cqw 0.1.0__tar.gz

cqw-0.1.0/.gitignore

@@ -0,0 +1,309 @@
+### Generated by gibo (https://github.com/simonwhitaker/gibo)
+### https://raw.github.com/github/gitignore/b4105e73e493bb7a20b5d7ea35efd5780ca44938/Global/VisualStudioCode.gitignore
+
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+!.vscode/*.code-snippets
+!*.code-workspace
+
+# Built Visual Studio Code Extensions
+*.vsix
+### Generated by gibo (https://github.com/simonwhitaker/gibo)
+### https://raw.github.com/github/gitignore/b4105e73e493bb7a20b5d7ea35efd5780ca44938/Global/Linux.gitignore
+
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# Metadata left by Dolphin file manager, which comes with KDE Plasma
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+# Log files created by default by the nohup command
+nohup.out
+### Generated by gibo (https://github.com/simonwhitaker/gibo)
+### https://raw.github.com/github/gitignore/b4105e73e493bb7a20b5d7ea35efd5780ca44938/Global/Windows.gitignore
+
+# Windows thumbnail cache files
+Thumbs.db
+Thumbs.db:encryptable
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+### Generated by gibo (https://github.com/simonwhitaker/gibo)
+### https://raw.github.com/github/gitignore/b4105e73e493bb7a20b5d7ea35efd5780ca44938/Global/macOS.gitignore
+
+# General
+.DS_Store
+__MACOSX/
+.AppleDouble
+.LSOverride
+Icon[
+]
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+### Generated by gibo (https://github.com/simonwhitaker/gibo)
+### https://raw.github.com/github/gitignore/b4105e73e493bb7a20b5d7ea35efd5780ca44938/Python.gitignore
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[codz]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#   Usually these files are written by a python script from a template
+#   before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py.cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+# Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+# uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+# poetry.lock
+# poetry.toml
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
+#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
+# pdm.lock
+# pdm.toml
+.pdm-python
+.pdm-build/
+
+# pixi
+#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
+# pixi.lock
+#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
+#   in the .venv directory. It is recommended not to include this directory in version control.
+.pixi
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# Redis
+*.rdb
+*.aof
+*.pid
+
+# RabbitMQ
+mnesia/
+rabbitmq/
+rabbitmq-data/
+
+# ActiveMQ
+activemq-data/
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.envrc
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#   JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#   be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#   and can be added to the global gitignore or merged into this file.  For a more nuclear
+#   option (not recommended) you can uncomment the following to ignore the entire idea folder.
+# .idea/
+
+# Abstra
+#   Abstra is an AI-powered process automation framework.
+#   Ignore directories containing user credentials, local state, and settings.
+#   Learn more at https://abstra.io/docs
+.abstra/
+
+# Visual Studio Code
+#   Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
+#   that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
+#   and can be added to the global gitignore or merged into this file. However, if you prefer,
+#   you could uncomment the following to ignore the entire vscode folder
+# .vscode/
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+# Marimo
+marimo/_static/
+marimo/_lsp/
+__marimo__/
+
+# Streamlit
+.streamlit/secrets.toml
+
+# Project specific

cqw-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 likeablob
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

