Merge pull request #2857 from fosrl/dev

Proxy targets returns an array
2026-04-14 13:56:36 +00:00 · 2026-04-13 20:57:15 -07:00
parent bd3d6994c1 03d95874e6
commit 9fe4f78269
4 changed files with 64 additions and 64 deletions
--- a/server/lib/ip.ts
+++ b/server/lib/ip.ts
@@ -591,7 +591,7 @@ export function generateSubnetProxyTargetV2(
        pubKey: string | null;
        subnet: string | null;
    }[]
-): SubnetProxyTargetV2 | undefined {
+): SubnetProxyTargetV2[] | undefined {
    if (clients.length === 0) {
        logger.debug(
            `No clients have access to site resource ${siteResource.siteResourceId}, skipping target generation.`
@@ -599,7 +599,7 @@ export function generateSubnetProxyTargetV2(
        return;
    }
-    let target: SubnetProxyTargetV2 | null = null;
+    let targets: SubnetProxyTargetV2[] = [];
    const portRange = [
        ...parsePortRangeString(siteResource.tcpPortRangeString, "tcp"),
@@ -614,52 +614,54 @@ export function generateSubnetProxyTargetV2(
        if (ipSchema.safeParse(destination).success) {
            destination = `${destination}/32`;
-            target = {
+            targets.push({
                sourcePrefixes: [],
                destPrefix: destination,
                portRange,
                disableIcmp,
-                resourceId: siteResource.siteResourceId,
+                resourceId: siteResource.siteResourceId
-            };
+            });
        }
        if (siteResource.alias && siteResource.aliasAddress) {
            // also push a match for the alias address
-            target = {
+            targets.push({
                sourcePrefixes: [],
                destPrefix: `${siteResource.aliasAddress}/32`,
                rewriteTo: destination,
                portRange,
                disableIcmp,
-                resourceId: siteResource.siteResourceId,
+                resourceId: siteResource.siteResourceId
-            };
+            });
        }
    } else if (siteResource.mode == "cidr") {
-        target = {
+        targets.push({
            sourcePrefixes: [],
            destPrefix: siteResource.destination,
            portRange,
            disableIcmp,
-            resourceId: siteResource.siteResourceId,
+            resourceId: siteResource.siteResourceId
-        };
+        });
    }
-    if (!target) {
+    if (targets.length == 0) {
        return;
    }
-    for (const clientSite of clients) {
+    for (const target of targets) {
-        if (!clientSite.subnet) {
+        for (const clientSite of clients) {
-            logger.debug(
+            if (!clientSite.subnet) {
-                `Client ${clientSite.clientId} has no subnet, skipping for site resource ${siteResource.siteResourceId}.`
+                logger.debug(
-            );
+                    `Client ${clientSite.clientId} has no subnet, skipping for site resource ${siteResource.siteResourceId}.`
-            continue;
+                );
                continue;
            }
            const clientPrefix = `${clientSite.subnet.split("/")[0]}/32`;
            // add client prefix to source prefixes
            target.sourcePrefixes.push(clientPrefix);
        }
        const clientPrefix = `${clientSite.subnet.split("/")[0]}/32`;
        // add client prefix to source prefixes
        target.sourcePrefixes.push(clientPrefix);
    }
    // print a nice representation of the targets
@@ -667,36 +669,34 @@ export function generateSubnetProxyTargetV2(
    //     `Generated subnet proxy targets for: ${JSON.stringify(targets, null, 2)}`
    // );
-    return target;
+    return targets;
 }
 /**
 * Converts a SubnetProxyTargetV2 to an array of SubnetProxyTarget (v1)
 * by expanding each source prefix into its own target entry.
