refactor(session): add registry to manage SSH sessions

- Implement thread-safe session registry with sync.RWMutex
- Add Registry interface for session management operations
- Support Get, Register, Update, and Remove session operations
- Enable dynamic slug updates for existing sessions
- Fix Connection closed by remote because HandleTCPIPForward run on a goroutine

.gitea/workflows/build.yml

@@ -5,6 +5,8 @@ on:
     branches:
       - main
       - staging
+    tags:
+      - 'v*'
     paths:
       - '**.go'
       - 'go.mod'
@@ -15,8 +17,9 @@ on:
       - '.gitea/workflows/build.yml'
 
 jobs:
-  build-and-push:
+  build-and-push-branches:
     runs-on: ubuntu-latest
+    if: github.ref_type == 'branch'
 
     steps:
       - name: Checkout repository
@@ -32,6 +35,17 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
+      - name: Set version variables
+        id: vars
+        run: |
+          if [ "${{ github.ref }}" == "refs/heads/main" ]; then
+            echo "VERSION=dev-main" >> $GITHUB_OUTPUT
+          else
+            echo "VERSION=dev-staging" >> $GITHUB_OUTPUT
+          fi
+          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
+          echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
+
       - name: Build and push Docker image for main
         uses: docker/build-push-action@v6
         with:
@@ -40,6 +54,10 @@ jobs:
           tags: |
             git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest
           platforms: linux/amd64,linux/arm64
+          build-args: |
+            VERSION=${{ steps.vars.outputs.VERSION }}
+            BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
+            COMMIT=${{ steps.vars.outputs.COMMIT }}
         if: github.ref == 'refs/heads/main'
 
       - name: Build and push Docker image for staging
@@ -50,4 +68,85 @@ jobs:
           tags: |
             git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging
           platforms: linux/amd64,linux/arm64
+          build-args: |
+            VERSION=${{ steps.vars.outputs.VERSION }}
+            BUILD_DATE=${{ steps.vars.outputs.BUILD_DATE }}
+            COMMIT=${{ steps.vars.outputs.COMMIT }}
         if: github.ref == 'refs/heads/staging'
+
+  build-and-push-tags:
+    runs-on: ubuntu-latest
+    if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/v')
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: git.fossy.my.id
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract version and determine release type
+        id: version
+        run: |
+          VERSION=${GITHUB_REF#refs/tags/v}
+          echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
+          echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
+          echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
+          
+          if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then
+            MAJOR=$(echo "$VERSION" | cut -d. -f1)
+            MINOR=$(echo "$VERSION" | cut -d. -f2)
+            
+            echo "MAJOR=$MAJOR" >> $GITHUB_OUTPUT
+            echo "MINOR=$MINOR" >> $GITHUB_OUTPUT
+            
+            if echo "$VERSION" | grep -q '-'; then
+              echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT
+              echo "ADDITIONAL_TAG=staging" >> $GITHUB_OUTPUT
+            else
+              echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT
+              echo "ADDITIONAL_TAG=latest" >> $GITHUB_OUTPUT
+            fi
+          else
+            echo "Invalid version format: $VERSION"
+            exit 1
+          fi
+
+      - name: Build and push Docker image for release
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: |
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }}
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}.${{ steps.version.outputs.MINOR }}
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }}
+          platforms: linux/amd64,linux/arm64
+          build-args: |
+            VERSION=${{ steps.version.outputs.VERSION }}
+            BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
+            COMMIT=${{ steps.version.outputs.COMMIT }}
+        if: steps.version.outputs.IS_PRERELEASE == 'false'
+
+      - name: Build and push Docker image for pre-release
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: |
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }}
+            git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:${{ steps.version.outputs.ADDITIONAL_TAG }}
+          platforms: linux/amd64,linux/arm64
+          build-args: |
+            VERSION=${{ steps.version.outputs.VERSION }}
+            BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
+            COMMIT=${{ steps.version.outputs.COMMIT }}
+        if: steps.version.outputs.IS_PRERELEASE == 'true'

Dockerfile

@@ -1,5 +1,9 @@
 FROM golang:1.25.5-alpine AS go_builder
 
+ARG VERSION=dev
+ARG BUILD_DATE=unknown
+ARG COMMIT=unknown
+
 RUN apk update && apk upgrade && \
     apk add --no-cache ca-certificates tzdata git && \
     update-ca-certificates
@@ -18,7 +22,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \
     --mount=type=cache,target=/root/.cache/go-build \
     CGO_ENABLED=0 GOOS=linux \
     go build -trimpath \
-    -ldflags="-w -s" \
+    -ldflags="-w -s -X tunnel_pls/version.Version=${VERSION} -X tunnel_pls/version.BuildDate=${BUILD_DATE} -X tunnel_pls/version.Commit=${COMMIT}" \
     -o /app/tunnel_pls \
     .
 
@@ -28,6 +32,10 @@ RUN adduser -D -u 10001 -g '' appuser && \
 
 FROM scratch
 
+ARG VERSION=dev
+ARG BUILD_DATE=unknown
+ARG COMMIT=unknown
+
 COPY --from=go_builder /usr/share/zoneinfo /usr/share/zoneinfo
 COPY --from=go_builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=go_builder /etc/passwd /etc/passwd
@@ -43,6 +51,9 @@ ENV TZ=Asia/Jakarta
 EXPOSE 2200 8080 8443
 
 LABEL org.opencontainers.image.title="Tunnel Please" \
-      org.opencontainers.image.description="SSH-based tunnel server"
+      org.opencontainers.image.description="SSH-based tunnel server" \
+      org.opencontainers.image.version="${VERSION}" \
+      org.opencontainers.image.revision="${COMMIT}" \
+      org.opencontainers.image.created="${BUILD_DATE}"
 
 ENTRYPOINT ["/app/tunnel_pls"]

internal/config/config.go

@@ -0,0 +1,35 @@
+package config
+
+import (
+	"log"
+	"os"
+	"strconv"
+
+	"github.com/joho/godotenv"
+)
+
+func init() {
+	if _, err := os.Stat(".env"); err == nil {
+		if err := godotenv.Load(".env"); err != nil {
+			log.Printf("Warning: Failed to load .env file: %s", err)
+		}
+	}
+}
+
+func Getenv(key, defaultValue string) string {
+	val := os.Getenv(key)
+	if val == "" {
+		val = defaultValue
+	}
+
+	return val
+}
+
+func GetBufferSize() int {
+	sizeStr := Getenv("BUFFER_SIZE", "32768")
+	size, err := strconv.Atoi(sizeStr)
+	if err != nil || size < 4096 || size > 1048576 {
+		return 32768
+	}
+	return size
+}

internal/key/key.go

@@ -1,4 +1,4 @@
-package utils
+package key
 
 import (
 	"crypto/rand"
@@ -6,54 +6,12 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"log"
-	mathrand "math/rand"
 	"os"
 	"path/filepath"
-	"strconv"
-	"strings"
-	"time"
 
-	"github.com/joho/godotenv"
 	"golang.org/x/crypto/ssh"
 )
 
