@push.rocks/smartproxy 15.0.2 → 16.0.2

package/ts/forwarding/config/forwarding-types.ts

@@ -1,6 +1,9 @@
 import type * as plugins from '../../plugins.js';
 
 /**
+ * @deprecated The legacy forwarding types are being replaced by the route-based configuration system.
+ * See /ts/proxies/smart-proxy/models/route-types.ts for the new route-based configuration.
+ *
  * The primary forwarding types supported by SmartProxy
  */
 export type TForwardingType =
@@ -9,88 +12,6 @@ export type TForwardingType =
   | 'https-terminate-to-http'  // Terminate TLS and forward to HTTP backend
   | 'https-terminate-to-https'; // Terminate TLS and forward to HTTPS backend
 
-/**
- * Target configuration for forwarding
- */
-export interface ITargetConfig {
-  host: string | string[];  // Support single host or round-robin
-  port: number;
-}
-
-/**
- * HTTP-specific options for forwarding
- */
-export interface IHttpOptions {
-  enabled?: boolean;                 // Whether HTTP is enabled
-  redirectToHttps?: boolean;         // Redirect HTTP to HTTPS
-  headers?: Record<string, string>;  // Custom headers for HTTP responses
-}
-
-/**
- * HTTPS-specific options for forwarding
- */
-export interface IHttpsOptions {
-  customCert?: {                    // Use custom cert instead of auto-provisioned
-    key: string;
-    cert: string;
-  };
-  forwardSni?: boolean;             // Forward SNI info in passthrough mode
-}
-
-/**
- * ACME certificate handling options
- */
-export interface IAcmeForwardingOptions {
-  enabled?: boolean;                // Enable ACME certificate provisioning
-  maintenance?: boolean;            // Auto-renew certificates
-  production?: boolean;             // Use production ACME servers
-  forwardChallenges?: {             // Forward ACME challenges
-    host: string;
-    port: number;
-    useTls?: boolean;
-  };
-}
-
-/**
- * Security options for forwarding
- */
-export interface ISecurityOptions {
-  allowedIps?: string[];            // IPs allowed to connect
-  blockedIps?: string[];            // IPs blocked from connecting
-  maxConnections?: number;          // Max simultaneous connections
-}
-
-/**
- * Advanced options for forwarding
- */
-export interface IAdvancedOptions {
-  portRanges?: Array<{ from: number; to: number }>; // Allowed port ranges
-  networkProxyPort?: number;        // Custom NetworkProxy port if using terminate mode
-  keepAlive?: boolean;              // Enable TCP keepalive
-  timeout?: number;                 // Connection timeout in ms
-  headers?: Record<string, string>; // Custom headers with support for variables like {sni}
-}
-
-/**
- * Unified forwarding configuration interface
- */
-export interface IForwardConfig {
-  // Define the primary forwarding type - use-case driven approach
-  type: TForwardingType;
-
-  // Target configuration
-  target: ITargetConfig;
-
-  // Protocol options
-  http?: IHttpOptions;
-  https?: IHttpsOptions;
-  acme?: IAcmeForwardingOptions;
-
-  // Security and advanced options
-  security?: ISecurityOptions;
-  advanced?: IAdvancedOptions;
-}
-
 /**
  * Event types emitted by forwarding handlers
  */
@@ -114,49 +35,100 @@ export interface IForwardingHandler extends plugins.EventEmitter {
   handleHttpRequest(req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse): void;
 }
 
