@avelor/mesh 0.2.0 → 0.3.0

package/README.md

@@ -2,6 +2,8 @@
 
 Local dev proxy. Named services instead of ports. Failure injection without mocks.
 
+![demo](demo.gif)
+
 ```
 app.test   → :3000
 api.test   → :4000

package/bin/mesh.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import { watch, existsSync, readFileSync, writeFileSync, unlinkSync } from 'fs'
-import { spawn }                           from 'child_process'
+import { spawn, spawnSync }                from 'child_process'
 import { dirname, resolve }                from 'path'
 import { createRequire }                   from 'module'
 import { loadConfig }              from '../src/config.js'
@@ -11,9 +11,18 @@ import { init }                    from '../src/init.js'
 
 const STATE_FILE = '/tmp/.mesh.json'
 
+// Re-exec the current command under sudo if not already root.
+// Uses sudo -E to preserve PATH so mkcert and other tools remain findable.
+function autoSudo() {
+  if (process.getuid?.() === 0) return
+  const result = spawnSync('sudo', ['-E', process.execPath, ...process.argv.slice(1)], { stdio: 'inherit' })
+  process.exit(result.status ?? 1)
+}
+
 const RESET  = '\x1b[0m'
 const DIM    = '\x1b[2m'
 const GREEN  = '\x1b[32m'
+const YELLOW = '\x1b[33m'
 const CYAN   = '\x1b[36m'
 
 // ── Argument parsing ──────────────────────────────────────────────────────────
@@ -41,25 +50,48 @@ if (cmd === 'start') {
     let alive = false
     try { process.kill(state.pid, 0); alive = true } catch (e) { if (e.code === 'EPERM') alive = true }
     if (alive) {
-      console.error(`mesh: already running (pid ${state.pid}) — run sudo mesh stop first`)
+      console.error(`mesh: already running (pid ${state.pid}) — run mesh stop first`)
       process.exit(1)
     }
   } catch { /* not running */ }
 
-  if (process.getuid?.() !== 0) {
-    console.error('mesh: requires sudo to bind ports 80/443')
-    console.error('      sudo mesh start')
-    process.exit(1)
-  }
+  autoSudo()
 
   const forwardArgs = args.filter(a => a !== 'start')
   const child = spawn(process.execPath, [process.argv[1], 'route', ...forwardArgs], {
     detached: true,
     stdio:    'ignore',
   })
-  child.unref()
-  console.log(`mesh: started (pid ${child.pid})`)
-  process.exit(0)
+
+  const pid      = child.pid
+  const deadline = Date.now() + 5000
+
+  ;(function poll() {
+    let alive = true
+    try { process.kill(pid, 0) } catch (e) { if (e.code !== 'EPERM') alive = false }
+
+    if (!alive) {
+      console.error('mesh: failed to start — check your mesh.yml and that ports 80/443 are free')
+      process.exit(1)
+    }
+
+    try {
+      const state = JSON.parse(readFileSync(STATE_FILE, 'utf8'))
+      if (state.pid === pid) {
+        child.unref()
+        console.log(`mesh: started (pid ${pid})`)
+        process.exit(0)
+      }
+    } catch { /* not ready yet */ }
+
+    if (Date.now() >= deadline) {
+      child.kill()
+      console.error('mesh: timed out waiting for proxy to start')
+      process.exit(1)
+    }
+
+    setTimeout(poll, 50)
+  })()
 }
 
 if (cmd === 'stop') {
@@ -75,8 +107,7 @@ if (cmd === 'stop') {
     console.log(`mesh: stopped (pid ${state.pid})`)
   } catch (err) {
     if (err.code === 'EPERM') {
-      console.error(`mesh: permission denied — try: sudo mesh stop`)
-      process.exit(1)
+      autoSudo()
     }
     if (err.code === 'ESRCH') {
       try { unlinkSync(STATE_FILE) } catch {}
@@ -120,27 +151,33 @@ if (cmd === 'status') {
   for (const [name, port] of Object.entries(state.services)) {
