opentunnel-cli 1.0.15 → 1.0.17

package/README.md

@@ -9,6 +9,7 @@
 - [As a Client](#-as-a-client) - Expose your local ports
 - [As a Server](#-as-a-server) - Host your own tunnel server
 - [Home Use](#-home-use-behind-routernat) - Run from home network
+- [Multi-Domain Support](#-multi-domain-support) - Handle multiple domains on one server
 - [Authentication](#-authentication) - Secure your server
 - [IP Access Control](#-ip-access-control) - Allow/deny IPs and CIDR ranges
 - [Configuration File](#-configuration-file) - opentunnel.yml reference
@@ -352,6 +353,111 @@ opentunnel server -d --domain yourdomain.com -p 8443 --public-port 8443
 
 ---
 
+# 🌐 Multi-Domain Support
+
+OpenTunnel can handle **multiple domains** on a single server instance. This is useful when you want to:
+
+- Serve tunnels under different domain names
+- Use different base paths for different domains
+- Consolidate multiple domains on one server
+
+## DNS Configuration
+
+For each domain you want to use, create DNS records pointing to your server:
+
+| Domain | Type | Name | Value |
+|--------|------|------|-------|
+| `domain1.com` | A | `op` | `YOUR_SERVER_IP` |
+| `domain1.com` | A | `*.op` | `YOUR_SERVER_IP` |
+| `domain2.com` | A | `op` | `YOUR_SERVER_IP` |
+| `domain2.com` | A | `*.op` | `YOUR_SERVER_IP` |
+
+## Configuration
+
+Configure multiple domains in `opentunnel.yml`:
+
+```yaml
+server:
+  domains:
+    - domain: domain1.com
+      basePath: op              # Tunnels at: *.op.domain1.com
+    - domain: domain2.com
+      basePath: op              # Tunnels at: *.op.domain2.com
+  port: 443
+
+tunnels:
+  - name: app
+    protocol: http
+    port: 3000
+    subdomain: myapp            # Accessible on ALL configured domains
+```
+
+With this configuration, the tunnel `myapp` is accessible at:
+- `https://myapp.op.domain1.com`
+- `https://myapp.op.domain2.com`
+
+## Single Domain (Backward Compatible)
+
+If you only need one domain, use the simple configuration:
+
+```yaml
+server:
+  domain: example.com           # Single domain
+  basePath: op                  # Default: op
+```
+
+This is equivalent to:
+
+```yaml
+server:
+  domains:
+    - domain: example.com
+      basePath: op
+```
+
+## SSL Certificates
+
+When using self-signed certificates with multiple domains, OpenTunnel automatically generates a **SAN (Subject Alternative Name) certificate** that covers all configured domains and their wildcards.
+
+For Let's Encrypt, you'll need separate certificates or a multi-domain certificate with all your domains listed.
+
+## Use Cases
+
+### Different Teams/Projects
+
+```yaml
+server:
+  domains:
+    - domain: dev.company.com
+      basePath: op              # Dev team: *.op.dev.company.com
+    - domain: staging.company.com
+      basePath: op              # Staging: *.op.staging.company.com
+```
+
+### White-Label Service
+
+```yaml
+server:
+  domains:
+    - domain: client1.com
+      basePath: op              # Client 1: *.op.client1.com
+    - domain: client2.com
+      basePath: op              # Client 2: *.op.client2.com
+```
+
+### Migration Between Domains
+
+```yaml
+server:
+  domains:
+    - domain: newdomain.com
+      basePath: op              # New domain (primary)
+    - domain: olddomain.com
+      basePath: op              # Old domain (still supported)
+```
+
+---
+
 # 🔐 Authentication
 
 OpenTunnel uses a **shared secret** system for authentication. The server defines a list of valid tokens, and clients must provide one to connect.