 * @param targetV2 - The v2 target to convert
 * @returns Array of v1 SubnetProxyTarget objects
 */
- export function convertSubnetProxyTargetsV2ToV1(
+export function convertSubnetProxyTargetsV2ToV1(
-     targetsV2: SubnetProxyTargetV2[]
+    targetsV2: SubnetProxyTargetV2[]
- ): SubnetProxyTarget[] {
+): SubnetProxyTarget[] {
-     return targetsV2.flatMap((targetV2) =>
+    return targetsV2.flatMap((targetV2) =>
-         targetV2.sourcePrefixes.map((sourcePrefix) => ({
+        targetV2.sourcePrefixes.map((sourcePrefix) => ({
-             sourcePrefix,
+            sourcePrefix,
-             destPrefix: targetV2.destPrefix,
+            destPrefix: targetV2.destPrefix,
-             ...(targetV2.disableIcmp !== undefined && {
+            ...(targetV2.disableIcmp !== undefined && {
-                 disableIcmp: targetV2.disableIcmp
+                disableIcmp: targetV2.disableIcmp
-             }),
+            }),
-             ...(targetV2.rewriteTo !== undefined && {
+            ...(targetV2.rewriteTo !== undefined && {
-                 rewriteTo: targetV2.rewriteTo
+                rewriteTo: targetV2.rewriteTo
-             }),
+            }),
-             ...(targetV2.portRange !== undefined && {
+            ...(targetV2.portRange !== undefined && {
-                 portRange: targetV2.portRange
+                portRange: targetV2.portRange
-             })
+            })
-         }))
+        }))
-     );
+    );
- }
+}
 // Custom schema for validating port range strings
 // Format: "80,443,8000-9000" or "*" for all ports, or empty string
--- a/server/lib/rebuildClientAssociations.ts
+++ b/server/lib/rebuildClientAssociations.ts
@@ -661,16 +661,16 @@ async function handleSubnetProxyTargetUpdates(
        );
        if (addedClients.length > 0) {
-            const targetToAdd = generateSubnetProxyTargetV2(
+            const targetsToAdd = generateSubnetProxyTargetV2(
                siteResource,
                addedClients
            );
-            if (targetToAdd) {
+            if (targetsToAdd) {
                proxyJobs.push(
                    addSubnetProxyTargets(
                        newt.newtId,
-                        [targetToAdd],
+                        targetsToAdd,
                        newt.version
                    )
                );
@@ -698,16 +698,16 @@ async function handleSubnetProxyTargetUpdates(
        );
        if (removedClients.length > 0) {
-            const targetToRemove = generateSubnetProxyTargetV2(
+            const targetsToRemove = generateSubnetProxyTargetV2(
                siteResource,
                removedClients
            );
-            if (targetToRemove) {
+            if (targetsToRemove) {
                proxyJobs.push(
                    removeSubnetProxyTargets(
                        newt.newtId,
-                        [targetToRemove],
+                        targetsToRemove,
                        newt.version
                    )
                );
@@ -1164,7 +1164,7 @@ async function handleMessagesForClientResources(
            }
            for (const resource of resources) {
-                const target = generateSubnetProxyTargetV2(resource, [
+                const targets = generateSubnetProxyTargetV2(resource, [
                    {
                        clientId: client.clientId,
                        pubKey: client.pubKey,
@@ -1172,11 +1172,11 @@ async function handleMessagesForClientResources(
                    }
                ]);
-                if (target) {
+                if (targets) {
                    proxyJobs.push(
                        addSubnetProxyTargets(
                            newt.newtId,
-                            [target],
+                            targets,
                            newt.version
                        )
                    );
@@ -1241,7 +1241,7 @@ async function handleMessagesForClientResources(
            }
            for (const resource of resources) {
-                const target = generateSubnetProxyTargetV2(resource, [
+                const targets = generateSubnetProxyTargetV2(resource, [
                    {
                        clientId: client.clientId,
                        pubKey: client.pubKey,
@@ -1249,11 +1249,11 @@ async function handleMessagesForClientResources(
                    }
                ]);
-                if (target) {
+                if (targets) {
                    proxyJobs.push(
                        removeSubnetProxyTargets(
                            newt.newtId,
-                            [target],
+                            targets,
                            newt.version
                        )
                    );
--- a/server/routers/newt/buildConfiguration.ts
+++ b/server/routers/newt/buildConfiguration.ts
@@ -168,13 +168,13 @@ export async function buildClientConfigurationForNewtClient(
                )
            );
-        const resourceTarget = generateSubnetProxyTargetV2(
+        const resourceTargets = generateSubnetProxyTargetV2(
            resource,
            resourceClients
        );
-        if (resourceTarget) {
+        if (resourceTargets) {
-            targetsToSend.push(resourceTarget);
+            targetsToSend.push(...resourceTargets);
        }
    }
--- a/server/routers/siteResource/updateSiteResource.ts
+++ b/server/routers/siteResource/updateSiteResource.ts
@@ -618,11 +618,11 @@ export async function handleMessagingForUpdatedSiteResource(
        // Only update targets on newt if destination changed
        if (destinationChanged || portRangesChanged) {
-            const oldTarget = generateSubnetProxyTargetV2(
+            const oldTargets = generateSubnetProxyTargetV2(
                existingSiteResource,
                mergedAllClients
            );
-            const newTarget = generateSubnetProxyTargetV2(
+            const newTargets = generateSubnetProxyTargetV2(
                updatedSiteResource,
                mergedAllClients
            );
@@ -630,8 +630,8 @@ export async function handleMessagingForUpdatedSiteResource(
            await updateTargets(
                newt.newtId,
                {
-                    oldTargets: oldTarget ? [oldTarget] : [],
+                    oldTargets: oldTargets ? oldTargets : [],
-                    newTargets: newTarget ? [newTarget] : []
+                    newTargets: newTargets ? newTargets : []
                },
                newt.version
            );