Fix docs URLs in start-tunnel installer output (#3135)

core/src/tunnel/api.rs

@@ -11,6 +11,7 @@ use crate::db::model::public::NetworkInterfaceType;
 use crate::net::forward::add_iptables_rule;
 use crate::prelude::*;
 use crate::tunnel::context::TunnelContext;
+use crate::tunnel::db::PortForwardEntry;
 use crate::tunnel::wg::{WIREGUARD_INTERFACE_NAME, WgConfig, WgSubnetClients, WgSubnetConfig};
 use crate::util::serde::{HandlerExtSerde, display_serializable};
 
@@ -51,6 +52,22 @@ pub fn tunnel_api<C: Context>() -> ParentHandler<C> {
                         .no_display()
                         .with_about("about.remove-port-forward")
                         .with_call_remote::<CliContext>(),
+                )
+                .subcommand(
+                    "update-label",
+                    from_fn_async(update_forward_label)
+                        .with_metadata("sync_db", Value::Bool(true))
+                        .no_display()
+                        .with_about("about.update-port-forward-label")
+                        .with_call_remote::<CliContext>(),
+                )
+                .subcommand(
+                    "set-enabled",
+                    from_fn_async(set_forward_enabled)
+                        .with_metadata("sync_db", Value::Bool(true))
+                        .no_display()
+                        .with_about("about.enable-or-disable-port-forward")
+                        .with_call_remote::<CliContext>(),
                 ),
         )
         .subcommand(
@@ -453,11 +470,17 @@ pub async fn show_config(
 pub struct AddPortForwardParams {
     source: SocketAddrV4,
     target: SocketAddrV4,
+    #[arg(long)]
+    label: String,
 }
 
 pub async fn add_forward(
     ctx: TunnelContext,
-    AddPortForwardParams { source, target }: AddPortForwardParams,
+    AddPortForwardParams {
+        source,
+        target,
+        label,
+    }: AddPortForwardParams,
 ) -> Result<(), Error> {
     let prefix = ctx
         .net_iface
@@ -482,10 +505,12 @@ pub async fn add_forward(
         m.insert(source, rc);
     });
 
+    let entry = PortForwardEntry { target, label, enabled: true };
+
     ctx.db
         .mutate(|db| {
             db.as_port_forwards_mut()
-                .insert(&source, &target)
+                .insert(&source, &entry)
                 .and_then(|replaced| {
                     if replaced.is_some() {
                         Err(Error::new(
@@ -523,3 +548,92 @@ pub async fn remove_forward(
     }
     Ok(())
 }
+
+#[derive(Deserialize, Serialize, Parser)]
+#[serde(rename_all = "camelCase")]
+pub struct UpdatePortForwardLabelParams {
+    source: SocketAddrV4,
+    label: String,
+}
+
+pub async fn update_forward_label(
+    ctx: TunnelContext,
+    UpdatePortForwardLabelParams { source, label }: UpdatePortForwardLabelParams,
+) -> Result<(), Error> {
+    ctx.db
+        .mutate(|db| {
+            db.as_port_forwards_mut().mutate(|pf| {
+                let entry = pf.0.get_mut(&source).ok_or_else(|| {
+                    Error::new(
+                        eyre!("Port forward from {source} not found"),
+                        ErrorKind::NotFound,
+                    )
+                })?;
+                entry.label = label.clone();
+                Ok(())
+            })
+        })
+        .await
+        .result
+}
+
+#[derive(Deserialize, Serialize, Parser)]
+#[serde(rename_all = "camelCase")]
+pub struct SetPortForwardEnabledParams {
+    source: SocketAddrV4,
+    enabled: bool,
+}
+
+pub async fn set_forward_enabled(
+    ctx: TunnelContext,
+    SetPortForwardEnabledParams { source, enabled }: SetPortForwardEnabledParams,
+) -> Result<(), Error> {
+    let target = ctx
+        .db
+        .mutate(|db| {
+            db.as_port_forwards_mut().mutate(|pf| {
+                let entry = pf.0.get_mut(&source).ok_or_else(|| {
+                    Error::new(
+                        eyre!("Port forward from {source} not found"),
+                        ErrorKind::NotFound,
+                    )
+                })?;
+                entry.enabled = enabled;
+                Ok(entry.target)
+            })
+        })
+        .await
+        .result?;
+
+    if enabled {
+        let prefix = ctx
+            .net_iface
+            .peek(|i| {
+                i.iter()
+                    .find_map(|(_, i)| {
+                        i.ip_info.as_ref().and_then(|i| {
+                            i.subnets
+                                .iter()
+                                .find(|s| s.contains(&IpAddr::from(*target.ip())))
+                        })
+                    })
+                    .cloned()
+            })
+            .map(|s| s.prefix_len())
+            .unwrap_or(32);
+        let rc = ctx
+            .forward
+            .add_forward(source, target, prefix, None)
+            .await?;
+        ctx.active_forwards.mutate(|m| {
+            m.insert(source, rc);
+        });
+    } else {
+        if let Some(rc) = ctx.active_forwards.mutate(|m| m.remove(&source)) {
+            drop(rc);
+            ctx.forward.gc().await?;
+        }
+    }
+
+    Ok(())
+}

