fix(deps): update module github.com/caddyserver/certmagic to v0.25.1

.gitea/workflows/renovate.yml

@@ -0,0 +1,21 @@
+name: renovate
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+  push:
+    branches:
+      - staging
+
+jobs:
+  renovate:
+    runs-on: ubuntu-latest
+    container: git.fossy.my.id/renovate-clanker/renovate:latest
+    steps:
+      - uses: actions/checkout@v6
+      - run: renovate
+        env:
+          RENOVATE_CONFIG_FILE: ${{ gitea.workspace }}/renovate-config.js
+          LOG_LEVEL: "debug"
+          RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
+          GITHUB_COM_TOKEN: ${{ secrets.COM_TOKEN }}

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.25.6-alpine AS go_builder
+FROM golang:1.25.5-alpine AS go_builder
 
 ARG VERSION=dev
 ARG BUILD_DATE=unknown

README.md

@@ -33,10 +33,6 @@ The following environment variables can be configured in the `.env` file:
 | `BUFFER_SIZE` | Buffer size for io.Copy operations in bytes (4096-1048576) | `32768` | No |
 | `PPROF_ENABLED` | Enable pprof profiling server | `false` | No |
 | `PPROF_PORT` | Port for pprof server | `6060` | No |
-| `MODE` | Runtime mode: `standalone` (default, no gRPC/auth) or `node` (enable gRPC + auth) | `standalone` | No |
-| `GRPC_ADDRESS` | gRPC server address/host used in `node` mode | `localhost` | No |
-| `GRPC_PORT` | gRPC server port used in `node` mode | `8080` | No |
-| `NODE_TOKEN` | Authentication token sent to controller in `node` mode | - (required in `node`) | Yes (node mode) |
 
 **Note:** All environment variables now use UPPERCASE naming. The application includes sensible defaults for all variables, so you can run it without a `.env` file for basic functionality.
 

go.mod

@@ -1,9 +1,8 @@
 module tunnel_pls
 
-go 1.25.5
+go 1.24.4
 
 require (
-	git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0
 	github.com/caddyserver/certmagic v0.25.1
 	github.com/charmbracelet/bubbles v0.21.0
 	github.com/charmbracelet/bubbletea v1.3.10
@@ -11,29 +10,24 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/libdns/cloudflare v0.2.2
 	github.com/muesli/termenv v0.16.0
-	golang.org/x/crypto v0.47.0
+	golang.org/x/crypto v0.46.0
-	google.golang.org/grpc v1.78.0
-	google.golang.org/protobuf v1.36.11
 )
 
 require (
 	github.com/atotto/clipboard v0.1.4 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/caddyserver/zerossl v0.1.4 // indirect
-	github.com/charmbracelet/colorprofile v0.4.1 // indirect
+	github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
-	github.com/charmbracelet/x/ansi v0.11.3 // indirect
+	github.com/charmbracelet/x/ansi v0.10.1 // indirect
-	github.com/charmbracelet/x/cellbuf v0.0.14 // indirect
+	github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd // indirect
-	github.com/charmbracelet/x/term v0.2.2 // indirect
+	github.com/charmbracelet/x/term v0.2.1 // indirect
-	github.com/clipperhouse/displaywidth v0.6.2 // indirect
-	github.com/clipperhouse/stringish v0.1.1 // indirect
-	github.com/clipperhouse/uax29/v2 v2.3.0 // indirect
 	github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/libdns/libdns v1.1.1 // indirect
-	github.com/lucasb-eyer/go-colorful v1.3.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-localereader v0.0.1 // indirect
-	github.com/mattn/go-runewidth v0.0.19 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/mholt/acmez/v3 v3.1.4 // indirect
 	github.com/miekg/dns v1.1.69 // indirect
 	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
@@ -45,11 +39,10 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.1 // indirect
 	go.uber.org/zap/exp v0.3.0 // indirect
-	golang.org/x/mod v0.31.0 // indirect
+	golang.org/x/mod v0.30.0 // indirect
 	golang.org/x/net v0.48.0 // indirect
 	golang.org/x/sync v0.19.0 // indirect
-	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/text v0.33.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
-	golang.org/x/tools v0.40.0 // indirect
+	golang.org/x/tools v0.39.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b // indirect
 )

go.sum

@@ -1,51 +1,39 @@
-git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0 h1:3xszIhck4wo9CoeRq9vnkar4PhY7kz9QrR30qj2XszA=
-git.fossy.my.id/bagas/tunnel-please-grpc v1.5.0/go.mod h1:Weh6ZujgWmT8XxD3Qba7sJ6r5eyUMB9XSWynqdyOoLo=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
 github.com/aymanbagabas/go-udiff v0.2.0 h1:TK0fH4MteXUDspT88n8CKzvK0X9O2xu9yQjWpi6yML8=
 github.com/aymanbagabas/go-udiff v0.2.0/go.mod h1:RE4Ex0qsGkTAJoQdQQCA0uG+nAzJO/pI/QwceO5fgrA=
+github.com/caddyserver/certmagic v0.25.0 h1:VMleO/XA48gEWes5l+Fh6tRWo9bHkhwAEhx63i+F5ic=
+github.com/caddyserver/certmagic v0.25.0/go.mod h1:m9yB7Mud24OQbPHOiipAoyKPn9pKHhpSJxXR1jydBxA=
 github.com/caddyserver/certmagic v0.25.1 h1:4sIKKbOt5pg6+sL7tEwymE1x2bj6CHr80da1CRRIPbY=
 github.com/caddyserver/certmagic v0.25.1/go.mod h1:VhyvndxtVton/Fo/wKhRoC46Rbw1fmjvQ3GjHYSQTEY=
+github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+YTAyA=
+github.com/caddyserver/zerossl v0.1.3/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
 github.com/caddyserver/zerossl v0.1.4 h1:CVJOE3MZeFisCERZjkxIcsqIH4fnFdlYWnPYeFtBHRw=
 github.com/caddyserver/zerossl v0.1.4/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
 github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs=
 github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg=
 github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw=
 github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4=
-github.com/charmbracelet/colorprofile v0.4.1 h1:a1lO03qTrSIRaK8c3JRxJDZOvhvIeSco3ej+ngLk1kk=
+github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs=
-github.com/charmbracelet/colorprofile v0.4.1/go.mod h1:U1d9Dljmdf9DLegaJ0nGZNJvoXAhayhmidOdcBwAvKk=
+github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk=
 github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY=
 github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30=
-github.com/charmbracelet/x/ansi v0.11.3 h1:6DcVaqWI82BBVM/atTyq6yBoRLZFBsnoDoX9GCu2YOI=
+github.com/charmbracelet/x/ansi v0.10.1 h1:rL3Koar5XvX0pHGfovN03f5cxLbCF2YvLeyz7D2jVDQ=
-github.com/charmbracelet/x/ansi v0.11.3/go.mod h1:yI7Zslym9tCJcedxz5+WBq+eUGMJT0bM06Fqy1/Y4dI=
+github.com/charmbracelet/x/ansi v0.10.1/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE=
-github.com/charmbracelet/x/cellbuf v0.0.14 h1:iUEMryGyFTelKW3THW4+FfPgi4fkmKnnaLOXuc+/Kj4=
+github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd h1:vy0GVL4jeHEwG5YOXDmi86oYw2yuYUGqz6a8sLwg0X8=
-github.com/charmbracelet/x/cellbuf v0.0.14/go.mod h1:P447lJl49ywBbil/KjCk2HexGh4tEY9LH0/1QrZZ9rA=
+github.com/charmbracelet/x/cellbuf v0.0.13-0.20250311204145-2c3ea96c31dd/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs=
 github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ=
 github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91/go.mod h1:wDlXFlCrmJ8J+swcL/MnGUuYnqgQdW9rhSD61oNMb6U=
-github.com/charmbracelet/x/term v0.2.2 h1:xVRT/S2ZcKdhhOuSP4t5cLi5o+JxklsoEObBSgfgZRk=
+github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ=
-github.com/charmbracelet/x/term v0.2.2/go.mod h1:kF8CY5RddLWrsgVwpw4kAa6TESp6EB5y3uxGLeCqzAI=
+github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg=
-github.com/clipperhouse/displaywidth v0.6.2 h1:ZDpTkFfpHOKte4RG5O/BOyf3ysnvFswpyYrV7z2uAKo=
-github.com/clipperhouse/displaywidth v0.6.2/go.mod h1:R+kHuzaYWFkTm7xoMmK1lFydbci4X2CicfbGstSGg0o=
-github.com/clipperhouse/stringish v0.1.1 h1:+NSqMOr3GR6k1FdRhhnXrLfztGzuG+VuFDfatpWHKCs=
-github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
-github.com/clipperhouse/uax29/v2 v2.3.0 h1:SNdx9DVUqMoBuBoW3iLOj4FQv3dN5mDtuqwuhIGpJy4=
-github.com/clipperhouse/uax29/v2 v2.3.0/go.mod h1:Wn1g7MK6OoeDT0vL+Q0SQLDz/KpfsVRgg6W7ihQeh4g=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
 github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM=
-github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
-github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
-github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
-github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
 github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
@@ -56,16 +44,20 @@ github.com/libdns/cloudflare v0.2.2 h1:XWHv+C1dDcApqazlh08Q6pjytYLgR2a+Y3xrXFu0v
 github.com/libdns/cloudflare v0.2.2/go.mod h1:w9uTmRCDlAoafAsTPnn2nJ0XHK/eaUMh86DUk8BWi60=
 github.com/libdns/libdns v1.1.1 h1:wPrHrXILoSHKWJKGd0EiAVmiJbFShguILTg9leS/P/U=
 github.com/libdns/libdns v1.1.1/go.mod h1:4Bj9+5CQiNMVGf87wjX4CY3HQJypUHRuLvlsfsZqLWQ=
-github.com/lucasb-eyer/go-colorful v1.3.0 h1:2/yBRLdWBZKrf7gB40FoiKfAWYQ0lqNcbuQwVHXptag=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
-github.com/lucasb-eyer/go-colorful v1.3.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
 github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
-github.com/mattn/go-runewidth v0.0.19 h1:v++JhqYnZuu5jSKrk9RbgF5v4CGUjqRfBm05byFGLdw=
+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
-github.com/mattn/go-runewidth v0.0.19/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs=
+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mholt/acmez/v3 v3.1.3 h1:gUl789rjbJSuM5hYzOFnNaGgWPV1xVfnOs59o0dZEcc=
+github.com/mholt/acmez/v3 v3.1.3/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
 github.com/mholt/acmez/v3 v3.1.4 h1:DyzZe/RnAzT3rpZj/2Ii5xZpiEvvYk3cQEN/RmqxwFQ=
 github.com/mholt/acmez/v3 v3.1.4/go.mod h1:L1wOU06KKvq7tswuMDwKdcHeKpFFgkppZy/y0DFxagQ=
+github.com/miekg/dns v1.1.68 h1:jsSRkNozw7G/mnmXULynzMNIsgY2dHC8LO6U6Ij2JEA=
+github.com/miekg/dns v1.1.68/go.mod h1:fujopn7TB3Pu3JM69XaawiU0wqjpL9/8xGop5UrTPps=
 github.com/miekg/dns v1.1.69 h1:Kb7Y/1Jo+SG+a2GtfoFUfDkG//csdRPwRLkCsxDG9Sc=
 github.com/miekg/dns v1.1.69/go.mod h1:7OyjD9nEba5OkqQ/hB4fy3PIoxafSZJtducccIelz3g=
 github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI=
@@ -76,6 +68,7 @@ github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc
 github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/sahilm/fuzzy v0.1.1 h1:ceu5RHF8DGgoi+/dR5PsECjCDH1BE3Fnmpo7aVXOdRA=
@@ -90,53 +83,37 @@ github.com/zeebo/blake3 v0.2.4 h1:KYQPkhpRtcqh0ssGYcKLG1JYvddkEA8QwCM/yBqhaZI=
 github.com/zeebo/blake3 v0.2.4/go.mod h1:7eeQ6d2iXWRGF6npfaxl2CU+xy2Fjo2gxeyZGCRUjcE=
 github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo=
 github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4=
-go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
-go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
-go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8=
-go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM=
-go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA=
-go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI=
-go.opentelemetry.io/otel/sdk v1.38.0 h1:l48sr5YbNf2hpCUj/FoGhW9yDkl+Ma+LrVl8qaM5b+E=
-go.opentelemetry.io/otel/sdk v1.38.0/go.mod h1:ghmNdGlVemJI3+ZB5iDEuk4bWA3GkTpW+DOoZMYBVVg=
-go.opentelemetry.io/otel/sdk/metric v1.38.0 h1:aSH66iL0aZqo//xXzQLYozmWrXxyFkBJ6qT5wthqPoM=
-go.opentelemetry.io/otel/sdk/metric v1.38.0/go.mod h1:dg9PBnW9XdQ1Hd6ZnRz689CbtrUp0wMMs9iPcgT9EZA=
-go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE=
-go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
 go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.uber.org/zap/exp v0.3.0 h1:6JYzdifzYkGmTdRR59oYH+Ng7k49H9qVpWwNSsGJj3U=
 go.uber.org/zap/exp v0.3.0/go.mod h1:5I384qq7XGxYyByIhHm6jg5CHkGY0nsTfbDLgDDlgJQ=
-golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
+golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
-golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
+golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561 h1:MDc5xs78ZrZr3HMQugiXOAkSZtfTpbJLDr/lwfgO53E=
-golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
+golang.org/x/exp v0.0.0-20220909182711-5c715a9e8561/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
-golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
+golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
-golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
+golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
 golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
 golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
 golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
 golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
-golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
+golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
-golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
-golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
-golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
-golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
+golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
-golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
+golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
-gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
-gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b h1:Mv8VFug0MP9e5vUxfBcE3vUkV6CImK3cMNMIDFjmzxU=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
-google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc=
-google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U=
-google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
-google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/config/config.go

@@ -1,17 +1,19 @@
 package config
 
 import (
+	"log"
 	"os"
 	"strconv"
 
 	"github.com/joho/godotenv"
 )
 
