tinylogs 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +103 -0
- package/dist/cli.js +635 -0
- package/dist/cli.js.map +7 -0
- package/dist/client/index.d.ts +30 -0
- package/dist/client/index.js +65 -0
- package/dist/client/index.js.map +7 -0
- package/dist/server/index.js +480 -0
- package/dist/server/index.js.map +7 -0
- package/dist/src/types.d.ts +17 -0
- package/dist/ui/bundle.css +2 -0
- package/dist/ui/bundle.css.map +7 -0
- package/dist/ui/bundle.js +2 -0
- package/dist/ui/bundle.js.map +7 -0
- package/dist/ui/index.html +13 -0
- package/package.json +82 -0
package/dist/cli.js
ADDED
|
@@ -0,0 +1,635 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
|
|
3
|
+
// src/cli.ts
|
|
4
|
+
import { createInterface } from "node:readline/promises";
|
|
5
|
+
import { existsSync as existsSync2 } from "node:fs";
|
|
6
|
+
|
|
7
|
+
// src/config.ts
|
|
8
|
+
import { createHash, randomBytes } from "node:crypto";
|
|
9
|
+
import { readFileSync, writeFileSync } from "node:fs";
|
|
10
|
+
import { dirname, isAbsolute, join, resolve } from "node:path";
|
|
11
|
+
var DEFAULTS = {
|
|
12
|
+
port: 4700,
|
|
13
|
+
host: "127.0.0.1",
|
|
14
|
+
dbPath: "tinylogs.db",
|
|
15
|
+
retentionDays: 14,
|
|
16
|
+
maxSizeMB: 500,
|
|
17
|
+
bufferSize: 2e3
|
|
18
|
+
};
|
|
19
|
+
function resolveConfigPath(flag) {
|
|
20
|
+
if (flag) return flag;
|
|
21
|
+
if (process.env.TINYLOGS_CONFIG) return process.env.TINYLOGS_CONFIG;
|
|
22
|
+
return join(process.cwd(), "tinylogs.config.json");
|
|
23
|
+
}
|
|
24
|
+
function hashToken(token) {
|
|
25
|
+
return createHash("sha256").update(token, "utf8").digest("hex");
|
|
26
|
+
}
|
|
27
|
+
function generateSecrets() {
|
|
28
|
+
const sessionSecret = randomBytes(32).toString("hex");
|
|
29
|
+
const token = randomBytes(24).toString("base64url");
|
|
30
|
+
return { sessionSecret, token, ingestTokenHash: hashToken(token) };
|
|
31
|
+
}
|
|
32
|
+
function saveConfig(path, cfg) {
|
|
33
|
+
writeFileSync(path, JSON.stringify(cfg, null, 2) + "\n", { mode: 384 });
|
|
34
|
+
}
|
|
35
|
+
function loadConfig(path) {
|
|
36
|
+
const raw = readFileSync(path, "utf8");
|
|
37
|
+
const cfg = JSON.parse(raw);
|
|
38
|
+
for (const k of ["port", "host", "dbPath", "sessionSecret", "ingestTokenHash"]) {
|
|
39
|
+
if (cfg[k] === void 0) throw new Error(`config missing field: ${k}`);
|
|
40
|
+
}
|
|
41
|
+
return cfg;
|
|
42
|
+
}
|
|
43
|
+
function resolveDbPath(configPath, cfg) {
|
|
44
|
+
if (isAbsolute(cfg.dbPath)) return cfg.dbPath;
|
|
45
|
+
return resolve(dirname(configPath), cfg.dbPath);
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
// src/storage/db.ts
|
|
49
|
+
import Database from "better-sqlite3";
|
|
50
|
+
var MIGRATIONS = [
|
|
51
|
+
`CREATE TABLE logs (
|
|
52
|
+
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
53
|
+
ts INTEGER NOT NULL,
|
|
54
|
+
service TEXT NOT NULL,
|
|
55
|
+
message TEXT NOT NULL,
|
|
56
|
+
labels TEXT NOT NULL
|
|
57
|
+
);
|
|
58
|
+
CREATE INDEX idx_logs_ts ON logs(ts);
|
|
59
|
+
CREATE INDEX idx_logs_service ON logs(service);
|
|
60
|
+
CREATE TABLE log_labels (
|
|
61
|
+
log_id INTEGER NOT NULL REFERENCES logs(id) ON DELETE CASCADE,
|
|
62
|
+
key TEXT NOT NULL,
|
|
63
|
+
value TEXT NOT NULL
|
|
64
|
+
);
|
|
65
|
+
CREATE INDEX idx_labels_kv ON log_labels(key, value);
|
|
66
|
+
CREATE INDEX idx_labels_logid ON log_labels(log_id);
|
|
67
|
+
