dominds 1.25.18 → 1.26.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -0
- package/README.zh.md +17 -0
- package/dist/apps/runtime.d.ts +2 -4
- package/dist/apps-host/client.d.ts +2 -5
- package/dist/apps-host/ipc-types.d.ts +2 -5
- package/dist/apps-host/ipc-types.js +5 -1
- package/dist/bootstrap/rtws-cli.d.ts +0 -1
- package/dist/bootstrap/rtws-cli.js +9 -3
- package/dist/cli/cert.d.ts +2 -0
- package/dist/cli/cert.js +198 -0
- package/dist/cli/create.d.ts +1 -1
- package/dist/cli/create.js +1 -1
- package/dist/cli/read.js +1 -1
- package/dist/cli/tui.js +1 -1
- package/dist/cli/webui.d.ts +1 -1
- package/dist/cli/webui.js +35 -5
- package/dist/cli.d.ts +1 -0
- package/dist/cli.js +21 -16
- package/dist/docs/cli-usage.md +43 -7
- package/dist/docs/cli-usage.zh.md +43 -7
- package/dist/docs/dialog-persistence.md +1 -1
- package/dist/docs/dominds-terminology.md +2 -2
- package/dist/server/auth.d.ts +7 -0
- package/dist/server/auth.js +15 -4
- package/dist/server/certificates.d.ts +61 -0
- package/dist/server/certificates.js +418 -0
- package/dist/server/dominds-self-update-restart-helper.d.ts +15 -0
- package/dist/server/dominds-self-update-restart-helper.js +305 -0
- package/dist/server/dominds-self-update.js +162 -120
- package/dist/server/network-hosts.d.ts +5 -0
- package/dist/server/network-hosts.js +188 -0
- package/dist/server/server-core.d.ts +12 -1
- package/dist/server/server-core.js +26 -4
- package/dist/server/websocket-handler.d.ts +3 -2
- package/dist/server/websocket-handler.js +15 -8
- package/dist/server.d.ts +5 -0
- package/dist/server.js +105 -10
- package/package.json +3 -3
package/dist/docs/cli-usage.md
CHANGED
|
@@ -4,7 +4,7 @@ Chinese version: [中文版](./cli-usage.zh.md)
|
|
|
4
4
|
|
|
5
5
|
The `dominds` CLI provides a unified entry point, but the **primary interaction experience is the Web UI** (the default `dominds` command). This guide focuses on the Web UI workflow.
|
|
6
6
|
|
|
7
|
-
> Note: In this document, **rtws (runtime workspace)** refers to the runtime root directory Dominds uses (by default `process.cwd()`, switchable via `-C <dir
|
|
7
|
+
> Note: In this document, **rtws (runtime workspace)** refers to the runtime root directory Dominds uses (by default `process.cwd()`, switchable via `-C <abs-dir>`; `-C` only accepts absolute paths).
|
|
8
8
|
|
|
9
9
|
> Note: `dominds tui` / `dominds run` are currently reserved subcommand names and do not have a stable implementation yet. As a result, this guide does not document TUI options or detailed usage.
