# @serve.zone/dcrouter-apiclient A typed, object-oriented API client for DcRouter with a fluent builder pattern. 🔧 Programmatically manage your DcRouter instance — routes, certificates, API tokens, remote ingress edges, RADIUS, email operations, and more — all with full TypeScript type safety and an intuitive OO interface. ## Issue Reporting and Security For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly. ## Installation ```bash pnpm add @serve.zone/dcrouter-apiclient ``` Or import directly from the main package: ```typescript import { DcRouterApiClient } from '@serve.zone/dcrouter/apiclient'; ``` ## Quick Start ```typescript import { DcRouterApiClient } from '@serve.zone/dcrouter/apiclient'; const client = new DcRouterApiClient({ baseUrl: 'https://dcrouter.example.com' }); // Authenticate await client.login('admin', 'password'); // List routes const { routes, warnings } = await client.routes.list(); console.log(`${routes.length} routes, ${warnings.length} warnings`); // Check health const { health } = await client.stats.getHealth(); console.log(`Healthy: ${health.healthy}`); ``` ## Usage ### 🔐 Authentication ```typescript // Login with credentials — identity is stored and auto-injected into all subsequent requests const identity = await client.login('admin', 'password'); // Verify current session const { valid } = await client.verifyIdentity(); // Logout await client.logout(); // Or use an API token for programmatic access (route management only) const client = new DcRouterApiClient({ baseUrl: 'https://dcrouter.example.com', apiToken: 'dcr_your_token_here', }); ``` ### 🌐 Routes — OO Resources + Builder Routes are returned as `Route` instances with methods for update, delete, toggle, and overrides: ```typescript // List all routes (hardcoded + programmatic) const { routes, warnings } = await client.routes.list(); // Inspect a route const route = routes[0]; console.log(route.name, route.source, route.enabled); // Modify a programmatic route await route.update({ name: 'renamed-route' }); await route.toggle(false); await route.delete(); // Override a hardcoded route (disable it) const hardcodedRoute = routes.find(r => r.source === 'hardcoded'); await hardcodedRoute.setOverride(false); await hardcodedRoute.removeOverride(); ``` **Builder pattern** for creating new routes: ```typescript const newRoute = await client.routes.build() .setName('api-gateway') .setMatch({ ports: 443, domains: ['api.example.com'] }) .setAction({ type: 'forward', targets: [{ host: 'backend', port: 8080 }] }) .setTls({ mode: 'terminate', certificate: 'auto' }) .setEnabled(true) .save(); // Or use quick creation const route = await client.routes.create(routeConfig); ``` ### 🔑 API Tokens ```typescript // List existing tokens const tokens = await client.apiTokens.list(); // Create with builder const token = await client.apiTokens.build() .setName('ci-pipeline') .setScopes(['routes:read', 'routes:write']) .addScope('config:read') .setExpiresInDays(90) .save(); console.log(token.tokenValue); // Only available at creation time! // Manage tokens await token.toggle(false); // Disable const newValue = await token.roll(); // Regenerate secret await token.revoke(); // Delete ``` ### 🔐 Certificates ```typescript const { certificates, summary } = await client.certificates.list(); console.log(`${summary.valid} valid, ${summary.expiring} expiring, ${summary.failed} failed`); // Operate on individual certificates const cert = certificates[0]; await cert.reprovision(); const exported = await cert.export(); await cert.delete(); // Import a certificate await client.certificates.import({ id: 'cert-id', domainName: 'example.com', created: Date.now(), validUntil: Date.now() + 90 * 24 * 3600 * 1000, privateKey: '...', publicKey: '...', csr: '...', }); ``` ### 🌍 Remote Ingress ```typescript // List edges and their statuses const edges = await client.remoteIngress.list(); const statuses = await client.remoteIngress.getStatuses(); // Create with builder const edge = await client.remoteIngress.build() .setName('edge-nyc-01') .setListenPorts([80, 443]) .setAutoDerivePorts(true) .setTags(['us-east']) .save(); // Manage an edge await edge.update({ name: 'edge-nyc-02' }); const newSecret = await edge.regenerateSecret(); const token = await edge.getConnectionToken(); await edge.delete(); ``` ### 📊 Statistics (Read-Only) ```typescript const serverStats = await