package/dist/cli/index.js

@@ -156,7 +156,7 @@ program
     .name("opentunnel")
     .alias("ot")
     .description("Expose local ports to the internet via custom domains or ngrok")
-    .version("1.0.15");
+    .version("1.0.17");
 // Helper function to build WebSocket URL from domain
 // User only provides base domain (e.g., fjrg2007.com), system handles the rest
 // Note: --insecure flag only affects certificate verification, not the protocol
@@ -1188,15 +1188,18 @@ program
         });
         child.unref();
         fsModule.writeFileSync(pidFile, String(child.pid));
-        // Wait a moment and verify process is still running
-        await new Promise(resolve => setTimeout(resolve, 1000));
+        // Wait and verify process is still running (check multiple times)
         let isRunning = false;
-        try {
-            process.kill(child.pid, 0);
-            isRunning = true;
-        }
-        catch {
-            isRunning = false;
+        for (let i = 0; i < 5; i++) {
+            await new Promise(resolve => setTimeout(resolve, 500));
+            try {
+                process.kill(child.pid, 0);
+                isRunning = true;
+            }
+            catch {
+                isRunning = false;
+                break;
+            }
         }
         if (isRunning) {
             // Register in global registry
@@ -1217,24 +1220,47 @@ program
             console.log(chalk_1.default.gray(`Stop with:  opentunnel down ${instanceName}`));
             console.log(chalk_1.default.gray(`Stop all:   opentunnel down --all`));
             console.log(chalk_1.default.gray(`List:       opentunnel ps`));
-            console.log(chalk_1.default.gray(`Logs:       tail -f ${logFile}`));
+            console.log(chalk_1.default.gray(`Logs:       opentunnel logs ${instanceName}`));
         }
         else {
-            // Process died immediately - show error
-            console.log(chalk_1.default.red(`OpenTunnel "${instanceName}" failed to start`));
-            console.log(chalk_1.default.gray(`\nCheck the log for errors:`));
-            // Read last few lines of log
+            // Process died - show error from log
+            console.log(chalk_1.default.red(`\n✗ OpenTunnel "${instanceName}" failed to start\n`));
+            // Read log and find error
             try {
                 const logContent = fsModule.readFileSync(logFile, "utf-8");
-                const lines = logContent.trim().split("\n").slice(-10);
-                console.log(chalk_1.default.gray("─".repeat(60)));
-                for (const line of lines) {
-                    console.log(chalk_1.default.gray(line));
+                const lines = logContent.trim().split("\n");
+                // Look for common errors
+                const errorLine = lines.find(l => l.includes("EADDRINUSE") ||
+                    l.includes("EACCES") ||
+                    l.includes("Error:") ||
+                    l.includes("error:"));
+                if (errorLine) {
+                    if (errorLine.includes("EADDRINUSE")) {
+                        console.log(chalk_1.default.red("  Error: Port already in use"));
+                        console.log(chalk_1.default.gray("  Another process is using the port. Try:"));
+                        console.log(chalk_1.default.cyan("    - Stop other OpenTunnel: opentunnel down --all"));
+                        console.log(chalk_1.default.cyan("    - Use different port in config: server.port: 8443"));
+                    }
+                    else if (errorLine.includes("EACCES")) {
+                        console.log(chalk_1.default.red("  Error: Permission denied"));
+                        console.log(chalk_1.default.gray("  Port 443 requires admin/root. Try:"));
+                        console.log(chalk_1.default.cyan("    - Run as administrator"));
+                        console.log(chalk_1.default.cyan("    - Use port > 1024 in config"));
+                    }
+                    else {
+                        console.log(chalk_1.default.red(`  ${errorLine}`));
+                    }
+                }
+                // Show last few lines
+                console.log(chalk_1.default.gray("\n  Last log lines:"));
+                console.log(chalk_1.default.gray("  " + "─".repeat(56)));
+                for (const line of lines.slice(-8)) {
+                    console.log(chalk_1.default.gray(`  ${line}`));
                 }
-                console.log(chalk_1.default.gray("─".repeat(60)));
+                console.log(chalk_1.default.gray("  " + "─".repeat(56)));
             }
             catch {
-                console.log(chalk_1.default.gray(`  cat ${logFile}`));
+                console.log(chalk_1.default.gray(`Check log: cat ${logFile}`));
             }
             // Clean up pid file
             try {
@@ -1271,6 +1297,16 @@ program
     const port = config.server?.port || 443;
     const useHttps = config.server?.https !== false;
     const hasTunnels = tunnelsToStart.length > 0;
+    // Parse multiple domains from config
