rb-portless 0.1.0 → 0.2.0.dev.20260630.4729847

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fe5a5a76f71f89027e083e3ba964520c22aef5f1a42ecefc3850e16a0ac16bb2
4
- data.tar.gz: 13081e8f73114575b5a96ab27f9dec30c4949f333fa3c95ba0659f104cf16b19
3
+ metadata.gz: 2dcf6d284947fe4b095fbb7522041c1774210a95e050067496d69e2b2b026067
4
+ data.tar.gz: 39de3f4bfed765815e9ef526d894aec69a6558c5b95006de894fa281067605d2
5
5
  SHA512:
6
- metadata.gz: 06a5c203d83b18de91ca2248744854e71933cdb4771626d8ae7af4e9bdbc2840c98edcfcc9cc51a9b88f9b6d6d9431c733118910bfcb380c372b9ad2151916e0
7
- data.tar.gz: 44412d9c53a6c2990af830497f55bfd30cc5a3f4e9cd2032a9b5347cfc6853931e0754191ecb634607cfbaffc448e3ba4b333f259ae037d759ff6b15f31ccd3c
6
+ metadata.gz: 9b536cdca612b71d0000dd55a512fad71c5adc01122c743cee96ebaefff1fc9ddc9b3514ebacb6a4e087c1bf7d3046a0de07b51eb72a3f6629a8de1f325f7351
7
+ data.tar.gz: 56666b652b02b527d6ceb25842d9facd66fe6f9bc7f2cb052e3c8bbe530002f59e1f9685c8f8061afbe9b1ce1e1c9cd4c53b23e38f45f6cee723f065b5d0b33b
data/CHANGELOG.md CHANGED
@@ -4,6 +4,14 @@ All notable changes to this project are documented here. The format follows
4
4
  [Keep a Changelog](https://keepachangelog.com/), and the project adheres to
5
5
  [Semantic Versioning](https://semver.org/).
6
6
 
7
+ ## [0.2.0]
8
+
9
+ ### Added
10
+
11
+ - **Auto-trust on first run.** `run` now trusts the local CA automatically the
12
+ first time (interactive only; skipped with a hint in CI), matching portless —
13
+ HTTPS works with no browser warnings without a separate `trust` step.
14
+
7
15
  ## [0.1.0] — first release
8
16
 
9
17
  The full portless workflow for Ruby, validated end-to-end against a real Rails
data/README.md CHANGED
@@ -41,12 +41,12 @@ rb-portless run -- npm run dev # Vite/Astro/etc. get --port injected
41
41
 
42
42
  A random port (4000–4999) is injected as `PORT` (and `HOST=127.0.0.1`);
43
43
  Rails/puma respect it natively. The proxy **auto-starts** on first run: it
44
- generates a local CA, and binds 443 — a one-time `sudo` on macOS/Linux, exactly
45
- like portless (falls back to `:1355` if you decline). Run `rb-portless trust`
46
- once so your browser accepts the certificates.
44
+ generates a local CA, **trusts it** (one keychain/sudo prompt, like portless),
45
+ and binds 443 — another one-time `sudo` on macOS/Linux (falls back to `:1355` if
46
+ you decline). After that, HTTPS just works with no browser warnings.
47
47
 
48
48
  ```bash
49
- rb-portless trust # trust the local CA (HTTPS, no warnings)
49
+ rb-portless trust # re-trust manually if ever needed
50
50
  rb-portless service install # bind 443 at boot — never prompt for sudo again
51
51
  ```
52
52
 
