get domains by device
This commit is contained in:
parent
4eb6a42bb8
commit
5ade07e224
35
README.md
35
README.md
|
@ -33,7 +33,27 @@ Installs as `stunnel.js` with the alias `jstunnel`
|
||||||
npm install -g stunnel
|
npm install -g stunnel
|
||||||
```
|
```
|
||||||
|
|
||||||
### Advanced Usage
|
### Usage with OAuth3.org
|
||||||
|
|
||||||
|
Daplie's OAuth3.org tunnel service is in Beta.
|
||||||
|
|
||||||
|
**Terms of Service**: The Software and Services shall be used for Good, not Evil.
|
||||||
|
Examples of good: education, business, pleasure. Examples of evil: crime, abuse, extortion.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
stunnel.js --agree-tos --email john@example.com --locals http:*:4080,https:*:8443 --device
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash
|
||||||
|
stunnel.js \
|
||||||
|
--agree-tos --email <EMAIL> \
|
||||||
|
--locals <List of <SCHEME>:<EXTERNAL_DOMAINNAME>:<INTERNAL_PORT>> \
|
||||||
|
--device [HOSTNAME] \
|
||||||
|
--domains [Comma-separated list of domains to attach to device] \
|
||||||
|
--oauth3-url <Tunnel Service OAuth3 URL>
|
||||||
|
```
|
||||||
|
|
||||||
|
### Advanced Usage (DIY)
|
||||||
|
|
||||||
How to use `stunnel.js` with your own instance of `stunneld.js`:
|
How to use `stunnel.js` with your own instance of `stunneld.js`:
|
||||||
|
|
||||||
|
@ -70,19 +90,6 @@ stunnel.js \
|
||||||
-k, --insecure ignore invalid ssl certificates from stunneld
|
-k, --insecure ignore invalid ssl certificates from stunneld
|
||||||
```
|
```
|
||||||
|
|
||||||
### Usage
|
|
||||||
|
|
||||||
**NOT YET IMPLEMENTED**
|
|
||||||
|
|
||||||
Daplie's tunneling service is not yet publicly available.
|
|
||||||
|
|
||||||
**Terms of Service**: The Software and Services shall be used for Good, not Evil.
|
|
||||||
Examples of good: education, business, pleasure. Examples of evil: crime, abuse, extortion.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
stunnel.js --agree-tos --email john@example.com --locals http:john.example.com:4080,https:john.example.com:8443
|
|
||||||
```
|
|
||||||
|
|
||||||
Library
|
Library
|
||||||
=======
|
=======
|
||||||
|
|
||||||
|
|
|
@ -12,23 +12,34 @@ function collectProxies(val, memo) {
|
||||||
var vals = val.split(/,/g);
|
var vals = val.split(/,/g);
|
||||||
|
|
||||||
function parseProxy(location) {
|
function parseProxy(location) {
|
||||||
|
// john.example.com
|
||||||
|
// https:3443
|
||||||
// http:john.example.com:3000
|
// http:john.example.com:3000
|
||||||
// http://john.example.com:3000
|
// http://john.example.com:3000
|
||||||
var parts = location.split(':');
|
var parts = location.split(':');
|
||||||
var dual = false;
|
var dual = false;
|
||||||
if (/\./.test(parts[0])) {
|
if (1 === parts.length) {
|
||||||
//dual = true;
|
// john.example.com -> :john.example.com:0
|
||||||
parts[2] = parts[1];
|
|
||||||
parts[1] = parts[0];
|
parts[1] = parts[0];
|
||||||
parts[0] = 'https';
|
|
||||||
|
parts[0] = '';
|
||||||
|
parts[2] = 0;
|
||||||
|
|
||||||
dual = true;
|
dual = true;
|
||||||
}
|
}
|
||||||
|
else if (2 === parts.length) {
|
||||||
|
// https:3443 -> https:*:3443
|
||||||
|
parts[2] = parts[1];
|
||||||
|
|
||||||
|
parts[1] = '*';
|
||||||
|
}
|
||||||
|
|
||||||
parts[0] = parts[0].toLowerCase();
|
parts[0] = parts[0].toLowerCase();
|
||||||
parts[1] = parts[1].toLowerCase().replace(/(\/\/)?/, '') || '*';
|
parts[1] = parts[1].toLowerCase().replace(/(\/\/)?/, '') || '*';
|
||||||
parts[2] = parseInt(parts[2], 10) || 0;
|
parts[2] = parseInt(parts[2], 10) || 0;
|
||||||
if (!parts[2]) {
|
if (!parts[2]) {
|
||||||
// TODO grab OS list of standard ports?
