querysub 0.100.0 → 0.102.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "querysub",
-  "version": "0.100.0",
+  "version": "0.102.0",
   "main": "index.js",
   "license": "MIT",
   "note1": "note on node-forge fork, see https://github.com/digitalbazaar/forge/issues/744 for details",
@@ -24,7 +24,7 @@
     "node-forge": "https://github.com/sliftist/forge#e618181b469b07bdc70b968b0391beb8ef5fecd6",
     "pako": "^2.1.0",
     "preact": "^10.11.3",
-    "socket-function": "^0.62.0",
+    "socket-function": "^0.66.0",
     "terser": "^5.31.0",
     "typesafecss": "^0.6.3",
     "yaml": "^2.5.0",

package/src/-a-archives/archives.ts

@@ -92,7 +92,15 @@ export function nestArchives(path: string, archives: Archives): Archives {
             targetPath: config.targetPath,
         }),
         assertPathValid: (path: string) => archives.assertPathValid(path),
-        getBaseArchives: () => ({ parentPath: path, archives }),
+        getBaseArchives: () => {
+            let result = { parentPath: path, archives };
+            let base = archives.getBaseArchives?.();
+            if (base) {
+                result.parentPath = base.parentPath + path;
+                result.archives = base.archives;
+            }
+            return result;
+        },
     };
 }
 

package/src/-a-archives/archivesBackBlaze.ts

@@ -8,7 +8,7 @@ import { httpsRequest } from "../https";
 import { delay } from "socket-function/src/batching";
 import { devDebugbreak } from "../config";
 import { formatNumber, formatTime } from "socket-function/src/formatting/format";
-import { blue, green } from "socket-function/src/formatting/logColors";
+import { blue, green, magenta } from "socket-function/src/formatting/logColors";
 import debugbreak from "debugbreak";
 import { onTimeProfile } from "../-0-hooks/hooks";
 
@@ -49,6 +49,7 @@ const getAPI = lazy(async () => {
             Authorization: "Basic " + Buffer.from(creds.applicationKeyId + ":" + creds.applicationKey).toString("base64"),
         }
     });
+
     let auth = JSON.parse(authorizeRaw.toString()) as {
         accountId: string;
         authorizationToken: string;
@@ -88,6 +89,9 @@ const getAPI = lazy(async () => {
         bucketType: "allPrivate" | "allPublic";
         lifecycleRules?: any[];
         corsRules?: unknown[];
+        bucketInfo?: {
+            [key: string]: unknown;
+        };
     }, {
         accountId: string;
         bucketId: string;
@@ -101,6 +105,28 @@ const getAPI = lazy(async () => {
         revision: number;
     }>("b2_create_bucket", "POST");
 
+    const updateBucket = createB2Function<{
+        accountId: string;
+        bucketId: string;
+        bucketType?: "allPrivate" | "allPublic";
+        lifecycleRules?: any[];
+        bucketInfo?: {
+            [key: string]: unknown;
+        };
+        corsRules?: unknown[];
+    }, {
+        accountId: string;
+        bucketId: string;
+        bucketName: string;
+        bucketType: "allPrivate" | "allPublic";
+        bucketInfo: {
+            lifecycleRules: any[];
+        };
+        corsRules: any[];
+        lifecycleRules: any[];
+        revision: number;
+    }>("b2_update_bucket", "POST");
+
     // https://www.backblaze.com/apidocs/b2-update-bucket
     //  TODO: b2_update_bucket, so we can update CORS, etc
 
@@ -316,8 +342,16 @@ const getAPI = lazy(async () => {
         fileId: string;
     }, {}>("b2_cancel_large_file", "POST", "noAccountId");
 
+    async function getDownloadURL(path: string) {
+        if (!path.startsWith("/")) {
+            path = "/" + path;
+        }
+        return auth.downloadUrl + path;
+    }
+
     return {
         createBucket,
+        updateBucket,
         listBuckets,
         downloadFileByName,
         uploadFile,
@@ -329,17 +363,19 @@ const getAPI = lazy(async () => {
         uploadPart,
         finishLargeFile,
         cancelLargeFile,
+        getDownloadURL,
     };
 });
 
 type B2Api = (typeof getAPI) extends () => Promise<infer T> ? T : never;
 
 
-class Backblaze {
+export class ArchivesBackblaze {
     public constructor(private config: {
         bucketName: string;
         public?: boolean;
         immutable?: boolean;
+        cacheTime?: number;
     }) { }
 
     private bucketName = this.config.bucketName.replaceAll(/[^\w\d]/g, "-");
@@ -360,6 +396,27 @@ class Backblaze {
 
     private getBucketAPI = lazy(async () => {
         let api = await getAPI();
+
+        let cacheTime = this.config.cacheTime ?? 0;
+        if (this.config.immutable) {
+            cacheTime = 86400 * 1000;
+        }
+
+        let desiredCorsRules = this.config.public ? [{
+            corsRuleName: "onlyCurrentOrigin",
+            allowedOrigins: ["*"],
+            allowedOperations: ["b2_download_file_by_id", "b2_download_file_by_name"],
+            allowedHeaders: [],
+            exposeHeaders: ["x-bz-content-sha1"],
+            maxAgeSeconds: cacheTime / 1000,
+        }] : [];
+        let bucketInfo: Record<string, unknown> = {};
+        if (cacheTime) {
+            bucketInfo["cache-control"] = `max-age=${cacheTime / 1000}`;
+        }
+
+
+        let exists = false;
         try {
             await api.createBucket({
                 bucketName: this.bucketName,
@@ -370,27 +427,38 @@ class Backblaze {
                     "daysFromHidingToDeleting": 7,
                     "fileNamePrefix": ""
                 }],
-                corsRules: this.config.public ? [{
-                    corsRuleName: "onlyCurrentOrigin",
-                    allowedOrigins: ["*"],
-                    allowedOperations: ["b2_download_file_by_id", "b2_download_file_by_name"],
-                    allowedHeaders: [],
-                    exposeHeaders: ["x-bz-content-sha1"],
-                    maxAgeSeconds: this.config.immutable ? 86400 : 0,
-                }] : [],
+                corsRules: desiredCorsRules,
+                bucketInfo
             });
         } catch (e: any) {
             if (!e.stack.includes(`"duplicate_bucket_name"`)) {
                 throw e;
             }
+            exists = true;
         }
-        let bucketInfo = await api.listBuckets({
+
+        let bucketList = await api.listBuckets({
             bucketName: this.bucketName,
         });
-        if (bucketInfo.buckets.length === 0) {
+        if (bucketList.buckets.length === 0) {
             throw new Error(`Bucket name "${this.bucketName}" is being used by someone else. Bucket names have to be globally unique. Try a different name until you find a free one.`);
         }
-        this.bucketId = bucketInfo.buckets[0].bucketId;
+        this.bucketId = bucketList.buckets[0].bucketId;
+
+        if (exists) {
+            let bucket = bucketList.buckets[0];
+            if (JSON.stringify(bucket.corsRules) !== JSON.stringify(desiredCorsRules) || JSON.stringify(bucket.bucketInfo) !== JSON.stringify(bucketInfo)) {
+                console.log(magenta(`Updating CORS rules for ${this.bucketName}`));
+                await api.updateBucket({
+                    accountId: bucket.accountId,
+                    bucketId: bucket.bucketId,
+                    bucketType: bucket.bucketType,
+                    lifecycleRules: bucket.lifecycleRules,
+                    corsRules: desiredCorsRules,
+                    bucketInfo: bucketInfo,
+                });
+            }
+        }
         return api;
     });
 
