@super-protocol/tunnels-lib

Superprotocol Tunnel Library

Tunnel Client

Connecting custom local server to Tunnel Server. Example of usage:

const fs = require('node:fs');
const { TunnelClient } = require('@super-protocol/tunnels-lib');
const pino = require('pino');

const serverFile = __dirname + '/server.js';
const domainConfigs = [
  {
    tunnels: [
      {
        sgxMrEnclave: '64cd7bc8bc121b9b71470ba185e83cde90c0d8a3b81661b5bd5e44ab451d5aad',
        sgxMrSigner: '22c4c4c40ebf9874905cfc44782eec5149bf07429ec0bd3e7fd018e9942d0513',
      },
    ],
    authToken: 'b97e4be4-6546-43a1-85d9-fa28a447dd07',
    site: {
      key: fs.readFileSync('private.pem'),
      cert: fs.readFileSync('ssl_fullchain.crt'),
    },
  },
];
const logger = pino({ level: 'trace' });
const options = { logger };

const tunnelClient = new TunnelClient(serverFile, domainConfigs, options);

tunnelClient.run().catch((error) => {
  logger.fatal({ error }, `Fail to start Tunnel Client`);
});

Tunnel Client properties:

• serverFile - absolute path to some js-file that has to up and run application as https server on port "applicationPort" from options. This file will be run from NodeJS worker*threads. Tunnel Client will path HTTPS_PORT env variable that equals "applicationPort" property from options. Also it will pass TLS_CERT and TLS_KEY env variables that should be used to start https server. It's important to note that this certificate is not obtained from the domainConfigs
• domainConfigs - array of objects that contains necessary information for connecting to Tunnel Server
  • tunnels - array of combination of mrEnclave and mrSigner that Tunnel Client should trust
  • authToken - auth token for Tunnel Server access
  • site - private key and SSL certificate of the domain in PEM format as Buffers
• options - some additional configurations:
  • logger - instance of pino logger. pino is a peer dependency of the library. Default: undefined
  • sgxMockEnabled - SGX methods will work only on Intel processor with SGX support. Change this param to "true" if you want to run the library in the test mode with mocked data. Default: false
  • dnsMockedTunnelServerIps - set ips that will be returned from fake DNS request in test purposes. Default: []
  • applicationPort - application port that will be passed to server-file as HTTPS_PORT and Tunnel Client will expect https server on localhost on this port. Default: 9000
  • tunnelServerPort - Tunnel Server port number. Default: 443
  • tunnelDnsCheckInterval - interval in ms, which uses library to check domains in DNS. Default: 120000ms
  • dnsNotFoundTimes - the number of times the library failed to find the domain in DNS before interrupting the connection. Default: 5
  • registerDomainConcurrently - the number of concurrent requests for domain registering. Default: 32
  • dnsCheckConcurrently - the number of concurrent requests to DNS. Default: 8
  • processSignalsToForward - signals that will be forwarded to worker_thread local server as message. Default: ['SIGTERM', 'SIGINT', 'SIGABRT']. To handle these messages, please follow next example:

    const { isMainThread, parentPort } = require('node:worker_threads');
    if(!isMainThread) {
      parentPort.on('message', (message) => {
          if(['SIGTERM', 'SIGINT', 'SIGABRT'].includes(message)) {
              ...
              shutdownHandler();
              ...
          }
      })
    }