client.stats.getServer({ timeRange: '24h', includeHistory: true }); const emailStats = await client.stats.getEmail({ domain: 'example.com' }); const dnsStats = await client.stats.getDns(); const security = await client.stats.getSecurity({ includeDetails: true }); const connections = await client.stats.getConnections({ protocol: 'https' }); const queues = await client.stats.getQueues(); const health = await client.stats.getHealth(true); const network = await client.stats.getNetwork(); const combined = await client.stats.getCombined({ server: true, email: true }); ``` ### ⚙️ Configuration & Logs ```typescript // Read-only configuration const config = await client.config.get(); const emailSection = await client.config.get('email'); // Logs const { logs, total, hasMore } = await client.logs.getRecent({ level: 'error', category: 'smtp', limit: 50, }); ``` ### 📧 Email Operations ```typescript const emails = await client.emails.list(); const email = emails[0]; const detail = await email.getDetail(); await email.resend(); // Or use the manager directly const detail2 = await client.emails.getDetail('email-id'); await client.emails.resend('email-id'); ``` ### 📡 RADIUS ```typescript // Client management const clients = await client.radius.clients.list(); await client.radius.clients.set({ name: 'switch-1', ipRange: '192.168.1.0/24', secret: 'shared-secret', enabled: true, }); await client.radius.clients.remove('switch-1'); // VLAN management const { mappings, config: vlanConfig } = await client.radius.vlans.list(); await client.radius.vlans.set({ mac: 'aa:bb:cc:dd:ee:ff', vlan: 10, enabled: true }); const result = await client.radius.vlans.testAssignment('aa:bb:cc:dd:ee:ff'); await client.radius.vlans.updateConfig({ defaultVlan: 200 }); // Sessions const { sessions } = await client.radius.sessions.list({ vlanId: 10 }); await client.radius.sessions.disconnect('session-id', 'Admin disconnect'); // Statistics & Accounting const stats = await client.radius.getStatistics(); const summary = await client.radius.getAccountingSummary(startTime, endTime); ``` ## API Surface | Manager | Methods | |---------|---------| | `client.login()` / `logout()` / `verifyIdentity()` | Authentication | | `client.routes` | `list()`, `create()`, `build()` → Route: `update()`, `delete()`, `toggle()`, `setOverride()`, `removeOverride()` | | `client.certificates` | `list()`, `import()` → Certificate: `reprovision()`, `delete()`, `export()` | | `client.apiTokens` | `list()`, `create()`, `build()` → ApiToken: `revoke()`, `roll()`, `toggle()` | | `client.remoteIngress` | `list()`, `getStatuses()`, `create()`, `build()` → RemoteIngress: `update()`, `delete()`, `regenerateSecret()`, `getConnectionToken()` | | `client.stats` | `getServer()`, `getEmail()`, `getDns()`, `getRateLimits()`, `getSecurity()`, `getConnections()`, `getQueues()`, `getHealth()`, `getNetwork()`, `getCombined()` | | `client.config` | `get(section?)` | | `client.logs` | `getRecent()`, `getStream()` | | `client.emails` | `list()`, `getDetail()`, `resend()` → Email: `getDetail()`, `resend()` | | `client.radius` | `.clients.list/set/remove()`, `.vlans.list/set/remove/updateConfig/testAssignment()`, `.sessions.list/disconnect()`, `getStatistics()`, `getAccountingSummary()` | ## Architecture The client uses HTTP-based [TypedRequest](https://code.foss.global/api.global/typedrequest) for transport. All requests are sent as POST to `{baseUrl}/typedrequest`. Authentication (JWT identity and/or API token) is automatically injected into every request payload via `buildRequestPayload()`. Resource classes (`Route`, `Certificate`, `ApiToken`, `RemoteIngress`, `Email`) hold a reference to the client and provide instance methods that fire the appropriate TypedRequest operations. Builder classes (`RouteBuilder`, `ApiTokenBuilder`, `RemoteIngressBuilder`) use fluent chaining and a terminal `.save()` method. ## License and Legal Information This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](../LICENSE) file. **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file. ### Trademarks This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar. ### Company Information Task Venture Capital GmbH Registered at District Court Bremen HRB 35230 HB, Germany For any legal inquiries or further information, please contact us via email at hello@task.vc. By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.