core/src/tunnel/context.rs

@@ -184,7 +184,11 @@ impl TunnelContext {
         }
 
         let mut active_forwards = BTreeMap::new();
-        for (from, to) in peek.as_port_forwards().de()?.0 {
+        for (from, entry) in peek.as_port_forwards().de()?.0 {
+            if !entry.enabled {
+                continue;
+            }
+            let to = entry.target;
             let prefix = net_iface
                 .peek(|i| {
                     i.iter()

core/src/tunnel/db.rs

@@ -53,7 +53,7 @@ impl Model<TunnelDatabase> {
         }
         self.as_port_forwards_mut().mutate(|pf| {
             Ok(pf.0.retain(|k, v| {
-                if keep_targets.contains(v.ip()) {
+                if keep_targets.contains(v.target.ip()) {
                     keep_sources.insert(*k);
                     true
                 } else {
@@ -70,11 +70,25 @@ fn export_bindings_tunnel_db() {
     TunnelDatabase::export_all_to("bindings/tunnel").unwrap();
 }
 
+#[derive(Clone, Debug, Deserialize, Serialize, TS)]
+#[serde(rename_all = "camelCase")]
+pub struct PortForwardEntry {
+    pub target: SocketAddrV4,
+    #[serde(default)]
+    pub label: String,
+    #[serde(default = "default_true")]
+    pub enabled: bool,
+}
+
+fn default_true() -> bool {
+    true
+}
+
 #[derive(Clone, Debug, Default, Deserialize, Serialize, TS)]
-pub struct PortForwards(pub BTreeMap<SocketAddrV4, SocketAddrV4>);
+pub struct PortForwards(pub BTreeMap<SocketAddrV4, PortForwardEntry>);
 impl Map for PortForwards {
     type Key = SocketAddrV4;
-    type Value = SocketAddrV4;
+    type Value = PortForwardEntry;
     fn key_str(key: &Self::Key) -> Result<impl AsRef<str>, Error> {
         Self::key_string(key)
     }

core/src/tunnel/web.rs

@@ -527,23 +527,23 @@ pub async fn init_web(ctx: CliContext) -> Result<(), Error> {
                     "    2. Type or copy/paste the following command (**DO NOT** click Enter/Return yet): pbpaste > ~/Desktop/tunnel-ca.crt\n",
                     "    3. Copy your Root CA (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)\n",
                     "    4. Back in Terminal, click Enter/Return. tunnel-ca.crt is saved to your Desktop\n",
-                    "    5. Complete by trusting your Root CA: https://docs.start9.com/device-guides/mac/ca.html\n",
+                    "    5. Complete by trusting your Root CA: https://docs.start9.com/start-os/0.4.0.x/user-manual/trust-ca.html?platform=Mac\n",
                     "  - Linux\n",
                     "    1. Open gedit, nano, or any editor\n",
                     "    2. Copy/paste your Root CA (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)\n",
                     "    3. Name the file tunnel-ca.crt and save as plaintext\n",
-                    "    4. Complete by trusting your Root CA: https://docs.start9.com/device-guides/linux/ca.html\n",
+                    "    4. Complete by trusting your Root CA: https://docs.start9.com/start-os/0.4.0.x/user-manual/trust-ca.html?platform=Debian+%252F+Ubuntu\n",
                     "  - Windows\n",
                     "    1. Open the Notepad app\n",
                     "    2. Copy/paste your Root CA (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)\n",
                     "    3. Name the file tunnel-ca.crt and save as plaintext\n",
-                    "    4. Complete by trusting your Root CA: https://docs.start9.com/device-guides/windows/ca.html\n",
+                    "    4. Complete by trusting your Root CA: https://docs.start9.com/start-os/0.4.0.x/user-manual/trust-ca.html?platform=Windows\n",
                     "  - Android/Graphene\n",
                     "    1. Send the tunnel-ca.crt file (created above) to yourself\n",
-                    "    2. Complete by trusting your Root CA: https://docs.start9.com/device-guides/android/ca.html\n",
+                    "    2. Complete by trusting your Root CA: https://docs.start9.com/start-os/0.4.0.x/user-manual/trust-ca.html?platform=Android+%252F+Graphene\n",
                     "  - iOS\n",
                     "    1. Send the tunnel-ca.crt file (created above) to yourself\n",
-                    "    2. Complete by trusting your Root CA: https://docs.start9.com/device-guides/ios/ca.html\n",
+                    "    2. Complete by trusting your Root CA: https://docs.start9.com/start-os/0.4.0.x/user-manual/trust-ca.html?platform=iOS\n",
                 ));
 
