hfs 0.26.6 → 0.26.8

package/src/commands.ts

@@ -0,0 +1,122 @@
+import { addAccount, getAccount, updateAccount } from './perm'
+import { getConfig, getConfigDefinition, setConfig } from './config'
+import _ from 'lodash'
+import { getUpdate, update } from './update'
+import { openAdmin } from './listen'
+import yaml from 'yaml'
+import { BUILD_TIMESTAMP, VERSION } from './const'
+import { createInterface } from 'readline'
+
+try {
+    /*
+    is this try-block useful in case the stdin is unavailable?
+    Not sure, but someone reported a problem using nohup https://github.com/rejetto/hfs/issues/74
+    and I've found this example try-catching https://github.com/DefinitelyTyped/DefinitelyTyped/blob/dda83a906914489e09ca28afea12948529015d4a/types/node/readline.d.ts#L489
+    */
+    createInterface({ input: process.stdin }).on('line', parseCommandLine)
+    console.log(`HINT: type "help" for help`)
+}
+catch {
+    console.log("console commands not available")
+}
+
+function parseCommandLine(line: string) {
+    if (!line) return
+    const [name, ...params] = line.trim().split(/ +/)
+    const cmd = (commands as any)[name]
+    if (!cmd)
+        return console.error("cannot understand entered command, try 'help'")
+    if (cmd.cb.length > params.length)
+        return console.error("insufficient parameters, expected: " + cmd.params)
+    cmd.cb(...params).then(() =>console.log("+++ command executed"),
+        (err: any) => {
+            if (typeof err === 'string')
+                console.error("command failed:", err)
+            else
+                throw err
+        })
+}
+
+const commands = {
+    help: {
+        params: '',
+        async cb() {
+            console.log("supported commands:",
+                ..._.map(commands, ({ params }, name) =>
+                    '\n - ' + name + ' ' + params))
+        }
+    },
+    'show-admin': {
+        params: '',
+        cb(){
+            openAdmin()
+        }
+    },
+    'create-admin': {
+        params: '<password> [<username>=admin]',
+        async cb(password: string, username='admin') {
+            if (getAccount(username))
+                throw `user ${username} already exists`
+            const acc = addAccount(username, { admin: true })
+            await updateAccount(acc!, acc => {
+                acc.password = password
+            })
+        }
+    },
+    'change-password': {
+        params: '<user> <password>',
+        async cb(user: string, password: string) {
+            const acc = getAccount(user)
+            if (!acc)
+                throw "user doesn't exist"
+            await updateAccount(acc!, acc => {
+                acc.password = password
+            })
+        }
+    },
+    config: {
+        params: '<key> <value>',
+        async cb(key: string, value: string) {
+            const conf = getConfigDefinition(key)
+            if (!conf)
+                throw "specified key doesn't exist"
+            let v: any = value
+            try { v = JSON.parse(v) }
+            catch {}
+            setConfig({ [key]: v })
+        }
+    },
+    'show-config': {
+        params: '<key>',
+        async cb(key: string) {
+            const conf = getConfigDefinition(key)
+            if (!conf)
+                throw "specified key doesn't exist"
+            console.log(yaml.stringify(getConfig(key), { lineWidth:1000 }).trim())
+        }
+    },
+    quit: {
+        params: '',
+        async cb() {
+            process.exit(0)
+        }
+    },
+    update: {
+        params: '',
+        cb: update
+    },
+    'check-update': {
+        params: '',
+        async cb() {
+            const update = await getUpdate()
+            console.log("new version available", update.name)
+        }
+    },
+    version: {
+        params: '',
+        async cb() {
+            console.log(VERSION)
+            console.log(BUILD_TIMESTAMP)
+        }
+    },
+}