-func Load() error {
+func init() {
 	if _, err := os.Stat(".env"); err == nil {
-		return godotenv.Load(".env")
+		if err := godotenv.Load(".env"); err != nil {
+			log.Printf("Warning: Failed to load .env file: %s", err)
+		}
 	}
-	return nil
 }
 
 func Getenv(key, defaultValue string) string {

internal/grpc/client/client.go

@@ -1,366 +0,0 @@
-package client
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"io"
-	"log"
-	"time"
-	"tunnel_pls/internal/config"
-	"tunnel_pls/types"
-
-	"tunnel_pls/session"
-
-	proto "git.fossy.my.id/bagas/tunnel-please-grpc/gen"
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/credentials/insecure"
-	"google.golang.org/grpc/health/grpc_health_v1"
-	"google.golang.org/grpc/keepalive"
-	"google.golang.org/grpc/status"
-	"google.golang.org/protobuf/types/known/timestamppb"
-)
-
-type Client interface {
-	SubscribeEvents(ctx context.Context, identity, authToken string) error
-	ClientConn() *grpc.ClientConn
-	AuthorizeConn(ctx context.Context, token string) (authorized bool, user string, err error)
-	Close() error
-	CheckServerHealth(ctx context.Context) error
-}
-type client struct {
-	conn                       *grpc.ClientConn
-	address                    string
-	sessionRegistry            session.Registry
-	eventService               proto.EventServiceClient
-	authorizeConnectionService proto.UserServiceClient
-	closing                    bool
-}
-
-func New(address string, sessionRegistry session.Registry) (Client, error) {
-	var opts []grpc.DialOption
-
-	opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
-
-	kaParams := keepalive.ClientParameters{
-		Time:                2 * time.Minute,
-		Timeout:             10 * time.Second,
-		PermitWithoutStream: false,
-	}
-
-	opts = append(opts, grpc.WithKeepaliveParams(kaParams))
-
-	opts = append(opts,
-		grpc.WithDefaultCallOptions(
-			grpc.MaxCallRecvMsgSize(4*1024*1024),
-			grpc.MaxCallSendMsgSize(4*1024*1024),
-		),
-	)
-
-	conn, err := grpc.NewClient(address, opts...)
-	if err != nil {
-		return nil, fmt.Errorf("failed to connect to gRPC server at %s: %w", address, err)
-	}
-
-	eventService := proto.NewEventServiceClient(conn)
-	authorizeConnectionService := proto.NewUserServiceClient(conn)
-
-	return &client{
-		conn:                       conn,
-		address:                    address,
-		sessionRegistry:            sessionRegistry,
-		eventService:               eventService,
-		authorizeConnectionService: authorizeConnectionService,
-	}, nil
-}
-
-func (c *client) SubscribeEvents(ctx context.Context, identity, authToken string) error {
-	const (
-		baseBackoff = time.Second
-		maxBackoff  = 30 * time.Second
-	)
-
-	backoff := baseBackoff
-	wait := func() error {
-		if backoff <= 0 {
-			return nil
-		}
-		select {
-		case <-time.After(backoff):
-			return nil
-		case <-ctx.Done():
-			return ctx.Err()
-		}
-	}
-	growBackoff := func() {
-		backoff *= 2
-		if backoff > maxBackoff {
-			backoff = maxBackoff
-		}
-	}
-
-	for {
-		subscribe, err := c.eventService.Subscribe(ctx)
-		if err != nil {
-			if errors.Is(err, context.Canceled) || status.Code(err) == codes.Canceled || ctx.Err() != nil {
-				return err
-			}
-			if !c.isConnectionError(err) || status.Code(err) == codes.Unauthenticated {
-				return err
-			}
-			if err = wait(); err != nil {
-				return err
-			}
-			growBackoff()
-			log.Printf("Reconnect to controller within %v sec", backoff.Seconds())
-			continue
-		}
-
-		err = subscribe.Send(&proto.Node{
-			Type: proto.EventType_AUTHENTICATION,
-			Payload: &proto.Node_AuthEvent{
-				AuthEvent: &proto.Authentication{
-					Identity:  identity,
-					AuthToken: authToken,
-				},
-			},
-		})
-
-		if err != nil {
-			log.Println("Authentication failed to send to gRPC server:", err)
-			if c.isConnectionError(err) {
-				if err = wait(); err != nil {
-					return err
-				}
-				growBackoff()
-				continue
-			}
-			return err
-		}
-		log.Println("Authentication Successfully sent to gRPC server")
-		backoff = baseBackoff
-
-		if err = c.processEventStream(subscribe); err != nil {
-			if errors.Is(err, context.Canceled) || status.Code(err) == codes.Canceled || ctx.Err() != nil {
-				return err
-			}
-			if c.isConnectionError(err) {
-				log.Printf("Reconnect to controller within %v sec", backoff.Seconds())
-				if err = wait(); err != nil {
-					return err
-				}
-				growBackoff()
-				continue
-			}
-			return err
-		}
-	}
-}
-
-func (c *client) processEventStream(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events]) error {
-	handlers := c.eventHandlers(subscribe)
-
-	for {
-		recv, err := subscribe.Recv()
-		if err != nil {
-			return err
-		}
-
-		handler, ok := handlers[recv.GetType()]
-		if !ok {
-			log.Printf("Unknown event type received: %v", recv.GetType())
-			continue
-		}
-
-		if err = handler(recv); err != nil {
-			return err
-		}
-	}
-}
-
-func (c *client) eventHandlers(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events]) map[proto.EventType]func(*proto.Events) error {
-	return map[proto.EventType]func(*proto.Events) error{
-		proto.EventType_SLUG_CHANGE:       func(evt *proto.Events) error { return c.handleSlugChange(subscribe, evt) },
-		proto.EventType_GET_SESSIONS:      func(evt *proto.Events) error { return c.handleGetSessions(subscribe, evt) },
-		proto.EventType_TERMINATE_SESSION: func(evt *proto.Events) error { return c.handleTerminateSession(subscribe, evt) },
-	}
-}
-
-func (c *client) handleSlugChange(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
-	slugEvent := evt.GetSlugEvent()
-	user := slugEvent.GetUser()
-	oldSlug := slugEvent.GetOld()
-	newSlug := slugEvent.GetNew()
-
-	userSession, err := c.sessionRegistry.Get(types.SessionKey{Id: oldSlug, Type: types.HTTP})
-	if err != nil {
-		return c.sendNode(subscribe, &proto.Node{
-			Type: proto.EventType_SLUG_CHANGE_RESPONSE,
-			Payload: &proto.Node_SlugEventResponse{
-				SlugEventResponse: &proto.SlugChangeEventResponse{Success: false, Message: err.Error()},
-			},
-		}, "slug change failure response")
-	}
-
-	if err = c.sessionRegistry.Update(user, types.SessionKey{Id: oldSlug, Type: types.HTTP}, types.SessionKey{Id: newSlug, Type: types.HTTP}); err != nil {
-		return c.sendNode(subscribe, &proto.Node{
-			Type: proto.EventType_SLUG_CHANGE_RESPONSE,
-			Payload: &proto.Node_SlugEventResponse{
-				SlugEventResponse: &proto.SlugChangeEventResponse{Success: false, Message: err.Error()},
-			},
-		}, "slug change failure response")
-	}
-
-	userSession.Interaction().Redraw()
-	return c.sendNode(subscribe, &proto.Node{
-		Type: proto.EventType_SLUG_CHANGE_RESPONSE,
-		Payload: &proto.Node_SlugEventResponse{
-			SlugEventResponse: &proto.SlugChangeEventResponse{Success: true, Message: ""},
-		},
-	}, "slug change success response")
-}
-
-func (c *client) handleGetSessions(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
-	sessions := c.sessionRegistry.GetAllSessionFromUser(evt.GetGetSessionsEvent().GetIdentity())
-
-	var details []*proto.Detail
-	for _, ses := range sessions {
-		detail := ses.Detail()
-		details = append(details, &proto.Detail{
-			Node:           config.Getenv("DOMAIN", "localhost"),
-			ForwardingType: detail.ForwardingType,
-			Slug:           detail.Slug,
-			UserId:         detail.UserID,
-			Active:         detail.Active,
-			StartedAt:      timestamppb.New(detail.StartedAt),
-		})
-	}
-
-	return c.sendNode(subscribe, &proto.Node{
-		Type: proto.EventType_GET_SESSIONS,
-		Payload: &proto.Node_GetSessionsEvent{
-			GetSessionsEvent: &proto.GetSessionsResponse{Details: details},
-		},
-	}, "send get sessions response")
-}
-
-func (c *client) handleTerminateSession(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], evt *proto.Events) error {
-	terminate := evt.GetTerminateSessionEvent()
-	user := terminate.GetUser()
-	slug := terminate.GetSlug()
-
-	tunnelType, err := c.protoToTunnelType(terminate.GetTunnelType())
-	if err != nil {
-		return c.sendNode(subscribe, &proto.Node{
-			Type: proto.EventType_TERMINATE_SESSION,
-			Payload: &proto.Node_TerminateSessionEventResponse{
-				TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
-			},
-		}, "terminate session invalid tunnel type")
-	}
-
-	userSession, err := c.sessionRegistry.GetWithUser(user, types.SessionKey{Id: slug, Type: tunnelType})
-	if err != nil {
-		return c.sendNode(subscribe, &proto.Node{
-			Type: proto.EventType_TERMINATE_SESSION,
-			Payload: &proto.Node_TerminateSessionEventResponse{
-				TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
-			},
-		}, "terminate session fetch failed")
-	}
-
-	if err = userSession.Lifecycle().Close(); err != nil {
-		return c.sendNode(subscribe, &proto.Node{
-			Type: proto.EventType_TERMINATE_SESSION,
-			Payload: &proto.Node_TerminateSessionEventResponse{
-				TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: false, Message: err.Error()},
-			},
-		}, "terminate session close failed")
-	}
-
-	return c.sendNode(subscribe, &proto.Node{
-		Type: proto.EventType_TERMINATE_SESSION,
-		Payload: &proto.Node_TerminateSessionEventResponse{
-			TerminateSessionEventResponse: &proto.TerminateSessionEventResponse{Success: true, Message: ""},
-		},
-	}, "terminate session success response")
-}
-
-func (c *client) sendNode(subscribe grpc.BidiStreamingClient[proto.Node, proto.Events], node *proto.Node, context string) error {
-	if err := subscribe.Send(node); err != nil {
-		if c.isConnectionError(err) {
-			return err
-		}
-		log.Printf("%s: %v", context, err)
-	}
-	return nil
-}
-
-func (c *client) protoToTunnelType(t proto.TunnelType) (types.TunnelType, error) {
-	switch t {
-	case proto.TunnelType_HTTP:
-		return types.HTTP, nil
-	case proto.TunnelType_TCP:
-		return types.TCP, nil
-	default:
-		return types.UNKNOWN, fmt.Errorf("unknown tunnel type received")
-	}
-}
-
-func (c *client) ClientConn() *grpc.ClientConn {
-	return c.conn
-}
-
-func (c *client) AuthorizeConn(ctx context.Context, token string) (authorized bool, user string, err error) {
-	check, err := c.authorizeConnectionService.Check(ctx, &proto.CheckRequest{AuthToken: token})
-	if err != nil {
-		return false, "UNAUTHORIZED", err
-	}
-
-	if check.GetResponse() == proto.AuthorizationResponse_MESSAGE_TYPE_UNAUTHORIZED {
-		return false, "UNAUTHORIZED", nil
-	}
-	return true, check.GetUser(), nil
-}
-
-func (c *client) CheckServerHealth(ctx context.Context) error {
-	healthClient := grpc_health_v1.NewHealthClient(c.ClientConn())
-	resp, err := healthClient.Check(ctx, &grpc_health_v1.HealthCheckRequest{
-		Service: "",
-	})
-	if err != nil {
-		return fmt.Errorf("health check failed: %w", err)
-	}
-	if resp.Status != grpc_health_v1.HealthCheckResponse_SERVING {
-		return fmt.Errorf("server not serving: %v", resp.Status)
-	}
-	return nil
-}
-
-func (c *client) Close() error {
-	if c.conn != nil {
-		log.Printf("Closing gRPC connection to %s", c.address)
-		c.closing = true
-		return c.conn.Close()
-	}
-	return nil
-}
-
-func (c *client) isConnectionError(err error) bool {
-	if c.closing {
-		return false
-	}
-	if err == nil {
-		return false
-	}
-	if errors.Is(err, io.EOF) {
-		return true
-	}
-	switch status.Code(err) {
-	case codes.Unavailable, codes.Canceled, codes.DeadlineExceeded:
-		return true
-	default:
-		return false
-	}
-}

internal/port/port.go

@@ -3,30 +3,53 @@ package port
 import (
 	"fmt"
 	"sort"
+	"strconv"
+	"strings"
 	"sync"
+	"tunnel_pls/internal/config"
 )
 
-type Registry interface {
+type Manager interface {
 	AddPortRange(startPort, endPort uint16) error
 	GetUnassignedPort() (uint16, bool)
 	SetPortStatus(port uint16, assigned bool) error
-	ClaimPort(port uint16) (claimed bool)
+	GetPortStatus(port uint16) (bool, bool)
 }
 
-type registry struct {
+type manager struct {
 	mu          sync.RWMutex
 	ports       map[uint16]bool
 	sortedPorts []uint16
 }
 
-func New() Registry {
+var Default Manager = &manager{
-	return &registry{
 	ports:       make(map[uint16]bool),
 	sortedPorts: []uint16{},
-	}
 }
 
-func (pm *registry) AddPortRange(startPort, endPort uint16) error {
+func init() {
+	rawRange := config.Getenv("ALLOWED_PORTS", "")
+	if rawRange == "" {
+		return
+	}
+
+	splitRange := strings.Split(rawRange, "-")
+	if len(splitRange) != 2 {
+		return
+	}
+
+	start, err := strconv.ParseUint(splitRange[0], 10, 16)
+	if err != nil {
+		return
+	}
+	end, err := strconv.ParseUint(splitRange[1], 10, 16)
+	if err != nil {
+		return
+	}
+	_ = Default.AddPortRange(uint16(start), uint16(end))
+}
+
+func (pm *manager) AddPortRange(startPort, endPort uint16) error {
 	pm.mu.Lock()
 	defer pm.mu.Unlock()
 
@@ -45,19 +68,20 @@ func (pm *registry) AddPortRange(startPort, endPort uint16) error {
 	return nil
 }
 
-func (pm *registry) GetUnassignedPort() (uint16, bool) {
+func (pm *manager) GetUnassignedPort() (uint16, bool) {
 	pm.mu.Lock()
 	defer pm.mu.Unlock()
 
 	for _, port := range pm.sortedPorts {
 		if !pm.ports[port] {
+			pm.ports[port] = true
 			return port, true
 		}
 	}
 	return 0, false
 }
 
-func (pm *registry) SetPortStatus(port uint16, assigned bool) error {
+func (pm *manager) SetPortStatus(port uint16, assigned bool) error {
 	pm.mu.Lock()
 	defer pm.mu.Unlock()
 
@@ -65,21 +89,10 @@ func (pm *registry) SetPortStatus(port uint16, assigned bool) error {
 	return nil
 }
 
-func (pm *registry) ClaimPort(port uint16) (claimed bool) {
+func (pm *manager) GetPortStatus(port uint16) (bool, bool) {
-	pm.mu.Lock()
+	pm.mu.RLock()
-	defer pm.mu.Unlock()
+	defer pm.mu.RUnlock()
 
 	status, exists := pm.ports[port]
-
+	return status, exists
-	if exists && status {
-		return false
-	}
-
-	if !exists {
-		pm.ports[port] = true
-		return true
-	}
-
-	pm.ports[port] = true
-	return true
 }

internal/random/random.go

@@ -1,18 +1,18 @@
 package random
 
-import "crypto/rand"
+import (
+	mathrand "math/rand"
+	"strings"
+	"time"
+)
 
