1use crate::config::Config;
2use arc_swap::ArcSwap;
3use ipnet::IpNet;
4use moka::sync::Cache;
5use regex::Regex;
6use std::net::IpAddr;
7use std::sync::Arc;
8use std::sync::atomic::AtomicU64;
9
10pub const MAX_BODY_SIZE: usize = 4 * 1024;
11pub const MAX_IP_ENTRIES: u64 = 100_000;
12pub const MAX_SESSION_ENTRIES: u64 = 50_000;
13
14pub const TOTP_DIGITS: usize = 6;
15pub const TOTP_STEP_SECS: u64 = 30;
16pub const TOTP_SKEW: u64 = 1;
17
18pub const DEFAULT_HTTP_PORT: u16 = 80;
19
20pub const FILE_WATCH_DEBOUNCE_MS: u64 = 100;
21
22pub struct CompiledRoute {
23 pub host: Option<Regex>,
24 pub path: Option<Regex>,
25 pub path_prefix: Option<String>,
26 pub upstream_addr: String,
27 pub protect: bool,
28}
29
30pub struct RuntimeState {
31 pub config: Config,
32 pub secret: String,
33 pub trusted_cidrs: Vec<(IpNet, String)>,
34 pub routes: Vec<CompiledRoute>,
35 pub login_page_html: Arc<String>,
36 pub login_page_len: Arc<String>,
37}
38
39pub struct ProxyState {
40 pub runtime: ArcSwap<RuntimeState>,
41 pub sessions: Cache<String, ()>,
42 pub whitelist: Cache<IpAddr, ()>,
43 pub blacklist: ArcSwap<Cache<IpAddr, ()>>,
44 pub ip_limits: Cache<IpAddr, u8>,
45 pub last_verified_step: AtomicU64,
46}