-func init() {
-	if _, err := os.Stat(".env"); err == nil {
-		if err := godotenv.Load(".env"); err != nil {
-			log.Printf("Warning: Failed to load .env file: %s", err)
-		}
-	}
-}
-
-func GenerateRandomString(length int) string {
-	const charset = "abcdefghijklmnopqrstuvwxyz"
-	seededRand := mathrand.New(mathrand.NewSource(time.Now().UnixNano() + int64(mathrand.Intn(9999))))
-	var result strings.Builder
-	for i := 0; i < length; i++ {
-		randomIndex := seededRand.Intn(len(charset))
-		result.WriteString(string(charset[randomIndex]))
-	}
-	return result.String()
-}
-
-func Getenv(key, defaultValue string) string {
-	val := os.Getenv(key)
-	if val == "" {
-		val = defaultValue
-	}
-
-	return val
-}
-
-func GetBufferSize() int {
-	sizeStr := Getenv("BUFFER_SIZE", "32768")
-	size, err := strconv.Atoi(sizeStr)
-	if err != nil || size < 4096 || size > 1048576 {
-		return 32768
-	}
-	return size
-}
-
 func GenerateSSHKeyIfNotExist(keyPath string) error {
 	if _, err := os.Stat(keyPath); err == nil {
 		log.Printf("SSH key already exists at %s", keyPath)

internal/port/port.go

@@ -6,7 +6,7 @@ import (
 	"strconv"
 	"strings"
 	"sync"
-	"tunnel_pls/utils"
+	"tunnel_pls/internal/config"
 )
 
 type Manager interface {
@@ -28,7 +28,7 @@ var Default Manager = &manager{
 }
 
 func init() {
-	rawRange := utils.Getenv("ALLOWED_PORTS", "")
+	rawRange := config.Getenv("ALLOWED_PORTS", "")
 	if rawRange == "" {
 		return
 	}

internal/random/random.go

@@ -0,0 +1,18 @@
+package random
+
+import (
+	mathrand "math/rand"
+	"strings"
+	"time"
+)
+
+func GenerateRandomString(length int) string {
+	const charset = "abcdefghijklmnopqrstuvwxyz"
+	seededRand := mathrand.New(mathrand.NewSource(time.Now().UnixNano() + int64(mathrand.Intn(9999))))
+	var result strings.Builder
+	for i := 0; i < length; i++ {
+		randomIndex := seededRand.Intn(len(charset))
+		result.WriteString(string(charset[randomIndex]))
+	}
+	return result.String()
+}

main.go

@@ -6,19 +6,29 @@ import (
 	"net/http"
 	_ "net/http/pprof"
 	"os"
+	"tunnel_pls/internal/config"
+	"tunnel_pls/internal/key"
 	"tunnel_pls/server"
-	"tunnel_pls/utils"
+	"tunnel_pls/session"
+	"tunnel_pls/version"
 
 	"golang.org/x/crypto/ssh"
 )
 
 func main() {
+	if len(os.Args) > 1 && (os.Args[1] == "--version" || os.Args[1] == "-v") {
+		fmt.Println(version.GetVersion())
+		os.Exit(0)
+	}
+
 	log.SetOutput(os.Stdout)
 	log.SetFlags(log.LstdFlags | log.Lshortfile)
 
-	pprofEnabled := utils.Getenv("PPROF_ENABLED", "false")
+	log.Printf("Starting %s", version.GetVersion())
+
+	pprofEnabled := config.Getenv("PPROF_ENABLED", "false")
 	if pprofEnabled == "true" {
-		pprofPort := utils.Getenv("PPROF_PORT", "6060")
+		pprofPort := config.Getenv("PPROF_PORT", "6060")
 		go func() {
 			pprofAddr := fmt.Sprintf("localhost:%s", pprofPort)
 			log.Printf("Starting pprof server on http://%s/debug/pprof/", pprofAddr)
@@ -30,11 +40,11 @@ func main() {
 
 	sshConfig := &ssh.ServerConfig{
 		NoClientAuth:  true,
-		ServerVersion: "SSH-2.0-TunnlPls-1.0",
+		ServerVersion: fmt.Sprintf("SSH-2.0-TunnlPls-%s", version.GetShortVersion()),
 	}
 
 	sshKeyPath := "certs/ssh/id_rsa"
-	if err := utils.GenerateSSHKeyIfNotExist(sshKeyPath); err != nil {
+	if err := key.GenerateSSHKeyIfNotExist(sshKeyPath); err != nil {
 		log.Fatalf("Failed to generate SSH key: %s", err)
 	}
 
@@ -49,6 +59,11 @@ func main() {
 	}
 
 	sshConfig.AddHostKey(private)
-	app := server.NewServer(sshConfig)
+	sessionRegistry := session.NewRegistry()
+
+	app, err := server.NewServer(sshConfig, sessionRegistry)
+	if err != nil {
+		log.Fatalf("Failed to start server: %s", err)
+	}
 	app.Start()
 }

renovate.json

@@ -11,7 +11,7 @@
         "digest"
       ],
       "automerge": true,
-      "baseBranches": [
+      "baseBranchPatterns": [
         "staging"
       ]
     }

server/handler.go

@@ -1,28 +0,0 @@
-package server
-
-import (
-	"log"
-	"net"
-	"tunnel_pls/session"
-
-	"golang.org/x/crypto/ssh"
-)
-
-func (s *Server) handleConnection(conn net.Conn) {
-	sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
-	if err != nil {
-		log.Printf("failed to establish SSH connection: %v", err)
-		err := conn.Close()
-		if err != nil {
-			log.Printf("failed to close SSH connection: %v", err)
-			return
-		}
-		return
-	}
-
-	log.Println("SSH connection established:", sshConn.User())
-
-	session.New(sshConn, forwardingReqs, chans)
-
-	return
-}

server/http.go

@@ -11,21 +11,15 @@ import (
 	"regexp"
 	"strings"
 	"time"
+	"tunnel_pls/internal/config"
 	"tunnel_pls/session"
-	"tunnel_pls/utils"
 
 	"golang.org/x/crypto/ssh"
 )
 
-type Interaction interface {
-	SendMessage(message string)
-}
-
 type HTTPWriter interface {
 	io.Reader
 	io.Writer
-	SetInteraction(interaction Interaction)
-	AddInteraction(interaction Interaction)
 	GetRemoteAddr() net.Addr
 	GetWriter() io.Writer
 	AddResponseMiddleware(mw ResponseMiddleware)
@@ -42,16 +36,11 @@ type customWriter struct {
 	buf        []byte
 	respHeader ResponseHeaderManager
 	reqHeader  RequestHeaderManager
-	interaction Interaction
 	respMW     []ResponseMiddleware
 	reqStartMW []RequestMiddleware
 	reqEndMW   []RequestMiddleware
 }
 
-func (cw *customWriter) SetInteraction(interaction Interaction) {
-	cw.interaction = interaction
-}
-
 func (cw *customWriter) GetRemoteAddr() net.Addr {
 	return cw.remoteAddr
 }
@@ -139,7 +128,6 @@ func NewCustomWriter(writer io.Writer, reader io.Reader, remoteAddr net.Addr) HT
 		writer:     writer,
 		reader:     reader,
 		buf:        make([]byte, 0, 4096),
-		interaction: nil,
 	}
 }
 
@@ -224,19 +212,29 @@ func (cw *customWriter) Write(p []byte) (int, error) {
 	return len(p), nil
 }
 
-func (cw *customWriter) AddInteraction(interaction Interaction) {
-	cw.interaction = interaction
-}
-
 var redirectTLS = false
 
-func NewHTTPServer() error {
-	httpPort := utils.Getenv("HTTP_PORT", "8080")
+type HTTPServer interface {
+	ListenAndServe() error
+	ListenAndServeTLS() error
+	handler(conn net.Conn)
+	handlerTLS(conn net.Conn)
+}
+type httpServer struct {
+	sessionRegistry session.Registry
+}
+
+func NewHTTPServer(sessionRegistry session.Registry) HTTPServer {
+	return &httpServer{sessionRegistry: sessionRegistry}
+}
+
+func (hs *httpServer) ListenAndServe() error {
+	httpPort := config.Getenv("HTTP_PORT", "8080")
 	listener, err := net.Listen("tcp", ":"+httpPort)
 	if err != nil {
 		return errors.New("Error listening: " + err.Error())
 	}
-	if utils.Getenv("TLS_ENABLED", "false") == "true" && utils.Getenv("TLS_REDIRECT", "false") == "true" {
+	if config.Getenv("TLS_ENABLED", "false") == "true" && config.Getenv("TLS_REDIRECT", "false") == "true" {
 		redirectTLS = true
 	}
 	go func() {
@@ -251,13 +249,13 @@ func NewHTTPServer() error {
 				continue
 			}
 
