serve.zone:v11.0.48 serve.zone:v11.0.47 serve.zone:v11.0.46 serve.zone:v11.0.45 serve.zone:v11.0.44 serve.zone:v11.0.43 serve.zone:v11.0.42 serve.zone:v11.0.41 serve.zone:v11.0.40 serve.zone:v11.0.39 serve.zone:v11.0.38 serve.zone:v11.0.37 serve.zone:v11.0.36 serve.zone:v11.0.35 serve.zone:v11.0.34 serve.zone:v11.0.33 serve.zone:v11.0.32 serve.zone:v11.0.31 serve.zone:v11.0.30 serve.zone:v11.0.29 serve.zone:v11.0.28 serve.zone:v11.0.27 serve.zone:v11.0.26 serve.zone:v11.0.25 serve.zone:v11.0.24 serve.zone:v11.0.23 serve.zone:v11.0.22 serve.zone:v11.0.21 serve.zone:v11.0.20 serve.zone:v11.0.19 serve.zone:v11.0.18 serve.zone:v11.0.17 serve.zone:v11.0.16 serve.zone:v11.0.15 serve.zone:v11.0.14 serve.zone:v11.0.13 serve.zone:v11.0.12 serve.zone:v11.0.10 serve.zone:v11.0.9 serve.zone:v11.0.8 serve.zone:v11.0.7 serve.zone:v11.0.6 serve.zone:v11.0.5 serve.zone:v11.0.4 serve.zone:v11.0.3 serve.zone:v11.0.2 serve.zone:v11.0.1 serve.zone:v11.0.0 serve.zone:v10.1.9 serve.zone:v10.1.8 serve.zone:v10.1.7 serve.zone:v10.1.6 serve.zone:v10.1.5 serve.zone:v10.1.4 serve.zone:v10.1.3 serve.zone:v10.1.2 serve.zone:v10.1.1 serve.zone:v10.1.0 serve.zone:v10.0.0 serve.zone:v9.3.0 serve.zone:v9.2.0 serve.zone:v9.1.10 serve.zone:v9.1.9 serve.zone:v9.1.8 serve.zone:v9.1.7 serve.zone:v9.1.6 serve.zone:v9.1.5 serve.zone:v9.1.4 serve.zone:v9.1.3 serve.zone:v9.1.2 serve.zone:v9.1.1 serve.zone:v9.1.0 serve.zone:v9.0.0 serve.zone:v8.1.0 serve.zone:v8.0.0 serve.zone:v7.4.3 serve.zone:v7.4.2 serve.zone:v7.4.1 serve.zone:v7.4.0 serve.zone:v7.3.0 serve.zone:v7.2.0 serve.zone:v7.1.0 serve.zone:v7.0.1 serve.zone:v7.0.0 serve.zone:v6.13.2 serve.zone:v6.13.1 serve.zone:v6.13.0 serve.zone:v6.12.0 serve.zone:v6.11.0 serve.zone:v6.10.0 serve.zone:v6.9.0 serve.zone:v6.8.0 serve.zone:v6.7.0 serve.zone:v6.6.1 serve.zone:v6.6.0 serve.zone:v6.5.0 serve.zone:v6.4.5 serve.zone:v6.4.4 serve.zone:v6.4.3 serve.zone:v6.4.2 serve.zone:v6.4.1 serve.zone:v6.4.0 serve.zone:v6.3.0 serve.zone:v6.2.4 serve.zone:v6.2.3 serve.zone:v6.2.2 serve.zone:v6.2.1 serve.zone:v6.2.0 serve.zone:v6.1.0 serve.zone:v6.0.0 serve.zone:v5.5.0 serve.zone:v5.4.6 serve.zone:v5.4.5 serve.zone:v5.4.4 serve.zone:v5.4.3 serve.zone:v5.4.2 serve.zone:v5.4.1 serve.zone:v5.4.0 serve.zone:v5.3.0 serve.zone:v5.2.0 serve.zone:v5.1.0 serve.zone:v5.0.7 serve.zone:v5.0.6 serve.zone:v5.0.5 serve.zone:v5.0.4 serve.zone:v5.0.3 serve.zone:v5.0.2 serve.zone:v5.0.1 serve.zone:v5.0.0 serve.zone:v4.1.1 serve.zone:v4.1.0 serve.zone:v4.0.0 serve.zone:v3.1.0 serve.zone:v3.0.0 serve.zone:v2.13.0 serve.zone:v2.12.6 serve.zone:v2.12.5 serve.zone:v2.12.4 serve.zone:v2.12.3 serve.zone:v2.12.2 serve.zone:v2.12.1 serve.zone:v2.12.0 serve.zone:v2.11.2 serve.zone:v2.11.1 serve.zone:v2.11.0 serve.zone:v2.8.9 serve.zone:v2.8.6 serve.zone:v2.8.4 serve.zone:v2.8.2 serve.zone:v2.8.1 serve.zone:v2.8.0 serve.zone:v2.7.0 serve.zone:v2.6.0 serve.zone:v2.5.0 serve.zone:v2.4.2 serve.zone:v2.4.1 serve.zone:v2.4.0 serve.zone:v2.3.1 serve.zone:v2.3.0 serve.zone:v2.2.1 serve.zone:v2.2.0 serve.zone:v2.1.0 serve.zone:v2.0.0 serve.zone:v1.1.2 serve.zone:v1.1.1 serve.zone:v1.1.0 serve.zone:v1.0.11 serve.zone:v1.0.10 serve.zone:v1.0.9 serve.zone:v1.0.8 serve.zone:v1.0.7 serve.zone:v1.0.6 serve.zone:v1.0.5 serve.zone:v1.0.4 serve.zone:v1.0.3 serve.zone:v1.0.2
...
compare: serve.zone:v7.4.2
Branches Tags
serve.zone:main
serve.zone:v11.2.1 serve.zone:v11.2.0 serve.zone:v11.1.0 serve.zone:v11.0.51 serve.zone:v11.0.50 serve.zone:v11.0.49 serve.zone:v11.0.48 serve.zone:v11.0.47 serve.zone:v11.0.46 serve.zone:v11.0.45 serve.zone:v11.0.44 serve.zone:v11.0.43 serve.zone:v11.0.42 serve.zone:v11.0.41 serve.zone:v11.0.40 serve.zone:v11.0.39 serve.zone:v11.0.38 serve.zone:v11.0.37 serve.zone:v11.0.36 serve.zone:v11.0.35 serve.zone:v11.0.34 serve.zone:v11.0.33 serve.zone:v11.0.32 serve.zone:v11.0.31 serve.zone:v11.0.30 serve.zone:v11.0.29 serve.zone:v11.0.28 serve.zone:v11.0.27 serve.zone:v11.0.26 serve.zone:v11.0.25 serve.zone:v11.0.24 serve.zone:v11.0.23 serve.zone:v11.0.22 serve.zone:v11.0.21 serve.zone:v11.0.20 serve.zone:v11.0.19 serve.zone:v11.0.18 serve.zone:v11.0.17 serve.zone:v11.0.16 serve.zone:v11.0.15 serve.zone:v11.0.14 serve.zone:v11.0.13 serve.zone:v11.0.12 serve.zone:v11.0.10 serve.zone:v11.0.9 serve.zone:v11.0.8 serve.zone:v11.0.7 serve.zone:v11.0.6 serve.zone:v11.0.5 serve.zone:v11.0.4 serve.zone:v11.0.3 serve.zone:v11.0.2 serve.zone:v11.0.1 serve.zone:v11.0.0 serve.zone:v10.1.9 serve.zone:v10.1.8 serve.zone:v10.1.7 serve.zone:v10.1.6 serve.zone:v10.1.5 serve.zone:v10.1.4 serve.zone:v10.1.3 serve.zone:v10.1.2 serve.zone:v10.1.1 serve.zone:v10.1.0 serve.zone:v10.0.0 serve.zone:v9.3.0 serve.zone:v9.2.0 serve.zone:v9.1.10 serve.zone:v9.1.9 serve.zone:v9.1.8 serve.zone:v9.1.7 serve.zone:v9.1.6 serve.zone:v9.1.5 serve.zone:v9.1.4 serve.zone:v9.1.3 serve.zone:v9.1.2 serve.zone:v9.1.1 serve.zone:v9.1.0 serve.zone:v9.0.0 serve.zone:v8.1.0 serve.zone:v8.0.0 serve.zone:v7.4.3 serve.zone:v7.4.2 serve.zone:v7.4.1 serve.zone:v7.4.0 serve.zone:v7.3.0 serve.zone:v7.2.0 serve.zone:v7.1.0 serve.zone:v7.0.1 serve.zone:v7.0.0 serve.zone:v6.13.2 serve.zone:v6.13.1 serve.zone:v6.13.0 serve.zone:v6.12.0 serve.zone:v6.11.0 serve.zone:v6.10.0 serve.zone:v6.9.0 serve.zone:v6.8.0 serve.zone:v6.7.0 serve.zone:v6.6.1 serve.zone:v6.6.0 serve.zone:v6.5.0 serve.zone:v6.4.5 serve.zone:v6.4.4 serve.zone:v6.4.3 serve.zone:v6.4.2 serve.zone:v6.4.1 serve.zone:v6.4.0 serve.zone:v6.3.0 serve.zone:v6.2.4 serve.zone:v6.2.3 serve.zone:v6.2.2 serve.zone:v6.2.1 serve.zone:v6.2.0 serve.zone:v6.1.0 serve.zone:v6.0.0 serve.zone:v5.5.0 serve.zone:v5.4.6 serve.zone:v5.4.5 serve.zone:v5.4.4 serve.zone:v5.4.3 serve.zone:v5.4.2 serve.zone:v5.4.1 serve.zone:v5.4.0 serve.zone:v5.3.0 serve.zone:v5.2.0 serve.zone:v5.1.0 serve.zone:v5.0.7 serve.zone:v5.0.6 serve.zone:v5.0.5 serve.zone:v5.0.4 serve.zone:v5.0.3 serve.zone:v5.0.2 serve.zone:v5.0.1 serve.zone:v5.0.0 serve.zone:v4.1.1 serve.zone:v4.1.0 serve.zone:v4.0.0 serve.zone:v3.1.0 serve.zone:v3.0.0 serve.zone:v2.13.0 serve.zone:v2.12.6 serve.zone:v2.12.5 serve.zone:v2.12.4 serve.zone:v2.12.3 serve.zone:v2.12.2 serve.zone:v2.12.1 serve.zone:v2.12.0 serve.zone:v2.11.2 serve.zone:v2.11.1 serve.zone:v2.11.0 serve.zone:v2.8.9 serve.zone:v2.8.6 serve.zone:v2.8.4 serve.zone:v2.8.2 serve.zone:v2.8.1 serve.zone:v2.8.0 serve.zone:v2.7.0 serve.zone:v2.6.0 serve.zone:v2.5.0 serve.zone:v2.4.2 serve.zone:v2.4.1 serve.zone:v2.4.0 serve.zone:v2.3.1 serve.zone:v2.3.0 serve.zone:v2.2.1 serve.zone:v2.2.0 serve.zone:v2.1.0 serve.zone:v2.0.0 serve.zone:v1.1.2 serve.zone:v1.1.1 serve.zone:v1.1.0 serve.zone:v1.0.11 serve.zone:v1.0.10 serve.zone:v1.0.9 serve.zone:v1.0.8 serve.zone:v1.0.7 serve.zone:v1.0.6 serve.zone:v1.0.5 serve.zone:v1.0.4 serve.zone:v1.0.3 serve.zone:v1.0.2

38 Commits
v6.5.0 ... v7.4.2

Author SHA1 Message Date
Juergen Kunz
447cf44d68 v7.4.2
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-21 18:56:44 +00:00
Juergen Kunz
82ce17a941 fix(monitoring,remoteingress,web): Prune old metrics buckets periodically, clear metrics caches on shutdown, simplify edge disconnect handling, and optimize network view data updates 2026-02-21 18:56:44 +00:00
Juergen Kunz
15da996e70 v7.4.1
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-21 18:13:10 +00:00
Juergen Kunz
582e19e6a6 fix(dcrouter): replace console logging with structured logger, improve metrics logging, add terminal-ready wait in ops UI, bump dees-catalog patch 2026-02-21 18:13:10 +00:00
Juergen Kunz
79765d6729 v7.4.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-21 14:02:48 +00:00
Juergen Kunz
ffc93eb9d3 feat(opsserver): add real-time log push to ops dashboard and recent DNS query tracking 2026-02-21 14:02:48 +00:00
Juergen Kunz
1337a4905a v7.3.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-20 15:37:15 +00:00
Juergen Kunz
c7418d9e1a feat(dcrouter): Wire DNS server query events to MetricsManager for time-series tracking and bump @push.rocks/smartdns to ^7.9.0 2026-02-20 15:37:15 +00:00
Juergen Kunz
2a94ffd4c9 v7.2.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-20 12:55:20 +00:00
Juergen Kunz
b2fe6caf33 feat(logs): replace custom logs list with dees-chart-log component and push logs to chart, add log mapping and lifecycle sync, and bump smartlog dependency 2026-02-20 12:55:20 +00:00
Juergen Kunz
822bbc1957 v7.1.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-19 17:23:43 +00:00
Juergen Kunz
eacddc7ce1 feat(ops/monitoring): add in-memory log buffer, metrics time-series and ops UI integration 2026-02-19 17:23:43 +00:00
Juergen Kunz
dc6ce341bd v7.0.1
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-19 14:36:11 +00:00
Juergen Kunz
1aadc93f92 fix(monitoring): Use smartMetrics cpuPercentage for cpuUsage.user and update smartmetrics and smartproxy dependencies 2026-02-19 14:36:11 +00:00
Juergen Kunz
8fdcd479d6 v7.0.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-19 10:16:23 +00:00
Juergen Kunz
d24dde8eff BREAKING CHANGE(deps): bump dependencies: @serve.zone/remoteingress to ^4.0.0 (breaking), @push.rocks/smartproxy to ^25.7.6, @types/node to ^25.3.0 2026-02-19 10:16:23 +00:00
Juergen Kunz
40a34073e9 v6.13.2
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-19 08:33:41 +00:00
Juergen Kunz
9ac297c197 fix(runtime): prevent memory leaks and improve shutdown/stream handling across services 2026-02-19 08:33:41 +00:00
Juergen Kunz
ddd0662fb8 v6.13.1
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-18 22:56:18 +00:00
Juergen Kunz
11bc0dde6c fix(dcrouter): enable PROXY protocol v1 handling for SmartProxy when remoteIngress is enabled to preserve client IPs 2026-02-18 22:56:18 +00:00
Juergen Kunz
610d691244 v6.13.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-18 21:35:18 +00:00
Juergen Kunz
c88410ea53 feat(remoteingress): include listenPorts for allowed edges sent to the Rust hub and always resync allowed edges when edge properties change 2026-02-18 21:35:18 +00:00
Juergen Kunz
9cbdd24281 v6.12.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-18 18:47:18 +00:00
Juergen Kunz
dce1de8c4b feat(remote-ingress): add Remote Ingress hub integration, OpsServer UI, APIs, and docs 2026-02-18 18:47:18 +00:00
Juergen Kunz
86e6c4f600 v6.11.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-18 06:05:46 +00:00
Juergen Kunz
0618755236 feat(remoteingress): add ability to generate remote ingress connection tokens and UI copy action; add hubDomain config option; update remoteingress dependency to ^3.1.1 2026-02-18 06:05:46 +00:00
Juergen Kunz
b21f3385e1 v6.10.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 17:49:12 +00:00
Juergen Kunz
dd61e0c962 feat(ops-view-certificates): Make Export and Delete actions available inline (inRow) as well as in the context menu; bump @design.estate/dees-catalog to ^3.43.0 2026-02-17 17:49:12 +00:00
Juergen Kunz
ac3a42fc41 v6.9.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 16:28:33 +00:00
Juergen Kunz
c23f16149c feat(certificates): add certificate import, export, and deletion support (server handlers, request types, and UI) 2026-02-17 16:28:33 +00:00
Juergen Kunz
529a4bae00 v6.8.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 14:17:18 +00:00
Juergen Kunz
49606ae007 feat(remote-ingress): support auto-deriving ports for remote ingress edges and expose manual/derived port breakdown in API and UI 2026-02-17 14:17:18 +00:00
Juergen Kunz
31a6510d8b v6.7.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 11:56:54 +00:00
Juergen Kunz
b5e760ae07 feat(remote-ingress): Support auto-derived effective listen ports, make listenPorts optional, add toggle action and refine remote ingress creation/management UI 2026-02-17 11:56:54 +00:00
Juergen Kunz
ea32babaac v6.6.1
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 10:57:27 +00:00
Juergen Kunz
a4ddedaf46 fix(icons): standardize icon identifiers to lucide-prefixed names across operational views 2026-02-17 10:57:27 +00:00
Juergen Kunz
7ce09c53ca v6.6.0
Some checks failed
Docker (tags) / security (push) Failing after 1s
Details
Docker (tags) / test (push) Has been skipped
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2026-02-17 10:55:31 +00:00
Juergen Kunz
69be2295f1 feat(remoteingress): derive effective remote ingress listen ports from route configs and expose them via ops API 2026-02-17 10:55:31 +00:00
33 changed files with 2548 additions and 671 deletions
Expand all files Collapse all files

167
changelog.md
View File

@@ -1,5 +1,172 @@
# Changelog
## 2026-02-21 - 7.4.2 - fix(monitoring,remoteingress,web)
Prune old metrics buckets periodically, clear metrics caches on shutdown, simplify edge disconnect handling, and optimize network view data updates
- Call pruneOldBuckets() each minute to proactively remove stale time-series buckets in MetricsManager
- Clear metricsCache, emailMinuteBuckets and dnsMinuteBuckets when MetricsManager stops to avoid stale state on shutdown
- On edgeDisconnected remove the edgeStatuses entry instead of mutating an existing record (more explicit cleanup)
- Remove unused traffic-timer variables and move requestsPerSec history updates from render() into updateNetworkData() to avoid unnecessary re-renders
- Optimize traffic data array updates by shifting in-place then reassigning arrays to preserve Lit reactivity and reduce intermediate allocations
## 2026-02-21 - 7.4.1 - fix(dcrouter)
replace console logging with structured logger, improve metrics logging, add terminal-ready wait in ops UI, bump dees-catalog patch
- Replace console.log/console.error calls in classes.dcrouter.ts with structured logger.log (info/debug/error) including contextual data and stringified errors
- MetricsManager: create a dedicated Smartlog instance (metricsLogger) for SmartMetrics and use shared logger for lifecycle events (start/stop)
- SmartProxy/ACME: convert startup/stop/cert events and error logging to structured logs; include generated route and cert metadata where relevant
- Shutdown/startup flows: unify service start/stop/error messages through logger to provide consistent, structured output
- UI change: ops-view-logs now waits for xterm terminalReady before pushing initial logs to avoid race conditions
- Bump dependency @design.estate/dees-catalog from 3.43.0 to 3.43.1
## 2026-02-21 - 7.4.0 - feat(opsserver)
add real-time log push to ops dashboard and recent DNS query tracking
- Export baseLogger and add a log destination that pushes log entries to connected ops_dashboard TypedSocket clients (ts/opsserver/handlers/logs.handler.ts, ts/logger.ts).
- Introduce a new TypedRequest (pushLogEntry) interface for server→client log pushes (ts_interfaces/requests/logs.ts) and wire client handling in the web UI (ts_web/appstate.ts, ts_web/plugins.ts).
- Add TypedSocket client connection lifecycle to the web app, stream pushed log entries into app state and update log views incrementally (ts_web/appstate.ts, ts_web/elements/ops-view-logs.ts).
- MetricsManager now records recent DNS queries (timestamp, domain, type, answered, responseTimeMs) and exposes them via stats endpoints for display in the UI (ts/monitoring/classes.metricsmanager.ts, ts/opsserver/handlers/stats.handler.ts, ts_interfaces/data/stats.ts).
- UI overview now displays DNS query entries and uses answered flag to set log level (ts_web/elements/ops-view-overview.ts).
- Add import/export for typedsocket in web plugins to enable real-time push (ts_web/plugins.ts).
- Bump dependency @push.rocks/smartproxy patch version ^25.7.8 → ^25.7.9 (package.json).
## 2026-02-20 - 7.3.0 - feat(dcrouter)
Wire DNS server 'query' events to MetricsManager for time-series tracking and bump @push.rocks/smartdns to ^7.9.0
- Add dnsServer 'query' event listener that iterates event.questions and calls metricsManager.trackDnsQuery(question.type, question.name, false, event.responseTimeMs).
- Listener is guarded by a metricsManager existence check to avoid runtime errors when metrics are not configured.
- Bump dependency @push.rocks/smartdns from ^7.8.1 to ^7.9.0 in package.json.
## 2026-02-20 - 7.2.0 - feat(logs)
replace custom logs list with dees-chart-log component and push logs to chart, add log mapping and lifecycle sync, and bump smartlog dependency
- Replaced the legacy in-component log list and styling with a dees-chart-log element to render application logs.
- Added updated() lifecycle handler to push new logs to the chart and new helper methods pushLogsToChart() and getMappedLogEntries() to map log entries to the chart's expected format.
- Removed the streaming toggle, getActiveFilters(), legacy CSS for the log list, and the old per-entry rendering markup.
- Added explicit typing for dropdown @selectedOption handlers (e: any).
- Bumped dependency @push.rocks/smartlog from ^3.2.0 to ^3.2.1 in package.json.
## 2026-02-19 - 7.1.0 - feat(ops/monitoring)
add in-memory log buffer, metrics time-series and ops UI integration
- bump @push.rocks/smartlog to ^3.2.0
- introduce SmartlogDestinationBuffer (logBuffer) and wire it into the base logger to provide an in-memory log store for the Ops UI
- implement minute-resolution time-series buckets in MetricsManager with increment/prune helpers and new APIs getEmailTimeSeries and getDnsTimeSeries
- sync security counters from SecurityLogger and expose recent security events via StatsHandler
- wire email delivery lifecycle events and bounce processing to MetricsManager for tracking sent/received/failed metrics
- LogsHandler now queries the in-memory log buffer, maps smartlog levels/categories, supports search/level/time-range filtering and pagination
- UI updates: ops-view-overview, ops-view-logs and ops-view-security consume time-series and recent events to render charts, tables and filters
## 2026-02-19 - 7.0.1 - fix(monitoring)
Use smartMetrics cpuPercentage for cpuUsage.user and update smartmetrics and smartproxy dependencies
- Switch cpuUsage.user from parseFloat(smartMetricsData.cpuUsageText) to smartMetricsData.cpuPercentage to align with smartmetrics v3 API
- Bump @push.rocks/smartmetrics from ^2.0.10 to ^3.0.1
- Bump @push.rocks/smartproxy from ^25.7.6 to ^25.7.8
## 2026-02-19 - 7.0.0 - BREAKING CHANGE(deps)
bump dependencies: @serve.zone/remoteingress to ^4.0.0 (breaking), @push.rocks/smartproxy to ^25.7.6, @types/node to ^25.3.0
- Updated @serve.zone/remoteingress from ^3.3.0 to ^4.0.0 — major breaking change; may require code changes to adapt to new API.
- Updated @push.rocks/smartproxy from ^25.7.3 to ^25.7.6 — patch update (non-breaking).
- Updated @types/node from ^25.2.3 to ^25.3.0 — patch update (non-breaking).
- Current package version is 6.13.2; recommend bumping to 7.0.0 due to the breaking dependency upgrade.
## 2026-02-19 - 6.13.2 - fix(runtime)
prevent memory leaks and improve shutdown/stream handling across services
- Add CertProvisionScheduler.clear() to reset in-memory backoff cache and call it during DcRouter shutdown
- Stop any existing SmartAcme instance before creating a new one (await stop and log errors) to avoid duplicate running instances
- Null out many DcRouter service references and clear certificateStatusMap on shutdown to allow GC of stopped services
- Cap emailMetrics.recipients map size and trim to ~80% of MAX_TOP_DOMAINS to prevent unbounded growth
- Await virtualStream.sendData in logs follow handler and clear the interval if the stream errors/closes to avoid interval leaks
- Limit normalizedMacCache size and evict oldest entries when it exceeds 10000 to prevent unbounded cache growth
## 2026-02-18 - 6.13.1 - fix(dcrouter)
enable PROXY protocol v1 handling for SmartProxy when remoteIngress is enabled to preserve client IPs
- Set smartProxyConfig.acceptProxyProtocol = true when options.remoteIngressConfig.enabled
- Whitelist loopback address by setting smartProxyConfig.proxyIPs = ['127.0.0.1']
- Only applies when remoteIngress is enabled; used to accept tunneled connections forwarded by the hub to preserve original client IPs
## 2026-02-18 - 6.13.0 - feat(remoteingress)
include listenPorts for allowed edges sent to the Rust hub and always resync allowed edges when edge properties change
- getAllowedEdges now returns listenPorts for each allowed edge (uses getEffectiveListenPorts)
- remoteingress handler now calls tunnelManager.syncAllowedEdges() whenever tunnelManager exists so ports/tags/enabled changes are propagated
- Improves Rust hub routing by providing per-edge listening ports and ensuring allowed-edge list is kept up-to-date
## 2026-02-18 - 6.12.0 - feat(remote-ingress)
add Remote Ingress hub integration, OpsServer UI, APIs, and docs
- Integrates RemoteIngress (hub/tunnel) into DcRouter: runtime manager, tunnel manager and Rust data plane references added
- Bumps dependency @serve.zone/remoteingress to ^3.3.0
- Adds configuration defaults and IDcRouterOptions.remoteIngressConfig with tunnelPort/hubDomain/tls fields
- Introduces OpsServer API endpoints and TypedRequest methods for remote ingress: getRemoteIngresses, createRemoteIngress, updateRemoteIngress, deleteRemoteIngress, regenerateRemoteIngressSecret, getRemoteIngressStatus, getRemoteIngressConnectionToken
- UI updates: new Remote Ingress dashboard view, connection token generation & copy (clipboard API + fallback), auto-derived ports display, and toast notifications
- State/API rename: newEdgeSecret -> newEdgeId and clearNewEdgeIdAction; appstate fetchConnectionToken usage
- Documentation: README, ts/ and ts_web readmes, and ts_interfaces updated with interfaces and examples for Remote Ingress
- Minor UI icon updates (search -> fa:magnifyingGlass, clipboard icon casing) and other doc/README improvements
## 2026-02-18 - 6.11.0 - feat(remoteingress)
add ability to generate remote ingress connection tokens and UI copy action; add hubDomain config option; update remoteingress dependency to ^3.1.1
- Add server typed handler 'getRemoteIngressConnectionToken' to generate an encoded connection token containing hubHost, hubPort, edgeId and secret.
- Add request interface IReq_GetRemoteIngressConnectionToken for typed requests.
- Add fetchConnectionToken helper in web appstate and a 'Copy Token' action in ops-view-remoteingress to copy tokens to the clipboard with toast feedback.
- Add hubDomain option to remoteIngressConfig in dcrouter options so an external hostname can be embedded in connection tokens.
- Bump dependency @serve.zone/remoteingress from ^3.0.4 to ^3.1.1 in package.json.
## 2026-02-17 - 6.10.0 - feat(ops-view-certificates)
Make Export and Delete actions available inline (inRow) as well as in the context menu; bump @design.estate/dees-catalog to ^3.43.0
- Added 'inRow' to action types for 'Export' and 'Delete' in ts_web/elements/ops-view-certificates.ts to expose actions inline in the row
- Updated dependency @design.estate/dees-catalog from ^3.42.2 to ^3.43.0 in package.json
## 2026-02-17 - 6.9.0 - feat(certificates)
add certificate import, export, and deletion support (server handlers, request types, and UI)
- Add typed request handlers in opsserver: deleteCertificate, exportCertificate, importCertificate (ts/opsserver/handlers/certificate.handler.ts)
- Implement deleteCertificate/exportCertificate/importCertificate functions handling storage paths, in-memory status map updates, backoff clearing, validation, and SmartAcme-compatible /certs/ and /proxy-certs/ formats
- Add request interfaces IReq_DeleteCertificate, IReq_ExportCertificate, IReq_ImportCertificate (ts_interfaces/requests/certificate.ts)
- Add web app actions deleteCertificateAction, importCertificateAction and fetchCertificateExport to call new typed requests (ts_web/appstate.ts)
- Update certificates UI to support Import, Export, and Delete actions and add downloadJsonFile helper (ts_web/elements/ops-view-certificates.ts)
## 2026-02-17 - 6.8.0 - feat(remote-ingress)
support auto-deriving ports for remote ingress edges and expose manual/derived port breakdown in API and UI
- Add autoDerivePorts flag to IRemoteIngress with default true and migration to set existing stored edges to autoDerivePorts = true
- RemoteIngressManager: getEffectiveListenPorts now returns the union of manual + derived ports when autoDerivePorts is enabled; added getPortBreakdown to return manual vs derived lists
- API handlers updated: create/update requests accept autoDerivePorts; responses now include effectiveListenPorts, manualPorts, and derivedPorts (secrets still masked)
- Web UI updated: create and edit dialogs include an Auto-derive checkbox; port badges now visually distinguish manual vs derived ports; added updateRemoteIngressAction
- Non-breaking change: new field defaults to true so existing behavior is preserved
## 2026-02-17 - 6.7.0 - feat(remote-ingress)
Support auto-derived effective listen ports, make listenPorts optional, add toggle action and refine remote ingress creation/management UI
- Add effectiveListenPorts?: number[] to IRemoteIngress interface (present in API responses)
- Make createRemoteIngressAction.listenPorts optional and update creation modal to allow empty ports (auto-derived)
- Add toggleRemoteIngressAction to enable/disable remote ingress edges and wire up Enable/Disable row/context-menu actions
- Update getPortsHtml to prefer manual listenPorts, fall back to effectiveListenPorts, show '(auto)' when derived and 'none' when no ports
- Standardize UI actions to use inRow/contextmenu and actionFunc signatures; update create modal to use explicit Cancel/Create menu options and collect form data programmatically
## 2026-02-17 - 6.6.1 - fix(icons)
standardize icon identifiers to lucide-prefixed names across operational views
- Replaced legacy/ambiguous icon names with 'lucide:...' identifiers in four UI modules: ts_web/elements/ops-view-certificates.ts, ops-view-network.ts, ops-view-overview.ts, and ops-view-security.ts.
- Updated common action/menu icons (e.g. arrowsRotate -> lucide:RefreshCw, magnifyingGlass -> lucide:Search, copy -> lucide:Copy, fileExport -> lucide:FileOutput).
- Mapped dashboard/tile icons to lucide equivalents (e.g. server -> lucide:Server, networkWired/sitemap -> lucide:Network, download/upload -> lucide:Download/Upload, microchip/memory -> lucide:Cpu/MemoryStick).
- Normalized alert and status icons to lucide names (e.g. triangleExclamation -> lucide:TriangleAlert, shield/userShield -> lucide:Shield/ShieldCheck, clock/clockRotateLeft -> lucide:Clock/History).
## 2026-02-17 - 6.6.0 - feat(remoteingress)
derive effective remote ingress listen ports from route configs and expose them via ops API
- Derive listen ports from SmartProxy route configs with remoteIngress.enabled; supports optional edgeFilter to target edges by id or tags.
- Add RemoteIngressManager.setRoutes(), derivePortsForEdge(), and getEffectiveListenPorts() which falls back to manual listenPorts when present.
- dcrouter now supplies route configs to RemoteIngressManager during initialization and when updating SmartProxy configuration to keep derived ports in sync.
- Ops API now returns effectiveListenPorts for edges; createRemoteIngress.listenPorts is optional and createEdge defaults listenPorts to an empty array.
- Bump dependency @serve.zone/remoteingress to ^3.0.4 to align types/behavior.
## 2026-02-16 - 6.5.0 - feat(ops-view-remoteingress)
add 'Create Edge Node' header action to remote ingress table and remove duplicate createNewAction