@@ -719,19 +787,17 @@ class Backblaze {
         copyInstead?: boolean;
     }) {
         let { path, target, targetPath } = config;
-        // Moving is NOT working. The API call works, but... the file 
-        while (true) {
-            let targetUnwrapped = target.getBaseArchives?.();
-            if (!targetUnwrapped) break;
-            target = targetUnwrapped.archives;
-            targetPath = targetUnwrapped.parentPath + targetPath;
+        let base = target.getBaseArchives?.();
+        if (base) {
+            target = base.archives;
+            targetPath = base.parentPath + targetPath;
         }
         // A self move should NOOP (and definitely not copy, and then delete itself!)
         if (target === this && path === targetPath) {
             this.log(`Backblaze move path to itself. Skipping move, as there is no work to do. ${path}`);
             return;
         }
-        if (target instanceof Backblaze) {
+        if (target instanceof ArchivesBackblaze) {
             let targetBucketId = target.bucketId;
             if (targetBucketId === this.bucketId && path === targetPath) return;
             await this.apiRetryLogic(async (api) => {
@@ -771,6 +837,15 @@ class Backblaze {
     }): Promise<void> {
         return this.move({ ...config, copyInstead: true });
     }
+
+    public async getDownloadURL(path: string) {
+        return await this.apiRetryLogic(async (api) => {
+            if (path.startsWith("/")) {
+                path = path.slice(1);
+            }
+            return await api.getDownloadURL("file/" + this.bucketName + "/" + path);
+        });
+    }
 }
 
 /*
@@ -783,16 +858,23 @@ Names should be a UTF-8 string up to 1024 bytes with the following exceptions:
 
 
 export const getArchivesBackblaze = cache((domain: string) => {
-    const archivesBackblaze: Archives = new Backblaze({ bucketName: domain });
-
-    return archivesBackblaze;
+    return new ArchivesBackblaze({ bucketName: domain });
 });
 export const getArchivesBackblazePublicImmutable = cache((domain: string) => {
-    const archivesBackblaze: Archives = new Backblaze({
+    return new ArchivesBackblaze({
         bucketName: domain + "-public-immutable",
         public: true,
         immutable: true
     });
+});
 
-    return archivesBackblaze;
+// NOTE: Cache by a minute. This might be a bad idea, but... usually whole reason for public is
+//  for cloudflare caching (as otherwise we can just access it through a server), or for large files
+//  (which should be cached anyways, and probably even use immutable caching).
+export const getArchivesBackblazePublic = cache((domain: string) => {
+    return new ArchivesBackblaze({
+        bucketName: domain + "-public",
+        public: true,
+        cacheTime: timeInMinute,
+    });
 });

package/src/-b-authorities/cdnAuthority.ts

@@ -0,0 +1,53 @@
+import { Archives } from "../-a-archives/archives";
+import { ArchivesBackblaze } from "../-a-archives/archivesBackBlaze";
+import { cloudflareGETCall, cloudflarePOSTCall } from "./cloudflareHelpers";
+import { setRecord, getZoneId } from "./dnsAuthority";
+import debugbreak from "debugbreak";
+
+// servicestest.querysub.com/servicesIndex.json
+
+export async function hostArchives(config: {
+    archives: Archives;
+    // Ex, "archives"
+    subdomain: string;
+    // Ex, "example.com"
+    domain: string;
+}): Promise<{
+    getURL: (path: string) => Promise<string>;
+}> {
+    let { archives, subdomain, domain } = config;
+
+    let base = archives.getBaseArchives?.();
+    let parentPath = base?.parentPath ?? "";
+    archives = base?.archives ?? archives;
+    if (parentPath && !parentPath.endsWith("/")) {
+        parentPath += "/";
+    }
+
+    if (!(archives instanceof ArchivesBackblaze)) {
+        throw new Error(`hostArchives not implemented for ${archives.constructor.name}, only "ArchivesBackblaze" is implemented at the moment`);
+    }
+
+    let archiveT = archives as ArchivesBackblaze;
+    let baseURL = await archiveT.getDownloadURL("");
+    // Remove the trailing slash if it exists
+    if (baseURL.endsWith("/")) {
+        baseURL = baseURL.slice(0, -1);
+    }
+    let backblazeHost = new URL(baseURL).hostname;
+
+    // HACK: Assuming cloudflare is still our DNS provider. If it isn't... this won't work.
+    await setRecord("CNAME", subdomain + "." + domain, backblazeHost, "proxied");
+
+    async function getURL(path: string) {
+        if (path.startsWith("/")) {
+            path = path.slice(1);
+        }
+        let targetPath = await archiveT.getDownloadURL(parentPath + path);
+        let url = new URL(targetPath);
+        url.hostname = subdomain + "." + domain;
+        return url.toString();
+    }
+
+    return { getURL };
+}

