feat(reverse-proxy): clusters API surfaces type, online status, and capability flags (#6148)

The cluster listing now answers three questions in one round-trip instead of forcing the dashboard to cross-reference the domains API: which clusters can this account see, are they currently up, and what do they support. The ProxyCluster wire type drops the boolean self_hosted in favour of a `type` enum (`account` / `shared`) plus explicit `online`, `supports_custom_ports`, `require_subdomain`, and `supports_crowdsec` fields. Store query reworked so offline clusters still appear (no last_seen WHERE), with online and connected_proxies both derived from the existing 2-min active window via portable CASE expressions; the 1-hour heartbeat reaper still removes long-stale rows. Service manager enriches each cluster with the capability flags via the existing per-cluster lookups (CapabilityProvider now also exposes ClusterSupportsCrowdSec). GetActiveClusterAddresses* keep their tight 2-min filter so service routing and domain enumeration aren't pulled into the wider window. The hard cut removes self_hosted from the response — the dashboard is the only consumer and is updated in the matching PR; no transitional field is shipped. Adds a cross-engine regression test asserting offline clusters surface, connected_proxies counts only fresh proxies, and account-scoped BYOP clusters never leak across accounts.
2026-05-21 08:09:55 +00:00 · 2026-05-20 10:08:34 +02:00
parent 80966ab1b0
commit d250f92c43
17 changed files with 393 additions and 122 deletions
--- a/shared/management/http/api/openapi.yml
+++ b/shared/management/http/api/openapi.yml
@@ -3417,19 +3417,43 @@ components:
          type: string
          description: Cluster address used for CNAME targets
          example: "eu.proxy.netbird.io"
+        type:
+          $ref: '#/components/schemas/ProxyClusterType'
+        online:
+          type: boolean
+          description: Whether at least one proxy in the cluster has heartbeated within the active window
+          example: true
        connected_proxies:
          type: integer
-          description: Number of proxy nodes connected in this cluster
+          description: Number of proxy nodes currently connected (heartbeat within the active window)
          example: 3
-        self_hosted:
+        supports_custom_ports:
          type: boolean
-          description: Whether this cluster is a self-hosted (BYOP) proxy managed by the account owner
+          description: Whether the cluster supports binding arbitrary TCP/UDP ports
+          example: true
+        require_subdomain:
+          type: boolean
+          description: Whether services on this cluster must include a subdomain label
+          example: false
+        supports_crowdsec:
+          type: boolean
+          description: Whether all active proxies in the cluster have CrowdSec configured
          example: false
      required:
        - id
        - address
+        - type
+        - online
        - connected_proxies
-        - self_hosted
+    ProxyClusterType:
+      type: string
+      description: |
+        Source of the proxy cluster. `account` clusters are owned and operated by the account (BYOP);
+        `shared` clusters are operated by NetBird and shared across accounts.
+      enum:
+        - account
+        - shared
+      example: shared
    ReverseProxyDomainType:
      type: string
      description: Type of Reverse Proxy Domain