@serve.zone/remoteingress 1.0.4

package/cli.js

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+process.env.CLI_CALL = 'true';
+const cliTool = await import('./dist_ts/index.js');
+cliTool.runCli();

package/dist_ts/00_commitinfo_data.d.ts

@@ -0,0 +1,8 @@
+/**
+ * autocreated commitinfo by @pushrocks/commitinfo
+ */
+export declare const commitinfo: {
+    name: string;
+    version: string;
+    description: string;
+};

package/dist_ts/00_commitinfo_data.js

@@ -0,0 +1,9 @@
+/**
+ * autocreated commitinfo by @pushrocks/commitinfo
+ */
+export const commitinfo = {
+    name: '@serve.zone/remoteingress',
+    version: '1.0.4',
+    description: 'Provides a service for creating private tunnels and reaching private clusters from the outside, facilitating secure remote access as part of the @serve.zone stack.'
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSwyQkFBMkI7SUFDakMsT0FBTyxFQUFFLE9BQU87SUFDaEIsV0FBVyxFQUFFLHFLQUFxSztDQUNuTCxDQUFBIn0=

package/dist_ts/connector.private.d.ts

@@ -0,0 +1,6 @@
+export declare class ConnectorPrivate {
+    private targetHost;
+    private targetPort;
+    constructor(targetHost: string, targetPort?: number);
+    private connectToPublicRemoteConnector;
+}

package/dist_ts/connector.private.js

@@ -0,0 +1,31 @@
+import * as plugins from './plugins.js';
+export class ConnectorPrivate {
+    constructor(targetHost, targetPort = 4000) {
+        this.targetHost = targetHost;
+        this.targetPort = targetPort;
+        this.connectToPublicRemoteConnector();
+    }
+    connectToPublicRemoteConnector() {
+        const options = {
+            // Include CA certificate if necessary, for example:
+            // ca: fs.readFileSync('path/to/ca.pem'),
+            rejectUnauthorized: true // Only set this to true if you are sure about the server's certificate
+        };
+        const tunnel = plugins.tls.connect(this.targetPort, options, () => {
+            console.log('Connected to PublicRemoteConnector on port 4000');
+        });
+        tunnel.on('data', (data) => {
+            const targetConnection = plugins.tls.connect({
+                host: this.targetHost,
+                port: this.targetPort,
+                // Include necessary options for the target connection
+            }, () => {
+                targetConnection.write(data);
+            });
+            targetConnection.on('data', (backData) => {
+                tunnel.write(backData); // Send data back through the tunnel
+            });
+        });
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29ubmVjdG9yLnByaXZhdGUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9jb25uZWN0b3IucHJpdmF0ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGNBQWMsQ0FBQztBQUV4QyxNQUFNLE9BQU8sZ0JBQWdCO0lBSTNCLFlBQVksVUFBa0IsRUFBRSxhQUFxQixJQUFJO1FBQ3ZELElBQUksQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDO1FBQzdCLElBQUksQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDO1FBQzdCLElBQUksQ0FBQyw4QkFBOEIsRUFBRSxDQUFDO0lBQ3hDLENBQUM7SUFFTyw4QkFBOEI7UUFDcEMsTUFBTSxPQUFPLEdBQUc7WUFDZCxvREFBb0Q7WUFDcEQseUNBQXlDO1lBQ3pDLGtCQUFrQixFQUFFLElBQUksQ0FBQyx1RUFBdUU7U0FDakcsQ0FBQztRQUVGLE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRTtZQUNoRSxPQUFPLENBQUMsR0FBRyxDQUFDLGlEQUFpRCxDQUFDLENBQUM7UUFDakUsQ0FBQyxDQUFDLENBQUM7UUFFSCxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxDQUFDLElBQVksRUFBRSxFQUFFO1lBQ2pDLE1BQU0sZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUM7Z0JBQzNDLElBQUksRUFBRSxJQUFJLENBQUMsVUFBVTtnQkFDckIsSUFBSSxFQUFFLElBQUksQ0FBQyxVQUFVO2dCQUNyQixzREFBc0Q7YUFDdkQsRUFBRSxHQUFHLEVBQUU7Z0JBQ04sZ0JBQWdCLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQy9CLENBQUMsQ0FBQyxDQUFDO1lBRUgsZ0JBQWdCLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxDQUFDLFFBQWdCLEVBQUUsRUFBRTtnQkFDL0MsTUFBTSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLG9DQUFvQztZQUM5RCxDQUFDLENBQUMsQ0FBQztRQUNMLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGIn0=

