@qpjoy/tunnel-cli 0.1.4 → 0.1.5

package/README.md

@@ -55,6 +55,13 @@ qp-tunnel-cli hdo refresh
 qp-tunnel-cli hdo down
 ```
 
+If a tunnel was created by the Electron HDO plugin, its default interface is
+`hdo-client`, so stop it with:
+
+```bash
+qp-tunnel-cli hdo down --interface hdo-client
+```
+
 Platform behavior:
 
 - Linux: writes `/etc/wireguard/hdo-internal.conf` and enables `wg-quick@hdo-internal`

package/dist/hdo.js

@@ -23,10 +23,10 @@ async function runHdoCli(args, ctx) {
             await enrollCommand(rest, command === 'refresh');
             return;
         case 'status':
-            statusCommand(parseStateFileArg(rest));
+            statusCommand(parseCommandOptions(rest));
             return;
         case 'down':
-            await downCommand(parseStateFileArg(rest));
+            await downCommand(parseCommandOptions(rest));
             return;
         default:
             process.stderr.write(`Unknown hdo command: ${command}\n\n`);
@@ -41,8 +41,8 @@ Usage:
   qp-tunnel-cli hdo enroll --server-url URL --username USER [options]
   qp-tunnel-cli hdo enroll --server-url URL --token TOKEN [options]
   qp-tunnel-cli hdo refresh [--server-url URL] [--username USER]
-  qp-tunnel-cli hdo status
-  qp-tunnel-cli hdo down
+  qp-tunnel-cli hdo status [--interface NAME]
+  qp-tunnel-cli hdo down [--interface NAME]
 
 Enroll options:
   --server-url URL       HDO/electron-server base URL
@@ -80,6 +80,10 @@ Notes:
   Linux writes /etc/wireguard and enables wg-quick@<interface>.
   macOS installs a LaunchDaemon and may prompt for an administrator password.
   Windows installs a WireGuard tunnel service and may show a UAC prompt.
+
+Tip:
+  If the Electron HDO plugin created the tunnel, stop it with:
+  qp-tunnel-cli hdo down --interface hdo-client
 `);
 }
 async function enrollCommand(args, refreshOnly) {
@@ -172,12 +176,12 @@ async function enrollCommand(args, refreshOnly) {
         '',
     ].join('\n'));
 }
-function statusCommand(stateFileInput) {
-    const stateFile = resolveStateFile(stateFileInput);
+function statusCommand(input) {
+    const stateFile = resolveStateFile(input.stateFile);
     const state = readState(stateFile);
-    const interfaceName = sanitizeInterfaceName(state.interfaceName || defaultInterfaceName);
-    const configPath = resolveConfigPath(state.configPath, interfaceName);
-    const installDir = resolveInstallDir(state.installDir);
+    const interfaceName = sanitizeInterfaceName(input.interfaceName || state.interfaceName || defaultInterfaceName);
+    const configPath = resolveConfigPath(input.configPath || state.configPath, interfaceName);
+    const installDir = resolveInstallDir(input.installDir || state.installDir);
     process.stdout.write(`State file: ${stateFile}\n`);
     process.stdout.write(`Server URL: ${state.serverUrl || 'unset'}\n`);
     process.stdout.write(`Device: ${state.deviceId || 'unset'}\n`);
@@ -199,22 +203,27 @@ function statusCommand(stateFileInput) {
         if (daemon.plistPath)
             process.stdout.write(`plist: ${daemon.plistPath}\n`);
     }
-    const tunnel = (0, electron_core_wireguard_1.getWireGuardTunnelStatus)({ runtime, configPath });
-    process.stdout.write(`WireGuard active: ${tunnel.active}\n`);
-    process.stdout.write(`Runtime: ${runtime.method}\n`);
-    if (tunnel.realInterfaceName)
-        process.stdout.write(`Interface: ${tunnel.realInterfaceName}\n`);
-    if (tunnel.peers.length)
-        process.stdout.write(`Peers: ${tunnel.peers.length}\n`);
-    if (tunnel.error)
-        process.stdout.write(`Status detail: ${tunnel.error}\n`);
-}
-async function downCommand(stateFileInput) {
-    const stateFile = resolveStateFile(stateFileInput);
+    try {
+        const tunnel = (0, electron_core_wireguard_1.getWireGuardTunnelStatus)({ runtime, configPath });
+        process.stdout.write(`WireGuard active: ${tunnel.active}\n`);
+        process.stdout.write(`Runtime: ${runtime.method}\n`);
+        if (tunnel.realInterfaceName)
