@push.rocks/smartproxy 18.0.2 → 18.2.0

package/dist_ts/proxies/smart-proxy/models/route-types.d.ts

@@ -51,6 +51,23 @@ export interface IRouteTarget {
     host: string | string[] | ((context: IRouteContext) => string | string[]);
     port: number | 'preserve' | ((context: IRouteContext) => number);
 }
+/**
+ * ACME configuration for automatic certificate provisioning
+ */
+export interface IRouteAcme {
+    email: string;
+    useProduction?: boolean;
+    challengePort?: number;
+    renewBeforeDays?: number;
+}
+/**
+ * Static route handler response
+ */
+export interface IStaticResponse {
+    status: number;
+    headers?: Record<string, string>;
+    body: string | Buffer;
+}
 /**
  * TLS configuration for route actions
  */
@@ -59,7 +76,15 @@ export interface IRouteTls {
     certificate?: 'auto' | {
         key: string;
         cert: string;
+        ca?: string;
+        keyFile?: string;
+        certFile?: string;
     };
+    acme?: IRouteAcme;
+    versions?: string[];
+    ciphers?: string;
+    honorCipherOrder?: boolean;
+    sessionTimeout?: number;
 }
 /**
  * Redirect configuration for route actions
@@ -202,6 +227,7 @@ export interface IRouteAction {
     };
     forwardingEngine?: 'node' | 'nftables';
     nftables?: INfTablesOptions;
+    handler?: (context: IRouteContext) => Promise<IStaticResponse>;
 }
 /**
  * Rate limiting configuration

package/dist_ts/proxies/smart-proxy/models/route-types.js

@@ -1,3 +1,3 @@
 import * as plugins from '../../../plugins.js';
 // Configuration moved to models/interfaces.ts as ISmartProxyOptions
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L21vZGVscy9yb3V0ZS10eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLHFCQUFxQixDQUFDO0FBMlYvQyxvRUFBb0UifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicm91dGUtdHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L21vZGVscy9yb3V0ZS10eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLHFCQUFxQixDQUFDO0FBeVgvQyxvRUFBb0UifQ==

package/dist_ts/proxies/smart-proxy/models/simplified-smartproxy-config.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Simplified SmartProxy configuration
+ */
+import type { CertProvider } from '../../../certificate/models/certificate-strategy.js';
+import type { IRouteConfig } from './route-types.js';
+/**
+ * ACME configuration - all certificate options in one place
+ */
+export interface AcmeConfig {
+    /**
+     * Email address for ACME account (required)
+     */
+    email: string;
+    /**
+     * ACME server environment
+     */
+    server: 'production' | 'staging';
+    /**
+     * Certificate provider function (required)
+     */
+    certProvider: CertProvider;
+    /**
+     * Certificate storage directory
+     * @default './certs'
+     */
+    storageDir?: string;
+    /**
+     * Days before expiry to renew certificates
+     * @default 30
+     */
+    renewBeforeDays?: number;
+    /**
+     * Enable ACME certificate management
+     * @default true
+     */
+    enabled?: boolean;
+}
+/**
+ * Simplified SmartProxy options
+ */
+export interface SimplifiedSmartProxyOptions {
+    /**
+     * Port to listen on
+     * @default 443
+     */
+    port?: number;
+    /**
+     * ACME/Certificate configuration
+     * Required if you want automatic certificate management
+     */
+    acme?: AcmeConfig;
+    /**
+     * Route configurations
+     */
+    routes: IRouteConfig[];
+    /**
+     * Log level
+     * @default 'info'
+     */
+    logLevel?: 'debug' | 'info' | 'warn' | 'error';
+}
+/**
+ * Helper to validate SmartProxy configuration
+ */
+export declare function validateSmartProxyConfig(options: SimplifiedSmartProxyOptions): void;