@@ -104,8 +104,7 @@ end
104
104
  ```
105
105
 
106
106
  ```bash
107
- rb-portless trust # one-time: trust the local CA
108
- rb-portless run bin/dev # → https://myapp.localhost
107
+ rb-portless run bin/dev # → https://myapp.localhost (CA auto-trusted on first run)
109
108
  ```
110
109
 
111
110
  That's it. The railtie **auto-detects when you're running under `rb-portless`**
@@ -164,6 +163,29 @@ boundary). For ports < 1024 it re-execs under `sudo` so the elevated process can
164
163
  bind the socket, then hands ownership of state files back to you. See
165
164
  [`AGENTS.md`](AGENTS.md) for the full architecture.
166
165
 
166
+ ## Compared to portless (Node)
167
+
168
+ The mental model is identical — `run` wraps your dev command, the proxy
169
+ auto-starts, named `.localhost` URLs replace ports. The only Ruby-world addition
170
+ is the one-line `require "portless/rails"` to satisfy Rails' host authorization.
171
+
172
+ | | **portless (Node)** | **rb-portless (Ruby/Rails)** |
173
+ |---|---|---|
174
+ | Install | `npm i -g portless` | `gem install rb-portless` (or Gemfile dev group) |
175
+ | Run a server | `portless run next dev` | `rb-portless run bin/rails server` |
176
+ | Run the dev orchestrator | `portless` (runs `"dev"` script) | `rb-portless run bin/dev` (wraps Foreman) |
177
+ | Bake into the project | `"dev": "portless run next dev"` → `npm run dev` | put `rb-portless run` in `bin/dev`, or use the binstub |
178
+ | Name the URL | `portless myapp …` / `portless.json` | `portless.json` `{ "name": "myapp" }` (else dir/git root) |
179
+ | Wildcard tenant subdomains | `tld` config | `portless.json` `{ "tld": "myapp.localhost" }` → `*.myapp.localhost` |
180
+ | Pin the backend port | `--app-port` / `appPort` | `appPort` in `portless.json` |
181
+ | Framework port injection | vite/astro/etc. auto | same (Rails/puma respect `PORT` natively) |
182
+ | HTTPS trust | auto on first run (+ `portless trust`) | auto on first run (+ `rb-portless trust`) |
183
+ | **Host allowlist** | not needed | **`gem "rb-portless", require: "portless/rails"`** (Rails-only) |
184
+ | Privileged 443 bind | sudo re-exec (auto) | sudo re-exec (auto), `:1355` fallback |
185
+ | Bind at boot (no sudo) | `portless service install` | `rb-portless service install` |
186
+ | Inspect / manage | `portless list / doctor / clean` | `rb-portless list / doctor / clean` |
187
+ | Static route (DB, etc.) | `portless alias pg 5432` | `rb-portless alias pg 5432` |
188
+
167
189
  ## Contributing
168
190
 
169
191
  ```bash
@@ -21,6 +21,7 @@ module Portless
21
21
  hostname = @config.hostname
22
22
  url = "#{@config.tls ? 'https' : 'http'}://#{hostname}"
23
23
 
24
+ ensure_trusted if @config.tls
24
25
  Daemon.ensure_running(tls: @config.tls)
25
26
  @route_store.add(hostname: hostname, port: port, pid: Process.pid, force: true)
26
27
 
@@ -33,6 +34,24 @@ module Portless
33
34
 
34
35
  private
35
36
 
37
+ # Trust the local CA on first run (like portless), so HTTPS works without
38
+ # browser warnings out of the box. Interactive only — macOS prompts for
39
+ # keychain auth; in CI/no-TTY we skip with a hint rather than hang. Never
40
+ # blocks the run if trusting fails.
41
+ def ensure_trusted
42
+ return if Trust.trusted?
43
+
44
+ unless Privilege.interactive?
45
+ warn "rb-portless: CA not trusted — run `rb-portless trust` (HTTPS shows warnings until then)"
46
+ return
47
+ end
48
+
49
+ warn "rb-portless: trusting the local CA (first run)…"
50
+ Trust.install!
51
+ rescue Portless::Error => e
52
+ warn "rb-portless: couldn't auto-trust the CA (#{e.message}) — run `rb-portless trust`"
53
+ end
54
+
36
55
  # Run the child in its own process group so we can signal the whole tree,
37
56
  # forwarding INT/TERM and propagating its exit status.
38
57
  def supervise(command, port, url)
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Portless
4
- VERSION = "0.1.0"
4
+ VERSION = "0.2.0.dev.20260630.4729847"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rb-portless
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0.dev.20260630.4729847
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Afonso