-func GenerateRandomString(length int) (string, error) {
+func GenerateRandomString(length int) string {
-	const charset = "abcdefghijklmnopqrstuvwxyz0123456789"
+	const charset = "abcdefghijklmnopqrstuvwxyz"
-	b := make([]byte, length)
+	seededRand := mathrand.New(mathrand.NewSource(time.Now().UnixNano() + int64(mathrand.Intn(9999))))
-
+	var result strings.Builder
-	if _, err := rand.Read(b); err != nil {
+	for i := 0; i < length; i++ {
-		return "", err
+		randomIndex := seededRand.Intn(len(charset))
+		result.WriteString(string(charset[randomIndex]))
 	}
-
+	return result.String()
-	for i := range b {
-		b[i] = charset[int(b[i])%len(charset)]
-	}
-
-	return string(b), nil
 }

main.go

@@ -1,21 +1,13 @@
 package main
 
 import (
-	"context"
 	"fmt"
 	"log"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
-	"os/signal"
-	"strconv"
-	"strings"
-	"syscall"
-	"time"
 	"tunnel_pls/internal/config"
-	"tunnel_pls/internal/grpc/client"
 	"tunnel_pls/internal/key"
-	"tunnel_pls/internal/port"
 	"tunnel_pls/server"
 	"tunnel_pls/session"
 	"tunnel_pls/version"
@@ -34,22 +26,13 @@ func main() {
 
 	log.Printf("Starting %s", version.GetVersion())
 
-	err := config.Load()
-	if err != nil {
-		log.Fatalf("Failed to load configuration: %s", err)
-		return
-	}
-
-	mode := strings.ToLower(config.Getenv("MODE", "standalone"))
-	isNodeMode := mode == "node"
-
 	pprofEnabled := config.Getenv("PPROF_ENABLED", "false")
 	if pprofEnabled == "true" {
 		pprofPort := config.Getenv("PPROF_PORT", "6060")
 		go func() {
 			pprofAddr := fmt.Sprintf("localhost:%s", pprofPort)
 			log.Printf("Starting pprof server on http://%s/debug/pprof/", pprofAddr)
-			if err = http.ListenAndServe(pprofAddr, nil); err != nil {
+			if err := http.ListenAndServe(pprofAddr, nil); err != nil {
 				log.Printf("pprof server error: %v", err)
 			}
 		}()
@@ -57,11 +40,11 @@ func main() {
 
 	sshConfig := &ssh.ServerConfig{
 		NoClientAuth:  true,
-		ServerVersion: fmt.Sprintf("SSH-2.0-TunnelPlease-%s", version.GetShortVersion()),
+		ServerVersion: fmt.Sprintf("SSH-2.0-TunnlPls-%s", version.GetShortVersion()),
 	}
 
 	sshKeyPath := "certs/ssh/id_rsa"
-	if err = key.GenerateSSHKeyIfNotExist(sshKeyPath); err != nil {
+	if err := key.GenerateSSHKeyIfNotExist(sshKeyPath); err != nil {
 		log.Fatalf("Failed to generate SSH key: %s", err)
 	}
 
@@ -78,95 +61,9 @@ func main() {
 	sshConfig.AddHostKey(private)
 	sessionRegistry := session.NewRegistry()
 
-	ctx, cancel := context.WithCancel(context.Background())
+	app, err := server.NewServer(sshConfig, sessionRegistry)
-	defer cancel()
-
-	errChan := make(chan error, 2)
-	shutdownChan := make(chan os.Signal, 1)
-	signal.Notify(shutdownChan, os.Interrupt, syscall.SIGTERM)
-
-	var grpcClient client.Client
-	if isNodeMode {
-		grpcHost := config.Getenv("GRPC_ADDRESS", "localhost")
-		grpcPort := config.Getenv("GRPC_PORT", "8080")
-		grpcAddr := fmt.Sprintf("%s:%s", grpcHost, grpcPort)
-		nodeToken := config.Getenv("NODE_TOKEN", "")
-		if nodeToken == "" {
-			log.Fatalf("NODE_TOKEN is required in node mode")
-		}
-
-		grpcClient, err = client.New(grpcAddr, sessionRegistry)
 	if err != nil {
-			log.Fatalf("failed to create grpc client: %v", err)
+		log.Fatalf("Failed to start server: %s", err)
-		}
-
-		healthCtx, healthCancel := context.WithTimeout(ctx, 5*time.Second)
-		if err = grpcClient.CheckServerHealth(healthCtx); err != nil {
-			healthCancel()
-			log.Fatalf("gRPC health check failed: %v", err)
-		}
-		healthCancel()
-
-		go func() {
-			identity := config.Getenv("DOMAIN", "localhost")
-			if err = grpcClient.SubscribeEvents(ctx, identity, nodeToken); err != nil {
-				errChan <- fmt.Errorf("failed to subscribe to events: %w", err)
-			}
-		}()
-	}
-
-	portManager := port.New()
-	rawRange := config.Getenv("ALLOWED_PORTS", "")
-	if rawRange != "" {
-		splitRange := strings.Split(rawRange, "-")
-		if len(splitRange) == 2 {
-			var start, end uint64
-			start, err = strconv.ParseUint(splitRange[0], 10, 16)
-			if err != nil {
-				log.Fatalf("Failed to parse start port: %s", err)
-			}
-
-			end, err = strconv.ParseUint(splitRange[1], 10, 16)
-			if err != nil {
-				log.Fatalf("Failed to parse end port: %s", err)
-			}
-
-			if err = portManager.AddPortRange(uint16(start), uint16(end)); err != nil {
-				log.Fatalf("Failed to add port range: %s", err)
-			}
-			log.Printf("PortRegistry range configured: %d-%d", start, end)
-		} else {
-			log.Printf("Invalid ALLOWED_PORTS format, expected 'start-end', got: %s", rawRange)
-		}
-	}
-	var app server.Server
-	go func() {
-		app, err = server.New(sshConfig, sessionRegistry, grpcClient, portManager)
-		if err != nil {
-			errChan <- fmt.Errorf("failed to start server: %s", err)
-			return
 	}
 	app.Start()
-	}()
-
-	select {
-	case err = <-errChan:
-		log.Printf("error happen : %s", err)
-	case sig := <-shutdownChan:
-		log.Printf("received signal %s, shutting down", sig)
-	}
-
-	cancel()
-
-	if app != nil {
-		if err = app.Close(); err != nil {
-			log.Printf("failed to close server : %s", err)
-		}
-	}
-
-	if grpcClient != nil {
-		if err = grpcClient.Close(); err != nil {
-			log.Printf("failed to close grpc conn : %s", err)
-		}
-	}
 }

renovate-config.js

@@ -0,0 +1,8 @@
+module.exports = {
+    "endpoint": "https://git.fossy.my.id/api/v1",
+    "gitAuthor": "Renovate-Clanker <renovate-bot@fossy.my.id>",
+    "platform": "gitea",
+    "onboardingConfigFileName": "renovate.json",
+    "autodiscover": true,
+    "optimizeForDisabled": true,
+};

server/http.go

@@ -13,7 +13,6 @@ import (
 	"time"
 	"tunnel_pls/internal/config"
 	"tunnel_pls/session"
-	"tunnel_pls/types"
 
 	"golang.org/x/crypto/ssh"
 )
@@ -314,11 +313,8 @@ func (hs *httpServer) handler(conn net.Conn) {
 		return
 	}
 
-	sshSession, err := hs.sessionRegistry.Get(types.SessionKey{
+	sshSession, exist := hs.sessionRegistry.Get(slug)
-		Id:   slug,
+	if !exist {
-		Type: types.HTTP,
-	})
-	if err != nil {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +
@@ -335,8 +331,8 @@ func (hs *httpServer) handler(conn net.Conn) {
 	return
 }
 
-func forwardRequest(cw HTTPWriter, initialRequest RequestHeaderManager, sshSession session.Session) {
+func forwardRequest(cw HTTPWriter, initialRequest RequestHeaderManager, sshSession *session.SSHSession) {
-	payload := sshSession.Forwarder().CreateForwardedTCPIPPayload(cw.GetRemoteAddr())
+	payload := sshSession.GetForwarder().CreateForwardedTCPIPPayload(cw.GetRemoteAddr())
 
 	type channelResult struct {
 		channel ssh.Channel
@@ -346,7 +342,7 @@ func forwardRequest(cw HTTPWriter, initialRequest RequestHeaderManager, sshSessi
 	resultChan := make(chan channelResult, 1)
 
 	go func() {
-		channel, reqs, err := sshSession.Lifecycle().Connection().OpenChannel("forwarded-tcpip", payload)
+		channel, reqs, err := sshSession.GetLifecycle().GetConnection().OpenChannel("forwarded-tcpip", payload)
 		resultChan <- channelResult{channel, reqs, err}
 	}()
 
@@ -357,14 +353,14 @@ func forwardRequest(cw HTTPWriter, initialRequest RequestHeaderManager, sshSessi
 	case result := <-resultChan:
 		if result.err != nil {
 			log.Printf("Failed to open forwarded-tcpip channel: %v", result.err)
-			sshSession.Forwarder().WriteBadGatewayResponse(cw.GetWriter())
+			sshSession.GetForwarder().WriteBadGatewayResponse(cw.GetWriter())
 			return
 		}
 		channel = result.channel
 		reqs = result.reqs
 	case <-time.After(5 * time.Second):
 		log.Printf("Timeout opening forwarded-tcpip channel")
-		sshSession.Forwarder().WriteBadGatewayResponse(cw.GetWriter())
+		sshSession.GetForwarder().WriteBadGatewayResponse(cw.GetWriter())
 		return
 	}
 
@@ -390,6 +386,6 @@ func forwardRequest(cw HTTPWriter, initialRequest RequestHeaderManager, sshSessi
 		return
 	}
 
-	sshSession.Forwarder().HandleConnection(cw, channel, cw.GetRemoteAddr())
+	sshSession.GetForwarder().HandleConnection(cw, channel, cw.GetRemoteAddr())
 	return
 }

server/https.go

@@ -9,7 +9,6 @@ import (
 	"net"
 	"strings"
 	"tunnel_pls/internal/config"
-	"tunnel_pls/types"
 )
 
 func (hs *httpServer) ListenAndServeTLS() error {
@@ -90,11 +89,8 @@ func (hs *httpServer) handlerTLS(conn net.Conn) {
 		return
 	}
 
-	sshSession, err := hs.sessionRegistry.Get(types.SessionKey{
+	sshSession, exist := hs.sessionRegistry.Get(slug)
-		Id:   slug,
+	if !exist {
-		Type: types.HTTP,
-	})
-	if err != nil {
 		_, err = conn.Write([]byte("HTTP/1.1 301 Moved Permanently\r\n" +
 			fmt.Sprintf("Location: https://tunnl.live/tunnel-not-found?slug=%s\r\n", slug) +
 			"Content-Length: 0\r\n" +

server/server.go

@@ -1,33 +1,22 @@
 package server
 
 import (
-	"context"
-	"errors"
 	"fmt"
 	"log"
 	"net"
-	"time"
 	"tunnel_pls/internal/config"
-	"tunnel_pls/internal/grpc/client"
-	"tunnel_pls/internal/port"
 	"tunnel_pls/session"
 
 	"golang.org/x/crypto/ssh"
 )
 
-type Server interface {
+type Server struct {
-	Start()
+	conn            *net.Listener
-	Close() error
-}
-type server struct {
-	listener        net.Listener
 	config          *ssh.ServerConfig
-	grpcClient      client.Client
 	sessionRegistry session.Registry
-	portRegistry    port.Registry
 }
 
-func New(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry, grpcClient client.Client, portRegistry port.Registry) (Server, error) {
+func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry) (*Server, error) {
 	listener, err := net.Listen("tcp", fmt.Sprintf(":%s", config.Getenv("PORT", "2200")))
 	if err != nil {
 		log.Fatalf("failed to listen on port 2200: %v", err)
@@ -49,24 +38,18 @@ func New(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry, grpcClie
 		}
 	}
 
-	return &server{
+	return &Server{
-		listener:        listener,
+		conn:            &listener,
 		config:          sshConfig,
-		grpcClient:      grpcClient,
 		sessionRegistry: sessionRegistry,
-		portRegistry:    portRegistry,
 	}, nil
 }
 
-func (s *server) Start() {
+func (s *Server) Start() {
 	log.Println("SSH server is starting on port 2200...")
 	for {
-		conn, err := s.listener.Accept()
+		conn, err := (*s.conn).Accept()
 		if err != nil {
-			if errors.Is(err, net.ErrClosed) {
-				log.Println("listener closed, stopping server")
-				return
-			}
 			log.Printf("failed to accept connection: %v", err)
 			continue
 		}
@@ -75,15 +58,11 @@ func (s *server) Start() {
 	}
 }
 
-func (s *server) Close() error {
+func (s *Server) handleConnection(conn net.Conn) {
-	return s.listener.Close()
-}
-
-func (s *server) handleConnection(conn net.Conn) {
 	sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
 	if err != nil {
 		log.Printf("failed to establish SSH connection: %v", err)
-		err = conn.Close()
+		err := conn.Close()
 		if err != nil {
 			log.Printf("failed to close SSH connection: %v", err)
 			return
@@ -91,22 +70,9 @@ func (s *server) handleConnection(conn net.Conn) {
 		return
 	}
 
-	defer func(sshConn *ssh.ServerConn) {
-		err = sshConn.Close()
-		if err != nil && !errors.Is(err, net.ErrClosed) {
-			log.Printf("failed to close SSH server: %v", err)
-		}
-	}(sshConn)
-
-	user := "UNAUTHORIZED"
-	if s.grpcClient != nil {
-		ctx, cancel := context.WithTimeout(context.Background(), time.Second*5)
-		_, u, _ := s.grpcClient.AuthorizeConn(ctx, sshConn.User())
-		user = u
-		cancel()
-	}
 	log.Println("SSH connection established:", sshConn.User())
-	sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry, s.portRegistry, user)
+
+	sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry)
 	err = sshSession.Start()
 	if err != nil {
 		log.Printf("SSH session ended with error: %v", err)

server/tls.go

@@ -301,16 +301,22 @@ func (tm *tlsManager) initCertMagic() error {
 func (tm *tlsManager) getTLSConfig() *tls.Config {
 	return &tls.Config{
 		GetCertificate: tm.getCertificate,
-
 		MinVersion:     tls.VersionTLS13,
 		MaxVersion:     tls.VersionTLS13,
 
+		SessionTicketsDisabled: false,
+
+		CipherSuites: []uint16{
+			tls.TLS_AES_128_GCM_SHA256,
+			tls.TLS_CHACHA20_POLY1305_SHA256,
+		},
+
 		CurvePreferences: []tls.CurveID{
 			tls.X25519,
 		},
 
-		SessionTicketsDisabled: false,
 		ClientAuth: tls.NoClientCert,
+		NextProtos: nil,
 	}
 }
 

session/forwarder/forwarder.go

@@ -30,41 +30,50 @@ func copyWithBuffer(dst io.Writer, src io.Reader) (written int64, err error) {
 	return io.CopyBuffer(dst, src, buf)
 }
 
-type forwarder struct {
+type Forwarder struct {
 	listener      net.Listener
 	tunnelType    types.TunnelType
 	forwardedPort uint16
-	slug          slug.Slug
+	slugManager   slug.Manager
-	conn          ssh.Conn
+	lifecycle     Lifecycle
 }
 