CREATE TABLE users (
|
|
68
|
+
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
69
|
+
username TEXT UNIQUE NOT NULL,
|
|
70
|
+
password_hash TEXT NOT NULL,
|
|
71
|
+
role TEXT NOT NULL DEFAULT 'admin',
|
|
72
|
+
created_at INTEGER NOT NULL
|
|
73
|
+
);`
|
|
74
|
+
];
|
|
75
|
+
function openDb(path) {
|
|
76
|
+
const db = new Database(path);
|
|
77
|
+
db.pragma("journal_mode = WAL");
|
|
78
|
+
db.pragma("foreign_keys = ON");
|
|
79
|
+
db.exec("CREATE TABLE IF NOT EXISTS schema_migrations (version INTEGER PRIMARY KEY)");
|
|
80
|
+
const current = db.prepare("SELECT COALESCE(MAX(version),0) v FROM schema_migrations").get().v;
|
|
81
|
+
const apply = db.transaction((from) => {
|
|
82
|
+
for (let i = from; i < MIGRATIONS.length; i++) {
|
|
83
|
+
db.exec(MIGRATIONS[i]);
|
|
84
|
+
db.prepare("INSERT INTO schema_migrations (version) VALUES (?)").run(i + 1);
|
|
85
|
+
}
|
|
86
|
+
});
|
|
87
|
+
apply(current);
|
|
88
|
+
return db;
|
|
89
|
+
}
|
|
90
|
+
function insertLog(db, rec) {
|
|
91
|
+
const txn = db.transaction((r) => {
|
|
92
|
+
const info = db.prepare("INSERT INTO logs (ts, service, message, labels) VALUES (?,?,?,?)").run(r.ts, r.service, r.message, JSON.stringify(r.labels ?? {}));
|
|
93
|
+
const logId = Number(info.lastInsertRowid);
|
|
94
|
+
const ins = db.prepare("INSERT INTO log_labels (log_id, key, value) VALUES (?,?,?)");
|
|
95
|
+
for (const [k, v] of Object.entries(r.labels ?? {})) ins.run(logId, k, String(v));
|
|
96
|
+
return logId;
|
|
97
|
+
});
|
|
98
|
+
return txn(rec);
|
|
99
|
+
}
|
|
100
|
+
function dbSizeBytes(db) {
|
|
101
|
+
const pageCount = db.pragma("page_count", { simple: true });
|
|
102
|
+
const pageSize = db.pragma("page_size", { simple: true });
|
|
103
|
+
return pageCount * pageSize;
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
// src/auth.ts
|
|
107
|
+
import bcrypt from "bcryptjs";
|
|
108
|
+
import { createHmac, timingSafeEqual } from "node:crypto";
|
|
109
|
+
function hashPassword(pw) {
|
|
110
|
+
return bcrypt.hashSync(pw, 10);
|
|
111
|
+
}
|
|
112
|
+
function createUser(db, username, pw, role = "admin") {
|
|
113
|
+
const info = db.prepare(
|
|
114
|
+
"INSERT INTO users (username, password_hash, role, created_at) VALUES (?,?,?,?)"
|
|
115
|
+
).run(username, hashPassword(pw), role, Date.now());
|
|
116
|
+
return Number(info.lastInsertRowid);
|
|
117
|
+
}
|
|
118
|
+
function verifyUser(db, username, pw) {
|
|
119
|
+
const row = db.prepare("SELECT password_hash FROM users WHERE username=?").get(username);
|
|
120
|
+
if (!row) {
|
|
121
|
+
bcrypt.compareSync(pw, "$2a$10$0000000000000000000000000000000000000000000000000000");
|
|
122
|
+
return false;
|
|
123
|
+
}
|
|
124
|
+
return bcrypt.compareSync(pw, row.password_hash);
|
|
125
|
+
}
|
|
126
|
+
function safeEqualHex(a, b) {
|
|
127
|
+
const ab = Buffer.from(a, "hex");
|
|
128
|
+
const bb = Buffer.from(b, "hex");
|
|
129
|
+
if (ab.length !== bb.length || ab.length === 0) return false;
|
|
130
|
+
return timingSafeEqual(ab, bb);
|
|
131
|
+
}
|
|
132
|
+
function verifyIngestToken(bearer, ingestTokenHash) {
|
|
133
|
+
if (!bearer || !bearer.startsWith("Bearer ")) return false;
|
|
134
|
+
const token = bearer.slice("Bearer ".length);
|
|
135
|
+
return safeEqualHex(hashToken(token), ingestTokenHash);
|
|
136
|
+
}
|
|
137
|
+
function signSession(username, secret) {
|
|
138
|
+
