Gateways, domains, and new service interface (#3001)

* add support for inbound proxies * backend changes * fix file type * proxy -> tunnel, implement backend apis * wip start-tunneld * add domains and gateways, remove routers, fix docs links * dont show hidden actions * show and test dns * edit instead of chnage acme and change gateway * refactor: domains page * refactor: gateways page * domains and acme refactor * certificate authorities * refactor public/private gateways * fix fe types * domains mostly finished * refactor: add file control to form service * add ip util to sdk * domains api + migration * start service interface page, WIP * different options for clearnet domains * refactor: styles for interfaces page * minor * better placeholder for no addresses * start sorting addresses * best address logic * comments * fix unnecessary export * MVP of service interface page * domains preferred * fix: address comments * only translations left * wip: start-tunnel & fix build * forms for adding domain, rework things based on new ideas * fix: dns testing * public domain, max width, descriptions for dns * nix StartOS domains, implement public and private domains at interface scope * restart tor instead of reset * better icon for restart tor * dns * fix sort functions for public and private domains * with todos * update types * clean up tech debt, bump dependencies * revert to ts-rs v9 * fix all types * fix dns form * add missing translations * it builds * fix: comments (#3009) * fix: comments * undo default --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> * fix: refactor legacy components (#3010) * fix: comments * fix: refactor legacy components * remove default again --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> * more translations * wip * fix deadlock * coukd work * simple renaming * placeholder for empty service interfaces table * honor hidden form values * remove logs * reason instead of description * fix dns * misc fixes * implement toggling gateways for service interface * fix showing dns records * move status column in service list * remove unnecessary truthy check * refactor: refactor forms components and remove legacy Taiga UI package (#3012) * handle wh file uploads * wip: debugging tor * socks5 proxy working * refactor: fix multiple comments (#3013) * refactor: fix multiple comments * styling changes, add documentation to sidebar * translations for dns page * refactor: subtle colors * rearrange service page --------- Co-authored-by: Matt Hill <mattnine@protonmail.com> * fix file_stream and remove non-terminating test * clean up logs * support for sccache * fix gha sccache * more marketplace translations * install wizard clarity * stub hostnameInfo in migration * fix address info after setup, fix styling on SI page, new 040 release notes * remove tor logs from os * misc fixes * reset tor still not functioning... * update ts * minor styling and wording * chore: some fixes (#3015) * fix gateway renames * different handling for public domains * styling fixes * whole navbar should not be clickable on service show page * timeout getState request * remove links from changelog * misc fixes from pairing * use custom name for gateway in more places * fix dns parsing * closes #3003 * closes #2999 * chore: some fixes (#3017) * small copy change * revert hardcoded error for testing * dont require port forward if gateway is public * use old wan ip when not available * fix .const hanging on undefined * fix test * fix doc test * fix renames * update deps * allow specifying dependency metadata directly * temporarily make dependencies not cliackable in marketplace listings * fix socks bind * fix test --------- Co-authored-by: Aiden McClelland <me@drbonez.dev> Co-authored-by: waterplea <alexander@inkin.ru>
2026-03-30 20:14:49 +00:00 · 2025-09-09 21:43:51 -06:00
parent 1cc9a1a30b
commit add01ebc68
537 changed files with 19940 additions and 20551 deletions
--- a/core/startos/src/tunnel/db.rs
+++ b/core/startos/src/tunnel/db.rs
@@ -0,0 +1,197 @@
+use std::collections::{BTreeMap, HashSet};
+use std::net::{Ipv4Addr, SocketAddrV4};
+use std::path::PathBuf;
+
+use clap::Parser;
+use imbl_value::InternedString;
+use ipnet::Ipv4Net;
+use itertools::Itertools;
+use patch_db::Dump;
+use patch_db::json_ptr::{JsonPointer, ROOT};
+use rpc_toolkit::yajrc::RpcError;
+use rpc_toolkit::{Context, HandlerArgs, HandlerExt, ParentHandler, from_fn_async};
+use serde::{Deserialize, Serialize};
+use tracing::instrument;
+use ts_rs::TS;
+
+use crate::auth::Sessions;
+use crate::context::CliContext;
+use crate::prelude::*;
+use crate::sign::AnyVerifyingKey;
+use crate::tunnel::context::TunnelContext;
+use crate::tunnel::wg::WgServer;
+use crate::util::serde::{HandlerExtSerde, apply_expr};
+
+#[derive(Default, Deserialize, Serialize, HasModel)]
+#[serde(rename_all = "camelCase")]
+#[model = "Model<Self>"]
+pub struct TunnelDatabase {
+    pub sessions: Sessions,
+    pub password: String,
+    pub auth_pubkeys: HashSet<AnyVerifyingKey>,
+    pub wg: WgServer,
+    pub port_forwards: BTreeMap<SocketAddrV4, SocketAddrV4>,
+}
+
+pub fn db_api<C: Context>() -> ParentHandler<C> {
+    ParentHandler::new()
+        .subcommand(
+            "dump",
+            from_fn_async(cli_dump)
+                .with_display_serializable()
+                .with_about("Filter/query db to display tables and records"),
+        )
+        .subcommand(
+            "dump",
+            from_fn_async(dump)
+                .with_metadata("admin", Value::Bool(true))
+                .no_cli(),
+        )
+        .subcommand(
+            "apply",
+            from_fn_async(cli_apply)
+                .no_display()
+                .with_about("Update a db record"),
+        )
+        .subcommand(
+            "apply",
+            from_fn_async(apply)
+                .with_metadata("admin", Value::Bool(true))
+                .no_cli(),
+        )
+}
+
+#[derive(Deserialize, Serialize, Parser)]
+#[serde(rename_all = "camelCase")]
+#[command(rename_all = "kebab-case")]
+pub struct CliDumpParams {
+    #[arg(long = "pointer", short = 'p')]
+    pointer: Option<JsonPointer>,
+    path: Option<PathBuf>,
+}
+
+#[instrument(skip_all)]
+async fn cli_dump(
+    HandlerArgs {
+        context,
+        parent_method,
+        method,
+        params: CliDumpParams { pointer, path },
+        ..
