src/routes/reverseproxy.js

import assert from 'node:assert';
import AuditSource from '../auditsource.js';
import BoxError from '../boxerror.js';
import { HttpError } from '@cloudron/connect-lastmile';
import { HttpSuccess } from '@cloudron/connect-lastmile';
import reverseProxy from '../reverseproxy.js';
import safe from 'safetydance';


async function getTrustedIps(req, res, next) {
    const [error, trustedIps] = await safe(reverseProxy.getTrustedIps());
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, { trustedIps }));
}

async function setTrustedIps(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');

    // this is a string to allow comments
    if (typeof req.body.trustedIps !== 'string') return next(new HttpError(400, 'trustedIps must be a string'));

    const [error] = await safe(reverseProxy.setTrustedIps(req.body.trustedIps, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, {}));
}

async function renewCerts(req, res, next) {
    if ('rebuild' in req.body && typeof req.body.rebuild !== 'boolean') return next(new HttpError(400, 'rebuild must be a boolean'));
    if ('forceRenewal' in req.body && typeof req.body.forceRenewal !== 'boolean') return next(new HttpError(400, 'forceRenewal must be a boolean')); // ignored if the CA has ARI support

    const [error, taskId] = await safe(reverseProxy.startRenewCerts(req.body, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(202, { taskId }));
}

export default {
    getTrustedIps,
    setTrustedIps,

    renewCerts,
};
Migrate codebase from CommonJS to ES Modules 2026-02-14 09:53:14 +01:00			`import assert from 'node:assert';`
			`import AuditSource from '../auditsource.js';`
			`import BoxError from '../boxerror.js';`
			`import { HttpError } from '@cloudron/connect-lastmile';`
			`import { HttpSuccess } from '@cloudron/connect-lastmile';`
migrate to "export default" 2026-02-14 15:43:24 +01:00			`import reverseProxy from '../reverseproxy.js';`
Migrate codebase from CommonJS to ES Modules 2026-02-14 09:53:14 +01:00			`import safe from 'safetydance';`
reverseproxy: move renew and trusted ip routes 2023-08-04 13:19:48 +05:30

			`async function getTrustedIps(req, res, next) {`
			`const [error, trustedIps] = await safe(reverseProxy.getTrustedIps());`
			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(200, { trustedIps }));`
			`}`

			`async function setTrustedIps(req, res, next) {`
			`assert.strictEqual(typeof req.body, 'object');`

add comment on why these are strings 2023-09-09 07:57:53 +05:30			`// this is a string to allow comments`
reverseproxy: move renew and trusted ip routes 2023-08-04 13:19:48 +05:30			`if (typeof req.body.trustedIps !== 'string') return next(new HttpError(400, 'trustedIps must be a string'));`

			`const [error] = await safe(reverseProxy.setTrustedIps(req.body.trustedIps, AuditSource.fromRequest(req)));`
			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(200, {}));`
			`}`

			`async function renewCerts(req, res, next) {`
			`if ('rebuild' in req.body && typeof req.body.rebuild !== 'boolean') return next(new HttpError(400, 'rebuild must be a boolean'));`
reverseproxy: add forceRenewal check if only for completeness 2026-02-19 20:22:45 +01:00			`if ('forceRenewal' in req.body && typeof req.body.forceRenewal !== 'boolean') return next(new HttpError(400, 'forceRenewal must be a boolean')); // ignored if the CA has ARI support`
reverseproxy: move renew and trusted ip routes 2023-08-04 13:19:48 +05:30
			`const [error, taskId] = await safe(reverseProxy.startRenewCerts(req.body, AuditSource.fromRequest(req)));`
			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(202, { taskId }));`
			`}`
migrate to "export default" 2026-02-14 15:43:24 +01:00
			`export default {`
			`getTrustedIps,`
			`setTrustedIps,`

			`renewCerts,`
			`};`