From 36b36081ebed10c39664e6f5c239c2334ed48f85 Mon Sep 17 00:00:00 2001 From: Koushik Dutta Date: Wed, 7 Feb 2024 18:35:57 -0800 Subject: [PATCH] cloud: use cloudflare tunnel for short lived urls --- plugins/cloud/package-lock.json | 4 ++-- plugins/cloud/package.json | 2 +- plugins/cloud/src/main.ts | 26 ++++++++++++++++++-------- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/plugins/cloud/package-lock.json b/plugins/cloud/package-lock.json index 34053e46d..c113d3391 100644 --- a/plugins/cloud/package-lock.json +++ b/plugins/cloud/package-lock.json @@ -1,12 +1,12 @@ { "name": "@scrypted/cloud", - "version": "0.2.4", + "version": "0.2.5", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@scrypted/cloud", - "version": "0.2.4", + "version": "0.2.5", "dependencies": { "@eneris/push-receiver": "^3.1.4", "@scrypted/common": "file:../../common", diff --git a/plugins/cloud/package.json b/plugins/cloud/package.json index 1edf5c9eb..24f37c8ad 100644 --- a/plugins/cloud/package.json +++ b/plugins/cloud/package.json @@ -54,5 +54,5 @@ "@types/nat-upnp": "^1.1.2", "@types/node": "^20.4.5" }, - "version": "0.2.4" + "version": "0.2.5" } diff --git a/plugins/cloud/src/main.ts b/plugins/cloud/src/main.ts index 117428d6c..385dc948a 100644 --- a/plugins/cloud/src/main.ts +++ b/plugins/cloud/src/main.ts @@ -1,9 +1,13 @@ +import { Deferred } from "@scrypted/common/src/deferred"; import sdk, { BufferConverter, DeviceProvider, HttpRequest, HttpRequestHandler, HttpResponse, OauthClient, PushHandler, ScryptedDeviceBase, ScryptedDeviceType, ScryptedInterface, ScryptedMimeTypes, Setting, Settings } from "@scrypted/sdk"; import { StorageSettings } from "@scrypted/sdk/storage-settings"; import axios from 'axios'; import bpmux from 'bpmux'; +import * as cloudflared from 'cloudflared'; import crypto from 'crypto'; import { once } from 'events'; +import { backOff } from "exponential-backoff"; +import fs, { mkdirSync, renameSync, rmSync } from 'fs'; import http from 'http'; import HttpProxy from 'http-proxy'; import https from 'https'; @@ -11,17 +15,12 @@ import upnp from 'nat-upnp'; import net from 'net'; import os from 'os'; import path from 'path'; -import { Duplex, Readable } from 'stream'; +import { Duplex } from 'stream'; import tls from 'tls'; +import { readLine } from '../../../common/src/read-stream'; import { createSelfSignedCertificate } from '../../../server/src/cert'; import { PushManager } from './push'; -import { readLine } from '../../../common/src/read-stream'; import { qsparse, qsstringify } from "./qs"; -import * as cloudflared from 'cloudflared'; -import fs, { mkdirSync, renameSync, rmSync } from 'fs'; -import { backOff } from "exponential-backoff"; -import ip from 'ip'; -import { Deferred } from "@scrypted/common/src/deferred"; // import { registerDuckDns } from "./greenlock"; @@ -644,7 +643,18 @@ class ScryptedCloud extends ScryptedDeviceBase implements OauthClient, Settings, return this.getSSLHostname() || SCRYPTED_SERVER; } - async convert(data: Buffer, fromMimeType: string): Promise { + async convert(data: Buffer, fromMimeType: string, toMimeType: string): Promise { + // if cloudflare is enabled and the plugin isn't set up as a custom domain, try to use the cloudflare url for + // short lived urls. + if (this.cloudflareTunnel && this.storageSettings.values.forwardingMode !== 'Custom Domain') { + const params = new URLSearchParams(toMimeType.split(';')[1] || ''); + if (params.get('short-lived') === 'true') { + const u = new URL(data.toString(), this.cloudflareTunnel); + u.host = this.cloudflareTunnelHost; + u.port = ''; + return Buffer.from(u.toString()); + } + } return this.whitelist(data.toString(), 10 * 365 * 24 * 60 * 60 * 1000, `https://${this.getHostname()}`); }