|
// TODO grab OS list of standard ports?
|
||||||
if ('http' === parts[0]) {
|
if (!parts[0] || 'http' === parts[0]) {
|
||||||
parts[2] = 80;
|
parts[2] = 80;
|
||||||
}
|
}
|
||||||
else if ('https' === parts[0]) {
|
else if ('https' === parts[0]) {
|
||||||
|
@ -40,16 +51,16 @@ function collectProxies(val, memo) {
|
||||||
}
|
}
|
||||||
|
|
||||||
memo.push({
|
memo.push({
|
||||||
protocol: parts[0]
|
protocol: parts[0] || 'https'
|
||||||
, hostname: parts[1]
|
, hostname: parts[1]
|
||||||
, port: parts[2]
|
, port: parts[2] || 443
|
||||||
});
|
});
|
||||||
|
|
||||||
if (dual) {
|
if (dual) {
|
||||||
memo.push({
|
memo.push({
|
||||||
protocol: 'http'
|
protocol: 'http'
|
||||||
, hostname: parts[1]
|
, hostname: parts[1]
|
||||||
, port: parts[2]
|
, port: 80
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -70,6 +81,7 @@ program
|
||||||
})
|
})
|
||||||
.option('-k --insecure', 'Allow TLS connections to stunneld without valid certs (rejectUnauthorized: false)')
|
.option('-k --insecure', 'Allow TLS connections to stunneld without valid certs (rejectUnauthorized: false)')
|
||||||
.option('--locals <LINE>', 'comma separated list of <proto>:<//><servername>:<port> to which matching incoming http and https should forward (reverse proxy). Ex: https://john.example.com,tls:*:1337', collectProxies, [ ]) // --reverse-proxies
|
.option('--locals <LINE>', 'comma separated list of <proto>:<//><servername>:<port> to which matching incoming http and https should forward (reverse proxy). Ex: https://john.example.com,tls:*:1337', collectProxies, [ ]) // --reverse-proxies
|
||||||
|
.option('--device [HOSTNAME]', 'Tunnel all domains associated with this device instead of specific domainnames. Use with --locals <proto>:*:<port>. Ex: macbook-pro.local (the output of `hostname`)')
|
||||||
.option('--stunneld <URL>', 'the domain (or ip address) at which you are running stunneld.js (the proxy)') // --proxy
|
.option('--stunneld <URL>', 'the domain (or ip address) at which you are running stunneld.js (the proxy)') // --proxy
|
||||||
.option('--secret <STRING>', 'the same secret used by stunneld (used for JWT authentication)')
|
.option('--secret <STRING>', 'the same secret used by stunneld (used for JWT authentication)')
|
||||||
.option('--token <STRING>', 'a pre-generated token for use with stunneld (instead of generating one with --secret)')
|
.option('--token <STRING>', 'a pre-generated token for use with stunneld (instead of generating one with --secret)')
|
||||||
|
@ -95,7 +107,14 @@ function connectTunnel() {
|
||||||
console.log('[local proxy]', proxy.protocol + '://' + proxy.hostname + ':' + proxy.port);
|
console.log('[local proxy]', proxy.protocol + '://' + proxy.hostname + ':' + proxy.port);
|
||||||
});
|
});
|
||||||
|
|
||||||
stunnel.connect(program);
|
stunnel.connect({
|
||||||
|
stunneld: program.stunneld
|
||||||
|
, locals: program.locals
|
||||||
|
, services: program.services
|
||||||
|
, net: program.net
|
||||||
|
, insecure: program.insecure
|
||||||
|
, token: program.token
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function rawTunnel() {
|
function rawTunnel() {
|
||||||
|
@ -119,7 +138,7 @@ function rawTunnel() {
|
||||||
}
|
}
|
||||||
program.stunneld = location.protocol + '//' + location.hostname + (location.port ? ':' + location.port : '');
|
program.stunneld = location.protocol + '//' + location.hostname + (location.port ? ':' + location.port : '');