|
|
10
10
|
|
|
@@ -18,6 +18,7 @@ The `dominds` CLI provides a unified entry point, but the **primary interaction
|
|
|
18
18
|
- [Web UI Interface](#web-ui-interface)
|
|
19
19
|
- [Text User Interface (TUI) (Not Implemented Yet)](#text-user-interface-tui-not-implemented-yet)
|
|
20
20
|
- [Minds Reader](#minds-reader)
|
|
21
|
+
- [Certificate Tools](#certificate-tools)
|
|
21
22
|
- [rtws Creation](#rtws-creation)
|
|
22
23
|
- [Usage Examples](#usage-examples)
|
|
23
24
|
- [Dialog Storage](#dialog-storage)
|
|
@@ -32,6 +33,7 @@ The `dominds` package provides a unified CLI with subcommands:
|
|
|
32
33
|
| `dominds` or `dominds webui` | Start Web UI (default, recommended) | Web UI |
|
|
33
34
|
| `dominds tui` or `dominds run` | Terminal UI (planned; no stable implementation at the moment) | N/A |
|
|
34
35
|
| `dominds read` | Read and inspect rtws/team minds configuration | CLI |
|
|
36
|
+
| `dominds cert` | Create and inspect local WebUI HTTPS certificates | CLI |
|
|
35
37
|
| `dominds create` or `dominds new` | Create a new rtws (runtime workspace) from a template | CLI |
|
|
36
38
|
| `dominds help` | Show help message | CLI |
|
|
37
39
|
| `dominds --version` | Show version information | CLI |
|
|
@@ -49,11 +51,16 @@ dominds webui [options]
|
|
|
49
51
|
|
|
50
52
|
# Common: choose port / rtws
|
|
51
53
|
dominds webui -p 8080
|
|
52
|
-
dominds webui -C
|
|
54
|
+
dominds webui -C /path/to/my-rtws
|
|
53
55
|
|
|
54
56
|
# Minds reader: inspect team configuration
|
|
55
57
|
dominds read [options] [member-id]
|
|
56
58
|
|
|
59
|
+
# Certificate tools: create/inspect local HTTPS certificates
|
|
60
|
+
dominds cert create [--host <host>] [--days <days>] [--force]
|
|
61
|
+
dominds cert self-cert [--host <host>] [--days <days>] [--force]
|
|
62
|
+
dominds cert status --host <host> [--port <port>] [--origin]
|
|
63
|
+
|
|
57
64
|
# rtws creation: scaffold a new runtime workspace
|
|
58
65
|
dominds create <template> [directory]
|
|
59
66
|
dominds new <template> [directory] # alias for create
|
|
@@ -83,7 +90,7 @@ Start the web-based user interface for the current rtws. This provides a graphic
|
|
|
83
90
|
|
|
84
91
|
- `-p, --port <port>` - Port to listen on; a bare port binds strictly, suffix `+` tries higher ports, and suffix `-` tries lower ports (omitting `--port` is equivalent to `5666-`)
|
|
85
92
|
- `-h, --host <host>` - Host to bind to (default: localhost)
|
|
86
|
-
- `-C, --cwd <dir>` - Change to rtws directory before starting
|
|
93
|
+
- `-C, --cwd <abs-dir>` - Change to rtws directory before starting; absolute paths only
|
|
87
94
|
- `--help` - Show help message
|
|
88
95
|
|
|
89
96
|
**Examples:**
|
|
@@ -92,7 +99,7 @@ Start the web-based user interface for the current rtws. This provides a graphic
|
|
|
92
99
|
dominds
|
|
93
100
|
dominds webui -p 8080
|
|
94
101
|
dominds webui -p 8080+
|
|
95
|
-
dominds webui -C
|
|
102
|
+
dominds webui -C /path/to/my-rtws
|
|
96
103
|
```
|
|
97
104
|
|
|
98
105
|
**Common use cases:**
|
|
@@ -122,7 +129,7 @@ Read and inspect agent prompts/configuration for the rtws. This is commonly used
|
|
|
122
129
|
|
|
123
130
|
**Options:**
|
|
124
131
|
|
|
125
|
-
- `-C, --cwd <dir>` - Change to rtws directory before reading
|
|
132
|
+
- `-C, --cwd <abs-dir>` - Change to rtws directory before reading; absolute paths only
|
|
126
133
|
- `--only-prompt` - Show only system prompts
|
|
127
134
|
- `--only-mem` - Show only memory
|
|
128
135
|
- `--help` - Show help message
|
|
@@ -132,11 +139,40 @@ Read and inspect agent prompts/configuration for the rtws. This is commonly used
|
|
|
132
139
|
```bash
|
|
133
140
|
dominds read
|
|
134
141
|
dominds read developer
|
|
135
|
-
dominds read -C
|
|
142
|
+
dominds read -C /path/to/my-rtws
|
|
136
143
|
dominds read --only-prompt
|
|
137
144
|
dominds read --only-mem
|
|
138
145
|
```
|
|
139
146
|
|
|
147
|
+
### Certificate Tools
|
|
148
|
+
|
|
149
|
+
```bash
|
|
150
|
+
dominds cert create [--host <host>] [--days <days>] [--force]
|
|
151
|
+
dominds cert self-cert [--host <host>] [--days <days>] [--force]
|
|
152
|
+
dominds cert status --host <host> [--port <port>] [--origin]
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
Create or inspect local HTTPS certificates for the Dominds WebUI. Certificates live in `~/.dominds/certs/` and match DNS/IP hostnames, not ports; one certificate covers every WebUI port on that host.