const mac = createHmac("sha256", secret).update(username).digest("hex");
|
|
139
|
+
return `${username}.${mac}`;
|
|
140
|
+
}
|
|
141
|
+
function verifySession(cookieVal, secret) {
|
|
142
|
+
if (!cookieVal) return null;
|
|
143
|
+
const dot = cookieVal.lastIndexOf(".");
|
|
144
|
+
if (dot <= 0) return null;
|
|
145
|
+
const username = cookieVal.slice(0, dot);
|
|
146
|
+
const mac = cookieVal.slice(dot + 1);
|
|
147
|
+
const expected = createHmac("sha256", secret).update(username).digest("hex");
|
|
148
|
+
if (mac.length !== expected.length) return null;
|
|
149
|
+
if (!timingSafeEqual(Buffer.from(mac), Buffer.from(expected))) return null;
|
|
150
|
+
return username;
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
// src/wizard.ts
|
|
154
|
+
function buildInitConfig(opts) {
|
|
155
|
+
const s = generateSecrets();
|
|
156
|
+
const config = {
|
|
157
|
+
port: opts.port,
|
|
158
|
+
host: opts.host,
|
|
159
|
+
dbPath: opts.dbPath,
|
|
160
|
+
retentionDays: opts.retentionDays,
|
|
161
|
+
maxSizeMB: opts.maxSizeMB,
|
|
162
|
+
bufferSize: DEFAULTS.bufferSize,
|
|
163
|
+
sessionSecret: s.sessionSecret,
|
|
164
|
+
ingestTokenHash: s.ingestTokenHash
|
|
165
|
+
};
|
|
166
|
+
return { config, token: s.token };
|
|
167
|
+
}
|
|
168
|
+
async function runInit(configPath, opts, io) {
|
|
169
|
+
const port = opts.port ?? (Number(await io.prompt(`Port [${DEFAULTS.port}]: `)) || DEFAULTS.port);
|
|
170
|
+
const host = opts.host ?? (await io.prompt(`Host [${DEFAULTS.host}]: `) || DEFAULTS.host);
|
|
171
|
+
const username = opts.username ?? (await io.prompt("Admin username [admin]: ") || "admin");
|
|
172
|
+
const password = opts.password ?? await io.promptHidden("Admin password: ");
|
|
173
|
+
if (!password || password.length === 0) throw new Error("password must not be empty");
|
|
174
|
+
const retentionDays = opts.retentionDays ?? (Number(await io.prompt(`Retention days [${DEFAULTS.retentionDays}]: `)) || DEFAULTS.retentionDays);
|
|
175
|
+
const maxSizeMB = opts.maxSizeMB ?? (Number(await io.prompt(`Max DB size MB [${DEFAULTS.maxSizeMB}]: `)) || DEFAULTS.maxSizeMB);
|
|
176
|
+
const dbPath = opts.dbPath ?? DEFAULTS.dbPath;
|
|
177
|
+
const { config, token } = buildInitConfig({ port, host, retentionDays, maxSizeMB, dbPath });
|
|
178
|
+
const db = openDb(resolveDbPath(configPath, config));
|
|
179
|
+
createUser(db, username, password);
|
|
180
|
+
db.close();
|
|
181
|
+
saveConfig(configPath, config);
|
|
182
|
+
io.log("");
|
|
183
|
+
io.log(` tinylogs configured \u2192 ${configPath}`);
|
|
184
|
+
io.log(` Ingest token (shown once, store it now):`);
|
|
185
|
+
io.log(` ${token}`);
|
|
186
|
+
io.log("");
|
|
187
|
+
io.log(` Start with: npx tinylogs start`);
|
|
188
|
+
}
|
|
189
|
+
|
|
190
|
+
// src/server/index.ts
|
|
191
|
+
import { createServer } from "node:http";
|
|
192
|
+
|
|
193
|
+
// src/storage/retention.ts
|
|
194
|
+
function pruneByAge(db, retentionDays, now) {
|
|
195
|
+
const cutoff = now - retentionDays * 864e5;
|
|
196
|
+
return db.prepare("DELETE FROM logs WHERE ts < ?").run(cutoff).changes;
|
|
197
|
+
}
|
|
198
|
+
function pruneBySize(db, maxSizeMB, batch = 1e3) {
|
|
199
|
+
const maxBytes = maxSizeMB * 1024 * 1024;
|
|
200
|
+
let deleted = 0;
|
|
201
|
+
while (dbSizeBytes(db) > maxBytes) {
|
|
202
|
+
const changes = db.prepare(
|
|
203
|
+
"DELETE FROM logs WHERE id IN (SELECT id FROM logs ORDER BY id ASC LIMIT ?)"