-func New(slug slug.Slug, conn ssh.Conn) Forwarder {
+func NewForwarder(slugManager slug.Manager) *Forwarder {
-	return &forwarder{
+	return &Forwarder{
 		listener:      nil,
-		tunnelType:    types.UNKNOWN,
+		tunnelType:    "",
 		forwardedPort: 0,
-		slug:          slug,
+		slugManager:   slugManager,
-		conn:          conn,
+		lifecycle:     nil,
 	}
 }
 
-type Forwarder interface {
+type Lifecycle interface {
-	SetType(tunnelType types.TunnelType)
+	GetConnection() ssh.Conn
-	SetForwardedPort(port uint16)
-	SetListener(listener net.Listener)
-	Listener() net.Listener
-	TunnelType() types.TunnelType
-	ForwardedPort() uint16
-	HandleConnection(dst io.ReadWriter, src ssh.Channel, remoteAddr net.Addr)
-	CreateForwardedTCPIPPayload(origin net.Addr) []byte
-	WriteBadGatewayResponse(dst io.Writer)
-	AcceptTCPConnections()
-	Close() error
 }
 
-func (f *forwarder) AcceptTCPConnections() {
+type ForwardingController interface {
+	AcceptTCPConnections()
+	SetType(tunnelType types.TunnelType)
+	GetTunnelType() types.TunnelType
+	GetForwardedPort() uint16
+	SetForwardedPort(port uint16)
+	SetListener(listener net.Listener)
+	GetListener() net.Listener
+	Close() error
+	HandleConnection(dst io.ReadWriter, src ssh.Channel, remoteAddr net.Addr)
+	SetLifecycle(lifecycle Lifecycle)
+	CreateForwardedTCPIPPayload(origin net.Addr) []byte
+	WriteBadGatewayResponse(dst io.Writer)
+}
+
+func (f *Forwarder) SetLifecycle(lifecycle Lifecycle) {
+	f.lifecycle = lifecycle
+}
+
+func (f *Forwarder) AcceptTCPConnections() {
 	for {
-		conn, err := f.Listener().Accept()
+		conn, err := f.GetListener().Accept()
 		if err != nil {
 			if errors.Is(err, net.ErrClosed) {
 				return
@@ -73,7 +82,7 @@ func (f *forwarder) AcceptTCPConnections() {
 			continue
 		}
 
-		if err = conn.SetDeadline(time.Now().Add(5 * time.Second)); err != nil {
+		if err := conn.SetDeadline(time.Now().Add(5 * time.Second)); err != nil {
 			log.Printf("Failed to set connection deadline: %v", err)
 			if closeErr := conn.Close(); closeErr != nil {
 				log.Printf("Failed to close connection: %v", closeErr)
@@ -91,7 +100,7 @@ func (f *forwarder) AcceptTCPConnections() {
 		resultChan := make(chan channelResult, 1)
 
 		go func() {
-			channel, reqs, err := f.conn.OpenChannel("forwarded-tcpip", payload)
+			channel, reqs, err := f.lifecycle.GetConnection().OpenChannel("forwarded-tcpip", payload)
 			resultChan <- channelResult{channel, reqs, err}
 		}()
 
@@ -105,7 +114,7 @@ func (f *forwarder) AcceptTCPConnections() {
 				continue
 			}
 
-			if err = conn.SetDeadline(time.Time{}); err != nil {
+			if err := conn.SetDeadline(time.Time{}); err != nil {
 				log.Printf("Failed to clear connection deadline: %v", err)
 			}
 
@@ -121,7 +130,7 @@ func (f *forwarder) AcceptTCPConnections() {
 	}
 }
 
-func (f *forwarder) HandleConnection(dst io.ReadWriter, src ssh.Channel, remoteAddr net.Addr) {
+func (f *Forwarder) HandleConnection(dst io.ReadWriter, src ssh.Channel, remoteAddr net.Addr) {
 	defer func() {
 		_, err := io.Copy(io.Discard, src)
 		if err != nil {
@@ -165,31 +174,31 @@ func (f *forwarder) HandleConnection(dst io.ReadWriter, src ssh.Channel, remoteA
 	wg.Wait()
 }
 
-func (f *forwarder) SetType(tunnelType types.TunnelType) {
+func (f *Forwarder) SetType(tunnelType types.TunnelType) {
 	f.tunnelType = tunnelType
 }
 
-func (f *forwarder) TunnelType() types.TunnelType {
+func (f *Forwarder) GetTunnelType() types.TunnelType {
 	return f.tunnelType
 }
 
-func (f *forwarder) ForwardedPort() uint16 {
+func (f *Forwarder) GetForwardedPort() uint16 {
 	return f.forwardedPort
 }
 
-func (f *forwarder) SetForwardedPort(port uint16) {
+func (f *Forwarder) SetForwardedPort(port uint16) {
 	f.forwardedPort = port
 }
 
-func (f *forwarder) SetListener(listener net.Listener) {
+func (f *Forwarder) SetListener(listener net.Listener) {
 	f.listener = listener
 }
 
-func (f *forwarder) Listener() net.Listener {
+func (f *Forwarder) GetListener() net.Listener {
 	return f.listener
 }
 
-func (f *forwarder) WriteBadGatewayResponse(dst io.Writer) {
+func (f *Forwarder) WriteBadGatewayResponse(dst io.Writer) {
 	_, err := dst.Write(types.BadGatewayResponse)
 	if err != nil {
 		log.Printf("failed to write Bad Gateway response: %v", err)
@@ -197,20 +206,20 @@ func (f *forwarder) WriteBadGatewayResponse(dst io.Writer) {
 	}
 }
 
-func (f *forwarder) Close() error {
+func (f *Forwarder) Close() error {
-	if f.Listener() != nil {
+	if f.GetListener() != nil {
 		return f.listener.Close()
 	}
 	return nil
 }
 
-func (f *forwarder) CreateForwardedTCPIPPayload(origin net.Addr) []byte {
+func (f *Forwarder) CreateForwardedTCPIPPayload(origin net.Addr) []byte {
 	var buf bytes.Buffer
 
 	host, originPort := parseAddr(origin.String())
 
 	writeSSHString(&buf, "localhost")
-	err := binary.Write(&buf, binary.BigEndian, uint32(f.ForwardedPort()))
+	err := binary.Write(&buf, binary.BigEndian, uint32(f.GetForwardedPort()))
 	if err != nil {
 		log.Printf("Failed to write string to buffer: %v", err)
 		return nil

session/handler.go

@@ -0,0 +1,291 @@
+package session
+
+import (
+	"bytes"
+	"encoding/binary"
+	"fmt"
+	"log"
+	"net"
+	portUtil "tunnel_pls/internal/port"
+	"tunnel_pls/internal/random"
+	"tunnel_pls/types"
+
+	"golang.org/x/crypto/ssh"
+)
+
+var blockedReservedPorts = []uint16{1080, 1433, 1521, 1900, 2049, 3306, 3389, 5432, 5900, 6379, 8080, 8443, 9000, 9200, 27017}
+
+func (s *SSHSession) HandleGlobalRequest(GlobalRequest <-chan *ssh.Request) {
+	for req := range GlobalRequest {
+		switch req.Type {
+		case "shell", "pty-req":
+			err := req.Reply(true, nil)
+			if err != nil {
+				log.Println("Failed to reply to request:", err)
+				return
+			}
+		case "window-change":
+			p := req.Payload
+			if len(p) < 16 {
+				log.Println("invalid window-change payload")
+				err := req.Reply(false, nil)
+				if err != nil {
+					log.Println("Failed to reply to request:", err)
+					return
+				}
+				return
+			}
+			cols := binary.BigEndian.Uint32(p[0:4])
+			rows := binary.BigEndian.Uint32(p[4:8])
+
+			s.interaction.SetWH(int(cols), int(rows))
+
+			err := req.Reply(true, nil)
+			if err != nil {
+				log.Println("Failed to reply to request:", err)
+				return
+			}
+		default:
+			log.Println("Unknown request type:", req.Type)
+			err := req.Reply(false, nil)
+			if err != nil {
+				log.Println("Failed to reply to request:", err)
+				return
+			}
+		}
+	}
+}
+
+func (s *SSHSession) HandleTCPIPForward(req *ssh.Request) {
+	log.Println("Port forwarding request detected")
+
+	reader := bytes.NewReader(req.Payload)
+
+	addr, err := readSSHString(reader)
+	if err != nil {
+		log.Println("Failed to read address from payload:", err)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+
+	var rawPortToBind uint32
+	if err := binary.Read(reader, binary.BigEndian, &rawPortToBind); err != nil {
+		log.Println("Failed to read port from payload:", err)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+
+	if rawPortToBind > 65535 {
+		log.Printf("Port %d is larger than allowed port of 65535", rawPortToBind)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+
+	portToBind := uint16(rawPortToBind)
+	if isBlockedPort(portToBind) {
+		log.Printf("Port %d is blocked or restricted", portToBind)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+
+	if portToBind == 80 || portToBind == 443 {
+		s.HandleHTTPForward(req, portToBind)
+		return
+	}
+	if portToBind == 0 {
+		unassign, success := portUtil.Default.GetUnassignedPort()
+		portToBind = unassign
+		if !success {
+			log.Println("No available port")
+			err := req.Reply(false, nil)
+			if err != nil {
+				log.Println("Failed to reply to request:", err)
+				return
+			}
+			err = s.lifecycle.Close()
+			if err != nil {
+				log.Printf("failed to close session: %v", err)
+			}
+			return
+		}
+	} else if isUse, isExist := portUtil.Default.GetPortStatus(portToBind); isExist && isUse {
+		log.Printf("Port %d is already in use or restricted", portToBind)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+	err = portUtil.Default.SetPortStatus(portToBind, true)
+	if err != nil {
+		log.Println("Failed to set port status:", err)
+		return
+	}
+
+	s.HandleTCPForward(req, addr, portToBind)
+}
+
+func (s *SSHSession) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
+	slug := random.GenerateRandomString(20)
+
+	if !s.registry.Register(slug, s) {
+		log.Printf("Failed to register client with slug: %s", slug)
+		err := req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+		}
+		return
+	}
+
+	buf := new(bytes.Buffer)
+	err := binary.Write(buf, binary.BigEndian, uint32(portToBind))
+	if err != nil {
+		log.Println("Failed to write port to buffer:", err)
+		s.registry.Remove(slug)
+		err = req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+		}
+		return
+	}
+	log.Printf("HTTP forwarding approved on port: %d", portToBind)
+
+	err = req.Reply(true, buf.Bytes())
+	if err != nil {
+		log.Println("Failed to reply to request:", err)
+		s.registry.Remove(slug)
+		err = req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+		}
+		return
+	}
+
+	s.forwarder.SetType(types.HTTP)
+	s.forwarder.SetForwardedPort(portToBind)
+	s.slugManager.Set(slug)
+	s.lifecycle.SetStatus(types.RUNNING)
+	s.interaction.Start()
+}
+
+func (s *SSHSession) HandleTCPForward(req *ssh.Request, addr string, portToBind uint16) {
+	log.Printf("Requested forwarding on %s:%d", addr, portToBind)
+	listener, err := net.Listen("tcp", fmt.Sprintf("0.0.0.0:%d", portToBind))
+	if err != nil {
+		log.Printf("Port %d is already in use or restricted", portToBind)
+		if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
+			log.Printf("Failed to reset port status: %v", setErr)
+		}
+		err = req.Reply(false, nil)
+		if err != nil {
+			log.Println("Failed to reply to request:", err)
+			return
+		}
+		err = s.lifecycle.Close()
+		if err != nil {
+			log.Printf("failed to close session: %v", err)
+		}
+		return
+	}
+
+	buf := new(bytes.Buffer)
+	err = binary.Write(buf, binary.BigEndian, uint32(portToBind))
+	if err != nil {
+		log.Println("Failed to write port to buffer:", err)
+		if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
+			log.Printf("Failed to reset port status: %v", setErr)
+		}
+		err = listener.Close()
+		if err != nil {
+			log.Printf("Failed to close listener: %s", err)
+			return
+		}
+		return
+	}
+
+	log.Printf("TCP forwarding approved on port: %d", portToBind)
+	err = req.Reply(true, buf.Bytes())
+	if err != nil {
+		log.Println("Failed to reply to request:", err)
+		if setErr := portUtil.Default.SetPortStatus(portToBind, false); setErr != nil {
+			log.Printf("Failed to reset port status: %v", setErr)
+		}
+		err = listener.Close()
+		if err != nil {
+			log.Printf("Failed to close listener: %s", err)
+			return
+		}
+		return
+	}
+
+	s.forwarder.SetType(types.TCP)
+	s.forwarder.SetListener(listener)
+	s.forwarder.SetForwardedPort(portToBind)
+	s.lifecycle.SetStatus(types.RUNNING)
+	go s.forwarder.AcceptTCPConnections()
+	s.interaction.Start()
+}
+
+func readSSHString(reader *bytes.Reader) (string, error) {
+	var length uint32
+	if err := binary.Read(reader, binary.BigEndian, &length); err != nil {
+		return "", err
+	}
+	strBytes := make([]byte, length)
+	if _, err := reader.Read(strBytes); err != nil {
+		return "", err
+	}
+	return string(strBytes), nil
+}
+
+func isBlockedPort(port uint16) bool {
+	if port == 80 || port == 443 {
+		return false
+	}
+	if port < 1024 && port != 0 {
+		return true
+	}
+	for _, p := range blockedReservedPorts {
+		if p == port {
+			return true
+		}
+	}
+	return false
+}

session/interaction/coming_soon.go

@@ -1,83 +0,0 @@
-package interaction
-
-import (
-	"strings"
-
-	"github.com/charmbracelet/bubbles/textinput"
-	tea "github.com/charmbracelet/bubbletea"
-	"github.com/charmbracelet/lipgloss"
-)
-
-func (m *model) comingSoonUpdate(msg tea.KeyMsg) (tea.Model, tea.Cmd) {
-	m.showingComingSoon = false
-	return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-}
-
-func (m *model) comingSoonView() string {
-	isCompact := shouldUseCompactLayout(m.width, 60)
-
-	var boxPadding int
-	var boxMargin int
-	if isCompact {
-		boxPadding = 1
-		boxMargin = 1
-	} else {
-		boxPadding = 3
-		boxMargin = 2
-	}
-
-	titleStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#7D56F4")).
-		PaddingTop(1).
-		PaddingBottom(1)
-
-	messageBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
-	messageBoxStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA")).
-		Background(lipgloss.Color("#1A1A2E")).
-		Bold(true).
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#7D56F4")).
-		Padding(1, boxPadding).
-		MarginTop(boxMargin).
-		MarginBottom(boxMargin).
-		Width(messageBoxWidth).
-		Align(lipgloss.Center)
-
-	helpStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#666666")).
-		Italic(true).
-		MarginTop(1)
-
-	var b strings.Builder
-	b.WriteString("\n\n")
-
-	var title string
-	if shouldUseCompactLayout(m.width, 40) {
-		title = "Coming Soon"
-	} else {
-		title = "⏳ Coming Soon"
-	}
-	b.WriteString(titleStyle.Render(title))
-	b.WriteString("\n\n")
-
-	var message string
-	if shouldUseCompactLayout(m.width, 50) {
-		message = "Coming soon!\nStay tuned."
-	} else {
-		message = "🚀 This feature is coming very soon!\n   Stay tuned for updates."
-	}
-	b.WriteString(messageBoxStyle.Render(message))
-	b.WriteString("\n\n")
-
-	var helpText string
-	if shouldUseCompactLayout(m.width, 60) {
-		helpText = "Press any key..."
-	} else {
-		helpText = "This message will disappear in 5 seconds or press any key..."
-	}
-	b.WriteString(helpStyle.Render(helpText))
-
-	return b.String()
-}