package/dist_ts/proxies/smart-proxy/models/simplified-smartproxy-config.js

@@ -0,0 +1,31 @@
+/**
+ * Simplified SmartProxy configuration
+ */
+/**
+ * Helper to validate SmartProxy configuration
+ */
+export function validateSmartProxyConfig(options) {
+    // If ACME is enabled, certProvider is required
+    if (options.acme?.enabled !== false) {
+        if (!options.acme?.certProvider) {
+            throw new Error('ACME is enabled but no certProvider configured. Please provide acme.certProvider or disable ACME with acme.enabled = false');
+        }
+        if (!options.acme?.email) {
+            throw new Error('ACME is enabled but no email configured. Please provide acme.email');
+        }
+    }
+    // Validate routes
+    if (!options.routes || options.routes.length === 0) {
+        throw new Error('At least one route must be configured');
+    }
+    // Validate routes have required fields
+    for (const route of options.routes) {
+        if (!route.match) {
+            throw new Error('Route must have match criteria');
+        }
+        if (!route.action) {
+            throw new Error('Route must have action configuration');
+        }
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2ltcGxpZmllZC1zbWFydHByb3h5LWNvbmZpZy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL3Byb3hpZXMvc21hcnQtcHJveHkvbW9kZWxzL3NpbXBsaWZpZWQtc21hcnRwcm94eS1jb25maWcudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7O0dBRUc7QUF1RUg7O0dBRUc7QUFDSCxNQUFNLFVBQVUsd0JBQXdCLENBQUMsT0FBb0M7SUFDM0UsK0NBQStDO0lBQy9DLElBQUksT0FBTyxDQUFDLElBQUksRUFBRSxPQUFPLEtBQUssS0FBSyxFQUFFLENBQUM7UUFDcEMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsWUFBWSxFQUFFLENBQUM7WUFDaEMsTUFBTSxJQUFJLEtBQUssQ0FBQyw0SEFBNEgsQ0FBQyxDQUFDO1FBQ2hKLENBQUM7UUFFRCxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQztZQUN6QixNQUFNLElBQUksS0FBSyxDQUFDLG9FQUFvRSxDQUFDLENBQUM7UUFDeEYsQ0FBQztJQUNILENBQUM7SUFFRCxrQkFBa0I7SUFDbEIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7UUFDbkQsTUFBTSxJQUFJLEtBQUssQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO0lBQzNELENBQUM7SUFFRCx1Q0FBdUM7SUFDdkMsS0FBSyxNQUFNLEtBQUssSUFBSSxPQUFPLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDbkMsSUFBSSxDQUFDLEtBQUssQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUFDLGdDQUFnQyxDQUFDLENBQUM7UUFDcEQsQ0FBQztRQUVELElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDbEIsTUFBTSxJQUFJLEtBQUssQ0FBQyxzQ0FBc0MsQ0FBQyxDQUFDO1FBQzFELENBQUM7SUFDSCxDQUFDO0FBQ0gsQ0FBQyJ9

package/dist_ts/proxies/smart-proxy/models/smartproxy-options.d.ts

@@ -0,0 +1,102 @@
+/**
+ * Unified SmartProxy configuration options
+ */
+import type { CertProvider } from '../../../certificate/models/certificate-strategy.js';
+import type { IRouteConfig } from './route-types.js';
+/**
+ * ACME configuration for automatic certificate management
+ */
+export interface IAcmeConfig {
+    /**
+     * Email address for ACME account (required if enabled)
+     */
+    email: string;
+    /**
+     * ACME server environment
+     * @default 'production'
+     */
+    server: 'production' | 'staging';
+    /**
+     * Certificate provider function (required if enabled)
+     * Returns strategy for each domain (acme-http, acme-dns, static, skip)
+     */
+    certProvider: CertProvider;
+    /**
+     * Certificate storage directory
+     * @default './certs'
+     */
+    storageDir?: string;
+    /**
+     * Days before expiry to renew certificates
+     * @default 30
+     */
+    renewBeforeDays?: number;
+    /**
+     * Enable automatic certificate management
+     * @default true
+     */
+    enabled?: boolean;
+    /**
+     * Port for ACME HTTP-01 challenges
+     * @default 80
+     */
+    port?: number;
+}
+/**
+ * Unified SmartProxy options
+ */
+export interface ISmartProxyOptions {
+    /**
+     * HTTPS port to listen on
+     * @default 443
+     */
+    port?: number;
+    /**
+     * HTTP port to listen on (for redirects and ACME challenges)
+     * @default 80
+     */
+    httpPort?: number;
+    /**
+     * Route configurations - the core of SmartProxy
+     * Each route defines matching criteria and actions
+     */
+    routes: IRouteConfig[];
+    /**
+     * ACME/Certificate configuration
+     * Required for automatic certificate provisioning
+     * If not provided or disabled, only static certificates will work
+     */
+    acme?: IAcmeConfig;
+    /**
+     * Certificate provider function for backward compatibility
+     * @deprecated Use acme.certProvider instead
+     */
+    certProviderFunction?: CertProvider;
+    /**
+     * Log level for debugging
+     * @default 'info'
+     */
+    logLevel?: 'debug' | 'info' | 'warn' | 'error';
+    /**
+     * Enable NFTables integration for advanced networking
+     * @default false
+     */
+    enableNFTables?: boolean;
+    /**
+     * Preserve client source IP when forwarding
+     * @default false
+     */
+    preserveSourceIP?: boolean;
+    /**
+     * Default forwarding target when not specified in routes
+     * @deprecated Define targets in individual routes
+     */
+    defaultTarget?: {
+        host: string;
+        port: number;
+    };
+}
+/**
+ * Validate SmartProxy configuration
+ */
+export declare function validateSmartProxyConfig(options: ISmartProxyOptions): void;