package/dist_ts/connector.public.d.ts

@@ -0,0 +1,6 @@
+export declare class ConnectorPublic {
+    private tunnel;
+    constructor();
+    private createTunnel;
+    private listenOnPorts;
+}

package/dist_ts/connector.public.js

@@ -0,0 +1,40 @@
+import * as plugins from './plugins.js';
+export class ConnectorPublic {
+    constructor() {
+        this.tunnel = null;
+        this.createTunnel();
+        this.listenOnPorts();
+    }
+    createTunnel() {
+        const options = {
+            key: plugins.fs.readFileSync('path/to/key.pem'),
+            cert: plugins.fs.readFileSync('path/to/cert.pem'),
+        };
+        const server = plugins.tls.createServer(options, (socket) => {
+            this.tunnel = socket;
+            console.log('Tunnel established with LocalConnector');
+        });
+        server.listen(4000, () => {
+            console.log('PublicRemoteConnector listening for tunnel on port 4000');
+        });
+    }
+    listenOnPorts() {
+        // Example for port 80, adapt for port 443 similarly
+        // Note: TLS for the initial connection might not apply directly for HTTP/HTTPS traffic without additional setup
+        const options = {
+            key: plugins.fs.readFileSync('path/to/key.pem'),
+            cert: plugins.fs.readFileSync('path/to/cert.pem'),
+        };
+        plugins.tls.createServer(options, (socket) => {
+            console.log('Received connection, tunneling to LocalConnector');
+            if (this.tunnel) {
+                socket.pipe(this.tunnel).pipe(socket);
+            }
+            else {
+                console.log('Tunnel to LocalConnector not established');
+                socket.end();
+            }
+        }).listen(80); // Repeat this block for any other ports you wish to listen on
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29ubmVjdG9yLnB1YmxpYy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL2Nvbm5lY3Rvci5wdWJsaWMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxjQUFjLENBQUM7QUFFeEMsTUFBTSxPQUFPLGVBQWU7SUFHMUI7UUFGUSxXQUFNLEdBQWlDLElBQUksQ0FBQztRQUdsRCxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDcEIsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFFTyxZQUFZO1FBQ2xCLE1BQU0sT0FBTyxHQUFHO1lBQ2QsR0FBRyxFQUFFLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDO1lBQy9DLElBQUksRUFBRSxPQUFPLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxrQkFBa0IsQ0FBQztTQUNsRCxDQUFDO1FBRUYsTUFBTSxNQUFNLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsT0FBTyxFQUFFLENBQUMsTUFBNkIsRUFBRSxFQUFFO1lBQ2pGLElBQUksQ0FBQyxNQUFNLEdBQUcsTUFBTSxDQUFDO1lBQ3JCLE9BQU8sQ0FBQyxHQUFHLENBQUMsd0NBQXdDLENBQUMsQ0FBQztRQUN4RCxDQUFDLENBQUMsQ0FBQztRQUVILE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRTtZQUN2QixPQUFPLENBQUMsR0FBRyxDQUFDLHlEQUF5RCxDQUFDLENBQUM7UUFDekUsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sYUFBYTtRQUNuQixvREFBb0Q7UUFDcEQsZ0hBQWdIO1FBQ2hILE1BQU0sT0FBTyxHQUFHO1lBQ2QsR0FBRyxFQUFFLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDO1lBQy9DLElBQUksRUFBRSxPQUFPLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxrQkFBa0IsQ0FBQztTQUNsRCxDQUFDO1FBRUYsT0FBTyxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsT0FBTyxFQUFFLENBQUMsTUFBNkIsRUFBRSxFQUFFO1lBQ2xFLE9BQU8sQ0FBQyxHQUFHLENBQUMsa0RBQWtELENBQUMsQ0FBQztZQUNoRSxJQUFJLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDaEIsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3hDLENBQUM7aUJBQU0sQ0FBQztnQkFDTixPQUFPLENBQUMsR0FBRyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7Z0JBQ3hELE1BQU0sQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUNmLENBQUM7UUFDSCxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyw4REFBOEQ7SUFDL0UsQ0FBQztDQUNGIn0=