session/interaction/commands.go

@@ -1,83 +0,0 @@
-package interaction
-
-import (
-	"strings"
-	"time"
-
-	"github.com/charmbracelet/bubbles/key"
-	"github.com/charmbracelet/bubbles/textinput"
-	tea "github.com/charmbracelet/bubbletea"
-	"github.com/charmbracelet/lipgloss"
-)
-
-func (m *model) commandsUpdate(msg tea.KeyMsg) (tea.Model, tea.Cmd) {
-	var cmd tea.Cmd
-
-	switch {
-	case key.Matches(msg, m.keymap.quit):
-		m.showingCommands = false
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	case msg.String() == "enter":
-		selectedItem := m.commandList.SelectedItem()
-		if selectedItem != nil {
-			item := selectedItem.(commandItem)
-			if item.name == "slug" {
-				m.showingCommands = false
-				m.editingSlug = true
-				m.slugInput.SetValue(m.interaction.slug.String())
-				m.slugInput.Focus()
-				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-			} else if item.name == "tunnel-type" {
-				m.showingCommands = false
-				m.showingComingSoon = true
-				return m, tea.Batch(tickCmd(5*time.Second), tea.ClearScreen, textinput.Blink)
-			}
-			m.showingCommands = false
-			return m, nil
-		}
-	case msg.String() == "esc":
-		m.showingCommands = false
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	}
-	m.commandList, cmd = m.commandList.Update(msg)
-	return m, cmd
-}
-
-func (m *model) commandsView() string {
-	isCompact := shouldUseCompactLayout(m.width, 60)
-
-	titleStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#7D56F4")).
-		PaddingTop(1).
-		PaddingBottom(1)
-
-	helpStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#666666")).
-		Italic(true).
-		MarginTop(1)
-
-	var b strings.Builder
-	b.WriteString("\n")
-
-	var title string
-	if shouldUseCompactLayout(m.width, 40) {
-		title = "Commands"
-	} else {
-		title = "⚡ Commands"
-	}
-	b.WriteString(titleStyle.Render(title))
-	b.WriteString("\n\n")
-	b.WriteString(m.commandList.View())
-	b.WriteString("\n")
-
-	var helpText string
-	if isCompact {
-		helpText = "↑/↓ Nav • Enter Select • Esc Cancel"
-	} else {
-		helpText = "↑/↓ Navigate • Enter Select • Esc Cancel"
-	}
-	b.WriteString(helpStyle.Render(helpText))
-
-	return b.String()
-}

session/interaction/constants.go

@@ -0,0 +1,152 @@
+package interaction
+
+const (
+	backspaceChar    = 8
+	deleteChar       = 127
+	enterChar        = 13
+	escapeChar       = 27
+	ctrlC            = 3
+	forwardSlash     = '/'
+	minPrintableChar = 32
+	maxPrintableChar = 126
+
+	minSlugLength = 3
+	maxSlugLength = 20
+
+	clearScreen    = "\033[H\033[2J"
+	clearLine      = "\033[K"
+	clearToLineEnd = "\r\033[K"
+	backspaceSeq   = "\b \b"
+
+	minBoxWidth  = 50
+	paddingRight = 4
+)
+
+var forbiddenSlugs = map[string]struct{}{
+	"ping":          {},
+	"staging":       {},
+	"admin":         {},
+	"root":          {},
+	"api":           {},
+	"www":           {},
+	"support":       {},
+	"help":          {},
+	"status":        {},
+	"health":        {},
+	"login":         {},
+	"logout":        {},
+	"signup":        {},
+	"register":      {},
+	"settings":      {},
+	"config":        {},
+	"null":          {},
+	"undefined":     {},
+	"example":       {},
+	"test":          {},
+	"dev":           {},
+	"system":        {},
+	"administrator": {},
+	"dashboard":     {},
+	"account":       {},
+	"profile":       {},
+	"user":          {},
+	"users":         {},
+	"auth":          {},
+	"oauth":         {},
+	"callback":      {},
+	"webhook":       {},
+	"webhooks":      {},
+	"static":        {},
+	"assets":        {},
+	"cdn":           {},
+	"mail":          {},
+	"email":         {},
+	"ftp":           {},
+	"ssh":           {},
+	"git":           {},
+	"svn":           {},
+	"blog":          {},
+	"news":          {},
+	"about":         {},
+	"contact":       {},
+	"terms":         {},
+	"privacy":       {},
+	"legal":         {},
+	"billing":       {},
+	"payment":       {},
+	"checkout":      {},
+	"cart":          {},
+	"shop":          {},
+	"store":         {},
+	"download":      {},
+	"uploads":       {},
+	"images":        {},
+	"img":           {},
+	"css":           {},
+	"js":            {},
+	"fonts":         {},
+	"public":        {},
+	"private":       {},
+	"internal":      {},
+	"external":      {},
+	"proxy":         {},
+	"cache":         {},
+	"debug":         {},
+	"metrics":       {},
+	"monitoring":    {},
+	"graphql":       {},
+	"rest":          {},
+	"rpc":           {},
+	"socket":        {},
+	"ws":            {},
+	"wss":           {},
+	"app":           {},
+	"apps":          {},
+	"mobile":        {},
+	"desktop":       {},
+	"embed":         {},
+	"widget":        {},
+	"docs":          {},
+	"documentation": {},
+	"wiki":          {},
+	"forum":         {},
+	"community":     {},
+	"feedback":      {},
+	"report":        {},
+	"abuse":         {},
+	"spam":          {},
+	"security":      {},
+	"verify":        {},
+	"confirm":       {},
+	"reset":         {},
+	"password":      {},
+	"recovery":      {},
+	"unsubscribe":   {},
+	"subscribe":     {},
+	"notifications": {},
+	"alerts":        {},
+	"messages":      {},
+	"inbox":         {},
+	"outbox":        {},
+	"sent":          {},
+	"draft":         {},
+	"trash":         {},
+	"archive":       {},
+	"search":        {},
+	"explore":       {},
+	"discover":      {},
+	"trending":      {},
+	"popular":       {},
+	"featured":      {},
+	"new":           {},
+	"latest":        {},
+	"top":           {},
+	"best":          {},
+	"hot":           {},
+	"random":        {},
+	"all":           {},
+	"any":           {},
+	"none":          {},
+	"true":          {},
+	"false":         {},
+}

session/interaction/dashboard.go

@@ -1,186 +0,0 @@
-package interaction
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/charmbracelet/bubbles/key"
-	"github.com/charmbracelet/bubbles/textinput"
-	tea "github.com/charmbracelet/bubbletea"
-	"github.com/charmbracelet/lipgloss"
-)
-
-func (m *model) dashboardUpdate(msg tea.KeyMsg) (tea.Model, tea.Cmd) {
-	switch {
-	case key.Matches(msg, m.keymap.quit):
-		m.quitting = true
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink, tea.Quit)
-	case key.Matches(msg, m.keymap.command):
-		m.showingCommands = true
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	}
-	return m, nil
-}
-
-func (m *model) dashboardView() string {
-	titleStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#7D56F4")).
-		PaddingTop(1)
-
-	subtitleStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#888888")).
-		Italic(true)
-
-	urlStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#7D56F4")).
-		Underline(true).
-		Italic(true)
-
-	urlBoxStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#04B575")).
-		Bold(true).
-		Italic(true)
-
-	keyHintStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#7D56F4")).
-		Bold(true)
-
-	var b strings.Builder
-
-	isCompact := shouldUseCompactLayout(m.width, 85)
-
-	var asciiArtMargin int
-	if isCompact {
-		asciiArtMargin = 0
-	} else {
-		asciiArtMargin = 1
-	}
-
-	asciiArtStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#7D56F4")).
-		MarginBottom(asciiArtMargin)
-
-	var asciiArt string
-	if shouldUseCompactLayout(m.width, 50) {
-		asciiArt = "TUNNEL PLS"
-	} else if isCompact {
-		asciiArt = `
- ▀█▀ █ █ █▄ █ █▄ █ ██▀ █   ▄▀▀ █   ▄▀▀
-  █  ▀▄█ █ ▀█ █ ▀█ █▄▄ █▄▄ ▄█▀ █▄▄ ▄█▀`
-	} else {
-		asciiArt = `
- ████████╗██╗   ██╗███╗   ██╗███╗   ██╗███████╗██╗         ██████╗ ██╗     ███████╗
- ╚══██╔══╝██║   ██║████╗  ██║████╗  ██║██╔════╝██║         ██╔══██╗██║     ██╔════╝
-    ██║   ██║   ██║██╔██╗ ██║██╔██╗ ██║█████╗  ██║         ██████╔╝██║     ███████╗
-    ██║   ██║   ██║██║╚██╗██║██║╚██╗██║██╔══╝  ██║         ██╔═══╝ ██║     ╚════██║
-    ██║   ╚██████╔╝██║ ╚████║██║ ╚████║███████╗███████╗    ██║     ███████╗███████║
-    ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚══════╝    ╚═╝     ╚══════╝╚══════╝`
-	}
-
-	b.WriteString(asciiArtStyle.Render(asciiArt))
-	b.WriteString("\n")
-
-	if !shouldUseCompactLayout(m.width, 60) {
-		b.WriteString(subtitleStyle.Render("Secure tunnel service by Bagas • "))
-		b.WriteString(urlStyle.Render("https://fossy.my.id"))
-		b.WriteString("\n\n")
-	} else {
-		b.WriteString("\n")
-	}
-
-	boxMaxWidth := getResponsiveWidth(m.width, 10, 40, 80)
-	var boxPadding int
-	var boxMargin int
-	if isCompact {
-		boxPadding = 1
-		boxMargin = 1
-	} else {
-		boxPadding = 2
-		boxMargin = 2
-	}
-
-	responsiveInfoBox := lipgloss.NewStyle().
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#7D56F4")).
-		Padding(1, boxPadding).
-		MarginTop(boxMargin).
-		MarginBottom(boxMargin).
-		Width(boxMaxWidth)
-
-	authenticatedUser := m.interaction.user
-
-	userInfoStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA")).
-		Bold(true)
-
-	sectionHeaderStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#888888")).
-		Bold(true)
-
-	addressStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA"))
-
-	var infoContent string
-	if shouldUseCompactLayout(m.width, 70) {
-		infoContent = fmt.Sprintf("👤 %s\n\n%s\n%s",
-			userInfoStyle.Render(authenticatedUser),
-			sectionHeaderStyle.Render("🌐 FORWARDING ADDRESS:"),
-			addressStyle.Render(fmt.Sprintf("   %s", urlBoxStyle.Render(m.getTunnelURL()))))
-	} else {
-		infoContent = fmt.Sprintf("👤  Authenticated as: %s\n\n%s\n     %s",
-			userInfoStyle.Render(authenticatedUser),
-			sectionHeaderStyle.Render("🌐  FORWARDING ADDRESS:"),
-			addressStyle.Render(urlBoxStyle.Render(m.getTunnelURL())))
-	}
-
-	b.WriteString(responsiveInfoBox.Render(infoContent))
-	b.WriteString("\n")
-
-	var quickActionsTitle string
-	if shouldUseCompactLayout(m.width, 50) {
-		quickActionsTitle = "Actions"
-	} else if isCompact {
-		quickActionsTitle = "Quick Actions"
-	} else {
-		quickActionsTitle = "✨ Quick Actions"
-	}
-	b.WriteString(titleStyle.Render(quickActionsTitle))
-	b.WriteString("\n")
-
-	var featureMargin int
-	if isCompact {
-		featureMargin = 1
-	} else {
-		featureMargin = 2
-	}
-
-	compactFeatureStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA")).
-		MarginLeft(featureMargin)
-
-	var commandsText string
-	var quitText string
-	if shouldUseCompactLayout(m.width, 60) {
-		commandsText = fmt.Sprintf("  %s  Commands", keyHintStyle.Render("[C]"))
-		quitText = fmt.Sprintf("  %s  Quit", keyHintStyle.Render("[Q]"))
-	} else {
-		commandsText = fmt.Sprintf("  %s  Open commands menu", keyHintStyle.Render("[C]"))
-		quitText = fmt.Sprintf("  %s  Quit application", keyHintStyle.Render("[Q]"))
-	}
-
-	b.WriteString(compactFeatureStyle.Render(commandsText))
-	b.WriteString("\n")
-	b.WriteString(compactFeatureStyle.Render(quitText))
-
-	if !shouldUseCompactLayout(m.width, 70) {
-		b.WriteString("\n\n")
-		footerStyle := lipgloss.NewStyle().
-			Foreground(lipgloss.Color("#666666")).
-			Italic(true)
-		b.WriteString(footerStyle.Render("Press 'C' to customize your tunnel settings"))
-	}
-
-	return b.String()
-}

session/interaction/interaction.go

@@ -2,8 +2,12 @@ package interaction
 
 import (
 	"context"
+	"fmt"
 	"log"
+	"strings"
+	"time"
 	"tunnel_pls/internal/config"
+	"tunnel_pls/internal/random"
 	"tunnel_pls/session/slug"
 	"tunnel_pls/types"
 
@@ -17,56 +21,36 @@ import (
 	"golang.org/x/crypto/ssh"
 )
 
-type Interaction interface {
+type Lifecycle interface {
-	Mode() types.Mode
+	Close() error
-	SetChannel(channel ssh.Channel)
-	SetMode(m types.Mode)
-	SetWH(w, h int)
-	Start()
-	Redraw()
-	Send(message string) error
 }
 
-type SessionRegistry interface {
+type Controller interface {
-	Update(user string, oldKey, newKey types.SessionKey) error
+	SetChannel(channel ssh.Channel)
+	SetLifecycle(lifecycle Lifecycle)
+	SetSlugModificator(func(oldSlug, newSlug string) bool)
+	Start()
+	SetWH(w, h int)
 }
 
 type Forwarder interface {
 	Close() error
-	TunnelType() types.TunnelType
+	GetTunnelType() types.TunnelType
-	ForwardedPort() uint16
+	GetForwardedPort() uint16
 }
 
-type CloseFunc func() error
+type Interaction struct {
-type interaction struct {
 	channel          ssh.Channel
-	slug            slug.Slug
+	slugManager      slug.Manager
 	forwarder        Forwarder
-	closeFunc       CloseFunc
+	lifecycle        Lifecycle
-	user            string
+	updateClientSlug func(oldSlug, newSlug string) bool
-	sessionRegistry SessionRegistry
 	program          *tea.Program
 	ctx              context.Context
 	cancel           context.CancelFunc
-	mode            types.Mode
 }
 