-			go Handler(conn)
+			go hs.handler(conn)
 		}
 	}()
 	return nil
 }
 
-func Handler(conn net.Conn) {
+func (hs *httpServer) handler(conn net.Conn) {
 	defer func() {
 		err := conn.Close()
 		if err != nil && !errors.Is(err, net.ErrClosed) {
@@ -288,7 +286,7 @@ func Handler(conn net.Conn) {
 
 	if redirectTLS {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
-			fmt.Sprintf("Location: https://%s.%s/\r\n", slug, utils.Getenv("DOMAIN", "localhost")) +
+			fmt.Sprintf("Location: https://%s.%s/\r\n", slug, config.Getenv("DOMAIN", "localhost")) +
 			"Content-Length: 0\r\n" +
 			"Connection: close\r\n" +
 			"\r\n"))
@@ -316,8 +314,8 @@ func Handler(conn net.Conn) {
 		return
 	}
 
-	sshSession, ok := session.Clients[slug]
-	if !ok {
+	sshSession, exist := hs.sessionRegistry.Get(slug)
+	if !exist {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +

server/https.go

@@ -8,13 +8,12 @@ import (
 	"log"
 	"net"
 	"strings"
-	"tunnel_pls/session"
-	"tunnel_pls/utils"
+	"tunnel_pls/internal/config"
 )
 
-func NewHTTPSServer() error {
-	domain := utils.Getenv("DOMAIN", "localhost")
-	httpsPort := utils.Getenv("HTTPS_PORT", "8443")
+func (hs *httpServer) ListenAndServeTLS() error {
+	domain := config.Getenv("DOMAIN", "localhost")
+	httpsPort := config.Getenv("HTTPS_PORT", "8443")
 
 	tlsConfig, err := NewTLSConfig(domain)
 	if err != nil {
@@ -38,13 +37,13 @@ func NewHTTPSServer() error {
 				continue
 			}
 
-			go HandlerTLS(conn)
+			go hs.handlerTLS(conn)
 		}
 	}()
 	return nil
 }
 
-func HandlerTLS(conn net.Conn) {
+func (hs *httpServer) handlerTLS(conn net.Conn) {
 	defer func() {
 		err := conn.Close()
 		if err != nil {
@@ -90,8 +89,8 @@ func HandlerTLS(conn net.Conn) {
 		return
 	}
 
-	sshSession, ok := session.Clients[slug]
-	if !ok {
+	sshSession, exist := hs.sessionRegistry.Get(slug)
+	if !exist {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +

server/server.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"log"
 	"net"
-	"net/http"
-	"tunnel_pls/utils"
+	"tunnel_pls/internal/config"
+	"tunnel_pls/session"
 
 	"golang.org/x/crypto/ssh"
 )
@@ -13,41 +13,36 @@ import (
 type Server struct {
 	conn            *net.Listener
 	config          *ssh.ServerConfig
-	httpServer *http.Server
+	sessionRegistry session.Registry
 }
 
-func (s *Server) GetConn() *net.Listener {
-	return s.conn
-}
-
-func (s *Server) GetConfig() *ssh.ServerConfig {
-	return s.config
-}
-
-func (s *Server) GetHttpServer() *http.Server {
-	return s.httpServer
-}
-
-func NewServer(config *ssh.ServerConfig) *Server {
-	listener, err := net.Listen("tcp", fmt.Sprintf(":%s", utils.Getenv("PORT", "2200")))
+func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*Server, error) {
+	listener, err := net.Listen("tcp", fmt.Sprintf(":%s", config.Getenv("PORT", "2200")))
 	if err != nil {
 		log.Fatalf("failed to listen on port 2200: %v", err)
-		return nil
+		return nil, err
 	}
-	if utils.Getenv("TLS_ENABLED", "false") == "true" {
-		err = NewHTTPSServer()
-		if err != nil {
-			log.Fatalf("failed to start https server: %v", err)
-		}
-	}
-	err = NewHTTPServer()
+
+	HttpServer := NewHTTPServer(sessionRegistry)
+	err = HttpServer.ListenAndServe()
 	if err != nil {
 		log.Fatalf("failed to start http server: %v", err)
+		return nil, err
 	}
+
+	if config.Getenv("TLS_ENABLED", "false") == "true" {
+		err = HttpServer.ListenAndServeTLS()
+		if err != nil {
+			log.Fatalf("failed to start https server: %v", err)
+			return nil, err
+		}
+	}
+
 	return &Server{
 		conn:            &listener,
-		config: config,
-	}
+		config:          sshConfig,
+		sessionRegistry: sessionRegistry,
+	}, nil
 }
 
 func (s *Server) Start() {
@@ -62,3 +57,26 @@ func (s *Server) Start() {
 		go s.handleConnection(conn)
 	}
 }
+
+func (s *Server) handleConnection(conn net.Conn) {
+	sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
+	if err != nil {
+		log.Printf("failed to establish SSH connection: %v", err)
+		err := conn.Close()
+		if err != nil {
+			log.Printf("failed to close SSH connection: %v", err)
+			return
+		}
+		return
+	}
+
+	log.Println("SSH connection established:", sshConn.User())
+
+	sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry)
+	err = sshSession.Start()
+	if err != nil {
+		log.Printf("SSH session ended with error: %v", err)
+		return
+	}
+	return
+}

server/tls.go

@@ -10,7 +10,7 @@ import (
 	"os"
 	"sync"
 	"time"
-	"tunnel_pls/utils"
+	"tunnel_pls/internal/config"
 
 	"github.com/caddyserver/certmagic"
 	"github.com/libdns/cloudflare"
@@ -92,7 +92,7 @@ func NewTLSConfig(domain string) (*tls.Config, error) {
 }
 
 func isACMEConfigComplete() bool {
-	cfAPIToken := utils.Getenv("CF_API_TOKEN", "")
+	cfAPIToken := config.Getenv("CF_API_TOKEN", "")
 	return cfAPIToken != ""
 }
 
@@ -241,9 +241,9 @@ func (tm *tlsManager) initCertMagic() error {
 		return fmt.Errorf("failed to create cert storage directory: %w", err)
 	}
 
-	acmeEmail := utils.Getenv("ACME_EMAIL", "admin@"+tm.domain)
-	cfAPIToken := utils.Getenv("CF_API_TOKEN", "")
-	acmeStaging := utils.Getenv("ACME_STAGING", "false") == "true"
+	acmeEmail := config.Getenv("ACME_EMAIL", "admin@"+tm.domain)
+	cfAPIToken := config.Getenv("CF_API_TOKEN", "")
+	acmeStaging := config.Getenv("ACME_STAGING", "false") == "true"
 
 	if cfAPIToken == "" {
 		return fmt.Errorf("CF_API_TOKEN environment variable is required for automatic certificate generation")

session/forwarder/forwarder.go

@@ -10,16 +10,16 @@ import (
 	"strconv"
 	"sync"
 	"time"
+	"tunnel_pls/internal/config"
 	"tunnel_pls/session/slug"
 	"tunnel_pls/types"
-	"tunnel_pls/utils"
 
 	"golang.org/x/crypto/ssh"
 )
 
 var bufferPool = sync.Pool{
 	New: func() interface{} {
-		bufSize := utils.GetBufferSize()
+		bufSize := config.GetBufferSize()
 		return make([]byte, bufSize)
 	},
 }

session/handler.go

@@ -7,10 +7,9 @@ import (
 	"log"
 	"net"
 	portUtil "tunnel_pls/internal/port"
+	"tunnel_pls/internal/random"
 	"tunnel_pls/types"
 
-	"tunnel_pls/utils"
-
 	"golang.org/x/crypto/ssh"
 )
 