+            process.stdout.write(`Interface: ${tunnel.realInterfaceName}\n`);
+        if (tunnel.peers.length)
+            process.stdout.write(`Peers: ${tunnel.peers.length}\n`);
+        if (tunnel.error)
+            process.stdout.write(`Status detail: ${tunnel.error}\n`);
+    }
+    catch (err) {
+        process.stdout.write(`WireGuard status detail: ${errorMessage(err)}\n`);
+    }
+}
+async function downCommand(input) {
+    const stateFile = resolveStateFile(input.stateFile);
     const state = readState(stateFile);
-    const interfaceName = sanitizeInterfaceName(state.interfaceName || defaultInterfaceName);
-    const configPath = resolveConfigPath(state.configPath, interfaceName);
-    const installDir = resolveInstallDir(state.installDir);
+    const interfaceName = sanitizeInterfaceName(input.interfaceName || state.interfaceName || defaultInterfaceName);
+    const configPath = resolveConfigPath(input.configPath || state.configPath, interfaceName);
+    const installDir = resolveInstallDir(input.installDir || state.installDir);
     if (process.platform === 'linux') {
         inheritRequired('systemctl', ['disable', '--now', `wg-quick@${interfaceName}`]);
         return;
@@ -224,6 +233,10 @@ async function downCommand(stateFileInput) {
         allowSystemFallback: true,
     });
     if (process.platform === 'darwin') {
+        if (!canReadFile(configPath)) {
+            uninstallDarwinLaunchDaemonByInterface(interfaceName);
+            return;
+        }
         const result = await (0, electron_core_wireguard_1.uninstallDarwinWireGuardLaunchDaemon)({ runtime, configPath });
         if (!result.ok)
             throw new Error(result.message);
@@ -304,22 +317,35 @@ function parseEnrollOptions(args) {
     }
     return options;
 }
-function parseStateFileArg(args) {
-    let stateFile;
+function parseCommandOptions(args) {
+    const options = {};
     for (let index = 0; index < args.length; index += 1) {
         const arg = args[index];
-        if (arg === '--state-file') {
+        const readValue = () => {
             const value = args[index + 1];
             if (!value)
-                throw new Error('Missing value for --state-file');
-            stateFile = value;
+                throw new Error(`Missing value for ${arg}`);
             index += 1;
-        }
-        else {
-            throw new Error(`Unknown hdo option: ${arg}`);
+            return value;
+        };
+        switch (arg) {
+            case '--state-file':
+                options.stateFile = readValue();
+                break;
+            case '--interface':
+                options.interfaceName = readValue();
+                break;
+            case '--config-path':
+                options.configPath = readValue();
+                break;
+            case '--install-dir':
+                options.installDir = readValue();
+                break;
+            default:
+                throw new Error(`Unknown hdo option: ${arg}`);
         }
     }
-    return stateFile;
+    return options;
 }
 async function resolveAuth(serverUrl, options, previous, username) {
     const token = resolveExplicitToken(options);
@@ -524,7 +550,12 @@ function resolveStateFile(input) {
     return (0, node_path_1.resolve)(input || defaultStateFile());
 }
 function resolveConfigPath(input, interfaceName) {
-    return (0, node_path_1.resolve)(input || defaultConfigPath(interfaceName));
+    if (input)
+        return (0, node_path_1.resolve)(input);
+    const launchDaemonConfig = darwinLaunchDaemonConfigPath(interfaceName);
+    if (launchDaemonConfig && (0, node_fs_1.existsSync)(launchDaemonConfig))
+        return launchDaemonConfig;
+    return (0, node_path_1.resolve)(defaultConfigPath(interfaceName));
 }
 function resolveInstallDir(input) {
     return (0, node_path_1.resolve)(input || defaultInstallDir());
@@ -543,6 +574,11 @@ function defaultConfigPath(interfaceName) {