-func (i *interaction) SetMode(m types.Mode) {
+func (i *Interaction) SetWH(w, h int) {
-	i.mode = m
-}
-
-func (i *interaction) Mode() types.Mode {
-	return i.mode
-}
-
-func (i *interaction) Send(message string) error {
-	if i.channel != nil {
-		_, err := i.channel.Write([]byte(message))
-		return err
-	}
-	return nil
-}
-func (i *interaction) SetWH(w, h int) {
 	if i.program != nil {
 		i.program.Send(tea.WindowSizeMsg{
 			Width:  w,
@@ -75,26 +59,66 @@ func (i *interaction) SetWH(w, h int) {
 	}
 }
 
-func New(slug slug.Slug, forwarder Forwarder, sessionRegistry SessionRegistry, user string, closeFunc CloseFunc) Interaction {
+type commandItem struct {
+	name string
+	desc string
+}
+
+type model struct {
+	tunnelURL         string
+	domain            string
+	protocol          string
+	tunnelType        types.TunnelType
+	port              uint16
+	keymap            keymap
+	help              help.Model
+	quitting          bool
+	showingCommands   bool
+	editingSlug       bool
+	showingComingSoon bool
+	commandList       list.Model
+	slugInput         textinput.Model
+	slugError         string
+	interaction       *Interaction
+	width             int
+	height            int
+}
+
+type keymap struct {
+	quit    key.Binding
+	command key.Binding
+	random  key.Binding
+}
+
+type tickMsg time.Time
+
+func NewInteraction(slugManager slug.Manager, forwarder Forwarder) *Interaction {
 	ctx, cancel := context.WithCancel(context.Background())
-	return &interaction{
+	return &Interaction{
 		channel:          nil,
-		slug:            slug,
+		slugManager:      slugManager,
 		forwarder:        forwarder,
-		closeFunc:       closeFunc,
+		lifecycle:        nil,
-		user:            user,
+		updateClientSlug: nil,
-		sessionRegistry: sessionRegistry,
 		program:          nil,
 		ctx:              ctx,
 		cancel:           cancel,
 	}
 }
 
-func (i *interaction) SetChannel(channel ssh.Channel) {
+func (i *Interaction) SetLifecycle(lifecycle Lifecycle) {
+	i.lifecycle = lifecycle
+}
+
+func (i *Interaction) SetChannel(channel ssh.Channel) {
 	i.channel = channel
 }
 
-func (i *interaction) Stop() {
+func (i *Interaction) SetSlugModificator(modificator func(oldSlug, newSlug string) (success bool)) {
+	i.updateClientSlug = modificator
+}
+
+func (i *Interaction) Stop() {
 	if i.cancel != nil {
 		i.cancel()
 	}
@@ -104,7 +128,47 @@ func (i *interaction) Stop() {
 	}
 }
 
-func (m *model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
+func getResponsiveWidth(screenWidth, padding, minWidth, maxWidth int) int {
+	width := screenWidth - padding
+	if width > maxWidth {
+		width = maxWidth
+	}
+	if width < minWidth {
+		width = minWidth
+	}
+	return width
+}
+
+func shouldUseCompactLayout(width int, threshold int) bool {
+	return width < threshold
+}
+
+func truncateString(s string, maxLength int) string {
+	if len(s) <= maxLength {
+		return s
+	}
+	if maxLength < 4 {
+		return s[:maxLength]
+	}
+	return s[:maxLength-3] + "..."
+}
+
+func (i commandItem) FilterValue() string { return i.name }
+func (i commandItem) Title() string       { return i.name }
+func (i commandItem) Description() string { return i.desc }
+
+func tickCmd(d time.Duration) tea.Cmd {
+	return tea.Tick(d, func(t time.Time) tea.Msg {
+		return tickMsg(t)
+	})
+}
+
+func (m model) Init() tea.Cmd {
+	return tea.Batch(textinput.Blink, tea.WindowSize())
+}
+
+func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
+	var cmd tea.Cmd
 
 	switch msg := msg.(type) {
 	case tickMsg:
@@ -130,53 +194,538 @@ func (m *model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
 
 	case tea.KeyMsg:
 		if m.showingComingSoon {
-			return m.comingSoonUpdate(msg)
+			m.showingComingSoon = false
+			return m, tea.Batch(tea.ClearScreen, textinput.Blink)
 		}
 
 		if m.editingSlug {
-			return m.slugUpdate(msg)
+			if m.tunnelType != types.HTTP {
+				m.editingSlug = false
+				m.slugError = ""
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			}
+			switch msg.String() {
+			case "esc":
+				m.editingSlug = false
+				m.slugError = ""
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			case "enter":
+				inputValue := m.slugInput.Value()
+
+				if isForbiddenSlug(inputValue) {
+					m.slugError = "This subdomain is reserved. Please choose a different one."
+					return m, nil
+				} else if !isValidSlug(inputValue) {
+					m.slugError = "Invalid subdomain. Follow the rules."
+					return m, nil
+				}
+
+				if !m.interaction.updateClientSlug(m.interaction.slugManager.Get(), inputValue) {
+					m.slugError = "Someone already uses this subdomain."
+					return m, nil
+				}
+
+				m.tunnelURL = buildURL(m.protocol, inputValue, m.domain)
+				m.editingSlug = false
+				m.slugError = ""
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			case "ctrl+c":
+				m.editingSlug = false
+				m.slugError = ""
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			default:
+				if key.Matches(msg, m.keymap.random) {
+					newSubdomain := generateRandomSubdomain()
+					m.slugInput.SetValue(newSubdomain)
+					m.slugError = ""
+					m.slugInput, cmd = m.slugInput.Update(msg)
+					return m, cmd
+				}
+				m.slugError = ""
+				m.slugInput, cmd = m.slugInput.Update(msg)
+				return m, cmd
+			}
 		}
 
 		if m.showingCommands {
-			return m.commandsUpdate(msg)
+			switch {
+			case key.Matches(msg, m.keymap.quit):
+				m.showingCommands = false
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			case msg.String() == "enter":
+				selectedItem := m.commandList.SelectedItem()
+				if selectedItem != nil {
+					item := selectedItem.(commandItem)
+					if item.name == "slug" {
+						m.showingCommands = false
+						m.editingSlug = true
+						m.slugInput.SetValue(m.interaction.slugManager.Get())
+						m.slugInput.Focus()
+						return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+					} else if item.name == "tunnel-type" {
+						m.showingCommands = false
+						m.showingComingSoon = true
+						return m, tea.Batch(tickCmd(5*time.Second), tea.ClearScreen, textinput.Blink)
+					}
+					m.showingCommands = false
+					return m, nil
+				}
+			case msg.String() == "esc":
+				m.showingCommands = false
+				return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+			}
+			m.commandList, cmd = m.commandList.Update(msg)
+			return m, cmd
 		}
 
-		return m.dashboardUpdate(msg)
+		switch {
+		case key.Matches(msg, m.keymap.quit):
+			m.quitting = true
+			return m, tea.Batch(tea.ClearScreen, textinput.Blink, tea.Quit)
+		case key.Matches(msg, m.keymap.command):
+			m.showingCommands = true
+			return m, tea.Batch(tea.ClearScreen, textinput.Blink)
+		}
 	}
 
 	return m, nil
 }
 
-func (i *interaction) Redraw() {
+func (m model) helpView() string {
-	if i.program != nil {
+	return "\n" + m.help.ShortHelpView([]key.Binding{
-		i.program.Send(tea.ClearScreen())
+		m.keymap.command,
-	}
+		m.keymap.quit,
+	})
 }
 
-func (m *model) View() string {
+func (m model) View() string {
 	if m.quitting {
 		return ""
 	}
 
 	if m.showingComingSoon {
-		return m.comingSoonView()
+		isCompact := shouldUseCompactLayout(m.width, 60)
+
+		var boxPadding int
+		var boxMargin int
+		if isCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else {
+			boxPadding = 3
+			boxMargin = 2
+		}
+
+		titleStyle := lipgloss.NewStyle().
+			Bold(true).
+			Foreground(lipgloss.Color("#7D56F4")).
+			PaddingTop(1).
+			PaddingBottom(1)
+
+		messageBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
+		messageBoxStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#FAFAFA")).
+			Background(lipgloss.Color("#1A1A2E")).
+			Bold(true).
+			Border(lipgloss.RoundedBorder()).
+			BorderForeground(lipgloss.Color("#7D56F4")).
+			Padding(1, boxPadding).
+			MarginTop(boxMargin).
+			MarginBottom(boxMargin).
+			Width(messageBoxWidth).
+			Align(lipgloss.Center)
+
+		helpStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#666666")).
+			Italic(true).
+			MarginTop(1)
+
+		var b strings.Builder
+		b.WriteString("\n\n")
+
+		var title string
+		if shouldUseCompactLayout(m.width, 40) {
+			title = "Coming Soon"
+		} else {
+			title = "⏳ Coming Soon"
+		}
+		b.WriteString(titleStyle.Render(title))
+		b.WriteString("\n\n")
+
+		var message string
+		if shouldUseCompactLayout(m.width, 50) {
+			message = "Coming soon!\nStay tuned."
+		} else {
+			message = "🚀 This feature is coming very soon!\n   Stay tuned for updates."
+		}
+		b.WriteString(messageBoxStyle.Render(message))
+		b.WriteString("\n\n")
+
+		var helpText string
+		if shouldUseCompactLayout(m.width, 60) {
+			helpText = "Press any key..."
+		} else {
+			helpText = "This message will disappear in 5 seconds or press any key..."
+		}
+		b.WriteString(helpStyle.Render(helpText))
+
+		return b.String()
 	}
 
 	if m.editingSlug {
-		return m.slugView()
+		isCompact := shouldUseCompactLayout(m.width, 70)
+		isVeryCompact := shouldUseCompactLayout(m.width, 50)
+
+		var boxPadding int
+		var boxMargin int
+		if isVeryCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else if isCompact {
+			boxPadding = 1
+			boxMargin = 1
+		} else {
+			boxPadding = 2
+			boxMargin = 2
+		}
+
+		titleStyle := lipgloss.NewStyle().
+			Bold(true).
+			Foreground(lipgloss.Color("#7D56F4")).
+			PaddingTop(1).
+			PaddingBottom(1)
+
+		instructionStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#FAFAFA")).
+			MarginTop(1)
+
+		inputBoxStyle := lipgloss.NewStyle().
+			Border(lipgloss.RoundedBorder()).
+			BorderForeground(lipgloss.Color("#7D56F4")).
+			Padding(1, boxPadding).
+			MarginTop(boxMargin).
+			MarginBottom(boxMargin)
+
+		helpStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#666666")).
+			Italic(true).
+			MarginTop(1)
+
+		errorBoxStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#FF0000")).
+			Background(lipgloss.Color("#3D0000")).
+			Bold(true).
+			Border(lipgloss.RoundedBorder()).
+			BorderForeground(lipgloss.Color("#FF0000")).
+			Padding(0, boxPadding).
+			MarginTop(1).
+			MarginBottom(1)
+
+		rulesBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
+		rulesBoxStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#FAFAFA")).
+			Border(lipgloss.RoundedBorder()).
+			BorderForeground(lipgloss.Color("#7D56F4")).
+			Padding(0, boxPadding).
+			MarginTop(1).
+			MarginBottom(1).
+			Width(rulesBoxWidth)
+
+		var b strings.Builder
+		var title string
+		if isVeryCompact {
+			title = "Edit Subdomain"
+		} else {
+			title = "🔧 Edit Subdomain"
+		}
+		b.WriteString(titleStyle.Render(title))
+		b.WriteString("\n\n")
+
+		if m.tunnelType != types.HTTP {
+			warningBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
+			warningBoxStyle := lipgloss.NewStyle().
+				Foreground(lipgloss.Color("#FFA500")).
+				Background(lipgloss.Color("#3D2000")).
+				Bold(true).
+				Border(lipgloss.RoundedBorder()).
+				BorderForeground(lipgloss.Color("#FFA500")).
+				Padding(1, boxPadding).
+				MarginTop(boxMargin).
+				MarginBottom(boxMargin).
+				Width(warningBoxWidth)
+
+			var warningText string
+			if isVeryCompact {
+				warningText = "⚠️ TCP tunnels don't support custom subdomains."
+			} else {
+				warningText = "⚠️ TCP tunnels cannot have custom subdomains. Only HTTP/HTTPS tunnels support subdomain customization."
+			}
+			b.WriteString(warningBoxStyle.Render(warningText))
+			b.WriteString("\n\n")
+
+			var helpText string
+			if isVeryCompact {
+				helpText = "Press any key to go back"
+			} else {
+				helpText = "Press Enter or Esc to go back"
+			}
+			b.WriteString(helpStyle.Render(helpText))
+			return b.String()
+		}
+
+		var rulesContent string
+		if isVeryCompact {
+			rulesContent = "Rules:\n3-20 chars\na-z, 0-9, -\nNo leading/trailing -"
+		} else if isCompact {
+			rulesContent = "📋 Rules:\n  • 3-20 chars\n  • a-z, 0-9, -\n  • No leading/trailing -"
+		} else {
+			rulesContent = "📋 Rules: \n\t• 3-20 chars \n\t• a-z, 0-9, - \n\t• No leading/trailing -"
+		}
+		b.WriteString(rulesBoxStyle.Render(rulesContent))
+		b.WriteString("\n")
+
+		var instruction string
+		if isVeryCompact {
+			instruction = "Custom subdomain:"
+		} else {
+			instruction = "Enter your custom subdomain:"
+		}
+		b.WriteString(instructionStyle.Render(instruction))
+		b.WriteString("\n")
+
+		if m.slugError != "" {
+			errorInputBoxStyle := lipgloss.NewStyle().
+				Border(lipgloss.RoundedBorder()).
+				BorderForeground(lipgloss.Color("#FF0000")).
+				Padding(1, boxPadding).
+				MarginTop(boxMargin).
+				MarginBottom(1)
+			b.WriteString(errorInputBoxStyle.Render(m.slugInput.View()))
+			b.WriteString("\n")
+			b.WriteString(errorBoxStyle.Render("❌ " + m.slugError))
+			b.WriteString("\n")
+		} else {
+			b.WriteString(inputBoxStyle.Render(m.slugInput.View()))
+			b.WriteString("\n")
+		}
+
+		previewURL := buildURL(m.protocol, m.slugInput.Value(), m.domain)
+		previewWidth := getResponsiveWidth(m.width, 10, 30, 80)
+
+		if len(previewURL) > previewWidth-10 {
+			previewURL = truncateString(previewURL, previewWidth-10)
+		}
+
+		previewStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#04B575")).
+			Italic(true).
+			Width(previewWidth)
+		b.WriteString(previewStyle.Render(fmt.Sprintf("Preview: %s", previewURL)))
+		b.WriteString("\n")
+
+		var helpText string
+		if isVeryCompact {
+			helpText = "Enter: save • CTRL+R: random • Esc: cancel"
+		} else {
+			helpText = "Press Enter to save • CTRL+R for random • Esc to cancel"
+		}
+		b.WriteString(helpStyle.Render(helpText))
+
+		return b.String()
 	}
 
 	if m.showingCommands {
-		return m.commandsView()
+		isCompact := shouldUseCompactLayout(m.width, 60)
+
+		titleStyle := lipgloss.NewStyle().
+			Bold(true).
+			Foreground(lipgloss.Color("#7D56F4")).
+			PaddingTop(1).
+			PaddingBottom(1)
+
+		helpStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#666666")).
+			Italic(true).
+			MarginTop(1)
+
+		var b strings.Builder
+		b.WriteString("\n")
+
+		var title string
+		if shouldUseCompactLayout(m.width, 40) {
+			title = "Commands"
+		} else {
+			title = "⚡ Commands"
+		}
+		b.WriteString(titleStyle.Render(title))
+		b.WriteString("\n\n")
+		b.WriteString(m.commandList.View())
+		b.WriteString("\n")
+
+		var helpText string
+		if isCompact {
+			helpText = "↑/↓ Nav • Enter Select • Esc Cancel"
+		} else {
+			helpText = "↑/↓ Navigate • Enter Select • Esc Cancel"
+		}
+		b.WriteString(helpStyle.Render(helpText))
+
+		return b.String()
 	}
 