@@ -19,7 +18,28 @@ var blockedReservedPorts = []uint16{1080, 1433, 1521, 1900, 2049, 3306, 3389, 54
 func (s *SSHSession) HandleGlobalRequest(GlobalRequest <-chan *ssh.Request) {
 	for req := range GlobalRequest {
 		switch req.Type {
-		case "shell", "pty-req", "window-change":
+		case "shell", "pty-req":
+			err := req.Reply(true, nil)
+			if err != nil {
+				log.Println("Failed to reply to request:", err)
+				return
+			}
+		case "window-change":
+			p := req.Payload
+			if len(p) < 16 {
+				log.Println("invalid window-change payload")
+				err := req.Reply(false, nil)
+				if err != nil {
+					log.Println("Failed to reply to request:", err)
+					return
+				}
+				return
+			}
+			cols := binary.BigEndian.Uint32(p[0:4])
+			rows := binary.BigEndian.Uint32(p[4:8])
+
+			s.interaction.SetWH(int(cols), int(rows))
+
 			err := req.Reply(true, nil)
 			if err != nil {
 				log.Println("Failed to reply to request:", err)
@@ -86,7 +106,6 @@ func (s *SSHSession) HandleTCPIPForward(req *ssh.Request) {
 	}
 
 	portToBind := uint16(rawPortToBind)
-
 	if isBlockedPort(portToBind) {
 		log.Printf("Port %d is blocked or restricted", portToBind)
 		err := req.Reply(false, nil)
@@ -104,7 +123,7 @@ func (s *SSHSession) HandleTCPIPForward(req *ssh.Request) {
 	if portToBind == 80 || portToBind == 443 {
 		s.HandleHTTPForward(req, portToBind)
 		return
-	} else {
+	}
 	if portToBind == 0 {
 		unassign, success := portUtil.Default.GetUnassignedPort()
 		portToBind = unassign
@@ -134,26 +153,19 @@ func (s *SSHSession) HandleTCPIPForward(req *ssh.Request) {
 		}
 		return
 	}
-		err := portUtil.Default.SetPortStatus(portToBind, true)
+	err = portUtil.Default.SetPortStatus(portToBind, true)
 	if err != nil {
 		log.Println("Failed to set port status:", err)
 		return
 	}
-	}
+
 	s.HandleTCPForward(req, addr, portToBind)
 }
 
 func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
-	slug := generateUniqueSlug()
-	if slug == "" {
-		err := req.Reply(false, nil)
-		if err != nil {
-			log.Println("Failed to reply to request:", err)
-		}
-		return
-	}
+	slug := random.GenerateRandomString(20)
 
-	if !registerClient(slug, s) {
+	if !s.registry.Register(slug, s) {
 		log.Printf("Failed to register client with slug: %s", slug)
 		err := req.Reply(false, nil)
 		if err != nil {
@@ -166,7 +178,7 @@ func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
 	err := binary.Write(buf, binary.BigEndian, uint32(portToBind))
 	if err != nil {
 		log.Println("Failed to write port to buffer:", err)
-		unregisterClient(slug)
+		s.registry.Remove(slug)
 		err = req.Reply(false, nil)
 		if err != nil {
 			log.Println("Failed to reply to request:", err)
@@ -175,16 +187,10 @@ func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
 	}
 	log.Printf("HTTP forwarding approved on port: %d", portToBind)
 
-	domain := utils.Getenv("DOMAIN", "localhost")
-	protocol := "http"
-	if utils.Getenv("TLS_ENABLED", "false") == "true" {
-		protocol = "https"
-	}
-
 	err = req.Reply(true, buf.Bytes())
 	if err != nil {
 		log.Println("Failed to reply to request:", err)
-		unregisterClient(slug)
+		s.registry.Remove(slug)
 		err = req.Reply(false, nil)
 		if err != nil {
 			log.Println("Failed to reply to request:", err)
@@ -195,7 +201,6 @@ func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
 	s.forwarder.SetType(types.HTTP)
 	s.forwarder.SetForwardedPort(portToBind)
 	s.slugManager.Set(slug)
-	log.Printf("HTTP tunnel established: %s://%s.%s", protocol, slug, domain)
 	s.lifecycle.SetStatus(types.RUNNING)
 	s.interaction.Start()
 }
@@ -253,31 +258,11 @@ func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind
 	s.forwarder.SetType(types.TCP)
 	s.forwarder.SetListener(listener)
 	s.forwarder.SetForwardedPort(portToBind)
-	log.Printf("TCP tunnel established: tcp://%s:%d", utils.Getenv("DOMAIN", "localhost"), s.forwarder.GetForwardedPort())
 	s.lifecycle.SetStatus(types.RUNNING)
 	go s.forwarder.AcceptTCPConnections()
 	s.interaction.Start()
 }
 
-func generateUniqueSlug() string {
-	maxAttempts := 5
-
-	for i := 0; i < maxAttempts; i++ {
-		slug := utils.GenerateRandomString(20)
-
-		clientsMutex.RLock()
-		_, exists := Clients[slug]
-		clientsMutex.RUnlock()
-
-		if !exists {
-			return slug
-		}
-	}
-
-	log.Println("Failed to generate unique slug after multiple attempts")
-	return ""
-}
-
 func readSSHString(reader *bytes.Reader) (string, error) {
 	var length uint32
 	if err := binary.Read(reader, binary.BigEndian, &length); err != nil {

session/interaction/constants.go

@@ -22,6 +22,131 @@ const (
 	paddingRight = 4
 )
 
-var forbiddenSlugs = []string{
-	"ping",
+var forbiddenSlugs = map[string]struct{}{
+	"ping":          {},
+	"staging":       {},
+	"admin":         {},
+	"root":          {},
+	"api":           {},
+	"www":           {},
+	"support":       {},
+	"help":          {},
+	"status":        {},
+	"health":        {},
+	"login":         {},
+	"logout":        {},
+	"signup":        {},
+	"register":      {},
+	"settings":      {},
+	"config":        {},
+	"null":          {},
+	"undefined":     {},
+	"example":       {},
+	"test":          {},
+	"dev":           {},
+	"system":        {},
+	"administrator": {},
+	"dashboard":     {},
+	"account":       {},
+	"profile":       {},
+	"user":          {},
+	"users":         {},
+	"auth":          {},
+	"oauth":         {},
+	"callback":      {},
+	"webhook":       {},
+	"webhooks":      {},
+	"static":        {},
+	"assets":        {},
+	"cdn":           {},
+	"mail":          {},
+	"email":         {},
+	"ftp":           {},
+	"ssh":           {},
+	"git":           {},
+	"svn":           {},
+	"blog":          {},
+	"news":          {},
+	"about":         {},
+	"contact":       {},
+	"terms":         {},
+	"privacy":       {},
+	"legal":         {},
+	"billing":       {},
+	"payment":       {},
+	"checkout":      {},
+	"cart":          {},
+	"shop":          {},
+	"store":         {},
+	"download":      {},
+	"uploads":       {},
+	"images":        {},
+	"img":           {},
+	"css":           {},
+	"js":            {},
+	"fonts":         {},
+	"public":        {},
+	"private":       {},
+	"internal":      {},
+	"external":      {},
+	"proxy":         {},
+	"cache":         {},
+	"debug":         {},
+	"metrics":       {},
+	"monitoring":    {},
+	"graphql":       {},
+	"rest":          {},
+	"rpc":           {},
+	"socket":        {},
+	"ws":            {},
+	"wss":           {},
+	"app":           {},
+	"apps":          {},
+	"mobile":        {},
+	"desktop":       {},
+	"embed":         {},
+	"widget":        {},
+	"docs":          {},
+	"documentation": {},
+	"wiki":          {},
+	"forum":         {},
+	"community":     {},
+	"feedback":      {},
+	"report":        {},
+	"abuse":         {},
+	"spam":          {},
+	"security":      {},
+	"verify":        {},
+	"confirm":       {},
+	"reset":         {},
+	"password":      {},
+	"recovery":      {},
+	"unsubscribe":   {},
+	"subscribe":     {},
+	"notifications": {},
+	"alerts":        {},
+	"messages":      {},
+	"inbox":         {},
+	"outbox":        {},
+	"sent":          {},
+	"draft":         {},
+	"trash":         {},
+	"archive":       {},
+	"search":        {},
+	"explore":       {},
+	"discover":      {},
+	"trending":      {},
+	"popular":       {},
+	"featured":      {},
+	"new":           {},
+	"latest":        {},
+	"top":           {},
+	"best":          {},
+	"hot":           {},
+	"random":        {},
+	"all":           {},
+	"any":           {},
+	"none":          {},
+	"true":          {},
+	"false":         {},
 }

session/interaction/interaction.go

@@ -6,9 +6,10 @@ import (
 	"log"
 	"strings"
 	"time"
+	"tunnel_pls/internal/config"
+	"tunnel_pls/internal/random"
 	"tunnel_pls/session/slug"
 	"tunnel_pls/types"
-	"tunnel_pls/utils"
 