package/dist_ts/index.d.ts

@@ -0,0 +1,4 @@
+import { ConnectorPublic } from './connector.public.js';
+import { ConnectorPrivate } from './connector.private.js';
+export { ConnectorPublic, ConnectorPrivate };
+export declare const runCli: () => Promise<void>;

package/dist_ts/index.js

@@ -0,0 +1,9 @@
+import * as plugins from './plugins.js';
+import { ConnectorPublic } from './connector.public.js';
+import { ConnectorPrivate } from './connector.private.js';
+export { ConnectorPublic, ConnectorPrivate };
+export const runCli = async () => {
+    const qenv = new plugins.qenv.Qenv();
+    const mode = await qenv.getEnvVarOnDemand('MODE');
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGNBQWMsQ0FBQztBQUV4QyxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFDeEQsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sd0JBQXdCLENBQUM7QUFFMUQsT0FBTyxFQUNMLGVBQWUsRUFDZixnQkFBZ0IsRUFDakIsQ0FBQTtBQUVELE1BQU0sQ0FBQyxNQUFNLE1BQU0sR0FBRyxLQUFLLElBQUksRUFBRTtJQUMvQixNQUFNLElBQUksR0FBRyxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDckMsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsTUFBTSxDQUFDLENBQUM7QUFDcEQsQ0FBQyxDQUFBIn0=

package/dist_ts/plugins.d.ts

@@ -0,0 +1,7 @@
+/// <reference types="node" resolution-mode="require"/>
+/// <reference types="node" resolution-mode="require"/>
+import * as tls from 'tls';
+import * as fs from 'fs';
+export { tls, fs, };
+import * as qenv from '@push.rocks/qenv';
+export { qenv, };

package/dist_ts/plugins.js

@@ -0,0 +1,8 @@
+// node native scope
+import * as tls from 'tls';
+import * as fs from 'fs';
+export { tls, fs, };
+// @push.rocks scope
+import * as qenv from '@push.rocks/qenv';
+export { qenv, };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGx1Z2lucy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL3BsdWdpbnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsb0JBQW9CO0FBQ3BCLE9BQU8sS0FBSyxHQUFHLE1BQU0sS0FBSyxDQUFDO0FBQzNCLE9BQU8sS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBRXpCLE9BQU8sRUFDTCxHQUFHLEVBQ0gsRUFBRSxHQUNILENBQUE7QUFFRCxvQkFBb0I7QUFDcEIsT0FBTyxLQUFLLElBQUksTUFBTSxrQkFBa0IsQ0FBQztBQUV6QyxPQUFPLEVBQ0wsSUFBSSxHQUNMLENBQUEifQ==

