moosicbox_tunnel_server 0.2.0

MoosicBox tunnel server package
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191

# MoosicBox Tunnel Server

Basic WebSocket-based tunneling server for MoosicBox remote access.

## Overview

The MoosicBox Tunnel Server provides:

- **WebSocket Tunneling**: Basic tunneling through WebSocket connections
- **Client Registration**: Simple client authentication and registration
- **Database Integration**: PostgreSQL backend for client management
- **HTTP API**: REST endpoints for tunnel management
- **Health Monitoring**: Basic health check endpoint

## Features

### Core Functionality

- **WebSocket Server**: Handles WebSocket connections for tunneling
- **Authentication**: Basic client registration and token-based auth
- **Database Storage**: Client data stored in PostgreSQL
- **HTTP Endpoints**: REST API for tunnel operations
- **CORS Support**: Cross-origin resource sharing enabled

### Available Endpoints

- **Health Check**: `/health` endpoint for service monitoring
- **WebSocket**: `/ws` endpoint for tunnel connections
- **Client Registration**: Authentication and client management
- **Magic Token Auth**: `/auth/magic-token` and `/auth/validate-signature-token`
- **Track/Album/Artist**: Media proxy endpoints
- **Tunnel Management**: Basic tunnel lifecycle operations

## Installation

### From Source

```bash
# Install dependencies
sudo apt update
sudo apt install build-essential libssl-dev pkg-config libpq-dev

# Clone and build
git clone https://github.com/MoosicBox/MoosicBox.git
cd MoosicBox
TUNNEL_ACCESS_TOKEN=your-secure-token cargo build --release --bin moosicbox_tunnel_server

# Install binary
sudo cp target/release/moosicbox_tunnel_server /usr/local/bin/
```

### Database Setup

```bash
# Install and setup PostgreSQL
sudo apt install postgresql postgresql-contrib
sudo systemctl start postgresql
sudo systemctl enable postgresql

# Create database and user
sudo -u postgres createdb moosicbox_tunnel
sudo -u postgres createuser moosicbox
```

## Usage

### Running the Tunnel Server

```bash
# Start tunnel server on default port 8000
moosicbox_tunnel_server

# Start on custom port
moosicbox_tunnel_server 8443

# With environment variables
export PORT=8443
export BIND_ADDR=0.0.0.0
export DATABASE_URL=postgresql://user:pass@localhost/moosicbox_tunnel
moosicbox_tunnel_server
```

### Environment Variables

#### Build-Time Variables

- `TUNNEL_ACCESS_TOKEN`: Required access token for general authorization (must be set during compilation)

#### Runtime Variables

- `PORT`: Server port (default: 8000)
- `BIND_ADDR`: Bind address (default: 0.0.0.0)
- `DATABASE_URL`: PostgreSQL connection string
- `MAX_THREADS`: Maximum blocking threads (default: 64)
- `ACTIX_WORKERS`: Number of Actix workers

## API Reference

### Health Check

```bash
curl http://localhost:8000/health
```

### WebSocket Connection

```javascript
const ws = new WebSocket('ws://localhost:8000/ws?clientId=my-client&signature=your-signature-token');
ws.onopen = () => console.log('Connected');
ws.onmessage = (event) => console.log('Message:', event.data);
```

### Client Authentication

```bash
# Register client (requires TUNNEL_ACCESS_TOKEN in Authorization header)
curl -X POST "http://localhost:8000/auth/register-client?clientId=my-client" \
  -H "Authorization: Bearer your-tunnel-access-token"

# Get signature token (requires client access token in Authorization header)
curl -X POST "http://localhost:8000/auth/signature-token?clientId=my-client" \
  -H "Authorization: Bearer your-client-access-token"

# Validate a signature token
curl -X POST "http://localhost:8000/auth/validate-signature-token?clientId=my-client&signature=your-signature-token"

# Register a magic token for a client (requires client access token)
curl -X POST "http://localhost:8000/auth/magic-token?clientId=my-client&magicToken=your-magic-token" \
  -H "Authorization: Bearer your-client-access-token"

# Use a magic token
curl "http://localhost:8000/auth/magic-token?magicToken=your-magic-token"
```

### Tunnel Proxy Request

```bash
# Proxy an HTTP request through the tunnel (requires client access token)
curl -X GET "http://localhost:8000/library/albums?clientId=my-client" \
  -H "Authorization: Bearer your-client-access-token"
```

## Configuration

The server can be configured via environment variables:

```bash
# Basic configuration
export PORT=8443
export BIND_ADDR=0.0.0.0
export DATABASE_URL=postgresql://localhost/moosicbox_tunnel

# Performance tuning
export MAX_THREADS=64
export ACTIX_WORKERS=4

# Logging
export RUST_LOG=info
export TOKIO_CONSOLE=1  # For tokio console debugging
```

## Development

### Building

```bash
# Build with all features
TUNNEL_ACCESS_TOKEN=your-secure-token cargo build --release --bin moosicbox_tunnel_server

# Build with specific features
TUNNEL_ACCESS_TOKEN=your-secure-token cargo build --release --bin moosicbox_tunnel_server --features postgres-raw
```

### Running in Development

```bash
# Run with debug logging
TUNNEL_ACCESS_TOKEN=your-secure-token RUST_LOG=debug cargo run --bin moosicbox_tunnel_server

# Run with tokio console
TUNNEL_ACCESS_TOKEN=your-secure-token TOKIO_CONSOLE=1 cargo run --bin moosicbox_tunnel_server
```

## Implementation Notes

- The server is built with Actix Web framework
- Uses PostgreSQL for data persistence
- WebSocket connections are managed through a dedicated service
- CORS is configured for web client access
- Supports graceful shutdown with proper cleanup
- Includes basic telemetry and metrics collection