16
package.json
View File

@@ -1,7 +1,7 @@
{
"name": "@serve.zone/dcrouter",
"private": false,
"version": "6.5.0",
"version": "7.4.2",
"description": "A multifaceted routing service handling mail and SMS delivery functions.",
"type": "module",
"exports": {
@@ -24,7 +24,7 @@
"@git.zone/tsrun": "^2.0.1",
"@git.zone/tstest": "^3.1.8",
"@git.zone/tswatch": "^3.1.0",
"@types/node": "^25.2.3"
"@types/node": "^25.3.0"
},
"dependencies": {
"@api.global/typedrequest": "^3.2.6",
@@ -32,31 +32,31 @@
"@api.global/typedserver": "^8.3.0",
"@api.global/typedsocket": "^4.1.0",
"@apiclient.xyz/cloudflare": "^7.1.0",
"@design.estate/dees-catalog": "^3.42.2",
"@design.estate/dees-catalog": "^3.43.1",
"@design.estate/dees-element": "^2.1.6",
"@push.rocks/projectinfo": "^5.0.2",
"@push.rocks/qenv": "^6.1.3",
"@push.rocks/smartacme": "^9.1.3",
"@push.rocks/smartdata": "^7.0.15",
"@push.rocks/smartdns": "^7.8.1",
"@push.rocks/smartdns": "^7.9.0",
"@push.rocks/smartfile": "^13.1.2",
"@push.rocks/smartguard": "^3.1.0",
"@push.rocks/smartjwt": "^2.2.1",
"@push.rocks/smartlog": "^3.1.11",
"@push.rocks/smartmetrics": "^2.0.10",
"@push.rocks/smartlog": "^3.2.1",
"@push.rocks/smartmetrics": "^3.0.1",
"@push.rocks/smartmongo": "^5.1.0",
"@push.rocks/smartmta": "^5.2.2",
"@push.rocks/smartnetwork": "^4.4.0",
"@push.rocks/smartpath": "^6.0.0",
"@push.rocks/smartpromise": "^4.2.3",
"@push.rocks/smartproxy": "^25.7.3",
"@push.rocks/smartproxy": "^25.7.9",
"@push.rocks/smartradius": "^1.1.1",
"@push.rocks/smartrequest": "^5.0.1",
"@push.rocks/smartrx": "^3.0.10",
"@push.rocks/smartstate": "^2.0.30",
"@push.rocks/smartunique": "^3.0.9",
"@serve.zone/interfaces": "^5.3.0",
"@serve.zone/remoteingress": "^3.0.2",
"@serve.zone/remoteingress": "^4.0.0",
"@tsclass/tsclass": "^9.3.0",
"lru-cache": "^11.2.6",
"uuid": "^13.0.0"

360
pnpm-lock.yaml generated
View File

@@ -24,8 +24,8 @@ importers:
specifier: ^7.1.0
version: 7.1.0
'@design.estate/dees-catalog':
specifier: ^3.42.2
version: 3.42.2(@tiptap/pm@2.27.2)
specifier: ^3.43.1
version: 3.43.1(@tiptap/pm@2.27.2)
'@design.estate/dees-element':
specifier: ^2.1.6
version: 2.1.6
@@ -42,8 +42,8 @@ importers:
specifier: ^7.0.15
version: 7.0.15(socks@2.8.7)
'@push.rocks/smartdns':
specifier: ^7.8.1
version: 7.8.1
specifier: ^7.9.0
version: 7.9.0
'@push.rocks/smartfile':
specifier: ^13.1.2
version: 13.1.2
@@ -54,11 +54,11 @@ importers:
specifier: ^2.2.1
version: 2.2.1
'@push.rocks/smartlog':
specifier: ^3.1.11
version: 3.1.11
specifier: ^3.2.1
version: 3.2.1
'@push.rocks/smartmetrics':
specifier: ^2.0.10
version: 2.0.10
specifier: ^3.0.1
version: 3.0.1
'@push.rocks/smartmongo':
specifier: ^5.1.0
version: 5.1.0(socks@2.8.7)
@@ -75,8 +75,8 @@ importers:
specifier: ^4.2.3
version: 4.2.3
'@push.rocks/smartproxy':
specifier: ^25.7.3
version: 25.7.3
specifier: ^25.7.9
version: 25.7.9
'@push.rocks/smartradius':
specifier: ^1.1.1
version: 1.1.1
@@ -96,8 +96,8 @@ importers:
specifier: ^5.3.0
version: 5.3.0
'@serve.zone/remoteingress':
specifier: ^3.0.2
version: 3.0.2
specifier: ^4.0.0
version: 4.0.0
'@tsclass/tsclass':
specifier: ^9.3.0
version: 9.3.0
@@ -124,8 +124,8 @@ importers:
specifier: ^3.1.0
version: 3.1.0(@tiptap/pm@2.27.2)
'@types/node':
specifier: ^25.2.3
version: 25.2.3
specifier: ^25.3.0
version: 25.3.0
packages:
@@ -351,8 +351,8 @@ packages:
'@configvault.io/interfaces@1.0.17':
resolution: {integrity: sha512-bEcCUR2VBDJsTin8HQh8Uw/mlYl2v8A3jMIaQ+MTB9Hrqd6CZL2dL7iJdWyFl/3EIX+LDxWFR+Oq7liIq7w+1Q==}
'@design.estate/dees-catalog@3.42.2':
resolution: {integrity: sha512-e/d5XpIjuOmQIxHnBq81Uq+TyBHX92Ie1n7jEFBCYtxvi3+P2LU1sQ3VDrvLTpkwGxq7iyagu7BYWHYRtPLPmw==}
'@design.estate/dees-catalog@3.43.1':
resolution: {integrity: sha512-WAWOV8dIgdKfAbS4Ciek8oDVIWC0OSPODhpQdLlsGBXERcFaBPaYxcpywmrjXB/TFeoAQPxBxhS7jb9/p2Rprg==}
'@design.estate/dees-comms@1.0.30':
resolution: {integrity: sha512-KchMlklJfKAjQiJiR0xmofXtQ27VgZtBIxcMwPE9d+h3jJRv+lPZxzBQVOM0eyM0uS44S5vJMZ11IeV4uDXSHg==}
@@ -681,74 +681,74 @@ packages:
'@mongodb-js/saslprep@1.4.6':
resolution: {integrity: sha512-y+x3H1xBZd38n10NZF/rEBlvDOOMQ6LKUTHqr8R9VkJ+mmQOYtJFxIlkkK8fZrtOiL6VixbOBWMbZGBdal3Z1g==}
'@napi-rs/canvas-android-arm64@0.1.92':
resolution: {integrity: sha512-rDOtq53ujfOuevD5taxAuIFALuf1QsQWZe1yS/N4MtT+tNiDBEdjufvQRPWZ11FubL2uwgP8ApYU3YOaNu1ZsQ==}
'@napi-rs/canvas-android-arm64@0.1.93':
resolution: {integrity: sha512-xRIoOPFvneR29Dtq5d9p2AJbijDCFeV4jQ+5Ms/xVAXJVb8R0Jlu+pPr/SkhrG+Mouaml4roPSXugTIeRl6CMA==}
engines: {node: '>= 10'}
cpu: [arm64]
os: [android]
'@napi-rs/canvas-darwin-arm64@0.1.92':
resolution: {integrity: sha512-4PT6GRGCr7yMRehp42x0LJb1V0IEy1cDZDDayv7eKbFUIGbPFkV7CRC9Bee5MPkjg1EB4ZPXXUyy3gjQm7mR8Q==}
'@napi-rs/canvas-darwin-arm64@0.1.93':
resolution: {integrity: sha512-daNDi76HN5grC6GXDmpxdfP+N2mQPd3sCfg62VyHwUuvbZh32P7R/IUjkzAxtYMtTza+Zvx9hfLJ3J7ENL6WMA==}
engines: {node: '>= 10'}
cpu: [arm64]
os: [darwin]
'@napi-rs/canvas-darwin-x64@0.1.92':
resolution: {integrity: sha512-5e/3ZapP7CqPtDcZPtmowCsjoyQwuNMMD7c0GKPtZQ8pgQhLkeq/3fmk0HqNSD1i227FyJN/9pDrhw/UMTkaWA==}
'@napi-rs/canvas-darwin-x64@0.1.93':
resolution: {integrity: sha512-1YfuNPIQLawsg/gSNdJRk4kQWUy9M/Gy8FGsOI79nhQEJ2PZdqpSPl5UNzf4elfuNXuVbEbmmjP68EQdUunDuQ==}
engines: {node: '>= 10'}
cpu: [x64]
os: [darwin]
'@napi-rs/canvas-linux-arm-gnueabihf@0.1.92':
resolution: {integrity: sha512-j6KaLL9iir68lwpzzY+aBGag1PZp3+gJE2mQ3ar4VJVmyLRVOh+1qsdNK1gfWoAVy5w6U7OEYFrLzN2vOFUSng==}
'@napi-rs/canvas-linux-arm-gnueabihf@0.1.93':
resolution: {integrity: sha512-8kEkOQPZjuyHjupvXExuJZiuiVNecdABGq3DLI7aO1EvQFOOlWMm2d/8Q5qXdV73Tn+nu3m16+kPajsN1oJefQ==}
engines: {node: '>= 10'}
cpu: [arm]
os: [linux]
'@napi-rs/canvas-linux-arm64-gnu@0.1.92':
resolution: {integrity: sha512-s3NlnJMHOSotUYVoTCoC1OcomaChFdKmZg0VsHFeIkeHbwX0uPHP4eCX1irjSfMykyvsGHTQDfBAtGYuqxCxhQ==}
'@napi-rs/canvas-linux-arm64-gnu@0.1.93':
resolution: {integrity: sha512-qIKLKkBkYSyWSYAoDThoxf5y1gr4X0g7W8rDU7d2HDeAAcotdVHUwuKkMeNe6+5VNk7/95EIhbslQjSxiCu32g==}
engines: {node: '>= 10'}
cpu: [arm64]
os: [linux]
'@napi-rs/canvas-linux-arm64-musl@0.1.92':
resolution: {integrity: sha512-xV0GQnukYq5qY+ebkAwHjnP2OrSGBxS3vSi1zQNQj0bkXU6Ou+Tw7JjCM7pZcQ28MUyEBS1yKfo7rc7ip2IPFQ==}
'@napi-rs/canvas-linux-arm64-musl@0.1.93':
resolution: {integrity: sha512-mAwQBGM3qArS9XEO21AK4E1uGvCuUCXjhIZk0dlVvs49MQ6wAAuCkYKNFpSKeSicKrLWwBMfgWX4qZoPh+M00A==}
engines: {node: '>= 10'}
cpu: [arm64]
os: [linux]
'@napi-rs/canvas-linux-riscv64-gnu@0.1.92':
resolution: {integrity: sha512-+GKvIFbQ74eB/TopEdH6XIXcvOGcuKvCITLGXy7WLJAyNp3Kdn1ncjxg91ihatBaPR+t63QOE99yHuIWn3UQ9w==}
'@napi-rs/canvas-linux-riscv64-gnu@0.1.93':
resolution: {integrity: sha512-kaIH5MpPzOZfkM+QMsBxGdM9jlJT+N+fwz2IEaju/S+DL65E5TgPOx4QcD5dQ8vsMxlak6uDrudBc4ns5xzZCw==}
engines: {node: '>= 10'}
cpu: [riscv64]
os: [linux]
'@napi-rs/canvas-linux-x64-gnu@0.1.92':
resolution: {integrity: sha512-tFd6MwbEhZ1g64iVY2asV+dOJC+GT3Yd6UH4G3Hp0/VHQ6qikB+nvXEULskFYZ0+wFqlGPtXjG1Jmv7sJy+3Ww==}
'@napi-rs/canvas-linux-x64-gnu@0.1.93':
resolution: {integrity: sha512-KtMZJqYWvOSeW5w3VSV2f5iGnwNdKJm4gwgVid4xNy1NFi+NJSyuglA1lX1u4wIPxizyxh8OW5c5Usf6oSOMNQ==}
engines: {node: '>= 10'}
cpu: [x64]
os: [linux]
'@napi-rs/canvas-linux-x64-musl@0.1.92':
resolution: {integrity: sha512-uSuqeSveB/ZGd72VfNbHCSXO9sArpZTvznMVsb42nqPP7gBGEH6NJQ0+hmF+w24unEmxBhPYakP/Wiosm16KkA==}
'@napi-rs/canvas-linux-x64-musl@0.1.93':
resolution: {integrity: sha512-qRZhOvlDBooRLX6V3/t9X9B+plZK+OrPLgfFixu0A1RO/3VHbubOknfnMnocSDAqk/L6cRyKI83VP2ciR9UO7w==}
engines: {node: '>= 10'}
cpu: [x64]
os: [linux]
'@napi-rs/canvas-win32-arm64-msvc@0.1.92':
resolution: {integrity: sha512-20SK5AU/OUNz9ZuoAPj5ekWai45EIBDh/XsdrVZ8le/pJVlhjFU3olbumSQUXRFn7lBRS+qwM8kA//uLaDx6iQ==}
'@napi-rs/canvas-win32-arm64-msvc@0.1.93':
resolution: {integrity: sha512-um5XE44vF8bjkQEsH2iRSUP9fDeQGYbn/qjM/v4whXG83qsqapAXlOPOQqSARZB1SiNvPUAuXoRsJLlKFmAEFw==}
engines: {node: '>= 10'}
cpu: [arm64]
os: [win32]
'@napi-rs/canvas-win32-x64-msvc@0.1.92':
resolution: {integrity: sha512-KEhyZLzq1MXCNlXybz4k25MJmHFp+uK1SIb8yJB0xfrQjz5aogAMhyseSzewo+XxAq3OAOdyKvfHGNzT3w1RPg==}
'@napi-rs/canvas-win32-x64-msvc@0.1.93':
resolution: {integrity: sha512-maHlizZgmKsAPJwjwBZMnsWfq3Ca9QutoteQwKe7YqsmbECoylrLCCOGCDOredstW4BRWqRTfCl6NJaVVeAQvQ==}
engines: {node: '>= 10'}
cpu: [x64]
os: [win32]
'@napi-rs/canvas@0.1.92':
resolution: {integrity: sha512-q7ZaUCJkEU5BeOdE7fBx1XWRd2T5Ady65nxq4brMf5L4cE1VV/ACq5w9Z5b/IVJs8CwSSIwc30nlthH0gFo4Ig==}
'@napi-rs/canvas@0.1.93':
resolution: {integrity: sha512-unVFo8CUlUeJCCxt50+j4yy91NF4x6n9zdGcvEsOFAWzowtZm3mgx8X2D7xjwV0cFSfxmpGPoe+JS77uzeFsxg==}
engines: {node: '>= 10'}
'@napi-rs/wasm-runtime@1.0.7':
@@ -757,10 +757,6 @@ packages:
'@napi-rs/wasm-runtime@1.1.1':
resolution: {integrity: sha512-p64ah1M1ld8xjWv3qbvFwHiFVWrq1yFvV4f7w+mzaqiR4IlSgkqhcRdHwsGgomwzBH51sRY4NEowLxnaBjcW/A==}
'@opentelemetry/api@1.9.0':
resolution: {integrity: sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==}
engines: {node: '>=8.0.0'}
'@oxc-project/types@0.99.0':
resolution: {integrity: sha512-LLDEhXB7g1m5J+woRSgfKsFPS3LhR9xRhTeIoEBm5WrkwMxn6eZ0Ld0c0K5eHB57ChZX6I3uSmmLjZ8pcjlRcw==}
@@ -898,8 +894,8 @@ packages:
'@push.rocks/smartdelay@3.0.5':
resolution: {integrity: sha512-mUuI7kj2f7ztjpic96FvRIlf2RsKBa5arw81AHNsndbxO6asRcxuWL8dTVxouEIK8YsBUlj0AsrCkHhMbLQdHw==}
'@push.rocks/smartdns@7.8.1':
resolution: {integrity: sha512-qEizM9dFzhq4XGICDC8Im7JLjwdokHdDZ6wLufBInaEOupq+8XOa9bC6EGlBQVsCXFUyrKzsFk6eBa9BSZMKPw==}
'@push.rocks/smartdns@7.9.0':
resolution: {integrity: sha512-1nDUfyXQo6j9HTUfcjE+BLeAv9QZ7WtAsM1V28zIoFdUpjNg/5g382L024H73PHsxh6lSYNhYYmFvWqzFQhXKg==}
'@push.rocks/smartenv@5.0.13':
resolution: {integrity: sha512-ACXmUcHZHl2CF2jnVuRw9saRRrZvJblCRs2d+K5aLR1DfkYFX3eA21kcMlKeLisI3aGNbIj9vz/rowN5qkRkfA==}
@@ -964,8 +960,8 @@ packages:
'@push.rocks/smartlog-interfaces@3.0.2':
resolution: {integrity: sha512-8hGRTJehbsFSJxLhCQkA018mZtXVPxPTblbg9VaE/EqISRzUw+eosJ2EJV7M4Qu0eiTJZjnWnNLn8CkD77ziWw==}
'@push.rocks/smartlog@3.1.11':
resolution: {integrity: sha512-zyLH8pQD2UD7l76wJBESEWXU1FSTBLOuRI0/DN139EYyMkwMq1+pdQKptTkJhhVL/OIj56oMg9SpJb4bJB7uKg==}
'@push.rocks/smartlog@3.2.1':
resolution: {integrity: sha512-x9/P59pfzY6HOGYmYrhqmoRl/pliTVx44g2Vbb8dIr/0zA39cAJHlPze1+UGncn37XKGmutK2iLSsJLEsexD0A==}
'@push.rocks/smartmail@2.2.0':
resolution: {integrity: sha512-28K4HAcda7ODUUpFCgbS/uA+eqwVRcmLJERIdM9AvLHXaHAPLHH97HmwPPcAu9Sp3z05Um0inmDF51X6yVVkcw==}
@@ -979,8 +975,8 @@ packages:
'@push.rocks/smartmatch@2.0.0':
resolution: {integrity: sha512-MBzP++1yNIBeox71X6VxpIgZ8m4bXnJpZJ4nWVH6IWpmO38MXTu4X0QF8tQnyT4LFcwvc9iiWaD15cstHa7Mmw==}
'@push.rocks/smartmetrics@2.0.10':
resolution: {integrity: sha512-Fr4ZzJWFqTR67ThmPsj+uUfPoWZ+p87n7wItpXVjlQ2mf4pboWnsfmrrC1gqIXca1Dwa2i7L+GPoJ3hOZ+Qhfw==}
'@push.rocks/smartmetrics@3.0.1':
resolution: {integrity: sha512-wdc9v8F0dQXwraAVCZjGvt2lnGpbVYHWzER9OFR+u+ultMq7aLjUevxSpkS8BkhBMLTuNMCCWIqyAzaCqHzFgQ==}
'@push.rocks/smartmime@1.0.6':
resolution: {integrity: sha512-PHd+I4UcsnOATNg8wjDsSAmmJ4CwQFrQCNzd0HSJMs4ZpiK3Ya91almd6GLpDPU370U4HFh4FaPF4eEAI6vkJQ==}
@@ -1034,8 +1030,8 @@ packages:
'@push.rocks/smartpromise@4.2.3':
resolution: {integrity: sha512-Ycg/TJR+tMt+S3wSFurOpEoW6nXv12QBtKXgBcjMZ4RsdO28geN46U09osPn9N9WuwQy1PkmTV5J/V4F9U8qEw==}
'@push.rocks/smartproxy@25.7.3':
resolution: {integrity: sha512-9b5dwsLAhuDqnJptGBum4qBHlZwZPqPG3CJKxAwE3uFKjCmcE8qGDwodI0CjrQ7KW2PJ1BMq/Lk4ghs3Da6PWw==}
'@push.rocks/smartproxy@25.7.9':
resolution: {integrity: sha512-5esFvD72TEyveaEQbDYRgD7C5hDfWMSBvurNx3KPi02CBKG1gnhx/WWT7RHDS3KRF5fEQh9YxvI9aMkOwjc7sQ==}
'@push.rocks/smartpuppeteer@2.0.5':
resolution: {integrity: sha512-yK/qSeWVHIGWRp3c8S5tfdGP6WCKllZC4DR8d8CQlEjszOSBmHtlTdyyqOMBZ/BA4kd+eU5f3A1r4K2tGYty1g==}
@@ -1131,9 +1127,6 @@ packages:
'@push.rocks/webrequest@3.0.37':
resolution: {integrity: sha512-fLN7kP6GeHFxE4UH4r9C9pjcQb0QkJxHeAMwXvbOqB9hh0MFNKhtGU7GoaTn8SVRGRMPc9UqZVNwo6u5l8Wn0A==}
'@push.rocks/webrequest@4.0.1':
resolution: {integrity: sha512-I60XZZLVf8W5I7YdmUVVu4G92teE3rg3/aKaV00BRg8vJ3VXx3wc59Qj4em7zxQ5o0HvL8m1Aezw3RFMDPyVgA==}
'@push.rocks/webrequest@4.0.2':
resolution: {integrity: sha512-rowzty+Q2papFBcnNYPcy+8CQJukSn/FGfQG8ap0bUgQUsx882u8kEyLM0Q+GlGHS5OiZ+Z0z5TZqLKlk3XHxA==}
@@ -1340,8 +1333,8 @@ packages:
'@serve.zone/interfaces@5.3.0':
resolution: {integrity: sha512-venO7wtDR9ixzD9NhdERBGjNKbFA5LL0yHw4eqGh0UpmvtXVc3SFG0uuHDilOKMZqZ8bttV88qVsFy1aSTJrtA==}
'@serve.zone/remoteingress@3.0.2':
resolution: {integrity: sha512-FnwNVO0Dn9xuNv0t81u6pjCizSeCyMjkRKm6wN5qycCdGFoJmFbBamHqV01KtK1KcgDTd7LX+PowSqKReNrBGw==}
'@serve.zone/remoteingress@4.0.0':
resolution: {integrity: sha512-kcC9pnQdS5Mw0ypmwT3GIYwrjVQJOjWw5TJ+j46t6Y98S4Mb7wEAAPsU+YRXozpkqUxWUDBeDK1fQHLvoF9PmQ==}
'@sindresorhus/is@5.6.0':
resolution: {integrity: sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g==}
@@ -1834,11 +1827,8 @@ packages:
'@types/node@22.19.11':
resolution: {integrity: sha512-BH7YwL6rA93ReqeQS1c4bsPpcfOmJasG+Fkr6Y59q83f9M1WcBRHR2vM+P9eOisYRcN3ujQoiZY8uk5W+1WL8w==}
'@types/node@25.2.3':
resolution: {integrity: sha512-m0jEgYlYz+mDJZ2+F4v8D1AyQb+QzsNqRuI7xg1VQX/KlKS0qT9r1Mo16yo5F/MtifXFgaofIFsdFMox2SxIbQ==}
'@types/pidusage@2.0.5':
resolution: {integrity: sha512-MIiyZI4/MK9UGUXWt0jJcCZhVw7YdhBuTOuqP/BjuLDLZ2PmmViMIQgZiWxtaMicQfAz/kMrZ5T7PKxFSkTeUA==}
'@types/node@25.3.0':
resolution: {integrity: sha512-4K3bqJpXpqfg2XKGK9bpDTc6xO/xoUP/RBWS7AtRMug6zZFaRekiLzjVtAoZMquxoAbzBvy5nxQ7veS5eYzf8A==}
'@types/ping@0.4.4':
resolution: {integrity: sha512-ifvo6w2f5eJYlXm+HiVx67iJe8WZp87sfa683nlqED5Vnt9Z93onkokNoWqOG21EaE8fMxyKPobE+mkPEyxsdw==}
@@ -1966,8 +1956,8 @@ packages:
resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==}
engines: {node: '>=12'}
apexcharts@5.5.0:
resolution: {integrity: sha512-r0GzBUmIAihVDHiPTWrKzd2I+T2Dw+oZTDBRJeBExUuCyqEaCe2pAMEKZnTbJQXyDAhCBzPgkM2SeeKQuW4Ddw==}
apexcharts@5.6.0:
resolution: {integrity: sha512-BZua59yedRsaDfnxkzNrkyLCvluq2c3ZDBIz4joxSKtgr0xDQXQ5dzceMhf/TpTbAjaF+2NYIpLP3BEEIG2s/w==}
argparse@1.0.10:
resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==}
@@ -2059,9 +2049,6 @@ packages:
resolution: {integrity: sha512-RkaJzeJKDbaDWTIPiJwubyljaEPwpVWkm9Rt5h9Nd6h7tEXTJ3VB4qxdZBioV7JO5yLUaOKwz7vDOzlncUsegw==}
engines: {node: '>=10.0.0'}
bintrees@1.0.2:
resolution: {integrity: sha1-SfiW1uhYpKSZ34XDj7OZua/4QPg=}
body-parser@2.2.2:
resolution: {integrity: sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA==}
engines: {node: '>=18'}
@@ -3234,8 +3221,8 @@ packages:
resolution: {integrity: sha512-fu656aJ0n2kcXwsnwnv9g24tkU5uSmOlTjd6WyyaKm2Z+h1qmY6bAjrcaIxF/BslFqbZ8UBtbJi7KgQOZD2PTw==}
engines: {node: 20 || >=22}
minimatch@10.2.0:
resolution: {integrity: sha512-ugkC31VaVg9cF0DFVoADH12k6061zNZkZON+aX8AWsR9GhPcErkcMBceb6znR8wLERM2AkkOxy2nWRLpT9Jq5w==}
minimatch@10.2.1:
resolution: {integrity: sha512-MClCe8IL5nRRmawL6ib/eT4oLyeKMGCghibcDWK+J0hh0Q8kqSdia6BvbRMVk6mPa6WqUa5uR2oxt6C5jd533A==}
engines: {node: 20 || >=22}
minimatch@3.1.2:
@@ -3548,15 +3535,6 @@ packages:
resolution: {integrity: sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==}
engines: {node: '>=12'}
pidtree@0.6.0:
resolution: {integrity: sha512-eG2dWTVw5bzqGRztnHExczNxt5VGsE6OwTeCG3fdUf9KBsZzO3R5OIIIzWR+iZA0NtZ+RDVdaoE2dK1cn6jH4g==}
engines: {node: '>=0.10'}
hasBin: true
pidusage@4.0.1:
resolution: {integrity: sha512-yCH2dtLHfEBnzlHUJymR/Z1nN2ePG3m392Mv8TFlTP1B0xkpMQNHAnfkY0n2tAi6ceKO6YWhxYfZ96V4vVkh/g==}
engines: {node: '>=18'}
ping@0.4.4:
resolution: {integrity: sha512-56ZMC0j7SCsMMLdOoUg12VZCfj/+ZO+yfOSjaNCRrmZZr6GLbN2X/Ui56T15dI8NhiHckaw5X2pvyfAomanwqQ==}
engines: {node: '>=4.0.0'}
@@ -3576,10 +3554,6 @@ packages:
resolution: {integrity: sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==}
engines: {node: '>=0.4.0'}
prom-client@15.1.3:
resolution: {integrity: sha512-6ZiOBfCywsD4k1BN9IX0uZhF+tJkV8q8llP64G5Hajs4JOeVLPCwpPVcpXy3BwYiUGgyJzsJJQeOIv7+hDSq8g==}
engines: {node: ^16 || ^18 || >=20}
property-information@7.1.0:
resolution: {integrity: sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ==}
@@ -3610,8 +3584,8 @@ packages:
prosemirror-markdown@1.13.4:
resolution: {integrity: sha512-D98dm4cQ3Hs6EmjK500TdAOew4Z03EV71ajEFiWra3Upr7diytJsjF4mPV2dW+eK5uNectiRj0xFxYI9NLXDbw==}
prosemirror-menu@1.2.5:
resolution: {integrity: sha512-qwXzynnpBIeg1D7BAtjOusR+81xCp53j7iWu/IargiRZqRjGIlQuu1f3jFi+ehrHhWMLoyOQTSRx/IWZJqOYtQ==}
prosemirror-menu@1.3.0:
resolution: {integrity: sha512-TImyPXCHPcDsSka2/lwJ6WjTASr4re/qWq1yoTTuLOqfXucwF6VcRa2LWCkM/EyTD1UO3CUwiH8qURJoWJRxwg==}
prosemirror-model@1.25.4:
resolution: {integrity: sha512-PIM7E43PBxKce8OQeezAs9j4TP+5yDpZVbuurd1h5phUxEKIu+G2a+EUZzIC5nS1mJktDJWzbqS23n1tsAf5QA==}
@@ -3978,9 +3952,6 @@ packages:
tar-stream@3.1.7:
resolution: {integrity: sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==}
tdigest@0.1.2:
resolution: {integrity: sha512-+G0LLgjjo9BZX2MfdvPfH+MKLCrxlXSYec5DaPYP1fe6Iyhf0/fSmJ0bFiZ1F8BT6cGXl2LpltQptzjXKWEkKA==}
text-decoder@1.2.3:
resolution: {integrity: sha512-3/o9z3X0X0fTupwsYvR03pJ/DjWuqqrfwBgTQzdWDiQSm9KitAyz/9WqsT2JQW7KV2m+bC2ol/zqpW37NHxLaA==}
@@ -4089,8 +4060,8 @@ packages:
undici-types@6.21.0:
resolution: {integrity: sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==}
undici-types@7.16.0:
resolution: {integrity: sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==}
undici-types@7.18.2:
resolution: {integrity: sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==}
unified@11.0.5:
resolution: {integrity: sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA==}
@@ -4247,13 +4218,11 @@ packages:
xterm-addon-fit@0.8.0:
resolution: {integrity: sha512-yj3Np7XlvxxhYF/EJ7p3KHaMt6OdwQ+HDu573Vx1lRXsVxOcnVJs51RgjZOouIZOczTsskaS+CpXspK81/DLqw==}
deprecated: This package is now deprecated. Move to @xterm/addon-fit instead.
peerDependencies:
xterm: ^5.0.0
xterm@5.3.0:
resolution: {integrity: sha512-8QqjlekLUFTrU6x7xck1MsPzPA571K5zNqWm0M0oroYEWVOptZ0+ubQSkQ3uxIEhcIHRujJy6emDWX4A7qyFzg==}
deprecated: This package is now deprecated. Move to @xterm/xterm instead.
y18n@5.0.8:
resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==}
@@ -4325,7 +4294,7 @@ snapshots:
'@push.rocks/smartfeed': 1.4.0
'@push.rocks/smartfile': 11.2.7
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartlog-destination-devtools': 1.0.12
'@push.rocks/smartlog-interfaces': 3.0.2
'@push.rocks/smartmanifest': 2.0.2
@@ -4365,7 +4334,7 @@ snapshots:
'@api.global/typedrequest-interfaces': 3.0.19
'@api.global/typedsocket': 4.1.0(@push.rocks/smartserve@2.0.1)
'@cloudflare/workers-types': 4.20260210.0
'@design.estate/dees-catalog': 3.42.2(@tiptap/pm@2.27.2)
'@design.estate/dees-catalog': 3.43.1(@tiptap/pm@2.27.2)
'@design.estate/dees-comms': 1.0.30
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
@@ -4374,7 +4343,7 @@ snapshots:
'@push.rocks/smartfile': 13.1.2
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartlog-destination-devtools': 1.0.12
'@push.rocks/smartlog-interfaces': 3.0.2
'@push.rocks/smartmanifest': 2.0.2
@@ -4441,7 +4410,7 @@ snapshots:
'@apiclient.xyz/cloudflare@7.1.0':
dependencies:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrequest': 5.0.1
'@push.rocks/smartstring': 4.1.0
@@ -4963,7 +4932,7 @@ snapshots:
dependencies:
'@api.global/typedrequest-interfaces': 3.0.19
'@design.estate/dees-catalog@3.42.2(@tiptap/pm@2.27.2)':
'@design.estate/dees-catalog@3.43.1(@tiptap/pm@2.27.2)':
dependencies:
'@design.estate/dees-domtools': 2.3.8
'@design.estate/dees-element': 2.1.6
@@ -4983,7 +4952,7 @@ snapshots:
'@tiptap/extension-underline': 2.27.2(@tiptap/core@2.27.2(@tiptap/pm@2.27.2))
'@tiptap/starter-kit': 2.27.2
'@tsclass/tsclass': 9.3.0
apexcharts: 5.5.0
apexcharts: 5.6.0
highlight.js: 11.11.1
ibantools: 4.5.1
lucide: 0.564.0
@@ -5175,7 +5144,7 @@ snapshots:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfile': 13.1.2
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartpromise': 4.2.3
typescript: 5.9.3
@@ -5196,7 +5165,7 @@ snapshots:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartinteract': 2.0.16
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartlog-destination-local': 9.0.2
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartpromise': 4.2.3
@@ -5222,7 +5191,7 @@ snapshots:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfile': 13.1.2
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartnpm': 2.0.6
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartrequest': 5.0.1
@@ -5257,7 +5226,7 @@ snapshots:
'@push.rocks/smartexpect': 2.5.0
'@push.rocks/smartfile': 11.2.7
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartmongo': 2.2.0(socks@2.8.7)
'@push.rocks/smartnetwork': 4.4.0
'@push.rocks/smartpath': 6.0.0
@@ -5303,7 +5272,7 @@ snapshots:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartinteract': 2.0.16
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartlog-destination-local': 9.0.2
'@push.rocks/smartshell': 3.3.0
'@push.rocks/smartwatch': 6.3.0
@@ -5472,52 +5441,52 @@ snapshots:
dependencies:
sparse-bitfield: 3.0.3
'@napi-rs/canvas-android-arm64@0.1.92':
'@napi-rs/canvas-android-arm64@0.1.93':
optional: true
'@napi-rs/canvas-darwin-arm64@0.1.92':
'@napi-rs/canvas-darwin-arm64@0.1.93':
optional: true
'@napi-rs/canvas-darwin-x64@0.1.92':
'@napi-rs/canvas-darwin-x64@0.1.93':
optional: true
'@napi-rs/canvas-linux-arm-gnueabihf@0.1.92':
'@napi-rs/canvas-linux-arm-gnueabihf@0.1.93':
optional: true
'@napi-rs/canvas-linux-arm64-gnu@0.1.92':
'@napi-rs/canvas-linux-arm64-gnu@0.1.93':
optional: true
'@napi-rs/canvas-linux-arm64-musl@0.1.92':
'@napi-rs/canvas-linux-arm64-musl@0.1.93':
optional: true
'@napi-rs/canvas-linux-riscv64-gnu@0.1.92':
'@napi-rs/canvas-linux-riscv64-gnu@0.1.93':
optional: true
'@napi-rs/canvas-linux-x64-gnu@0.1.92':
'@napi-rs/canvas-linux-x64-gnu@0.1.93':
optional: true
'@napi-rs/canvas-linux-x64-musl@0.1.92':
'@napi-rs/canvas-linux-x64-musl@0.1.93':
optional: true
'@napi-rs/canvas-win32-arm64-msvc@0.1.92':
'@napi-rs/canvas-win32-arm64-msvc@0.1.93':
optional: true
'@napi-rs/canvas-win32-x64-msvc@0.1.92':
'@napi-rs/canvas-win32-x64-msvc@0.1.93':
optional: true
'@napi-rs/canvas@0.1.92':
'@napi-rs/canvas@0.1.93':
optionalDependencies:
'@napi-rs/canvas-android-arm64': 0.1.92
'@napi-rs/canvas-darwin-arm64': 0.1.92
'@napi-rs/canvas-darwin-x64': 0.1.92
'@napi-rs/canvas-linux-arm-gnueabihf': 0.1.92
'@napi-rs/canvas-linux-arm64-gnu': 0.1.92
'@napi-rs/canvas-linux-arm64-musl': 0.1.92
'@napi-rs/canvas-linux-riscv64-gnu': 0.1.92
'@napi-rs/canvas-linux-x64-gnu': 0.1.92
'@napi-rs/canvas-linux-x64-musl': 0.1.92
'@napi-rs/canvas-win32-arm64-msvc': 0.1.92
'@napi-rs/canvas-win32-x64-msvc': 0.1.92
'@napi-rs/canvas-android-arm64': 0.1.93
'@napi-rs/canvas-darwin-arm64': 0.1.93
'@napi-rs/canvas-darwin-x64': 0.1.93
'@napi-rs/canvas-linux-arm-gnueabihf': 0.1.93
'@napi-rs/canvas-linux-arm64-gnu': 0.1.93
'@napi-rs/canvas-linux-arm64-musl': 0.1.93
'@napi-rs/canvas-linux-riscv64-gnu': 0.1.93
'@napi-rs/canvas-linux-x64-gnu': 0.1.93
'@napi-rs/canvas-linux-x64-musl': 0.1.93
'@napi-rs/canvas-win32-arm64-msvc': 0.1.93
'@napi-rs/canvas-win32-x64-msvc': 0.1.93
optional: true
'@napi-rs/wasm-runtime@1.0.7':
@@ -5534,8 +5503,6 @@ snapshots:
'@tybys/wasm-util': 0.10.1
optional: true
'@opentelemetry/api@1.9.0': {}
'@oxc-project/types@0.99.0': {}
'@pdf-lib/standard-fonts@1.0.0':
@@ -5738,7 +5705,7 @@ snapshots:
'@push.rocks/qenv': 6.1.3
'@push.rocks/smartfile': 11.2.7
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
@@ -5762,7 +5729,7 @@ snapshots:
'@api.global/typedrequest': 3.2.6
'@configvault.io/interfaces': 1.0.17
'@push.rocks/smartfile': 11.2.7
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartacme@9.1.3(socks@2.8.7)':
@@ -5772,8 +5739,8 @@ snapshots:
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdata': 7.0.15(socks@2.8.7)
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartdns': 7.8.1
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartdns': 7.9.0
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartnetwork': 4.4.0
'@push.rocks/smartstring': 4.1.0
'@push.rocks/smarttime': 4.2.3
@@ -5883,7 +5850,7 @@ snapshots:
'@push.rocks/smartcli@4.0.20':
dependencies:
'@push.rocks/lik': 6.2.2
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartobject': 1.0.12
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
@@ -5908,7 +5875,7 @@ snapshots:
dependencies:
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartmongo': 2.2.0(socks@2.8.7)
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
@@ -5937,7 +5904,7 @@ snapshots:
dependencies:
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartmongo': 2.2.0(socks@2.8.7)
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
@@ -5966,7 +5933,7 @@ snapshots:
dependencies:
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartdns@7.8.1':
'@push.rocks/smartdns@7.9.0':
dependencies:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartenv': 6.0.0
@@ -5974,7 +5941,7 @@ snapshots:
'@push.rocks/smartrust': 1.2.1
'@tsclass/tsclass': 9.3.0
acme-client: 5.4.0
minimatch: 10.2.0
minimatch: 10.2.1
transitivePeerDependencies:
- supports-color
@@ -6129,7 +6096,7 @@ snapshots:
'@api.global/typedrequest-interfaces': 2.0.2
'@tsclass/tsclass': 4.4.4
'@push.rocks/smartlog@3.1.11':
'@push.rocks/smartlog@3.2.1':
dependencies:
'@api.global/typedrequest-interfaces': 3.0.19
'@push.rocks/consolecolor': 2.0.3
@@ -6138,13 +6105,13 @@ snapshots:
'@push.rocks/smartfile': 11.2.7
'@push.rocks/smarthash': 3.2.6
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smarttime': 4.1.1
'@push.rocks/webrequest': 4.0.1
'@push.rocks/smarttime': 4.2.3
'@push.rocks/webrequest': 4.0.2
'@tsclass/tsclass': 9.3.0
'@push.rocks/smartmail@2.2.0':
dependencies:
'@push.rocks/smartdns': 7.8.1
'@push.rocks/smartdns': 7.9.0
'@push.rocks/smartfile': 13.1.2
'@push.rocks/smartmustache': 3.0.2
'@push.rocks/smartpath': 6.0.0
@@ -6173,14 +6140,10 @@ snapshots:
dependencies:
matcher: 5.0.0
'@push.rocks/smartmetrics@2.0.10':
'@push.rocks/smartmetrics@3.0.1':
dependencies:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@types/pidusage': 2.0.5
pidtree: 0.6.0
pidusage: 4.0.1
prom-client: 15.1.3
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartmime@1.0.6':
dependencies:
@@ -6249,7 +6212,7 @@ snapshots:
dependencies:
'@push.rocks/smartfile': 13.1.2
'@push.rocks/smartfs': 1.3.1
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartmail': 2.2.0
'@push.rocks/smartpath': 6.0.0
'@push.rocks/smartrust': 1.2.1
@@ -6266,7 +6229,7 @@ snapshots:
'@push.rocks/smartnetwork@4.4.0':
dependencies:
'@push.rocks/smartdns': 7.8.1
'@push.rocks/smartdns': 7.9.0
'@push.rocks/smartping': 1.0.8
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartstring': 4.1.0
@@ -6352,13 +6315,13 @@ snapshots:
'@push.rocks/smartpromise@4.2.3': {}
'@push.rocks/smartproxy@25.7.3':
'@push.rocks/smartproxy@25.7.9':
dependencies:
'@push.rocks/smartcrypto': 2.0.4
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartrust': 1.2.1
'@tsclass/tsclass': 9.3.0
minimatch: 10.2.0
minimatch: 10.2.1
'@push.rocks/smartpuppeteer@2.0.5(typescript@5.9.3)':
dependencies:
@@ -6436,7 +6399,7 @@ snapshots:
'@cfworker/json-schema': 4.1.1
'@push.rocks/lik': 6.2.2
'@push.rocks/smartenv': 6.0.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpath': 6.0.0
ws: 8.19.0
transitivePeerDependencies:
@@ -6471,7 +6434,7 @@ snapshots:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartenv': 5.0.13
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
'@push.rocks/smarttime': 4.1.1
@@ -6586,7 +6549,7 @@ snapshots:
'@design.estate/dees-element': 2.1.6
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
'@push.rocks/smarttime': 4.1.1
@@ -6602,7 +6565,7 @@ snapshots:
'@design.estate/dees-element': 2.1.6
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
'@push.rocks/smarttime': 4.1.1
@@ -6618,7 +6581,7 @@ snapshots:
'@design.estate/dees-element': 2.1.6
'@push.rocks/lik': 6.2.2
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartlog': 3.1.11
'@push.rocks/smartlog': 3.2.1
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/smartrx': 3.0.10
'@push.rocks/smarttime': 4.2.3
@@ -6637,14 +6600,6 @@ snapshots:
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/webstore': 2.0.20
'@push.rocks/webrequest@4.0.1':
dependencies:
'@push.rocks/smartdelay': 3.0.5
'@push.rocks/smartenv': 5.0.13
'@push.rocks/smartjson': 5.2.0
'@push.rocks/smartpromise': 4.2.3
'@push.rocks/webstore': 2.0.20
'@push.rocks/webrequest@4.0.2':
dependencies:
'@push.rocks/smartdelay': 3.0.5
@@ -6830,7 +6785,7 @@ snapshots:
'@push.rocks/smartlog-interfaces': 3.0.2
'@tsclass/tsclass': 9.3.0
'@serve.zone/remoteingress@3.0.2':
'@serve.zone/remoteingress@4.0.0':
dependencies:
'@push.rocks/qenv': 6.1.3
'@push.rocks/smartrust': 1.2.1
@@ -7301,7 +7256,7 @@ snapshots:
prosemirror-inputrules: 1.5.1
prosemirror-keymap: 1.2.3
prosemirror-markdown: 1.13.4
prosemirror-menu: 1.2.5
prosemirror-menu: 1.3.0
prosemirror-model: 1.25.4
prosemirror-schema-basic: 1.2.4
prosemirror-schema-list: 1.5.1
@@ -7362,22 +7317,22 @@ snapshots:
'@types/body-parser@1.19.6':
dependencies:
'@types/connect': 3.4.38
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/buffer-json@2.0.3': {}
'@types/clean-css@4.2.11':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
source-map: 0.6.1
'@types/connect@3.4.38':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/cors@2.8.19':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/debug@4.1.12':
dependencies:
@@ -7385,7 +7340,7 @@ snapshots:
'@types/express-serve-static-core@5.1.1':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/qs': 6.14.0
'@types/range-parser': 1.2.7
'@types/send': 1.2.1
@@ -7398,17 +7353,17 @@ snapshots:
'@types/from2@2.3.6':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/fs-extra@11.0.4':
dependencies:
'@types/jsonfile': 6.1.4
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/glob@8.1.0':
dependencies:
'@types/minimatch': 5.1.2
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/hast@3.0.4':
dependencies:
@@ -7430,12 +7385,12 @@ snapshots:
'@types/jsonfile@6.1.4':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/jsonwebtoken@9.0.10':
dependencies:
'@types/ms': 2.1.0
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/linkify-it@5.0.0': {}
@@ -7458,16 +7413,16 @@ snapshots:
'@types/mute-stream@0.0.4':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/node-fetch@2.6.13':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
form-data: 4.0.5
'@types/node-forge@1.3.14':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/node@18.19.130':
dependencies:
@@ -7477,11 +7432,9 @@ snapshots:
dependencies:
undici-types: 6.21.0
'@types/node@25.2.3':
'@types/node@25.3.0':
dependencies:
undici-types: 7.16.0
'@types/pidusage@2.0.5': {}
undici-types: 7.18.2
'@types/ping@0.4.4': {}
@@ -7497,22 +7450,22 @@ snapshots:
'@types/send@1.2.1':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/serve-static@2.2.0':
dependencies:
'@types/http-errors': 2.0.5
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/symbol-tree@3.2.5': {}
'@types/tar-stream@3.1.4':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/through2@2.0.41':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/trusted-types@2.0.7': {}
@@ -7542,11 +7495,11 @@ snapshots:
'@types/ws@8.18.1':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
'@types/yauzl@2.10.3':
dependencies:
'@types/node': 25.2.3
'@types/node': 25.3.0
optional: true
'@ungap/structured-clone@1.3.0': {}
@@ -7605,7 +7558,7 @@ snapshots:
ansi-styles@6.2.3: {}
apexcharts@5.5.0:
apexcharts@5.6.0:
dependencies:
'@yr/monotone-cubic-spline': 1.0.3
@@ -7692,8 +7645,6 @@ snapshots:
basic-ftp@5.1.0: {}
bintrees@1.0.2: {}
body-parser@2.2.2:
dependencies:
bytes: 3.1.2
@@ -8019,7 +7970,7 @@ snapshots:
engine.io@6.6.4:
dependencies:
'@types/cors': 2.8.19
'@types/node': 25.2.3
'@types/node': 25.3.0
accepts: 1.3.8
base64id: 2.0.0
cookie: 0.7.2
@@ -9163,7 +9114,7 @@ snapshots:
dependencies:
'@isaacs/brace-expansion': 5.0.1
minimatch@10.2.0:
minimatch@10.2.1:
dependencies:
brace-expansion: 5.0.2
@@ -9427,7 +9378,7 @@ snapshots:
pdfjs-dist@4.10.38:
optionalDependencies:
'@napi-rs/canvas': 0.1.92
'@napi-rs/canvas': 0.1.93
peberminta@0.9.0: {}
@@ -9439,12 +9390,6 @@ snapshots:
picomatch@4.0.3: {}
pidtree@0.6.0: {}
pidusage@4.0.1:
dependencies:
safe-buffer: 5.2.1
ping@0.4.4: {}
pkg-dir@4.2.0:
@@ -9459,11 +9404,6 @@ snapshots:
progress@2.0.3: {}
prom-client@15.1.3:
dependencies:
'@opentelemetry/api': 1.9.0
tdigest: 0.1.2
property-information@7.1.0: {}
prosemirror-changeset@2.4.0:
@@ -9516,7 +9456,7 @@ snapshots:
markdown-it: 14.1.1
prosemirror-model: 1.25.4
prosemirror-menu@1.2.5:
prosemirror-menu@1.3.0:
dependencies:
crelt: 1.0.6
prosemirror-commands: 1.7.1
@@ -10050,10 +9990,6 @@ snapshots:
- bare-abort-controller
- react-native-b4a
tdigest@0.1.2:
dependencies:
bintrees: 1.0.2
text-decoder@1.2.3:
dependencies:
b4a: 1.7.3
@@ -10152,7 +10088,7 @@ snapshots:
undici-types@6.21.0: {}
undici-types@7.16.0: {}
undici-types@7.18.2: {}
unified@11.0.5:
dependencies:

173
readme.md
View File

@@ -4,7 +4,7 @@
**dcrouter: The all-in-one gateway for your datacenter.** 🚀
A comprehensive traffic routing solution that provides unified gateway capabilities for HTTP/HTTPS, TCP/SNI, email (SMTP), DNS, and RADIUS protocols. Designed for enterprises requiring robust traffic management, automatic TLS certificate provisioning, and enterprise-grade email infrastructure — all from a single process.
A comprehensive traffic routing solution that provides unified gateway capabilities for HTTP/HTTPS, TCP/SNI, email (SMTP), DNS, RADIUS, and remote edge ingress — all from a single process. Designed for enterprises requiring robust traffic management, automatic TLS certificate provisioning, distributed edge networking, and enterprise-grade email infrastructure.
## Issue Reporting and Security
@@ -21,6 +21,7 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
- [Email System](#email-system)
- [DNS Server](#dns-server)
- [RADIUS Server](#radius-server)
- [Remote Ingress](#remote-ingress)
- [Certificate Management](#certificate-management)
- [Storage & Caching](#storage--caching)
- [Security Features](#security-features)
@@ -60,6 +61,14 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
- **RADIUS accounting** for session tracking, traffic metering, and billing
- **Real-time management** via OpsServer API
### 🌍 Remote Ingress (powered by [remoteingress](https://code.foss.global/serve.zone/remoteingress))
- **Distributed edge networking** — accept traffic at remote edge nodes and tunnel it to the hub
- **Edge registration CRUD** with secret-based authentication
- **Auto-derived ports** — edges automatically pick up ports from routes tagged with `remoteIngress.enabled`
- **Connection tokens** — generate a single opaque base64url token containing hubHost, hubPort, edgeId, and secret for easy edge provisioning
- **Real-time status monitoring** — connected/disconnected state, public IP, active tunnels, heartbeat tracking
- **OpsServer dashboard** with enable/disable, edit, secret regeneration, token copy, and delete actions
### ⚡ High Performance
- **Rust-powered proxy engine** via SmartProxy for maximum throughput
- **Rust-powered MTA engine** via smartmta (TypeScript + Rust hybrid) for reliable email delivery
@@ -76,8 +85,9 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
### 🖥️ OpsServer Dashboard
- **Web-based management interface** with real-time monitoring
- **JWT authentication** with session persistence
- **Live views** for connections, email queues, DNS queries, RADIUS sessions, certificates, and security events
- **Live views** for connections, email queues, DNS queries, RADIUS sessions, certificates, remote ingress edges, and security events
- **Domain-centric certificate overview** with backoff status and one-click reprovisioning
- **Remote ingress management** with connection token generation and one-click copy
- **Read-only configuration display** — DcRouter is configured through code
## Installation
@@ -219,6 +229,13 @@ const router = new DcRouter({
accounting: { enabled: true, retentionDays: 30 }
},
// Remote Ingress — edge nodes tunnel traffic to this hub
remoteIngressConfig: {
enabled: true,
tunnelPort: 8443,
hubDomain: 'hub.example.com',
},
// Persistent storage
storage: { fsPath: '/var/lib/dcrouter/data' },
@@ -246,6 +263,7 @@ graph TB
TCP[TCP Clients]
DNS[DNS Queries]
RAD[RADIUS Clients]
EDGE[Edge Nodes]
end
subgraph "DcRouter Core"
@@ -254,6 +272,7 @@ graph TB
ES[smartmta Email Server<br/><i>TypeScript + Rust</i>]
DS[SmartDNS Server<br/><i>Rust-powered</i>]
RS[SmartRadius Server]
RI[RemoteIngress Hub<br/><i>Rust data plane</i>]
CM[Certificate Manager<br/><i>smartacme v9</i>]
OS[OpsServer Dashboard]
MM[Metrics Manager]
@@ -273,11 +292,13 @@ graph TB
SMTP --> ES
DNS --> DS
RAD --> RS
EDGE --> RI
DC --> SP
DC --> ES
DC --> DS
DC --> RS
DC --> RI
DC --> CM
DC --> OS
DC --> MM
@@ -288,6 +309,7 @@ graph TB
SP --> API
ES --> MAIL
ES --> DB
RI --> SP
CM -.-> SP
CM -.-> ES
@@ -303,6 +325,7 @@ graph TB
| **DNS Server** | `@push.rocks/smartdns` | Authoritative DNS with dynamic records and DKIM TXT auto-generation (Rust engine) |
| **SmartAcme** | `@push.rocks/smartacme` | ACME certificate management with per-domain dedup, concurrency control, and rate limiting |
| **RADIUS Server** | `@push.rocks/smartradius` | Network authentication with MAB, VLAN assignment, and accounting |
| **RemoteIngress** | `@serve.zone/remoteingress` | Distributed edge tunneling with Rust data plane and TS management |
| **OpsServer** | `@api.global/typedserver` | Web dashboard + TypedRequest API for monitoring and management |
| **MetricsManager** | `@push.rocks/smartmetrics` | Real-time metrics collection (CPU, memory, email, DNS, security) |
| **StorageManager** | built-in | Pluggable key-value storage (filesystem, custom, or in-memory) |
@@ -312,19 +335,20 @@ graph TB
DcRouter acts purely as an **orchestrator** — it doesn't implement protocols itself. Instead, it wires together best-in-class packages for each protocol:
1. **On `start()`**: DcRouter initializes OpsServer (port 3000), then spins up SmartProxy, smartmta, SmartDNS, and SmartRadius based on which configs are provided.
2. **During operation**: Each service handles its own protocol independently. SmartProxy uses a Rust-powered engine for maximum throughput. smartmta uses a hybrid TypeScript + Rust architecture for reliable email delivery. SmartAcme v9 handles all certificate operations with built-in concurrency control and rate limiting.
1. **On `start()`**: DcRouter initializes OpsServer (port 3000), then spins up SmartProxy, smartmta, SmartDNS, SmartRadius, and RemoteIngress based on which configs are provided.
2. **During operation**: Each service handles its own protocol independently. SmartProxy uses a Rust-powered engine for maximum throughput. smartmta uses a hybrid TypeScript + Rust architecture for reliable email delivery. RemoteIngress runs a Rust data plane for edge tunnel networking. SmartAcme v9 handles all certificate operations with built-in concurrency control and rate limiting.
3. **On `stop()`**: All services are gracefully shut down in parallel, including cleanup of HTTP agents and DNS clients.
### Rust-Powered Architecture
DcRouter itself is a pure TypeScript orchestrator, but three of its core sub-components ship with **compiled Rust binaries** for performance-critical paths. At runtime each package detects the platform, unpacks the correct binary, and communicates with TypeScript over IPC/FFI — so you get the ergonomics of TypeScript with the throughput of native code.
DcRouter itself is a pure TypeScript orchestrator, but several of its core sub-components ship with **compiled Rust binaries** for performance-critical paths. At runtime each package detects the platform, unpacks the correct binary, and communicates with TypeScript over IPC/FFI — so you get the ergonomics of TypeScript with the throughput of native code.
| Component | Rust Binary | What It Handles |
|-----------|-------------|-----------------|
| **SmartProxy** | `smartproxy-bin` | All TCP/TLS/HTTP proxy networking, NFTables integration, connection metrics |
| **smartmta** | `mailer-bin` | SMTP server + client, DKIM/SPF/DMARC, content scanning, IP reputation |
| **SmartDNS** | `smartdns-bin` | DNS server (UDP + DNS-over-HTTPS), DNSSEC, DNS client resolution |
| **RemoteIngress** | `remoteingress-bin` | Edge tunnel data plane, multiplexed streams, heartbeat management |
| **SmartRadius** | — | Pure TypeScript (no Rust component) |
## Configuration Reference
@@ -333,6 +357,10 @@ DcRouter itself is a pure TypeScript orchestrator, but three of its core sub-com
```typescript
interface IDcRouterOptions {
// ── Base ───────────────────────────────────────────────────────
/** Base directory for all dcrouter data. Defaults to ~/.serve.zone/dcrouter */
baseDir?: string;
// ── Traffic Routing ────────────────────────────────────────────
/** SmartProxy config for HTTP/HTTPS and TCP/SNI routing */
smartProxyConfig?: ISmartProxyOptions;
@@ -376,6 +404,18 @@ interface IDcRouterOptions {
accounting?: { enabled: boolean; retentionDays?: number };
};
// ── Remote Ingress ─────────────────────────────────────────────
/** Remote Ingress hub for edge tunnel connections */
remoteIngressConfig?: {
enabled?: boolean; // default: false
tunnelPort?: number; // default: 8443
hubDomain?: string; // External hostname for connection tokens
tls?: {
certPath?: string;
keyPath?: string;
};
};
// ── TLS & Certificates ────────────────────────────────────────
tls?: {
contactEmail: string;
@@ -701,6 +741,107 @@ RADIUS is fully manageable at runtime via the OpsServer API:
- Session monitoring and forced disconnects
- Accounting summaries and statistics
## Remote Ingress
DcRouter can act as a **hub** for distributed edge nodes using [`@serve.zone/remoteingress`](https://code.foss.global/serve.zone/remoteingress). Edge nodes accept incoming traffic at remote locations and tunnel it back to the hub over a single multiplexed connection. This is ideal for scenarios where you need to accept traffic at multiple geographic locations but process it centrally.
### Enabling Remote Ingress
```typescript
const router = new DcRouter({
remoteIngressConfig: {
enabled: true,
tunnelPort: 8443,
hubDomain: 'hub.example.com', // Embedded in connection tokens
},
// Routes tagged with remoteIngress are auto-derived to edge listen ports
smartProxyConfig: {
routes: [
{
name: 'web-via-edge',
match: { domains: ['app.example.com'], ports: [443] },
action: {
type: 'forward',
targets: [{ host: '192.168.1.10', port: 8080 }],
tls: { mode: 'terminate', certificate: 'auto' }
},
remoteIngress: { enabled: true } // Edges will listen on port 443
}
]
}
});
await router.start();
```
### Edge Registration
Edges are registered via the OpsServer API (or dashboard UI). Each edge gets a unique ID and secret:
```typescript
// Via TypedRequest API
const createReq = new TypedRequest<IReq_CreateRemoteIngress>(
'https://hub:3000/typedrequest', 'createRemoteIngress'
);
const { edge } = await createReq.fire({
identity,
name: 'edge-nyc-01',
autoDerivePorts: true,
tags: ['us-east'],
});
// edge.secret is returned only on creation — save it!
```
### Connection Tokens 🔑
Instead of configuring edges with four separate values (hubHost, hubPort, edgeId, secret), DcRouter can generate a single **connection token** — an opaque base64url string that encodes everything:
```typescript
// Via TypedRequest API
const tokenReq = new TypedRequest<IReq_GetRemoteIngressConnectionToken>(
'https://hub:3000/typedrequest', 'getRemoteIngressConnectionToken'
);
const { token } = await tokenReq.fire({ identity, edgeId: 'edge-uuid' });
// token = "eyJoIjoiaHViLmV4YW1wbGUuY29tIiwicCI6ODQ0MywiZSI6I..."
// On the edge side, just pass the token:
const edge = new RemoteIngressEdge({ token });
await edge.start();
```
The token is generated using `remoteingress.encodeConnectionToken()` and contains `{ hubHost, hubPort, edgeId, secret }`. The `hubHost` comes from `remoteIngressConfig.hubDomain` (or can be overridden per-request).
In the OpsServer dashboard, click **"Copy Token"** on any edge row to copy the connection token to your clipboard.
### Auto-Derived Ports
When routes have `remoteIngress: { enabled: true }`, edges with `autoDerivePorts: true` (default) automatically pick up those routes' ports. You can also use `edgeFilter` to restrict which edges get which ports:
```typescript
{
name: 'web-route',
match: { ports: [443] },
action: { /* ... */ },
remoteIngress: {
enabled: true,
edgeFilter: ['us-east', 'edge-uuid-123'] // Only edges with matching id or tags
}
}
```
### Dashboard Actions
The OpsServer Remote Ingress view provides:
| Action | Description |
|--------|-------------|
| **Create Edge Node** | Register a new edge with name, ports, tags |
| **Enable / Disable** | Toggle an edge on or off |
| **Edit** | Modify name, manual ports, auto-derive setting, tags |
| **Regenerate Secret** | Issue a new secret (invalidates the old one) |
| **Copy Token** | Generate and copy a base64url connection token to clipboard |
| **Delete** | Remove the edge registration |
## Certificate Management
DcRouter uses [`@push.rocks/smartacme`](https://code.foss.global/push.rocks/smartacme) v9 for ACME certificate provisioning. smartacme v9 brings significant improvements over previous versions:
@@ -767,6 +908,7 @@ The OpsServer includes a **Certificates** view showing:
- Expiry dates and issuer information
- Backoff status for failed domains
- One-click reprovisioning per domain
- Certificate import and export
## Storage & Caching
@@ -788,7 +930,7 @@ storage: {
// Simply omit the storage config
```
Used for: TLS certificates, DKIM keys, email routes, bounce/suppression lists, IP reputation data, domain configs, cert backoff state.
Used for: TLS certificates, DKIM keys, email routes, bounce/suppression lists, IP reputation data, domain configs, cert backoff state, remote ingress edge registrations.
### Cache Database
@@ -874,7 +1016,8 @@ The OpsServer provides a web-based management interface served on port 3000. It'
| 📊 **Overview** | Real-time server stats, CPU/memory, connection counts, email throughput |
| 🌐 **Network** | Active connections, top IPs, throughput rates, SmartProxy metrics |
| 📧 **Email** | Queue monitoring (queued/sent/failed), bounce records, security incidents |
| 🔐 **Certificates** | Domain-centric certificate overview, status, backoff info, reprovisioning |
| 🔐 **Certificates** | Domain-centric certificate overview, status, backoff info, reprovisioning, import/export |
| 🌍 **RemoteIngress** | Edge node management, connection status, token generation, enable/disable |
| 📜 **Logs** | Real-time log viewer with level filtering and search |
| ⚙️ **Configuration** | Read-only view of current system configuration |
| 🛡️ **Security** | IP reputation, rate limit status, blocked connections |
@@ -906,6 +1049,18 @@ All management is done via TypedRequest over HTTP POST to `/typedrequest`:
'getCertificateOverview' // Domain-centric certificate status
'reprovisionCertificate' // Reprovision by route name (legacy)
'reprovisionCertificateDomain' // Reprovision by domain (preferred)
'importCertificate' // Import a certificate
'exportCertificate' // Export a certificate
'deleteCertificate' // Delete a certificate
// Remote Ingress
'getRemoteIngresses' // List all edge registrations
'createRemoteIngress' // Register a new edge
'updateRemoteIngress' // Update edge settings
'deleteRemoteIngress' // Remove an edge
'regenerateRemoteIngressSecret' // Issue a new secret
'getRemoteIngressStatus' // Runtime status of all edges
'getRemoteIngressConnectionToken' // Generate a connection token for an edge
// Configuration (read-only)
'getConfiguration' // Current system config
@@ -957,6 +1112,8 @@ const router = new DcRouter(options: IDcRouterOptions);
| `emailServer` | `UnifiedEmailServer` | Email server instance (from smartmta) |
| `dnsServer` | `DnsServer` | DNS server instance |
| `radiusServer` | `RadiusServer` | RADIUS server instance |
| `remoteIngressManager` | `RemoteIngressManager` | Edge registration CRUD manager |
| `tunnelManager` | `TunnelManager` | Tunnel lifecycle and status manager |
| `storageManager` | `StorageManager` | Storage backend |
| `opsServer` | `OpsServer` | OpsServer/dashboard instance |
| `metricsManager` | `MetricsManager` | Metrics collector |
@@ -1000,7 +1157,7 @@ import { data, requests } from '@serve.zone/dcrouter/interfaces';
DcRouter includes a comprehensive test suite covering all system components:
```bash
# Run all tests (10 files, 73 tests)
# Run all tests
pnpm test
# Run a specific test file

2
ts/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@serve.zone/dcrouter',
version: '6.5.0',
version: '7.4.2',
description: 'A multifaceted routing service handling mail and SMS delivery functions.'
}

7
ts/classes.cert-provision-scheduler.ts
View File

@@ -106,6 +106,13 @@ export class CertProvisionScheduler {
}
}
/**
* Clear all in-memory backoff cache entries
*/
public clear(): void {
this.backoffCache.clear();
}
/**
* Get backoff info for UI display
*/

240
ts/classes.dcrouter.ts
View File

@@ -166,6 +166,8 @@ export interface IDcRouterOptions {
enabled?: boolean;
/** Port for tunnel connections from edge nodes (default: 8443) */
tunnelPort?: number;
/** External hostname of this hub, embedded in connection tokens */
hubDomain?: string;
/** TLS configuration for the tunnel server */
tls?: {
certPath?: string;
@@ -250,9 +252,7 @@ export class DcRouter {
}
public async start() {
console.log('╔═══════════════════════════════════════════════════════════════════╗');
console.log('║ Starting DcRouter Services ║');
console.log('╚═══════════════════════════════════════════════════════════════════╝');
logger.log('info', 'Starting DcRouter Services');
this.opsServer = new OpsServer(this);
@@ -294,7 +294,7 @@ export class DcRouter {
this.logStartupSummary();
} catch (error) {
console.error('❌ Error starting DcRouter:', error);
logger.log('error', 'Error starting DcRouter', { error: String(error) });
// Try to clean up any services that may have started
await this.stop();
throw error;
@@ -305,104 +305,60 @@ export class DcRouter {
* Log comprehensive startup summary
*/
private logStartupSummary(): void {
console.log('\n╔═══════════════════════════════════════════════════════════════════╗');
console.log('║ DcRouter Started Successfully ║');
console.log('╚═══════════════════════════════════════════════════════════════════╝\n');
logger.log('info', 'DcRouter Started Successfully');
// Metrics summary
if (this.metricsManager) {
console.log('📊 Metrics Service:');
console.log(' ├─ SmartMetrics: Active');
console.log(' ├─ SmartProxy Stats: Active');
console.log(' └─ Real-time tracking: Enabled');
logger.log('info', 'Metrics Service: SmartMetrics active, SmartProxy stats active, real-time tracking enabled');
}
// SmartProxy summary
if (this.smartProxy) {
console.log('🌐 SmartProxy Service:');
const routeCount = this.options.smartProxyConfig?.routes?.length || 0;
console.log(` ├─ Routes configured: ${routeCount}`);
console.log(` ├─ ACME enabled: ${this.options.smartProxyConfig?.acme?.enabled || false}`);
if (this.options.smartProxyConfig?.acme?.enabled) {
console.log(` ├─ ACME email: ${this.options.smartProxyConfig.acme.email || 'not set'}`);
console.log(` └─ ACME mode: ${this.options.smartProxyConfig.acme.useProduction ? 'production' : 'staging'}`);
} else {
console.log(' └─ ACME: disabled');
}
const acmeEnabled = this.options.smartProxyConfig?.acme?.enabled || false;
const acmeMode = acmeEnabled
? `email=${this.options.smartProxyConfig!.acme!.email || 'not set'}, mode=${this.options.smartProxyConfig!.acme!.useProduction ? 'production' : 'staging'}`
: 'disabled';
logger.log('info', `SmartProxy Service: ${routeCount} routes, ACME: ${acmeMode}`);
}
// Email service summary
if (this.emailServer && this.options.emailConfig) {
console.log('\n📧 Email Service:');
const ports = this.options.emailConfig.ports || [];
console.log(` ├─ Ports: ${ports.join(', ')}`);
console.log(` ├─ Hostname: ${this.options.emailConfig.hostname || 'localhost'}`);
console.log(` ├─ Domains configured: ${this.options.emailConfig.domains?.length || 0}`);
if (this.options.emailConfig.domains && this.options.emailConfig.domains.length > 0) {
this.options.emailConfig.domains.forEach((domain, index) => {
const isLast = index === this.options.emailConfig!.domains!.length - 1;
console.log(` ${isLast ? '└─' : '├─'} ${domain.domain} (${domain.dnsMode || 'default'})`);
});
}
console.log(` └─ DKIM: Initialized for all domains`);
const domainCount = this.options.emailConfig.domains?.length || 0;
const domainNames = this.options.emailConfig.domains?.map(d => `${d.domain} (${d.dnsMode || 'default'})`).join(', ') || 'none';
logger.log('info', `Email Service: ports=[${ports.join(', ')}], hostname=${this.options.emailConfig.hostname || 'localhost'}, domains=${domainCount} [${domainNames}], DKIM initialized`);
}
// DNS service summary
if (this.dnsServer && this.options.dnsNsDomains && this.options.dnsScopes) {
console.log('\n🌍 DNS Service:');
console.log(` ├─ Nameservers: ${this.options.dnsNsDomains.join(', ')}`);
console.log(` ├─ Primary NS: ${this.options.dnsNsDomains[0]}`);
console.log(` ├─ Authoritative for: ${this.options.dnsScopes.length} domains`);
console.log(` ├─ UDP Port: 53`);
console.log(` ├─ DNS-over-HTTPS: Enabled via socket handler`);
console.log(` └─ DNSSEC: ${this.options.dnsNsDomains[0] ? 'Enabled' : 'Disabled'}`);
// Show authoritative domains
if (this.options.dnsScopes.length > 0) {
console.log('\n Authoritative Domains:');
this.options.dnsScopes.forEach((domain, index) => {
const isLast = index === this.options.dnsScopes!.length - 1;
console.log(` ${isLast ? '└─' : '├─'} ${domain}`);
});
}
logger.log('info', `DNS Service: nameservers=[${this.options.dnsNsDomains.join(', ')}], authoritative for ${this.options.dnsScopes.length} domains [${this.options.dnsScopes.join(', ')}], UDP:53, DoH enabled`);
}
// RADIUS service summary
if (this.radiusServer && this.options.radiusConfig) {
console.log('\n🔐 RADIUS Service:');
console.log(` ├─ Auth Port: ${this.options.radiusConfig.authPort || 1812}`);
console.log(` ├─ Acct Port: ${this.options.radiusConfig.acctPort || 1813}`);
console.log(` ├─ Clients configured: ${this.options.radiusConfig.clients?.length || 0}`);
const vlanStats = this.radiusServer.getVlanManager().getStats();
console.log(` ├─ VLAN mappings: ${vlanStats.totalMappings}`);
console.log(` └─ Accounting: ${this.options.radiusConfig.accounting?.enabled ? 'Enabled' : 'Disabled'}`);
logger.log('info', `RADIUS Service: auth=${this.options.radiusConfig.authPort || 1812}, acct=${this.options.radiusConfig.acctPort || 1813}, clients=${this.options.radiusConfig.clients?.length || 0}, VLANs=${vlanStats.totalMappings}, accounting=${this.options.radiusConfig.accounting?.enabled ? 'enabled' : 'disabled'}`);
}
// Remote Ingress summary
if (this.tunnelManager && this.options.remoteIngressConfig?.enabled) {
console.log('\n🌐 Remote Ingress:');
console.log(` ├─ Tunnel Port: ${this.options.remoteIngressConfig.tunnelPort || 8443}`);
const edgeCount = this.remoteIngressManager?.getAllEdges().length || 0;
const connectedCount = this.tunnelManager.getConnectedCount();
console.log(` ├─ Registered Edges: ${edgeCount}`);
console.log(` └─ Connected Edges: ${connectedCount}`);
logger.log('info', `Remote Ingress: tunnel port=${this.options.remoteIngressConfig.tunnelPort || 8443}, edges=${edgeCount} registered/${connectedCount} connected`);
}
// Storage summary
if (this.storageManager && this.options.storage) {
console.log('\n💾 Storage:');
console.log(` └─ Path: ${this.options.storage.fsPath || 'default'}`);
logger.log('info', `Storage: path=${this.options.storage.fsPath || 'default'}`);
}
// Cache database summary
if (this.cacheDb) {
console.log('\n🗄 Cache Database (smartdata + LocalTsmDb):');
console.log(` ├─ Storage: ${this.cacheDb.getStoragePath()}`);
console.log(` ├─ Database: ${this.cacheDb.getDbName()}`);
console.log(` └─ Cleaner: ${this.cacheCleaner?.isActive() ? 'Active' : 'Inactive'} (${(this.options.cacheConfig?.cleanupIntervalHours || 1)}h interval)`);
logger.log('info', `Cache Database: storage=${this.cacheDb.getStoragePath()}, db=${this.cacheDb.getDbName()}, cleaner=${this.cacheCleaner?.isActive() ? 'active' : 'inactive'} (${(this.options.cacheConfig?.cleanupIntervalHours || 1)}h interval)`);
}
console.log('\n✅ All services are running\n');
logger.log('info', 'All services are running');
}
/**
@@ -437,7 +393,7 @@ export class DcRouter {
* Set up SmartProxy with direct configuration and automatic email routes
*/
private async setupSmartProxy(): Promise<void> {
console.log('[DcRouter] Setting up SmartProxy...');
logger.log('info', 'Setting up SmartProxy...');
let routes: plugins.smartproxy.IRouteConfig[] = [];
let acmeConfig: plugins.smartproxy.IAcmeOptions | undefined;
@@ -445,22 +401,20 @@ export class DcRouter {
if (this.options.smartProxyConfig) {
routes = this.options.smartProxyConfig.routes || [];
acmeConfig = this.options.smartProxyConfig.acme;
console.log(`[DcRouter] Found ${routes.length} routes in config`);
console.log(`[DcRouter] ACME config present: ${!!acmeConfig}`);
logger.log('info', `Found ${routes.length} routes in config, ACME config present: ${!!acmeConfig}`);
}
// If email config exists, automatically add email routes
if (this.options.emailConfig) {
const emailRoutes = this.generateEmailRoutes(this.options.emailConfig);
console.log(`Email Routes are:`)
console.log(emailRoutes)
logger.log('debug', 'Email routes generated', { routes: JSON.stringify(emailRoutes) });
routes = [...routes, ...emailRoutes]; // Enable email routing through SmartProxy
}
// If DNS is configured, add DNS routes
if (this.options.dnsNsDomains && this.options.dnsNsDomains.length > 0) {
const dnsRoutes = this.generateDnsRoutes();
console.log(`DNS Routes for nameservers ${this.options.dnsNsDomains.join(', ')}:`, dnsRoutes);
logger.log('debug', `DNS routes for nameservers ${this.options.dnsNsDomains.join(', ')}`, { routes: JSON.stringify(dnsRoutes) });
routes = [...routes, ...dnsRoutes];
}
@@ -478,7 +432,7 @@ export class DcRouter {
// Configure DNS challenge if available
let challengeHandlers: any[] = [];
if (this.options.dnsChallenge?.cloudflareApiKey) {
console.log('Configuring Cloudflare DNS challenge for ACME');
logger.log('info', 'Configuring Cloudflare DNS challenge for ACME');
const cloudflareAccount = new plugins.cloudflare.CloudflareAccount(this.options.dnsChallenge.cloudflareApiKey);
const dns01Handler = new plugins.smartacme.handlers.Dns01Handler(cloudflareAccount);
challengeHandlers.push(dns01Handler);
@@ -486,7 +440,7 @@ export class DcRouter {
// If we have routes or need a basic SmartProxy instance, create it
if (routes.length > 0 || this.options.smartProxyConfig) {
console.log('Setting up SmartProxy with combined configuration');
logger.log('info', 'Setting up SmartProxy with combined configuration');
// Track cert entries loaded from cert store so we can populate certificateStatusMap after start
const loadedCertEntries: Array<{domain: string; publicKey: string; validUntil?: number; validFrom?: number}> = [];
@@ -532,6 +486,12 @@ export class DcRouter {
// If we have DNS challenge handlers, create SmartAcme and wire to certProvisionFunction
if (challengeHandlers.length > 0) {
// Stop old SmartAcme if it exists (e.g., during updateSmartProxyConfig)
if (this.smartAcme) {
await this.smartAcme.stop().catch(err =>
logger.log('error', 'Error stopping old SmartAcme', { error: String(err) })
);
}
this.smartAcme = new plugins.smartacme.SmartAcme({
accountEmail: acmeConfig?.accountEmail || this.options.tls?.contactEmail || 'admin@example.com',
certManager: new StorageBackedCertManager(this.storageManager),
@@ -584,26 +544,27 @@ export class DcRouter {
};
}
// When remoteIngress is enabled, the hub binary forwards tunneled connections
// to SmartProxy with PROXY protocol v1 headers to preserve client IPs.
if (this.options.remoteIngressConfig?.enabled) {
smartProxyConfig.acceptProxyProtocol = true;
smartProxyConfig.proxyIPs = ['127.0.0.1'];
}
// Create SmartProxy instance
console.log('[DcRouter] Creating SmartProxy instance with config:', JSON.stringify({
routeCount: smartProxyConfig.routes?.length,
acmeEnabled: smartProxyConfig.acme?.enabled,
acmeEmail: smartProxyConfig.acme?.email,
certProvisionFunction: !!smartProxyConfig.certProvisionFunction
}, null, 2));
logger.log('info', `Creating SmartProxy instance: routes=${smartProxyConfig.routes?.length}, acme=${smartProxyConfig.acme?.enabled}, certProvisionFunction=${!!smartProxyConfig.certProvisionFunction}`);
this.smartProxy = new plugins.smartproxy.SmartProxy(smartProxyConfig);
// Set up event listeners
this.smartProxy.on('error', (err) => {
console.error('[DcRouter] SmartProxy error:', err);
console.error('[DcRouter] Error stack:', err.stack);
logger.log('error', `SmartProxy error: ${err.message}`, { stack: err.stack });
});
// Always listen for certificate events — emitted by both ACME and certProvisionFunction paths
// Events are keyed by domain for domain-centric certificate tracking