                 return Ok(());

web/projects/start-tunnel/src/app/routes/home/components/nav.ts

@@ -1,10 +1,7 @@
 import { ChangeDetectionStrategy, Component, inject } from '@angular/core'
-import { Router, RouterLink, RouterLinkActive } from '@angular/router'
-import { ErrorService, LoadingService } from '@start9labs/shared'
+import { RouterLink, RouterLinkActive } from '@angular/router'
 import { TuiButton } from '@taiga-ui/core'
 import { TuiBadgeNotification } from '@taiga-ui/kit'
-import { ApiService } from 'src/app/services/api/api.service'
-import { AuthService } from 'src/app/services/auth.service'
 import { SidebarService } from 'src/app/services/sidebar.service'
 import { UpdateService } from 'src/app/services/update.service'
 
@@ -38,15 +35,6 @@ import { UpdateService } from 'src/app/services/update.service'
         }
       </a>
     </div>
-    <button
-      tuiButton
-      iconStart="@tui.log-out"
-      appearance="neutral"
-      size="s"
-      (click)="logout()"
-    >
-      Logout
-    </button>
   `,
   styles: `
     :host {
@@ -79,12 +67,6 @@ import { UpdateService } from 'src/app/services/update.service'
       }
     }
 
-    button {
-      width: 100%;
-      border-radius: 0;
-      justify-content: flex-start;
-    }
-
     :host-context(tui-root._mobile) {
       position: absolute;
       top: 3.5rem;
@@ -106,12 +88,7 @@ import { UpdateService } from 'src/app/services/update.service'
   },
 })
 export class Nav {
-  private readonly service = inject(AuthService)
-  private readonly router = inject(Router)
   protected readonly sidebars = inject(SidebarService)
-  protected readonly api = inject(ApiService)
-  private readonly loader = inject(LoadingService)
-  private readonly errorService = inject(ErrorService)
   protected readonly update = inject(UpdateService)
 
   protected readonly routes = [
@@ -131,18 +108,4 @@ export class Nav {
       link: 'port-forwards',
     },
   ] as const
-
-  protected async logout() {
-    const loader = this.loader.open().subscribe()
-    try {
-      await this.api.logout()
-      this.service.authenticated.set(false)
-      this.router.navigate(['.'])
-    } catch (e: any) {
-      console.error(e)
-      this.errorService.handleError(e)
-    } finally {
-      loader.unsubscribe()
-    }
-  }
 }

web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/add.ts

@@ -36,6 +36,11 @@ import { MappedDevice, PortForwardsData } from './utils'
 @Component({
   template: `
     <form tuiForm [formGroup]="form">
+      <tui-textfield>
+        <label tuiLabel>Label</label>
+        <input tuiTextfield formControlName="label" />
+      </tui-textfield>
+      <tui-error formControlName="label" [error]="[] | tuiFieldError | async" />
       <tui-textfield tuiChevron>
         <label tuiLabel>External IP</label>
         @if (mobile) {
@@ -161,6 +166,7 @@ export class PortForwardsAdd {
     injectContext<TuiDialogContext<void, PortForwardsData>>()
 
   protected readonly form = inject(NonNullableFormBuilder).group({
+    label: ['', Validators.required],
     externalip: ['', Validators.required],
     externalport: [null as number | null, Validators.required],
     device: [null as MappedDevice | null, Validators.required],
@@ -185,19 +191,21 @@ export class PortForwardsAdd {
 
     const loader = this.loading.open().subscribe()
 