package/src/-b-authorities/cloudflareHelpers.ts

@@ -0,0 +1,52 @@
+import { httpsRequest } from "socket-function/src/https";
+import { getArchives } from "../-a-archives/archives";
+import { lazy } from "socket-function/src/caching";
+
+export const keys = getArchives("keys");
+
+export const getCloudflareCreds = lazy(async (): Promise<{ key: string; email: string }> => {
+    let credsJSON = await keys.get("cloudflare.json");
+    if (!credsJSON) throw new Error(`b2:/keys/cloudflare.json is missing. It should contain { "key": "your-key", "email": "your-email" }`);
+    return JSON.parse(credsJSON.toString());
+});
+
+export async function cloudflareGETCall<T>(path: string, params?: { [key: string]: string }): Promise<T> {
+    let url = new URL(`https://api.cloudflare.com/client/v4` + path);
+    for (let key in params) {
+        url.searchParams.set(key, params[key]);
+    }
+    let creds = await getCloudflareCreds();
+    let result = await httpsRequest(url.toString(), [], "GET", undefined, {
+        headers: {
+            "Content-Type": "application/json",
+            "X-Auth-Email": creds.email,
+            "X-Auth-User-Service-Key": creds.key,
+            "X-Auth-Key": creds.key,
+        }
+    });
+    let result2 = JSON.parse(result.toString()) as { result: unknown; success: boolean; errors: { code: number; message: string }[] };
+    if (!result2.success) {
+        throw new Error(`Cloudflare call failed: ${result2.errors.map(x => x.message).join(", ")}`);
+    }
+    return result2.result as T;
+}
+export async function cloudflarePOSTCall<T>(path: string, params: { [key: string]: unknown }): Promise<T> {
+    return await cloudflareCall(path, Buffer.from(JSON.stringify(params)), "POST");
+}
+export async function cloudflareCall<T>(path: string, payload: Buffer, method: string): Promise<T> {
+    let url = new URL(`https://api.cloudflare.com/client/v4` + path);
+    let creds = await getCloudflareCreds();
+    let result = await httpsRequest(url.toString(), payload, method, undefined, {
+        headers: {
+            "Content-Type": "application/json",
+            "X-Auth-Email": creds.email,
+            "X-Auth-User-Service-Key": creds.key,
+            "X-Auth-Key": creds.key,
+        }
+    });
+    let result2 = JSON.parse(result.toString()) as { result: unknown; success: boolean; errors: { code: number; message: string }[] };
+    if (!result2.success) {
+        throw new Error(`Cloudflare call failed: ${result2.errors.map(x => x.message).join(", ")}`);
+    }
+    return result2.result as T;
+}

package/src/-b-authorities/dnsAuthority.ts

@@ -9,6 +9,7 @@ import { delay } from "socket-function/src/batching";
 import debugbreak from "debugbreak";
 import { isClient } from "../config2";
 import { getArchives } from "../-a-archives/archives";
+import { cloudflareCall, cloudflareGETCall, cloudflarePOSTCall, getCloudflareCreds } from "./cloudflareHelpers";
 
 const DNS_TTLSeconds = {
     "TXT": 60,
@@ -17,24 +18,18 @@ const DNS_TTLSeconds = {
 
 export const keys = getArchives("keys");
 
-export const getDNSCreds = lazy(async (): Promise<{ key: string; email: string }> => {
-    let credsJSON = await keys.get("cloudflare.json");
-    if (!credsJSON) throw new Error(`b2:/keys/cloudflare.json is missing. It should contain { "key": "your-key", "email": "your-email" }`);
-    return JSON.parse(credsJSON.toString());
-});
-
 export const hasDNSWritePermissions = lazy(async () => {
     if (!isNode()) return false;
     if (isClient()) return false;
     try {
-        await getDNSCreds();
+        await getCloudflareCreds();
         return true;
     } catch {
         return false;
     }
 });
 
-const getZoneId = cache(async (rootDomain: string): Promise<string> => {
+export const getZoneId = cache(async (rootDomain: string): Promise<string> => {
     let zones = await cloudflareGETCall<{ id: string; name: string }[]>("/zones", {});
     let selected = zones.find(x => x.name === rootDomain);
     if (!selected) {
@@ -53,7 +48,13 @@ function getRootDomain(key: string) {
 export async function getRecordsRaw(type: string, key: string) {
     if (key.endsWith(".")) key = key.slice(0, -1);
     let zoneId = await getZoneId(getRootDomain(key));
-    let results = await cloudflareGETCall<{ id: string; type: string; name: string; content: string }[]>(`/zones/${zoneId}/dns_records`);
+    let results = await cloudflareGETCall<{
+        id: string;
+        type: string;
+        name: string;
+        content: string;
+        proxied: boolean;
+    }[]>(`/zones/${zoneId}/dns_records`);
     return results.filter(x => x.type === type && x.name === key);
 }
 export async function getRecords(type: string, key: string) {
@@ -84,7 +85,7 @@ export async function setRecord(type: string, key: string, value: string, proxie
     if (key.endsWith(".")) key = key.slice(0, -1);
     let zoneId = await getZoneId(getRootDomain(key));
     let prevValues = await getRecordsRaw(type, key);
-    if (prevValues.some(x => x.content === value)) return;
+    if (prevValues.some(x => x.content === value && x.proxied === !!proxied)) return;
 
     console.log(`Removing previous records of ${type} for ${key} ${JSON.stringify(prevValues.map(x => x.content))}`);
     let didDeletions = false;
@@ -126,78 +127,4 @@ export async function addRecord(type: string, key: string, value: string, proxie
     console.log(`Waiting ${ttl} seconds for DNS to propagate...`);
     await delay(ttl * 1000);
     console.log(`Done waiting for DNS to update.`);
-}
-
-
-async function cloudflareGETCall<T>(path: string, params?: { [key: string]: string }): Promise<T> {
-    let url = new URL(`https://api.cloudflare.com/client/v4` + path);
-    for (let key in params) {
-        url.searchParams.set(key, params[key]);
-    }
-    let creds = await getDNSCreds();
-    let result = await httpsRequest(url.toString(), [], "GET", undefined, {
-        headers: {
-            "Content-Type": "application/json",
-            "X-Auth-Email": creds.email,
-            "X-Auth-User-Service-Key": creds.key,
-            "X-Auth-Key": creds.key,
-        }
-    });
-    let result2 = JSON.parse(result.toString()) as { result: unknown; success: boolean; errors: { code: number; message: string }[] };
-    if (!result2.success) {
-        throw new Error(`Cloudflare call failed: ${result2.errors.map(x => x.message).join(", ")}`);
-    }
-    return result2.result as T;
-}
-async function cloudflarePOSTCall<T>(path: string, params: { [key: string]: unknown }): Promise<T> {
-    return await cloudflareCall(path, Buffer.from(JSON.stringify(params)), "POST");
-}
-async function cloudflareCall<T>(path: string, payload: Buffer, method: string): Promise<T> {
-    let url = new URL(`https://api.cloudflare.com/client/v4` + path);
-    let creds = await getDNSCreds();
-    let result = await httpsRequest(url.toString(), payload, method, undefined, {
-        headers: {
-            "Content-Type": "application/json",
-            "X-Auth-Email": creds.email,
-            "X-Auth-User-Service-Key": creds.key,
-            "X-Auth-Key": creds.key,
-        }
-    });
-    let result2 = JSON.parse(result.toString()) as { result: unknown; success: boolean; errors: { code: number; message: string }[] };
-    if (!result2.success) {
-        throw new Error(`Cloudflare call failed: ${result2.errors.map(x => x.message).join(", ")}`);
-    }
-    return result2.result as T;
-}
-
-
-/*
-async function setRecord(googleDns: googleCloud.DNS, zone: googleCloud.Zone, type: string, key: string, value: unknown) {
-    let recordsResponse = await zone.getRecords();
-    let prevValue = recordsResponse[0].filter(x => x.metadata.name === key && x.type === type);
-
-    // NOTE: It seems like the data is ALWAYS an array, even if we set a value? So... just assume it is an array,
-    //  and take the first entry. If we ever need to actually support arrays this will change, but... I don't
-    //  think we will...
-    if (prevValue.some(x => JSON.stringify((x.data as any)?.[0]) === JSON.stringify(value))) {
-        console.log(`Record already set, (${type} ${zone.metadata.dnsName}) ${key} === ${JSON.stringify(value)}`);
-        return;
-    }
-
-    for (let record of prevValue) {
-        console.log(`Deleting record (${type} ${zone.metadata.dnsName}) ${key} = ${JSON.stringify(record.data)}`);
-        await record.delete();
-    }
-
-    console.log((`Setting record (${type} in ${zone.metadata.dnsName}) ${key} = ${JSON.stringify(value)}`));
-    const TTL = DNS_TTLSeconds[type as "A"] || 60;
-    await zone.addRecords(zone.record(type, {
-        name: key,
-        data: value as any,
-        ttl: TTL,
-    }));
-
-    // Wait for the record to propagate
-    await delay(TTL * 1000 * 2);
-}
-*/
+}