package/npmextra.json

@@ -0,0 +1,38 @@
+{
+  "gitzone": {
+    "projectType": "npm",
+    "module": {
+      "githost": "code.foss.global",
+      "gitscope": "serve.zone",
+      "gitrepo": "remoteingress",
+      "description": "Provides a service for creating private tunnels and reaching private clusters from the outside, facilitating secure remote access as part of the @serve.zone stack.",
+      "npmPackagename": "@serve.zone/remoteingress",
+      "license": "MIT",
+      "projectDomain": "serve.zone",
+      "keywords": [
+        "remote access",
+        "private tunnels",
+        "network security",
+        "TLS encryption",
+        "connector",
+        "serve.zone stack",
+        "private clusters access",
+        "public access management",
+        "TypeScript application",
+        "node.js package",
+        "secure communications",
+        "TLS/SSL certificates",
+        "development tools",
+        "software development",
+        "private network integration"
+      ]
+    }
+  },
+  "npmci": {
+    "npmGlobalTools": [],
+    "npmAccessLevel": "public"
+  },
+  "tsdoc": {
+    "legal": "\n## License and Legal Information\n\nThis repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. \n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.\n\n### Company Information\n\nTask Venture Capital GmbH  \nRegistered at District court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or if you require further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
+  }
+}

package/package.json

@@ -0,0 +1,67 @@
+{
+  "name": "@serve.zone/remoteingress",
+  "version": "1.0.4",
+  "private": false,
+  "description": "Provides a service for creating private tunnels and reaching private clusters from the outside, facilitating secure remote access as part of the @serve.zone stack.",
+  "main": "dist_ts/index.js",
+  "typings": "dist_ts/index.d.ts",
+  "type": "module",
+  "author": "Task Venture Capital GmbH",
+  "license": "MIT",
+  "devDependencies": {
+    "@git.zone/tsbuild": "^2.1.25",
+    "@git.zone/tsbundle": "^2.0.5",
+    "@git.zone/tsrun": "^1.2.46",
+    "@git.zone/tstest": "^1.0.44",
+    "@push.rocks/tapbundle": "^5.0.15",
+    "@types/node": "^20.8.7"
+  },
+  "dependencies": {
+    "@push.rocks/qenv": "^6.0.5"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://code.foss.global/serve.zone/remoteingress.git"
+  },
+  "bugs": {
+    "url": "https://code.foss.global/serve.zone/remoteingress/issues"
+  },
+  "homepage": "https://code.foss.global/serve.zone/remoteingress#readme",
+  "browserslist": [
+    "last 1 chrome versions"
+  ],
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_*/**/*",
+    "dist_ts/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ],
+  "keywords": [
+    "remote access",
+    "private tunnels",
+    "network security",
+    "TLS encryption",
+    "connector",
+    "serve.zone stack",
+    "private clusters access",
+    "public access management",
+    "TypeScript application",
+    "node.js package",
+    "secure communications",
+    "TLS/SSL certificates",
+    "development tools",
+    "software development",
+    "private network integration"
+  ],
+  "scripts": {
+    "test": "(tstest test/ --web)",
+    "build": "(tsbuild --web --allowimplicitany)",
+    "buildDocs": "(tsdoc)"
+  }
+}

package/readme.hints.md

@@ -0,0 +1,3 @@
+* this module is part of the @serve.zone stack
+* it is used to reach private clusters from outside
+* it can be used to create private tunnels to private networks