-    const { externalip, externalport, device, internalport, also80 } =
+    const { label, externalip, externalport, device, internalport, also80 } =
       this.form.getRawValue()
 
     try {
       await this.api.addForward({
         source: `${externalip}:${externalport}`,
         target: `${device!.ip}:${internalport}`,
+        label,
       })
 
       if (externalport === 443 && internalport === 443 && also80) {
         await this.api.addForward({
           source: `${externalip}:80`,
           target: `${device!.ip}:443`,
+          label: `${label} (HTTP redirect)`,
         })
       }
     } catch (e: any) {

web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/edit-label.ts

@@ -0,0 +1,83 @@
+import { AsyncPipe } from '@angular/common'
+import { ChangeDetectionStrategy, Component, inject } from '@angular/core'
+import {
+  NonNullableFormBuilder,
+  ReactiveFormsModule,
+  Validators,
+} from '@angular/forms'
+import { ErrorService, LoadingService } from '@start9labs/shared'
+import {
+  TuiButton,
+  TuiDialogContext,
+  TuiError,
+  TuiTextfield,
+} from '@taiga-ui/core'
+import { TuiFieldErrorPipe } from '@taiga-ui/kit'
+import { TuiForm } from '@taiga-ui/layout'
+import { injectContext, PolymorpheusComponent } from '@taiga-ui/polymorpheus'
+import { ApiService } from 'src/app/services/api/api.service'
+
+export interface EditLabelData {
+  readonly source: string
+  readonly label: string
+}
+
+@Component({
+  template: `
+    <form tuiForm [formGroup]="form">
+      <tui-textfield>
+        <label tuiLabel>Label</label>
+        <input tuiTextfield formControlName="label" />
+      </tui-textfield>
+      <tui-error formControlName="label" [error]="[] | tuiFieldError | async" />
+      <footer>
+        <button tuiButton [disabled]="form.invalid" (click)="onSave()">
+          Save
+        </button>
+      </footer>
+    </form>
+  `,
+  changeDetection: ChangeDetectionStrategy.OnPush,
+  imports: [
+    AsyncPipe,
+    ReactiveFormsModule,
+    TuiButton,
+    TuiError,
+    TuiFieldErrorPipe,
+    TuiTextfield,
+    TuiForm,
+  ],
+})
+export class PortForwardsEditLabel {
+  private readonly api = inject(ApiService)
+  private readonly loading = inject(LoadingService)
+  private readonly errorService = inject(ErrorService)
+
+  protected readonly context =
+    injectContext<TuiDialogContext<void, EditLabelData>>()
+
+  protected readonly form = inject(NonNullableFormBuilder).group({
+    label: [this.context.data.label, Validators.required],
+  })
+
+  protected async onSave() {
+    const loader = this.loading.open().subscribe()
+
+    try {
+      await this.api.updateForwardLabel({
+        source: this.context.data.source,
+        label: this.form.getRawValue().label,
+      })
+    } catch (e: any) {
+      console.error(e)
+      this.errorService.handleError(e)
+    } finally {
+      loader.unsubscribe()
+      this.context.$implicit.complete()
+    }
+  }
+}
+
+export const PORT_FORWARDS_EDIT_LABEL = new PolymorpheusComponent(
+  PortForwardsEditLabel,
+)

web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/index.ts

@@ -3,18 +3,26 @@ import {
   Component,
   computed,
   inject,
+  signal,
   Signal,
 } from '@angular/core'
 import { toSignal } from '@angular/core/rxjs-interop'
-import { ReactiveFormsModule } from '@angular/forms'
+import { FormsModule } from '@angular/forms'
 import { ErrorService, LoadingService } from '@start9labs/shared'
 import { utils } from '@start9labs/start-sdk'
-import { TuiButton } from '@taiga-ui/core'
+import {
+  TuiButton,
+  TuiDataList,
+  TuiDropdown,
+  TuiLoader,
+  TuiTextfield,
+} from '@taiga-ui/core'
 import { TuiDialogService } from '@taiga-ui/experimental'
-import { TUI_CONFIRM } from '@taiga-ui/kit'
+import { TUI_CONFIRM, TuiSwitch } from '@taiga-ui/kit'
 import { PatchDB } from 'patch-db-client'
 import { filter, map } from 'rxjs'
 import { PORT_FORWARDS_ADD } from 'src/app/routes/home/routes/port-forwards/add'
+import { PORT_FORWARDS_EDIT_LABEL } from 'src/app/routes/home/routes/port-forwards/edit-label'
 import { ApiService } from 'src/app/services/api/api.service'
 import { TunnelData } from 'src/app/services/patch-db/data-model'
 
