@push.rocks/smartproxy/dist_ts/proxies/smart-proxy/models/interfaces.d.ts

A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.

import * as plugins from '../../../plugins.js';
import type { WrappedSocket } from '../../../core/models/wrapped-socket.js';
export interface IAcmeOptions {
    enabled?: boolean;
    email?: string;
    environment?: 'production' | 'staging';
    accountEmail?: string;
    port?: number;
    useProduction?: boolean;
    renewThresholdDays?: number;
    autoRenew?: boolean;
    certificateStore?: string;
    skipConfiguredCerts?: boolean;
    renewCheckIntervalHours?: number;
    routeForwards?: any[];
}
import type { IRouteConfig } from './route-types.js';
/**
 * Provision object for static or HTTP-01 certificate
 */
export type TSmartProxyCertProvisionObject = plugins.tsclass.network.ICert | 'http01';
/**
 * SmartProxy configuration options
 */
export interface ISmartProxyOptions {
    routes: IRouteConfig[];
    preserveSourceIP?: boolean;
    proxyIPs?: string[];
    acceptProxyProtocol?: boolean;
    sendProxyProtocol?: boolean;
    defaults?: {
        target?: {
            host: string;
            port: number;
        };
        security?: {
            ipAllowList?: string[];
            ipBlockList?: string[];
            maxConnections?: number;
        };
        preserveSourceIP?: boolean;
    };
    pfx?: Buffer;
    key?: string | Buffer | Array<Buffer | string>;
    passphrase?: string;
    cert?: string | Buffer | Array<string | Buffer>;
    ca?: string | Buffer | Array<string | Buffer>;
    ciphers?: string;
    honorCipherOrder?: boolean;
    rejectUnauthorized?: boolean;
    secureProtocol?: string;
    servername?: string;
    minVersion?: string;
    maxVersion?: string;
    connectionTimeout?: number;
    initialDataTimeout?: number;
    socketTimeout?: number;
    inactivityCheckInterval?: number;
    maxConnectionLifetime?: number;
    inactivityTimeout?: number;
    gracefulShutdownTimeout?: number;
    noDelay?: boolean;
    keepAlive?: boolean;
    keepAliveInitialDelay?: number;
    maxPendingDataSize?: number;
    disableInactivityCheck?: boolean;
    enableKeepAliveProbes?: boolean;
    enableDetailedLogging?: boolean;
    enableTlsDebugLogging?: boolean;
    enableRandomizedTimeouts?: boolean;
    allowSessionTicket?: boolean;
    maxConnectionsPerIP?: number;
    connectionRateLimitPerMinute?: number;
    keepAliveTreatment?: 'standard' | 'extended' | 'immortal';
    keepAliveInactivityMultiplier?: number;
    extendedKeepAliveLifetime?: number;
    useHttpProxy?: number[];
    httpProxyPort?: number;
    metrics?: {
        enabled?: boolean;
        sampleIntervalMs?: number;
        retentionSeconds?: number;
    };
    /**
     * Global ACME configuration options for SmartProxy
     *
     * When set, these options will be used as defaults for all routes
     * with certificate: 'auto' that don't have their own ACME configuration.
     * Route-specific ACME settings will override these defaults.
     *
     * Example:
     * ```ts
     * acme: {
     *   email: 'ssl@example.com',
     *   useProduction: false,
     *   port: 80
     * }
     * ```
     */
    acme?: IAcmeOptions;
    /**
     * Optional certificate provider callback. Return 'http01' to use HTTP-01 challenges,
     * or a static certificate object for immediate provisioning.
     */
    certProvisionFunction?: (domain: string) => Promise<TSmartProxyCertProvisionObject>;
    /**
     * Whether to fallback to ACME if custom certificate provision fails.
     * Default: true
     */
    certProvisionFallbackToAcme?: boolean;
}
/**
 * Enhanced connection record
 */
export interface IConnectionRecord {
    id: string;
    incoming: plugins.net.Socket | WrappedSocket;
    outgoing: plugins.net.Socket | WrappedSocket | null;
    incomingStartTime: number;
    outgoingStartTime?: number;
    outgoingClosedTime?: number;
    lockedDomain?: string;
    connectionClosed: boolean;
    cleanupTimer?: NodeJS.Timeout | null;
    alertFallbackTimeout?: NodeJS.Timeout;
    lastActivity: number;
    pendingData: Buffer[];
    pendingDataSize: number;
    bytesReceived: number;
    bytesSent: number;
    remoteIP: string;
    remotePort: number;
    localPort: number;
    isTLS: boolean;
    tlsHandshakeComplete: boolean;
    hasReceivedInitialData: boolean;
    routeConfig?: IRouteConfig;
    routeId?: string;
    targetHost?: string;
    targetPort?: number;
    tlsVersion?: string;
    hasKeepAlive: boolean;
    inactivityWarningIssued?: boolean;
    incomingTerminationReason?: string | null;
    outgoingTerminationReason?: string | null;
    usingNetworkProxy?: boolean;
    renegotiationHandler?: (chunk: Buffer) => void;
    isBrowserConnection?: boolean;
    domainSwitches?: number;
    nftablesHandled?: boolean;
    httpInfo?: {
        method?: string;
        path?: string;
        headers?: Record<string, string>;
    };
}