|
|
156
|
+
|
|
157
|
+
**Options:**
|
|
158
|
+
|
|
159
|
+
- `--host <host>` - Certificate SAN hostname or IP; repeatable for certificate creation; defaults to one or more detected non-loopback LAN hosts
|
|
160
|
+
- `--days <days>` - Certificate validity in days (default: 3650, or 10 years)
|
|
161
|
+
- `--force` - Overwrite existing generated files
|
|
162
|
+
- `--port <port>` - Port used when formatting `status --origin`
|
|
163
|
+
- `--origin` - Print only the effective origin; HTTPS when a cert matches, HTTP otherwise
|
|
164
|
+
|
|
165
|
+
**Examples:**
|
|
166
|
+
|
|
167
|
+
```bash
|
|
168
|
+
dominds cert create
|
|
169
|
+
dominds cert create --host 192.168.1.10 --host my-host.local
|
|
170
|
+
dominds cert status --host 0.0.0.0
|
|
171
|
+
dominds cert status --host 0.0.0.0 --port 5666 --origin
|
|
172
|
+
```
|
|
173
|
+
|
|
174
|
+
`localhost`, `loopback`, `127.0.0.0/8`, `::1`, `0.0.0.0`, and `::` are not certificate hosts. `0.0.0.0` / `::` only mean bind-all; certificate matching uses detected non-loopback LAN hosts.
|
|
175
|
+
|
|
140
176
|
### rtws Creation
|
|
141
177
|
|
|
142
178
|
```bash
|
|
@@ -190,7 +226,7 @@ dominds
|
|
|
190
226
|
dominds webui -p 8080
|
|
191
227
|
|
|
192
228
|
# 3) Start in a specific rtws
|
|
193
|
-
dominds webui -C
|
|
229
|
+
dominds webui -C /path/to/my-rtws
|
|
194
230
|
|
|
195
231
|
# 4) Inspect current team/rtws configuration
|
|
196
232
|
dominds read
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
`dominds` 提供统一的命令行入口,但**主要交互界面是 Web UI**(默认命令 `dominds`)。本文档以 Web UI 工作流为主。
|
|
6
6
|
|
|
7
|
-
> 注:本文统一使用 **rtws(运行时工作区)** 表示 Dominds 运行时使用的根目录(默认等于 `process.cwd()`,可通过 `-C <dir>`
|
|
7
|
+
> 注:本文统一使用 **rtws(运行时工作区)** 表示 Dominds 运行时使用的根目录(默认等于 `process.cwd()`,可通过 `-C <abs-dir>` 切换;`-C` 只接受绝对路径)。
|
|
8
8
|
|
|
9
9
|
> 说明:`dominds tui` / `dominds run` 相关功能目前尚未提供稳定实现(子命令名保留用于未来规划),因此本指南不再展开 TUI 的命令选项与用法细节。
|
|
10
10
|
|
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
- [Web UI 界面](#web-ui-界面)
|
|
19
19
|
- [文本用户界面 (TUI)(尚未实现)](#文本用户界面-tui尚未实现)
|
|
20
20
|
- [Minds 阅读器](#minds-阅读器)
|
|
21
|
+
- [证书工具](#证书工具)
|
|
21
22
|
- [rtws 创建](#rtws-创建)
|
|
22
23
|
- [使用示例](#使用示例)
|
|
23
24
|
- [对话存储](#对话存储)
|
|
@@ -32,6 +33,7 @@
|
|
|
32
33
|
| `dominds` 或 `dominds webui` | 启动 Web UI(默认、推荐) | Web UI |
|
|
33
34
|
| `dominds tui` 或 `dominds run` | 终端界面(规划中;当前版本暂不提供稳定) | N/A |
|
|
34
35
|
| `dominds read` | 读取/分析团队 minds 配置 | CLI |
|
|
36
|
+
| `dominds cert` | 创建/检查本机 WebUI HTTPS 证书 | CLI |
|
|
35
37
|