this.smartProxy.on('certificate-issued', (event: plugins.smartproxy.ICertificateIssuedEvent) => {
console.log(`[DcRouter] Certificate issued for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
logger.log('info', `Certificate issued for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
const routeNames = this.findRouteNamesForDomain(event.domain);
this.certificateStatusMap.set(event.domain, {
status: 'valid', routeNames,
@@ -613,7 +574,7 @@ export class DcRouter {
});
this.smartProxy.on('certificate-renewed', (event: plugins.smartproxy.ICertificateIssuedEvent) => {
console.log(`[DcRouter] Certificate renewed for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
logger.log('info', `Certificate renewed for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
const routeNames = this.findRouteNamesForDomain(event.domain);
this.certificateStatusMap.set(event.domain, {
status: 'valid', routeNames,
@@ -623,7 +584,7 @@ export class DcRouter {
});
this.smartProxy.on('certificate-failed', (event: plugins.smartproxy.ICertificateFailedEvent) => {
console.error(`[DcRouter] Certificate failed for ${event.domain} (${event.source}):`, event.error);
logger.log('error', `Certificate failed for ${event.domain} (${event.source}): ${event.error}`);
const routeNames = this.findRouteNamesForDomain(event.domain);
this.certificateStatusMap.set(event.domain, {
status: 'failed', routeNames, error: event.error,
@@ -632,9 +593,9 @@ export class DcRouter {
});
// Start SmartProxy
console.log('[DcRouter] Starting SmartProxy...');
logger.log('info', 'Starting SmartProxy...');
await this.smartProxy.start();
console.log('[DcRouter] SmartProxy started successfully');
logger.log('info', 'SmartProxy started successfully');
// Populate certificateStatusMap for certs loaded from store at startup
for (const entry of loadedCertEntries) {
@@ -686,10 +647,10 @@ export class DcRouter {
}
}
if (loadedCertEntries.length > 0) {
console.log(`[DcRouter] Populated certificate status for ${loadedCertEntries.length} store-loaded domain(s)`);
logger.log('info', `Populated certificate status for ${loadedCertEntries.length} store-loaded domain(s)`);
}
console.log(`SmartProxy started with ${routes.length} routes`);
logger.log('info', `SmartProxy started with ${routes.length} routes`);
}
}
@@ -892,7 +853,7 @@ export class DcRouter {
}
public async stop() {
console.log('Stopping DcRouter services...');
logger.log('info', 'Stopping DcRouter services...');
await this.opsServer.stop();
@@ -903,41 +864,60 @@ export class DcRouter {
this.cacheCleaner ? Promise.resolve(this.cacheCleaner.stop()) : Promise.resolve(),
// Stop metrics manager if running
this.metricsManager ? this.metricsManager.stop().catch(err => console.error('Error stopping MetricsManager:', err)) : Promise.resolve(),
this.metricsManager ? this.metricsManager.stop().catch(err => logger.log('error', 'Error stopping MetricsManager', { error: String(err) })) : Promise.resolve(),
// Stop unified email server if running
this.emailServer ? this.emailServer.stop().catch(err => console.error('Error stopping email server:', err)) : Promise.resolve(),
this.emailServer ? this.emailServer.stop().catch(err => logger.log('error', 'Error stopping email server', { error: String(err) })) : Promise.resolve(),
// Stop SmartAcme if running
this.smartAcme ? this.smartAcme.stop().catch(err => console.error('Error stopping SmartAcme:', err)) : Promise.resolve(),
this.smartAcme ? this.smartAcme.stop().catch(err => logger.log('error', 'Error stopping SmartAcme', { error: String(err) })) : Promise.resolve(),
// Stop HTTP SmartProxy if running
this.smartProxy ? this.smartProxy.stop().catch(err => console.error('Error stopping SmartProxy:', err)) : Promise.resolve(),
this.smartProxy ? this.smartProxy.stop().catch(err => logger.log('error', 'Error stopping SmartProxy', { error: String(err) })) : Promise.resolve(),
// Stop DNS server if running
this.dnsServer ?
this.dnsServer.stop().catch(err => console.error('Error stopping DNS server:', err)) :
this.dnsServer.stop().catch(err => logger.log('error', 'Error stopping DNS server', { error: String(err) })) :
Promise.resolve(),
// Stop RADIUS server if running
this.radiusServer ?
this.radiusServer.stop().catch(err => console.error('Error stopping RADIUS server:', err)) :
this.radiusServer.stop().catch(err => logger.log('error', 'Error stopping RADIUS server', { error: String(err) })) :
Promise.resolve(),
// Stop Remote Ingress tunnel manager if running
this.tunnelManager ?
this.tunnelManager.stop().catch(err => console.error('Error stopping TunnelManager:', err)) :
this.tunnelManager.stop().catch(err => logger.log('error', 'Error stopping TunnelManager', { error: String(err) })) :
Promise.resolve()
]);
// Stop cache database after other services (they may need it during shutdown)
if (this.cacheDb) {
await this.cacheDb.stop().catch(err => console.error('Error stopping CacheDb:', err));
await this.cacheDb.stop().catch(err => logger.log('error', 'Error stopping CacheDb', { error: String(err) }));
}
console.log('All DcRouter services stopped');
// Clear backoff cache in cert scheduler
if (this.certProvisionScheduler) {
this.certProvisionScheduler.clear();
}
// Allow GC of stopped services by nulling references
this.smartProxy = undefined;
this.emailServer = undefined;
this.dnsServer = undefined;
this.metricsManager = undefined;
this.cacheCleaner = undefined;
this.cacheDb = undefined;
this.tunnelManager = undefined;
this.radiusServer = undefined;
this.smartAcme = undefined;
this.certProvisionScheduler = undefined;
this.remoteIngressManager = undefined;
this.certificateStatusMap.clear();
logger.log('info', 'All DcRouter services stopped');
} catch (error) {
console.error('Error during DcRouter shutdown:', error);
logger.log('error', 'Error during DcRouter shutdown', { error: String(error) });
throw error;
}
}
@@ -955,11 +935,16 @@ export class DcRouter {
// Update configuration
this.options.smartProxyConfig = config;
// Update routes on RemoteIngressManager so derived ports stay in sync
if (this.remoteIngressManager && config.routes) {
this.remoteIngressManager.setRoutes(config.routes as any[]);
}
// Start new SmartProxy with updated configuration (will include email routes if configured)
await this.setupSmartProxy();
console.log('SmartProxy configuration updated');
logger.log('info', 'SmartProxy configuration updated');
}
@@ -1016,7 +1001,25 @@ export class DcRouter {
// Start the server
await this.emailServer.start();
// Wire delivery events to MetricsManager for time-series tracking
if (this.metricsManager && this.emailServer.deliverySystem) {
this.emailServer.deliverySystem.on('deliveryStart', (item: any) => {
this.metricsManager.trackEmailReceived(item?.from);
});
this.emailServer.deliverySystem.on('deliverySuccess', (item: any) => {
this.metricsManager.trackEmailSent(item?.to);
});
this.emailServer.deliverySystem.on('deliveryFailed', (item: any, error: any) => {
this.metricsManager.trackEmailFailed(item?.to, error?.message);
});
}
if (this.metricsManager && this.emailServer) {
this.emailServer.on('bounceProcessed', () => {
this.metricsManager.trackEmailBounced();
});
}
logger.log('info', `Email server started on ports: ${emailConfig.ports.join(', ')}`);
}
@@ -1034,7 +1037,7 @@ export class DcRouter {
// Start email handling with new configuration
await this.setupUnifiedEmailHandling();
console.log('Unified email configuration updated');
logger.log('info', 'Unified email configuration updated');
}
/**
@@ -1074,7 +1077,7 @@ export class DcRouter {
this.emailServer.updateEmailRoutes(routes);
}
console.log(`Email routes updated with ${routes.length} routes`);
logger.log('info', `Email routes updated with ${routes.length} routes`);
}
/**
@@ -1199,6 +1202,21 @@ export class DcRouter {
// Start the DNS server (UDP only)
await this.dnsServer.start();
logger.log('info', `DNS server started on UDP ${vmIpAddress}:53`);
// Wire DNS query events to MetricsManager for time-series tracking
if (this.metricsManager && this.dnsServer) {
this.dnsServer.on('query', (event: plugins.smartdns.dnsServerMod.IDnsQueryCompletedEvent) => {
for (const question of event.questions) {
this.metricsManager.trackDnsQuery(
question.type,
question.name,
false,
event.responseTimeMs,
event.answered,
);
}
});
}
// Validate DNS configuration
await this.validateDnsConfiguration();
@@ -1587,6 +1605,10 @@ export class DcRouter {
this.remoteIngressManager = new RemoteIngressManager(this.storageManager);
await this.remoteIngressManager.initialize();
// Pass current routes so the manager can derive edge ports from remoteIngress-tagged routes
const currentRoutes = this.options.smartProxyConfig?.routes || [];
this.remoteIngressManager.setRoutes(currentRoutes as any[]);
// Create and start the tunnel manager
this.tunnelManager = new TunnelManager(this.remoteIngressManager, {
tunnelPort: this.options.remoteIngressConfig.tunnelPort ?? 8443,

11
ts/logger.ts
View File

@@ -1,5 +1,6 @@
import * as plugins from './plugins.js';
import { randomUUID } from 'node:crypto';
import { SmartlogDestinationBuffer } from '@push.rocks/smartlog/destination-buffer';
// Map NODE_ENV to valid TEnvironment
const nodeEnv = process.env.NODE_ENV || 'production';
@@ -10,8 +11,11 @@ const envMap: Record<string, 'local' | 'test' | 'staging' | 'production'> = {
'production': 'production'
};
// Default Smartlog instance
const baseLogger = new plugins.smartlog.Smartlog({
// In-memory log buffer for the OpsServer UI
export const logBuffer = new SmartlogDestinationBuffer({ maxEntries: 2000 });
// Default Smartlog instance (exported so OpsServer can add push destinations)
export const baseLogger = new plugins.smartlog.Smartlog({
logContext: {
environment: envMap[nodeEnv] || 'production',
runtime: 'node',
@@ -19,6 +23,9 @@ const baseLogger = new plugins.smartlog.Smartlog({
}
});
// Wire the buffer destination so all logs are captured
baseLogger.addLogDestination(logBuffer);
// Extended logger compatible with the original enhanced logger API
class StandardLogger {
private defaultContext: Record<string, any> = {};

181
ts/monitoring/classes.metricsmanager.ts
View File

@@ -1,9 +1,11 @@
import * as plugins from '../plugins.js';
import { DcRouter } from '../classes.dcrouter.js';
import { MetricsCache } from './classes.metricscache.js';
import { SecurityLogger, SecurityEventType } from '../security/classes.securitylogger.js';
import { logger } from '../logger.js';
export class MetricsManager {
private logger: plugins.smartlog.Smartlog;
private metricsLogger: plugins.smartlog.Smartlog;
private smartMetrics: plugins.smartmetrics.SmartMetrics;
private dcRouter: DcRouter;
private resetInterval?: NodeJS.Timeout;
@@ -35,8 +37,13 @@ export class MetricsManager {
lastResetDate: new Date().toDateString(),
queryTimestamps: [] as number[], // Track query timestamps for rate calculation
responseTimes: [] as number[], // Track response times in ms
recentQueries: [] as Array<{ timestamp: number; domain: string; type: string; answered: boolean; responseTimeMs: number }>,
};
// Per-minute time-series buckets for charts
private emailMinuteBuckets = new Map<number, { sent: number; received: number; failed: number }>();
private dnsMinuteBuckets = new Map<number, { queries: number }>();
// Track security-specific metrics
private securityMetrics = {
blockedIPs: 0,
@@ -50,15 +57,15 @@ export class MetricsManager {
constructor(dcRouter: DcRouter) {
this.dcRouter = dcRouter;
// Create a new Smartlog instance for metrics
this.logger = new plugins.smartlog.Smartlog({
// Create a Smartlog instance for SmartMetrics (requires its own instance)
this.metricsLogger = new plugins.smartlog.Smartlog({
logContext: {
environment: 'production',
runtime: 'node',
zone: 'dcrouter-metrics',
}
});
this.smartMetrics = new plugins.smartmetrics.SmartMetrics(this.logger, 'dcrouter');
this.smartMetrics = new plugins.smartmetrics.SmartMetrics(this.metricsLogger, 'dcrouter');
// Initialize metrics cache with 500ms TTL
this.metricsCache = new MetricsCache(500);
}
@@ -90,6 +97,7 @@ export class MetricsManager {
this.dnsMetrics.topDomains.clear();
this.dnsMetrics.queryTimestamps = [];
this.dnsMetrics.responseTimes = [];
this.dnsMetrics.recentQueries = [];
this.dnsMetrics.lastResetDate = currentDate;
}
@@ -102,20 +110,29 @@ export class MetricsManager {
this.securityMetrics.incidents = [];
this.securityMetrics.lastResetDate = currentDate;
}
// Prune old time-series buckets every minute (don't wait for lazy query)
this.pruneOldBuckets();
}, 60000); // Check every minute
this.logger.log('info', 'MetricsManager started');
logger.log('info', 'MetricsManager started');
}
public async stop(): Promise<void> {
// Clear the reset interval
if (this.resetInterval) {
clearInterval(this.resetInterval);
this.resetInterval = undefined;
}
this.smartMetrics.stop();
this.logger.log('info', 'MetricsManager stopped');
// Clear caches and time-series buckets on shutdown
this.metricsCache.clear();
this.emailMinuteBuckets.clear();
this.dnsMinuteBuckets.clear();
logger.log('info', 'MetricsManager stopped');
}
// Get server metrics from SmartMetrics and SmartProxy
@@ -139,8 +156,8 @@ export class MetricsManager {
actualUsagePercentage: smartMetricsData.memoryPercentage,
},
cpuUsage: {
user: parseFloat(smartMetricsData.cpuUsageText || '0'),
system: 0, // SmartMetrics doesn't separate user/system
user: smartMetricsData.cpuPercentage,
system: 0,
},
activeConnections: proxyStats ? proxyStats.activeConnections : 0,
totalConnections: proxyMetrics ? proxyMetrics.totals.connections() : 0,
@@ -223,24 +240,50 @@ export class MetricsManager {
queryTypes: this.dnsMetrics.queryTypes,
averageResponseTime: Math.round(avgResponseTime),
activeDomains: this.dnsMetrics.topDomains.size,
recentQueries: this.dnsMetrics.recentQueries.slice(),
};
});
}
/**
* Sync security metrics from the SecurityLogger singleton (last 24h).
* Called before returning security stats so counters reflect real events.
*/
private syncFromSecurityLogger(): void {
try {
const securityLogger = SecurityLogger.getInstance();
const summary = securityLogger.getEventsSummary(86400000); // last 24h
this.securityMetrics.spamDetected = summary.byType[SecurityEventType.SPAM] || 0;
this.securityMetrics.malwareDetected = summary.byType[SecurityEventType.MALWARE] || 0;
this.securityMetrics.phishingDetected = summary.byType[SecurityEventType.DMARC] || 0; // phishing via DMARC
this.securityMetrics.authFailures =
summary.byType[SecurityEventType.AUTHENTICATION] || 0;
this.securityMetrics.blockedIPs =
(summary.byType[SecurityEventType.IP_REPUTATION] || 0) +
(summary.byType[SecurityEventType.REJECTED_CONNECTION] || 0);
} catch {
// SecurityLogger may not be initialized yet — ignore
}
}
// Get security metrics
public async getSecurityStats() {
return this.metricsCache.get('securityStats', () => {
// Sync counters from the real SecurityLogger events
this.syncFromSecurityLogger();
// Get recent incidents (last 20)
const recentIncidents = this.securityMetrics.incidents.slice(-20);
return {
blockedIPs: this.securityMetrics.blockedIPs,
authFailures: this.securityMetrics.authFailures,
spamDetected: this.securityMetrics.spamDetected,
malwareDetected: this.securityMetrics.malwareDetected,
phishingDetected: this.securityMetrics.phishingDetected,
totalThreatsBlocked: this.securityMetrics.spamDetected +
this.securityMetrics.malwareDetected +
totalThreatsBlocked: this.securityMetrics.spamDetected +
this.securityMetrics.malwareDetected +
this.securityMetrics.phishingDetected,
recentIncidents,
};
@@ -275,10 +318,19 @@ export class MetricsManager {
// Email event tracking methods
public trackEmailSent(recipient?: string, deliveryTimeMs?: number): void {
this.emailMetrics.sentToday++;
this.incrementEmailBucket('sent');
if (recipient) {
const count = this.emailMetrics.recipients.get(recipient) || 0;
this.emailMetrics.recipients.set(recipient, count + 1);
// Cap recipients map to prevent unbounded growth within a day
if (this.emailMetrics.recipients.size > this.MAX_TOP_DOMAINS) {
const sorted = Array.from(this.emailMetrics.recipients.entries())
.sort((a, b) => b[1] - a[1])
.slice(0, Math.floor(this.MAX_TOP_DOMAINS * 0.8));
this.emailMetrics.recipients = new Map(sorted);
}
}
if (deliveryTimeMs) {
@@ -303,6 +355,7 @@ export class MetricsManager {
public trackEmailReceived(sender?: string): void {
this.emailMetrics.receivedToday++;
this.incrementEmailBucket('received');
this.emailMetrics.recentActivity.push({
timestamp: Date.now(),
@@ -318,6 +371,7 @@ export class MetricsManager {
public trackEmailFailed(recipient?: string, reason?: string): void {
this.emailMetrics.failedToday++;
this.incrementEmailBucket('failed');
this.emailMetrics.recentActivity.push({
timestamp: Date.now(),
@@ -351,8 +405,21 @@ export class MetricsManager {
}
// DNS event tracking methods
public trackDnsQuery(queryType: string, domain: string, cacheHit: boolean, responseTimeMs?: number): void {
public trackDnsQuery(queryType: string, domain: string, cacheHit: boolean, responseTimeMs?: number, answered?: boolean): void {
this.dnsMetrics.totalQueries++;
this.incrementDnsBucket();
// Store recent query entry
this.dnsMetrics.recentQueries.push({
timestamp: Date.now(),
domain,
type: queryType,
answered: answered ?? true,
responseTimeMs: responseTimeMs ?? 0,
});
if (this.dnsMetrics.recentQueries.length > 100) {
this.dnsMetrics.recentQueries.shift();
}
if (cacheHit) {
this.dnsMetrics.cacheHits++;
@@ -539,4 +606,90 @@ export class MetricsManager {
};
}, 200); // Use 200ms cache for more frequent updates
}
// --- Time-series helpers ---
private static minuteKey(ts: number = Date.now()): number {
return Math.floor(ts / 60000) * 60000;
}
private incrementEmailBucket(field: 'sent' | 'received' | 'failed'): void {
const key = MetricsManager.minuteKey();
let bucket = this.emailMinuteBuckets.get(key);
if (!bucket) {
bucket = { sent: 0, received: 0, failed: 0 };
this.emailMinuteBuckets.set(key, bucket);
}
bucket[field]++;
}
private incrementDnsBucket(): void {
const key = MetricsManager.minuteKey();
let bucket = this.dnsMinuteBuckets.get(key);
if (!bucket) {
bucket = { queries: 0 };
this.dnsMinuteBuckets.set(key, bucket);
}
bucket.queries++;
}
private pruneOldBuckets(): void {
const cutoff = Date.now() - 86400000; // 24h
for (const key of this.emailMinuteBuckets.keys()) {
if (key < cutoff) this.emailMinuteBuckets.delete(key);
}
for (const key of this.dnsMinuteBuckets.keys()) {
if (key < cutoff) this.dnsMinuteBuckets.delete(key);
}
}
/**
* Get email time-series data for the last N hours, aggregated per minute.
*/
public getEmailTimeSeries(hours: number = 24): {
sent: Array<{ timestamp: number; value: number }>;
received: Array<{ timestamp: number; value: number }>;
failed: Array<{ timestamp: number; value: number }>;
} {
this.pruneOldBuckets();
const cutoff = Date.now() - hours * 3600000;
const sent: Array<{ timestamp: number; value: number }> = [];
const received: Array<{ timestamp: number; value: number }> = [];
const failed: Array<{ timestamp: number; value: number }> = [];
const sortedKeys = Array.from(this.emailMinuteBuckets.keys())
.filter((k) => k >= cutoff)
.sort((a, b) => a - b);
for (const key of sortedKeys) {
const bucket = this.emailMinuteBuckets.get(key)!;
sent.push({ timestamp: key, value: bucket.sent });
received.push({ timestamp: key, value: bucket.received });
failed.push({ timestamp: key, value: bucket.failed });
}
return { sent, received, failed };
}
/**
* Get DNS time-series data for the last N hours, aggregated per minute.
*/
public getDnsTimeSeries(hours: number = 24): {
queries: Array<{ timestamp: number; value: number }>;
} {
this.pruneOldBuckets();
const cutoff = Date.now() - hours * 3600000;
const queries: Array<{ timestamp: number; value: number }> = [];
const sortedKeys = Array.from(this.dnsMinuteBuckets.keys())
.filter((k) => k >= cutoff)
.sort((a, b) => a - b);
for (const key of sortedKeys) {
const bucket = this.dnsMinuteBuckets.get(key)!;
queries.push({ timestamp: key, value: bucket.queries });
}
return { queries };
}
}

180
ts/opsserver/handlers/certificate.handler.ts
View File

@@ -42,6 +42,36 @@ export class CertificateHandler {
}
)
);
// Delete certificate
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_DeleteCertificate>(
'deleteCertificate',
async (dataArg) => {
return this.deleteCertificate(dataArg.domain);
}
)
);
// Export certificate
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ExportCertificate>(
'exportCertificate',
async (dataArg) => {
return this.exportCertificate(dataArg.domain);
}
)
);
// Import certificate
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_ImportCertificate>(
'importCertificate',
async (dataArg) => {
return this.importCertificate(dataArg.cert);
}
)
);
}
/**
@@ -324,4 +354,154 @@ export class CertificateHandler {
return { success: false, message: `No routes found for domain '${domain}'` };
}
/**
* Delete certificate data for a domain from storage
*/
private async deleteCertificate(domain: string): Promise<{ success: boolean; message?: string }> {
const dcRouter = this.opsServerRef.dcRouterRef;
const cleanDomain = domain.replace(/^\*\.?/, '');
// Delete from all known storage paths
const paths = [
`/proxy-certs/${domain}`,
`/proxy-certs/${cleanDomain}`,
`/certs/${cleanDomain}`,
];
for (const path of paths) {
try {
await dcRouter.storageManager.delete(path);
} catch {
// Path may not exist — ignore
}
}
// Clear from in-memory status map
dcRouter.certificateStatusMap.delete(domain);
// Clear backoff info
if (dcRouter.certProvisionScheduler) {
await dcRouter.certProvisionScheduler.clearBackoff(domain);
}
return { success: true, message: `Certificate data deleted for '${domain}'` };
}
/**
* Export certificate data for a domain as ICert-shaped JSON
*/
private async exportCertificate(domain: string): Promise<{
success: boolean;
cert?: {
id: string;
domainName: string;
created: number;
validUntil: number;
privateKey: string;
publicKey: string;
csr: string;
};
message?: string;
}> {
const dcRouter = this.opsServerRef.dcRouterRef;
const cleanDomain = domain.replace(/^\*\.?/, '');
// Try SmartAcme /certs/ path first (has full ICert fields)
let certData = await dcRouter.storageManager.getJSON(`/certs/${cleanDomain}`);
if (certData && certData.publicKey && certData.privateKey) {
return {
success: true,
cert: {
id: certData.id || plugins.crypto.randomUUID(),
domainName: certData.domainName || domain,
created: certData.created || Date.now(),
validUntil: certData.validUntil || 0,
privateKey: certData.privateKey,
publicKey: certData.publicKey,
csr: certData.csr || '',
},
};
}
// Fallback: try /proxy-certs/ with original domain
certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${domain}`);
if (!certData || !certData.publicKey) {
// Try with clean domain
certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${cleanDomain}`);
}
if (certData && certData.publicKey && certData.privateKey) {
return {
success: true,
cert: {
id: plugins.crypto.randomUUID(),
domainName: domain,
created: certData.validFrom || Date.now(),
validUntil: certData.validUntil || 0,
privateKey: certData.privateKey,
publicKey: certData.publicKey,
csr: '',
},
};
}
return { success: false, message: `No certificate data found for '${domain}'` };
}
/**
* Import a certificate from ICert-shaped JSON
*/
private async importCertificate(cert: {
id: string;
domainName: string;
created: number;
validUntil: number;
privateKey: string;
publicKey: string;
csr: string;
}): Promise<{ success: boolean; message?: string }> {
// Validate PEM content
if (!cert.publicKey || !cert.publicKey.includes('-----BEGIN CERTIFICATE-----')) {
return { success: false, message: 'Invalid publicKey: must contain a PEM-encoded certificate' };
}
if (!cert.privateKey || !cert.privateKey.includes('-----BEGIN')) {
return { success: false, message: 'Invalid privateKey: must contain a PEM-encoded key' };
}
const dcRouter = this.opsServerRef.dcRouterRef;
const cleanDomain = cert.domainName.replace(/^\*\.?/, '');
// Save to /certs/ (SmartAcme-compatible path)
await dcRouter.storageManager.setJSON(`/certs/${cleanDomain}`, {
id: cert.id,
domainName: cert.domainName,
created: cert.created,
validUntil: cert.validUntil,
privateKey: cert.privateKey,
publicKey: cert.publicKey,
csr: cert.csr || '',
});
// Also save to /proxy-certs/ (proxy-cert format)
await dcRouter.storageManager.setJSON(`/proxy-certs/${cert.domainName}`, {
domain: cert.domainName,
publicKey: cert.publicKey,
privateKey: cert.privateKey,
ca: undefined,
validUntil: cert.validUntil,
validFrom: cert.created,
});
// Update in-memory status map
dcRouter.certificateStatusMap.set(cert.domainName, {
status: 'valid',
source: 'static',
expiryDate: cert.validUntil ? new Date(cert.validUntil).toISOString() : undefined,
issuedAt: cert.created ? new Date(cert.created).toISOString() : undefined,
routeNames: [],
});
return { success: true, message: `Certificate imported for '${cert.domainName}'` };
}
}

170
ts/opsserver/handlers/logs.handler.ts
View File

@@ -1,14 +1,16 @@
import * as plugins from '../../plugins.js';
import type { OpsServer } from '../classes.opsserver.js';
import * as interfaces from '../../../ts_interfaces/index.js';
import { logBuffer, baseLogger } from '../../logger.js';
export class LogsHandler {
public typedrouter = new plugins.typedrequest.TypedRouter();
constructor(private opsServerRef: OpsServer) {
// Add this handler's router to the parent
this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
this.registerHandlers();
this.setupLogPushDestination();
}
private registerHandlers(): void {
@@ -64,6 +66,32 @@ export class LogsHandler {
);
}
private static mapLogLevel(smartlogLevel: string): 'debug' | 'info' | 'warn' | 'error' {
switch (smartlogLevel) {
case 'silly':
case 'debug':
return 'debug';
case 'warn':
return 'warn';
case 'error':
return 'error';
default:
return 'info';
}
}
private static deriveCategory(
zone?: string,
message?: string
): 'smtp' | 'dns' | 'security' | 'system' | 'email' {
const msg = (message || '').toLowerCase();
if (msg.includes('[security:') || msg.includes('security')) return 'security';
if (zone === 'email' || msg.includes('email') || msg.includes('smtp') || msg.includes('mta')) return 'email';
if (zone === 'dns' || msg.includes('dns')) return 'dns';
if (msg.includes('smtp')) return 'smtp';
return 'system';
}
private async getRecentLogs(
level?: 'error' | 'warn' | 'info' | 'debug',
category?: 'smtp' | 'dns' | 'security' | 'system' | 'email',
@@ -78,44 +106,110 @@ export class LogsHandler {
message: string;
metadata?: any;
}>> {
// TODO: Implement actual log retrieval from storage or logger
// For now, return mock data
const mockLogs: Array<{
// Compute a timestamp cutoff from timeRange
let since: number | undefined;
if (timeRange) {
const rangeMs: Record<string, number> = {
'1h': 3600000,
'6h': 21600000,
'24h': 86400000,
'7d': 604800000,
'30d': 2592000000,
};
since = Date.now() - (rangeMs[timeRange] || 86400000);
}
// Map the UI level to smartlog levels for filtering
const smartlogLevels: string[] | undefined = level
? level === 'debug'
? ['debug', 'silly']
: level === 'info'
? ['info', 'ok', 'success', 'note', 'lifecycle']
: [level]
: undefined;
// Fetch a larger batch from buffer, then apply category filter client-side
const rawEntries = logBuffer.getEntries({
level: smartlogLevels as any,
search,
since,
limit: limit * 3, // over-fetch to compensate for category filtering
offset: 0,
});
// Map ILogPackage → UI log format and apply category filter
const mapped: Array<{
timestamp: number;
level: 'debug' | 'info' | 'warn' | 'error';
category: 'smtp' | 'dns' | 'security' | 'system' | 'email';
message: string;
metadata?: any;
}> = [];
const categories: Array<'smtp' | 'dns' | 'security' | 'system' | 'email'> = ['smtp', 'dns', 'security', 'system', 'email'];
const levels: Array<'debug' | 'info' | 'warn' | 'error'> = ['info', 'warn', 'error', 'debug'];
const now = Date.now();
// Generate some mock log entries
for (let i = 0; i < 50; i++) {
const mockCategory = categories[Math.floor(Math.random() * categories.length)];
const mockLevel = levels[Math.floor(Math.random() * levels.length)];
// Filter by requested criteria
if (level && mockLevel !== level) continue;