@@ -25,6 +33,8 @@ import { MappedDevice, MappedForward } from './utils'
     <table class="g-table">
       <thead>
         <tr>
+          <th></th>
+          <th>Label</th>
           <th>External IP</th>
           <th>External Port</th>
           <th>Device</th>
@@ -39,6 +49,23 @@ import { MappedDevice, MappedForward } from './utils'
       <tbody>
         @for (forward of forwards(); track $index) {
           <tr>
+            <td>
+              <tui-loader
+                [showLoader]="toggling() === $index"
+                size="xs"
+                [overlay]="true"
+              >
+                <input
+                  tuiSwitch
+                  type="checkbox"
+                  size="s"
+                  [showIcons]="false"
+                  [ngModel]="forward.enabled"
+                  (ngModelChange)="onToggle(forward, $index)"
+                />
+              </tui-loader>
+            </td>
+            <td>{{ forward.label || '—' }}</td>
             <td>{{ forward.externalip }}</td>
             <td>{{ forward.externalport }}</td>
             <td>{{ forward.device.name }}</td>
@@ -47,11 +74,30 @@ import { MappedDevice, MappedForward } from './utils'
               <button
                 tuiIconButton
                 size="xs"
+                tuiDropdown
+                tuiDropdownOpen
                 appearance="flat-grayscale"
-                iconStart="@tui.trash"
-                (click)="onDelete(forward)"
+                iconStart="@tui.ellipsis-vertical"
               >
                 Actions
+                <tui-data-list *tuiTextfieldDropdown size="s">
+                  <button
+                    tuiOption
+                    iconStart="@tui.pencil"
+                    new
+                    (click)="onEditLabel(forward)"
+                  >
+                    {{ forward.label ? 'Rename' : 'Add label' }}
+                  </button>
+                  <button
+                    tuiOption
+                    iconStart="@tui.trash"
+                    new
+                    (click)="onDelete(forward)"
+                  >
+                    Delete
+                  </button>
+                </tui-data-list>
               </button>
             </td>
           </tr>
@@ -62,7 +108,15 @@ import { MappedDevice, MappedForward } from './utils'
     </table>
   `,
   changeDetection: ChangeDetectionStrategy.OnPush,
-  imports: [ReactiveFormsModule, TuiButton],
+  imports: [
+    FormsModule,
+    TuiButton,
+    TuiDropdown,
+    TuiDataList,
+    TuiLoader,
+    TuiSwitch,
+    TuiTextfield,
+  ],
 })
 export default class PortForwards {
   private readonly dialogs = inject(TuiDialogService)
@@ -100,19 +154,36 @@ export default class PortForwards {
   )
 
   protected readonly forwards = computed(() =>
-    Object.entries(this.portForwards() || {}).map(([source, target]) => {
+    Object.entries(this.portForwards() || {}).map(([source, entry]) => {
       const sourceSplit = source.split(':')
-      const targetSplit = target.split(':')
+      const targetSplit = entry.target.split(':')
 
       return {
         externalip: sourceSplit[0]!,
         externalport: sourceSplit[1]!,
         device: this.devices().find(d => d.ip === targetSplit[0])!,
         internalport: targetSplit[1]!,
+        label: entry.label,
+        enabled: entry.enabled,
       }
     }),
   )
 
+  protected readonly toggling = signal<number | null>(null)
+
+  protected async onToggle(forward: MappedForward, index: number) {
+    this.toggling.set(index)
+    const source = `${forward.externalip}:${forward.externalport}`
+
+    try {
+      await this.api.setForwardEnabled({ source, enabled: !forward.enabled })
+    } catch (e: any) {
+      this.errorService.handleError(e)
+    } finally {
+      this.toggling.set(null)
+    }
+  }
+
   protected onAdd(): void {
     this.dialogs
       .open(PORT_FORWARDS_ADD, {
@@ -122,6 +193,18 @@ export default class PortForwards {
       .subscribe()
   }
 