package/dist_ts/proxies/smart-proxy/models/smartproxy-options.js

@@ -0,0 +1,73 @@
+/**
+ * Unified SmartProxy configuration options
+ */
+/**
+ * Validate SmartProxy configuration
+ */
+export function validateSmartProxyConfig(options) {
+    // If ACME is enabled, certProvider is required
+    if (options.acme?.enabled !== false) {
+        if (!options.acme?.certProvider && !options.certProviderFunction) {
+            throw new Error('Certificate management is enabled but no certProvider configured. ' +
+                'Please provide acme.certProvider or disable ACME with acme.enabled = false');
+        }
+        if (!options.acme?.email) {
+            throw new Error('Certificate management is enabled but no email configured. ' +
+                'Please provide acme.email for ACME account registration');
+        }
+    }
+    // Validate routes
+    if (!options.routes || options.routes.length === 0) {
+        throw new Error('At least one route must be configured');
+    }
+    // Validate each route
+    for (const route of options.routes) {
+        if (!route.match) {
+            throw new Error(`Route '${route.name || 'unnamed'}' must have match criteria`);
+        }
+        if (!route.action) {
+            throw new Error(`Route '${route.name || 'unnamed'}' must have action configuration`);
+        }
+        // Validate ports if specified
+        if (route.match.ports) {
+            const validatePort = (port) => {
+                if (port < 1 || port > 65535) {
+                    throw new Error(`Invalid port number ${port} in route '${route.name || 'unnamed'}'`);
+                }
+            };
+            // Handle different port specification formats
+            const ports = route.match.ports;
+            if (typeof ports === 'number') {
+                validatePort(ports);
+            }
+            else if (Array.isArray(ports)) {
+                for (const port of ports) {
+                    if (typeof port === 'number') {
+                        validatePort(port);
+                    }
+                    else if (typeof port === 'object' && port.from && port.to) {
+                        validatePort(port.from);
+                        validatePort(port.to);
+                        if (port.from > port.to) {
+                            throw new Error(`Invalid port range ${port.from}-${port.to} in route '${route.name || 'unnamed'}'`);
+                        }
+                    }
+                    else {
+                        throw new Error(`Invalid port specification in route '${route.name || 'unnamed'}'`);
+                    }
+                }
+            }
+            else {
+                throw new Error(`Invalid ports configuration in route '${route.name || 'unnamed'}'`);
+            }
+        }
+    }
+    // Warn about deprecated options
+    if (options.certProviderFunction) {
+        console.warn('Warning: certProviderFunction is deprecated. Use acme.certProvider instead');
+    }
+    if (options.defaultTarget) {
+        console.warn('Warning: defaultTarget is deprecated. Define targets in individual routes instead');