+// Import and re-export the route-based helpers for seamless transition
+import {
+  createHttpRoute,
+  createHttpsTerminateRoute,
+  createHttpsPassthroughRoute,
+  createHttpToHttpsRedirect,
+  createCompleteHttpsServer,
+  createLoadBalancerRoute
+} from '../../proxies/smart-proxy/utils/route-helpers.js';
+
+export {
+  createHttpRoute,
+  createHttpsTerminateRoute,
+  createHttpsPassthroughRoute,
+  createHttpToHttpsRedirect,
+  createCompleteHttpsServer,
+  createLoadBalancerRoute
+};
+
+/**
+ * @deprecated These helper functions are maintained for backward compatibility.
+ * Please use the route-based helpers instead:
+ * - createHttpRoute
+ * - createHttpsTerminateRoute
+ * - createHttpsPassthroughRoute
+ * - createHttpToHttpsRedirect
+ */
+import type { IRouteConfig } from '../../proxies/smart-proxy/models/route-types.js';
+import { domainConfigToRouteConfig } from '../../proxies/smart-proxy/utils/route-migration-utils.js';
+
+// For backward compatibility
+export interface IForwardConfig {
+  type: TForwardingType;
+  target: {
+    host: string | string[];
+    port: number;
+  };
+  http?: any;
+  https?: any;
+  acme?: any;
+  security?: any;
+  advanced?: any;
+  [key: string]: any;
+}
+
+export interface IDeprecatedForwardConfig {
+  type: TForwardingType;
+  target: {
+    host: string | string[];
+    port: number;
+  };
+  [key: string]: any;
+}
+
 /**
- * Helper function types for common forwarding patterns
+ * @deprecated Use createHttpRoute instead
  */
 export const httpOnly = (
-  partialConfig: Partial<IForwardConfig> & Pick<IForwardConfig, 'target'>
-): IForwardConfig => ({
+  partialConfig: Partial<IDeprecatedForwardConfig> & Pick<IDeprecatedForwardConfig, 'target'>
+): IDeprecatedForwardConfig => ({
   type: 'http-only',
   target: partialConfig.target,
-  http: { enabled: true, ...(partialConfig.http || {}) },
-  ...(partialConfig.security ? { security: partialConfig.security } : {}),
-  ...(partialConfig.advanced ? { advanced: partialConfig.advanced } : {})
+  ...(partialConfig)
 });
 
+/**
+ * @deprecated Use createHttpsTerminateRoute instead
+ */
 export const tlsTerminateToHttp = (
-  partialConfig: Partial<IForwardConfig> & Pick<IForwardConfig, 'target'>
-): IForwardConfig => ({
+  partialConfig: Partial<IDeprecatedForwardConfig> & Pick<IDeprecatedForwardConfig, 'target'>
+): IDeprecatedForwardConfig => ({
   type: 'https-terminate-to-http',
   target: partialConfig.target,
-  https: { ...(partialConfig.https || {}) },
-  acme: { enabled: true, maintenance: true, ...(partialConfig.acme || {}) },
-  http: { enabled: true, redirectToHttps: true, ...(partialConfig.http || {}) },
-  ...(partialConfig.security ? { security: partialConfig.security } : {}),
-  ...(partialConfig.advanced ? { advanced: partialConfig.advanced } : {})
+  ...(partialConfig)
 });
 
+/**
+ * @deprecated Use createHttpsTerminateRoute with reencrypt option instead
+ */
 export const tlsTerminateToHttps = (
-  partialConfig: Partial<IForwardConfig> & Pick<IForwardConfig, 'target'>
-): IForwardConfig => ({
+  partialConfig: Partial<IDeprecatedForwardConfig> & Pick<IDeprecatedForwardConfig, 'target'>
+): IDeprecatedForwardConfig => ({
   type: 'https-terminate-to-https',
   target: partialConfig.target,
-  https: { ...(partialConfig.https || {}) },
-  acme: { enabled: true, maintenance: true, ...(partialConfig.acme || {}) },
-  http: { enabled: true, redirectToHttps: true, ...(partialConfig.http || {}) },
-  ...(partialConfig.security ? { security: partialConfig.security } : {}),
-  ...(partialConfig.advanced ? { advanced: partialConfig.advanced } : {})
+  ...(partialConfig)
 });
 
+/**
+ * @deprecated Use createHttpsPassthroughRoute instead
+ */
 export const httpsPassthrough = (
-  partialConfig: Partial<IForwardConfig> & Pick<IForwardConfig, 'target'>
-): IForwardConfig => ({
+  partialConfig: Partial<IDeprecatedForwardConfig> & Pick<IDeprecatedForwardConfig, 'target'>
+): IDeprecatedForwardConfig => ({
   type: 'https-passthrough',
   target: partialConfig.target,
-  https: { forwardSni: true, ...(partialConfig.https || {}) },
-  ...(partialConfig.security ? { security: partialConfig.security } : {}),
-  ...(partialConfig.advanced ? { advanced: partialConfig.advanced } : {})
+  ...(partialConfig)
 });

package/ts/forwarding/config/index.ts

@@ -1,7 +1,9 @@
 /**
  * Forwarding configuration exports
+ *
+ * Note: The legacy domain-based configuration has been replaced by route-based configuration.
+ * See /ts/proxies/smart-proxy/models/route-types.ts for the new route-based configuration.
  */
 
 export * from './forwarding-types.js';
-export * from './domain-config.js';
-export * from './domain-manager.js';
+export * from '../../proxies/smart-proxy/utils/route-helpers.js';

package/ts/forwarding/handlers/base-handler.ts

@@ -104,13 +104,15 @@ export abstract class ForwardingHandler extends plugins.EventEmitter implements
     