+  protected onEditLabel(forward: MappedForward): void {
+    this.dialogs
+      .open(PORT_FORWARDS_EDIT_LABEL, {
+        label: 'Edit label',
+        data: {
+          source: `${forward.externalip}:${forward.externalport}`,
+          label: forward.label,
+        },
+      })
+      .subscribe()
+  }
+
   protected onDelete({ externalip, externalport }: MappedForward): void {
     this.dialogs
       .open(TUI_CONFIRM, { label: 'Are you sure?' })

web/projects/start-tunnel/src/app/routes/home/routes/port-forwards/utils.ts

@@ -10,6 +10,8 @@ export interface MappedForward {
   readonly externalport: string
   readonly device: MappedDevice
   readonly internalport: string
+  readonly label: string
+  readonly enabled: boolean
 }
 
 export interface PortForwardsData {

web/projects/start-tunnel/src/app/routes/home/routes/settings/index.ts

@@ -4,11 +4,14 @@ import {
   inject,
   signal,
 } from '@angular/core'
-import { ErrorService } from '@start9labs/shared'
+import { Router } from '@angular/router'
+import { ErrorService, LoadingService } from '@start9labs/shared'
 import { TuiAppearance, TuiButton, TuiTitle } from '@taiga-ui/core'
 import { TuiDialogService } from '@taiga-ui/experimental'
 import { TuiBadge, TuiButtonLoading } from '@taiga-ui/kit'
 import { TuiCard, TuiCell } from '@taiga-ui/layout'
+import { ApiService } from 'src/app/services/api/api.service'
+import { AuthService } from 'src/app/services/auth.service'
 import { UpdateService } from 'src/app/services/update.service'
 
 import { CHANGE_PASSWORD } from './change-password'
@@ -50,6 +53,20 @@ import { CHANGE_PASSWORD } from './change-password'
         </span>
         <button tuiButton size="s" (click)="onChangePassword()">Change</button>
       </div>
+      <div tuiCell>
+        <span tuiTitle>
+          <strong>Logout</strong>
+        </span>
+        <button
+          tuiButton
+          size="s"
+          appearance="secondary-destructive"
+          iconStart="@tui.log-out"
+          (click)="onLogout()"
+        >
+          Logout
+        </button>
+      </div>
     </div>
   `,
   changeDetection: ChangeDetectionStrategy.OnPush,
@@ -66,6 +83,10 @@ import { CHANGE_PASSWORD } from './change-password'
 export default class Settings {
   private readonly dialogs = inject(TuiDialogService)
   private readonly errorService = inject(ErrorService)
+  private readonly api = inject(ApiService)
+  private readonly auth = inject(AuthService)
+  private readonly router = inject(Router)
+  private readonly loading = inject(LoadingService)
 
   protected readonly update = inject(UpdateService)
   protected readonly checking = signal(false)
@@ -98,4 +119,18 @@ export default class Settings {
       this.applying.set(false)
     }
   }
+
+  protected async onLogout() {
+    const loader = this.loading.open().subscribe()
+
+    try {
+      await this.api.logout()
+      this.auth.authenticated.set(false)
+      this.router.navigate(['/'])
+    } catch (e: any) {
+      this.errorService.handleError(e)
+    } finally {
+      loader.unsubscribe()
+    }
+  }
 }

web/projects/start-tunnel/src/app/services/api/api.service.ts

@@ -25,6 +25,8 @@ export abstract class ApiService {
   // forwards
   abstract addForward(params: AddForwardReq): Promise<null> // port-forward.add
   abstract deleteForward(params: DeleteForwardReq): Promise<null> // port-forward.remove
+  abstract updateForwardLabel(params: UpdateForwardLabelReq): Promise<null> // port-forward.update-label
+  abstract setForwardEnabled(params: SetForwardEnabledReq): Promise<null> // port-forward.set-enabled
   // update
   abstract checkUpdate(): Promise<TunnelUpdateResult> // update.check
   abstract applyUpdate(): Promise<TunnelUpdateResult> // update.apply
@@ -60,12 +62,23 @@ export type DeleteDeviceReq = {
 export type AddForwardReq = {
   source: string // externalip:port
   target: string // internalip:port
+  label: string
 }
 