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic21hcnRwcm94eS1vcHRpb25zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vdHMvcHJveGllcy9zbWFydC1wcm94eS9tb2RlbHMvc21hcnRwcm94eS1vcHRpb25zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBa0hIOztHQUVHO0FBQ0gsTUFBTSxVQUFVLHdCQUF3QixDQUFDLE9BQTJCO0lBQ2xFLCtDQUErQztJQUMvQyxJQUFJLE9BQU8sQ0FBQyxJQUFJLEVBQUUsT0FBTyxLQUFLLEtBQUssRUFBRSxDQUFDO1FBQ3BDLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFlBQVksSUFBSSxDQUFDLE9BQU8sQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1lBQ2pFLE1BQU0sSUFBSSxLQUFLLENBQ2Isb0VBQW9FO2dCQUNwRSw0RUFBNEUsQ0FDN0UsQ0FBQztRQUNKLENBQUM7UUFFRCxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQztZQUN6QixNQUFNLElBQUksS0FBSyxDQUNiLDZEQUE2RDtnQkFDN0QseURBQXlELENBQzFELENBQUM7UUFDSixDQUFDO0lBQ0gsQ0FBQztJQUVELGtCQUFrQjtJQUNsQixJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztRQUNuRCxNQUFNLElBQUksS0FBSyxDQUFDLHVDQUF1QyxDQUFDLENBQUM7SUFDM0QsQ0FBQztJQUVELHNCQUFzQjtJQUN0QixLQUFLLE1BQU0sS0FBSyxJQUFJLE9BQU8sQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuQyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ2pCLE1BQU0sSUFBSSxLQUFLLENBQUMsVUFBVSxLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsNEJBQTRCLENBQUMsQ0FBQztRQUNqRixDQUFDO1FBRUQsSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNsQixNQUFNLElBQUksS0FBSyxDQUFDLFVBQVUsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLGtDQUFrQyxDQUFDLENBQUM7UUFDdkYsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixJQUFJLEtBQUssQ0FBQyxLQUFLLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDdEIsTUFBTSxZQUFZLEdBQUcsQ0FBQyxJQUFZLEVBQUUsRUFBRTtnQkFDcEMsSUFBSSxJQUFJLEdBQUcsQ0FBQyxJQUFJLElBQUksR0FBRyxLQUFLLEVBQUUsQ0FBQztvQkFDN0IsTUFBTSxJQUFJLEtBQUssQ0FBQyx1QkFBdUIsSUFBSSxjQUFjLEtBQUssQ0FBQyxJQUFJLElBQUksU0FBUyxHQUFHLENBQUMsQ0FBQztnQkFDdkYsQ0FBQztZQUNILENBQUMsQ0FBQztZQUVGLDhDQUE4QztZQUM5QyxNQUFNLEtBQUssR0FBRyxLQUFLLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQztZQUNoQyxJQUFJLE9BQU8sS0FBSyxLQUFLLFFBQVEsRUFBRSxDQUFDO2dCQUM5QixZQUFZLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDdEIsQ0FBQztpQkFBTSxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztnQkFDaEMsS0FBSyxNQUFNLElBQUksSUFBSSxLQUFLLEVBQUUsQ0FBQztvQkFDekIsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRLEVBQUUsQ0FBQzt3QkFDN0IsWUFBWSxDQUFDLElBQUksQ0FBQyxDQUFDO29CQUNyQixDQUFDO3lCQUFNLElBQUksT0FBTyxJQUFJLEtBQUssUUFBUSxJQUFJLElBQUksQ0FBQyxJQUFJLElBQUksSUFBSSxDQUFDLEVBQUUsRUFBRSxDQUFDO3dCQUM1RCxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO3dCQUN4QixZQUFZLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO3dCQUN0QixJQUFJLElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDLEVBQUUsRUFBRSxDQUFDOzRCQUN4QixNQUFNLElBQUksS0FBSyxDQUFDLHNCQUFzQixJQUFJLENBQUMsSUFBSSxJQUFJLElBQUksQ0FBQyxFQUFFLGNBQWMsS0FBSyxDQUFDLElBQUksSUFBSSxTQUFTLEdBQUcsQ0FBQyxDQUFDO3dCQUN0RyxDQUFDO29CQUNILENBQUM7eUJBQU0sQ0FBQzt3QkFDTixNQUFNLElBQUksS0FBSyxDQUFDLHdDQUF3QyxLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsR0FBRyxDQUFDLENBQUM7b0JBQ3RGLENBQUM7Z0JBQ0gsQ0FBQztZQUNILENBQUM7aUJBQU0sQ0FBQztnQkFDTixNQUFNLElBQUksS0FBSyxDQUFDLHlDQUF5QyxLQUFLLENBQUMsSUFBSSxJQUFJLFNBQVMsR0FBRyxDQUFDLENBQUM7WUFDdkYsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQsZ0NBQWdDO0lBQ2hDLElBQUksT0FBTyxDQUFDLG9CQUFvQixFQUFFLENBQUM7UUFDakMsT0FBTyxDQUFDLElBQUksQ0FBQyw0RUFBNEUsQ0FBQyxDQUFDO0lBQzdGLENBQUM7SUFFRCxJQUFJLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUMxQixPQUFPLENBQUMsSUFBSSxDQUFDLG1GQUFtRixDQUFDLENBQUM7SUFDcEcsQ0FBQztBQUNILENBQUMifQ==