package/src/config.ts

@@ -0,0 +1,166 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import EventEmitter from 'events'
+import { APP_PATH, argv, ORIGINAL_CWD } from './const'
+import { watchLoad } from './watchLoad'
+import yaml from 'yaml'
+import _ from 'lodash'
+import { debounceAsync, same, objSameKeys, onOff, wait, with_ } from './misc'
+import { copyFileSync, existsSync, renameSync, statSync } from 'fs'
+import { join, resolve } from 'path'
+import events from './events'
+
+const FILE = 'config.yaml'
+
+const configProps: Record<string, ConfigProps<any>> = {}
+
+let started = false // this will tell the difference for subscribeConfig()s that are called before or after config is loaded
+let state: Record<string, any> = {}
+const cfgEvents = new EventEmitter()
+cfgEvents.setMaxListeners(10_000)
+const path = with_(argv.config || process.env.HFS_CONFIG, p => {
+    if (!p)
+        return FILE
+    p = resolve(ORIGINAL_CWD, p)
+    try {
+        if (statSync(p).isDirectory()) // try to detect if path points to a folder, in which case we add the standard filename
+            return join(p, FILE)
+    }
+    catch {}
+    return p
+})
+console.log("config", path)
+const legacyPosition = join(APP_PATH, FILE)
+if (!existsSync(path) && existsSync(legacyPosition))
+    try {
+        renameSync(legacyPosition, path)
+        console.log("moved from legacy position", legacyPosition)
+    }
+    catch {
+        try { // attempt copying, in case moving the source file proves to be impractical
+            copyFileSync(legacyPosition, path)
+            console.log("copied from legacy position", legacyPosition)
+        }
+        catch {}
+    }
+const { save } = watchLoad(path, values => setConfig(values||{}, false), {
+    failedOnFirstAttempt(){
+        console.log("No config file, using defaults")
+        setConfig({}, false)
+    }
+})
+
+interface ConfigProps<T> {
+    defaultValue?: T,
+}
+export function defineConfig<T>(k: string, defaultValue?: T) {
+    configProps[k] = { defaultValue }
+    type Updater = (currentValue:T) => T
+    return {
+        key() {
+            return k
+        },
+        get(): T {
+            return getConfig(k)
+        },
+        sub(cb: (v:T, was?:T)=>void) {
+            return subscribeConfig(k, cb)
+        },
+        set(v: T | Updater) {
+            if (typeof v === 'function')
+                this.set((v as Updater)(this.get()))
+            else
+                setConfig1(k, v)
+        }
+    }
+}
+
+export function getConfigDefinition(k: string) {
+    return configProps[k]
+}
+
+const stack: any[] = []
+function subscribeConfig<T>(k:string, cb: (v:T, was?:T)=>void) {
+    if (started) // initial event already passed, we'll make the first call
+        cb(getConfig(k))
+    const eventName = 'new.'+k
+    return onOff(cfgEvents, {
+        [eventName]() {
+            if (stack.includes(cb)) return // avoid infinite loop in case a subscriber changes the value
+            stack.push(cb) // @ts-ignore arguments
+            try { return cb.apply(this,arguments) }
+            finally { stack.pop() }
+        }
+    })
+}
+
+export function getConfig(k:string) {
+    return state[k] ?? _.cloneDeep(configProps[k]?.defaultValue) // clone to avoid changing
+}
+
+export function getWholeConfig({ omit, only }: { omit?:string[], only?:string[] }) {
+    const defs = objSameKeys(configProps, x => x.defaultValue)
+    let copy = _.defaults({}, state, defs)
+    if (omit?.length)
+        copy = _.omit(copy, omit)
+    if (only)
+       copy = _.pick(copy, only)
+    return _.cloneDeep(copy)
+}
+
+// pass a value to `save` to force saving decision, or leave undefined for auto. Passing false will also reset previously loaded configs.
+export function setConfig(newCfg: Record<string,any>, save?: boolean) {
+    if (!started) { // first time we consider also CLI args
+        const argCfg = _.pickBy(objSameKeys(configProps, (x,k) => argv[k]), x => x !== undefined)
+        if (! _.isEmpty(argCfg)) {
+            saveConfigAsap().then() // don't set `save` argument, as it would interfere below at check `save===false`
+            Object.assign(newCfg, argCfg)
+        }
+    }
+    for (const k in newCfg)
+        apply(k, newCfg[k])
+    if (save) {
+        saveConfigAsap().then()
+        return
+    }
+    if (started) {
+        if (save === false) // false is used when loading whole config, and in such case we should not leave previous values untreated. Also, we need this only after we already `started`.
+            for (const k of Object.keys(state))
+                if (!newCfg.hasOwnProperty(k))
+                    apply(k, newCfg[k])
+        return
+    }
+    // first time we emit also for the default values
+    for (const k of Object.keys(configProps))
+        if (!newCfg.hasOwnProperty(k))
+            apply(k, newCfg[k])
+    started = true
+    events.emit('config ready')
+
+    function apply(k: string, newV: any) {
+        return setConfig1(k, newV, save === undefined)
+    }
+}
+
+function setConfig1(k: string, newV: any, saveChanges=true) {
+    if (_.isPlainObject(newV))
+        newV = _.pickBy(newV, x => x !== undefined)
+    if (same(newV, configProps[k]?.defaultValue))
+        newV = undefined
+    if (started && same(newV, state[k])) return // no change
+    const was = getConfig(k) // include cloned default, if necessary
+    state[k] = newV
+    cfgEvents.emit('new.'+k, getConfig(k), was)
+    if (saveChanges)
+        saveConfigAsap().then()
+}
+
+export const saveConfigAsap = debounceAsync(async () => {
+    while (!started)
+        await wait(100)
+    let txt = yaml.stringify(state, { lineWidth:1000 })
+    if (txt.trim() === '{}')  // most users wouldn't understand
+        txt = ''
+    save(path, txt)
+        .catch(err => console.error('Failed at saving config file, please ensure it is writable.', String(err)))
+})