         return (0, node_path_1.join)(windowsUserDataDir(), `${interfaceName}.conf`);
     return (0, node_path_1.join)((0, node_os_1.homedir)(), '.qpjoy', 'hdo', `${interfaceName}.conf`);
 }
+function darwinLaunchDaemonConfigPath(interfaceName) {
+    if (process.platform !== 'darwin')
+        return null;
+    return `/Library/Application Support/QPJoy/HDO/${interfaceName}/${interfaceName}.conf`;
+}
 function defaultInstallDir() {
     if (process.platform === 'linux')
         return '/usr/local/lib/qpjoy/hdo/bin';
@@ -560,6 +596,32 @@ function inheritRequired(command, args) {
     const result = (0, node_child_process_1.spawnSync)(command, args, { stdio: 'inherit' });
     assertSpawnOk(command, args, result);
 }
+function uninstallDarwinLaunchDaemonByInterface(interfaceName) {
+    const component = sanitizeLaunchDaemonComponent(interfaceName);
+    const label = `com.qpjoy.hdo.wireguard.${component}`;
+    const plist = `/Library/LaunchDaemons/${label}.plist`;
+    const supportDir = `/Library/Application Support/QPJoy/HDO/${component}`;
+    const script = [
+        'set -e',
+        `LABEL=${shellQuote(label)}`,
+        `PLIST=${shellQuote(plist)}`,
+        `SUPPORT_DIR=${shellQuote(supportDir)}`,
+        `PID_FILE=${shellQuote(`/var/run/wireguard/${interfaceName}.pid`)}`,
+        `NAME_FILE=${shellQuote(`/var/run/wireguard/${interfaceName}.name`)}`,
+        `WIREGUARD_GO=${shellQuote(`${supportDir}/bin/wireguard-go`)}`,
+        'launchctl bootout "system/$LABEL" >/dev/null 2>&1 || launchctl bootout system "$PLIST" >/dev/null 2>&1 || true',
+        'if [ -s "$PID_FILE" ]; then WG_PID="$(cat "$PID_FILE" 2>/dev/null || true)"; if [ -n "$WG_PID" ]; then kill "$WG_PID" >/dev/null 2>&1 || true; sleep 0.2; kill -9 "$WG_PID" >/dev/null 2>&1 || true; fi; fi',
+        'if command -v pgrep >/dev/null 2>&1; then for stale_pid in $(pgrep -x wireguard-go 2>/dev/null || true); do stale_command="$(ps -p "$stale_pid" -o command= 2>/dev/null || true)"; printf "%s\\n" "$stale_command" | grep -F "$WIREGUARD_GO" >/dev/null 2>&1 && kill "$stale_pid" >/dev/null 2>&1 || true; done; fi',
+        'rm -f "$PLIST" "$PID_FILE" "$NAME_FILE"',
+        'rm -rf "$SUPPORT_DIR"'
+    ].join('\n');
+    const appleScript = `do shell script ${appleScriptString(script)} with administrator privileges`;
+    const result = (0, node_child_process_1.spawnSync)('osascript', ['-e', appleScript], {
+        encoding: 'utf8'
+    });
+    assertSpawnOk('osascript', ['-e', '<uninstall-hdo-launchdaemon>'], result);
+    process.stdout.write(`Stopped and removed ${label}.\n`);
+}
 function assertSpawnOk(command, args, result) {
     if (result.error) {
         throw new Error(`${command} failed: ${result.error.message}`);
@@ -594,11 +656,32 @@ function tokenExpired(value) {
     const time = Date.parse(value);
     return Number.isFinite(time) && Date.now() > time - 60_000;
 }
+function canReadFile(path) {
+    try {
+        (0, node_fs_1.readFileSync)(path, 'utf8');
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
 function chmodSyncSafe(path, mode) {
     if (process.platform === 'win32')
         return;
     (0, node_fs_1.chmodSync)(path, mode);
 }
+function sanitizeLaunchDaemonComponent(value) {
+    return value.replace(/[^A-Za-z0-9.-]/g, '-').replace(/^-+|-+$/g, '').slice(0, 48) || 'hdo-client';
+}
+function shellQuote(value) {
+    return `'${String(value).replace(/'/g, `'\\''`)}'`;
+}
+function appleScriptString(value) {
+    return `"${value.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
+}
+function errorMessage(err) {
+    return err instanceof Error ? err.message : String(err);
+}
 function requireRecord(value, label) {
     if (!isRecord(value))
         throw new Error(`${label} is not an object.`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qpjoy/tunnel-cli",
-  "version": "0.1.4",
+  "version": "0.1.5",
   "description": "Global QPJoy Tunnel CLI for mihomo-client and cross-platform HDO mesh enrollment.",
   "private": false,
   "type": "commonjs",