package/readme.md

@@ -0,0 +1,107 @@
+# @serve.zone/remoteingress
+
+Provides a service for creating private tunnels and reaching private clusters from the outside as part of the @serve.zone stack.
+
+## Install
+
+To install `@serve.zone/remoteingress`, run the following command in your terminal:
+
+```sh
+npm install @serve.zone/remoteingress
+```
+
+This command will download and install the remoteingress package and its dependencies into your project.
+
+## Usage
+
+`@serve.zone/remoteingress` is designed to facilitate the creation of secure private tunnels and enable access to private clusters from external sources, offering an integral part of the @serve.zone stack infrastructure. Below, we illustrate how to employ this package within your project, leveraging TypeScript and ESM syntax for modern, type-safe, and modular code.
+
+### Prerequisites
+
+Ensure that you have Node.js and TypeScript installed in your environment. Your project should be set up with TypeScript support, and you might want to familiarize yourself with basic networking concepts and TLS/SSL for secure communication.
+
+### Importing and Initializing Connectors
+
+`@serve.zone/remoteingress` offers two primary components: `ConnectorPublic` and `ConnectorPrivate`. Here's how to use them:
+
+#### Setup ConnectorPublic
+
+`ConnectorPublic` acts as a gateway, accepting incoming tunnel connections from `ConnectorPrivate` instances and facilitating secure communication between the internet and your private network.
+
+```typescript
+import { ConnectorPublic } from '@serve.zone/remoteingress';
+
+// Initialize ConnectorPublic
+const publicConnector = new ConnectorPublic({
+  tlsOptions: {
+    key: fs.readFileSync("<path-to-your-tls/key.pem>"),
+    cert: fs.readFileSync("<path-to-your-cert/cert.pem>"),
+    // Consider including 'ca' and 'passphrase' if required for your setup
+  },
+  listenPort: 443 // Example listen port; adjust based on your needs
+});
+```
+
+#### Setup ConnectorPrivate
+
+`ConnectorPrivate` establishes a secure tunnel to `ConnectorPublic`, effectively bridging your internal services with the external point of access.
+
+```typescript
+import { ConnectorPrivate } from '@serve.zone/remoteingress';
+
+// Initialize ConnectorPrivate pointing to your ConnectorPublic instance
+const privateConnector = new ConnectorPrivate({
+  publicHost: 'your.public.domain.tld',
+  publicPort: 443, // Ensure this matches the listening port of ConnectorPublic
+  tlsOptions: {
+    // You might want to specify TLS options here, similar to ConnectorPublic
+  }
+});
+```
+
+### Secure Communication
+
+It's imperative to ensure that the communication between `ConnectorPublic` and `ConnectorPrivate` is secure:
+
+- Always use valid TLS certificates.
+- Prefer using certificates issued by recognized Certificate Authorities (CA).
+- Optionally, configure mutual TLS (mTLS) by requiring client certificates for an added layer of security.
+
+### Advanced Usage
+
+Both connectors can be finely tuned:
+
+- **Logging and Monitoring:** Integrate with your existing logging and monitoring systems to keep tabs on tunnel activity, performance metrics, and potential security anomalies.
+
+- **Custom Handlers:** Implement custom traffic handling logic for specialized routing, filtering, or protocol-specific processing.
+
+- **Automation:** Automate the deployment and scaling of both `ConnectorPublic` and `ConnectorPrivate` instances using infrastructure-as-code (IAC) tools and practices, ensuring that your tunneling infrastructure can dynamically adapt to the ever-changing needs of your services.
+
+### Example Scenarios
+
+1. **Securing Application APIs:** Use `@serve.zone/remoteingress` to expose private APIs to your frontend deployed on a public cloud, ensuring that only your infrastructure can access these endpoints.
+
+2. **Remote Database Access:** Securely access databases within a private VPC from your local development machine without opening direct access to the internet.
+
+3. **Service Mesh Integration:** Integrate `@serve.zone/remoteingress` as part of a service mesh setup to securely connect services across multiple clusters with robust identity and encryption at the tunnel level.
+
+For detailed documentation, API references, and additional use cases, please refer to the inline documentation and source code within the package. Always prioritize security and robustness when dealing with network ingress to protect your infrastructure and data from unauthorized access and threats.
+
+## License and Legal Information
+
+This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. 
+
+**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
+
+### Trademarks
+
+This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
+
+### Company Information
+
+Task Venture Capital GmbH  
+Registered at District court Bremen HRB 35230 HB, Germany
+
+For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
+
+By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.