     // Apply custom headers with variable substitution
     for (const [key, value] of Object.entries(customHeaders)) {
+      if (typeof value !== 'string') continue;
+
       let processedValue = value;
-      
+
       // Replace variables in the header value
       for (const [varName, varValue] of Object.entries(variables)) {
         processedValue = processedValue.replace(`{${varName}}`, varValue);
       }
-      
+
       result[key] = processedValue;
     }
     

package/ts/forwarding/index.ts

@@ -5,8 +5,6 @@
 
 // Export types and configuration
 export * from './config/forwarding-types.js';
-export * from './config/domain-config.js';
-export * from './config/domain-manager.js';
 
 // Export handlers
 export { ForwardingHandler } from './handlers/base-handler.js';
@@ -26,6 +24,9 @@ import {
   httpsPassthrough
 } from './config/forwarding-types.js';
 
+// Export route-based helpers from smart-proxy
+export * from '../proxies/smart-proxy/utils/route-helpers.js';
+
 export const helpers = {
   httpOnly,
   tlsTerminateToHttp,

package/ts/http/models/http-types.ts

@@ -1,6 +1,5 @@
 import * as plugins from '../../plugins.js';
 import type {
-  IForwardConfig,
   IDomainOptions,
   IAcmeOptions
 } from '../../certificate/models/certificate-types.js';

package/ts/http/port80/acme-interfaces.ts

@@ -1,8 +1,12 @@
 /**
  * Type definitions for SmartAcme interfaces used by ChallengeResponder
  * These reflect the actual SmartAcme API based on the documentation
+ *
+ * Also includes route-based interfaces for Port80Handler to extract domains
+ * that need certificate management from route configurations.
  */
 import * as plugins from '../../plugins.js';
+import type { IRouteConfig } from '../../proxies/smart-proxy/models/route-types.js';
 
 /**
  * Structure for SmartAcme certificate result
@@ -82,4 +86,84 @@ export interface ISmartAcme {
   getCertificateForDomain(domain: string): Promise<ISmartAcmeCert>;
   on?(event: string, listener: (data: any) => void): void;
   eventEmitter?: plugins.EventEmitter;
+}
+
+/**
+ * Port80Handler route options
+ */
+export interface IPort80RouteOptions {
+  // The domain for the certificate
+  domain: string;
+
+  // Whether to redirect HTTP to HTTPS
+  sslRedirect: boolean;
+
+  // Whether to enable ACME certificate management
+  acmeMaintenance: boolean;
+
+  // Optional target for forwarding HTTP requests
+  forward?: {
+    ip: string;
+    port: number;
+  };
+
+  // Optional target for forwarding ACME challenge requests
+  acmeForward?: {
+    ip: string;
+    port: number;
+  };
+
+  // Reference to the route that requested this certificate
+  routeReference?: {
+    routeId?: string;
+    routeName?: string;
+  };
+}
+
+/**
+ * Extract domains that need certificate management from routes
+ * @param routes Route configurations to extract domains from
+ * @returns Array of Port80RouteOptions for each domain
+ */
+export function extractPort80RoutesFromRoutes(routes: IRouteConfig[]): IPort80RouteOptions[] {
+  const result: IPort80RouteOptions[] = [];
+
+  for (const route of routes) {
+    // Skip routes that don't have domains or TLS configuration
+    if (!route.match.domains || !route.action.tls) continue;
+
+    // Skip routes that don't terminate TLS
+    if (route.action.tls.mode !== 'terminate' && route.action.tls.mode !== 'terminate-and-reencrypt') continue;
+
+    // Only routes with automatic certificates need ACME
+    if (route.action.tls.certificate !== 'auto') continue;
+
+    // Get domains from route
+    const domains = Array.isArray(route.match.domains)
+      ? route.match.domains
+      : [route.match.domains];
+
+    // Create Port80RouteOptions for each domain
+    for (const domain of domains) {
+      // Skip wildcards (we can't get certificates for them)
+      if (domain.includes('*')) continue;
+
+      // Create Port80RouteOptions
+      const options: IPort80RouteOptions = {
+        domain,
+        sslRedirect: true, // Default to true for HTTPS routes
+        acmeMaintenance: true, // Default to true for auto certificates
+
+        // Add route reference
+        routeReference: {
+          routeName: route.name
+        }
+      };
+
+      // Add domain to result
+      result.push(options);
+    }
+  }
+
+  return result;
 }