package/src/-e-certs/EdgeCertController.ts

@@ -31,10 +31,21 @@ import { shutdown } from "../diagnostics/periodic";
 
 let publicPort = -1;
 
+const getHostedIP = lazy(async () => {
+    if (!isPublic()) {
+        return "127.0.0.1";
+    }
+    return await getExternalIP();
+});
+const getIPDomain = lazy(async () => {
+    let ip = await getHostedIP();
+    return ip.replaceAll(".", "-") + "." + getDomain();
+});
+
 // Figure out how to hook up our watch so it actually updates the underlying server
-export function getSNICerts(config: {
+export async function getSNICerts(config: {
     publicPort: number
-}): Exclude<SocketServerConfig["SNICerts"], undefined> {
+}): Promise<Exclude<SocketServerConfig["SNICerts"], undefined>> {
     if (config.publicPort > 0) {
         if (publicPort !== -1 && publicPort !== config.publicPort) {
             throw new Error(`getSNICerts called with different publicPort ${publicPort} and ${config.publicPort}. We require the same port, so we can correctly maintain the A record for the edge node.`);
@@ -48,6 +59,7 @@ export function getSNICerts(config: {
     };
     certs["noproxy." + getDomain()] = certs[getDomain()];
     certs["127-0-0-1." + getDomain()] = certs[getDomain()];
+    certs[await getIPDomain()] = certs[getDomain()];
     return certs;
 }
 
@@ -156,29 +168,21 @@ export async function publishMachineARecords() {
         throw new Error(`Must mount before publishing machine A records`);
     }
 
-    let ip = SocketFunction.mountedIP;
-    if (ip === "0.0.0.0") {
-        ip = await getExternalIP();
-    }
+    let ip = await getHostedIP();
 
     let selfNodeId = SocketFunction.mountedNodeId;
     let nodeObj = getNodeIdLocation(selfNodeId);
     if (!nodeObj) throw new Error(`Invalid nodeId ${selfNodeId}`);
     let machineAddress = nodeObj.address.split(".").slice(1).join(".");
-    if (ip === "127.0.0.1") {
-        let prev = await getRecords("A", machineAddress);
-        if (prev.length > 0 && prev[0] !== "127.0.0.1") {
-            // NOTE: We NEED to publish some records. HOWEVER, it is very likely they will run some services
-            //  and not set public (such as the FunctionRunner). SO... just ignore this, leaving the records as
-            //  public, even though the current run doesn't have public set.
-            if (process.argv[1].includes("server.ts")) {
-                console.log(yellow(`Current process is not marked as public, but machine previous had public services. NOT publishing A records to point to 127.0.0.1, which will make service inaccessible if the port is not port forwarded (or open). I recommend using noproxy.DOMAIN.com to access the server. 127-0-0-1.DOMAIN.com might work as well.`));
-            }
-            return;
-        }
-    }
     await setRecord("A", machineAddress, ip);
     await setRecord("A", "*." + machineAddress, ip);
+    let ipDomain = await getIPDomain();
+    await setRecord("A", ipDomain, ip);
+
+    return {
+        ip,
+        ipDomain,
+    };
 }
 
 const runEdgeDomainAliveLoop = lazy(() => {
@@ -264,6 +268,7 @@ async function getHTTPSKeyCertInner(callerIP: string) {
                         console.warn(`Tried to serve an edge node on the local domain, but SocketFunction.mount did NOT specify a public ip (ex, { ip: "0.0.0.0" }) AND there are already existing public servers. You can't load balance between real ips and 127.0.0.1! ${existingIPs.join(", ")}. You will need to use 127-0-0-1.${edgeDomain} to access the local server (instead of just ${edgeDomain}).`);
                     }
                     */
+                    console.log(yellow(`Current process is not marked as public, but machine previous had public services. NOT setting ${edgeDomain} to 127.0.0.1, as this would make the public services inaccessible. Assuming the current process is for development, I recommend using noproxy.${edgeDomain} or 127-0-0-1.${edgeDomain} to access the server.`));
                 }
             } else {
                 if (existingIPs.includes("127.0.0.1")) {

package/src/-e-certs/certAuthority.ts

@@ -59,6 +59,8 @@ export const getHTTPSKeyCert = cache(async (domain: string): Promise<{ key: stri
     //  any HTTPS domains from impersonating servers. But... servers have two levels, so that isn't
     //  an issue. And even if they didn't they store their public key in their domain, so you
     //  can't really impersonate them anyways...
+    //  - AND, we need this for IP type A records, which... we need to pick the server we want
+    //      to connect to.
     altDomains.push("*." + domain);
 
     let isPending = await archives().getInfo(domain + "_pending");

package/src/-f-node-discovery/NodeDiscovery.ts

@@ -23,6 +23,7 @@ import dns from "dns/promises";
 import { isDefined } from "../misc";
 import { diskLog, noDiskLogPrefix } from "../diagnostics/logs/diskLogger";
 import { getDebuggerUrl } from "../diagnostics/listenOnDebugger";
+import { getBootedEdgeNode } from "../4-querysub/edge/edgeBootstrap";
 