if (category && mockCategory !== category) continue;
mockLogs.push({
timestamp: now - (i * 60000), // 1 minute apart
level: mockLevel,
category: mockCategory,
message: `Sample log message ${i} from ${mockCategory}`,
metadata: {
requestId: plugins.uuid.v4(),
},
for (const pkg of rawEntries) {
const uiLevel = LogsHandler.mapLogLevel(pkg.level);
const uiCategory = LogsHandler.deriveCategory(pkg.context?.zone, pkg.message);
if (category && uiCategory !== category) continue;
mapped.push({
timestamp: pkg.timestamp,
level: uiLevel,
category: uiCategory,
message: pkg.message,
metadata: pkg.data,
});
if (mapped.length >= limit) break;
}
// Apply pagination
return mockLogs.slice(offset, offset + limit);
return mapped;
}
/**
* Add a log destination to the base logger that pushes entries
* to all connected ops_dashboard TypedSocket clients.
*/
private setupLogPushDestination(): void {
const opsServerRef = this.opsServerRef;
baseLogger.addLogDestination({
async handleLog(logPackage: any) {
// Access the TypedSocket server instance from OpsServer
const typedsocket = opsServerRef.server?.typedserver?.typedsocket;
if (!typedsocket) return;
let connections: any[];
try {
connections = await typedsocket.findAllTargetConnectionsByTag('role', 'ops_dashboard');
} catch {
return;
}
if (connections.length === 0) return;
const entry: interfaces.data.ILogEntry = {
timestamp: logPackage.timestamp || Date.now(),
level: LogsHandler.mapLogLevel(logPackage.level),
category: LogsHandler.deriveCategory(logPackage.context?.zone, logPackage.message),
message: logPackage.message,
metadata: logPackage.data,
};
for (const conn of connections) {
try {
const push = typedsocket.createTypedRequest<interfaces.requests.IReq_PushLogEntry>(
'pushLogEntry',
conn,
);
push.fire({ entry }).catch(() => {}); // fire-and-forget
} catch {
// connection may have closed
}
}
},
});
}
private setupLogStream(
virtualStream: plugins.typedrequest.VirtualStream<Uint8Array>,
levelFilter?: string[],
@@ -148,17 +242,17 @@ export class LogsHandler {
}
// For follow mode, simulate real-time log streaming
intervalId = setInterval(() => {
intervalId = setInterval(async () => {
const categories: Array<'smtp' | 'dns' | 'security' | 'system' | 'email'> = ['smtp', 'dns', 'security', 'system', 'email'];
const levels: Array<'debug' | 'info' | 'warn' | 'error'> = ['info', 'warn', 'error', 'debug'];
const mockCategory = categories[Math.floor(Math.random() * categories.length)];
const mockLevel = levels[Math.floor(Math.random() * levels.length)];
// Filter by requested criteria
if (levelFilter && !levelFilter.includes(mockLevel)) return;
if (categoryFilter && !categoryFilter.includes(mockCategory)) return;
const logEntry = {
timestamp: Date.now(),
level: mockLevel,
@@ -168,10 +262,16 @@ export class LogsHandler {
requestId: plugins.uuid.v4(),
},
};
const logData = JSON.stringify(logEntry);
const encoder = new TextEncoder();
virtualStream.sendData(encoder.encode(logData));
try {
await virtualStream.sendData(encoder.encode(logData));
} catch {
// Stream closed or errored — clean up to prevent interval leak
clearInterval(intervalId!);
intervalId = null;
}
}, 2000); // Send a log every 2 seconds
// TODO: Hook into actual logger events

77
ts/opsserver/handlers/remoteingress.handler.ts
View File

@@ -20,11 +20,17 @@ export class RemoteIngressHandler {
if (!manager) {
return { edges: [] };
}
// Return edges without secrets
const edges = manager.getAllEdges().map((e) => ({
...e,
secret: '********', // Never expose secrets via API
}));
// Return edges without secrets, enriched with effective listen ports and breakdown
const edges = manager.getAllEdges().map((e) => {
const breakdown = manager.getPortBreakdown(e);
return {
...e,
secret: '********', // Never expose secrets via API
effectiveListenPorts: manager.getEffectiveListenPorts(e),
manualPorts: breakdown.manual,
derivedPorts: breakdown.derived,
};
});
return { edges };
},
),
@@ -47,8 +53,9 @@ export class RemoteIngressHandler {
const edge = await manager.createEdge(
dataArg.name,
dataArg.listenPorts,
dataArg.listenPorts || [],
dataArg.tags,
dataArg.autoDerivePorts ?? true,
);
// Sync allowed edges with the hub
@@ -101,6 +108,7 @@ export class RemoteIngressHandler {
const edge = await manager.updateEdge(dataArg.id, {
name: dataArg.name,
listenPorts: dataArg.listenPorts,
autoDerivePorts: dataArg.autoDerivePorts,
enabled: dataArg.enabled,
tags: dataArg.tags,
});
@@ -109,12 +117,22 @@ export class RemoteIngressHandler {
return { success: false, edge: null as any };
}
// Sync allowed edges if enabled status changed
if (tunnelManager && dataArg.enabled !== undefined) {
// Sync allowed edges — ports, tags, or enabled may have changed
if (tunnelManager) {
await tunnelManager.syncAllowedEdges();
}
return { success: true, edge: { ...edge, secret: '********' } };
const breakdown = manager.getPortBreakdown(edge);
return {
success: true,
edge: {
...edge,
secret: '********',
effectiveListenPorts: manager.getEffectiveListenPorts(edge),
manualPorts: breakdown.manual,
derivedPorts: breakdown.derived,
},
};
},
),
);
@@ -159,5 +177,46 @@ export class RemoteIngressHandler {
},
),
);
// Get a connection token for an edge
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRemoteIngressConnectionToken>(
'getRemoteIngressConnectionToken',
async (dataArg, toolsArg) => {
const manager = this.opsServerRef.dcRouterRef.remoteIngressManager;
if (!manager) {
return { success: false, message: 'RemoteIngress not configured' };
}
const edge = manager.getEdge(dataArg.edgeId);
if (!edge) {
return { success: false, message: 'Edge not found' };
}
if (!edge.enabled) {
return { success: false, message: 'Edge is disabled' };
}
const hubHost = dataArg.hubHost
|| this.opsServerRef.dcRouterRef.options.remoteIngressConfig?.hubDomain;
if (!hubHost) {
return {
success: false,
message: 'No hub hostname configured. Set hubDomain in remoteIngressConfig or provide hubHost.',
};
}
const hubPort = this.opsServerRef.dcRouterRef.options.remoteIngressConfig?.tunnelPort ?? 8443;
const token = plugins.remoteingress.encodeConnectionToken({
hubHost,
hubPort,
edgeId: edge.id,
secret: edge.secret,
});
return { success: true, token };
},
),
);
}
}

32
ts/opsserver/handlers/stats.handler.ts
View File

@@ -2,6 +2,7 @@ import * as plugins from '../../plugins.js';
import type { OpsServer } from '../classes.opsserver.js';
import * as interfaces from '../../../ts_interfaces/index.js';
import { MetricsManager } from '../../monitoring/index.js';
import { SecurityLogger } from '../../security/classes.securitylogger.js';
export class StatsHandler {
public typedrouter = new plugins.typedrequest.TypedRouter();
@@ -203,6 +204,11 @@ export class StatsHandler {
if (sections.email) {
promises.push(
this.collectEmailStats().then(stats => {
// Get time-series data from MetricsManager
const timeSeries = this.opsServerRef.dcRouterRef.metricsManager
? this.opsServerRef.dcRouterRef.metricsManager.getEmailTimeSeries(24)
: undefined;
metrics.email = {
sent: stats.sentToday,
received: stats.receivedToday,
@@ -212,6 +218,7 @@ export class StatsHandler {
averageDeliveryTime: 0,
deliveryRate: stats.deliveryRate,
bounceRate: stats.bounceRate,
timeSeries,
};
})
);
@@ -220,6 +227,11 @@ export class StatsHandler {
if (sections.dns) {
promises.push(
this.collectDnsStats().then(stats => {
// Get time-series data from MetricsManager
const timeSeries = this.opsServerRef.dcRouterRef.metricsManager
? this.opsServerRef.dcRouterRef.metricsManager.getDnsTimeSeries(24)
: undefined;
metrics.dns = {
totalQueries: stats.totalQueries,
cacheHits: stats.cacheHits,
@@ -228,6 +240,8 @@ export class StatsHandler {
activeDomains: stats.topDomains.length,
averageResponseTime: 0,
queryTypes: stats.queryTypes,
timeSeries,
recentQueries: stats.recentQueries,
};
})
);
@@ -236,6 +250,19 @@ export class StatsHandler {
if (sections.security && this.opsServerRef.dcRouterRef.metricsManager) {
promises.push(
this.opsServerRef.dcRouterRef.metricsManager.getSecurityStats().then(stats => {
// Get recent events from the SecurityLogger singleton
const securityLogger = SecurityLogger.getInstance();
const recentEvents = securityLogger.getRecentEvents(50).map((evt) => ({
timestamp: evt.timestamp,
level: evt.level,
type: evt.type,
message: evt.message,
details: evt.details,
ipAddress: evt.ipAddress,
domain: evt.domain,
success: evt.success,
}));
metrics.security = {
blockedIPs: stats.blockedIPs,
reputationScores: {},
@@ -244,6 +271,7 @@ export class StatsHandler {
phishingDetected: stats.phishingDetected,
authenticationFailures: stats.authFailures,
suspiciousActivities: stats.totalThreatsBlocked,
recentEvents,
};
})
);
@@ -395,6 +423,7 @@ export class StatsHandler {
count: number;
}>;
queryTypes: { [key: string]: number };
recentQueries?: Array<{ timestamp: number; domain: string; type: string; answered: boolean; responseTimeMs: number }>;
domainBreakdown?: { [domain: string]: interfaces.data.IDnsStats };
}> {
// Get metrics from MetricsManager if available
@@ -408,9 +437,10 @@ export class StatsHandler {
cacheHitRate: dnsStats.cacheHitRate,
topDomains: dnsStats.topDomains,
queryTypes: dnsStats.queryTypes,
recentQueries: dnsStats.recentQueries,
};
}
// Fallback if MetricsManager not available
return {
queriesPerSecond: 0,

8
ts/radius/classes.vlan.manager.ts
View File

@@ -100,6 +100,14 @@ export class VlanManager {
// Cache the result
this.normalizedMacCache.set(mac, normalized);
// Prevent unbounded cache growth
if (this.normalizedMacCache.size > 10000) {
const iterator = this.normalizedMacCache.keys();
for (let i = 0; i < 1000; i++) {
this.normalizedMacCache.delete(iterator.next().value);
}
}
return normalized;
}

146
ts/readme.md Normal file
View File

@@ -0,0 +1,146 @@
# @serve.zone/dcrouter
The core DcRouter package — a unified datacenter gateway orchestrator. 🚀
This is the main entry point for DcRouter. It provides the `DcRouter` class that wires together SmartProxy, smartmta, SmartDNS, SmartRadius, RemoteIngress, and the OpsServer dashboard into a single cohesive service.
## Issue Reporting and Security
For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly.
## Installation
```bash
pnpm add @serve.zone/dcrouter
```
## Usage
```typescript
import { DcRouter } from '@serve.zone/dcrouter';
const router = new DcRouter({
smartProxyConfig: {
routes: [
{
name: 'web-app',
match: { domains: ['example.com'], ports: [443] },
action: {
type: 'forward',
targets: [{ host: '192.168.1.10', port: 8080 }],
tls: { mode: 'terminate', certificate: 'auto' }
}
}
],
acme: { email: 'admin@example.com', enabled: true, useProduction: true }
}
});
await router.start();
// OpsServer dashboard at http://localhost:3000
// Graceful shutdown
await router.stop();
```
## Module Structure
```
ts/
├── index.ts # Main exports (DcRouter, re-exported smartmta types)
├── classes.dcrouter.ts # DcRouter orchestrator class + IDcRouterOptions
├── classes.cert-provision-scheduler.ts # Per-domain cert backoff scheduler
├── classes.storage-cert-manager.ts # SmartAcme cert manager backed by StorageManager
├── logger.ts # Structured logging utility
├── paths.ts # Centralized data directory paths
├── plugins.ts # All dependency imports
├── cache/ # Cache database (smartdata + LocalTsmDb)
│ ├── classes.cachedb.ts # CacheDb singleton
│ ├── classes.cachecleaner.ts # TTL-based cleanup
│ └── documents/ # Cached document models
├── config/ # Configuration utilities
├── errors/ # Error classes and retry logic
├── monitoring/ # MetricsManager (SmartMetrics integration)
├── opsserver/ # OpsServer dashboard + API handlers
│ ├── classes.opsserver.ts # HTTP server + TypedRouter setup
│ └── handlers/ # TypedRequest handlers by domain
│ ├── admin.handler.ts # Auth (login/logout/verify)
│ ├── stats.handler.ts # Statistics + health
│ ├── config.handler.ts # Configuration (read-only)
│ ├── logs.handler.ts # Log retrieval
│ ├── email.handler.ts # Email operations
│ ├── certificate.handler.ts # Certificate management
│ ├── radius.handler.ts # RADIUS management
│ └── remoteingress.handler.ts # Remote ingress edge + token management
├── radius/ # RADIUS server integration
├── remoteingress/ # Remote ingress hub integration
│ ├── classes.remoteingress-manager.ts # Edge CRUD + port derivation
│ └── classes.tunnel-manager.ts # Rust hub lifecycle + status tracking
├── security/ # Security utilities
├── sms/ # SMS integration
└── storage/ # StorageManager (filesystem/custom/memory)
```
## Exports
```typescript
// Main class
export { DcRouter, IDcRouterOptions } from './classes.dcrouter.js';
// Re-exported from smartmta
export { UnifiedEmailServer } from '@push.rocks/smartmta';
export type { IUnifiedEmailServerOptions, IEmailRoute, IEmailDomainConfig } from '@push.rocks/smartmta';
// RADIUS
export { RadiusServer, IRadiusServerConfig } from './radius/index.js';
// Remote Ingress
export { RemoteIngressManager, TunnelManager } from './remoteingress/index.js';
```
## Key Classes
### `DcRouter`
The central orchestrator. Accepts `IDcRouterOptions` and manages the lifecycle of all sub-services:
| Config Section | Service Started | Package |
|----------------|----------------|---------|
| `smartProxyConfig` | SmartProxy (HTTP/HTTPS/TCP/SNI) | `@push.rocks/smartproxy` |
| `emailConfig` | UnifiedEmailServer (SMTP) | `@push.rocks/smartmta` |
| `dnsNsDomains` + `dnsScopes` | DnsServer (UDP + DoH) | `@push.rocks/smartdns` |
| `radiusConfig` | RadiusServer (auth + accounting) | `@push.rocks/smartradius` |
| `remoteIngressConfig` | RemoteIngressManager + TunnelManager | `@serve.zone/remoteingress` |
| `tls` + `dnsChallenge` | SmartAcme (ACME cert provisioning) | `@push.rocks/smartacme` |
| `cacheConfig` | CacheDb (embedded MongoDB) | `@push.rocks/smartdata` |
| *(always)* | OpsServer (dashboard + API) | `@api.global/typedserver` |
| *(always)* | MetricsManager | `@push.rocks/smartmetrics` |
### `RemoteIngressManager`
Manages CRUD for remote ingress edge registrations. Persists edges via StorageManager. Provides port derivation from routes tagged with `remoteIngress.enabled`.
### `TunnelManager`
Manages the Rust-based RemoteIngressHub lifecycle. Syncs allowed edges, tracks connection status, and exposes edge statuses (connected, publicIp, activeTunnels, lastHeartbeat).
## License and Legal Information
This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file.
**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
### Trademarks
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.
Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.
### Company Information
Task Venture Capital GmbH
Registered at District Court Bremen HRB 35230 HB, Germany
For any legal inquiries or further information, please contact us via email at hello@task.vc.
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.

108
ts/remoteingress/classes.remoteingress-manager.ts
View File

@@ -1,9 +1,30 @@
import * as plugins from '../plugins.js';
import type { StorageManager } from '../storage/classes.storagemanager.js';
import type { IRemoteIngress } from '../../ts_interfaces/data/remoteingress.js';
import type { IRemoteIngress, IDcRouterRouteConfig } from '../../ts_interfaces/data/remoteingress.js';
const STORAGE_PREFIX = '/remote-ingress/';
/**
* Flatten a port range (number | number[] | Array<{from, to}>) to a sorted unique number array.
*/
function extractPorts(portRange: number | number[] | Array<{ from: number; to: number }>): number[] {
const ports = new Set<number>();
if (typeof portRange === 'number') {
ports.add(portRange);
} else if (Array.isArray(portRange)) {
for (const entry of portRange) {
if (typeof entry === 'number') {
ports.add(entry);
} else if (typeof entry === 'object' && 'from' in entry && 'to' in entry) {
for (let p = entry.from; p <= entry.to; p++) {
ports.add(p);
}
}
}
}
return [...ports].sort((a, b) => a - b);
}
/**
* Manages CRUD for remote ingress edge registrations.
* Persists edge configs via StorageManager and provides
@@ -12,6 +33,7 @@ const STORAGE_PREFIX = '/remote-ingress/';
export class RemoteIngressManager {
private storageManager: StorageManager;
private edges: Map<string, IRemoteIngress> = new Map();
private routes: IDcRouterRouteConfig[] = [];
constructor(storageManager: StorageManager) {
this.storageManager = storageManager;
@@ -25,18 +47,87 @@ export class RemoteIngressManager {
for (const key of keys) {
const edge = await this.storageManager.getJSON<IRemoteIngress>(key);
if (edge) {
// Migration: old edges without autoDerivePorts default to true
if ((edge as any).autoDerivePorts === undefined) {
edge.autoDerivePorts = true;
await this.storageManager.setJSON(key, edge);
}
this.edges.set(edge.id, edge);
}
}
}
/**
* Store the current route configs for port derivation.
*/
public setRoutes(routes: IDcRouterRouteConfig[]): void {
this.routes = routes;
}
/**
* Derive listen ports for an edge from routes tagged with remoteIngress.enabled.
* When a route specifies edgeFilter, only edges whose id or tags match get that route's ports.
* When edgeFilter is absent, the route applies to all edges.
*/
public derivePortsForEdge(edgeId: string, edgeTags?: string[]): number[] {
const ports = new Set<number>();
for (const route of this.routes) {
if (!route.remoteIngress?.enabled) continue;
// Apply edge filter if present
const filter = route.remoteIngress.edgeFilter;
if (filter && filter.length > 0) {
const idMatch = filter.includes(edgeId);
const tagMatch = edgeTags?.some((tag) => filter.includes(tag)) ?? false;
if (!idMatch && !tagMatch) continue;
}
// Extract ports from the route match
if (route.match?.ports) {
for (const p of extractPorts(route.match.ports)) {
ports.add(p);
}
}
}
return [...ports].sort((a, b) => a - b);
}
/**
* Get the effective listen ports for an edge.
* Manual ports are always included. Auto-derived ports are added (union) when autoDerivePorts is true.
*/
public getEffectiveListenPorts(edge: IRemoteIngress): number[] {
const manualPorts = edge.listenPorts || [];
const shouldDerive = edge.autoDerivePorts !== false;
if (!shouldDerive) return [...manualPorts].sort((a, b) => a - b);
const derivedPorts = this.derivePortsForEdge(edge.id, edge.tags);
return [...new Set([...manualPorts, ...derivedPorts])].sort((a, b) => a - b);
}
/**
* Get manual and derived port breakdown for an edge (used in API responses).
* Derived ports exclude any ports already present in the manual list.
*/
public getPortBreakdown(edge: IRemoteIngress): { manual: number[]; derived: number[] } {
const manual = edge.listenPorts || [];
const shouldDerive = edge.autoDerivePorts !== false;
if (!shouldDerive) return { manual, derived: [] };
const manualSet = new Set(manual);
const allDerived = this.derivePortsForEdge(edge.id, edge.tags);
const derived = allDerived.filter((p) => !manualSet.has(p));
return { manual, derived };
}
/**
* Create a new edge registration.
*/
public async createEdge(
name: string,
listenPorts: number[],
listenPorts: number[] = [],
tags?: string[],
autoDerivePorts: boolean = true,
): Promise<IRemoteIngress> {
const id = plugins.uuid.v4();
const secret = plugins.crypto.randomBytes(32).toString('hex');
@@ -48,6 +139,7 @@ export class RemoteIngressManager {
secret,
listenPorts,
enabled: true,
autoDerivePorts,
tags: tags || [],
createdAt: now,
updatedAt: now,
@@ -80,6 +172,7 @@ export class RemoteIngressManager {
updates: {
name?: string;
listenPorts?: number[];
autoDerivePorts?: boolean;
enabled?: boolean;
tags?: string[];
},
@@ -91,6 +184,7 @@ export class RemoteIngressManager {
if (updates.name !== undefined) edge.name = updates.name;
if (updates.listenPorts !== undefined) edge.listenPorts = updates.listenPorts;
if (updates.autoDerivePorts !== undefined) edge.autoDerivePorts = updates.autoDerivePorts;
if (updates.enabled !== undefined) edge.enabled = updates.enabled;
if (updates.tags !== undefined) edge.tags = updates.tags;
edge.updatedAt = Date.now();
@@ -148,11 +242,15 @@ export class RemoteIngressManager {
/**
* Get the list of allowed edges (enabled only) for the Rust hub.
*/
public getAllowedEdges(): Array<{ id: string; secret: string }> {
const result: Array<{ id: string; secret: string }> = [];
public getAllowedEdges(): Array<{ id: string; secret: string; listenPorts: number[] }> {
const result: Array<{ id: string; secret: string; listenPorts: number[] }> = [];
for (const edge of this.edges.values()) {
if (edge.enabled) {
result.push({ id: edge.id, secret: edge.secret });
result.push({
id: edge.id,
secret: edge.secret,
listenPorts: this.getEffectiveListenPorts(edge),
});
}
}
return result;

6
ts/remoteingress/classes.tunnel-manager.ts
View File

@@ -35,11 +35,7 @@ export class TunnelManager {
});
this.hub.on('edgeDisconnected', (data: { edgeId: string }) => {
const existing = this.edgeStatuses.get(data.edgeId);
if (existing) {
existing.connected = false;
existing.activeTunnels = 0;
}
this.edgeStatuses.delete(data.edgeId);
});
this.hub.on('streamOpened', (data: { edgeId: string; streamId: number }) => {

32
ts_interfaces/data/remoteingress.ts
View File

@@ -1,3 +1,5 @@
import type { IRouteConfig } from '@push.rocks/smartproxy';
/**
* A stored remote ingress edge registration.
*/
@@ -7,9 +9,17 @@ export interface IRemoteIngress {
secret: string;
listenPorts: number[];
enabled: boolean;
/** Whether to auto-derive ports from remoteIngress-tagged routes. Defaults to true. */
autoDerivePorts: boolean;
tags?: string[];
createdAt: number;
updatedAt: number;
/** Effective ports (union of manual + derived) — only present in API responses. */
effectiveListenPorts?: number[];
/** Ports explicitly set by the user — only present in API responses. */
manualPorts?: number[];
/** Ports auto-derived from route configs — only present in API responses. */
derivedPorts?: number[];
}
/**
@@ -23,3 +33,25 @@ export interface IRemoteIngressStatus {
lastHeartbeat: number | null;
connectedAt: number | null;
}
/**
* Route-level remote ingress configuration.
* When attached to a route, signals that traffic for this route
* should be accepted from remote edge nodes.
*/
export interface IRouteRemoteIngress {
/** Whether this route receives traffic from edge nodes */
enabled: boolean;
/** Optional filter: only edges whose id or tags match get this route's ports.
* When absent, the route applies to all edges. */
edgeFilter?: string[];
}
/**
* Extended route config used within dcrouter.
* Adds the optional `remoteIngress` property to SmartProxy's IRouteConfig.
* SmartProxy ignores unknown properties at runtime.
*/
export type IDcRouterRouteConfig = IRouteConfig & {
remoteIngress?: IRouteRemoteIngress;
};

32
ts_interfaces/data/stats.ts
View File

@@ -26,6 +26,11 @@ export interface IServerStats {
};
}
export interface ITimeSeriesPoint {
timestamp: number;
value: number;
}
export interface IEmailStats {
sent: number;
received: number;
@@ -35,6 +40,11 @@ export interface IEmailStats {
averageDeliveryTime: number;
deliveryRate: number;
bounceRate: number;
timeSeries?: {
sent: ITimeSeriesPoint[];
received: ITimeSeriesPoint[];
failed: ITimeSeriesPoint[];
};
}
export interface IDnsStats {
@@ -47,6 +57,16 @@ export interface IDnsStats {
queryTypes: {
[key: string]: number;
};
timeSeries?: {
queries: ITimeSeriesPoint[];
};
recentQueries?: Array<{
timestamp: number;
domain: string;
type: string;
answered: boolean;
responseTimeMs: number;
}>;
}
export interface IRateLimitInfo {
@@ -58,6 +78,17 @@ export interface IRateLimitInfo {
blocked: boolean;
}
export interface ISecurityEvent {
timestamp: number;
level: string;
type: string;
message: string;
details?: any;
ipAddress?: string;
domain?: string;
success?: boolean;
}
export interface ISecurityMetrics {
blockedIPs: string[];
reputationScores: {
@@ -68,6 +99,7 @@ export interface ISecurityMetrics {
phishingDetected: number;
authenticationFailures: number;
suspiciousActivities: number;
recentEvents?: ISecurityEvent[];
}
export interface ILogEntry {

49
ts_interfaces/readme.md
View File

@@ -82,6 +82,14 @@ interface IIdentity {
| `INetworkMetrics` | Bandwidth, connection counts, top endpoints |
| `ILogEntry` | Timestamp, level, category, message, metadata |
#### Remote Ingress Interfaces
| Interface | Description |
|-----------|-------------|
| `IRemoteIngress` | Edge registration: id, name, secret, listenPorts, enabled, autoDerivePorts, tags |
| `IRemoteIngressStatus` | Runtime status: connected, publicIp, activeTunnels, lastHeartbeat |
| `IRouteRemoteIngress` | Route-level config: enabled flag and optional edgeFilter |
| `IDcRouterRouteConfig` | Extended SmartProxy route config with optional `remoteIngress` property |
### Request Interfaces (`requests`)
TypedRequest interfaces for the OpsServer API, organized by domain:
@@ -134,6 +142,9 @@ TypedRequest interfaces for the OpsServer API, organized by domain:
| `IReq_GetCertificateOverview` | `getCertificateOverview` | Domain-centric certificate status |
| `IReq_ReprovisionCertificate` | `reprovisionCertificate` | Reprovision by route name (legacy) |
| `IReq_ReprovisionCertificateDomain` | `reprovisionCertificateDomain` | Reprovision by domain (preferred) |
| `IReq_ImportCertificate` | `importCertificate` | Import a certificate |
| `IReq_ExportCertificate` | `exportCertificate` | Export a certificate |
| `IReq_DeleteCertificate` | `deleteCertificate` | Delete a certificate |
#### Certificate Types
```typescript
@@ -159,6 +170,17 @@ interface ICertificateInfo {
}
```
#### 🌍 Remote Ingress
| Interface | Method | Description |
|-----------|--------|-------------|
| `IReq_CreateRemoteIngress` | `createRemoteIngress` | Register a new edge node |
| `IReq_DeleteRemoteIngress` | `deleteRemoteIngress` | Remove an edge registration |
| `IReq_UpdateRemoteIngress` | `updateRemoteIngress` | Update edge settings |
| `IReq_RegenerateRemoteIngressSecret` | `regenerateRemoteIngressSecret` | Issue a new secret |
| `IReq_GetRemoteIngresses` | `getRemoteIngresses` | List all edge registrations |
| `IReq_GetRemoteIngressStatus` | `getRemoteIngressStatus` | Runtime status of all edges |
| `IReq_GetRemoteIngressConnectionToken` | `getRemoteIngressConnectionToken` | Generate a connection token |
#### 📡 RADIUS
| Interface | Method | Description |
|-----------|--------|-------------|
@@ -183,7 +205,7 @@ import { data, requests } from '@serve.zone/dcrouter-interfaces';
// 1. Login
const loginClient = new typedrequest.TypedRequest<requests.IReq_AdminLoginWithUsernameAndPassword>(
'https://your-dcrouter:3000/typedrequest',
'adminLogin'
'adminLoginWithUsernameAndPassword'
);
const loginResponse = await loginClient.fire({
@@ -199,10 +221,8 @@ const metricsClient = new typedrequest.TypedRequest<requests.IReq_GetCombinedMet
);
const metrics = await metricsClient.fire({ identity });
console.log('Server:', metrics.serverStats);
console.log('Email:', metrics.emailStats);
console.log('DNS:', metrics.dnsStats);
console.log('Security:', metrics.securityMetrics);
console.log('Server:', metrics.metrics.server);
console.log('Email:', metrics.metrics.email);
// 3. Check certificate status
const certClient = new typedrequest.TypedRequest<requests.IReq_GetCertificateOverview>(
@@ -213,14 +233,23 @@ const certClient = new typedrequest.TypedRequest<requests.IReq_GetCertificateOve
const certs = await certClient.fire({ identity });
console.log(`Certificates: ${certs.summary.valid} valid, ${certs.summary.failed} failed`);
// 4. Check email queues
const queueClient = new typedrequest.TypedRequest<requests.IReq_GetQueuedEmails>(
// 4. List remote ingress edges
const edgesClient = new typedrequest.TypedRequest<requests.IReq_GetRemoteIngresses>(
'https://your-dcrouter:3000/typedrequest',
'getQueuedEmails'
'getRemoteIngresses'
);
const queued = await queueClient.fire({ identity });
console.log('Queued emails:', queued.emails.length);
const edges = await edgesClient.fire({ identity });
console.log('Registered edges:', edges.edges.length);
// 5. Generate a connection token for an edge
const tokenClient = new typedrequest.TypedRequest<requests.IReq_GetRemoteIngressConnectionToken>(
'https://your-dcrouter:3000/typedrequest',
'getRemoteIngressConnectionToken'
);
const tokenResponse = await tokenClient.fire({ identity, edgeId: edges.edges[0].id });
console.log('Connection token:', tokenResponse.token);
```
## License and Legal Information