package/ts/http/port80/port80-handler.ts

@@ -2,12 +2,12 @@ import * as plugins from '../../plugins.js';
 import { IncomingMessage, ServerResponse } from 'http';
 import { CertificateEvents } from '../../certificate/events/certificate-events.js';
 import type {
-  IForwardConfig,
-  IDomainOptions,
+  IDomainOptions, // Kept for backward compatibility
   ICertificateData,
   ICertificateFailure,
   ICertificateExpiring,
-  IAcmeOptions
+  IAcmeOptions,
+  IRouteForwardConfig
 } from '../../certificate/models/certificate-types.js';
 import {
   HttpEvents,
@@ -18,6 +18,9 @@ import {
 } from '../models/http-types.js';
 import type { IDomainCertificate } from '../models/http-types.js';
 import { ChallengeResponder } from './challenge-responder.js';
+import { extractPort80RoutesFromRoutes } from './acme-interfaces.js';
+import type { IPort80RouteOptions } from './acme-interfaces.js';
+import type { IRouteConfig } from '../../proxies/smart-proxy/models/route-types.js';
 
 // Re-export for backward compatibility
 export {
@@ -68,7 +71,7 @@ export class Port80Handler extends plugins.EventEmitter {
       renewThresholdDays: options.renewThresholdDays ?? 30,
       renewCheckIntervalHours: options.renewCheckIntervalHours ?? 24,
       autoRenew: options.autoRenew ?? true,
-      domainForwards: options.domainForwards ?? []
+      routeForwards: options.routeForwards ?? []
     };
 
     // Initialize challenge responder
@@ -198,29 +201,33 @@ export class Port80Handler extends plugins.EventEmitter {
    * Adds a domain with configuration options
    * @param options Domain configuration options
    */
-  public addDomain(options: IDomainOptions): void {
-    if (!options.domainName || typeof options.domainName !== 'string') {
+  public addDomain(options: IDomainOptions | IPort80RouteOptions): void {
+    // Normalize options format (handle both IDomainOptions and IPort80RouteOptions)
+    const normalizedOptions: IDomainOptions = this.normalizeOptions(options);
+
+    if (!normalizedOptions.domainName || typeof normalizedOptions.domainName !== 'string') {
       throw new HttpError('Invalid domain name');
     }
 
-    const domainName = options.domainName;
+    const domainName = normalizedOptions.domainName;
 
     if (!this.domainCertificates.has(domainName)) {
       this.domainCertificates.set(domainName, {
-        options,
+        options: normalizedOptions,
         certObtained: false,
         obtainingInProgress: false
       });
 
       console.log(`Domain added: ${domainName} with configuration:`, {
-        sslRedirect: options.sslRedirect,
-        acmeMaintenance: options.acmeMaintenance,
-        hasForward: !!options.forward,
-        hasAcmeForward: !!options.acmeForward
+        sslRedirect: normalizedOptions.sslRedirect,
+        acmeMaintenance: normalizedOptions.acmeMaintenance,
+        hasForward: !!normalizedOptions.forward,
+        hasAcmeForward: !!normalizedOptions.acmeForward,
+        routeReference: normalizedOptions.routeReference
       });
 
       // If acmeMaintenance is enabled and not a glob pattern, start certificate process immediately
-      if (options.acmeMaintenance && this.server && !this.isGlobPattern(domainName)) {
+      if (normalizedOptions.acmeMaintenance && this.server && !this.isGlobPattern(domainName)) {
         this.obtainCertificate(domainName).catch(err => {
           console.error(`Error obtaining initial certificate for ${domainName}:`, err);
         });
@@ -228,11 +235,50 @@ export class Port80Handler extends plugins.EventEmitter {
     } else {
       // Update existing domain with new options
       const existing = this.domainCertificates.get(domainName)!;
-      existing.options = options;
+      existing.options = normalizedOptions;
       console.log(`Domain ${domainName} configuration updated`);
     }
   }
 