| `dominds create` 或 `dominds new` | 从模板创建新 rtws(运行时工作区) | CLI |
|
|
36
38
|
| `dominds help` | 显示帮助消息 | CLI |
|
|
37
39
|
| `dominds --version` | 显示版本信息 | CLI |
|
|
@@ -49,11 +51,16 @@ dominds webui [options]
|
|
|
49
51
|
|
|
50
52
|
# 常用:指定端口 / rtws
|
|
51
53
|
dominds webui -p 8080
|
|
52
|
-
dominds webui -C
|
|
54
|
+
dominds webui -C /path/to/my-rtws
|
|
53
55
|
|
|
54
56
|
# Minds 阅读器:分析团队配置
|
|
55
57
|
dominds read [options] [member-id]
|
|
56
58
|
|
|
59
|
+
# 证书工具:创建/检查本机 HTTPS 证书
|
|
60
|
+
dominds cert create [--host <host>] [--days <days>] [--force]
|
|
61
|
+
dominds cert self-cert [--host <host>] [--days <days>] [--force]
|
|
62
|
+
dominds cert status --host <host> [--port <port>] [--origin]
|
|
63
|
+
|
|
57
64
|
# rtws 创建:搭建新项目/运行时工作区
|
|
58
65
|
dominds create <template> [directory]
|
|
59
66
|
dominds new <template> [directory] # create 的别名
|
|
@@ -83,7 +90,7 @@ dominds webui [options]
|
|
|
83
90
|
|
|
84
91
|
- `-p, --port <port>` - 监听端口;裸端口严格绑定,后缀 `+` 向更大端口自动尝试,后缀 `-` 向更小端口自动尝试(未指定时等价于 `5666-`)
|
|
85
92
|
- `-h, --host <host>` - 绑定的主机(默认:localhost)
|
|
86
|
-
- `-C, --cwd <dir>` - 启动前更改 rtws
|
|
93
|
+
- `-C, --cwd <abs-dir>` - 启动前更改 rtws 目录;只接受绝对路径
|
|
87
94
|
- `--help` - 显示帮助消息
|
|
88
95
|
|
|
89
96
|
**示例:**
|
|
@@ -99,7 +106,7 @@ dominds webui -p 8080
|
|
|
99
106
|
dominds webui -p 8080+
|
|
100
107
|
|
|
101
108
|
# 在特定 rtws 启动 Web UI
|
|
102
|
-
dominds webui -C
|
|
109
|
+
dominds webui -C /path/to/my-rtws
|
|
103
110
|
```
|
|
104
111
|
|
|
105
112
|
**常见用途:**
|
|
@@ -129,7 +136,7 @@ dominds read [options] [member-id]
|
|
|
129
136
|
|
|
130
137
|
**选项:**
|
|
131
138
|
|
|
132
|
-
- `-C, --cwd <dir>` - 读取前更改 rtws
|
|
139
|
+
- `-C, --cwd <abs-dir>` - 读取前更改 rtws 目录;只接受绝对路径
|
|
133
140
|
- `--only-prompt` - 仅显示系统提示词
|
|
134
141
|
- `--only-mem` - 仅显示内存
|
|
135
142
|
- `--help` - 显示帮助消息
|
|
@@ -139,11 +146,40 @@ dominds read [options] [member-id]
|
|
|
139
146
|
```bash
|
|
140
147
|
dominds read
|
|
141
148
|
dominds read developer
|
|
142
|
-
dominds read -C
|
|
149
|
+
dominds read -C /path/to/my-rtws
|
|
143
150
|
dominds read --only-prompt
|
|
144
151
|
dominds read --only-mem
|
|
145
152
|
```
|
|
146
153
|
|
|
154
|
+
### 证书工具
|
|
155
|
+
|
|
156
|
+
```bash
|
|
157
|
+
dominds cert create [--host <host>] [--days <days>] [--force]
|
|
158
|
+
dominds cert self-cert [--host <host>] [--days <days>] [--force]
|
|
159
|
+
dominds cert status --host <host> [--port <port>] [--origin]
|
|
160
|
+
```
|
|
161
|
+
|
|
162
|
+
创建或检查 Dominds WebUI 的本机 HTTPS 证书。证书保存在 `~/.dominds/certs/`,按 DNS/IP 主机名匹配,不绑定端口;同一张证书可覆盖该主机上的所有 WebUI 端口。