65
ts_interfaces/requests/certificate.ts
View File

@@ -74,3 +74,68 @@ export interface IReq_ReprovisionCertificateDomain extends plugins.typedrequestI
message?: string;
};
}
// Delete a certificate by domain
export interface IReq_DeleteCertificate extends plugins.typedrequestInterfaces.implementsTR<
plugins.typedrequestInterfaces.ITypedRequest,
IReq_DeleteCertificate
> {
method: 'deleteCertificate';
request: {
identity?: authInterfaces.IIdentity;
domain: string;
};
response: {
success: boolean;
message?: string;
};
}
// Export a certificate as ICert JSON
export interface IReq_ExportCertificate extends plugins.typedrequestInterfaces.implementsTR<
plugins.typedrequestInterfaces.ITypedRequest,
IReq_ExportCertificate
> {
method: 'exportCertificate';
request: {
identity?: authInterfaces.IIdentity;
domain: string;
};
response: {
success: boolean;
cert?: {
id: string;
domainName: string;
created: number;
validUntil: number;
privateKey: string;
publicKey: string;
csr: string;
};
message?: string;
};
}
// Import a certificate from ICert JSON
export interface IReq_ImportCertificate extends plugins.typedrequestInterfaces.implementsTR<
plugins.typedrequestInterfaces.ITypedRequest,
IReq_ImportCertificate
> {
method: 'importCertificate';
request: {
identity?: authInterfaces.IIdentity;
cert: {
id: string;
domainName: string;
created: number;
validUntil: number;
privateKey: string;
publicKey: string;
csr: string;
};
};
response: {
success: boolean;
message?: string;
};
}

12
ts_interfaces/requests/logs.ts
View File

@@ -41,4 +41,16 @@ export interface IReq_GetLogStream extends plugins.typedrequestInterfaces.implem
response: {
logStream: plugins.typedrequestInterfaces.IVirtualStream;
};
}
// Push Log Entry (server → client via TypedSocket)
export interface IReq_PushLogEntry extends plugins.typedrequestInterfaces.implementsTR<
plugins.typedrequestInterfaces.ITypedRequest,
IReq_PushLogEntry
> {
method: 'pushLogEntry';
request: {
entry: statsInterfaces.ILogEntry;
};
response: {};
}

25
ts_interfaces/requests/remoteingress.ts
View File

@@ -17,7 +17,8 @@ export interface IReq_CreateRemoteIngress extends plugins.typedrequestInterfaces
request: {
identity?: authInterfaces.IIdentity;
name: string;
listenPorts: number[];
listenPorts?: number[];
autoDerivePorts?: boolean;
tags?: string[];
};
response: {
@@ -57,6 +58,7 @@ export interface IReq_UpdateRemoteIngress extends plugins.typedrequestInterfaces
id: string;
name?: string;
listenPorts?: number[];
autoDerivePorts?: boolean;
enabled?: boolean;
tags?: string[];
};
@@ -115,3 +117,24 @@ export interface IReq_GetRemoteIngressStatus extends plugins.typedrequestInterfa
statuses: IRemoteIngressStatus[];
};
}
/**
* Get a connection token for a remote ingress edge.
* The token is a single opaque base64url string that encodes hubHost, hubPort, edgeId, and secret.
*/
export interface IReq_GetRemoteIngressConnectionToken extends plugins.typedrequestInterfaces.implementsTR<
plugins.typedrequestInterfaces.ITypedRequest,
IReq_GetRemoteIngressConnectionToken
> {
method: 'getRemoteIngressConnectionToken';
request: {
identity?: authInterfaces.IIdentity;
edgeId: string;
hubHost?: string;
};
response: {
success: boolean;
token?: string;
message?: string;
};
}

2
ts_web/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@serve.zone/dcrouter',
version: '6.5.0',
version: '7.4.2',
description: 'A multifaceted routing service handling mail and SMS delivery functions.'
}