+  /**
+   * Add domains from route configurations
+   * @param routes Array of route configurations
+   */
+  public addDomainsFromRoutes(routes: IRouteConfig[]): void {
+    // Extract Port80RouteOptions from routes
+    const routeOptions = extractPort80RoutesFromRoutes(routes);
+
+    // Add each domain
+    for (const options of routeOptions) {
+      this.addDomain(options);
+    }
+
+    console.log(`Added ${routeOptions.length} domains from routes for certificate management`);
+  }
+
+  /**
+   * Normalize options from either IDomainOptions or IPort80RouteOptions
+   * @param options Options to normalize
+   * @returns Normalized IDomainOptions
+   * @private
+   */
+  private normalizeOptions(options: IDomainOptions | IPort80RouteOptions): IDomainOptions {
+    // Handle IPort80RouteOptions format
+    if ('domain' in options) {
+      return {
+        domainName: options.domain,
+        sslRedirect: options.sslRedirect,
+        acmeMaintenance: options.acmeMaintenance,
+        forward: options.forward,
+        acmeForward: options.acmeForward,
+        routeReference: options.routeReference
+      };
+    }
+
+    // Already in IDomainOptions format
+    return options;
+  }
+
   /**
    * Removes a domain from management
    * @param domain The domain to remove
@@ -459,7 +505,7 @@ export class Port80Handler extends plugins.EventEmitter {
   private forwardRequest(
     req: plugins.http.IncomingMessage,
     res: plugins.http.ServerResponse,
-    target: IForwardConfig,
+    target: { ip: string; port: number },
     requestType: string
   ): void {
     const options = {

package/ts/proxies/smart-proxy/models/interfaces.ts

@@ -13,64 +13,17 @@ export type TSmartProxyCertProvisionObject = plugins.tsclass.network.ICert | 'ht
  */
 export type IRoutedSmartProxyOptions = ISmartProxyOptions;
 
-/**
- * Legacy domain configuration interface for backward compatibility
- */
-export interface IDomainConfig {
-  domains: string[];
-  forwarding: {
-    type: TForwardingType;
-    target: {
-      host: string | string[];
-      port: number;
-    };
-    acme?: {
-      enabled?: boolean;
-      maintenance?: boolean;
-      production?: boolean;
-      forwardChallenges?: {
-        host: string;
-        port: number;
-        useTls?: boolean;
-      };
-    };
-    http?: {
-      enabled?: boolean;
-      redirectToHttps?: boolean;
-      headers?: Record<string, string>;
-    };
-    https?: {
-      customCert?: {
-        key: string;
-        cert: string;
-      };
-      forwardSni?: boolean;
-    };
-    security?: {
-      allowedIps?: string[];
-      blockedIps?: string[];
-      maxConnections?: number;
-    };
-    advanced?: {
-      portRanges?: Array<{ from: number; to: number }>;
-      networkProxyPort?: number;
-      keepAlive?: boolean;
-      timeout?: number;
-      headers?: Record<string, string>;
-    };
-  };
-}
-
 /**
  * Helper functions for type checking configuration types
  */
 export function isLegacyOptions(options: any): boolean {
-  return !!(options.domainConfigs && options.domainConfigs.length > 0 &&
-           (!options.routes || options.routes.length === 0));
+  // Legacy options are no longer supported
+  return false;
 }
 
 export function isRoutedOptions(options: any): boolean {
-  return !!(options.routes && options.routes.length > 0);
+  // All configurations are now route-based
+  return true;
 }
 
 /**
@@ -80,14 +33,7 @@ export interface ISmartProxyOptions {
   // The unified configuration array (required)
   routes: IRouteConfig[];
 
-  // Legacy options for backward compatibility
-  fromPort?: number;
-  toPort?: number;
-  sniEnabled?: boolean;
-  domainConfigs?: IDomainConfig[];
-  targetIP?: string;
-  defaultAllowedIPs?: string[];
-  defaultBlockedIPs?: string[];
+  // Port range configuration
   globalPortRanges?: Array<{ from: number; to: number }>;
   forwardAllGlobalRanges?: boolean;
   preserveSourceIP?: boolean;
@@ -99,8 +45,8 @@ export interface ISmartProxyOptions {
       port: number; // Default port to use when not specified in routes
     };
     security?: {
-      allowedIPs?: string[]; // Default allowed IPs
-      blockedIPs?: string[]; // Default blocked IPs
+      allowedIps?: string[]; // Default allowed IPs
+      blockedIps?: string[]; // Default blocked IPs
       maxConnections?: number; // Default max connections
     };
     preserveSourceIP?: boolean; // Default source IP preservation
@@ -184,9 +130,6 @@ export interface IConnectionRecord {
   pendingData: Buffer[]; // Buffer to hold data during connection setup
   pendingDataSize: number; // Track total size of pending data
 
-  // Legacy property for backward compatibility
-  domainConfig?: IDomainConfig;
-
   // Enhanced tracking fields
   bytesReceived: number; // Total bytes received
   bytesSent: number; // Total bytes sent