@push.rocks/smartproxy 15.0.2 → 16.0.3

package/ts/proxies/smart-proxy/utils/route-migration-utils.ts

@@ -0,0 +1,165 @@
+/**
+ * Route Migration Utilities
+ * 
+ * This file provides utility functions for migrating from legacy domain-based
+ * configuration to the new route-based configuration system. These functions
+ * are temporary and will be removed after the migration is complete.
+ */
+
+import type { TForwardingType } from '../../../forwarding/config/forwarding-types.js';
+import type { IRouteConfig, IRouteMatch, IRouteAction, IRouteTarget } from '../models/route-types.js';
+
+/**
+ * Legacy domain config interface (for migration only)
+ * @deprecated This interface will be removed in a future version
+ */
+export interface ILegacyDomainConfig {
+  domains: string[];
+  forwarding: {
+    type: TForwardingType;
+    target: {
+      host: string | string[];
+      port: number;
+    };
+    [key: string]: any;
+  };
+}
+
+/**
+ * Convert a legacy domain config to a route-based config
+ * @param domainConfig Legacy domain configuration
+ * @param additionalOptions Additional options to add to the route
+ * @returns Route configuration
+ * @deprecated This function will be removed in a future version
+ */
+export function domainConfigToRouteConfig(
+  domainConfig: ILegacyDomainConfig,
+  additionalOptions: Partial<IRouteConfig> = {}
+): IRouteConfig {
+  // Default port based on forwarding type
+  let defaultPort = 80;
+  let tlsMode: 'passthrough' | 'terminate' | 'terminate-and-reencrypt' | undefined;
+
+  switch (domainConfig.forwarding.type) {
+    case 'http-only':
+      defaultPort = 80;
+      break;
+    case 'https-passthrough':
+      defaultPort = 443;
+      tlsMode = 'passthrough';
+      break;
+    case 'https-terminate-to-http':
+      defaultPort = 443;
+      tlsMode = 'terminate';
+      break;
+    case 'https-terminate-to-https':
+      defaultPort = 443;
+      tlsMode = 'terminate-and-reencrypt';
+      break;
+  }
+
+  // Create route match criteria
+  const match: IRouteMatch = {
+    ports: additionalOptions.match?.ports || defaultPort,
+    domains: domainConfig.domains
+  };
+
+  // Create route target
+  const target: IRouteTarget = {
+    host: domainConfig.forwarding.target.host,
+    port: domainConfig.forwarding.target.port
+  };
+
+  // Create route action
+  const action: IRouteAction = {
+    type: 'forward',
+    target
+  };
+
+  // Add TLS configuration if needed
+  if (tlsMode) {
+    action.tls = {
+      mode: tlsMode,
+      certificate: 'auto'
+    };
+
+    // If the legacy config has custom certificates, use them
+    if (domainConfig.forwarding.https?.customCert) {
+      action.tls.certificate = {
+        key: domainConfig.forwarding.https.customCert.key,
+        cert: domainConfig.forwarding.https.customCert.cert
+      };
+    }
+  }
+
+  // Add security options if present
+  if (domainConfig.forwarding.security) {
+    action.security = domainConfig.forwarding.security;
+  }
+
+  // Create the route config
+  const routeConfig: IRouteConfig = {
+    match,
+    action,
+    // Include a name based on domains if not provided
+    name: additionalOptions.name || `Legacy route for ${domainConfig.domains.join(', ')}`,
+    // Include a note that this was converted from a legacy config
+    description: additionalOptions.description || 'Converted from legacy domain configuration'
+  };
+
+  // Add optional properties if provided
+  if (additionalOptions.priority !== undefined) {
+    routeConfig.priority = additionalOptions.priority;
+  }
+  
+  if (additionalOptions.tags) {
+    routeConfig.tags = additionalOptions.tags;
+  }
+
+  return routeConfig;
+}
+
+/**
+ * Convert an array of legacy domain configs to route configurations
+ * @param domainConfigs Array of legacy domain configurations
+ * @returns Array of route configurations
+ * @deprecated This function will be removed in a future version
+ */
+export function domainConfigsToRouteConfigs(
+  domainConfigs: ILegacyDomainConfig[]
+): IRouteConfig[] {
+  return domainConfigs.map(config => domainConfigToRouteConfig(config));
+}
+
+/**
+ * Extract domains from a route configuration
+ * @param route Route configuration
+ * @returns Array of domains
+ */
+export function extractDomainsFromRoute(route: IRouteConfig): string[] {
+  if (!route.match.domains) {
+    return [];
+  }
+  
+  return Array.isArray(route.match.domains)
+    ? route.match.domains
+    : [route.match.domains];
+}
+
+/**
+ * Extract domains from an array of route configurations
+ * @param routes Array of route configurations
+ * @returns Array of unique domains
+ */
+export function extractDomainsFromRoutes(routes: IRouteConfig[]): string[] {
+  const domains = new Set<string>();
+  
+  for (const route of routes) {
+    const routeDomains = extractDomainsFromRoute(route);
+    for (const domain of routeDomains) {
+      domains.add(domain);
+    }
+  }
+  
+  return Array.from(domains);
+}

package/ts/proxies/smart-proxy/utils/route-patterns.ts

@@ -0,0 +1,309 @@
+/**
+ * Route Patterns
+ * 
+ * This file provides pre-defined route patterns for common use cases.