228
ts_web/appstate.ts
View File

@@ -200,7 +200,7 @@ export interface IRemoteIngressState {
edges: interfaces.data.IRemoteIngress[];
statuses: interfaces.data.IRemoteIngressStatus[];
selectedEdgeId: string | null;
newEdgeSecret: string | null;
newEdgeId: string | null;
isLoading: boolean;
error: string | null;
lastUpdated: number;
@@ -212,7 +212,7 @@ export const remoteIngressStatePart = await appState.getStatePart<IRemoteIngress
edges: [],
statuses: [],
selectedEdgeId: null,
newEdgeSecret: null,
newEdgeId: null,
isLoading: false,
error: null,
lastUpdated: 0,
@@ -780,6 +780,92 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
}
);
export const deleteCertificateAction = certificateStatePart.createAction<string>(
async (statePartArg, domain) => {
const context = getActionContext();
const currentState = statePartArg.getState();
try {
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_DeleteCertificate
>('/typedrequest', 'deleteCertificate');
await request.fire({
identity: context.identity,
domain,
});
// Re-fetch overview after deletion
await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
return statePartArg.getState();
} catch (error) {
return {
...currentState,
error: error instanceof Error ? error.message : 'Failed to delete certificate',
};
}
}
);
export const importCertificateAction = certificateStatePart.createAction<{
id: string;
domainName: string;
created: number;
validUntil: number;
privateKey: string;
publicKey: string;
csr: string;
}>(
async (statePartArg, cert) => {
const context = getActionContext();
const currentState = statePartArg.getState();
try {
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_ImportCertificate
>('/typedrequest', 'importCertificate');
await request.fire({
identity: context.identity,
cert,
});
// Re-fetch overview after import
await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
return statePartArg.getState();
} catch (error) {
return {
...currentState,
error: error instanceof Error ? error.message : 'Failed to import certificate',
};
}
}
);
export async function fetchCertificateExport(domain: string) {
const context = getActionContext();
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_ExportCertificate
>('/typedrequest', 'exportCertificate');
return request.fire({
identity: context.identity,
domain,
});
}
// ============================================================================
// Remote Ingress Standalone Functions
// ============================================================================
export async function fetchConnectionToken(edgeId: string) {
const context = getActionContext();
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_GetRemoteIngressConnectionToken
>('/typedrequest', 'getRemoteIngressConnectionToken');
return request.fire({ identity: context.identity, edgeId });
}
// ============================================================================
// Remote Ingress Actions
// ============================================================================
@@ -821,7 +907,8 @@ export const fetchRemoteIngressAction = remoteIngressStatePart.createAction(asyn
export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
name: string;
listenPorts: number[];
listenPorts?: number[];
autoDerivePorts?: boolean;
tags?: string[];
}>(async (statePartArg, dataArg) => {
const context = getActionContext();
@@ -836,15 +923,17 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
identity: context.identity,
name: dataArg.name,
listenPorts: dataArg.listenPorts,
autoDerivePorts: dataArg.autoDerivePorts,
tags: dataArg.tags,
});
if (response.success) {
// Refresh the list and store the new secret for display
// Refresh the list
await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
return {
...statePartArg.getState(),
newEdgeSecret: response.edge.secret,
newEdgeId: response.edge.id,
};
}
@@ -883,6 +972,40 @@ export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<str
}
);
export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
id: string;
name?: string;
listenPorts?: number[];
autoDerivePorts?: boolean;
tags?: string[];
}>(async (statePartArg, dataArg) => {
const context = getActionContext();
const currentState = statePartArg.getState();
try {
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_UpdateRemoteIngress
>('/typedrequest', 'updateRemoteIngress');
await request.fire({
identity: context.identity,
id: dataArg.id,
name: dataArg.name,
listenPorts: dataArg.listenPorts,
autoDerivePorts: dataArg.autoDerivePorts,
tags: dataArg.tags,
});
await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
return statePartArg.getState();
} catch (error) {
return {
...currentState,
error: error instanceof Error ? error.message : 'Failed to update edge',
};
}
});
export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.createAction<string>(
async (statePartArg, edgeId) => {
const context = getActionContext();
@@ -901,7 +1024,7 @@ export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.create
if (response.success) {
return {
...currentState,
newEdgeSecret: response.secret,
newEdgeId: edgeId,
};
}
@@ -915,15 +1038,92 @@ export const regenerateRemoteIngressSecretAction = remoteIngressStatePart.create
}
);
export const clearNewEdgeSecretAction = remoteIngressStatePart.createAction(
export const clearNewEdgeIdAction = remoteIngressStatePart.createAction(
async (statePartArg) => {
return {
...statePartArg.getState(),
newEdgeSecret: null,
newEdgeId: null,
};
}
);
export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
id: string;
enabled: boolean;
}>(async (statePartArg, dataArg) => {
const context = getActionContext();
const currentState = statePartArg.getState();
try {
const request = new plugins.domtools.plugins.typedrequest.TypedRequest<
interfaces.requests.IReq_UpdateRemoteIngress
>('/typedrequest', 'updateRemoteIngress');
await request.fire({
identity: context.identity,
id: dataArg.id,
enabled: dataArg.enabled,
});
await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
return statePartArg.getState();
} catch (error) {
return {
...currentState,
error: error instanceof Error ? error.message : 'Failed to toggle edge',
};
}
});
// ============================================================================
// TypedSocket Client for Real-time Log Streaming
// ============================================================================
let socketClient: plugins.typedsocket.TypedSocket | null = null;
const socketRouter = new plugins.domtools.plugins.typedrequest.TypedRouter();
// Register handler for pushed log entries from the server
socketRouter.addTypedHandler(
new plugins.domtools.plugins.typedrequest.TypedHandler<interfaces.requests.IReq_PushLogEntry>(
'pushLogEntry',
async (dataArg) => {
const current = logStatePart.getState();
const updated = [...current.recentLogs, dataArg.entry];
// Cap at 2000 entries
if (updated.length > 2000) {
updated.splice(0, updated.length - 2000);
}
logStatePart.setState({ ...current, recentLogs: updated });
return {};
}
)
);
async function connectSocket() {
if (socketClient) return;
try {
socketClient = await plugins.typedsocket.TypedSocket.createClient(
socketRouter,
plugins.typedsocket.TypedSocket.useWindowLocationOriginUrl(),
);
await socketClient.setTag('role', 'ops_dashboard');
} catch (err) {
console.error('TypedSocket connection failed:', err);
socketClient = null;
}
}
async function disconnectSocket() {
if (socketClient) {
try {
await socketClient.stop();
} catch {
// ignore disconnect errors
}
socketClient = null;
}
}
// Combined refresh action for efficient polling
async function dispatchCombinedRefreshAction() {
const context = getActionContext();
@@ -1086,9 +1286,21 @@ let currentRefreshRate = 1000; // Track current refresh rate to avoid unnecessar
if (state.isLoggedIn !== previousIsLoggedIn) {
previousIsLoggedIn = state.isLoggedIn;
startAutoRefresh();
// Connect/disconnect TypedSocket based on login state
if (state.isLoggedIn) {
connectSocket();
} else {
disconnectSocket();
}
}
});
// Initial start
startAutoRefresh();
// Connect TypedSocket if already logged in (e.g., persistent session)
if (loginStatePart.getState().isLoggedIn) {
connectSocket();
}
})();

141
ts_web/elements/ops-view-certificates.ts
View File

@@ -175,7 +175,7 @@ export class OpsViewCertificates extends DeesElement {
title: 'Total Certificates',
value: summary.total,
type: 'number',
icon: 'shieldHalved',
icon: 'lucide:ShieldHalf',
color: '#3b82f6',
},
{
@@ -183,7 +183,7 @@ export class OpsViewCertificates extends DeesElement {
title: 'Valid',
value: summary.valid,
type: 'number',
icon: 'check',
icon: 'lucide:Check',
color: '#22c55e',
},
{
@@ -191,7 +191,7 @@ export class OpsViewCertificates extends DeesElement {
title: 'Expiring Soon',
value: summary.expiring,
type: 'number',
icon: 'clock',
icon: 'lucide:Clock',
color: '#f59e0b',
},
{
@@ -199,7 +199,7 @@ export class OpsViewCertificates extends DeesElement {
title: 'Failed / Expired',
value: summary.failed + summary.expired,
type: 'number',
icon: 'triangleExclamation',
icon: 'lucide:TriangleAlert',
color: '#ef4444',
},
];
@@ -211,7 +211,7 @@ export class OpsViewCertificates extends DeesElement {
.gridActions=${[
{
name: 'Refresh',
iconName: 'arrowsRotate',
iconName: 'lucide:RefreshCw',
action: async () => {
await appstate.certificateStatePart.dispatchAction(
appstate.fetchCertificateOverviewAction,
@@ -241,9 +241,64 @@ export class OpsViewCertificates extends DeesElement {
: '',
})}
.dataActions=${[
{
name: 'Import Certificate',
iconName: 'lucide:upload',
type: ['header'],
actionFunc: async () => {
const { DeesModal } = await import('@design.estate/dees-catalog');
await DeesModal.createAndShow({
heading: 'Import Certificate',
content: html`
<dees-form>
<dees-input-fileupload
key="certJsonFile"
label="Certificate JSON (.tsclass.cert.json)"
accept=".json"
.multiple=${false}
required
></dees-input-fileupload>
</dees-form>
`,
menuOptions: [
{
name: 'Import',
iconName: 'lucide:upload',
action: async (modal) => {
const { DeesToast } = await import('@design.estate/dees-catalog');
try {
const form = modal.shadowRoot.querySelector('dees-form') as any;
const formData = await form.collectFormData();
const files = formData.certJsonFile;
if (!files || files.length === 0) {
DeesToast.show({ message: 'Please select a JSON file.', type: 'warning', duration: 3000 });
return;
}
const file = files[0];
const text = await file.text();
const cert = JSON.parse(text);
if (!cert.domainName || !cert.publicKey || !cert.privateKey) {
DeesToast.show({ message: 'Invalid cert JSON: missing domainName, publicKey, or privateKey.', type: 'error', duration: 4000 });
return;
}
await appstate.certificateStatePart.dispatchAction(
appstate.importCertificateAction,
cert,
);
DeesToast.show({ message: `Certificate imported for ${cert.domainName}`, type: 'success', duration: 3000 });
modal.destroy();
} catch (err) {
DeesToast.show({ message: `Import failed: ${err.message}`, type: 'error', duration: 4000 });
}
},
},
],
});
},
},
{
name: 'Reprovision',
iconName: 'arrowsRotate',
iconName: 'lucide:RefreshCw',
type: ['inRow'],
actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
const cert = actionData.item;
@@ -268,9 +323,66 @@ export class OpsViewCertificates extends DeesElement {
});
},
},
{
name: 'Export',
iconName: 'lucide:download',
type: ['inRow', 'contextmenu'],
actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
const { DeesToast } = await import('@design.estate/dees-catalog');
const cert = actionData.item;
try {
const response = await appstate.fetchCertificateExport(cert.domain);
if (response.success && response.cert) {
const safeDomain = cert.domain.replace(/\*/g, '_wildcard');
this.downloadJsonFile(`${safeDomain}.tsclass.cert.json`, response.cert);
DeesToast.show({ message: `Certificate exported for ${cert.domain}`, type: 'success', duration: 3000 });
} else {
DeesToast.show({ message: response.message || 'Export failed', type: 'error', duration: 4000 });
}
} catch (err) {
DeesToast.show({ message: `Export failed: ${err.message}`, type: 'error', duration: 4000 });
}
},
},
{
name: 'Delete',
iconName: 'lucide:trash-2',
type: ['inRow', 'contextmenu'],
actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
const cert = actionData.item;
const { DeesModal, DeesToast } = await import('@design.estate/dees-catalog');
await DeesModal.createAndShow({
heading: `Delete Certificate: ${cert.domain}`,
content: html`
<div style="padding: 20px; font-size: 14px;">
<p>Are you sure you want to delete the certificate data for <strong>${cert.domain}</strong>?</p>
<p style="color: #f59e0b; margin-top: 12px;">Note: The certificate may remain in proxy memory until the next restart or reprovisioning.</p>
</div>
`,
menuOptions: [
{
name: 'Delete',
iconName: 'lucide:trash-2',
action: async (modal) => {
try {
await appstate.certificateStatePart.dispatchAction(
appstate.deleteCertificateAction,
cert.domain,
);
DeesToast.show({ message: `Certificate deleted for ${cert.domain}`, type: 'success', duration: 3000 });
modal.destroy();
} catch (err) {
DeesToast.show({ message: `Delete failed: ${err.message}`, type: 'error', duration: 4000 });
}
},
},
],
});
},
},
{
name: 'View Details',
iconName: 'magnifyingGlass',
iconName: 'fa:magnifyingGlass',
type: ['doubleClick', 'contextmenu'],
actionFunc: async (actionData: { item: interfaces.requests.ICertificateInfo }) => {
const cert = actionData.item;
@@ -289,7 +401,7 @@ export class OpsViewCertificates extends DeesElement {
menuOptions: [
{
name: 'Copy Domain',
iconName: 'copy',
iconName: 'lucide:Copy',
action: async () => {
await navigator.clipboard.writeText(cert.domain);
},
@@ -309,6 +421,19 @@ export class OpsViewCertificates extends DeesElement {
`;
}
private downloadJsonFile(filename: string, data: any): void {
const json = JSON.stringify(data, null, 2);
const blob = new Blob([json], { type: 'application/json' });
const url = URL.createObjectURL(blob);
const a = document.createElement('a');
a.href = url;
a.download = filename;
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
URL.revokeObjectURL(url);
}
private renderRoutePills(routeNames: string[]): TemplateResult {
const maxShow = 3;
const visible = routeNames.slice(0, maxShow);

203
ts_web/elements/ops-view-logs.ts
View File

@@ -20,6 +20,17 @@ export class OpsViewLogs extends DeesElement {
filters: {},
};
@state()
accessor filterLevel: string | undefined;
@state()
accessor filterCategory: string | undefined;
@state()
accessor filterLimit: number = 100;
private lastPushedCount = 0;
constructor() {
super();
const subscription = appstate.logStatePart
@@ -46,87 +57,20 @@ export class OpsViewLogs extends DeesElement {
align-items: center;
gap: 8px;
}
.logContainer {
background: ${cssManager.bdTheme('#f8f9fa', '#1e1e1e')};
border-radius: 8px;
padding: 16px;
max-height: 600px;
overflow-y: auto;
font-family: 'Consolas', 'Monaco', monospace;
font-size: 13px;
}
.logEntry {
margin-bottom: 8px;
line-height: 1.5;
}
.logTimestamp {
color: ${cssManager.bdTheme('#7a7a7a', '#7a7a7a')};
margin-right: 8px;
}
.logLevel {
font-weight: bold;
margin-right: 8px;
padding: 2px 6px;
border-radius: 3px;
font-size: 11px;
}
.logLevel.debug {
color: ${cssManager.bdTheme('#6a9955', '#6a9955')};
background: ${cssManager.bdTheme('rgba(106, 153, 85, 0.1)', 'rgba(106, 153, 85, 0.1)')};
}
.logLevel.info {
color: ${cssManager.bdTheme('#569cd6', '#569cd6')};
background: ${cssManager.bdTheme('rgba(86, 156, 214, 0.1)', 'rgba(86, 156, 214, 0.1)')};
}
.logLevel.warn {
color: ${cssManager.bdTheme('#ce9178', '#ce9178')};
background: ${cssManager.bdTheme('rgba(206, 145, 120, 0.1)', 'rgba(206, 145, 120, 0.1)')};
}
.logLevel.error {
color: ${cssManager.bdTheme('#f44747', '#f44747')};
background: ${cssManager.bdTheme('rgba(244, 71, 71, 0.1)', 'rgba(244, 71, 71, 0.1)')};
}
.logCategory {
color: ${cssManager.bdTheme('#c586c0', '#c586c0')};
margin-right: 8px;
}
.logMessage {
color: ${cssManager.bdTheme('#333', '#d4d4d4')};
}
.noLogs {
color: ${cssManager.bdTheme('#7a7a7a', '#7a7a7a')};
text-align: center;
padding: 40px;
}
`,
];
public render() {
return html`
<ops-sectionheading>Logs</ops-sectionheading>
<div class="controls">
<div class="filterGroup">
<dees-button
<dees-button
@click=${() => this.fetchLogs()}
>
Refresh Logs
</dees-button>
<dees-button
@click=${() => this.toggleStreaming()}
.type=${this.logState.isStreaming ? 'highlighted' : 'normal'}
>
${this.logState.isStreaming ? 'Stop Streaming' : 'Start Streaming'}
</dees-button>
</div>
<div class="filterGroup">
@@ -134,7 +78,7 @@ export class OpsViewLogs extends DeesElement {
<dees-input-dropdown
.options=${['all', 'debug', 'info', 'warn', 'error']}
.selectedOption=${'all'}
@selectedOption=${(e) => this.updateFilter('level', e.detail)}
@selectedOption=${(e: any) => this.updateFilter('level', e.detail)}
></dees-input-dropdown>
</div>
@@ -143,7 +87,7 @@ export class OpsViewLogs extends DeesElement {
<dees-input-dropdown
.options=${['all', 'smtp', 'dns', 'security', 'system', 'email']}
.selectedOption=${'all'}
@selectedOption=${(e) => this.updateFilter('category', e.detail)}
@selectedOption=${(e: any) => this.updateFilter('category', e.detail)}
></dees-input-dropdown>
</div>
@@ -152,56 +96,99 @@ export class OpsViewLogs extends DeesElement {
<dees-input-dropdown
.options=${['50', '100', '200', '500']}
.selectedOption=${'100'}
@selectedOption=${(e) => this.updateFilter('limit', e.detail)}
@selectedOption=${(e: any) => this.updateFilter('limit', e.detail)}
></dees-input-dropdown>
</div>
</div>
<div class="logContainer">
${this.logState.recentLogs.length > 0 ?
this.logState.recentLogs.map(log => html`
<div class="logEntry">
<span class="logTimestamp">${new Date(log.timestamp).toLocaleTimeString()}</span>
<span class="logLevel ${log.level}">${log.level.toUpperCase()}</span>
<span class="logCategory">[${log.category}]</span>
<span class="logMessage">${log.message}</span>
</div>
`) : html`
<div class="noLogs">No logs to display</div>
`
}
</div>
<dees-chart-log
.label=${'Application Logs'}
.autoScroll=${true}
.maxEntries=${2000}
.showMetrics=${true}
></dees-chart-log>
`;
}
async connectedCallback() {
super.connectedCallback();
this.lastPushedCount = 0;
// Only fetch if state is empty (streaming will handle new entries)
if (this.logState.recentLogs.length === 0) {
this.fetchLogs();
}
}
async updated(changedProperties: Map<string, any>) {
super.updated(changedProperties);
if (changedProperties.has('logState')) {
this.pushLogsToChart();
}
}
private async pushLogsToChart() {
const chartLog = this.shadowRoot?.querySelector('dees-chart-log') as any;
if (!chartLog) return;
// Ensure the chart element has finished its own initialization
await chartLog.updateComplete;
// Wait for xterm terminal to finish initializing (CDN load)
if (!chartLog.terminalReady) {
await new Promise<void>((resolve) => {
const check = () => {
if (chartLog.terminalReady) { resolve(); return; }
setTimeout(check, 50);
};
check();
});
}
const allEntries = this.getMappedLogEntries();
if (this.lastPushedCount === 0 && allEntries.length > 0) {
// Initial load: push all entries
chartLog.updateLog(allEntries);
this.lastPushedCount = allEntries.length;
} else if (allEntries.length > this.lastPushedCount) {
// Incremental: only push new entries
const newEntries = allEntries.slice(this.lastPushedCount);
chartLog.updateLog(newEntries);
this.lastPushedCount = allEntries.length;
}
}
private getMappedLogEntries() {
return this.logState.recentLogs.map((log) => ({
timestamp: new Date(log.timestamp).toISOString(),
level: log.level as 'debug' | 'info' | 'warn' | 'error',
message: log.message,
source: log.category,
}));
}
private async fetchLogs() {
const filters = this.getActiveFilters();
await appstate.logStatePart.dispatchAction(appstate.fetchRecentLogsAction, {
limit: filters.limit || 100,
level: filters.level as 'debug' | 'info' | 'warn' | 'error' | undefined,
category: filters.category as 'smtp' | 'dns' | 'security' | 'system' | 'email' | undefined,
limit: this.filterLimit,
level: this.filterLevel as 'debug' | 'info' | 'warn' | 'error' | undefined,
category: this.filterCategory as 'smtp' | 'dns' | 'security' | 'system' | 'email' | undefined,
});
}
private updateFilter(type: string, value: string) {
if (value === 'all') {
value = undefined;
const resolved = value === 'all' ? undefined : value;
switch (type) {
case 'level':
this.filterLevel = resolved;
break;
case 'category':
this.filterCategory = resolved;
break;
case 'limit':
this.filterLimit = resolved ? parseInt(resolved, 10) : 100;
break;
}
// Update filters then fetch logs
this.fetchLogs();
}
private getActiveFilters() {
return {
level: this.logState.filters.level?.[0],
category: this.logState.filters.category?.[0],
limit: 100,
};
}
private toggleStreaming() {
// TODO: Implement log streaming with VirtualStream
console.log('Streaming toggle not yet implemented');
}
}
}

47
ts_web/elements/ops-view-network.ts
View File

@@ -47,9 +47,6 @@ export class OpsViewNetwork extends DeesElement {
private lastChartUpdate = 0;
private chartUpdateThreshold = 1000; // Minimum ms between chart updates
private lastTrafficUpdateTime = 0;
private trafficUpdateInterval = 1000; // Update every 1 second
private requestCountHistory = new Map<number, number>(); // Track requests per time bucket
private trafficUpdateTimer: any = null;
private requestsPerSecHistory: number[] = []; // Track requests/sec over time for trend
private historyLoaded = false; // Whether server-side throughput history has been loaded
@@ -106,8 +103,6 @@ export class OpsViewNetwork extends DeesElement {
this.trafficDataIn = [...emptyData];
this.trafficDataOut = emptyData.map(point => ({ ...point }));
this.lastTrafficUpdateTime = now;
}
/**
@@ -287,7 +282,7 @@ export class OpsViewNetwork extends DeesElement {
.dataActions=${[
{
name: 'View Details',
iconName: 'magnifyingGlass',
iconName: 'fa:magnifyingGlass',
type: ['inRow', 'doubleClick', 'contextmenu'],
actionFunc: async (actionData) => {
await this.showRequestDetails(actionData.item);
@@ -336,7 +331,7 @@ export class OpsViewNetwork extends DeesElement {
menuOptions: [
{
name: 'Copy Request ID',
iconName: 'copy',
iconName: 'lucide:Copy',
action: async () => {
await navigator.clipboard.writeText(request.id);
}
@@ -413,11 +408,7 @@ export class OpsViewNetwork extends DeesElement {
const throughput = this.calculateThroughput();
const activeConnections = this.statsState.serverStats?.activeConnections || 0;
// Track requests/sec history for the trend sparkline
this.requestsPerSecHistory.push(reqPerSec);
if (this.requestsPerSecHistory.length > 20) {
this.requestsPerSecHistory.shift();
}
// Build trend data from pre-computed history (mutated in updateNetworkData, not here)
const trendData = [...this.requestsPerSecHistory];
while (trendData.length < 20) {
trendData.unshift(0);
@@ -429,13 +420,13 @@ export class OpsViewNetwork extends DeesElement {
title: 'Active Connections',
value: activeConnections,
type: 'number',
icon: 'plug',
icon: 'lucide:Plug',
color: activeConnections > 100 ? '#f59e0b' : '#22c55e',
description: `Total: ${this.networkState.requestsTotal || this.statsState.serverStats?.totalConnections || 0}`,
actions: [
{
name: 'View Details',
iconName: 'magnifyingGlass',
iconName: 'fa:magnifyingGlass',
action: async () => {
},
},
@@ -446,7 +437,7 @@ export class OpsViewNetwork extends DeesElement {
title: 'Requests/sec',
value: reqPerSec,
type: 'trend',
icon: 'chartLine',
icon: 'lucide:ChartLine',
color: '#3b82f6',
trendData: trendData,
description: `Total: ${this.formatNumber(this.networkState.requestsTotal || 0)} requests`,
@@ -457,7 +448,7 @@ export class OpsViewNetwork extends DeesElement {
value: this.formatBitsPerSecond(throughput.in),
unit: '',
type: 'number',
icon: 'download',
icon: 'lucide:Download',
color: '#22c55e',
description: `Total: ${this.formatBytes(this.networkState.totalBytes?.in || 0)}`,
},
@@ -467,7 +458,7 @@ export class OpsViewNetwork extends DeesElement {
value: this.formatBitsPerSecond(throughput.out),
unit: '',
type: 'number',
icon: 'upload',
icon: 'lucide:Upload',
color: '#8b5cf6',
description: `Total: ${this.formatBytes(this.networkState.totalBytes?.out || 0)}`,
},
@@ -480,7 +471,7 @@ export class OpsViewNetwork extends DeesElement {
.gridActions=${[
{
name: 'Export Data',
iconName: 'fileExport',
iconName: 'lucide:FileOutput',
action: async () => {
console.log('Export feature coming soon');
},
@@ -529,6 +520,13 @@ export class OpsViewNetwork extends DeesElement {
}
private async updateNetworkData() {
// Track requests/sec history for the trend sparkline (moved out of render)
const reqPerSec = this.networkState.requestsPerSecond || 0;
this.requestsPerSecHistory.push(reqPerSec);
if (this.requestsPerSecHistory.length > 20) {
this.requestsPerSecHistory.shift();
}
// Only update if connections changed significantly
const newConnectionCount = this.networkState.connections.length;
const oldConnectionCount = this.networkRequests.length;
@@ -602,16 +600,13 @@ export class OpsViewNetwork extends DeesElement {
y: Math.round(throughputOutMbps * 10) / 10
};
// Efficient array updates - modify in place when possible
// In-place mutation then reassign for Lit reactivity (avoids 4 intermediate arrays)
if (this.trafficDataIn.length >= 60) {
// Remove oldest and add newest
this.trafficDataIn = [...this.trafficDataIn.slice(1), newDataPointIn];
this.trafficDataOut = [...this.trafficDataOut.slice(1), newDataPointOut];
} else {
// Still filling up the initial data
this.trafficDataIn = [...this.trafficDataIn, newDataPointIn];
this.trafficDataOut = [...this.trafficDataOut, newDataPointOut];
this.trafficDataIn.shift();
this.trafficDataOut.shift();
}
this.trafficDataIn = [...this.trafficDataIn, newDataPointIn];
this.trafficDataOut = [...this.trafficDataOut, newDataPointOut];
this.lastChartUpdate = now;
}