|
|
163
|
+
|
|
164
|
+
**选项:**
|
|
165
|
+
|
|
166
|
+
- `--host <host>` - 证书 SAN 主机名或 IP;创建证书时可重复指定;未指定时使用检测到的一个或多个非 loopback LAN 主机
|
|
167
|
+
- `--days <days>` - 证书有效天数(默认:3650,即 10 年)
|
|
168
|
+
- `--force` - 覆盖已有的同名生成文件
|
|
169
|
+
- `--port <port>` - `status --origin` 输出 URL 时使用的端口
|
|
170
|
+
- `--origin` - 仅输出有效访问 origin;找到证书时输出 HTTPS,否则输出 HTTP
|
|
171
|
+
|
|
172
|
+
**示例:**
|
|
173
|
+
|
|
174
|
+
```bash
|
|
175
|
+
dominds cert create
|
|
176
|
+
dominds cert create --host 192.168.1.10 --host my-host.local
|
|
177
|
+
dominds cert status --host 0.0.0.0
|
|
178
|
+
dominds cert status --host 0.0.0.0 --port 5666 --origin
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
`localhost`、`loopback`、`127.0.0.0/8`、`::1`、`0.0.0.0`、`::` 不会作为 HTTPS 证书主机。`0.0.0.0` / `::` 只表示绑定所有地址,匹配证书时会使用检测到的非 loopback LAN 主机。
|
|
182
|
+
|
|
147
183
|
### rtws 创建
|
|
148
184
|
|
|
149
185
|
```bash
|
|
@@ -204,7 +240,7 @@ dominds
|
|
|
204
240
|
dominds webui -p 8080
|
|
205
241
|
|
|
206
242
|
# 3) 在特定 rtws 启动
|
|
207
|
-
dominds webui -C
|
|
243
|
+
dominds webui -C /path/to/my-rtws
|
|
208
244
|
|
|
209
245
|
# 4) 查看/核对当前团队配置
|
|
210
246
|
dominds read
|
|
@@ -4,7 +4,7 @@ Chinese version: [中文版](./dialog-persistence.zh.md)
|
|
|
4
4
|
|
|
5
5
|
This document describes the persistence layer and storage mechanisms for the Dominds dialog system, including file system conventions, data structures, and storage patterns.
|
|
6
6
|
|
|
7
|
-
> Note: In this document, **rtws (runtime workspace)** refers to Dominds' runtime root directory (by default `process.cwd()`, switchable via `-C <dir
|
|
7
|
+
> Note: In this document, **rtws (runtime workspace)** refers to Dominds' runtime root directory (by default `process.cwd()`, switchable via `-C <abs-dir>`; `-C` only accepts absolute paths).
|
|
8
8
|
|
|
9
9
|
## Current Implementation Status
|
|
10
10
|
|
|
@@ -264,8 +264,8 @@ Example / 示例(概念):
|
|
|
264
264
|
|
|
265
265
|
### rtws(运行时工作区)
|
|
266
266
|
|
|
267
|
-
- EN: **rtws** (runtime workspace) is the directory Dominds treats as its runtime root (by default it is `process.cwd()`, and can be changed via `-C <dir
|
|
268
|
-
- ZH: **rtws(运行时工作区)**是 Dominds 运行时使用的根目录(默认等于 `process.cwd()`,可通过 `-C <dir>`
|
|
267
|
+
- EN: **rtws** (runtime workspace) is the directory Dominds treats as its runtime root (by default it is `process.cwd()`, and can be changed via `-C <abs-dir>`; `-C` only accepts absolute paths). Files like `.minds/` and `.dialogs/` live under the rtws.