 	"github.com/charmbracelet/bubbles/help"
 	"github.com/charmbracelet/bubbles/key"
@@ -29,6 +30,7 @@ type Controller interface {
 	SetLifecycle(lifecycle Lifecycle)
 	SetSlugModificator(func(oldSlug, newSlug string) bool)
 	Start()
+	SetWH(w, h int)
 }
 
 type Forwarder interface {
@@ -48,6 +50,15 @@ type Interaction struct {
 	cancel           context.CancelFunc
 }
 
+func (i *Interaction) SetWH(w, h int) {
+	if i.program != nil {
+		i.program.Send(tea.WindowSizeMsg{
+			Width:  w,
+			Height: h,
+		})
+	}
+}
+
 type commandItem struct {
 	name string
 	desc string
@@ -69,6 +80,8 @@ type model struct {
 	slugInput         textinput.Model
 	slugError         string
 	interaction       *Interaction
+	width             int
+	height            int
 }
 
 type keymap struct {
@@ -101,7 +114,7 @@ func (i *Interaction) SetChannel(channel ssh.Channel) {
 	i.channel = channel
 }
 
-func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) bool) {
+func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) (success bool)) {
 	i.updateClientSlug = modificator
 }
 
@@ -115,6 +128,31 @@ func (i *Interaction) Stop() {
 	}
 }
 
+func getResponsiveWidth(screenWidth, padding, minWidth, maxWidth int) int {
+	width := screenWidth - padding
+	if width > maxWidth {
+		width = maxWidth
+	}
+	if width < minWidth {
+		width = minWidth
+	}
+	return width
+}
+
+func shouldUseCompactLayout(width int, threshold int) bool {
+	return width < threshold
+}
+
+func truncateString(s string, maxLength int) string {
+	if len(s) <= maxLength {
+		return s
+	}
+	if maxLength < 4 {
+		return s[:maxLength]
+	}
+	return s[:maxLength-3] + "..."
+}
+
 func (i commandItem) FilterValue() string { return i.name }
 func (i commandItem) Title() string       { return i.name }
 func (i commandItem) Description() string { return i.desc }
@@ -138,8 +176,16 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
 
 	case tea.WindowSizeMsg:
+		m.width = msg.Width
+		m.height = msg.Height
 		m.commandList.SetWidth(msg.Width)
 		m.commandList.SetHeight(msg.Height - 4)
+
+		if msg.Width < 80 {
+			m.slugInput.Width = msg.Width - 10
+		} else {
+			m.slugInput.Width = 50
+		}
 		return m, nil
 
 	case tea.QuitMsg:
@@ -153,6 +199,11 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 		}
 
 		if m.editingSlug {
+			if m.tunnelType != types.HTTP {
+				m.editingSlug = false
+				m.slugError = ""
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			}
 			switch msg.String() {
 			case "esc":
 				m.editingSlug = false
@@ -160,7 +211,20 @@ func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
 			case "enter":
 				inputValue := m.slugInput.Value()
-				m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue)
+
+				if isForbiddenSlug(inputValue) {
+					m.slugError = "This subdomain is reserved. Please choose a different one."
+					return m, nil
+				} else if !isValidSlug(inputValue) {
+					m.slugError = "Invalid subdomain. Follow the rules."
+					return m, nil
+				}
+
+				if !m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue) {
+					m.slugError = "Someone already uses this subdomain."
+					return m, nil
+				}
+
 				m.tunnelURL = buildURL(m.protocol, inputValue, m.domain)
 				m.editingSlug = false
 				m.slugError = ""
@@ -240,21 +304,35 @@ func (m model) View() string {
 	}
 
 	if m.showingComingSoon {
+		isCompact := shouldUseCompactLayout(m.width, 60)
+
+		var boxPadding int
+		var boxMargin int
+		if isCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else {
+			boxPadding = 3
+			boxMargin = 2
+		}
+
 		titleStyle := lipgloss.NewStyle().
 			Bold(true).
 			Foreground(lipgloss.Color("#7D56F4")).
 			PaddingTop(1).
 			PaddingBottom(1)
 
+		messageBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
 		messageBoxStyle := lipgloss.NewStyle().
 			Foreground(lipgloss.Color("#FAFAFA")).
 			Background(lipgloss.Color("#1A1A2E")).
 			Bold(true).
 			Border(lipgloss.RoundedBorder()).
 			BorderForeground(lipgloss.Color("#7D56F4")).
-			Padding(1, 3).
-			MarginTop(2).
-			MarginBottom(2).
+			Padding(1, boxPadding).
+			MarginTop(boxMargin).
+			MarginBottom(boxMargin).
+			Width(messageBoxWidth).
 			Align(lipgloss.Center)
 
 		helpStyle := lipgloss.NewStyle().
@@ -264,16 +342,53 @@ func (m model) View() string {
 
 		var b strings.Builder
 		b.WriteString("\n\n")
-		b.WriteString(titleStyle.Render("⏳ Coming Soon"))
+
+		var title string
+		if shouldUseCompactLayout(m.width, 40) {
+			title = "Coming Soon"
+		} else {
+			title = "⏳ Coming Soon"
+		}
+		b.WriteString(titleStyle.Render(title))
 		b.WriteString("\n\n")
-		b.WriteString(messageBoxStyle.Render("🚀 This feature is coming very soon!\n   Stay tuned for updates."))
+
+		var message string
+		if shouldUseCompactLayout(m.width, 50) {
+			message = "Coming soon!\nStay tuned."
+		} else {
+			message = "🚀 This feature is coming very soon!\n   Stay tuned for updates."
+		}
+		b.WriteString(messageBoxStyle.Render(message))
 		b.WriteString("\n\n")
-		b.WriteString(helpStyle.Render("This message will disappear in 5 seconds or press any key..."))
+
+		var helpText string
+		if shouldUseCompactLayout(m.width, 60) {
+			helpText = "Press any key..."
+		} else {
+			helpText = "This message will disappear in 5 seconds or press any key..."
+		}
+		b.WriteString(helpStyle.Render(helpText))
 
 		return b.String()
 	}
 
 	if m.editingSlug {
+		isCompact := shouldUseCompactLayout(m.width, 70)
+		isVeryCompact := shouldUseCompactLayout(m.width, 50)
+
+		var boxPadding int
+		var boxMargin int
+		if isVeryCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else if isCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else {
+			boxPadding = 2
+			boxMargin = 2
+		}
+
 		titleStyle := lipgloss.NewStyle().
 			Bold(true).
 			Foreground(lipgloss.Color("#7D56F4")).
@@ -287,9 +402,9 @@ func (m model) View() string {
 		inputBoxStyle := lipgloss.NewStyle().
 			Border(lipgloss.RoundedBorder()).
 			BorderForeground(lipgloss.Color("#7D56F4")).
-			Padding(1, 2).
-			MarginTop(2).
-			MarginBottom(2)
+			Padding(1, boxPadding).
+			MarginTop(boxMargin).
+			MarginBottom(boxMargin)
 
 		helpStyle := lipgloss.NewStyle().
 			Foreground(lipgloss.Color("#666666")).
@@ -302,52 +417,88 @@ func (m model) View() string {
 			Bold(true).
 			Border(lipgloss.RoundedBorder()).
 			BorderForeground(lipgloss.Color("#FF0000")).
-			Padding(0, 2).
+			Padding(0, boxPadding).
 			MarginTop(1).
 			MarginBottom(1)
 