126
ts_web/elements/ops-view-overview.ts
View File

@@ -26,14 +26,36 @@ export class OpsViewOverview extends DeesElement {
error: null,
};
@state()
accessor logState: appstate.ILogState = {
recentLogs: [],
isStreaming: false,
filters: {},
};
constructor() {
super();
const subscription = appstate.statsStatePart
const statsSub = appstate.statsStatePart
.select((stateArg) => stateArg)
.subscribe((statsState) => {
this.statsState = statsState;
});
this.rxSubscriptions.push(subscription);
this.rxSubscriptions.push(statsSub);
const logSub = appstate.logStatePart
.select((stateArg) => stateArg)
.subscribe((logState) => {
this.logState = logState;
});
this.rxSubscriptions.push(logSub);
}
async connectedCallback() {
super.connectedCallback();
// Ensure logs are fetched for the overview charts
if (this.logState.recentLogs.length === 0) {
appstate.logStatePart.dispatchAction(appstate.fetchRecentLogsAction, { limit: 100 });
}
}
public static styles = [
@@ -96,10 +118,24 @@ export class OpsViewOverview extends DeesElement {
${this.renderDnsStats()}
<div class="chartGrid">
<dees-chart-area .label=${'Email Traffic (24h)'} .data=${[]}></dees-chart-area>
<dees-chart-area .label=${'DNS Queries (24h)'} .data=${[]}></dees-chart-area>
<dees-chart-log .label=${'Recent Events'} .data=${[]}></dees-chart-log>
<dees-chart-log .label=${'Security Alerts'} .data=${[]}></dees-chart-log>
<dees-chart-area
.label=${'Email Traffic (24h)'}
.series=${this.getEmailTrafficSeries()}
.yAxisFormatter=${(val: number) => `${val}`}
></dees-chart-area>
<dees-chart-area
.label=${'DNS Queries (24h)'}
.series=${this.getDnsQuerySeries()}
.yAxisFormatter=${(val: number) => `${val}`}
></dees-chart-area>
<dees-chart-log
.label=${'Recent Events'}
.logEntries=${this.getRecentEventEntries()}
></dees-chart-log>
<dees-chart-log
.label=${'DNS Queries'}
.logEntries=${this.getDnsQueryEntries()}
></dees-chart-log>
</div>
`}
`;
@@ -163,7 +199,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Server Status',
value: this.statsState.serverStats.uptime ? 'Online' : 'Offline',
type: 'text',
icon: 'server',
icon: 'lucide:Server',
color: this.statsState.serverStats.uptime ? '#22c55e' : '#ef4444',
description: `Uptime: ${this.formatUptime(this.statsState.serverStats.uptime)}`,
},
@@ -172,7 +208,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Active Connections',
value: this.statsState.serverStats.activeConnections,
type: 'number',
icon: 'networkWired',
icon: 'lucide:Network',
color: '#3b82f6',
description: `Total: ${this.statsState.serverStats.totalConnections}`,
},
@@ -181,7 +217,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Throughput In',
value: this.formatBitsPerSecond(this.statsState.serverStats.throughput?.bytesInPerSecond || 0),
type: 'text',
icon: 'download',
icon: 'lucide:Download',
color: '#22c55e',
description: `Total: ${this.formatBytes(this.statsState.serverStats.throughput?.bytesIn || 0)}`,
},
@@ -190,7 +226,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Throughput Out',
value: this.formatBitsPerSecond(this.statsState.serverStats.throughput?.bytesOutPerSecond || 0),
type: 'text',
icon: 'upload',
icon: 'lucide:Upload',
color: '#8b5cf6',
description: `Total: ${this.formatBytes(this.statsState.serverStats.throughput?.bytesOut || 0)}`,
},
@@ -199,7 +235,7 @@ export class OpsViewOverview extends DeesElement {
title: 'CPU Usage',
value: cpuUsage,
type: 'gauge',
icon: 'microchip',
icon: 'lucide:Cpu',
gaugeOptions: {
min: 0,
max: 100,
@@ -215,7 +251,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Memory Usage',
value: memoryUsage,
type: 'percentage',
icon: 'memory',
icon: 'lucide:MemoryStick',
color: memoryUsage > 80 ? '#ef4444' : memoryUsage > 60 ? '#f59e0b' : '#22c55e',
description: this.statsState.serverStats.memoryUsage.actualUsageBytes !== undefined && this.statsState.serverStats.memoryUsage.maxMemoryMB !== undefined
? `${this.formatBytes(this.statsState.serverStats.memoryUsage.actualUsageBytes)} / ${this.formatBytes(this.statsState.serverStats.memoryUsage.maxMemoryMB * 1024 * 1024)}`
@@ -229,7 +265,7 @@ export class OpsViewOverview extends DeesElement {
.gridActions=${[
{
name: 'Refresh',
iconName: 'arrowsRotate',
iconName: 'lucide:RefreshCw',
action: async () => {
await appstate.statsStatePart.dispatchAction(appstate.fetchAllStatsAction, null);
},
@@ -251,7 +287,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Emails Sent',
value: this.statsState.emailStats.sent,
type: 'number',
icon: 'paperPlane',
icon: 'lucide:Send',
color: '#22c55e',
description: `Delivery rate: ${(deliveryRate * 100).toFixed(1)}%`,
},
@@ -260,7 +296,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Emails Received',
value: this.statsState.emailStats.received,
type: 'number',
icon: 'envelope',
icon: 'lucide:Mail',
color: '#3b82f6',
},
{
@@ -268,7 +304,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Queued',
value: this.statsState.emailStats.queued,
type: 'number',
icon: 'clock',
icon: 'lucide:Clock',
color: '#f59e0b',
description: 'Pending delivery',
},
@@ -277,7 +313,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Failed',
value: this.statsState.emailStats.failed,
type: 'number',
icon: 'triangleExclamation',
icon: 'lucide:TriangleAlert',
color: '#ef4444',
description: `Bounce rate: ${(bounceRate * 100).toFixed(1)}%`,
},
@@ -300,7 +336,7 @@ export class OpsViewOverview extends DeesElement {
title: 'DNS Queries',
value: this.statsState.dnsStats.totalQueries,
type: 'number',
icon: 'globe',
icon: 'lucide:Globe',
color: '#3b82f6',
description: 'Total queries handled',
},
@@ -309,7 +345,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Cache Hit Rate',
value: cacheHitRate,
type: 'percentage',
icon: 'database',
icon: 'lucide:Database',
color: cacheHitRate > 80 ? '#22c55e' : cacheHitRate > 60 ? '#f59e0b' : '#ef4444',
description: `${this.statsState.dnsStats.cacheHits} hits / ${this.statsState.dnsStats.cacheMisses} misses`,
},
@@ -318,7 +354,7 @@ export class OpsViewOverview extends DeesElement {
title: 'Active Domains',
value: this.statsState.dnsStats.activeDomains,
type: 'number',
icon: 'sitemap',
icon: 'lucide:Network',
color: '#8b5cf6',
},
{
@@ -327,7 +363,7 @@ export class OpsViewOverview extends DeesElement {
value: this.statsState.dnsStats.averageResponseTime.toFixed(1),
unit: 'ms',
type: 'number',
icon: 'clockRotateLeft',
icon: 'lucide:History',
color: this.statsState.dnsStats.averageResponseTime < 50 ? '#22c55e' : '#f59e0b',
},
];
@@ -337,4 +373,52 @@ export class OpsViewOverview extends DeesElement {
<dees-statsgrid .tiles=${tiles}></dees-statsgrid>
`;
}
// --- Chart data helpers ---
private getRecentEventEntries(): Array<{ timestamp: string; level: 'debug' | 'info' | 'warn' | 'error' | 'success'; message: string; source?: string }> {
return this.logState.recentLogs.map((log) => ({
timestamp: new Date(log.timestamp).toISOString(),
level: log.level as 'debug' | 'info' | 'warn' | 'error',
message: log.message,
source: log.category,
}));
}
private getSecurityAlertEntries(): Array<{ timestamp: string; level: 'debug' | 'info' | 'warn' | 'error' | 'success'; message: string; source?: string }> {
const events: any[] = this.statsState.securityMetrics?.recentEvents || [];
return events.map((evt: any) => ({
timestamp: new Date(evt.timestamp).toISOString(),
level: evt.level === 'critical' || evt.level === 'error' ? 'error' as const : evt.level === 'warn' ? 'warn' as const : 'info' as const,
message: evt.message,
source: evt.type,
}));
}
private getDnsQueryEntries(): Array<{ timestamp: string; level: 'debug' | 'info' | 'warn' | 'error' | 'success'; message: string; source?: string }> {
const queries: any[] = (this.statsState.dnsStats as any)?.recentQueries || [];
return queries.map((q: any) => ({
timestamp: new Date(q.timestamp).toISOString(),
level: q.answered ? 'info' as const : 'warn' as const,
message: `${q.type} ${q.domain} (${q.responseTimeMs}ms)`,
source: 'dns',
}));
}
private getEmailTrafficSeries(): Array<{ name: string; color: string; data: Array<{ x: number; y: number }> }> {
const ts = this.statsState.emailStats?.timeSeries;
if (!ts) return [];
return [
{ name: 'Sent', color: '#22c55e', data: (ts.sent || []).map((p: any) => ({ x: p.timestamp, y: p.value })) },
{ name: 'Received', color: '#3b82f6', data: (ts.received || []).map((p: any) => ({ x: p.timestamp, y: p.value })) },
];
}
private getDnsQuerySeries(): Array<{ name: string; color: string; data: Array<{ x: number; y: number }> }> {
const ts = this.statsState.dnsStats?.timeSeries;
if (!ts) return [];
return [
{ name: 'Queries', color: '#8b5cf6', data: (ts.queries || []).map((p: any) => ({ x: p.timestamp, y: p.value })) },
];
}
}

234
ts_web/elements/ops-view-remoteingress.ts
View File

@@ -114,6 +114,17 @@ export class OpsViewRemoteIngress extends DeesElement {
background: ${cssManager.bdTheme('#eff6ff', '#172554')};
color: ${cssManager.bdTheme('#1e40af', '#60a5fa')};
}
.portBadge.manual {
background: ${cssManager.bdTheme('#eff6ff', '#172554')};
color: ${cssManager.bdTheme('#1e40af', '#60a5fa')};
}
.portBadge.derived {
background: ${cssManager.bdTheme('#ecfdf5', '#022c22')};
color: ${cssManager.bdTheme('#047857', '#34d399')};
border: 1px dashed ${cssManager.bdTheme('#6ee7b7', '#065f46')};
}
`,
];
@@ -165,13 +176,39 @@ export class OpsViewRemoteIngress extends DeesElement {
return html`
<ops-sectionheading>Remote Ingress</ops-sectionheading>
${this.riState.newEdgeSecret ? html`
${this.riState.newEdgeId ? html`
<div class="secretDialog">
<strong>Edge Secret (copy now - shown only once):</strong>
<code>${this.riState.newEdgeSecret}</code>
<div class="warning">This secret will not be shown again. Save it securely.</div>
<strong>Edge created successfully!</strong>
<div class="warning">Copy the connection token now. Use it with edge.start({ token: '...' }).</div>
<dees-button
@click=${() => appstate.remoteIngressStatePart.dispatchAction(appstate.clearNewEdgeSecretAction, null)}
@click=${async () => {
const { DeesToast } = await import('@design.estate/dees-catalog');
try {
const response = await appstate.fetchConnectionToken(this.riState.newEdgeId);
if (response.success && response.token) {
if (navigator.clipboard && typeof navigator.clipboard.writeText === 'function') {
await navigator.clipboard.writeText(response.token);
} else {
const textarea = document.createElement('textarea');
textarea.value = response.token;
textarea.style.position = 'fixed';
textarea.style.opacity = '0';
document.body.appendChild(textarea);
textarea.select();
document.execCommand('copy');
document.body.removeChild(textarea);
}
DeesToast.show({ message: 'Connection token copied!', type: 'success', duration: 3000 });
} else {
DeesToast.show({ message: response.message || 'Failed to get token', type: 'error', duration: 4000 });
}
} catch (err) {
DeesToast.show({ message: `Failed: ${err.message}`, type: 'error', duration: 4000 });
}
}}
>Copy Connection Token</dees-button>
<dees-button
@click=${() => appstate.remoteIngressStatePart.dispatchAction(appstate.clearNewEdgeIdAction, null)}
>Dismiss</dees-button>
</div>
` : ''}
@@ -187,7 +224,7 @@ export class OpsViewRemoteIngress extends DeesElement {
name: edge.name,
status: this.getEdgeStatusHtml(edge),
publicIp: this.getEdgePublicIp(edge.id),
ports: this.getPortsHtml(edge.listenPorts),
ports: this.getPortsHtml(edge),
tunnels: this.getEdgeTunnelCount(edge.id),
lastHeartbeat: this.getLastHeartbeat(edge.id),
})}
@@ -198,53 +235,181 @@ export class OpsViewRemoteIngress extends DeesElement {
type: ['header'],
actionFunc: async () => {
const { DeesModal } = await import('@design.estate/dees-catalog');
const result = await DeesModal.createAndShow({
const modal = await DeesModal.createAndShow({
heading: 'Create Edge Node',
content: html`
<dees-form>
<dees-input-text .key=${'name'} .label=${'Name'} .required=${true}></dees-input-text>
<dees-input-text .key=${'listenPorts'} .label=${'Listen Ports (comma-separated)'} .required=${true} .value=${'443,25'}></dees-input-text>
<dees-input-text .key=${'listenPorts'} .label=${'Additional Manual Ports (comma-separated, optional)'}></dees-input-text>
<dees-input-checkbox .key=${'autoDerivePorts'} .label=${'Auto-derive ports from routes'} .value=${true}></dees-input-checkbox>
<dees-input-text .key=${'tags'} .label=${'Tags (comma-separated, optional)'}></dees-input-text>
</dees-form>
`,
menuOptions: [],
});
if (result) {
const formData = result as any;
const ports = (formData.name ? formData.listenPorts : '443')
.split(',')
.map((p: string) => parseInt(p.trim(), 10))
.filter((p: number) => !isNaN(p));
const tags = formData.tags
? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
: undefined;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.createRemoteIngressAction,
menuOptions: [
{
name: formData.name,
listenPorts: ports,
tags,
name: 'Cancel',
iconName: 'lucide:x',
action: async (modalArg: any) => await modalArg.destroy(),
},
);
}
{
name: 'Create',
iconName: 'lucide:plus',
action: async (modalArg: any) => {
const form = modalArg.shadowRoot?.querySelector('.content')?.querySelector('dees-form');
if (!form) return;
const formData = await form.collectFormData();
const name = formData.name;
if (!name) return;
const portsStr = formData.listenPorts?.trim();
const listenPorts = portsStr
? portsStr.split(',').map((p: string) => parseInt(p.trim(), 10)).filter((p: number) => !isNaN(p))
: undefined;
const autoDerivePorts = formData.autoDerivePorts !== false;
const tags = formData.tags
? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
: undefined;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.createRemoteIngressAction,
{ name, listenPorts, autoDerivePorts, tags },
);
await modalArg.destroy();
},
},
],
});
},
},
{
name: 'Enable',
iconName: 'lucide:play',
type: ['inRow', 'contextmenu'] as any,
actionRelevancyCheckFunc: (actionData: any) => !actionData.item.enabled,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.toggleRemoteIngressAction,
{ id: edge.id, enabled: true },
);
},
},
{
name: 'Disable',
iconName: 'lucide:pause',
type: ['inRow', 'contextmenu'] as any,
actionRelevancyCheckFunc: (actionData: any) => actionData.item.enabled,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.toggleRemoteIngressAction,
{ id: edge.id, enabled: false },
);
},
},
{
name: 'Edit',
iconName: 'lucide:pencil',
type: ['inRow', 'contextmenu'] as any,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
const { DeesModal } = await import('@design.estate/dees-catalog');
await DeesModal.createAndShow({
heading: `Edit Edge: ${edge.name}`,
content: html`
<dees-form>
<dees-input-text .key=${'name'} .label=${'Name'} .value=${edge.name}></dees-input-text>
<dees-input-text .key=${'listenPorts'} .label=${'Manual Ports (comma-separated)'} .value=${(edge.listenPorts || []).join(', ')}></dees-input-text>
<dees-input-checkbox .key=${'autoDerivePorts'} .label=${'Auto-derive ports from routes'} .value=${edge.autoDerivePorts !== false}></dees-input-checkbox>
<dees-input-text .key=${'tags'} .label=${'Tags (comma-separated)'} .value=${(edge.tags || []).join(', ')}></dees-input-text>
</dees-form>
`,
menuOptions: [
{
name: 'Cancel',
iconName: 'lucide:x',
action: async (modalArg: any) => await modalArg.destroy(),
},
{
name: 'Save',
iconName: 'lucide:check',
action: async (modalArg: any) => {
const form = modalArg.shadowRoot?.querySelector('.content')?.querySelector('dees-form');
if (!form) return;
const formData = await form.collectFormData();
const portsStr = formData.listenPorts?.trim();
const listenPorts = portsStr
? portsStr.split(',').map((p: string) => parseInt(p.trim(), 10)).filter((p: number) => !isNaN(p))
: [];
const autoDerivePorts = formData.autoDerivePorts !== false;
const tags = formData.tags
? formData.tags.split(',').map((t: string) => t.trim()).filter(Boolean)
: [];
await appstate.remoteIngressStatePart.dispatchAction(
appstate.updateRemoteIngressAction,
{
id: edge.id,
name: formData.name || edge.name,
listenPorts,
autoDerivePorts,
tags,
},
);
await modalArg.destroy();
},
},
],
});
},
},
{
name: 'Regenerate Secret',
iconName: 'lucide:key',
type: ['row'],
action: async (edge: interfaces.data.IRemoteIngress) => {
type: ['inRow', 'contextmenu'] as any,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.regenerateRemoteIngressSecretAction,
edge.id,
);
},
},
{
name: 'Copy Token',
iconName: 'lucide:ClipboardCopy',
type: ['inRow', 'contextmenu'] as any,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
const { DeesToast } = await import('@design.estate/dees-catalog');
try {
const response = await appstate.fetchConnectionToken(edge.id);
if (response.success && response.token) {
// Use clipboard API with fallback for non-HTTPS contexts
if (navigator.clipboard && typeof navigator.clipboard.writeText === 'function') {
await navigator.clipboard.writeText(response.token);
} else {
const textarea = document.createElement('textarea');
textarea.value = response.token;
textarea.style.position = 'fixed';
textarea.style.opacity = '0';
document.body.appendChild(textarea);
textarea.select();
document.execCommand('copy');
document.body.removeChild(textarea);
}
DeesToast.show({ message: `Connection token copied for ${edge.name}`, type: 'success', duration: 3000 });
} else {
DeesToast.show({ message: response.message || 'Failed to get token', type: 'error', duration: 4000 });
}
} catch (err) {
DeesToast.show({ message: `Failed: ${err.message}`, type: 'error', duration: 4000 });
}
},
},
{
name: 'Delete',
iconName: 'lucide:trash2',
type: ['row'],
action: async (edge: interfaces.data.IRemoteIngress) => {
type: ['inRow', 'contextmenu'] as any,
actionFunc: async (actionData: any) => {
const edge = actionData.item as interfaces.data.IRemoteIngress;
await appstate.remoteIngressStatePart.dispatchAction(
appstate.deleteRemoteIngressAction,
edge.id,
@@ -277,8 +442,13 @@ export class OpsViewRemoteIngress extends DeesElement {
return status?.publicIp || '-';
}
private getPortsHtml(ports: number[]): TemplateResult {
return html`<div class="portsDisplay">${ports.map(p => html`<span class="portBadge">${p}</span>`)}</div>`;
private getPortsHtml(edge: interfaces.data.IRemoteIngress): TemplateResult {
const manualPorts = edge.manualPorts || [];
const derivedPorts = edge.derivedPorts || [];
if (manualPorts.length === 0 && derivedPorts.length === 0) {
return html`<span style="color: var(--text-muted, #6b7280); font-size: 12px;">none</span>`;
}
return html`<div class="portsDisplay">${manualPorts.map(p => html`<span class="portBadge manual">${p}</span>`)}${derivedPorts.map(p => html`<span class="portBadge derived">${p}</span>`)}${derivedPorts.length > 0 ? html`<span style="font-size: 11px; color: var(--text-muted, #6b7280); align-self: center;">(auto)</span>` : ''}</div>`;
}
private getEdgeTunnelCount(edgeId: string): number {

103
ts_web/elements/ops-view-security.ts
View File

@@ -249,14 +249,21 @@ export class OpsViewSecurity extends DeesElement {
private renderOverview(metrics: any) {
const threatLevel = this.calculateThreatLevel(metrics);
const threatScore = this.getThreatScore(metrics);
// Derive active sessions from recent successful auth events (last hour)
const allEvents: any[] = metrics.recentEvents || [];
const oneHourAgo = Date.now() - 3600000;
const recentAuthSuccesses = allEvents.filter(
(evt: any) => evt.type === 'authentication' && evt.success === true && evt.timestamp >= oneHourAgo
).length;
const tiles: IStatsTile[] = [
{
id: 'threatLevel',
title: 'Threat Level',
value: threatScore,
type: 'gauge',
icon: 'shield',
icon: 'lucide:Shield',
gaugeOptions: {
min: 0,
max: 100,
@@ -271,27 +278,27 @@ export class OpsViewSecurity extends DeesElement {
{
id: 'blockedThreats',
title: 'Blocked Threats',
value: metrics.blockedIPs.length + metrics.spamDetected,
value: (metrics.blockedIPs?.length || 0) + metrics.spamDetected,
type: 'number',
icon: 'userShield',
icon: 'lucide:ShieldCheck',
color: '#ef4444',
description: 'Total threats blocked today',
},
{
id: 'activeSessions',
title: 'Active Sessions',
value: 0,
value: recentAuthSuccesses,
type: 'number',
icon: 'users',
icon: 'lucide:Users',
color: '#22c55e',
description: 'Current authenticated sessions',
description: 'Authenticated in last hour',
},
{
id: 'authFailures',
title: 'Auth Failures',
value: metrics.authenticationFailures,
type: 'number',
icon: 'lockOpen',
icon: 'lucide:LockOpen',
color: metrics.authenticationFailures > 10 ? '#ef4444' : '#f59e0b',
description: 'Failed login attempts today',
},
@@ -349,27 +356,41 @@ export class OpsViewSecurity extends DeesElement {
}
private renderAuthentication(metrics: any) {
// Derive auth events from recentEvents
const allEvents: any[] = metrics.recentEvents || [];
const authEvents = allEvents.filter((evt: any) => evt.type === 'authentication');
const successfulLogins = authEvents.filter((evt: any) => evt.success === true).length;
const tiles: IStatsTile[] = [
{
id: 'authFailures',
title: 'Authentication Failures',
value: metrics.authenticationFailures,
type: 'number',
icon: 'lockOpen',
icon: 'lucide:LockOpen',
color: metrics.authenticationFailures > 10 ? '#ef4444' : '#f59e0b',
description: 'Failed authentication attempts today',
},
{
id: 'successfulLogins',
title: 'Successful Logins',
value: 0,
value: successfulLogins,
type: 'number',
icon: 'lock',
icon: 'lucide:Lock',
color: '#22c55e',
description: 'Successful logins today',
},
];
// Map auth events to login history table data
const loginHistory = authEvents.map((evt: any) => ({
timestamp: evt.timestamp,
username: evt.details?.username || 'unknown',
ipAddress: evt.ipAddress || 'unknown',
success: evt.success ?? false,
reason: evt.success ? '' : evt.message || 'Authentication failed',
}));
return html`
<dees-statsgrid
.tiles=${tiles}
@@ -380,7 +401,7 @@ export class OpsViewSecurity extends DeesElement {
<dees-table
.heading1=${'Login History'}
.heading2=${'Recent authentication attempts'}
.data=${[]}
.data=${loginHistory}
.displayFunction=${(item) => ({
'Time': new Date(item.timestamp).toLocaleString(),
'Username': item.username,
@@ -399,7 +420,7 @@ export class OpsViewSecurity extends DeesElement {
title: 'Malware Detection',
value: metrics.malwareDetected,
type: 'number',
icon: 'virusSlash',
icon: 'lucide:BugOff',
color: metrics.malwareDetected > 0 ? '#ef4444' : '#22c55e',
description: 'Malware detected',
},
@@ -408,7 +429,7 @@ export class OpsViewSecurity extends DeesElement {
title: 'Phishing Detection',
value: metrics.phishingDetected,
type: 'number',
icon: 'fishFins',
icon: 'lucide:Fish',
color: metrics.phishingDetected > 0 ? '#ef4444' : '#22c55e',
description: 'Phishing attempts detected',
},
@@ -417,7 +438,7 @@ export class OpsViewSecurity extends DeesElement {
title: 'Suspicious Activities',
value: metrics.suspiciousActivities,
type: 'number',
icon: 'triangleExclamation',
icon: 'lucide:TriangleAlert',
color: metrics.suspiciousActivities > 5 ? '#ef4444' : '#f59e0b',
description: 'Suspicious activities detected',
},
@@ -426,7 +447,7 @@ export class OpsViewSecurity extends DeesElement {
title: 'Spam Detection',
value: metrics.spamDetected,
type: 'number',
icon: 'ban',
icon: 'lucide:Ban',
color: '#f59e0b',
description: 'Spam emails blocked',
},
@@ -483,48 +504,38 @@ export class OpsViewSecurity extends DeesElement {
private getThreatScore(metrics: any): number {
// Simple scoring algorithm
let score = 100;
score -= metrics.blockedIPs.length * 2;
score -= metrics.authenticationFailures * 1;
score -= metrics.spamDetected * 0.5;
score -= metrics.malwareDetected * 3;
score -= metrics.phishingDetected * 3;
score -= metrics.suspiciousActivities * 2;
const blockedCount = Array.isArray(metrics.blockedIPs) ? metrics.blockedIPs.length : (metrics.blockedIPs || 0);
score -= blockedCount * 2;
score -= (metrics.authenticationFailures || 0) * 1;
score -= (metrics.spamDetected || 0) * 0.5;
score -= (metrics.malwareDetected || 0) * 3;
score -= (metrics.phishingDetected || 0) * 3;
score -= (metrics.suspiciousActivities || 0) * 2;
return Math.max(0, Math.min(100, Math.round(score)));
}
private getSecurityEvents(metrics: any): any[] {
// Mock data - in real implementation, this would come from the server
return [
{
timestamp: Date.now() - 1000 * 60 * 5,
event: 'Multiple failed login attempts',
severity: 'warning',
details: 'IP: 192.168.1.100',
},
{
timestamp: Date.now() - 1000 * 60 * 15,
event: 'SPF check failed',
severity: 'medium',
details: 'Domain: example.com',
},
{
timestamp: Date.now() - 1000 * 60 * 30,
event: 'IP blocked due to spam',
severity: 'high',
details: 'IP: 10.0.0.1',
},
];
const events: any[] = metrics.recentEvents || [];
return events.map((evt: any) => ({
timestamp: evt.timestamp,
event: evt.message,
severity: evt.level === 'critical' ? 'critical' : evt.level === 'error' ? 'high' : evt.level === 'warn' ? 'warning' : 'info',
details: evt.ipAddress ? `IP: ${evt.ipAddress}` : evt.domain ? `Domain: ${evt.domain}` : evt.type,
}));
}
private async clearBlockedIPs() {
console.log('Clear blocked IPs');
// SmartProxy manages IP blocking — not yet exposed via API
alert('Clearing blocked IPs is not yet supported from the UI.');
}
private async unblockIP(ip: string) {
console.log('Unblock IP:', ip);
// SmartProxy manages IP blocking — not yet exposed via API
alert(`Unblocking IP ${ip} is not yet supported from the UI.`);
}
private async saveEmailSecuritySettings() {
console.log('Save email security settings');
// Config is read-only from the UI for now
alert('Email security settings are read-only. Update the dcrouter configuration file to change these settings.');
}
}

6
ts_web/plugins.ts
View File

@@ -2,9 +2,13 @@
import * as deesElement from '@design.estate/dees-element';
import * as deesCatalog from '@design.estate/dees-catalog';
// TypedSocket for real-time push communication
import * as typedsocket from '@api.global/typedsocket';
export {
deesElement,
deesCatalog
deesCatalog,
typedsocket,
}
// domtools gives us TypedRequest and other utilities

30
ts_web/readme.md
View File

@@ -40,6 +40,15 @@ For reporting bugs, issues, or security vulnerabilities, please visit [community
- Expiry date monitoring and alerts
- Per-domain backoff status for failed provisions
- One-click reprovisioning per domain
- Certificate import, export, and deletion
### 🌍 Remote Ingress Management
- Edge node registration with name, ports, and tags
- Real-time connection status (connected/disconnected/disabled)
- Public IP and active tunnel count per edge
- Auto-derived port display with manual/derived breakdown
- **Connection token generation** — one-click "Copy Token" for easy edge provisioning
- Enable/disable, edit, secret regeneration, and delete actions
### 📜 Log Viewer
- Real-time log streaming
@@ -85,6 +94,7 @@ ts_web/
├── ops-view-network.ts # Network monitoring
├── ops-view-emails.ts # Email queue management
├── ops-view-certificates.ts # Certificate overview & reprovisioning
├── ops-view-remoteingress.ts # Remote ingress edge management
├── ops-view-logs.ts # Log viewer
├── ops-view-config.ts # Configuration display
├── ops-view-security.ts # Security dashboard
@@ -106,6 +116,8 @@ The app uses `@push.rocks/smartstate` with multiple state parts:
| `logStatePart` | Soft | Recent logs, streaming status, filters |
| `networkStatePart` | Soft | Connections, IPs, throughput rates |
| `emailOpsStatePart` | Soft | Email queues, bounces, suppression list |
| `certificateStatePart` | Soft | Certificate list, summary, loading state |
| `remoteIngressStatePart` | Soft | Edge list, statuses, new edge secret |
### Actions
@@ -128,6 +140,23 @@ fetchSecurityIncidentsAction() // Security events
fetchBounceRecordsAction() // Bounce records
resendEmailAction(emailId) // Re-queue failed email
removeFromSuppressionAction(email) // Remove from suppression list
// Certificates
fetchCertificateOverviewAction() // All certificates with summary
reprovisionCertificateAction(domain) // Reprovision a certificate
deleteCertificateAction(domain) // Delete a certificate
importCertificateAction(cert) // Import a certificate
fetchCertificateExport(domain) // Export (standalone function)
// Remote Ingress
fetchRemoteIngressAction() // Edges + statuses
createRemoteIngressAction(data) // Create new edge
updateRemoteIngressAction(data) // Update edge settings
deleteRemoteIngressAction(id) // Remove edge
regenerateRemoteIngressSecretAction(id) // New secret
toggleRemoteIngressAction(id, enabled) // Enable/disable
clearNewEdgeSecretAction() // Dismiss secret banner
fetchConnectionToken(edgeId) // Get connection token (standalone function)
```
### Client-Side Routing
@@ -141,6 +170,7 @@ removeFromSuppressionAction(email) // Remove from suppression list
/emails/failed → Failed emails
/emails/security → Security incidents
/certificates → Certificate management
/remoteingress → Remote ingress edge management
/logs → Log viewer
/configuration → System configuration
/security → Security dashboard