-	return m.dashboardView()
+	titleStyle := lipgloss.NewStyle().
+		Bold(true).
+		Foreground(lipgloss.Color("#7D56F4")).
+		PaddingTop(1)
+
+	subtitleStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#888888")).
+		Italic(true)
+
+	urlStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#7D56F4")).
+		Underline(true).
+		Italic(true)
+
+	urlBoxStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#04B575")).
+		Bold(true).
+		Italic(true)
+
+	keyHintStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#7D56F4")).
+		Bold(true)
+
+	var b strings.Builder
+
+	isCompact := shouldUseCompactLayout(m.width, 85)
+
+	var asciiArtMargin int
+	if isCompact {
+		asciiArtMargin = 0
+	} else {
+		asciiArtMargin = 1
+	}
+
+	asciiArtStyle := lipgloss.NewStyle().
+		Bold(true).
+		Foreground(lipgloss.Color("#7D56F4")).
+		MarginBottom(asciiArtMargin)
+
+	var asciiArt string
+	if shouldUseCompactLayout(m.width, 50) {
+		asciiArt = "TUNNEL PLS"
+	} else if isCompact {
+		asciiArt = `
+ ▀█▀ █ █ █▄ █ █▄ █ ██▀ █   ▄▀▀ █   ▄▀▀
+  █  ▀▄█ █ ▀█ █ ▀█ █▄▄ █▄▄ ▄█▀ █▄▄ ▄█▀`
+	} else {
+		asciiArt = `
+ ████████╗██╗   ██╗███╗   ██╗███╗   ██╗███████╗██╗         ██████╗ ██╗     ███████╗
+ ╚══██╔══╝██║   ██║████╗  ██║████╗  ██║██╔════╝██║         ██╔══██╗██║     ██╔════╝
+    ██║   ██║   ██║██╔██╗ ██║██╔██╗ ██║█████╗  ██║         ██████╔╝██║     ███████╗
+    ██║   ██║   ██║██║╚██╗██║██║╚██╗██║██╔══╝  ██║         ██╔═══╝ ██║     ╚════██║
+    ██║   ╚██████╔╝██║ ╚████║██║ ╚████║███████╗███████╗    ██║     ███████╗███████║
+    ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚══════╝    ╚═╝     ╚══════╝╚══════╝`
+	}
+
+	b.WriteString(asciiArtStyle.Render(asciiArt))
+	b.WriteString("\n")
+
+	if !shouldUseCompactLayout(m.width, 60) {
+		b.WriteString(subtitleStyle.Render("Secure tunnel service by Bagas • "))
+		b.WriteString(urlStyle.Render("https://fossy.my.id"))
+		b.WriteString("\n\n")
+	} else {
+		b.WriteString("\n")
+	}
+
+	boxMaxWidth := getResponsiveWidth(m.width, 10, 40, 80)
+	var boxPadding int
+	var boxMargin int
+	if isCompact {
+		boxPadding = 1
+		boxMargin = 1
+	} else {
+		boxPadding = 2
+		boxMargin = 2
+	}
+
+	responsiveInfoBox := lipgloss.NewStyle().
+		Border(lipgloss.RoundedBorder()).
+		BorderForeground(lipgloss.Color("#7D56F4")).
+		Padding(1, boxPadding).
+		MarginTop(boxMargin).
+		MarginBottom(boxMargin).
+		Width(boxMaxWidth)
+
+	urlDisplay := m.tunnelURL
+	if shouldUseCompactLayout(m.width, 80) && len(m.tunnelURL) > m.width-20 {
+		maxLen := m.width - 25
+		if maxLen > 10 {
+			urlDisplay = truncateString(m.tunnelURL, maxLen)
+		}
+	}
+
+	var infoContent string
+	if shouldUseCompactLayout(m.width, 70) {
+		infoContent = fmt.Sprintf("🌐 %s", urlBoxStyle.Render(urlDisplay))
+	} else if isCompact {
+		infoContent = fmt.Sprintf("🌐  Forwarding to:\n\n     %s", urlBoxStyle.Render(urlDisplay))
+	} else {
+		infoContent = fmt.Sprintf("🌐  F O R W A R D I N G   T O:\n\n     %s", urlBoxStyle.Render(urlDisplay))
+	}
+	b.WriteString(responsiveInfoBox.Render(infoContent))
+	b.WriteString("\n")
+
+	var quickActionsTitle string
+	if shouldUseCompactLayout(m.width, 50) {
+		quickActionsTitle = "Actions"
+	} else if isCompact {
+		quickActionsTitle = "Quick Actions"
+	} else {
+		quickActionsTitle = "✨ Quick Actions"
+	}
+	b.WriteString(titleStyle.Render(quickActionsTitle))
+	b.WriteString("\n")
+
+	var featureMargin int
+	if isCompact {
+		featureMargin = 1
+	} else {
+		featureMargin = 2
+	}
+
+	compactFeatureStyle := lipgloss.NewStyle().
+		Foreground(lipgloss.Color("#FAFAFA")).
+		MarginLeft(featureMargin)
+
+	var commandsText string
+	var quitText string
+	if shouldUseCompactLayout(m.width, 60) {
+		commandsText = fmt.Sprintf("  %s  Commands", keyHintStyle.Render("[C]"))
+		quitText = fmt.Sprintf("  %s  Quit", keyHintStyle.Render("[Q]"))
+	} else {
+		commandsText = fmt.Sprintf("  %s  Open commands menu", keyHintStyle.Render("[C]"))
+		quitText = fmt.Sprintf("  %s  Quit application", keyHintStyle.Render("[Q]"))
+	}
+
+	b.WriteString(compactFeatureStyle.Render(commandsText))
+	b.WriteString("\n")
+	b.WriteString(compactFeatureStyle.Render(quitText))
+
+	if !shouldUseCompactLayout(m.width, 70) {
+		b.WriteString("\n\n")
+		footerStyle := lipgloss.NewStyle().
+			Foreground(lipgloss.Color("#666666")).
+			Italic(true)
+		b.WriteString(footerStyle.Render("Press 'C' to customize your tunnel settings"))
+	}
+
+	return b.String()
 }
 
-func (i *interaction) Start() {
+func (i *Interaction) Start() {
-	if i.mode == types.HEADLESS {
-		return
-	}
 	lipgloss.SetColorProfile(termenv.TrueColor)
 
 	domain := config.Getenv("DOMAIN", "localhost")
@@ -185,8 +734,15 @@ func (i *interaction) Start() {
 		protocol = "https"
 	}
 
-	tunnelType := i.forwarder.TunnelType()
+	tunnelType := i.forwarder.GetTunnelType()
-	port := i.forwarder.ForwardedPort()
+	port := i.forwarder.GetForwardedPort()
+
+	var tunnelURL string
+	if tunnelType == types.HTTP {
+		tunnelURL = buildURL(protocol, i.slugManager.Get(), domain)
+	} else {
+		tunnelURL = fmt.Sprintf("tcp://%s:%d", domain, port)
+	}
 
 	items := []list.Item{
 		commandItem{name: "slug", desc: "Set custom subdomain"},
@@ -208,7 +764,8 @@ func (i *interaction) Start() {
 	ti.CharLimit = 20
 	ti.Width = 50
 
-	m := &model{
+	m := model{
+		tunnelURL:   tunnelURL,
 		domain:      domain,
 		protocol:    protocol,
 		tunnelType:  tunnelType,
@@ -250,9 +807,42 @@ func (i *interaction) Start() {
 	}
 	i.program.Kill()
 	i.program = nil
-	if i.closeFunc != nil {
+	if err := m.interaction.lifecycle.Close(); err != nil {
-		if err := i.closeFunc(); err != nil {
 		log.Printf("Cannot close session: %s \n", err)
 	}
-	}
+}
+
+func buildURL(protocol, subdomain, domain string) string {
+	return fmt.Sprintf("%s://%s.%s", protocol, subdomain, domain)
+}
+
+func generateRandomSubdomain() string {
+	return random.GenerateRandomString(20)
+}
+
+func isValidSlug(slug string) bool {
+	if len(slug) < minSlugLength || len(slug) > maxSlugLength {
+		return false
+	}
+
+	if slug[0] == '-' || slug[len(slug)-1] == '-' {
+		return false
+	}
+
+	for _, c := range slug {
+		if !isValidSlugChar(byte(c)) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func isValidSlugChar(c byte) bool {
+	return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
+}
+
+func isForbiddenSlug(slug string) bool {
+	_, ok := forbiddenSlugs[slug]
+	return ok
 }

session/interaction/model.go

@@ -1,95 +0,0 @@
-package interaction
-
-import (
-	"fmt"
-	"time"
-	"tunnel_pls/types"
-
-	"github.com/charmbracelet/bubbles/help"
-	"github.com/charmbracelet/bubbles/key"
-	"github.com/charmbracelet/bubbles/list"
-	"github.com/charmbracelet/bubbles/textinput"
-	tea "github.com/charmbracelet/bubbletea"
-)
-
-type commandItem struct {
-	name string
-	desc string
-}
-
-func (i commandItem) FilterValue() string { return i.name }
-func (i commandItem) Title() string       { return i.name }
-func (i commandItem) Description() string { return i.desc }
-
-type model struct {
-	domain            string
-	protocol          string
-	tunnelType        types.TunnelType
-	port              uint16
-	keymap            keymap
-	help              help.Model
-	quitting          bool
-	showingCommands   bool
-	editingSlug       bool
-	showingComingSoon bool
-	commandList       list.Model
-	slugInput         textinput.Model
-	slugError         string
-	interaction       *interaction
-	width             int
-	height            int
-}
-
-func (m *model) getTunnelURL() string {
-	if m.tunnelType == types.HTTP {
-		return buildURL(m.protocol, m.interaction.slug.String(), m.domain)
-	}
-	return fmt.Sprintf("tcp://%s:%d", m.domain, m.port)
-}
-
-type keymap struct {
-	quit    key.Binding
-	command key.Binding
-	random  key.Binding
-}
-
-type tickMsg time.Time
-
-func (m *model) Init() tea.Cmd {
-	return tea.Batch(textinput.Blink, tea.WindowSize())
-}
-
-func getResponsiveWidth(screenWidth, padding, minWidth, maxWidth int) int {
-	width := screenWidth - padding
-	if width > maxWidth {
-		width = maxWidth
-	}
-	if width < minWidth {
-		width = minWidth
-	}
-	return width
-}
-
-func shouldUseCompactLayout(width int, threshold int) bool {
-	return width < threshold
-}
-
-func truncateString(s string, maxLength int) string {
-	if len(s) <= maxLength {
-		return s
-	}
-	if maxLength < 4 {
-		return s[:maxLength]
-	}
-	return s[:maxLength-3] + "..."
-}
-
-func tickCmd(d time.Duration) tea.Cmd {
-	return tea.Tick(d, func(t time.Time) tea.Msg {
-		return tickMsg(t)
-	})
-}
-
-func buildURL(protocol, subdomain, domain string) string {
-	return fmt.Sprintf("%s://%s.%s", protocol, subdomain, domain)
-}

