rb-portless 0.1.0 → 0.2.0.dev.20260630.4729847
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/README.md +28 -6
- data/lib/portless/runner.rb +19 -0
- data/lib/portless/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2dcf6d284947fe4b095fbb7522041c1774210a95e050067496d69e2b2b026067
|
|
4
|
+
data.tar.gz: 39de3f4bfed765815e9ef526d894aec69a6558c5b95006de894fa281067605d2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9b536cdca612b71d0000dd55a512fad71c5adc01122c743cee96ebaefff1fc9ddc9b3514ebacb6a4e087c1bf7d3046a0de07b51eb72a3f6629a8de1f325f7351
|
|
7
|
+
data.tar.gz: 56666b652b02b527d6ceb25842d9facd66fe6f9bc7f2cb052e3c8bbe530002f59e1f9685c8f8061afbe9b1ce1e1c9cd4c53b23e38f45f6cee723f065b5d0b33b
|
data/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,14 @@ All notable changes to this project are documented here. The format follows
|
|
|
4
4
|
[Keep a Changelog](https://keepachangelog.com/), and the project adheres to
|
|
5
5
|
[Semantic Versioning](https://semver.org/).
|
|
6
6
|
|
|
7
|
+
## [0.2.0]
|
|
8
|
+
|
|
9
|
+
### Added
|
|
10
|
+
|
|
11
|
+
- **Auto-trust on first run.** `run` now trusts the local CA automatically the
|
|
12
|
+
first time (interactive only; skipped with a hint in CI), matching portless —
|
|
13
|
+
HTTPS works with no browser warnings without a separate `trust` step.
|
|
14
|
+
|
|
7
15
|
## [0.1.0] — first release
|
|
8
16
|
|
|
9
17
|
The full portless workflow for Ruby, validated end-to-end against a real Rails
|
data/README.md
CHANGED
|
@@ -41,12 +41,12 @@ rb-portless run -- npm run dev # Vite/Astro/etc. get --port injected
|
|
|
41
41
|
|
|
42
42
|
A random port (4000–4999) is injected as `PORT` (and `HOST=127.0.0.1`);
|
|
43
43
|
Rails/puma respect it natively. The proxy **auto-starts** on first run: it
|
|
44
|
-
generates a local CA,
|
|
45
|
-
|
|
46
|
-
|
|
44
|
+
generates a local CA, **trusts it** (one keychain/sudo prompt, like portless),
|
|
45
|
+
and binds 443 — another one-time `sudo` on macOS/Linux (falls back to `:1355` if
|
|
46
|
+
you decline). After that, HTTPS just works with no browser warnings.
|
|
47
47
|
|
|
48
48
|
```bash
|
|
49
|
-
rb-portless trust # trust
|
|
49
|
+
rb-portless trust # re-trust manually if ever needed
|
|
50
50
|
rb-portless service install # bind 443 at boot — never prompt for sudo again
|
|
51
51
|
```
|
|
52
52
|
|
|
@@ -104,8 +104,7 @@ end
|
|
|
104
104
|
```
|
|
105
105
|
|
|
106
106
|
```bash
|
|
107
|
-
rb-portless
|
|
108
|
-
rb-portless run bin/dev # → https://myapp.localhost
|
|
107
|
+
rb-portless run bin/dev # → https://myapp.localhost (CA auto-trusted on first run)
|
|
109
108
|
```
|
|
110
109
|
|
|
111
110
|
That's it. The railtie **auto-detects when you're running under `rb-portless`**
|
|
@@ -164,6 +163,29 @@ boundary). For ports < 1024 it re-execs under `sudo` so the elevated process can
|
|
|
164
163
|
bind the socket, then hands ownership of state files back to you. See
|
|
165
164
|
[`AGENTS.md`](AGENTS.md) for the full architecture.
|
|
166
165
|
|
|
166
|
+
## Compared to portless (Node)
|
|
167
|
+
|
|
168
|
+
The mental model is identical — `run` wraps your dev command, the proxy
|
|
169
|
+
auto-starts, named `.localhost` URLs replace ports. The only Ruby-world addition
|
|
170
|
+
is the one-line `require "portless/rails"` to satisfy Rails' host authorization.