 let HEARTBEAT_INTERVAL = timeInMinute * 2;
 // Interval which we check other heartbeats
@@ -65,7 +66,6 @@ export function isNodeDiscoveryLogging() {
 }
 
 export const getOurNodeId = getOwnNodeId;
-export const getOurMachineId = getOwnNodeId;
 export const getOurNodeIdAssert = getOwnNodeIdAssert;
 
 export const SPECIAL_NODE_ID_FOR_UNMOUNTED_NODE = "SPECIAL_NODE_ID_FOR_UNMOUNTED_NODE";
@@ -430,6 +430,7 @@ beforeGetNodeAllId = async () => {
 export async function onNodeDiscoveryReady() {
     await getAllNodeIds();
 }
+
 if (isServer()) {
     setImmediate(() => {
         logErrors(runHeartbeatAuditLoop());
@@ -456,36 +457,13 @@ if (isServer()) {
         };
     } else {
         setImmediate(() => {
-            let browserNodeId = getBrowserUrlNode();
-            let nodes = [getBrowserUrlNode()];
-            logErrors(measureWrap((async function checkForLocalHost() {
-                // If there is a server at the localhost domain, AND, it's the same as the current server...
-                //  use that domain instead. This is just an optimization, but makes a big difference
-                //  when using management tools to scan the DB (otherwise the entire DB has to go through
-                //  our router, which can easily cap it at 15MB/s, because rogers is terrible).
-                //  - Only if isNoNetwork, otherwise it causes unnecessary lag.
-                let time = Date.now();
-                let isNoNetwork = await NodeDiscoveryController.nodes[browserNodeId].isNoNetwork();
-                console.log(magenta(`isNoNetwork took ${Date.now() - time}ms`));
-                if (isNoNetwork && !location.search.includes("nolocalhost")) {
-                    let url = new URL("https://" + browserNodeId);
-                    url.hostname = "127-0-0-1." + url.hostname;
-                    let localhostNode = url.host;
-                    // NOTE: The timeout isn't that important, as this is only if no network, and only on page load.
-                    //  - A low timeout here causes failure to use the localhost ip sometimes. WHICH, often breaks
-                    //      authentication (as we are likely not authenticated for our public IP).
-                    let localhostNodeId = await timeoutToUndefinedSilent(1000, NodeDiscoveryController.nodes[localhostNode].getNodeId());
-                    let httpServerNodeId = await NodeDiscoveryController.nodes[browserNodeId].getNodeId();
-                    if (localhostNodeId === httpServerNodeId) {
-                        nodes[0] = localhostNode;
-                        rootDiscoveryNodeId = localhostNode;
-                    }
-                }
-
-                allNodeIds2 = new Set(nodes);
-                discoveryReady.resolve();
-            }))());
-
+            let edgeNode = getBootedEdgeNode();
+            if (!edgeNode) {
+                throw new Error(`No edge node set during edgeBootstrap? This should be impossible.`);
+            }
+            let nodes = [edgeNode.host];
+            allNodeIds2 = new Set(nodes);
+            discoveryReady.resolve();
 
             // NOTE: We run into TLS issues (as in, our servers use self signed certs), if we try to talk to just
             //  any node, so... we better just talk to the edge node

package/src/4-querysub/Querysub.ts

@@ -3,7 +3,7 @@
 //  a file prevents it from transforming it, so we'll miss a lot of files doing it this late).
 import "../inject";
 
-import { isNode, timeInMinute } from "socket-function/src/misc";
+import { isNode, timeInDay, timeInHour, timeInMinute } from "socket-function/src/misc";
 
 import { SocketFunction } from "socket-function/SocketFunction";
 import { isHotReloading, onHotReload, watchFilesAndTriggerHotReloading } from "socket-function/hot/HotReloadController";
@@ -484,15 +484,24 @@ export class Querysub {
 
         await this.addSourceMapCheck(config);
 
-        // NOTE: This is just static hosting, and unrelated to querysub (sort of). Any site with some kind of transpiler
-        //  and way to serve transpiled files can server our code.
         SocketFunction.expose(RequireController);
         setRequireBootRequire(config.rootPath);
+
+        let entryPaths = [config.clientsideEntryPoint, ...Querysub.afterBootImports];
         SocketFunction.setDefaultHTTPCall(RequireController, "requireHTML", {
-            requireCalls: [
-                config.clientsideEntryPoint,
-                ...Querysub.afterBootImports,
-            ]
+            // NOTE: This should be cached in our CDN anyways, so it should be fast
+            //  to access even if every request hit the server (as it will hit the CDN's,
+            //  server, which is usually close to the client). And it only impacts the initial
+            //  load, which isn't that important for us.
+            cacheTime: timeInMinute * 5,
+        });
+
+
+        RequireController.injectHTMLBeforeStartup(async () => {
+            let edgeBootstrapFile = await getEdgeBootstrapScript({
+                edgeNodeConfigURL: await getEdgeNodeConfigURL(),
+            });
+            return `<script>${edgeBootstrapFile}</script>`;
         });
 
         if (!config.justHTTP) {
@@ -510,14 +519,19 @@ export class Querysub {
             autoForwardPort: true,
             ...await getThreadKeyCert(),
             SNICerts: {
-                ...getSNICerts({
+                ...await getSNICerts({
                     publicPort: config.port,
                 }),
             },
             allowHostnames,
         });
 
-        await publishMachineARecords();
+        let { ip, ipDomain } = await publishMachineARecords();
+
+        await registerEdgeNode({
+            host: ipDomain + ":" + config.port,
+            entryPaths,
+        });
     }
     private static async addSourceMapCheck(config: {
         sourceCheck?: MachineSourceCheck;
@@ -719,13 +733,6 @@ export class Querysub {
             public: isPublic(),
             port,
             ...await getThreadKeyCert(),
-            // WAIT! Why were services getting SNI CERTS!!!??? This is used to set the
-            //  HTTPS cloudflare pool ips, so... services should DEFINITELY not use this!
-            // SNICerts: {
-            //     ...getSNICerts({
-            //         publicPort: port,
-            //     }),
-            // }
         });
 
         await publishMachineARecords();
@@ -883,4 +890,6 @@ registerGetCompressDisk(() => Querysub.COMPRESS_DISK);
 
 import "../diagnostics/watchdog";
 import "../diagnostics/trackResources";
-import "../diagnostics/benchmark";
+import "../diagnostics/benchmark";
+import { getEdgeNodeConfigURL, registerEdgeNode } from "./edge/edgeNodes"; import { getEdgeBootstrapScript } from "./edge/edgeBootstrap";
+