|
|
204
|
+
).run(batch).changes;
|
|
205
|
+
if (changes === 0) break;
|
|
206
|
+
deleted += changes;
|
|
207
|
+
}
|
|
208
|
+
return deleted;
|
|
209
|
+
}
|
|
210
|
+
function runRetention(db, opts) {
|
|
211
|
+
try {
|
|
212
|
+
const now = opts.now ?? Date.now();
|
|
213
|
+
pruneByAge(db, opts.retentionDays, now);
|
|
214
|
+
pruneBySize(db, opts.maxSizeMB);
|
|
215
|
+
db.exec("VACUUM");
|
|
216
|
+
} catch (err) {
|
|
217
|
+
console.error("[tinylogs] retention failed:", err.message);
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
// src/buffer.ts
|
|
222
|
+
var RingBuffer = class {
|
|
223
|
+
constructor(capacity) {
|
|
224
|
+
this.capacity = capacity;
|
|
225
|
+
}
|
|
226
|
+
items = [];
|
|
227
|
+
push(rec) {
|
|
228
|
+
this.items.push(rec);
|
|
229
|
+
if (this.items.length > this.capacity) this.items.shift();
|
|
230
|
+
}
|
|
231
|
+
snapshot() {
|
|
232
|
+
return this.items.slice();
|
|
233
|
+
}
|
|
234
|
+
get size() {
|
|
235
|
+
return this.items.length;
|
|
236
|
+
}
|
|
237
|
+
};
|
|
238
|
+
|
|
239
|
+
// src/server/app.ts
|
|
240
|
+
import express from "express";
|
|
241
|
+
import { existsSync } from "node:fs";
|
|
242
|
+
import { dirname as dirname2, join as join2 } from "node:path";
|
|
243
|
+
import { fileURLToPath } from "node:url";
|
|
244
|
+
|
|
245
|
+
// src/server/ingest.ts
|
|
246
|
+
var MAX_MESSAGE = 16384;
|
|
247
|
+
var MAX_LABELS = 50;
|
|
248
|
+
var MAX_KV = 512;
|
|
249
|
+
var MAX_BATCH = 1e3;
|
|
250
|
+
function validateRecord(raw) {
|
|
251
|
+
if (typeof raw !== "object" || raw === null) return { ok: false, error: "record must be an object" };
|
|
252
|
+
if (typeof raw.service !== "string" || raw.service.length === 0) return { ok: false, error: "service required" };
|
|
253
|
+
if (typeof raw.message !== "string" || raw.message.length === 0) return { ok: false, error: "message required" };
|
|
254
|
+
if (raw.message.length > MAX_MESSAGE) return { ok: false, error: "message too long" };
|
|
255
|
+
if (raw.service.length > MAX_KV) return { ok: false, error: "service too long" };
|
|
256
|
+
const labels = {};
|
|
257
|
+
if (raw.labels !== void 0) {
|
|
258
|
+
if (typeof raw.labels !== "object" || raw.labels === null || Array.isArray(raw.labels))
|
|
259
|
+
return { ok: false, error: "labels must be an object" };
|
|
260
|
+
const keys = Object.keys(raw.labels);
|
|
261
|
+
if (keys.length > MAX_LABELS) return { ok: false, error: "too many labels" };
|
|
262
|
+
for (const k of keys) {
|
|
263
|
+
const v = raw.labels[k];
|
|
264
|
+
if (typeof v !== "string") return { ok: false, error: `label ${k} must be a string` };
|
|
265
|
+
if (k.length > MAX_KV || v.length > MAX_KV) return { ok: false, error: `label ${k} too long` };
|
|
266
|
+
labels[k] = v;
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
const ts = typeof raw.ts === "number" && Number.isFinite(raw.ts) ? raw.ts : Date.now();
|
|
270
|
+
return { ok: true, rec: { ts, service: raw.service, message: raw.message, labels } };
|
|
271
|
+
}
|
|
272
|
+
function registerIngest(app) {
|
|
273
|
+
app.post("/ingest", (req, res) => {
|
|
274
|
+
const deps = app.get("deps");
|
|
275
|
+
if (!verifyIngestToken(req.header("authorization"), deps.cfg.ingestTokenHash)) {
|
|
276
|
+
return res.status(401).json({ error: "invalid token" });
|
|
277
|
+
}
|
|
278
|
+
const body = req.body;
|
|
279
|
+
const records = Array.isArray(body) ? body : [body];
|
|
280
|
+
if (records.length > MAX_BATCH) return res.status(400).json({ error: "batch too large" });
|
|
281
|
+
const validated = [];
|
|
282
|
+
for (const raw of records) {
|
|
283
|
+
const v = validateRecord(raw);
|
|
284
|
+
if (!v.ok) return res.status(400).json({ error: v.error });
|
|
285
|
+
validated.push(v.rec);
|
|
286
|
+
}
|
|
287
|
+
try {
|
|
288
|
+
for (const rec of validated) {