|
|
171
|
+
|
|
172
|
+
| | **portless (Node)** | **rb-portless (Ruby/Rails)** |
|
|
173
|
+
|---|---|---|
|
|
174
|
+
| Install | `npm i -g portless` | `gem install rb-portless` (or Gemfile dev group) |
|
|
175
|
+
| Run a server | `portless run next dev` | `rb-portless run bin/rails server` |
|
|
176
|
+
| Run the dev orchestrator | `portless` (runs `"dev"` script) | `rb-portless run bin/dev` (wraps Foreman) |
|
|
177
|
+
| Bake into the project | `"dev": "portless run next dev"` → `npm run dev` | put `rb-portless run` in `bin/dev`, or use the binstub |
|
|
178
|
+
| Name the URL | `portless myapp …` / `portless.json` | `portless.json` `{ "name": "myapp" }` (else dir/git root) |
|
|
179
|
+
| Wildcard tenant subdomains | `tld` config | `portless.json` `{ "tld": "myapp.localhost" }` → `*.myapp.localhost` |
|
|
180
|
+
| Pin the backend port | `--app-port` / `appPort` | `appPort` in `portless.json` |
|
|
181
|
+
| Framework port injection | vite/astro/etc. auto | same (Rails/puma respect `PORT` natively) |
|
|
182
|
+
| HTTPS trust | auto on first run (+ `portless trust`) | auto on first run (+ `rb-portless trust`) |
|
|
183
|
+
| **Host allowlist** | not needed | **`gem "rb-portless", require: "portless/rails"`** (Rails-only) |
|
|
184
|
+
| Privileged 443 bind | sudo re-exec (auto) | sudo re-exec (auto), `:1355` fallback |
|
|
185
|
+
| Bind at boot (no sudo) | `portless service install` | `rb-portless service install` |
|
|
186
|
+
| Inspect / manage | `portless list / doctor / clean` | `rb-portless list / doctor / clean` |
|
|
187
|
+
| Static route (DB, etc.) | `portless alias pg 5432` | `rb-portless alias pg 5432` |
|
|
188
|
+
|
|
167
189
|
## Contributing
|
|
168
190
|
|
|
169
191
|
```bash
|
data/lib/portless/runner.rb
CHANGED
|
@@ -21,6 +21,7 @@ module Portless
|
|
|
21
21
|
hostname = @config.hostname
|
|
22
22
|
url = "#{@config.tls ? 'https' : 'http'}://#{hostname}"
|
|
23
23
|
|
|
24
|
+
ensure_trusted if @config.tls
|
|
24
25
|
Daemon.ensure_running(tls: @config.tls)
|
|
25
26
|
@route_store.add(hostname: hostname, port: port, pid: Process.pid, force: true)
|
|
26
27
|
|
|
@@ -33,6 +34,24 @@ module Portless
|
|
|
33
34
|
|
|
34
35
|
private
|
|
35
36
|
|
|
37
|
+
# Trust the local CA on first run (like portless), so HTTPS works without
|
|
38
|
+
# browser warnings out of the box. Interactive only — macOS prompts for
|
|
39
|
+
# keychain auth; in CI/no-TTY we skip with a hint rather than hang. Never
|
|
40
|
+
# blocks the run if trusting fails.
|
|
41
|
+
def ensure_trusted
|
|
42
|
+
return if Trust.trusted?
|
|
43
|
+
|
|
44
|
+
unless Privilege.interactive?
|
|
45
|
+
warn "rb-portless: CA not trusted — run `rb-portless trust` (HTTPS shows warnings until then)"
|
|
46
|
+
return
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
warn "rb-portless: trusting the local CA (first run)…"
|
|
50
|
+
Trust.install!
|
|
51
|
+
rescue Portless::Error => e
|
|
52
|
+
warn "rb-portless: couldn't auto-trust the CA (#{e.message}) — run `rb-portless trust`"
|
|
53
|
+
end
|
|
54
|
+
|
|
36
55
|
# Run the child in its own process group so we can signal the whole tree,
|
|
37
56
|
# forwarding INT/TERM and propagating its exit status.
|
|
38
57
|
def supervise(command, port, url)
|
data/lib/portless/version.rb
CHANGED