package/src/4-querysub/edge/edgeBootstrap.ts

@@ -0,0 +1,349 @@
+import { cache } from "socket-function/src/caching";
+import { isServer } from "../../config2";
+import { EdgeNodeConfig, EdgeNodesIndex } from "./edgeNodes";
+import { timeInMinute } from "socket-function/src/misc";
+import { measureBlock } from "socket-function/src/profiling/measure";
+
+module.hotreload = true;
+module.noserverhotreload = false;
+
+
+declare global {
+    var BOOTED_EDGE_NODE: EdgeNodeConfig | undefined;
+}
+
+
+export function getBootedEdgeNode(): EdgeNodeConfig {
+    if (isServer()) throw new Error(`getBootedEdgeNode is not available on the server`);
+
+    let edgeNode = globalThis.BOOTED_EDGE_NODE;
+    if (!edgeNode) throw new Error(`No edge node booted? This should be impossible.`);
+    return edgeNode;
+}
+
+let getCachedConfig = cache(async (url: string): Promise<EdgeNodesIndex | undefined> => {
+    setTimeout(() => {
+        getCachedConfig.clear(url);
+    }, timeInMinute * 15);
+
+    try {
+        let response = await fetch(url);
+        return await response.json();
+    } catch {
+        return undefined;
+    }
+});
+
+export async function getEdgeBootstrapScript(config: {
+    edgeNodeConfigURL: string;
+}): Promise<string> {
+    return await measureBlock(async function getEdgeBootstrapScript() {
+        let cachedConfig = await getCachedConfig(config.edgeNodeConfigURL);
+        return `(${edgeNodeFunction.toString()})(${JSON.stringify({ ...config, cachedConfig })});`;
+    });
+}
+
+// DEFINED elsewhere
+/*
+declare global {
+    var onProgressHandler: undefined | ((progress: {
+        type: string;
+        addValue: number;
+        addMax: number;
+    }) => void);
+    var onErrorHandler: undefined | ((error: string) => void);
+    
+
+    var BOOT_TIME: number;
+    var builtInModuleExports: {
+        [key: string]: unknown;
+    };
+}
+*/
+
+async function edgeNodeFunction(config: {
+    edgeNodeConfigURL: string;
+    cachedConfig: EdgeNodesIndex | undefined;
+}) {
+    // IMPORTANT! Everything in this function is embedded, so this function can't use any external imports
+    //  (except for type imports, of course).
+
+    function formatNumber(value: number) {
+        if (value < 1024) return value + "";
+        else if (value < 1024 * 1024) return (value / 1024).toFixed(1) + "K";
+        else if (value < 1024 * 1024 * 1024) return (value / 1024 / 1024).toFixed(1) + "M";
+        else return (value / 1024 / 1024 / 1024).toFixed(1) + "G";
+    }
+
+    function createProgressUI(): {
+        stop: () => void;
+        setMessage: (message: string) => void;
+    } {
+        let progressUI = document.createElement("div");
+        progressUI.style.position = "fixed";
+        progressUI.style.top = "0";
+        progressUI.style.left = "0";
+        progressUI.style.width = "100%";
+        progressUI.style.height = "100%";
+        progressUI.style.backgroundColor = "hsl(0, 0%, 20%)";
+        progressUI.style.display = "flex";
+        progressUI.style.justifyContent = "center";
+        progressUI.style.alignItems = "center";
+        progressUI.style.fontFamily = "Verdana, sans-serif";
+        progressUI.style.fontSize = "16px";
+        document.body.appendChild(progressUI);
+
+        const svgContainer = document.createElementNS("http://www.w3.org/2000/svg", "svg");
+        svgContainer.setAttribute("viewBox", "0 0 100 100");
+        svgContainer.setAttribute("width", "100%");
+        svgContainer.setAttribute("height", "100%");
+        progressUI.appendChild(svgContainer);
+
+        const progressText = document.createElementNS("http://www.w3.org/2000/svg", "text");
+        progressText.setAttribute("x", "50");
+        progressText.setAttribute("y", "50");
+        progressText.setAttribute("text-anchor", "middle");
+        progressText.setAttribute("dominant-baseline", "middle");
+        progressText.setAttribute("fill", "#ffffff");
+        progressText.setAttribute("font-size", "5");
+        svgContainer.appendChild(progressText);
+
+        const progressState = new Map<string, {
+            arc: SVGPathElement;
+            radius: number;
+            value: number;
+            max: number;
+        }>();
+
+        let lastRenderTime = 0;
+        let renderPending = false;
+
+        function updateProgress() {
+            const now = Date.now();
+            if (now - lastRenderTime < 10) {
+                if (!renderPending) {
+                    renderPending = true;
+                    setTimeout(() => {
+                        renderPending = false;
+                        updateProgress();
+                    }, 10);
+                }
+                return;
+            }
+
+            lastRenderTime = now;
+
+            for (const [type, state] of progressState) {
+                let { arc, radius, value, max } = state;
+
+                let startAngle = -Math.PI / 2;
+                let fraction = value / max;
+                if (max === 0) fraction = 0;
+
+                let endAngle = startAngle + fraction * 2 * Math.PI;
+
+                let startX = 50 + radius * Math.cos(startAngle);
+                let startY = 50 + radius * Math.sin(startAngle);
+                let endX = 50 + radius * Math.cos(endAngle);
+                let endY = 50 + radius * Math.sin(endAngle);
+
+                let largeArcFlag = endAngle - startAngle > Math.PI ? 1 : 0;
+
+                let pathData = [
+                    `M ${startX} ${startY}`,
+                    `A ${radius} ${radius} 0 ${largeArcFlag} 1 ${endX} ${endY}`
+                ].join(" ");
+
+                if (fraction > 0.99) {
+                    // Draw a complete circle using two 180-degree arcs
+                    pathData = [
+                        `M ${50 + radius} ${50}`,
+                        `A ${radius} ${radius} 0 1 1 ${50 - radius} ${50}`,
+                        `A ${radius} ${radius} 0 1 1 ${50 + radius} ${50}`
+                    ].join(" ");
+                }
+
+                arc.setAttribute("d", pathData);
+            }
+        }
+
+        // Set up the progress handler
+        globalThis.onProgressHandler = (progress) => {
+            let state = progressState.get(progress.type);
+            if (!state) {
+                const radius = 40 - (progressState.size * 5);
+                const arc = document.createElementNS("http://www.w3.org/2000/svg", "path");
+                arc.setAttribute("fill", "transparent");