cqw-0.1.0/PKG-INFO

@@ -0,0 +1,112 @@
+Metadata-Version: 2.4
+Name: cqw
+Version: 0.1.0
+Summary: Cloudflare Quick Tunnel wrapper with Basic Auth reverse proxy
+Project-URL: Documentation, https://github.com/likeablob/cqw
+Project-URL: Source, https://github.com/likeablob/cqw
+License-File: LICENSE
+Requires-Python: >=3.10
+Requires-Dist: httpx>=0.28.1
+Requires-Dist: platformdirs>=4.9.0
+Requires-Dist: pydantic-settings>=2.14.1
+Requires-Dist: qrcode>=8.2
+Requires-Dist: rich>=15.0.0
+Requires-Dist: starlette>=1.0.0
+Requires-Dist: uvicorn>=0.46.0
+Requires-Dist: websockets>=16.0
+Description-Content-Type: text/markdown
+
+# cqw
+
+Cloudflare Quick Tunnel wrapper with Basic Auth reverse proxy.
+
+```
+[Client] -> [Cloudflare Tunnel] -> [cqw Proxy (Basic Auth)] -> [Target Service]
+```
+
+## Installation
+
+```bash
+uvx cqw
+```
+
+Or with uv tool:
+
+```bash
+uv tool install cqw
+```
+
+## Usage
+
+```bash
+# Basic usage: creates tunnel with random credentials
+cqw -f localhost:8080
+... # QR code with authenticated URL, tunnel URL, credentials
+
+# Custom Basic Auth credentials
+cqw -f localhost:8080 --user admin --pass secret
+
+# Direct tunnel to target (bypass proxy and authentication)
+# [Cloudflare Tunnel] -> [Target Service]
+cqw -f localhost:8080 --no-proxy
+```
+
+## CLI Options
+
+| Option                     | Description                                                      |
+| -------------------------- | ---------------------------------------------------------------- |
+| `-f, --forward`            | Target address to forward (required)                             |
+| `--user`                   | Basic auth username (default: env `CQW_USER` or random)          |
+| `--pass`                   | Basic auth password (default: env `CQW_PASS` or random)          |
+| `--cloudflared`            | Path to cloudflared binary (default: auto-download to cache)     |
+| `--update-cloudflared`     | Update cloudflared to latest version                             |
+| `--no-qr`                  | Disable QR code display                                          |
+| `-v, --verbose`            | Enable verbose logging                                           |
+| `--no-proxy`               | Disable proxy and Basic Auth (tunnel only)                       |
+| `--quiet`                  | Suppress cloudflared tunnel logs                                 |
+| `--cloudflared-extra-args` | Extra arguments passed to cloudflared (e.g., '--protocol http2') |
+
+## Environment Variables
+
+- `CQW_USER`: Basic auth username (fallback: random)
+- `CQW_PASS`: Basic auth password (fallback: random)
+
+## `cloudflared` Installation
+
+`cloudflared` is automatically downloaded to the user cache directory on first run:
+
+- Linux: `~/.cache/cqw/cloudflared/`
+- macOS: `~/Library/Caches/cqw/cloudflared/`
+- Windows: `%LOCALAPPDATA%\cqw\cloudflared\`
+
+To update to the latest version:
+```bash
+cqw -f localhost:8080 --update-cloudflared
+```
+
+Manual download: https://github.com/cloudflare/cloudflared/releases
+
+## Development
+
+```bash
+# Install tools
+mise trust && mise install
+
+# Install dependencies:
+uv sync
+
+# Install pre-commit hooks:
+uv run pre-commit install
+
+# Testing
+uv run pytest tests/ -v
+
+# Linting
+uv run ruff check src/
+uv run ruff format src/
+uv run ty check src/ tests/
+```
+
+## LICENSE
+
+MIT

cqw-0.1.0/README.md

@@ -0,0 +1,94 @@
+# cqw
+
+Cloudflare Quick Tunnel wrapper with Basic Auth reverse proxy.
+
+```
+[Client] -> [Cloudflare Tunnel] -> [cqw Proxy (Basic Auth)] -> [Target Service]
+```
+
+## Installation
+
+```bash
+uvx cqw
+```
+
+Or with uv tool:
+
+```bash
+uv tool install cqw
+```
+
+## Usage
+
+```bash
+# Basic usage: creates tunnel with random credentials
+cqw -f localhost:8080
+... # QR code with authenticated URL, tunnel URL, credentials
+
+# Custom Basic Auth credentials
+cqw -f localhost:8080 --user admin --pass secret
+
+# Direct tunnel to target (bypass proxy and authentication)
+# [Cloudflare Tunnel] -> [Target Service]
+cqw -f localhost:8080 --no-proxy
+```
+
+## CLI Options
+
+| Option                     | Description                                                      |
+| -------------------------- | ---------------------------------------------------------------- |
+| `-f, --forward`            | Target address to forward (required)                             |
+| `--user`                   | Basic auth username (default: env `CQW_USER` or random)          |
+| `--pass`                   | Basic auth password (default: env `CQW_PASS` or random)          |
+| `--cloudflared`            | Path to cloudflared binary (default: auto-download to cache)     |
+| `--update-cloudflared`     | Update cloudflared to latest version                             |
+| `--no-qr`                  | Disable QR code display                                          |
+| `-v, --verbose`            | Enable verbose logging                                           |
+| `--no-proxy`               | Disable proxy and Basic Auth (tunnel only)                       |
+| `--quiet`                  | Suppress cloudflared tunnel logs                                 |
+| `--cloudflared-extra-args` | Extra arguments passed to cloudflared (e.g., '--protocol http2') |
+
+## Environment Variables
+
+- `CQW_USER`: Basic auth username (fallback: random)
+- `CQW_PASS`: Basic auth password (fallback: random)
+
+## `cloudflared` Installation
+
+`cloudflared` is automatically downloaded to the user cache directory on first run:
+
+- Linux: `~/.cache/cqw/cloudflared/`
+- macOS: `~/Library/Caches/cqw/cloudflared/`
+- Windows: `%LOCALAPPDATA%\cqw\cloudflared\`
+
+To update to the latest version:
+```bash
+cqw -f localhost:8080 --update-cloudflared
+```
+
+Manual download: https://github.com/cloudflare/cloudflared/releases
+
+## Development
+
+```bash
+# Install tools
+mise trust && mise install
+
+# Install dependencies:
+uv sync
+
+# Install pre-commit hooks:
+uv run pre-commit install
+
+# Testing
+uv run pytest tests/ -v
+
+# Linting
+uv run ruff check src/
+uv run ruff format src/
+uv run ty check src/ tests/
+```
+
+## LICENSE
+
+MIT