|
|
268
|
+
- ZH: **rtws(运行时工作区)**是 Dominds 运行时使用的根目录(默认等于 `process.cwd()`,可通过 `-C <abs-dir>` 切换;`-C` 只接受绝对路径)。诸如 `.minds/`、`.dialogs/` 等运行态目录均位于 rtws 下。
|
|
269
269
|
|
|
270
270
|
- EN: Wording rule: when the meaning is **rtws**, prefer writing “rtws (runtime workspace)” (or just “rtws” after the first mention) rather than the ambiguous generic “workspace”.
|
|
271
271
|
- ZH: 用词规则:当语义指向 **rtws** 时,优先写“rtws(运行时工作区)”(或在已定义后只写“rtws”),避免在对外提示/文档中只写“工作区”从而与其他语境的 workspace/workdir 混淆。
|
package/dist/server/auth.d.ts
CHANGED
|
@@ -37,7 +37,14 @@ export declare function isAuthEnabled(auth: AuthConfig): auth is Extract<AuthCon
|
|
|
37
37
|
export declare function getHttpAuthCheck(req: IncomingMessage, auth: AuthConfig): AuthCheckResult;
|
|
38
38
|
export declare function getHttpAuthCheckAllowUrlParam(req: IncomingMessage, auth: AuthConfig, requestUrl: URL): AuthCheckResult;
|
|
39
39
|
export declare function getWebSocketAuthCheck(req: IncomingMessage, auth: AuthConfig): AuthCheckResult;
|
|
40
|
+
export type ServerUrlScheme = 'http' | 'https';
|
|
41
|
+
export declare function formatServerOrigin(params: {
|
|
42
|
+
scheme: ServerUrlScheme;
|
|
43
|
+
host: string;
|
|
44
|
+
port: number;
|
|
45
|
+
}): string;
|
|
40
46
|
export declare function formatAutoAuthUrl(params: {
|
|
47
|
+
scheme?: ServerUrlScheme;
|
|
41
48
|
host: string;
|
|
42
49
|
port: number;
|
|
43
50
|
authKey: string;
|
package/dist/server/auth.js
CHANGED
|
@@ -53,6 +53,7 @@ exports.isAuthEnabled = isAuthEnabled;
|
|
|
53
53
|
exports.getHttpAuthCheck = getHttpAuthCheck;
|
|
54
54
|
exports.getHttpAuthCheckAllowUrlParam = getHttpAuthCheckAllowUrlParam;
|
|
55
55
|
exports.getWebSocketAuthCheck = getWebSocketAuthCheck;
|
|
56
|
+
exports.formatServerOrigin = formatServerOrigin;
|
|
56
57
|
exports.formatAutoAuthUrl = formatAutoAuthUrl;
|
|
57
58
|
const crypto = __importStar(require("crypto"));
|
|
58
59
|
function computeAuthConfig(params) {
|
|
@@ -129,14 +130,24 @@ function getWebSocketAuthCheck(req, auth) {
|
|
|
129
130
|
? { kind: 'ok' }
|
|
130
131
|
: { kind: 'unauthorized', reason: 'invalid' };
|
|
131
132
|
}
|
|
133
|
+
function formatServerOrigin(params) {
|
|
134
|
+
const visibleHost = normalizeHostForUrl(params.host, params.scheme);
|
|
135
|
+
return `${params.scheme}://${visibleHost}:${params.port}`;
|
|
136
|
+
}
|
|
132
137
|
function formatAutoAuthUrl(params) {
|
|
133
|
-
|
|
134
|
-
|
|
138
|
+
return `${formatServerOrigin({
|
|
139
|
+
scheme: params.scheme ?? 'http',
|
|
140
|
+
host: params.host,
|
|
141
|
+
port: params.port,
|
|
142
|
+
})}/?auth=${encodeURIComponent(params.authKey)}`;
|
|
135
143
|
}
|
|
136
|
-
function normalizeHostForUrl(host) {
|
|
144
|
+
function normalizeHostForUrl(host, scheme) {
|
|
137
145
|
// Binding to 0.0.0.0/:: is common, but not a browsable "host".