+                let hue = progressState.size * 60 + 120;
+                arc.setAttribute("stroke", `hsl(${hue}, 75%, 75%)`);
+                arc.setAttribute("stroke-width", "4");
+                svgContainer.appendChild(arc);
+                state = {
+                    arc,
+                    radius,
+                    value: 0,
+                    max: 0
+                };
+                progressState.set(progress.type, state);
+            }
+            state.value += progress.addValue;
+            state.max += progress.addMax;
+
+            progressText.textContent = `${progress.type} | ${formatNumber(state.value)}`;
+
+            updateProgress();
+        };
+
+        function setMessage(message: string) {
+            progressText.textContent = message;
+        }
+
+        let stopped = false;
+        return {
+            stop() {
+                stopped = true;
+                progressUI.remove();
+                globalThis.onProgressHandler = undefined;
+            },
+            setMessage
+        };
+    }
+
+    let cachedConfig = config.cachedConfig;
+
+    let progressUI = createProgressUI();
+    progressUI.setMessage("Finding available server...");
+    while (true) {
+        try {
+            let booted = await tryToBoot();
+            if (booted) break;
+        } catch (e) {
+            console.error(e);
+        }
+        progressUI.setMessage("No available servers, trying again in 15 seconds...");
+        console.log(`Failing to boot, trying in 15 seconds`);
+        await new Promise(resolve => setTimeout(resolve, 1000 * 15));
+    }
+    progressUI.stop();
+
+    function isIPDomain(domain: string) {
+        return domain.split("-").length === 4;
+    }
+
+    async function tryToBoot(): Promise<boolean> {
+        let nodeConfig = await getEdgeNodeConfig();
+        await bootEdgeNode(nodeConfig);
+        return true;
+    }
+    async function isNodeAlive(node: EdgeNodeConfig): Promise<boolean> {
+        try {
+            let abortController = new AbortController();
+            let url = `https://${node.host}?classGuid=RequireController-e2f811f3-14b8-4759-b0d6-73f14516cf1d&functionName=getModules&args=[[]]`;
+            let response = await fetch(url, { signal: abortController.signal });
+            // Cancel, so we don't use up all of our sockets (we are limited to 6 per domain in chrome)
+            //  on non-responsive servers.
+            setTimeout(() => {
+                abortController.abort();
+            }, 1000 * 15);
+            return response.ok;
+        } catch (e) {
+            return false;
+        }
+    }
+    async function getEdgeNodeConfig(): Promise<EdgeNodeConfig> {
+        let edgeIndex = cachedConfig || await (await fetch(config.edgeNodeConfigURL)).json() as EdgeNodesIndex;
+        cachedConfig = undefined;
+
+        console.group(`Found edge nodes`);
+
+        let edgeNodes = edgeIndex.edgeNodes;
+
+        function getNodeDebugString(node: EdgeNodeConfig) {
+            return `${node.host} | ${node.entryPaths.join(" + ")} | git = ${node.gitHash.slice(0, 16)} | ${node.nodeId} | ${node.public ? "public" : "private"}`;
+        }
+
+        for (let node of edgeNodes) {
+            console.log(getNodeDebugString(node));
+        }
+        console.groupEnd();
+
+        // If two values have the same host, ignore the older one(s)
+        edgeNodes.sort((a, b) => -(a.bootTime - b.bootTime));
+        let usedHosts = new Set<string>();
+        edgeNodes = edgeNodes.filter(x => {
+            if (usedHosts.has(x.host)) {
+                console.log(`IGNORE overlapping: ${getNodeDebugString(x)}`);
+                return false;
+            }
+            return true;
+        });
+
+
+        // If they are using an IP domain, that's the only node we accept (we still need to pick the node
+        //  though, as we need to know the entryPaths to import)
+        {
+            let curHost = document.location.host;
+            let exactNode = edgeNodes.find(x => x.host === curHost);
+            if (exactNode) {
+                console.log(`MATCH exact host: ${getNodeDebugString(exactNode)}`);
+                return exactNode;
+            }
+
+            let subDomain = document.location.hostname.split(".").slice(0, -2).join(".");
+            if (isIPDomain(subDomain)) {
+                throw new Error(`Using an IP domain, but cannot find a node for it`);
+            }
+        }
+
+        // I guess... only allow private nodes, if they specify the exact host (which would match above).
+        edgeNodes = edgeNodes.filter(x => x.public);
+
+        // TODO: Instead of randomly shuffling, use the node's current load when picking a node.
+        //  All our future traffic (such as syncing) goes through the edge node we use, so it preferrable
+        //  to pick a node with low utilization.
+        edgeNodes = shuffle(edgeNodes);
+
+        // We check multiple at a time, so a node being unresponsive doesn't cause lag
+        let PARALLEL_FACTOR = 3;
+        for (let i = 0; i < edgeNodes.length; i += PARALLEL_FACTOR) {
+            let promises = [];
+            for (let j = 0; j < PARALLEL_FACTOR; j++) {
+                promises.push((async () => {
+                    let node = edgeNodes[i + j];
+                    try {
+                        let alive = await isNodeAlive(node);
+                        if (alive) return node;
+                    } catch { }
+                    return undefined;
+                })());
+            }
+            let node = await Promise.race(promises);
+            if (node) {
+                return node;
+            }
+        }
+        throw new Error(`No alive nodes found`);
+    }
+
+    function shuffle<T>(array: T[]): T[] {
+        for (let i = array.length - 1; i > 0; i--) {
+            let j = Math.floor(Math.random() * (i + 1));
+            [array[i], array[j]] = [array[j], array[i]];
+        }
+        return array;
+    }
+
+    async function bootEdgeNode(edgeNodeConfig: EdgeNodeConfig) {
+        globalThis.BOOTED_EDGE_NODE = edgeNodeConfig;
+        const require = (globalThis as any).requireAsync || globalThis.require;
+        let host = edgeNodeConfig.host;
+        if (!host.endsWith("/")) host += "/";
+        for (let entryPath of edgeNodeConfig.entryPaths) {
+            try {
+                await require("https://" + host + entryPath);
+            } catch (e) {
+                console.error(e);
+            }
+        }
+    }
+}