+		rulesBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
 		rulesBoxStyle := lipgloss.NewStyle().
 			Foreground(lipgloss.Color("#FAFAFA")).
 			Border(lipgloss.RoundedBorder()).
 			BorderForeground(lipgloss.Color("#7D56F4")).
-			Padding(0, 2).
+			Padding(0, boxPadding).
 			MarginTop(1).
-			MarginBottom(1)
+			MarginBottom(1).
+			Width(rulesBoxWidth)
 
 		var b strings.Builder
-		b.WriteString(titleStyle.Render("🔧 Edit Subdomain"))
+		var title string
+		if isVeryCompact {
+			title = "Edit Subdomain"
+		} else {
+			title = "🔧 Edit Subdomain"
+		}
+		b.WriteString(titleStyle.Render(title))
 		b.WriteString("\n\n")
 
 		if m.tunnelType != types.HTTP {
+			warningBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
 			warningBoxStyle := lipgloss.NewStyle().
 				Foreground(lipgloss.Color("#FFA500")).
 				Background(lipgloss.Color("#3D2000")).
 				Bold(true).
 				Border(lipgloss.RoundedBorder()).
 				BorderForeground(lipgloss.Color("#FFA500")).
-				Padding(1, 2).
-				MarginTop(2).
-				MarginBottom(2)
+				Padding(1, boxPadding).
+				MarginTop(boxMargin).
+				MarginBottom(boxMargin).
+				Width(warningBoxWidth)
 
-			b.WriteString(warningBoxStyle.Render("⚠️ TCP tunnels cannot have custom subdomains. Only HTTP/HTTPS tunnels support subdomain customization. "))
+			var warningText string
+			if isVeryCompact {
+				warningText = "⚠️ TCP tunnels don't support custom subdomains."
+			} else {
+				warningText = "⚠️ TCP tunnels cannot have custom subdomains. Only HTTP/HTTPS tunnels support subdomain customization."
+			}
+			b.WriteString(warningBoxStyle.Render(warningText))
 			b.WriteString("\n\n")
-			b.WriteString(helpStyle.Render("Press Enter or Esc to go back"))
+
+			var helpText string
+			if isVeryCompact {
+				helpText = "Press any key to go back"
+			} else {
+				helpText = "Press Enter or Esc to go back"
+			}
+			b.WriteString(helpStyle.Render(helpText))
 			return b.String()
 		}
 
-		rulesContent := "📋 Rules: \n\t• 3-20 chars \n\t• a-z, 0-9, - \n\t• No leading/trailing -"
+		var rulesContent string
+		if isVeryCompact {
+			rulesContent = "Rules:\n3-20 chars\na-z, 0-9, -\nNo leading/trailing -"
+		} else if isCompact {
+			rulesContent = "📋 Rules:\n  • 3-20 chars\n  • a-z, 0-9, -\n  • No leading/trailing -"
+		} else {
+			rulesContent = "📋 Rules: \n\t• 3-20 chars \n\t• a-z, 0-9, - \n\t• No leading/trailing -"
+		}
 		b.WriteString(rulesBoxStyle.Render(rulesContent))
 		b.WriteString("\n")
 
-		b.WriteString(instructionStyle.Render("Enter your custom subdomain:"))
+		var instruction string
+		if isVeryCompact {
+			instruction = "Custom subdomain:"
+		} else {
+			instruction = "Enter your custom subdomain:"
+		}
+		b.WriteString(instructionStyle.Render(instruction))
 		b.WriteString("\n")
 
 		if m.slugError != "" {
 			errorInputBoxStyle := lipgloss.NewStyle().
 				Border(lipgloss.RoundedBorder()).
 				BorderForeground(lipgloss.Color("#FF0000")).
-				Padding(1, 2).
-				MarginTop(2).
+				Padding(1, boxPadding).
+				MarginTop(boxMargin).
 				MarginBottom(1)
 			b.WriteString(errorInputBoxStyle.Render(m.slugInput.View()))
 			b.WriteString("\n")
@@ -359,19 +510,33 @@ func (m model) View() string {
 		}
 
 		previewURL := buildURL(m.protocol, m.slugInput.Value(), m.domain)
+		previewWidth := getResponsiveWidth(m.width, 10, 30, 80)
+
+		if len(previewURL) > previewWidth-10 {
+			previewURL = truncateString(previewURL, previewWidth-10)
+		}
+
 		previewStyle := lipgloss.NewStyle().
 			Foreground(lipgloss.Color("#04B575")).
 			Italic(true).
-			Width(80)
+			Width(previewWidth)
 		b.WriteString(previewStyle.Render(fmt.Sprintf("Preview: %s", previewURL)))
 		b.WriteString("\n")
 
-		b.WriteString(helpStyle.Render("Press Enter to save • CTRL+R for random • Esc to cancel"))
+		var helpText string
+		if isVeryCompact {
+			helpText = "Enter: save • CTRL+R: random • Esc: cancel"
+		} else {
+			helpText = "Press Enter to save • CTRL+R for random • Esc to cancel"
+		}
+		b.WriteString(helpStyle.Render(helpText))
 
 		return b.String()
 	}
 
 	if m.showingCommands {
+		isCompact := shouldUseCompactLayout(m.width, 60)
+
 		titleStyle := lipgloss.NewStyle().
 			Bold(true).
 			Foreground(lipgloss.Color("#7D56F4")).
@@ -385,11 +550,25 @@ func (m model) View() string {
 
 		var b strings.Builder
 		b.WriteString("\n")
-		b.WriteString(titleStyle.Render("⚡ Commands"))
+
+		var title string
+		if shouldUseCompactLayout(m.width, 40) {
+			title = "Commands"
+		} else {
+			title = "⚡ Commands"
+		}
+		b.WriteString(titleStyle.Render(title))
 		b.WriteString("\n\n")
 		b.WriteString(m.commandList.View())
 		b.WriteString("\n")
-		b.WriteString(helpStyle.Render("↑/↓ Navigate • Enter Select • Esc Cancel"))
+
+		var helpText string
+		if isCompact {
+			helpText = "↑/↓ Nav • Enter Select • Esc Cancel"
+		} else {
+			helpText = "↑/↓ Navigate • Enter Select • Esc Cancel"
+		}
+		b.WriteString(helpStyle.Render(helpText))
 
 		return b.String()
 	}
@@ -397,49 +576,151 @@ func (m model) View() string {
 	titleStyle := lipgloss.NewStyle().
 		Bold(true).
 		Foreground(lipgloss.Color("#7D56F4")).
-		PaddingTop(1).
-		PaddingBottom(1)
+		PaddingTop(1)
 
 	subtitleStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#7D56F4")).
+		Foreground(lipgloss.Color("#888888")).
 		Italic(true)
 
 	urlStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#04B575")).
-		Underline(true)
+		Foreground(lipgloss.Color("#7D56F4")).
+		Underline(true).
+		Italic(true)
 