+ * These patterns can be used as templates for creating route configurations.
+ */
+
+import type { IRouteConfig } from '../models/route-types.js';
+import { createHttpRoute, createHttpsTerminateRoute, createHttpsPassthroughRoute, createCompleteHttpsServer } from './route-helpers.js';
+import { mergeRouteConfigs } from './route-utils.js';
+
+/**
+ * Create an API Gateway route pattern
+ * @param domains Domain(s) to match
+ * @param apiBasePath Base path for API endpoints (e.g., '/api')
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns API route configuration
+ */
+export function createApiGatewayRoute(
+  domains: string | string[],
+  apiBasePath: string,
+  target: { host: string | string[]; port: number },
+  options: {
+    useTls?: boolean;
+    certificate?: 'auto' | { key: string; cert: string };
+    addCorsHeaders?: boolean;
+    [key: string]: any;
+  } = {}
+): IRouteConfig {
+  // Normalize apiBasePath to ensure it starts with / and doesn't end with /
+  const normalizedPath = apiBasePath.startsWith('/') 
+    ? apiBasePath 
+    : `/${apiBasePath}`;
+  
+  // Add wildcard to path to match all API endpoints
+  const apiPath = normalizedPath.endsWith('/') 
+    ? `${normalizedPath}*` 
+    : `${normalizedPath}/*`;
+  
+  // Create base route
+  const baseRoute = options.useTls
+    ? createHttpsTerminateRoute(domains, target, {
+        certificate: options.certificate || 'auto'
+      })
+    : createHttpRoute(domains, target);
+  
+  // Add API-specific configurations
+  const apiRoute: Partial<IRouteConfig> = {
+    match: {
+      ...baseRoute.match,
+      path: apiPath
+    },
+    name: options.name || `API Gateway: ${apiPath} -> ${Array.isArray(target.host) ? target.host.join(', ') : target.host}:${target.port}`,
+    priority: options.priority || 100 // Higher priority for specific path matching
+  };
+  
+  // Add CORS headers if requested
+  if (options.addCorsHeaders) {
+    apiRoute.headers = {
+      response: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
+        'Access-Control-Allow-Headers': 'Content-Type, Authorization',
+        'Access-Control-Max-Age': '86400'
+      }
+    };
+  }
+  
+  return mergeRouteConfigs(baseRoute, apiRoute);
+}
+
+/**
+ * Create a static file server route pattern
+ * @param domains Domain(s) to match
+ * @param rootDirectory Root directory for static files
+ * @param options Additional route options
+ * @returns Static file server route configuration
+ */
+export function createStaticFileServerRoute(
+  domains: string | string[],
+  rootDirectory: string,
+  options: {
+    useTls?: boolean;
+    certificate?: 'auto' | { key: string; cert: string };
+    indexFiles?: string[];
+    cacheControl?: string;
+    path?: string;
+    [key: string]: any;
+  } = {}
+): IRouteConfig {
+  // Create base route with static action
+  const baseRoute: IRouteConfig = {
+    match: {
+      domains,
+      ports: options.useTls ? 443 : 80,
+      path: options.path || '/'
+    },
+    action: {
+      type: 'static',
+      static: {
+        root: rootDirectory,
+        index: options.indexFiles || ['index.html', 'index.htm'],
+        headers: {
+          'Cache-Control': options.cacheControl || 'public, max-age=3600'
+        }
+      }
+    },
+    name: options.name || `Static Server: ${Array.isArray(domains) ? domains.join(', ') : domains}`,
+    priority: options.priority || 50
+  };
+  
+  // Add TLS configuration if requested
+  if (options.useTls) {
+    baseRoute.action.tls = {
+      mode: 'terminate',
+      certificate: options.certificate || 'auto'
+    };
+  }
+  
+  return baseRoute;
+}
+
+/**
+ * Create a WebSocket route pattern
+ * @param domains Domain(s) to match
+ * @param target WebSocket server host and port
+ * @param options Additional route options
+ * @returns WebSocket route configuration
+ */
+export function createWebSocketRoute(
+  domains: string | string[],
+  target: { host: string | string[]; port: number },
+  options: {
+    useTls?: boolean;
+    certificate?: 'auto' | { key: string; cert: string };
+    path?: string;
+    [key: string]: any;
+  } = {}
+): IRouteConfig {
+  // Create base route
+  const baseRoute = options.useTls
+    ? createHttpsTerminateRoute(domains, target, {
+        certificate: options.certificate || 'auto'
+      })
+    : createHttpRoute(domains, target);
+  
+  // Add WebSocket-specific configurations
+  const wsRoute: Partial<IRouteConfig> = {
+    match: {
+      ...baseRoute.match,
+      path: options.path || '/ws',
+      headers: {
+        'Upgrade': 'websocket'