+    let serverDomains;
+    if (config.server?.domains && config.server.domains.length > 0) {
+        serverDomains = config.server.domains.map(d => {
+            if (typeof d === "string") {
+                return { domain: d, basePath: basePath };
+            }
+            return { domain: d.domain, basePath: d.basePath || basePath };
+        });
+    }
     // Mode detection:
     // 1. Explicit mode in config takes priority
     // 2. Auto-detect based on config:
@@ -1338,8 +1374,9 @@ program
         const server = new TunnelServer({
             port,
             host: "0.0.0.0",
-            domain,
+            domain: domain || serverDomains?.[0]?.domain || "localhost",
             basePath,
+            domains: serverDomains, // Pass multiple domains if configured
             tunnelPortRange: {
                 min: tcpMin,
                 max: tcpMax,
@@ -1348,7 +1385,16 @@ program
         });
         try {
             await server.start();
-            spinner.succeed(`Server running on https://${basePath}.${domain}:${port}`);
+            const primaryDomain = serverDomains?.[0]?.domain || domain;
+            const primaryBasePath = serverDomains?.[0]?.basePath || basePath;
+            spinner.succeed(`Server running on https://${primaryBasePath}.${primaryDomain}:${port}`);
+            // Show all domains if multiple configured
+            if (serverDomains && serverDomains.length > 1) {
+                console.log(chalk_1.default.cyan("\nConfigured domains:"));
+                for (const d of serverDomains) {
+                    console.log(chalk_1.default.white(`  *.${d.basePath}.${d.domain}`));
+                }
+            }
             // Start tunnels if in hybrid mode or if tunnels are defined
             if (isHybridMode && hasTunnels) {
                 console.log(chalk_1.default.cyan(`\nStarting ${tunnelsToStart.length} tunnel(s)...\n`));
@@ -1512,6 +1558,75 @@ program
         console.log(chalk_1.default.gray(`Stop all:      opentunnel down --all`));
     }
 });
+// Logs command - view logs for an instance
+program
+    .command("logs [name]")
+    .description("View logs for an instance")
+    .option("-f, --follow", "Follow log output (like tail -f)")
+    .option("-n, --lines <n>", "Number of lines to show", "50")
+    .action(async (name, options) => {
+    const fs = await Promise.resolve().then(() => __importStar(require("fs")));
+    const { spawn } = await Promise.resolve().then(() => __importStar(require("child_process")));
+    const registry = loadRegistry();
+    // Find instance
+    let instance;
+    if (name) {
+        instance = registry.instances.find(i => i.name === name);
+    }
+    else {
+        // Use first instance from current directory
+        instance = registry.instances.find(i => i.cwd === process.cwd());
+    }
+    if (!instance) {
+        console.log(chalk_1.default.yellow(name ? `Instance "${name}" not found` : "No instance found in current directory"));
+        console.log(chalk_1.default.gray("Use 'opentunnel ps' to list instances"));
+        return;
+    }
+    if (!fs.existsSync(instance.logFile)) {
+        console.log(chalk_1.default.yellow(`Log file not found: ${instance.logFile}`));
+        return;
+    }
+    if (options.follow) {
+        // Use tail -f equivalent
+        console.log(chalk_1.default.gray(`Following logs for ${instance.name}... (Ctrl+C to stop)\n`));
+        // Read existing content first
+        const content = fs.readFileSync(instance.logFile, "utf-8");
+        const lines = content.split("\n").slice(-parseInt(options.lines));
+        console.log(lines.join("\n"));
+        // Watch for changes
+        let lastSize = fs.statSync(instance.logFile).size;
+        const watcher = setInterval(() => {
+            try {
+                const stat = fs.statSync(instance.logFile);
+                if (stat.size > lastSize) {
+                    const fd = fs.openSync(instance.logFile, "r");
+                    const buffer = Buffer.alloc(stat.size - lastSize);
+                    fs.readSync(fd, buffer, 0, buffer.length, lastSize);
+                    fs.closeSync(fd);
+                    process.stdout.write(buffer.toString());
+                    lastSize = stat.size;
+                }
+            }
+            catch {
+                clearInterval(watcher);
+            }
+        }, 100);
+        // Handle Ctrl+C
+        process.on("SIGINT", () => {
+            clearInterval(watcher);
+            process.exit(0);
+        });
+        // Keep running
+        await new Promise(() => { });
+    }
+    else {
+        // Just show last N lines
+        const content = fs.readFileSync(instance.logFile, "utf-8");
+        const lines = content.split("\n").slice(-parseInt(options.lines));
+        console.log(chalk_1.default.gray(`Last ${options.lines} lines of ${instance.name}:\n`));
+        console.log(lines.join("\n"));
+    }
+});
 // Test server command - simple HTTP server for testing tunnels
 program
     .command("test-server")