 export type DeleteForwardReq = {
   source: string
 }
 
+export type UpdateForwardLabelReq = {
+  source: string
+  label: string
+}
+
+export type SetForwardEnabledReq = {
+  source: string
+  enabled: boolean
+}
+
 export type TunnelUpdateResult = {
   status: string
   installed: string

web/projects/start-tunnel/src/app/services/api/live-api.service.ts

@@ -17,6 +17,8 @@ import {
   LoginReq,
   SubscribeRes,
   TunnelUpdateResult,
+  SetForwardEnabledReq,
+  UpdateForwardLabelReq,
   UpsertDeviceReq,
   UpsertSubnetReq,
 } from './api.service'
@@ -104,6 +106,14 @@ export class LiveApiService extends ApiService {
     return this.rpcRequest({ method: 'port-forward.remove', params })
   }
 
+  async updateForwardLabel(params: UpdateForwardLabelReq): Promise<null> {
+    return this.rpcRequest({ method: 'port-forward.update-label', params })
+  }
+
+  async setForwardEnabled(params: SetForwardEnabledReq): Promise<null> {
+    return this.rpcRequest({ method: 'port-forward.set-enabled', params })
+  }
+
   // update
 
   async checkUpdate(): Promise<TunnelUpdateResult> {

web/projects/start-tunnel/src/app/services/api/mock-api.service.ts

@@ -10,6 +10,8 @@ import {
   LoginReq,
   SubscribeRes,
   TunnelUpdateResult,
+  SetForwardEnabledReq,
+  UpdateForwardLabelReq,
   UpsertDeviceReq,
   UpsertSubnetReq,
 } from './api.service'
@@ -24,7 +26,12 @@ import {
   Revision,
 } from 'patch-db-client'
 import { toObservable } from '@angular/core/rxjs-interop'
-import { mockTunnelData, WgClient, WgSubnet } from '../patch-db/data-model'
+import {
+  mockTunnelData,
+  PortForwardEntry,
+  WgClient,
+  WgSubnet,
+} from '../patch-db/data-model'
 
 @Injectable({
   providedIn: 'root',
@@ -171,11 +178,45 @@ export class MockApiService extends ApiService {
   async addForward(params: AddForwardReq): Promise<null> {
     await pauseFor(1000)
 
-    const patch: AddOperation<string>[] = [
+    const patch: AddOperation<PortForwardEntry>[] = [
       {
         op: PatchOp.ADD,
         path: `/portForwards/${params.source}`,
-        value: params.target,
+        value: {
+          target: params.target,
+          label: params.label || '',
+          enabled: true,
+        },
+      },
+    ]
+    this.mockRevision(patch)
+
+    return null
+  }
+
+  async updateForwardLabel(params: UpdateForwardLabelReq): Promise<null> {
+    await pauseFor(1000)
+
+    const patch: ReplaceOperation<string>[] = [
+      {
+        op: PatchOp.REPLACE,
+        path: `/portForwards/${params.source}/label`,
+        value: params.label,
+      },
+    ]
+    this.mockRevision(patch)
+
+    return null
+  }
+
+  async setForwardEnabled(params: SetForwardEnabledReq): Promise<null> {
+    await pauseFor(1000)
+
+    const patch: ReplaceOperation<boolean>[] = [
+      {
+        op: PatchOp.REPLACE,
+        path: `/portForwards/${params.source}/enabled`,
+        value: params.enabled,
       },
     ]
     this.mockRevision(patch)

web/projects/start-tunnel/src/app/services/patch-db/data-model.ts

@@ -1,8 +1,14 @@
 import { T } from '@start9labs/start-sdk'
 
+export type PortForwardEntry = {
+  target: string
+  label: string
+  enabled: boolean
+}
+
 export type TunnelData = {
   wg: WgServer
-  portForwards: Record<string, string>
+  portForwards: Record<string, PortForwardEntry>
   gateways: Record<string, T.NetworkInterfaceInfo>
 }
 
@@ -39,8 +45,12 @@ export const mockTunnelData: TunnelData = {
     },
   },
   portForwards: {
-    '69.1.1.42:443': '10.59.0.2:443',
-    '69.1.1.42:3000': '10.59.0.2:3000',
+    '69.1.1.42:443': { target: '10.59.0.2:443', label: 'HTTPS', enabled: true },
+    '69.1.1.42:3000': {
+      target: '10.59.0.2:3000',
+      label: 'Grafana',
+      enabled: true,
+    },
   },
   gateways: {
     eth0: {