-	sectionTitleStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#FAFAFA")).
-		MarginTop(1).
-		MarginBottom(1)
-
-	forwardingStyle := lipgloss.NewStyle().
-		Bold(true).
+	urlBoxStyle := lipgloss.NewStyle().
 		Foreground(lipgloss.Color("#04B575")).
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#04B575")).
-		Padding(0, 2).
-		MarginTop(1).
-		MarginBottom(1)
+		Bold(true).
+		Italic(true)
+
+	keyHintStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#7D56F4")).
+		Bold(true)
 
 	var b strings.Builder
 
-	b.WriteString(titleStyle.Render("🚇 Tunnel Pls"))
-	b.WriteString("\n")
-	b.WriteString(subtitleStyle.Render("Project by Bagas"))
+	isCompact := shouldUseCompactLayout(m.width, 85)
+
+	var asciiArtMargin int
+	if isCompact {
+		asciiArtMargin = 0
+	} else {
+		asciiArtMargin = 1
+	}
+
+	asciiArtStyle := lipgloss.NewStyle().
+		Bold(true).
+		Foreground(lipgloss.Color("#7D56F4")).
+		MarginBottom(asciiArtMargin)
+
+	var asciiArt string
+	if shouldUseCompactLayout(m.width, 50) {
+		asciiArt = "TUNNEL PLS"
+	} else if isCompact {
+		asciiArt = `
+ ▀█▀ █ █ █▄ █ █▄ █ ██▀ █   ▄▀▀ █   ▄▀▀
+  █  ▀▄█ █ ▀█ █ ▀█ █▄▄ █▄▄ ▄█▀ █▄▄ ▄█▀`
+	} else {
+		asciiArt = `
+ ████████╗██╗   ██╗███╗   ██╗███╗   ██╗███████╗██╗         ██████╗ ██╗     ███████╗
+ ╚══██╔══╝██║   ██║████╗  ██║████╗  ██║██╔════╝██║         ██╔══██╗██║     ██╔════╝
+    ██║   ██║   ██║██╔██╗ ██║██╔██╗ ██║█████╗  ██║         ██████╔╝██║     ███████╗
+    ██║   ██║   ██║██║╚██╗██║██║╚██╗██║██╔══╝  ██║         ██╔═══╝ ██║     ╚════██║
+    ██║   ╚██████╔╝██║ ╚████║██║ ╚████║███████╗███████╗    ██║     ███████╗███████║
+    ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚══════╝    ╚═╝     ╚══════╝╚══════╝`
+	}
+
+	b.WriteString(asciiArtStyle.Render(asciiArt))
 	b.WriteString("\n")
+
+	if !shouldUseCompactLayout(m.width, 60) {
+		b.WriteString(subtitleStyle.Render("Secure tunnel service by Bagas • "))
 		b.WriteString(urlStyle.Render("https://fossy.my.id"))
 		b.WriteString("\n\n")
+	} else {
+		b.WriteString("\n")
+	}
 
-	b.WriteString(sectionTitleStyle.Render("Welcome to Tunnel!"))
+	boxMaxWidth := getResponsiveWidth(m.width, 10, 40, 80)
+	var boxPadding int
+	var boxMargin int
+	if isCompact {
+		boxPadding = 1
+		boxMargin = 1
+	} else {
+		boxPadding = 2
+		boxMargin = 2
+	}
+
+	responsiveInfoBox := lipgloss.NewStyle().
+		Border(lipgloss.RoundedBorder()).
+		BorderForeground(lipgloss.Color("#7D56F4")).
+		Padding(1, boxPadding).
+		MarginTop(boxMargin).
+		MarginBottom(boxMargin).
+		Width(boxMaxWidth)
+
+	urlDisplay := m.tunnelURL
+	if shouldUseCompactLayout(m.width, 80) && len(m.tunnelURL) > m.width-20 {
+		maxLen := m.width - 25
+		if maxLen > 10 {
+			urlDisplay = truncateString(m.tunnelURL, maxLen)
+		}
+	}
+
+	var infoContent string
+	if shouldUseCompactLayout(m.width, 70) {
+		infoContent = fmt.Sprintf("🌐 %s", urlBoxStyle.Render(urlDisplay))
+	} else if isCompact {
+		infoContent = fmt.Sprintf("🌐  Forwarding to:\n\n     %s", urlBoxStyle.Render(urlDisplay))
+	} else {
+		infoContent = fmt.Sprintf("🌐  F O R W A R D I N G   T O:\n\n     %s", urlBoxStyle.Render(urlDisplay))
+	}
+	b.WriteString(responsiveInfoBox.Render(infoContent))
 	b.WriteString("\n")
 
+	var quickActionsTitle string
+	if shouldUseCompactLayout(m.width, 50) {
+		quickActionsTitle = "Actions"
+	} else if isCompact {
+		quickActionsTitle = "Quick Actions"
+	} else {
+		quickActionsTitle = "✨ Quick Actions"
+	}
+	b.WriteString(titleStyle.Render(quickActionsTitle))
 	b.WriteString("\n")
-	forwardingText := fmt.Sprintf("🌐 Forwarding your traffic to:\n   %s", m.tunnelURL)
-	b.WriteString(forwardingStyle.Render(forwardingText))
 
-	b.WriteString(m.helpView())
+	var featureMargin int
+	if isCompact {
+		featureMargin = 1
+	} else {
+		featureMargin = 2
+	}
+
+	compactFeatureStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#FAFAFA")).
+		MarginLeft(featureMargin)
+
+	var commandsText string
+	var quitText string
+	if shouldUseCompactLayout(m.width, 60) {
+		commandsText = fmt.Sprintf("  %s  Commands", keyHintStyle.Render("[C]"))
+		quitText = fmt.Sprintf("  %s  Quit", keyHintStyle.Render("[Q]"))
+	} else {
+		commandsText = fmt.Sprintf("  %s  Open commands menu", keyHintStyle.Render("[C]"))
+		quitText = fmt.Sprintf("  %s  Quit application", keyHintStyle.Render("[Q]"))
+	}
+
+	b.WriteString(compactFeatureStyle.Render(commandsText))
+	b.WriteString("\n")
+	b.WriteString(compactFeatureStyle.Render(quitText))
+
+	if !shouldUseCompactLayout(m.width, 70) {
+		b.WriteString("\n\n")
+		footerStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#666666")).
+			Italic(true)
+		b.WriteString(footerStyle.Render("Press 'C' to customize your tunnel settings"))
+	}
 
 	return b.String()
 }
@@ -447,9 +728,9 @@ func (m model) View() string {
 func (i *Interaction) Start() {
 	lipgloss.SetColorProfile(termenv.TrueColor)
 
-	domain := utils.Getenv("DOMAIN", "localhost")
+	domain := config.Getenv("DOMAIN", "localhost")
 	protocol := "http"
-	if utils.Getenv("TLS_ENABLED", "false") == "true" {
+	if config.Getenv("TLS_ENABLED", "false") == "true" {
 		protocol = "https"
 	}
 
@@ -517,6 +798,7 @@ func (i *Interaction) Start() {
 		tea.WithMouseCellMotion(),
 		tea.WithoutSignals(),
 		tea.WithoutSignalHandler(),
+		tea.WithFPS(30),
 	)
 
 	_, err := i.program.Run()
@@ -535,5 +817,32 @@ func buildURL(protocol, subdomain, domain string) string {
 }
 
 func generateRandomSubdomain() string {
-	return utils.GenerateRandomString(20)
+	return random.GenerateRandomString(20)
+}
+
+func isValidSlug(slug string) bool {
+	if len(slug) < minSlugLength || len(slug) > maxSlugLength {
+		return false
+	}
+
+	if slug[0] == '-' || slug[len(slug)-1] == '-' {
+		return false
+	}
+
+	for _, c := range slug {
+		if !isValidSlugChar(byte(c)) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func isValidSlugChar(c byte) bool {
+	return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
+}
+
+func isForbiddenSlug(slug string) bool {
+	_, ok := forbiddenSlugs[slug]
+	return ok
 }

session/registry.go

@@ -0,0 +1,66 @@
+package session
+
+import "sync"
+
+type Registry interface {
+	Get(slug string) (session *SSHSession, exist bool)
+	Update(oldSlug, newSlug string) (success bool)
+	Register(slug string, session *SSHSession) (success bool)
+	Remove(slug string)
+}
+type registry struct {
+	mu      sync.RWMutex
+	clients map[string]*SSHSession
+}
+
+func NewRegistry() Registry {
+	return &registry{
+		clients: make(map[string]*SSHSession),
+	}
+}
+
+func (r *registry) Get(slug string) (session *SSHSession, exist bool) {
+	r.mu.RLock()
+	defer r.mu.RUnlock()
+
+	session, exist = r.clients[slug]
+	return
+}
+
+func (r *registry) Update(oldSlug, newSlug string) (success bool) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if _, exists := r.clients[newSlug]; exists && newSlug != oldSlug {
+		return false
+	}
+
+	client, ok := r.clients[oldSlug]
+	if !ok {
+		return false
+	}
+
+	delete(r.clients, oldSlug)
+	client.slugManager.Set(newSlug)
+	r.clients[newSlug] = client
+	return true
+}
+
+func (r *registry) Register(slug string, session *SSHSession) (success bool) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if _, exists := r.clients[slug]; exists {
+		return false
+	}
+
+	r.clients[slug] = session
+	return true
+}
+
+func (r *registry) Remove(slug string) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	delete(r.clients, slug)
+}

session/session.go

@@ -1,23 +1,18 @@
 package session
 
 import (
+	"fmt"
 	"log"
-	"sync"
 	"time"
+	"tunnel_pls/internal/config"
 	"tunnel_pls/session/forwarder"
 	"tunnel_pls/session/interaction"
 	"tunnel_pls/session/lifecycle"
 	"tunnel_pls/session/slug"
-	"tunnel_pls/utils"
 