cqw-0.1.0/pyproject.toml

@@ -0,0 +1,68 @@
+[project]
+name = "cqw"
+version = "0.1.0"
+description = "Cloudflare Quick Tunnel wrapper with Basic Auth reverse proxy"
+readme = "README.md"
+requires-python = ">=3.10"
+dependencies = [
+    "httpx>=0.28.1",
+    "platformdirs>=4.9.0",
+    "pydantic-settings>=2.14.1",
+    "qrcode>=8.2",
+    "rich>=15.0.0",
+    "starlette>=1.0.0",
+    "uvicorn>=0.46.0",
+    "websockets>=16.0",
+]
+
+[project.urls]
+Documentation = "https://github.com/likeablob/cqw"
+Source = "https://github.com/likeablob/cqw"
+
+[project.scripts]
+cqw = "cqw.main:main"
+
+[tool.uv]
+package = true
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.sdist]
+include = [
+    "/src",
+    "/README.md",
+]
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/cqw"]
+
+[dependency-groups]
+dev = [
+    "pre-commit>=4.6.0",
+    "pytest>=9.0.0",
+    "pytest-asyncio>=1.3.0",
+    "ruff>=0.15.0",
+    "ty>=0.0.34",
+]
+
+[tool.ruff]
+line-length = 88
+target-version = "py310"
+
+[tool.ruff.lint]
+select = ["E", "F", "W", "I", "N", "B", "C4", "UP"]
+ignore = ["E501", "B008"]
+
+[tool.ruff.lint.isort]
+combine-as-imports = true
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+python_files = ["test_*.py"]
+asyncio_mode = "auto"
+
+[tool.ty.rules]
+invalid-parameter-default = "ignore"
+missing-argument = "ignore"

cqw-0.1.0/src/cqw/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.0"

cqw-0.1.0/src/cqw/config.py

@@ -0,0 +1,98 @@
+import random
+import shlex
+import string
+
+from pydantic import AliasChoices, Field
+from pydantic_settings import (
+    BaseSettings,
+    CliSettingsSource,
+    PydanticBaseSettingsSource,
+    SettingsConfigDict,
+)
+
+
+def generate_random_credential(length: int = 8) -> str:
+    chars = string.ascii_letters + string.digits
+    return "".join(random.choice(chars) for _ in range(length))
+
+
+class Settings(BaseSettings):
+    forward: str = Field(description="Target address to forward (e.g., localhost:8080)")
+    user: str = Field(
+        default_factory=generate_random_credential, description="Basic auth username"
+    )
+    password: str = Field(
+        default_factory=generate_random_credential,
+        validation_alias=AliasChoices("password", "pass"),
+        description="Basic auth password",
+    )
+    cloudflared: str = Field(
+        default="", description="Path to cloudflared binary (default: auto-download)"
+    )
+    update_cloudflared: bool = Field(
+        default=False, description="Update cloudflared to latest version"
+    )
+    qr: bool = Field(default=True, description="Display QR code with authenticated URL")
+    verbose: bool = Field(default=False, description="Enable verbose logging")
+    no_proxy: bool = Field(
+        default=False, description="Disable proxy and Basic Auth (tunnel only)"
+    )
+    quiet: bool = Field(default=False, description="Suppress cloudflared tunnel logs")
+    cloudflared_extra_args: str = Field(
+        default="",
+        description="Extra arguments passed to cloudflared (e.g., '--protocol http2')",
+    )
+
+    model_config = SettingsConfigDict(
+        env_prefix="CQW_",
+        env_prefix_target="all",
+        case_sensitive=False,
+        env_file=".env",
+        extra="ignore",
+    )
+
+    @property
+    def forward_url(self) -> str:
+        if self.forward.startswith(("http://", "https://")):
+            return self.forward
+        return f"http://{self.forward}"
+
+    @property
+    def cloudflared_args_list(self) -> list[str]:
+        if self.cloudflared_extra_args:
+            return shlex.split(self.cloudflared_extra_args)
+        return []
+
+
+class CLISettings(Settings):
+    model_config = SettingsConfigDict(
+        cli_parse_args=True,
+        cli_prog_name="cqw",
+        cli_exit_on_error=True,
+        cli_enforce_required=True,
+        cli_shortcuts={
+            "forward": "f",
+            "verbose": "v",
+        },
+        cli_implicit_flags=True,
+    )
+
+    @classmethod
+    def settings_customise_sources(
+        cls,
+        settings_cls: type[BaseSettings],
+        init_settings: PydanticBaseSettingsSource,
+        env_settings: PydanticBaseSettingsSource,
+        dotenv_settings: PydanticBaseSettingsSource,
+        file_secret_settings: PydanticBaseSettingsSource,
+    ) -> tuple[PydanticBaseSettingsSource, ...]:
+        return (
+            init_settings,
+            CliSettingsSource(
+                settings_cls,
+                cli_parse_args=True,
+                cli_kebab_case=True,
+            ),
+            env_settings,
+            dotenv_settings,
+        )