+    }: HandlerArgs<CliContext, CliDumpParams>,
+) -> Result<Dump, RpcError> {
+    let dump = if let Some(path) = path {
+        PatchDb::open(path).await?.dump(&ROOT).await
+    } else {
+        let method = parent_method.into_iter().chain(method).join(".");
+        from_value::<Dump>(
+            context
+                .call_remote::<TunnelContext>(&method, imbl_value::json!({ "pointer": pointer }))
+                .await?,
+        )?
+    };
+
+    Ok(dump)
+}
+
+#[derive(Deserialize, Serialize, Parser, TS)]
+#[serde(rename_all = "camelCase")]
+#[command(rename_all = "kebab-case")]
+pub struct DumpParams {
+    #[arg(long = "pointer", short = 'p')]
+    #[ts(type = "string | null")]
+    pointer: Option<JsonPointer>,
+}
+
+pub async fn dump(ctx: TunnelContext, DumpParams { pointer }: DumpParams) -> Result<Dump, Error> {
+    Ok(ctx
+        .db
+        .dump(&pointer.as_ref().map_or(ROOT, |p| p.borrowed()))
+        .await)
+}
+
+#[derive(Deserialize, Serialize, Parser)]
+#[serde(rename_all = "camelCase")]
+#[command(rename_all = "kebab-case")]
+pub struct CliApplyParams {
+    expr: String,
+    path: Option<PathBuf>,
+}
+
+#[instrument(skip_all)]
+async fn cli_apply(
+    HandlerArgs {
+        context,
+        parent_method,
+        method,
+        params: CliApplyParams { expr, path },
+        ..
+    }: HandlerArgs<CliContext, CliApplyParams>,
+) -> Result<(), RpcError> {
+    if let Some(path) = path {
+        PatchDb::open(path)
+            .await?
+            .apply_function(|db| {
+                let res = apply_expr(
+                    serde_json::to_value(patch_db::Value::from(db))
+                        .with_kind(ErrorKind::Deserialization)?
+                        .into(),
+                    &expr,
+                )?;
+
+                Ok::<_, Error>((
+                    to_value(
+                        &serde_json::from_value::<TunnelDatabase>(res.clone().into()).with_ctx(
+                            |_| {
+                                (
+                                    crate::ErrorKind::Deserialization,
+                                    "result does not match database model",
+                                )
+                            },
+                        )?,
+                    )?,
+                    (),
+                ))
+            })
+            .await
+            .result?;
+    } else {
+        let method = parent_method.into_iter().chain(method).join(".");
+        context
+            .call_remote::<TunnelContext>(&method, imbl_value::json!({ "expr": expr }))
+            .await?;
+    }
+
+    Ok(())
+}
+
+#[derive(Deserialize, Serialize, Parser, TS)]
+#[serde(rename_all = "camelCase")]
+#[command(rename_all = "kebab-case")]
+pub struct ApplyParams {
+    expr: String,
+    path: Option<PathBuf>,
+}
+
+pub async fn apply(ctx: TunnelContext, ApplyParams { expr, .. }: ApplyParams) -> Result<(), Error> {
+    ctx.db
+        .mutate(|db| {
+            let res = apply_expr(
+                serde_json::to_value(patch_db::Value::from(db.clone()))
+                    .with_kind(ErrorKind::Deserialization)?
+                    .into(),
+                &expr,
+            )?;
+
+            db.ser(
+                &serde_json::from_value::<TunnelDatabase>(res.clone().into()).with_ctx(|_| {
+                    (
+                        crate::ErrorKind::Deserialization,
+                        "result does not match database model",
+                    )
+                })?,
+            )
+        })
+        .await
+        .result
+}