package/src/connections.ts

@@ -0,0 +1,60 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import { Socket } from 'net'
+import events from './events'
+import Koa from 'koa'
+import _ from 'lodash'
+
+export class Connection {
+    readonly started = new Date()
+    sent = 0
+    outSpeed?: number
+    ctx?: Koa.Context
+    private _cachedIp?: string
+    [rest:symbol]: any // let other modules add extra data, but using symbols to avoid name collision
+
+    constructor(readonly socket: Socket) {
+        all.push(this)
+        socket.on('close', () => {
+            all.splice(all.indexOf(this), 1)
+            events.emit('connectionClosed', this)
+        })
+        events.emit('connection', this)
+    }
+
+    get ip() { // prioritize ctx.ip as it supports proxies, but fallback for when ctx is not yet available
+        return this.ctx?.ip || (this._cachedIp ??= normalizeIp(this.socket.remoteAddress||''))
+    }
+
+    get secure() {
+        return (this.socket as any).server.cert > ''
+    }
+}
+
+export function normalizeIp(ip: string) {
+    return ip.replace(/^::ffff:/,'') // simplify ipv6-mapped addresses
+}
+
+const all: Connection[] = []
+
+export function newConnection(socket: Socket) {
+    new Connection(socket)
+}
+
+export function getConnections(): Readonly<typeof all> {
+    return all
+}
+
+export function socket2connection(socket: Socket) {
+    return all.find(x => // socket exposed by Koa is TLSSocket which encapsulates simple Socket, and I've found no way to access it for simple comparison
+        x.socket.remotePort === socket.remotePort // but we can still match them because IP:PORT is key
+        && x.socket.remoteAddress === socket.remoteAddress )
+}
+
+export function updateConnection(conn: Connection, change: Partial<Connection>) {
+    // if no change is detected, skip update. ctx is a special case
+    if (!change.ctx && Object.entries(change).every(([k,v]) => _.isEqual(v, conn[k as keyof Connection]) ))
+        return
+    Object.assign(conn, change)
+    events.emit('connectionUpdated', conn, change)
+}

