StartTunnel random subnet and also 80 to 5443 (#3082)

* random subnet and also 80 to 5443 * fix getNext --------- Co-authored-by: Aiden McClelland <me@drbonez.dev>
2026-03-26 10:21:52 +00:00 · 2025-12-19 23:25:58 -07:00
parent f41710c892
commit 2d0251e585
4 changed files with 106 additions and 17 deletions
--- a/web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/add.ts
+++ b/web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/add.ts
@@ -9,6 +9,7 @@ import { ErrorService, LoadingService } from '@start9labs/shared'
 import {
  TUI_IS_MOBILE,
  tuiMarkControlAsTouchedAndValidate,
+  TuiValueChanges,
 } from '@taiga-ui/cdk'
 import {
  TuiButton,
@@ -18,11 +19,13 @@ import {
  TuiTextfield,
 } from '@taiga-ui/core'
 import {
+  TuiCheckbox,
  TuiChevron,
  TuiDataListWrapper,
  TuiFieldErrorPipe,
  TuiInputNumber,
  TuiSelect,
+  TuiElasticContainer,
 } from '@taiga-ui/kit'
 import { TuiForm } from '@taiga-ui/layout'
 import { injectContext, PolymorpheusComponent } from '@taiga-ui/polymorpheus'
@@ -65,6 +68,7 @@ import { MappedDevice, PortForwardsData } from './utils'
          [min]="0"
          [max]="65535"
          [tuiNumberFormat]="{ thousandSeparator: '' }"
+          (tuiValueChanges)="checkShow80()"
        />
      </tui-textfield>
      <tui-error
@@ -103,12 +107,22 @@ import { MappedDevice, PortForwardsData } from './utils'
          [min]="0"
          [max]="65535"
          [tuiNumberFormat]="{ thousandSeparator: '' }"
+          (tuiValueChanges)="checkShow80()"
        />
      </tui-textfield>
      <tui-error
        formControlName="internalport"
        [error]="[] | tuiFieldError | async"
      />
+      <tui-elastic-container>
+        @if (show80) {
+          <label tuiLabel>
+            <input tuiCheckbox type="checkbox" formControlName="also80" />
+            Also forward port 80 to port 5443? This is needed for HTTP to HTTPS
+            redirects (recommended)
+          </label>
+        }
+      </tui-elastic-container>
      <footer>
        <button tuiButton [disabled]="form.invalid" (click)="onSave()">
          Save
@@ -130,6 +144,9 @@ import { MappedDevice, PortForwardsData } from './utils'
    TuiTextfield,
    TuiSelect,
    TuiForm,
+    TuiCheckbox,
+    TuiValueChanges,
+    TuiElasticContainer,
  ],
 })
 export class PortForwardsAdd {
@@ -137,6 +154,8 @@ export class PortForwardsAdd {
  private readonly loading = inject(LoadingService)
  private readonly errorService = inject(ErrorService)

+  show80 = false
+
  protected readonly mobile = inject(TUI_IS_MOBILE)
  protected readonly context =
    injectContext<TuiDialogContext<void, PortForwardsData>>()
@@ -146,11 +165,17 @@ export class PortForwardsAdd {
    externalport: [null as number | null, Validators.required],
    device: [null as MappedDevice | null, Validators.required],
    internalport: [null as number | null, Validators.required],
+    also80: [true],
  })

  protected readonly stringify = ({ ip, name }: MappedDevice) =>
    ip ? `${name} (${ip})` : ''

+  protected checkShow80() {
+    const { externalport, internalport } = this.form.getRawValue()
+    this.show80 = externalport === 443 && internalport === 5443
+  }
+
  protected async onSave() {
    if (this.form.invalid) {
      tuiMarkControlAsTouchedAndValidate(this.form)
@@ -159,14 +184,22 @@ export class PortForwardsAdd {
    }

    const loader = this.loading.open().subscribe()
-    const { externalip, externalport, device, internalport } =
+
+    const { externalip, externalport, device, internalport, also80 } =
      this.form.getRawValue()

    try {
      await this.api.addForward({
        source: `${externalip}:${externalport}`,
-        target: `${device?.ip}:${internalport}`,
+        target: `${device!.ip}:${internalport}`,
      })
+
+      if (externalport === 443 && internalport === 5443 && also80) {
+        await this.api.addForward({
+          source: `${externalip}:80`,
+          target: `${device!.ip}:5443`,
+        })
+      }
    } catch (e: any) {
      console.error(e)
      this.errorService.handleError(e)
--- a/web/projects/start-tunnel/src/app/routes/home/routes/subnets/index.ts
+++ b/web/projects/start-tunnel/src/app/routes/home/routes/subnets/index.ts
@@ -133,16 +133,21 @@ export default class Subnets {
  }

  private getNext(): string {
-    const last =
-      this.subnets()
-        .map(s => utils.IpNet.parse(s.range))
-        .sort((a, b) => -1 * a.cmp(b))[0] ?? utils.IpNet.parse('10.58.255.0/24')
-    const next = utils.IpNet.fromIpPrefix(last.broadcast().add(2), 24)
-    if (!next.isPublic()) {
-      return next.ipnet
+    const current = this.subnets().map(s => utils.IpNet.parse(s.range))
+    const suggestion = utils.IpNet.parse('10.59.0.1/24')
+
+    for (let i = 0; i < 256; i++) {
+      suggestion.octets[2] = Math.floor(Math.random() * 256)
+      if (
+        !current.some(
+          s => s.contains(suggestion), // inverse check unnecessary since we don't allow subnets smaller than /24
+        )
+      ) {
+        return suggestion.ipnet
+      }
    }

-    // No recommendation if /24 subnets are used
+    // No recommendation if can't find a /24 from 10.59 in 256 random tries
    return ''
  }
 }