package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts

@@ -1,49 +1,35 @@
 import * as plugins from '../../plugins.js';
 import { NetworkProxy } from '../network-proxy/index.js';
-import { Port80Handler } from '../../http/port80/port80-handler.js';
-import type { ICertificateData } from '../../certificate/models/certificate-types.js';
 import type { IConnectionRecord, ISmartProxyOptions } from './models/interfaces.js';
 import type { IRouteConfig } from './models/route-types.js';
-/**
- * Manages NetworkProxy integration for TLS termination
- *
- * NetworkProxyBridge connects SmartProxy with NetworkProxy to handle TLS termination.
- * It directly passes route configurations to NetworkProxy and manages the physical
- * connection piping between SmartProxy and NetworkProxy for TLS termination.
- *
- * It is used by SmartProxy for routes that have:
- * - TLS mode of 'terminate' or 'terminate-and-reencrypt'
- * - Certificate set to 'auto' or custom certificate
- */
 export declare class NetworkProxyBridge {
     private settings;
     private networkProxy;
-    private port80Handler;
     constructor(settings: ISmartProxyOptions);
     /**
-     * Set the Port80Handler to use for certificate management
+     * Get the NetworkProxy instance
      */
-    setPort80Handler(handler: Port80Handler): void;
+    getNetworkProxy(): NetworkProxy | null;
     /**
      * Initialize NetworkProxy instance
      */
     initialize(): Promise<void>;
     /**
-     * Handle certificate issuance or renewal events
+     * Sync routes to NetworkProxy
      */
-    private handleCertificateEvent;
+    syncRoutesToNetworkProxy(routes: IRouteConfig[]): Promise<void>;
     /**
-     * Apply an external (static) certificate into NetworkProxy
+     * Convert route to NetworkProxy configuration
      */
-    applyExternalCertificate(data: ICertificateData): void;
+    private routeToNetworkProxyConfig;
     /**
-     * Get the NetworkProxy instance
+     * Check if connection should use NetworkProxy
      */
-    getNetworkProxy(): NetworkProxy | null;
+    shouldUseNetworkProxy(connection: IConnectionRecord, routeMatch: any): boolean;
     /**
-     * Get the NetworkProxy port
+     * Forward connection to NetworkProxy
      */
-    getNetworkProxyPort(): number;
+    forwardToNetworkProxy(connectionId: string, socket: plugins.net.Socket, record: IConnectionRecord, initialChunk: Buffer, networkProxyPort: number, cleanupCallback: (reason: string) => void): Promise<void>;
     /**
      * Start NetworkProxy
      */
@@ -52,24 +38,4 @@ export declare class NetworkProxyBridge {
      * Stop NetworkProxy
      */
     stop(): Promise<void>;
-    /**
-     * Forwards a TLS connection to a NetworkProxy for handling
-     */
-    forwardToNetworkProxy(connectionId: string, socket: plugins.net.Socket, record: IConnectionRecord, initialData: Buffer, customProxyPort?: number, onError?: (reason: string) => void): void;
-    /**
-     * Synchronizes routes to NetworkProxy
-     *
-     * This method directly passes route configurations to NetworkProxy without any
-     * intermediate conversion. NetworkProxy natively understands route configurations.
-     *
-     * @param routes The route configurations to sync to NetworkProxy
-     */
-    syncRoutesToNetworkProxy(routes: IRouteConfig[]): Promise<void>;
-    /**
-     * Request a certificate for a specific domain
-     *
-     * @param domain The domain to request a certificate for
-     * @param routeName Optional route name to associate with this certificate
-     */
-    requestCertificate(domain: string, routeName?: string): Promise<boolean>;
 }