package/ts/00_commitinfo_data.ts

@@ -0,0 +1,8 @@
+/**
+ * autocreated commitinfo by @pushrocks/commitinfo
+ */
+export const commitinfo = {
+  name: '@serve.zone/remoteingress',
+  version: '1.0.4',
+  description: 'Provides a service for creating private tunnels and reaching private clusters from the outside, facilitating secure remote access as part of the @serve.zone stack.'
+}

package/ts/connector.private.ts

@@ -0,0 +1,38 @@
+import * as plugins from './plugins.js';
+
+export class ConnectorPrivate {
+  private targetHost: string;
+  private targetPort: number;
+
+  constructor(targetHost: string, targetPort: number = 4000) {
+    this.targetHost = targetHost;
+    this.targetPort = targetPort;
+    this.connectToPublicRemoteConnector();
+  }
+
+  private connectToPublicRemoteConnector(): void {
+    const options = {
+      // Include CA certificate if necessary, for example:
+      // ca: fs.readFileSync('path/to/ca.pem'),
+      rejectUnauthorized: true // Only set this to true if you are sure about the server's certificate
+    };
+
+    const tunnel = plugins.tls.connect(this.targetPort, options, () => {
+      console.log('Connected to PublicRemoteConnector on port 4000');
+    });
+
+    tunnel.on('data', (data: Buffer) => {
+      const targetConnection = plugins.tls.connect({
+        host: this.targetHost,
+        port: this.targetPort,
+        // Include necessary options for the target connection
+      }, () => {
+        targetConnection.write(data);
+      });
+
+      targetConnection.on('data', (backData: Buffer) => {
+        tunnel.write(backData); // Send data back through the tunnel
+      });
+    });
+  }
+}

package/ts/connector.public.ts

@@ -0,0 +1,45 @@
+import * as plugins from './plugins.js';
+
+export class ConnectorPublic {
+  private tunnel: plugins.tls.TLSSocket | null = null;
+
+  constructor() {
+    this.createTunnel();
+    this.listenOnPorts();
+  }
+
+  private createTunnel(): void {
+    const options = {
+      key: plugins.fs.readFileSync('path/to/key.pem'),
+      cert: plugins.fs.readFileSync('path/to/cert.pem'),
+    };
+
+    const server = plugins.tls.createServer(options, (socket: plugins.tls.TLSSocket) => {
+      this.tunnel = socket;
+      console.log('Tunnel established with LocalConnector');
+    });
+
+    server.listen(4000, () => {
+      console.log('PublicRemoteConnector listening for tunnel on port 4000');
+    });
+  }
+
+  private listenOnPorts(): void {
+    // Example for port 80, adapt for port 443 similarly
+    // Note: TLS for the initial connection might not apply directly for HTTP/HTTPS traffic without additional setup
+    const options = {
+      key: plugins.fs.readFileSync('path/to/key.pem'),
+      cert: plugins.fs.readFileSync('path/to/cert.pem'),
+    };
+
+    plugins.tls.createServer(options, (socket: plugins.tls.TLSSocket) => {
+      console.log('Received connection, tunneling to LocalConnector');
+      if (this.tunnel) {
+        socket.pipe(this.tunnel).pipe(socket);
+      } else {
+        console.log('Tunnel to LocalConnector not established');
+        socket.end();
+      }
+    }).listen(80); // Repeat this block for any other ports you wish to listen on
+  }
+}

package/ts/index.ts

@@ -0,0 +1,14 @@
+import * as plugins from './plugins.js';
+
+import { ConnectorPublic } from './connector.public.js';
+import { ConnectorPrivate } from './connector.private.js';
+
+export {
+  ConnectorPublic,
+  ConnectorPrivate
+}
+
+export const runCli = async () => {
+  const qenv = new plugins.qenv.Qenv();
+  const mode = await qenv.getEnvVarOnDemand('MODE');
+}

package/ts/plugins.ts

@@ -0,0 +1,15 @@
+// node native scope
+import * as tls from 'tls';
+import * as fs from 'fs';
+
+export {
+  tls,
+  fs,
+}
+
+// @push.rocks scope
+import * as qenv from '@push.rocks/qenv';
+
+export {
+  qenv,
+}