 	"golang.org/x/crypto/ssh"
 )
 
-var (
-	clientsMutex sync.RWMutex
-	Clients      = make(map[string]*SSHSession)
-)
-
 type Session interface {
 	HandleGlobalRequest(ch <-chan *ssh.Request)
 	HandleTCPIPForward(req *ssh.Request)
@@ -26,10 +21,13 @@ type Session interface {
 }
 
 type SSHSession struct {
+	initialReq    <-chan *ssh.Request
+	sshReqChannel <-chan ssh.NewChannel
 	lifecycle     lifecycle.SessionLifecycle
 	interaction   interaction.Controller
 	forwarder     forwarder.ForwardingController
 	slugManager   slug.Manager
+	registry      Registry
 }
 
 func (s *SSHSession) GetLifecycle() lifecycle.SessionLifecycle {
@@ -48,55 +46,64 @@ func (s *SSHSession) GetSlugManager() slug.Manager {
 	return s.slugManager
 }
 
-func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel) {
+func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry) *SSHSession {
 	slugManager := slug.NewManager()
 	forwarderManager := forwarder.NewForwarder(slugManager)
 	interactionManager := interaction.NewInteraction(slugManager, forwarderManager)
 	lifecycleManager := lifecycle.NewLifecycle(conn, forwarderManager, slugManager)
 
 	interactionManager.SetLifecycle(lifecycleManager)
-	interactionManager.SetSlugModificator(updateClientSlug)
+	interactionManager.SetSlugModificator(sessionRegistry.Update)
 	forwarderManager.SetLifecycle(lifecycleManager)
-	lifecycleManager.SetUnregisterClient(unregisterClient)
+	lifecycleManager.SetUnregisterClient(sessionRegistry.Remove)
 
-	session := &SSHSession{
+	return &SSHSession{
+		initialReq:    forwardingReq,
+		sshReqChannel: sshChan,
 		lifecycle:     lifecycleManager,
 		interaction:   interactionManager,
 		forwarder:     forwarderManager,
 		slugManager:   slugManager,
-	}
-
-	var once sync.Once
-	for channel := range sshChan {
-		ch, reqs, err := channel.Accept()
-		if err != nil {
-			log.Printf("failed to accept channel: %v", err)
-			continue
-		}
-		once.Do(func() {
-			session.lifecycle.SetChannel(ch)
-			session.interaction.SetChannel(ch)
-
-			tcpipReq := session.waitForTCPIPForward(forwardingReq)
-			if tcpipReq == nil {
-				log.Printf("Port forwarding request not received. Ensure you ran the correct command with -R flag. Example: ssh %s -p %s -R 80:localhost:3000", utils.Getenv("DOMAIN", "localhost"), utils.Getenv("PORT", "2200"))
-				if err := session.lifecycle.Close(); err != nil {
-					log.Printf("failed to close session: %v", err)
-				}
-				return
-			}
-			session.HandleTCPIPForward(tcpipReq)
-		})
-		go session.HandleGlobalRequest(reqs)
-	}
-	if err := session.lifecycle.Close(); err != nil {
-		log.Printf("failed to close session: %v", err)
+		registry:      sessionRegistry,
 	}
 }
 
-func (s *SSHSession) waitForTCPIPForward(forwardingReq <-chan *ssh.Request) *ssh.Request {
+func (s *SSHSession) Start() error {
+	channel := <-s.sshReqChannel
+	ch, reqs, err := channel.Accept()
+	if err != nil {
+		log.Printf("failed to accept channel: %v", err)
+		return err
+	}
+	go s.HandleGlobalRequest(reqs)
+
+	tcpipReq := s.waitForTCPIPForward()
+	if tcpipReq == nil {
+		_, err := ch.Write([]byte(fmt.Sprintf("Port forwarding request not received. Ensure you ran the correct command with -R flag. Example: ssh %s -p %s -R 80:localhost:3000", config.Getenv("DOMAIN", "localhost"), config.Getenv("PORT", "2200"))))
+		if err != nil {
+			return err
+		}
+		if err := s.lifecycle.Close(); err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return fmt.Errorf("No forwarding Request")
+	}
+
+	s.lifecycle.SetChannel(ch)
+	s.interaction.SetChannel(ch)
+
+	s.HandleTCPIPForward(tcpipReq)
+
+	if err := s.lifecycle.Close(); err != nil {
+		log.Printf("failed to close session: %v", err)
+		return err
+	}
+	return nil
+}
+
+func (s *SSHSession) waitForTCPIPForward() *ssh.Request {
 	select {
-	case req, ok := <-forwardingReq:
+	case req, ok := <-s.initialReq:
 		if !ok {
 			log.Println("Forwarding request channel closed")
 			return nil
@@ -114,41 +121,3 @@ func (s *SSHSession) waitForTCPIPForward(forwardingReq <-chan *ssh.Request) *ssh
 		return nil
 	}
 }
-
-func updateClientSlug(oldSlug, newSlug string) bool {
-	clientsMutex.Lock()
-	defer clientsMutex.Unlock()
-
-	if _, exists := Clients[newSlug]; exists && newSlug != oldSlug {
-		return false
-	}
-
-	client, ok := Clients[oldSlug]
-	if !ok {
-		return false
-	}
-
-	delete(Clients, oldSlug)
-	client.slugManager.Set(newSlug)
-	Clients[newSlug] = client
-	return true
-}
-
-func registerClient(slug string, session *SSHSession) bool {
-	clientsMutex.Lock()
-	defer clientsMutex.Unlock()
-
-	if _, exists := Clients[slug]; exists {
-		return false
-	}
-
-	Clients[slug] = session
-	return true
-}
-
-func unregisterClient(slug string) {
-	clientsMutex.Lock()
-	defer clientsMutex.Unlock()
-
-	delete(Clients, slug)
-}

session/slug/slug.go

@@ -1,7 +1,5 @@
 package slug
 
-import "sync"
-
 type Manager interface {
 	Get() string
 	Set(slug string)
@@ -9,24 +7,18 @@ type Manager interface {
 
 type manager struct {
 	slug string
-	slugMu sync.RWMutex
 }
 
 func NewManager() Manager {
 	return &manager{
 		slug: "",
-		slugMu: sync.RWMutex{},
 	}
 }
 
 func (s *manager) Get() string {
-	s.slugMu.RLock()
-	defer s.slugMu.RUnlock()
 	return s.slug
 }
 
 func (s *manager) Set(slug string) {
-	s.slugMu.Lock()
 	s.slug = slug
-	s.slugMu.Unlock()
 }

version/version.go

@@ -0,0 +1,17 @@
+package version
+
+import "fmt"
+
+var (
+	Version   = "dev"
+	BuildDate = "unknown"
+	Commit    = "unknown"
+)
+
+func GetVersion() string {
+	return fmt.Sprintf("tunnel_pls %s (commit: %s, built: %s)", Version, Commit, BuildDate)
+}
+
+func GetShortVersion() string {
+	return Version
+}