package/src/const.ts

@@ -0,0 +1,57 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import minimist from 'minimist'
+import * as fs from 'fs'
+import { homedir } from 'os'
+import { mkdirSync } from 'fs'
+import { basename, dirname, join } from 'path'
+
+export const argv = minimist(process.argv.slice(2))
+export const DEV = process.env.DEV || argv.dev ? 'DEV' : ''
+export const ORIGINAL_CWD = process.cwd()
+export const HFS_STARTED = new Date()
+const PKG_PATH = join(__dirname, '..', 'package.json')
+export const BUILD_TIMESTAMP = fs.statSync(PKG_PATH).mtime.toISOString()
+const pkg = JSON.parse(fs.readFileSync(PKG_PATH,'utf8'))
+export const VERSION = pkg.version
+export const DAY = 86_400_000
+export const SESSION_DURATION = DAY
+
+export const API_VERSION = 4.1 // array.$width
+export const COMPATIBLE_API_VERSION = 1 // while changes in the api are not breaking, this number stays the same, otherwise is made equal to API_VERSION
+
+export const SPECIAL_URI = '/~/'
+export const FRONTEND_URI = SPECIAL_URI + 'frontend/'
+export const ADMIN_URI = SPECIAL_URI + 'admin/'
+export const API_URI = SPECIAL_URI + 'api/'
+export const PLUGINS_PUB_URI = SPECIAL_URI + 'plugins/'
+
+export const METHOD_NOT_ALLOWED = 405
+export const NO_CONTENT = 204
+export const FORBIDDEN = 403
+export const UNAUTHORIZED = 401
+
+export const IS_WINDOWS = process.platform === 'win32'
+const IS_BINARY = !basename(process.argv0).includes('node') // this won't be node if pkg was used
+export const APP_PATH = dirname(IS_BINARY ? process.argv0 : __dirname)
+
+// we want this to be the first stuff to be printed, then we print it in this module, that is executed at the beginning
+if (DEV) console.clear()
+else console.debug = ()=>{}
+console.log(`HFS ~ HTTP File Server - Copyright 2021-2022, Massimo Melina <a@rejetto.com>`)
+console.log(`License https://www.gnu.org/licenses/gpl-3.0.txt`)
+console.log('started', HFS_STARTED.toLocaleString(), DEV)
+console.log('version', VERSION||'-')
+console.log('build', BUILD_TIMESTAMP||'-')
+if (argv.cwd)
+    process.chdir(argv.cwd)
+else if (!process.argv0.endsWith('.exe')) { // still considering whether to use this behavior with Windows users, who may be less accustomed to it
+    const dir = join(homedir(), '.hfs')
+    try { mkdirSync(dir) }
+    catch(e: any) {
+        if (e.code !== 'EEXIST')
+            console.error(e)
+    }
+    process.chdir(dir)
+}
+console.log('cwd', process.cwd())

package/src/crypt.ts

@@ -0,0 +1,16 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+// simple wrapper
+// @ts-ignore
+import { pbkdf2, pbkdf2Verify } from "./pbkdf2"
+import assert from 'assert'
+
+export async function hashPassword(s: string) {
+    return 'p2:' + await pbkdf2(s)
+}
+
+export async function verifyPassword(hashed: string, given: string) {
+    const i = hashed.indexOf(':')
+    assert(i>0, 'bad hashed')
+    return await pbkdf2Verify(hashed.slice(i+1), given) // for the time being we totally ignore the "method" part
+}

package/src/debounceAsync.ts

@@ -0,0 +1,51 @@
+// like lodash.debounce, but also avoids async invocations to overlap
+export default function debounceAsync<CB extends (...args: any[]) => Promise<R>, R>(
+    callback: CB,
+    wait: number=100,
+    { leading=false, maxWait=Infinity }={}
+) {
+    let started = 0 // latest callback invocation
+    let runningCallback: Promise<R> | undefined // latest callback invocation result
+    let runningDebouncer: Promise<R | undefined> // latest wrapper invocation
+    let waitingSince = 0 // we are delaying invocation since
+    let whoIsWaiting: undefined | any[] // args' array object identifies the pending instance, and incidentally stores args
+    const interceptingWrapper = (...args:any[]) => runningDebouncer = debouncer.apply(null, args)
+    return Object.assign(interceptingWrapper, {
+        cancel: () => {
+            waitingSince = 0
+            whoIsWaiting = undefined
+        },
+        flush: () => runningCallback ?? exec(),
+    })
+
+    async function debouncer(...args:any[]) {
+        if (runningCallback)
+            return await runningCallback
+        whoIsWaiting = args
+        waitingSince ||= Date.now()
+        const waitingCap = maxWait - (Date.now() - (waitingSince || started))
+        const waitFor = Math.min(waitingCap, leading ? wait - (Date.now() - started) : wait)
+        if (waitFor > 0)
+            await new Promise(resolve => setTimeout(resolve, waitFor))
+        if (!whoIsWaiting) // canceled
+            return void(waitingSince = 0)
+        if (whoIsWaiting !== args) // another fresher call is waiting
+            return runningDebouncer
+        return await exec()
+    }
+
+    async function exec() {
+        if (!whoIsWaiting) return
+        waitingSince = 0
+        started = Date.now()
+        try {
+            runningCallback = callback.apply(null, whoIsWaiting)
+            return await runningCallback
+        }
+        finally {
+            whoIsWaiting = undefined
+            runningCallback = undefined
+        }
+    }
+}
+