|
|
289
|
+
const id = insertLog(deps.db, rec);
|
|
290
|
+
const stored = { ...rec, id };
|
|
291
|
+
deps.buffer.push(stored);
|
|
292
|
+
deps.broadcast(stored);
|
|
293
|
+
}
|
|
294
|
+
return res.json({ accepted: validated.length });
|
|
295
|
+
} catch (err) {
|
|
296
|
+
console.error("[tinylogs] ingest error:", err.message);
|
|
297
|
+
return res.status(500).json({ error: "internal error" });
|
|
298
|
+
}
|
|
299
|
+
});
|
|
300
|
+
}
|
|
301
|
+
|
|
302
|
+
// src/server/queryRoutes.ts
|
|
303
|
+
import { parse as parseCookie } from "cookie";
|
|
304
|
+
|
|
305
|
+
// src/storage/query.ts
|
|
306
|
+
function rowToRecord(row) {
|
|
307
|
+
return { id: row.id, ts: row.ts, service: row.service, message: row.message, labels: JSON.parse(row.labels) };
|
|
308
|
+
}
|
|
309
|
+
function queryLogs(db, params) {
|
|
310
|
+
const where = [];
|
|
311
|
+
const args = [];
|
|
312
|
+
if (params.service) {
|
|
313
|
+
where.push("logs.service = ?");
|
|
314
|
+
args.push(params.service);
|
|
315
|
+
}
|
|
316
|
+
if (params.q) {
|
|
317
|
+
where.push("logs.message LIKE ? COLLATE NOCASE");
|
|
318
|
+
args.push(`%${params.q}%`);
|
|
319
|
+
}
|
|
320
|
+
if (params.from !== void 0) {
|
|
321
|
+
where.push("logs.ts >= ?");
|
|
322
|
+
args.push(params.from);
|
|
323
|
+
}
|
|
324
|
+
if (params.to !== void 0) {
|
|
325
|
+
where.push("logs.ts < ?");
|
|
326
|
+
args.push(params.to);
|
|
327
|
+
}
|
|
328
|
+
if (params.before !== void 0) {
|
|
329
|
+
where.push("logs.id < ?");
|
|
330
|
+
args.push(params.before);
|
|
331
|
+
}
|
|
332
|
+
for (const l of params.labels ?? []) {
|
|
333
|
+
where.push("logs.id IN (SELECT log_id FROM log_labels WHERE key = ? AND value = ?)");
|
|
334
|
+
args.push(l.key, l.value);
|
|
335
|
+
}
|
|
336
|
+
const limit = Math.min(Math.max(params.limit ?? 200, 1), 1e3);
|
|
337
|
+
const sql = `SELECT id, ts, service, message, labels FROM logs
|
|
338
|
+
${where.length ? "WHERE " + where.join(" AND ") : ""}
|
|
339
|
+
ORDER BY logs.id DESC LIMIT ?`;
|
|
340
|
+
return db.prepare(sql).all(...args, limit).map(rowToRecord);
|
|
341
|
+
}
|
|
342
|
+
function queryLabels(db, opts = {}) {
|
|
343
|
+
const services = db.prepare(
|
|
344
|
+
"SELECT service, COUNT(*) count FROM logs GROUP BY service ORDER BY count DESC"
|
|
345
|
+
).all();
|
|
346
|
+
let labels;
|
|
347
|
+
if (opts.service) {
|
|
348
|
+
labels = db.prepare(
|
|
349
|
+
`SELECT ll.key, ll.value, COUNT(*) count FROM log_labels ll
|
|
350
|
+
JOIN logs ON logs.id = ll.log_id WHERE logs.service = ?
|
|
351
|
+
GROUP BY ll.key, ll.value ORDER BY ll.key, count DESC`
|
|
352
|
+
).all(opts.service);
|
|
353
|
+
} else {
|
|
354
|
+
labels = db.prepare(
|
|
355
|
+
`SELECT key, value, COUNT(*) count FROM log_labels
|
|
356
|
+
GROUP BY key, value ORDER BY key, count DESC`
|
|
357
|
+
).all();
|
|
358
|
+
}
|
|
359
|
+
return { services, labels };
|
|
360
|
+
}
|
|
361
|
+
|
|
362
|
+
// src/server/queryRoutes.ts
|
|
363
|
+
function requireSession(app) {
|
|
364
|
+
return (req, res, next) => {
|
|
365
|
+
const deps = app.get("deps");
|
|
366
|
+
const cookies = parseCookie(req.header("cookie") ?? "");
|
|
367
|
+
const user = verifySession(cookies["tl_session"], deps.cfg.sessionSecret);
|
|
368
|
+
if (!user) return res.status(401).json({ error: "unauthorized" });
|
|
369
|
+
req.user = user;
|
|
370
|
+
next();
|
|
371
|
+
};
|
|
372
|
+
}
|
|
373
|
+
function parseQuery(query) {
|
|
374
|
+
const p = {};
|
|
375
|
+
if (typeof query.service === "string") p.service = query.service;
|
|
376
|
+
if (typeof query.q === "string") p.q = query.q;
|
|
377
|
+
if (query.from !== void 0) p.from = Number(query.from);
|
|
378
|
+
if (query.to !== void 0) p.to = Number(query.to);
|
|
379
|
+
if (query.limit !== void 0) p.limit = Number(query.limit);
|
|
380
|
+
