remove base_url from config (#13)

* add example config dir, logos, and update CONTRIBUTING.md * update dockerignore * split base_url into dashboard_url and base_domain * Remove unessicary ports * Allow anything for the ip * Update docker tags * Complex regex for domains/ips * update gitignore --------- Co-authored-by: Owen Schwartz <owen@txv.io>
2026-03-03 01:06:39 +00:00 · 2025-01-07 22:41:35 -05:00
parent a36691e5ab
commit 235e91294e
23 changed files with 193 additions and 51 deletions
--- a/server/routers/auth/requestPasswordReset.ts
+++ b/server/routers/auth/requestPasswordReset.ts
@@ -82,7 +82,7 @@ export async function requestPasswordReset(
            });
        });

-        const url = `${config.getRawConfig().app.base_url}/auth/reset-password?email=${email}&token=${token}`;
+        const url = `${config.getRawConfig().app.dashboard_url}/auth/reset-password?email=${email}&token=${token}`;

        await sendEmail(
            ResetPasswordCode({
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -101,7 +101,7 @@ export async function verifyResourceSession(
            return allowed(res);
        }

-        const redirectUrl = `${config.getRawConfig().app.base_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;
+        const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;

        if (!sessions) {
            return notAllowed(res);
--- a/server/routers/org/createOrg.ts
+++ b/server/routers/org/createOrg.ts
@@ -82,7 +82,6 @@ export async function createOrg(
        let org: Org | null = null;

        await db.transaction(async (trx) => {
-            // create a url from config.getRawConfig().app.base_url and get the hostname
            const domain = config.getBaseDomain();

            const newOrg = await trx
--- a/server/routers/target/createTarget.ts
+++ b/server/routers/target/createTarget.ts
@@ -12,6 +12,34 @@ import { isIpInCidr } from "@server/lib/ip";
 import { fromError } from "zod-validation-error";
 import { addTargets } from "../newt/targets";

+// Regular expressions for validation
+const DOMAIN_REGEX =
+    /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
+const IPV4_REGEX =
+    /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
+const IPV6_REGEX = /^(?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4}$/i;
+
+// Schema for domain names and IP addresses
+const domainSchema = z
+    .string()
+    .min(1, "Domain cannot be empty")
+    .max(255, "Domain name too long")
+    .refine(
+        (value) => {
+            // Check if it's a valid IP address (v4 or v6)
+            if (IPV4_REGEX.test(value) || IPV6_REGEX.test(value)) {
+                return true;
+            }
+
+            // Check if it's a valid domain name
+            return DOMAIN_REGEX.test(value);
+        },
+        {
+            message: "Invalid domain name or IP address format",
+            path: ["domain"]
+        }
+    );
+
 const createTargetParamsSchema = z
    .object({
        resourceId: z
@@ -23,7 +51,7 @@ const createTargetParamsSchema = z

 const createTargetSchema = z
    .object({
-        ip: z.string().ip().or(z.literal('localhost')),
+        ip: domainSchema,
        method: z.string().min(1).max(10),
        port: z.number().int().min(1).max(65535),
        protocol: z.string().optional(),
--- a/server/routers/target/updateTarget.ts
+++ b/server/routers/target/updateTarget.ts
@@ -11,6 +11,34 @@ import { fromError } from "zod-validation-error";
 import { addPeer } from "../gerbil/peers";
 import { addTargets } from "../newt/targets";

+// Regular expressions for validation
+const DOMAIN_REGEX =
+    /^[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
+const IPV4_REGEX =
+    /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
+const IPV6_REGEX = /^(?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4}$/i;
+
+// Schema for domain names and IP addresses
+const domainSchema = z
+    .string()
+    .min(1, "Domain cannot be empty")
+    .max(255, "Domain name too long")
+    .refine(
+        (value) => {
+            // Check if it's a valid IP address (v4 or v6)
+            if (IPV4_REGEX.test(value) || IPV6_REGEX.test(value)) {
+                return true;
+            }
+
+            // Check if it's a valid domain name
+            return DOMAIN_REGEX.test(value);
+        },
+        {
+            message: "Invalid domain name or IP address format",
+            path: ["domain"]
+        }
+    );
+
 const updateTargetParamsSchema = z
    .object({
        targetId: z.string().transform(Number).pipe(z.number().int().positive())
@@ -19,7 +47,7 @@ const updateTargetParamsSchema = z

 const updateTargetBodySchema = z
    .object({
-        ip: z.string().ip().or(z.literal('localhost')).optional(), // for now we cant update the ip; you will have to delete
+        ip: domainSchema.optional(),
        method: z.string().min(1).max(10).optional(),
        port: z.number().int().min(1).max(65535).optional(),
        enabled: z.boolean().optional()
--- a/server/routers/user/inviteUser.ts
+++ b/server/routers/user/inviteUser.ts
@@ -152,7 +152,7 @@ export async function inviteUser(
            });
        });

-        const inviteLink = `${config.getRawConfig().app.base_url}/invite?token=${inviteId}-${token}`;
+        const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}`;

        if (doEmail) {
            await sendEmail(