|
|
138
|
-
|
|
146
|
+
// For HTTPS, preserve the certificate-matched bind host to avoid creating a hostname mismatch.
|
|
147
|
+
if (scheme === 'http' && (host === '0.0.0.0' || host === '::'))
|
|
139
148
|
return 'localhost';
|
|
149
|
+
if (host.includes(':') && !host.startsWith('['))
|
|
150
|
+
return `[${host}]`;
|
|
140
151
|
return host;
|
|
141
152
|
}
|
|
142
153
|
function generateAuthKey() {
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
export declare const DEFAULT_SELF_SIGNED_CERT_DAYS = 3650;
|
|
2
|
+
export type HttpsCertificateMaterial = {
|
|
3
|
+
cert: string;
|
|
4
|
+
key: string;
|
|
5
|
+
certPath: string;
|
|
6
|
+
keyPath: string;
|
|
7
|
+
matchedHost: string;
|
|
8
|
+
matchedHostPriority: number;
|
|
9
|
+
validTo: Date;
|
|
10
|
+
};
|
|
11
|
+
export type CertificateLookupEndpoint = Readonly<{
|
|
12
|
+
bindHost: string;
|
|
13
|
+
urlHost: string;
|
|
14
|
+
}>;
|
|
15
|
+
export type CertificateLookupDiagnostic = {
|
|
16
|
+
level: 'warn';
|
|
17
|
+
code: 'invalid_cert_file' | 'missing_key_file' | 'invalid_key_pair' | 'expired_or_not_yet_valid';
|
|
18
|
+
message: string;
|
|
19
|
+
certPath: string;
|
|
20
|
+
keyPath?: string;
|
|
21
|
+
} | {
|
|
22
|
+
level: 'warn';
|
|
23
|
+
code: 'multiple_matching_certs';
|
|
24
|
+
message: string;
|
|
25
|
+
host: string;
|
|
26
|
+
certPaths: readonly string[];
|
|
27
|
+
};
|
|
28
|
+
export type CertificateLookupResult = {
|
|
29
|
+
kind: 'found';
|
|
30
|
+
certsDirAbs: string;
|
|
31
|
+
endpoint: CertificateLookupEndpoint;
|
|
32
|
+
certificate: HttpsCertificateMaterial;
|
|
33
|
+
diagnostics: readonly CertificateLookupDiagnostic[];
|
|
34
|
+
} | {
|
|
35
|
+
kind: 'not_found';
|
|
36
|
+
certsDirAbs: string;
|
|
37
|
+
endpoint: CertificateLookupEndpoint;
|
|
38
|
+
diagnostics: readonly CertificateLookupDiagnostic[];
|
|
39
|
+
};
|
|
40
|
+
export type CreatedSelfSignedCertificate = {
|
|
41
|
+
host: string;
|
|
42
|
+
hosts: readonly string[];
|
|
43
|
+
days: number;
|
|
44
|
+
certsDirAbs: string;
|
|
45
|
+
certPath: string;
|
|
46
|
+
keyPath: string;
|
|
47
|
+
metadataPath: string;
|
|
48
|
+
};
|
|
49
|
+
export declare function getDefaultDomindsCertsDir(): string;
|
|
50
|
+
export declare function findAutoHttpsCertificateForHost(params: {
|
|
51
|
+
host: string;
|
|
52
|
+
certsDirAbs?: string;
|
|
53
|
+
now?: Date;
|
|
54
|
+
}): Promise<CertificateLookupResult>;
|
|
55
|
+
export declare function createSelfSignedCertificate(params: {
|
|
56
|
+
host?: string;
|
|
57
|
+
altHosts?: readonly string[];
|
|
58
|
+
days?: number;
|
|
59
|
+
certsDirAbs?: string;
|
|
60
|
+
force?: boolean;
|
|
61
|
+
}): Promise<CreatedSelfSignedCertificate>;
|