if (query.before !== void 0) p.before = Number(query.before);
|
|
381
|
+
const rawLabels = query.label === void 0 ? [] : Array.isArray(query.label) ? query.label : [query.label];
|
|
382
|
+
p.labels = rawLabels.map((s) => {
|
|
383
|
+
const i = s.indexOf("=");
|
|
384
|
+
return i < 0 ? null : { key: s.slice(0, i), value: s.slice(i + 1) };
|
|
385
|
+
}).filter(Boolean);
|
|
386
|
+
return p;
|
|
387
|
+
}
|
|
388
|
+
function registerQueryRoutes(app) {
|
|
389
|
+
const guard = requireSession(app);
|
|
390
|
+
app.get("/api/logs", guard, (req, res) => {
|
|
391
|
+
const deps = app.get("deps");
|
|
392
|
+
const logs = queryLogs(deps.db, parseQuery(req.query));
|
|
393
|
+
res.json({ logs });
|
|
394
|
+
});
|
|
395
|
+
app.get("/api/labels", guard, (req, res) => {
|
|
396
|
+
const deps = app.get("deps");
|
|
397
|
+
const service = typeof req.query.service === "string" ? req.query.service : void 0;
|
|
398
|
+
res.json(queryLabels(deps.db, { service }));
|
|
399
|
+
});
|
|
400
|
+
}
|
|
401
|
+
|
|
402
|
+
// src/server/authRoutes.ts
|
|
403
|
+
import { serialize as serializeCookie } from "cookie";
|
|
404
|
+
function makeLoginLimiter(maxAttempts = 10, windowMs = 5 * 6e4) {
|
|
405
|
+
const hits = /* @__PURE__ */ new Map();
|
|
406
|
+
return (req, res, next) => {
|
|
407
|
+
const now = Date.now();
|
|
408
|
+
const ip = req.ip ?? "unknown";
|
|
409
|
+
const rec = hits.get(ip);
|
|
410
|
+
if (!rec || now > rec.reset) {
|
|
411
|
+
hits.set(ip, { count: 1, reset: now + windowMs });
|
|
412
|
+
return next();
|
|
413
|
+
}
|
|
414
|
+
rec.count += 1;
|
|
415
|
+
if (rec.count > maxAttempts) return res.status(429).json({ error: "too many attempts" });
|
|
416
|
+
next();
|
|
417
|
+
};
|
|
418
|
+
}
|
|
419
|
+
function registerAuthRoutes(app) {
|
|
420
|
+
const limiter = makeLoginLimiter();
|
|
421
|
+
app.post("/api/login", limiter, (req, res) => {
|
|
422
|
+
const deps = app.get("deps");
|
|
423
|
+
const { username, password } = req.body ?? {};
|
|
424
|
+
if (typeof username !== "string" || typeof password !== "string")
|
|
425
|
+
return res.status(400).json({ error: "username and password required" });
|
|
426
|
+
if (!verifyUser(deps.db, username, password))
|
|
427
|
+
return res.status(401).json({ error: "invalid credentials" });
|
|
428
|
+
const cookie = serializeCookie("tl_session", signSession(username, deps.cfg.sessionSecret), {
|
|
429
|
+
httpOnly: true,
|
|
430
|
+
sameSite: "strict",
|
|
431
|
+
path: "/",
|
|
432
|
+
maxAge: 60 * 60 * 24 * 30
|
|
433
|
+
});
|
|
434
|
+
res.setHeader("Set-Cookie", cookie);
|
|
435
|
+
res.json({ ok: true, username });
|
|
436
|
+
});
|
|
437
|
+
app.post("/api/logout", (_req, res) => {
|
|
438
|
+
res.setHeader("Set-Cookie", serializeCookie("tl_session", "", { httpOnly: true, path: "/", maxAge: 0 }));
|
|
439
|
+
res.json({ ok: true });
|
|
440
|
+
});
|
|
441
|
+
}
|
|
442
|
+
|
|
443
|
+
// src/server/app.ts
|
|
444
|
+
function createApp(deps) {
|
|
445
|
+
const app = express();
|
|
446
|
+
app.set("trust proxy", true);
|
|
447
|
+
app.set("deps", deps);
|
|
448
|
+
app.get("/api/health", (_req, res) => res.json({ ok: true }));
|
|
449
|
+
app.use("/ingest", express.json({ limit: "5mb" }));
|
|
450
|
+
app.use("/api", express.json({ limit: "1mb" }));
|
|
451
|
+
registerIngest(app);
|
|
452
|
+
registerQueryRoutes(app);
|
|
453
|
+
registerAuthRoutes(app);
|
|
454
|
+
const here = dirname2(fileURLToPath(import.meta.url));
|
|
455
|
+
const uiDir = [join2(here, "ui"), join2(here, "..", "ui"), join2(process.cwd(), "dist", "ui")].find((d) => existsSync(join2(d, "bundle.js")));
|
|
456
|
+
if (uiDir) app.use(express.static(uiDir));
|
|
457
|
+
return app;
|
|
458
|
+
}
|
|
459
|
+
|
|
460
|
+
// src/server/stream.ts
|
|
461
|
+
import { parse as parseCookie2 } from "cookie";
|
|
462
|
+