package/src/4-querysub/edge/edgeNodes.ts

@@ -0,0 +1,166 @@
+import { waitForFirstTimeSync } from "socket-function/time/trueTimeShim";
+import { getOwnMachineId } from "../../-a-auth/certs";
+import { getDomain, isPublic } from "../../config";
+import child_process from "child_process";
+import { getAllNodeIds, getOwnNodeId } from "../../-f-node-discovery/NodeDiscovery";
+import { getArchivesBackblazePublic } from "../../-a-archives/archivesBackBlaze";
+import { nestArchives } from "../../-a-archives/archives";
+import { SocketFunction } from "socket-function/SocketFunction";
+import { runInfinitePoll, runInfinitePollCallAtStart } from "socket-function/src/batching";
+import { compare, compareArray, timeInMinute } from "socket-function/src/misc";
+import { cacheLimited, lazy } from "socket-function/src/caching";
+import { canHaveChildren } from "socket-function/src/types";
+import { shutdown } from "../../diagnostics/periodic";
+import { hostArchives } from "../../-b-authorities/cdnAuthority";
+
+const UPDATE_POLL_INTERVAL = timeInMinute;
+const DEAD_NODE_COUNT_THRESHOLD = 15;
+
+const edgeNodeStorage = nestArchives("edgenodes/", getArchivesBackblazePublic(getDomain()));
+
+const getEdgeNodeConfig = cacheLimited(10000, async (nodeId: string) => {
+    let fileName = "node_" + nodeId;
+    let edgeNodeConfig = await edgeNodeStorage.get(fileName);
+    if (!edgeNodeConfig) return undefined;
+    return JSON.parse(edgeNodeConfig.toString());
+});
+
+// NOTE: We update this in the update loop
+const getEdgeNodesIndex = lazy(async (): Promise<EdgeNodesIndex> => {
+    await startUpdateLoop();
+    let edgeNodesIndex = await edgeNodeStorage.get("edgeNodesIndex.json");
+    if (!edgeNodesIndex) return {
+        edgeNodes: [],
+    };
+    return JSON.parse(edgeNodesIndex.toString());
+});
+
+export type EdgeNodesIndex = {
+    edgeNodes: EdgeNodeConfig[];
+};
+
+// IMPORTANT! The EdgeNodeConfig MUST be immutable, otherwise every node has to read every EdgeNodeConfig
+//  every poll, which is too much reading.
+export type EdgeNodeConfig = {
+    // NOTE: Only information needed for routing should be added here. The rest can be obtained by talking
+    //  to the node itself (after picking the edgeNode node).
+    nodeId: string;
+    // (Redundant from nodeId)
+    machineId: string;
+    // EX: 127-0-0-1.example.com:3334
+    host: string;
+    gitHash: string;
+    bootTime: number;
+    entryPaths: string[];
+    public: boolean;
+};
+let registeredEdgeNode: EdgeNodeConfig | boolean | undefined;
+export async function registerEdgeNode(config: {
+    host: string;
+    entryPaths: string[];
+}) {
+    if (!SocketFunction.isMounted()) {
+        throw new Error("registerEdgeNode must be called after SocketFunction.mount");
+    }
+
+    if (registeredEdgeNode) {
+        throw new Error(`registerEdgeNode already called. Should only host 1 edgeNode per node. Previously registered with ${JSON.stringify(registeredEdgeNode)}, new call used ${JSON.stringify(config)}`);
+    }
+    registeredEdgeNode = true;
+
+    await waitForFirstTimeSync();
+
+    let gitHash = child_process.execSync("git rev-parse HEAD").toString().trim();
+    let nodeId = getOwnNodeId();
+    let machineId = getOwnMachineId();
+
+    let edgeNodeConfig: EdgeNodeConfig = {
+        nodeId,
+        machineId,
+        host: config.host,
+        gitHash,
+        bootTime: Date.now(),
+        entryPaths: config.entryPaths,
+        public: isPublic(),
+    };
+    registeredEdgeNode = edgeNodeConfig;
+
+    await edgeNodeStorage.set("node_" + nodeId, Buffer.from(JSON.stringify(edgeNodeConfig)));
+
+    await startUpdateLoop();
+}
+
+export const getEdgeNodeConfigURL = lazy(async () => {
+    let { getURL } = await hostArchives({
+        archives: edgeNodeStorage,
+        subdomain: `edge`,
+        domain: getDomain(),
+    });
+    return await getURL("edge-nodes-index.json");
+});
+
+const startUpdateLoop = lazy(async () => {
+    await getEdgeNodeConfigURL();
+    await runInfinitePollCallAtStart(UPDATE_POLL_INTERVAL, updateLoop);
+});
+
+async function updateLoop() {
+    await runEdgeNodesAliveCheck();
+    await updateEdgeNodesFile();
+}
+
+let deadCounts = new Map<string, number>();
+async function runEdgeNodesAliveCheck() {
+    let edgeNodeNodeIds = await edgeNodeStorage.find("node_", { type: "files" });
+    let nodeIds = new Set(await getAllNodeIds());
+    for (let fileName of edgeNodeNodeIds) {
+        let nodeId = fileName.slice("node_".length);
+        if (!nodeIds.has(nodeId)) {
+            deadCounts.set(fileName, (deadCounts.get(fileName) ?? 0) + 1);
+        }
+    }
+
+    for (let [fileName, count] of Array.from(deadCounts)) {
+        if (count < DEAD_NODE_COUNT_THRESHOLD) continue;
+        console.log(`Node is dead. Removing from edgeNodes.`, { fileName, count });
+        await edgeNodeStorage.del(fileName);
+    }
+}
+async function updateEdgeNodesFile() {
+    let prevEdgeNodeFile = await edgeNodeStorage.get("edgeNodesIndex.json");
+    let prevEdgeNodeIndex: EdgeNodesIndex = {
+        edgeNodes: [],
+    };
+    try {
+        if (prevEdgeNodeFile) {
+            prevEdgeNodeIndex = JSON.parse(prevEdgeNodeFile.toString());
+        }
+    } catch (e) {
+        console.error("Failed to parse edgeNodesIndex.json", { error: e, prevEdgeNodeFile });
+    }
+    getEdgeNodesIndex.set(Promise.resolve(prevEdgeNodeIndex));
+
+    let edgeNodeNodeIds = await edgeNodeStorage.find("node_", { type: "files" });
+    edgeNodeNodeIds = edgeNodeNodeIds.map(x => x.slice("node_".length));
+
+    if (!edgeNodeNodeIds.includes(getOwnNodeId())) {
+        console.log(`Our node was removed as a edgeNode. This is a fatal error. Terminating now.`);
+        await shutdown();
+    }
+
+    let diff = !!compareArray(edgeNodeNodeIds.sort(), prevEdgeNodeIndex.edgeNodes.map(x => x.nodeId).sort());
+    if (!diff) return;
+
+    console.log("Detected edgeNodes changed. Updating edgeNodesIndex.json", { edgeNodeNodeIds });
+
+    let newEdgeNodeIndex: EdgeNodesIndex = {
+        edgeNodes: [],
+    };
+    for (let nodeId of edgeNodeNodeIds) {
+        let edgeNodeConfig = await getEdgeNodeConfig(nodeId);
+        if (!edgeNodeConfig) continue;
+        newEdgeNodeIndex.edgeNodes.push(edgeNodeConfig);
+    }
+
+    await edgeNodeStorage.set("edge-nodes-index.json", Buffer.from(JSON.stringify(newEdgeNodeIndex)));
+}