package/src/events.ts

@@ -0,0 +1,6 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import EventEmitter from 'events'
+
+// app-wide events
+export default new EventEmitter()

package/src/frontEndApis.ts

@@ -0,0 +1,17 @@
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import { ApiHandlers } from './apiMiddleware'
+import { file_list } from './api.file_list'
+import * as api_auth from './api.auth'
+import { defineConfig } from './config'
+
+const customHeader = defineConfig('custom_header')
+
+export const frontEndApis: ApiHandlers = {
+    file_list,
+    ...api_auth,
+
+    config() {
+        return Object.fromEntries([customHeader].map(x => [x.key(), x.get()]))
+    }
+}

package/src/github.ts

@@ -0,0 +1,102 @@
+import events from './events'
+import { httpsString, httpsStream, unzip } from './misc'
+import { getAvailablePlugins, mapPlugins, parsePluginSource, PATH as PLUGINS_PATH, rescan } from './plugins'
+// @ts-ignore
+import unzipper from 'unzip-stream'
+import { ApiError } from './apiMiddleware'
+import _ from 'lodash'
+
+const DIST_ROOT = 'dist/'
+
+type DownloadStatus = true | undefined
+const downloading: Record<string, DownloadStatus> = {}
+
+function downloadProgress(id: string, status: DownloadStatus) {
+    if (status === undefined)
+        delete downloading[id]
+    else
+        downloading[id] = status
+    events.emit('pluginDownload_'+id, status)
+}
+
+export async function downloadPlugin(repo: string, branch='', overwrite?: boolean) {
+    if (downloading[repo])
+        return new ApiError(409, "already downloading")
+    downloadProgress(repo, true)
+    const rec = await getRepoInfo(repo)
+    if (!branch)
+        branch = rec.default_branch
+    const short = repo.split('/')[1] // second part, repo without the owner
+    const folder2repo = getFolder2repo()
+    const folder = overwrite ? _.findKey(folder2repo, x => x===repo)! // use existing folder
+        : short in folder2repo ? repo.replace('/','-') // longer form only if another plugin is using short form
+            : short
+    const installPath = PLUGINS_PATH + '/' + folder
+    const GITHUB_ZIP_ROOT = short + '-' + branch // GitHub puts everything within this folder
+    const rootWithinZip = GITHUB_ZIP_ROOT + '/' + DIST_ROOT
+    const stream = await httpsStream(`https://github.com/${repo}/archive/refs/heads/${branch}.zip`)
+    await unzip(stream, path =>
+        path.startsWith(rootWithinZip) && installPath + '/' + path.slice(rootWithinZip.length) )
+    downloadProgress(repo, undefined)
+    await rescan() // workaround: for some reason, operations are not triggering the rescan of the watched folder. Let's invoke it.
+    return folder
+}
+
+export function getRepoInfo(id: string) {
+    return apiGithub('repos/'+id)
+}
+
+export async function readOnlinePlugin(repoInfo: { full_name: string, default_branch: string }, branch='') {
+    const url = `https://raw.githubusercontent.com/${repoInfo.full_name}/${branch || repoInfo.default_branch}/${DIST_ROOT}plugin.js`
+    const res = await httpsString(url)
+    if (!res.ok)
+        throw res.statusCode
+    const pl = parsePluginSource(repoInfo.full_name, res.body) // use 'repo' as 'id' client-side
+    pl.branch = branch || undefined
+    return pl
+}
+
+export function getFolder2repo() {
+    const ret = Object.fromEntries(getAvailablePlugins().map(x => [x.id, x.repo]))
+    Object.assign(ret, Object.fromEntries(mapPlugins(x => [x.id, x.getData().repo])))
+    return ret
+}
+
+async function apiGithub(uri: string) {
+    const res = await httpsString('https://api.github.com/'+uri, {
+        headers: {
+            'User-Agent': 'HFS',
+            Accept: 'application/vnd.github.v3+json',
+        }
+    })
+    if (!res.ok)
+        throw res.statusCode
+    return JSON.parse(res.body)
+}
+
+export async function* searchPlugins(text: string) {
+    const res = await apiGithub('search/repositories?q=topic:hfs-plugin+' + encodeURI(text))
+    for (const it of res.items) {
+        const repo = it.full_name
+        let pl = await readOnlinePlugin(it)
+        if (!pl.apiRequired) continue // mandatory field
+        if (pl.badApi) { // we try other branches (starting with 'api')
+            const branches: string[] = (await apiGithub('repos/' + it.full_name + '/branches'))
+                .map((x: any) => x.name).filter((x: string) => x.startsWith('api')).sort()
+            for (const branch of branches) {
+                pl = await readOnlinePlugin(it, branch)
+                if (!pl.apiRequired)
+                    pl.badApi = '-'
+                if (!pl.badApi)
+                    break
+            }
+        }
+        if (pl.badApi)
+            continue
+        Object.assign(pl, { // inject some extra useful fields
+            downloading: downloading[repo],
+            license: it.license?.spdx_id,
+        }, _.pick(it, ['pushed_at', 'stargazers_count']))
+        yield pl
+    }
+}