import { WebSocketServer } from "ws";
|
|
463
|
+
function attachWebSocket(server, deps) {
|
|
464
|
+
const wss = new WebSocketServer({ server, path: "/ws" });
|
|
465
|
+
wss.on("connection", (ws, req) => {
|
|
466
|
+
const cookies = parseCookie2(req.headers.cookie ?? "");
|
|
467
|
+
const user = verifySession(cookies["tl_session"], deps.cfg.sessionSecret);
|
|
468
|
+
if (!user) {
|
|
469
|
+
ws.close(4401, "unauthorized");
|
|
470
|
+
return;
|
|
471
|
+
}
|
|
472
|
+
ws.isAlive = true;
|
|
473
|
+
ws.on("pong", () => {
|
|
474
|
+
ws.isAlive = true;
|
|
475
|
+
});
|
|
476
|
+
ws.send(JSON.stringify({ type: "buffer", data: deps.buffer.snapshot() }));
|
|
477
|
+
deps.clients.add(ws);
|
|
478
|
+
ws.on("close", () => deps.clients.delete(ws));
|
|
479
|
+
ws.on("error", () => deps.clients.delete(ws));
|
|
480
|
+
});
|
|
481
|
+
const interval = setInterval(() => {
|
|
482
|
+
for (const ws of wss.clients) {
|
|
483
|
+
if (ws.isAlive === false) {
|
|
484
|
+
ws.terminate();
|
|
485
|
+
continue;
|
|
486
|
+
}
|
|
487
|
+
ws.isAlive = false;
|
|
488
|
+
try {
|
|
489
|
+
ws.ping();
|
|
490
|
+
} catch {
|
|
491
|
+
}
|
|
492
|
+
}
|
|
493
|
+
}, 3e4);
|
|
494
|
+
interval.unref();
|
|
495
|
+
wss.on("close", () => clearInterval(interval));
|
|
496
|
+
return wss;
|
|
497
|
+
}
|
|
498
|
+
|
|
499
|
+
// src/server/index.ts
|
|
500
|
+
async function start(configPath = resolveConfigPath()) {
|
|
501
|
+
const cfg = loadConfig(configPath);
|
|
502
|
+
const db = openDb(resolveDbPath(configPath, cfg));
|
|
503
|
+
const buffer = new RingBuffer(cfg.bufferSize);
|
|
504
|
+
const wsClients = /* @__PURE__ */ new Set();
|
|
505
|
+
const broadcast = (r) => {
|
|
506
|
+
const msg = JSON.stringify({ type: "log", data: r });
|
|
507
|
+
for (const c of wsClients) {
|
|
508
|
+
try {
|
|
509
|
+
if (c.readyState === 1) c.send(msg);
|
|
510
|
+
} catch {
|
|
511
|
+
}
|
|
512
|
+
}
|
|
513
|
+
};
|
|
514
|
+
const app = createApp({ db, buffer, cfg, broadcast });
|
|
515
|
+
const server = createServer(app);
|
|
516
|
+
attachWebSocket(server, { buffer, cfg, clients: wsClients });
|
|
517
|
+
const retentionTimer = setInterval(
|
|
518
|
+
() => runRetention(db, { retentionDays: cfg.retentionDays, maxSizeMB: cfg.maxSizeMB }),
|
|
519
|
+
6e4
|
|
520
|
+
);
|
|
521
|
+
retentionTimer.unref();
|
|
522
|
+
await new Promise((resolve2) => server.listen(cfg.port, cfg.host, resolve2));
|
|
523
|
+
const addr = server.address();
|
|
524
|
+
const port = typeof addr === "object" && addr ? addr.port : cfg.port;
|
|
525
|
+
console.log(`[tinylogs] listening on http://${cfg.host}:${port}`);
|
|
526
|
+
return {
|
|
527
|
+
port,
|
|
528
|
+
close: () => new Promise((resolve2) => {
|
|
529
|
+
clearInterval(retentionTimer);
|
|
530
|
+
for (const c of wsClients) {
|
|
531
|
+
try {
|
|
532
|
+
c.close();
|
|
533
|
+
} catch {
|
|
534
|
+
}
|
|
535
|
+
}
|
|
536
|
+
server.close(() => {
|
|
537
|
+
db.close();
|
|
538
|
+
resolve2();
|
|
539
|
+
});
|
|
540
|
+
})
|
|
541
|
+
};
|
|
542
|
+
}
|
|
543
|
+
|
|
544
|
+
// src/cli.ts
|
|
545
|
+
function parseFlags(argv) {
|
|
546
|
+
const out = {};
|
|
547
|
+
for (let i = 0; i < argv.length; i++) {
|
|
548
|
+
const a = argv[i];
|
|
549
|
+
if (a.startsWith("--")) {
|
|
550
|
+
const key = a.slice(2);
|
|
551
|
+
const next = argv[i + 1];
|
|
552
|
+
if (next && !next.startsWith("--")) {
|
|
553
|
+
out[key] = next;
|
|
554
|
+
i++;
|
|
555
|
+
} else out[key] = true;
|
|
556
|
+
}
|
|
557
|
+
}
|
|
558
|
+
return out;
|
|
559
|
+
}
|
|
560
|
+
function makeIo() {
|
|
561
|
+
const rl = createInterface({ input: process.stdin, output: process.stdout });
|
|
562
|
+
return {
|
|
563
|
+
io: {
|
|
564
|
+
prompt: (q) => rl.question(q),
|
|
565
|
+
// NOTE: not truly hidden; acceptable for a pet tool. Prefer --password / TINYLOGS_PASSWORD in scripts.