+      }
+    },
+    action: {
+      ...baseRoute.action,
+      websocket: {
+        enabled: true,
+        pingInterval: options.pingInterval || 30000, // 30 seconds
+        pingTimeout: options.pingTimeout || 5000    // 5 seconds
+      }
+    },
+    name: options.name || `WebSocket: ${Array.isArray(domains) ? domains.join(', ') : domains} -> ${Array.isArray(target.host) ? target.host.join(', ') : target.host}:${target.port}`,
+    priority: options.priority || 100 // Higher priority for WebSocket routes
+  };
+  
+  return mergeRouteConfigs(baseRoute, wsRoute);
+}
+
+/**
+ * Create a load balancer route pattern
+ * @param domains Domain(s) to match
+ * @param backends Array of backend servers
+ * @param options Additional route options
+ * @returns Load balancer route configuration
+ */
+export function createLoadBalancerRoute(
+  domains: string | string[],
+  backends: Array<{ host: string; port: number }>,
+  options: {
+    useTls?: boolean;
+    certificate?: 'auto' | { key: string; cert: string };
+    algorithm?: 'round-robin' | 'least-connections' | 'ip-hash';
+    healthCheck?: {
+      path: string;
+      interval: number;
+      timeout: number;
+      unhealthyThreshold: number;
+      healthyThreshold: number;
+    };
+    [key: string]: any;
+  } = {}
+): IRouteConfig {
+  // Extract hosts and ensure all backends use the same port
+  const port = backends[0].port;
+  const hosts = backends.map(backend => backend.host);
+  
+  // Create route with multiple hosts for load balancing
+  const baseRoute = options.useTls
+    ? createHttpsTerminateRoute(domains, { host: hosts, port }, {
+        certificate: options.certificate || 'auto'
+      })
+    : createHttpRoute(domains, { host: hosts, port });
+  
+  // Add load balancing specific configurations
+  const lbRoute: Partial<IRouteConfig> = {
+    action: {
+      ...baseRoute.action,
+      loadBalancing: {
+        algorithm: options.algorithm || 'round-robin',
+        healthCheck: options.healthCheck
+      }
+    },
+    name: options.name || `Load Balancer: ${Array.isArray(domains) ? domains.join(', ') : domains}`,
+    priority: options.priority || 50
+  };
+  
+  return mergeRouteConfigs(baseRoute, lbRoute);
+}
+
+/**
+ * Create a rate limiting route pattern
+ * @param baseRoute Base route to add rate limiting to
+ * @param rateLimit Rate limiting configuration
+ * @returns Route with rate limiting
+ */
+export function addRateLimiting(
+  baseRoute: IRouteConfig,
+  rateLimit: {
+    maxRequests: number;
+    window: number; // Time window in seconds
+    keyBy?: 'ip' | 'path' | 'header';
+    headerName?: string; // Required if keyBy is 'header'
+    errorMessage?: string;
+  }
+): IRouteConfig {
+  return mergeRouteConfigs(baseRoute, {
+    security: {
+      rateLimit: {
+        enabled: true,
+        maxRequests: rateLimit.maxRequests,
+        window: rateLimit.window,
+        keyBy: rateLimit.keyBy || 'ip',
+        headerName: rateLimit.headerName,
+        errorMessage: rateLimit.errorMessage || 'Rate limit exceeded. Please try again later.'
+      }
+    }
+  });
+}
+
+/**
+ * Create a basic authentication route pattern
+ * @param baseRoute Base route to add authentication to
+ * @param auth Authentication configuration
+ * @returns Route with basic authentication
+ */
+export function addBasicAuth(
+  baseRoute: IRouteConfig,
+  auth: {
+    users: Array<{ username: string; password: string }>;
+    realm?: string;
+    excludePaths?: string[];
+  }
+): IRouteConfig {
+  return mergeRouteConfigs(baseRoute, {
+    security: {
+      basicAuth: {
+        enabled: true,
+        users: auth.users,
+        realm: auth.realm || 'Restricted Area',
+        excludePaths: auth.excludePaths || []
+      }
+    }
+  });
+}
+
+/**
+ * Create a JWT authentication route pattern
+ * @param baseRoute Base route to add JWT authentication to
+ * @param jwt JWT authentication configuration
+ * @returns Route with JWT authentication
+ */
+export function addJwtAuth(
+  baseRoute: IRouteConfig,
+  jwt: {
+    secret: string;
+    algorithm?: string;
+    issuer?: string;
+    audience?: string;
+    expiresIn?: number; // Time in seconds
+    excludePaths?: string[];
+  }
+): IRouteConfig {
+  return mergeRouteConfigs(baseRoute, {
+    security: {
+      jwtAuth: {
+        enabled: true,
+        secret: jwt.secret,
+        algorithm: jwt.algorithm || 'HS256',
+        issuer: jwt.issuer,
+        audience: jwt.audience,
+        expiresIn: jwt.expiresIn,
+        excludePaths: jwt.excludePaths || []
+      }
+    }
+  });
+}