package/src/index.ts

@@ -0,0 +1,53 @@
+#!/usr/bin/env node
+// This file is part of HFS - Copyright 2021-2022, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
+
+import Koa from 'koa'
+import mount from 'koa-mount'
+import { apiMiddleware } from './apiMiddleware'
+import { API_URI, DEV } from './const'
+import { frontEndApis } from './frontEndApis'
+import { log } from './log'
+import { pluginsMiddleware } from './plugins'
+import { throttler } from './throttler'
+import { headRequests, gzipper, sessions, serveGuiAndSharedFiles, someSecurity, prepareState, paramsDecoder } from './middlewares'
+import './listen'
+import './commands'
+import { adminApis } from './adminApis'
+import { defineConfig } from './config'
+import { ok } from 'assert'
+import _ from 'lodash'
+import { randomId } from './misc'
+
+ok(_.intersection(Object.keys(frontEndApis), Object.keys(adminApis)).length === 0) // they share same endpoints
+
+const keys = process.env.COOKIE_SIGN_KEYS?.split(',') || [randomId(30)]
+export const app = new Koa({ keys })
+app.use(someSecurity)
+    .use(sessions(app))
+    .use(prepareState)
+    .use(headRequests)
+    .use(log())
+    .use(throttler)
+    .use(gzipper)
+    .use(paramsDecoder)
+    .use(pluginsMiddleware())
+    .use(mount(API_URI, apiMiddleware({ ...frontEndApis, ...adminApis })))
+    .use(serveGuiAndSharedFiles)
+    .on('error', errorHandler)
+
+function errorHandler(err:Error & { code:string, path:string }) {
+    const { code } = err
+    if (DEV && code === 'ENOENT' && err.path.endsWith('sockjs-node')) return // spam out dev stuff
+    if (code === 'ECANCELED' || code === 'ECONNRESET' || code === 'ECONNABORTED' || code === 'EPIPE') return // someone interrupted, don't care
+    console.error('server error', err)
+}
+
+process.on('uncaughtException', err => {
+    if ((err as any).syscall !== 'watch')
+        console.error(err)
+})
+
+defineConfig('proxies', 0).sub(n => {
+    app.proxy = n > 0
+    app.maxIpsCount = n
+})