|
|
566
|
+
promptHidden: (q) => rl.question(q),
|
|
567
|
+
log: (s) => console.log(s)
|
|
568
|
+
},
|
|
569
|
+
done: () => rl.close()
|
|
570
|
+
};
|
|
571
|
+
}
|
|
572
|
+
async function main() {
|
|
573
|
+
const [cmd, ...rest] = process.argv.slice(2);
|
|
574
|
+
const flags = parseFlags(rest);
|
|
575
|
+
const configPath = resolveConfigPath(typeof flags.config === "string" ? flags.config : void 0);
|
|
576
|
+
if (cmd === "init") {
|
|
577
|
+
const nonInteractive = flags.yes === true || flags.y === true;
|
|
578
|
+
const opts = {
|
|
579
|
+
port: flags.port ? Number(flags.port) : void 0,
|
|
580
|
+
host: typeof flags.host === "string" ? flags.host : void 0,
|
|
581
|
+
username: typeof flags.username === "string" ? flags.username : void 0,
|
|
582
|
+
password: (typeof flags.password === "string" ? flags.password : void 0) ?? process.env.TINYLOGS_PASSWORD,
|
|
583
|
+
retentionDays: flags["retention-days"] ? Number(flags["retention-days"]) : void 0,
|
|
584
|
+
maxSizeMB: flags["max-size-mb"] ? Number(flags["max-size-mb"]) : void 0,
|
|
585
|
+
dbPath: typeof flags["db-path"] === "string" ? flags["db-path"] : void 0
|
|
586
|
+
};
|
|
587
|
+
if (existsSync2(configPath) && !flags.force) {
|
|
588
|
+
console.error(`Config already exists at ${configPath} (use --force to overwrite).`);
|
|
589
|
+
process.exit(1);
|
|
590
|
+
}
|
|
591
|
+
if (nonInteractive) {
|
|
592
|
+
if (!opts.password) {
|
|
593
|
+
console.error("Non-interactive init requires --password or TINYLOGS_PASSWORD.");
|
|
594
|
+
process.exit(1);
|
|
595
|
+
}
|
|
596
|
+
await runInit(configPath, { ...opts, username: opts.username ?? "admin" }, { prompt: async () => "", promptHidden: async () => "", log: (s) => console.log(s) });
|
|
597
|
+
} else {
|
|
598
|
+
const { io, done } = makeIo();
|
|
599
|
+
try {
|
|
600
|
+
await runInit(configPath, opts, io);
|
|
601
|
+
} finally {
|
|
602
|
+
done();
|
|
603
|
+
}
|
|
604
|
+
}
|
|
605
|
+
return;
|
|
606
|
+
}
|
|
607
|
+
if (cmd === "start") {
|
|
608
|
+
if (!existsSync2(configPath)) {
|
|
609
|
+
console.error(`No config at ${configPath}. Run: npx tinylogs init`);
|
|
610
|
+
process.exit(1);
|
|
611
|
+
}
|
|
612
|
+
await start(configPath);
|
|
613
|
+
return;
|
|
614
|
+
}
|
|
615
|
+
if (cmd === "rotate-token") {
|
|
616
|
+
if (!existsSync2(configPath)) {
|
|
617
|
+
console.error(`No config at ${configPath}.`);
|
|
618
|
+
process.exit(1);
|
|
619
|
+
}
|
|
620
|
+
const cfg = loadConfig(configPath);
|
|
621
|
+
const s = generateSecrets();
|
|
622
|
+
cfg.ingestTokenHash = s.ingestTokenHash;
|
|
623
|
+
saveConfig(configPath, cfg);
|
|
624
|
+
console.log("New ingest token (shown once):");
|
|
625
|
+
console.log(` ${s.token}`);
|
|
626
|
+
return;
|
|
627
|
+
}
|
|
628
|
+
console.log("tinylogs \u2014 usage:\n tinylogs init [--yes --password ...]\n tinylogs start\n tinylogs rotate-token");
|
|
629
|
+
if (cmd && cmd !== "help") process.exit(1);
|
|
630
|
+
}
|
|
631
|
+
main().catch((err) => {
|
|
632
|
+
console.error(err);
|
|
633
|
+
process.exit(1);
|
|
634
|
+
});
|
|
635
|
+
//# sourceMappingURL=cli.js.map
|