     console.log(`  ${GREEN}${name.padEnd(pad)}.test${RESET}  ${DIM}→ :${port}  ${protocol}://${name}.test${RESET}`)
   }
+  const rules = state.rules ?? {}
+  if (Object.keys(rules).length) {
+    console.log('')
+    for (const [svc, ruleList] of Object.entries(rules)) {
+      for (const r of ruleList) {
+        const type      = r.status ? `${r.status}` : `${r.delay}ms delay`
+        const methodStr = r.method ? `${r.method} ` : ''
+        console.log(`  ${YELLOW}${svc}${r.path}${RESET}  ${DIM}${methodStr}${r.rate}% → ${type}${RESET}`)
+      }
+    }
+  }
   console.log('')
   process.exit(0)
 }
 
 if (cmd !== 'route') {
   console.error('Usage:')
-  console.error('  mesh init                        create mesh.yml in current directory')
-  console.error('  sudo mesh start                  start proxy in background')
-  console.error('  sudo mesh start --config <path>  use a specific config file')
-  console.error('  sudo mesh stop                   stop the background proxy')
-  console.error('  mesh status                      show running services')
-  console.error('  sudo mesh route                  start proxy in foreground (debug)')
+  console.error('  mesh init                       create mesh.yml in current directory')
+  console.error('  mesh start                      start proxy in background')
+  console.error('  mesh start --config <path>      use a specific config file')
+  console.error('  mesh stop                       stop the background proxy')
+  console.error('  mesh status                     show running services')
+  console.error('  mesh route                      start proxy in foreground (debug)')
   process.exit(1)
 }
 
-if (process.getuid?.() !== 0) {
-  console.error('mesh: requires sudo to write /etc/hosts and bind ports 80/443')
-  console.error('      both are cleaned up automatically on exit')
-  console.error('      sudo mesh route')
-  process.exit(1)
-}
+autoSudo()
 
 // ── Load config ───────────────────────────────────────────────────────────────
 
@@ -160,7 +197,7 @@ const configDir = dirname(resolve(configPath))
 const certs     = ensureCerts(services, configDir)
 const servers   = startProxy(services, rules, certs)
 
-writeFileSync(STATE_FILE, JSON.stringify({ pid: process.pid, configPath, services, https: !!certs }))
+writeFileSync(STATE_FILE, JSON.stringify({ pid: process.pid, configPath, services, rules, https: !!certs }))
 
 // ── Crash safety — clean /etc/hosts even on unexpected exit ───────────────────
 
@@ -202,7 +239,7 @@ watch(configPath, () => {
       Object.assign(rules, next.rules)
 
       writeHosts(services)
-      writeFileSync(STATE_FILE, JSON.stringify({ pid: process.pid, configPath, services, https: !!certs }))
+      writeFileSync(STATE_FILE, JSON.stringify({ pid: process.pid, configPath, services, rules, https: !!certs }))
 
       if (certs && hasNewServices) {
         const newCerts = ensureCerts(services, configDir)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@avelor/mesh",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "Local dev proxy. Named services, failure rules, no ports.",
   "keywords": [
     "proxy",

package/src/certs.js

@@ -1,7 +1,18 @@
 import { execFileSync, spawnSync } from 'child_process'
-import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs'
+import { chownSync, existsSync, mkdirSync, readFileSync, writeFileSync } from 'fs'
 import { resolve } from 'path'
 
+// When running under sudo, restore file ownership to the invoking user
+// so that .mesh/ doesn't end up owned by root.