|
||||||
|
|
||||||
tokenData.domains = Object.keys(domainsMap);
|
tokenData.domains = Object.keys(domainsMap).filter(Boolean);
|
||||||
|
|
||||||
program.token = program.token || jwt.sign(tokenData, program.secret);
|
program.token = program.token || jwt.sign(tokenData, program.secret);
|
||||||
|
|
||||||
|
@ -134,9 +153,27 @@ function daplieTunnel() {
|
||||||
email: program.email
|
email: program.email
|
||||||
, providerUri: program.oauth3Url
|
, providerUri: program.oauth3Url
|
||||||
}).then(function (oauth3) {
|
}).then(function (oauth3) {
|
||||||
return oauth3.api('tunnel.token', { data: { device: 'test.local', domains: [] } }).then(function (results) {
|
var data = { device: null, domains: [] };
|
||||||
console.log('tunnel.token results');
|
var domains = Object.keys(domainsMap).filter(Boolean);
|
||||||
console.log(results);
|
if (program.device) {
|
||||||
|
// TODO use device API to select device by id
|
||||||
|
data.device = { hostname: program.device };
|
||||||
|
if (true === program.device) {
|
||||||
|
data.device.hostname = require('os').hostname();
|
||||||
|
console.log("Using device hostname '" + data.device.hostname + "'");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (domains.length) {
|
||||||
|
data.domains = domains;
|
||||||
|
}
|
||||||
|
return oauth3.api('tunnel.token', { data: data }).then(function (results) {
|
||||||
|
var token = new Buffer(results.jwt.split('.')[1], 'base64').toString('utf8');
|
||||||
|
console.log('tunnel token issued:');
|
||||||
|
console.log(token);
|
||||||
|
program.token = results.jwt;
|
||||||
|
program.stunneld = results.tunnelUrl || ('wss://' + token.aud + '/');
|
||||||
|
|
||||||
|
connectTunnel();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -145,6 +182,10 @@ var domainsMap = {};
|
||||||
program.locals.forEach(function (proxy) {
|
program.locals.forEach(function (proxy) {
|
||||||
domainsMap[proxy.hostname] = true;
|
domainsMap[proxy.hostname] = true;
|
||||||
});
|
});
|
||||||
|
if (domainsMap.hasOwnProperty('*')) {
|
||||||
|
//delete domainsMap['*'];
|
||||||
|
domainsMap['*'] = false;
|
||||||
|
}
|
||||||
|
|
||||||
if (!(program.secret || program.token) && !program.stunneld) {
|
if (!(program.secret || program.token) && !program.stunneld) {
|
||||||
daplieTunnel();
|
daplieTunnel();
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
},
|
},
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "git+ssh://git@github.com/Daplie/node-tunnel-client.git"
|
"url": "git+ssh://git@git.daplie.com/Daplie/node-tunnel-client.git"
|
||||||
},
|
},
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"cli",
|
"cli",
|
||||||
|
@ -42,9 +42,9 @@
|
||||||
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
|
||||||
"license": "(MIT OR Apache-2.0)",
|
"license": "(MIT OR Apache-2.0)",
|
||||||
"bugs": {
|
"bugs": {
|
||||||
"url": "https://github.com/Daplie/node-tunnel-client/issues"
|
"url": "https://git.daplie.com/Daplie/node-tunnel-client/issues"
|
||||||
},
|
},
|
||||||
"homepage": "https://github.com/Daplie/node-tunnel-client#readme",
|
"homepage": "https://git.daplie.com/Daplie/node-tunnel-client#readme",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"commander": "^2.9.0",
|
"commander": "^2.9.0",
|
||||||
"oauth3.js": "git+https://git.daplie.com:OAuth3/oauth3.js.git#v1",
|
"oauth3.js": "git+https://git.daplie.com:OAuth3/oauth3.js.git#v1",
|
||||||
|
|
Loading…
Reference in New Issue