+function fixOwnership(...paths) {
+  const uid = parseInt(process.env.SUDO_UID ?? '')
+  const gid = parseInt(process.env.SUDO_GID ?? '')
+  if (!uid || !gid) return
+  for (const p of paths) {
+    try { chownSync(p, uid, gid) } catch {}
+  }
+}
+
 function mkcertInstalled() {
   return spawnSync('which', ['mkcert']).status === 0
 }
@@ -37,13 +48,15 @@ export function ensureCerts(services, cwd = process.cwd()) {
   const keyFile  = resolve(dir, 'key.pem')
 
   mkdirSync(dir, { recursive: true })
+  fixOwnership(dir)
 
   if (!caInstalled()) {
     execFileSync('mkcert', ['-install'], { stdio: 'ignore' })
   }
 
-  const domains = Object.keys(services).map(n => `${n}.test`).sort()
-  const cached  = cachedDomains(dir).sort()
+  const domains     = Object.keys(services).map(n => `${n}.test`).sort()
+  const cached      = cachedDomains(dir).sort()
+  const domainsFile = resolve(dir, 'domains.json')
 
   const needsRegen = JSON.stringify(domains) !== JSON.stringify(cached)
     || !existsSync(certFile)
@@ -51,7 +64,8 @@ export function ensureCerts(services, cwd = process.cwd()) {
 
   if (needsRegen) {
     execFileSync('mkcert', ['-cert-file', certFile, '-key-file', keyFile, ...domains], { stdio: 'ignore' })
-    writeFileSync(resolve(dir, 'domains.json'), JSON.stringify(domains))
+    writeFileSync(domainsFile, JSON.stringify(domains))
+    fixOwnership(certFile, keyFile, domainsFile)
   }
 
   return { certFile, keyFile }

package/src/hosts.js

@@ -8,7 +8,7 @@ export function writeHosts(services, hostsFile = HOSTS_FILE) {
   const current = readFileSync(hostsFile, 'utf8')
   const clean   = removeMeshBlock(current)
   const entries = Object.keys(services)
-    .map(name => `127.0.0.1 ${name}.test`)
+    .flatMap(name => [`127.0.0.1 ${name}.test`, `::1 ${name}.test`])
     .join('\n')
   const next = `${clean.trimEnd()}\n\n${MESH_START}\n${entries}\n${MESH_END}\n`
   writeFileSync(hostsFile, next, 'utf8')

package/src/proxy.js

@@ -1,10 +1,31 @@
 import http             from 'http'
 import https            from 'https'
+import net              from 'net'
 import { readFileSync } from 'fs'
 import httpProxy        from 'http-proxy'
 import { matchRule, applyRule } from './rules.js'
 import { wantsHtml, errorPage } from './error-page.js'
 
+const hostCache = new Map()
+
+function probeHost(port) {
+  if (hostCache.has(port)) return Promise.resolve(hostCache.get(port))
+  const probe = addr => new Promise((resolve, reject) => {
+    const s = net.connect(port, addr)
+    s.setTimeout(200)
+    s.on('connect', () => { s.destroy(); resolve(addr) })
+    s.on('timeout',  () => { s.destroy(); reject(new Error('timeout')) })
+    s.on('error', reject)
+  })
+  return Promise.any([probe('127.0.0.1'), probe('::1')])
+    .then(host => { hostCache.set(port, host); return host })
+    .catch(() => '127.0.0.1')
+}
+
+function fmtHost(host) {
+  return host.includes(':') ? `[${host}]` : host
+}
+
 const RESET  = '\x1b[0m'
 const DIM    = '\x1b[2m'
 const GREEN  = '\x1b[32m'
@@ -65,14 +86,16 @@ export function startProxy(services, rules, certs = null) {
       log(YELLOW, `${rule.delay}ms`, name, pathname, `→ :${target} (delayed)`)
     }
 
-    proxy.web(req, res, { target: `http://127.0.0.1:${target}` })
+    const host = await probeHost(target)
+    proxy.web(req, res, { target: `http://${fmtHost(host)}:${target}` })
     if (!rule) log(DIM, '→', name, pathname, `→ :${target}`)
   }
 
-  function handleUpgrade(req, socket, head) {
+  async function handleUpgrade(req, socket, head) {
     const { name, target } = resolveService(req.headers.host)
     if (!target) { socket.destroy(); return }
-    proxy.ws(req, socket, head, { target: `ws://127.0.0.1:${target}` }, err => {
+    const host = await probeHost(target)
+    proxy.ws(req, socket, head, { target: `ws://${fmtHost(host)}:${target}` }, err => {
       if (err) log(RED, 'WSE', name, req.url, `→ ${err.code ?? err.message}`)
     })
     log(DIM, 'WS', name, req.url, `→ :${target}`)
@@ -98,7 +121,7 @@ export function startProxy(services, rules, certs = null) {
     throw err
   })
 
-  httpServer.listen(80, '127.0.0.1', () => onReady(services, rules, certs))
+  httpServer.listen(80, '::', () => onReady(services, rules, certs))
 
   let httpsServer = null
 
@@ -115,7 +138,7 @@ export function startProxy(services, rules, certs = null) {
       }
       throw err
     })
-    httpsServer.listen(443, '127.0.0.1')
+    httpsServer.listen(443, '::')
   }
 
   return { http: httpServer, https: httpsServer }