session/interaction/slug.go

@@ -1,224 +0,0 @@
-package interaction
-
-import (
-	"fmt"
-	"strings"
-	"tunnel_pls/internal/random"
-	"tunnel_pls/types"
-
-	"github.com/charmbracelet/bubbles/key"
-	"github.com/charmbracelet/bubbles/textinput"
-	tea "github.com/charmbracelet/bubbletea"
-	"github.com/charmbracelet/lipgloss"
-)
-
-func (m *model) slugUpdate(msg tea.KeyMsg) (tea.Model, tea.Cmd) {
-	var cmd tea.Cmd
-
-	if m.tunnelType != types.HTTP {
-		m.editingSlug = false
-		m.slugError = ""
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	}
-
-	switch msg.String() {
-	case "esc":
-		m.editingSlug = false
-		m.slugError = ""
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	case "enter":
-		inputValue := m.slugInput.Value()
-		if err := m.interaction.sessionRegistry.Update(m.interaction.user, types.SessionKey{
-			Id:   m.interaction.slug.String(),
-			Type: types.HTTP,
-		}, types.SessionKey{
-			Id:   inputValue,
-			Type: types.HTTP,
-		}); err != nil {
-			m.slugError = err.Error()
-			return m, nil
-		}
-		m.editingSlug = false
-		m.slugError = ""
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	case "ctrl+c":
-		m.editingSlug = false
-		m.slugError = ""
-		return m, tea.Batch(tea.ClearScreen, textinput.Blink)
-	default:
-		if key.Matches(msg, m.keymap.random) {
-			newSubdomain, err := random.GenerateRandomString(20)
-			if err != nil {
-				return m, cmd
-			}
-			m.slugInput.SetValue(newSubdomain)
-			m.slugError = ""
-			m.slugInput, cmd = m.slugInput.Update(msg)
-		}
-		m.slugError = ""
-		m.slugInput, cmd = m.slugInput.Update(msg)
-		return m, cmd
-	}
-}
-
-func (m *model) slugView() string {
-	isCompact := shouldUseCompactLayout(m.width, 70)
-	isVeryCompact := shouldUseCompactLayout(m.width, 50)
-
-	var boxPadding int
-	var boxMargin int
-	if isVeryCompact {
-		boxPadding = 1
-		boxMargin = 1
-	} else if isCompact {
-		boxPadding = 1
-		boxMargin = 1
-	} else {
-		boxPadding = 2
-		boxMargin = 2
-	}
-
-	titleStyle := lipgloss.NewStyle().
-		Bold(true).
-		Foreground(lipgloss.Color("#7D56F4")).
-		PaddingTop(1).
-		PaddingBottom(1)
-
-	instructionStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA")).
-		MarginTop(1)
-
-	inputBoxStyle := lipgloss.NewStyle().
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#7D56F4")).
-		Padding(1, boxPadding).
-		MarginTop(boxMargin).
-		MarginBottom(boxMargin)
-
-	helpStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#666666")).
-		Italic(true).
-		MarginTop(1)
-
-	errorBoxStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FF0000")).
-		Background(lipgloss.Color("#3D0000")).
-		Bold(true).
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#FF0000")).
-		Padding(0, boxPadding).
-		MarginTop(1).
-		MarginBottom(1)
-
-	rulesBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
-	rulesBoxStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#FAFAFA")).
-		Border(lipgloss.RoundedBorder()).
-		BorderForeground(lipgloss.Color("#7D56F4")).
-		Padding(0, boxPadding).
-		MarginTop(1).
-		MarginBottom(1).
-		Width(rulesBoxWidth)
-
-	var b strings.Builder
-	var title string
-	if isVeryCompact {
-		title = "Edit Subdomain"
-	} else {
-		title = "🔧 Edit Subdomain"
-	}
-	b.WriteString(titleStyle.Render(title))
-	b.WriteString("\n\n")
-
-	if m.tunnelType != types.HTTP {
-		warningBoxWidth := getResponsiveWidth(m.width, 10, 30, 60)
-		warningBoxStyle := lipgloss.NewStyle().
-			Foreground(lipgloss.Color("#FFA500")).
-			Background(lipgloss.Color("#3D2000")).
-			Bold(true).
-			Border(lipgloss.RoundedBorder()).
-			BorderForeground(lipgloss.Color("#FFA500")).
-			Padding(1, boxPadding).
-			MarginTop(boxMargin).
-			MarginBottom(boxMargin).
-			Width(warningBoxWidth)
-
-		var warningText string
-		if isVeryCompact {
-			warningText = "⚠️ TCP tunnels don't support custom subdomains."
-		} else {
-			warningText = "⚠️ TCP tunnels cannot have custom subdomains. Only HTTP/HTTPS tunnels support subdomain customization."
-		}
-		b.WriteString(warningBoxStyle.Render(warningText))
-		b.WriteString("\n\n")
-
-		var helpText string
-		if isVeryCompact {
-			helpText = "Press any key to go back"
-		} else {
-			helpText = "Press Enter or Esc to go back"
-		}
-		b.WriteString(helpStyle.Render(helpText))
-		return b.String()
-	}
-
-	var rulesContent string
-	if isVeryCompact {
-		rulesContent = "Rules:\n3-20 chars\na-z, 0-9, -\nNo leading/trailing -"
-	} else if isCompact {
-		rulesContent = "📋 Rules:\n  • 3-20 chars\n  • a-z, 0-9, -\n  • No leading/trailing -"
-	} else {
-		rulesContent = "📋 Rules: \n\t• 3-20 chars \n\t• a-z, 0-9, - \n\t• No leading/trailing -"
-	}
-	b.WriteString(rulesBoxStyle.Render(rulesContent))
-	b.WriteString("\n")
-
-	var instruction string
-	if isVeryCompact {
-		instruction = "Custom subdomain:"
-	} else {
-		instruction = "Enter your custom subdomain:"
-	}
-	b.WriteString(instructionStyle.Render(instruction))
-	b.WriteString("\n")
-
-	if m.slugError != "" {
-		errorInputBoxStyle := lipgloss.NewStyle().
-			Border(lipgloss.RoundedBorder()).
-			BorderForeground(lipgloss.Color("#FF0000")).
-			Padding(1, boxPadding).
-			MarginTop(boxMargin).
-			MarginBottom(1)
-		b.WriteString(errorInputBoxStyle.Render(m.slugInput.View()))
-		b.WriteString("\n")
-		b.WriteString(errorBoxStyle.Render("❌ " + m.slugError))
-		b.WriteString("\n")
-	} else {
-		b.WriteString(inputBoxStyle.Render(m.slugInput.View()))
-		b.WriteString("\n")
-	}
-
-	previewURL := buildURL(m.protocol, m.slugInput.Value(), m.domain)
-	previewWidth := getResponsiveWidth(m.width, 10, 30, 80)
-
-	if len(previewURL) > previewWidth-10 {
-		previewURL = truncateString(previewURL, previewWidth-10)
-	}
-
-	previewStyle := lipgloss.NewStyle().
-		Foreground(lipgloss.Color("#04B575")).
-		Italic(true).
-		Width(previewWidth)
-	b.WriteString(previewStyle.Render(fmt.Sprintf("Preview: %s", previewURL)))
-	b.WriteString("\n")
-
-	var helpText string
-	if isVeryCompact {
-		helpText = "Enter: save • CTRL+R: random • Esc: cancel"
-	} else {
-		helpText = "Press Enter to save • CTRL+R for random • Esc to cancel"
-	}
-	b.WriteString(helpStyle.Render(helpText))
-
-	return b.String()
-}

session/lifecycle/lifecycle.go

@@ -4,8 +4,6 @@ import (
 	"errors"
 	"io"
 	"net"
-	"time"
-
 	portUtil "tunnel_pls/internal/port"
 	"tunnel_pls/session/slug"
 	"tunnel_pls/types"
@@ -15,116 +13,88 @@ import (
 
 type Forwarder interface {
 	Close() error
-	TunnelType() types.TunnelType
+	GetTunnelType() types.TunnelType
-	ForwardedPort() uint16
+	GetForwardedPort() uint16
 }
 
-type SessionRegistry interface {
+type Lifecycle struct {
-	Remove(key types.SessionKey)
-}
-
-type lifecycle struct {
 	status           types.Status
 	conn             ssh.Conn
 	channel          ssh.Channel
 	forwarder        Forwarder
-	slug            slug.Slug
+	slugManager      slug.Manager
-	startedAt       time.Time
+	unregisterClient func(slug string)
-	sessionRegistry SessionRegistry
-	portRegistry    portUtil.Registry
-	user            string
 }
 
-func New(conn ssh.Conn, forwarder Forwarder, slugManager slug.Slug, port portUtil.Registry, sessionRegistry SessionRegistry, user string) Lifecycle {
+func NewLifecycle(conn ssh.Conn, forwarder Forwarder, slugManager slug.Manager) *Lifecycle {
-	return &lifecycle{
+	return &Lifecycle{
-		status:          types.INITIALIZING,
+		status:           "",
 		conn:             conn,
 		channel:          nil,
 		forwarder:        forwarder,
-		slug:            slugManager,
+		slugManager:      slugManager,
-		startedAt:       time.Now(),
+		unregisterClient: nil,
-		sessionRegistry: sessionRegistry,
-		portRegistry:    port,
-		user:            user,
 	}
 }
 
-type Lifecycle interface {
+func (l *Lifecycle) SetUnregisterClient(unregisterClient func(slug string)) {
-	Connection() ssh.Conn
+	l.unregisterClient = unregisterClient
-	PortRegistry() portUtil.Registry
+}
-	User() string
+
-	SetChannel(channel ssh.Channel)
+type SessionLifecycle interface {
-	SetStatus(status types.Status)
-	IsActive() bool
-	StartedAt() time.Time
 	Close() error
+	SetStatus(status types.Status)
+	GetConnection() ssh.Conn
+	GetChannel() ssh.Channel
+	SetChannel(channel ssh.Channel)
+	SetUnregisterClient(unregisterClient func(slug string))
 }
 
-func (l *lifecycle) PortRegistry() portUtil.Registry {
+func (l *Lifecycle) GetChannel() ssh.Channel {
-	return l.portRegistry
+	return l.channel
 }
 
-func (l *lifecycle) User() string {
+func (l *Lifecycle) SetChannel(channel ssh.Channel) {
-	return l.user
-}
-
-func (l *lifecycle) SetChannel(channel ssh.Channel) {
 	l.channel = channel
 }
-func (l *lifecycle) Connection() ssh.Conn {
+func (l *Lifecycle) GetConnection() ssh.Conn {
 	return l.conn
 }
-func (l *lifecycle) SetStatus(status types.Status) {
+func (l *Lifecycle) SetStatus(status types.Status) {
 	l.status = status
-	if status == types.RUNNING && l.startedAt.IsZero() {
-		l.startedAt = time.Now()
-	}
 }
 
-func (l *lifecycle) Close() error {
+func (l *Lifecycle) Close() error {
-	var firstErr error
+	err := l.forwarder.Close()
-	tunnelType := l.forwarder.TunnelType()
+	if err != nil && !errors.Is(err, net.ErrClosed) {
-
+		return err
-	if err := l.forwarder.Close(); err != nil && !errors.Is(err, net.ErrClosed) {
-		firstErr = err
 	}
 
 	if l.channel != nil {
-		if err := l.channel.Close(); err != nil && !errors.Is(err, io.EOF) && !errors.Is(err, net.ErrClosed) {
+		err := l.channel.Close()
-			if firstErr == nil {
+		if err != nil && !errors.Is(err, io.EOF) {
-				firstErr = err
+			return err
-			}
 		}
 	}
 
 	if l.conn != nil {
-		if err := l.conn.Close(); err != nil && !errors.Is(err, net.ErrClosed) {
+		err := l.conn.Close()
-			if firstErr == nil {
+		if err != nil && !errors.Is(err, net.ErrClosed) {
-				firstErr = err
+			return err
-			}
-		}
-	}
-
-	clientSlug := l.slug.String()
-	key := types.SessionKey{
-		Id:   clientSlug,
-		Type: tunnelType,
-	}
-	l.sessionRegistry.Remove(key)
-
-	if tunnelType == types.TCP {
-		if err := l.PortRegistry().SetPortStatus(l.forwarder.ForwardedPort(), false); err != nil && firstErr == nil {
-			firstErr = err
 		}
 	}
 
-	return firstErr
+	clientSlug := l.slugManager.Get()
-}
+	if clientSlug != "" {
-
+		l.unregisterClient(clientSlug)
-func (l *lifecycle) IsActive() bool {
+	}
-	return l.status == types.RUNNING
+
-}
+	if l.forwarder.GetTunnelType() == types.TCP {
-
+		err := portUtil.Default.SetPortStatus(l.forwarder.GetForwardedPort(), false)
-func (l *lifecycle) StartedAt() time.Time {
+		if err != nil {
-	return l.startedAt
+			return err
+		}
+	}
+
+	return nil
 }

session/registry.go

@@ -1,309 +1,66 @@
 package session
 
-import (
+import "sync"
-	"fmt"
-	"sync"
-	"tunnel_pls/types"
-)
-
-type Key = types.SessionKey
 
 type Registry interface {
-	Get(key Key) (session Session, err error)
+	Get(slug string) (session *SSHSession, exist bool)
-	GetWithUser(user string, key Key) (session Session, err error)
+	Update(oldSlug, newSlug string) (success bool)
-	Update(user string, oldKey, newKey Key) error
+	Register(slug string, session *SSHSession) (success bool)
-	Register(key Key, session Session) (success bool)
+	Remove(slug string)
-	Remove(key Key)
-	GetAllSessionFromUser(user string) []Session
 }
 type registry struct {
 	mu      sync.RWMutex
-	byUser    map[string]map[Key]Session
+	clients map[string]*SSHSession
-	slugIndex map[Key]string
 }
 
 func NewRegistry() Registry {
 	return &registry{
-		byUser:    make(map[string]map[Key]Session),
+		clients: make(map[string]*SSHSession),
-		slugIndex: make(map[Key]string),
 	}
 }
 
-func (r *registry) Get(key Key) (session Session, err error) {
+func (r *registry) Get(slug string) (session *SSHSession, exist bool) {
 	r.mu.RLock()
 	defer r.mu.RUnlock()
 
-	userID, ok := r.slugIndex[key]
+	session, exist = r.clients[slug]
-	if !ok {
-		return nil, fmt.Errorf("session not found")
-	}
-
-	client, ok := r.byUser[userID][key]
-	if !ok {
-		return nil, fmt.Errorf("session not found")
-	}
-	return client, nil
-}
-
-func (r *registry) GetWithUser(user string, key Key) (session Session, err error) {
-	r.mu.RLock()
-	defer r.mu.RUnlock()
-
-	client, ok := r.byUser[user][key]
-	if !ok {
-		return nil, fmt.Errorf("session not found")
-	}
-	return client, nil
-}
-
-func (r *registry) Update(user string, oldKey, newKey Key) error {
-	if oldKey.Type != newKey.Type {
-		return fmt.Errorf("tunnel type cannot change")
-	}
-
-	if newKey.Type != types.HTTP {
-		return fmt.Errorf("non http tunnel cannot change slug")
-	}
-
-	if isForbiddenSlug(newKey.Id) {
-		return fmt.Errorf("this subdomain is reserved. Please choose a different one")
-	}
-
-	if !isValidSlug(newKey.Id) {
-		return fmt.Errorf("invalid subdomain. Follow the rules")
-	}
-
-	r.mu.Lock()
-	defer r.mu.Unlock()
-
-	if _, exists := r.slugIndex[newKey]; exists && newKey != oldKey {
-		return fmt.Errorf("someone already uses this subdomain")
-	}
-	client, ok := r.byUser[user][oldKey]
-	if !ok {
-		return fmt.Errorf("session not found")
-	}
-
-	delete(r.byUser[user], oldKey)
-	delete(r.slugIndex, oldKey)
-
-	client.Slug().Set(newKey.Id)
-	r.slugIndex[newKey] = user
-
-	if r.byUser[user] == nil {
-		r.byUser[user] = make(map[Key]Session)
-	}
-	r.byUser[user][newKey] = client
-	return nil
-}
-
-func (r *registry) Register(key Key, session Session) (success bool) {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-
-	if _, exists := r.slugIndex[key]; exists {
-		return false
-	}
-
-	userID := session.Lifecycle().User()
-	if r.byUser[userID] == nil {
-		r.byUser[userID] = make(map[Key]Session)
-	}
-
-	r.byUser[userID][key] = session
-	r.slugIndex[key] = userID
-	return true
-}
-
-func (r *registry) GetAllSessionFromUser(user string) []Session {
-	r.mu.RLock()
-	defer r.mu.RUnlock()
-
-	m := r.byUser[user]
-	if len(m) == 0 {
-		return []Session{}
-	}
-
-	sessions := make([]Session, 0, len(m))
-	for _, s := range m {
-		sessions = append(sessions, s)
-	}
-	return sessions
-}
-
-func (r *registry) Remove(key Key) {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-
-	userID, ok := r.slugIndex[key]
-	if !ok {
 	return
-	}
-
-	delete(r.byUser[userID], key)
-	if len(r.byUser[userID]) == 0 {
-		delete(r.byUser, userID)
-	}
-	delete(r.slugIndex, key)
 }
 
-func isValidSlug(slug string) bool {
+func (r *registry) Update(oldSlug, newSlug string) (success bool) {
-	if len(slug) < minSlugLength || len(slug) > maxSlugLength {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if _, exists := r.clients[newSlug]; exists && newSlug != oldSlug {
 		return false
 	}
 
-	if slug[0] == '-' || slug[len(slug)-1] == '-' {
+	client, ok := r.clients[oldSlug]
+	if !ok {
 		return false
 	}
 
-	for _, c := range slug {
+	delete(r.clients, oldSlug)
-		if !isValidSlugChar(byte(c)) {
+	client.slugManager.Set(newSlug)
-			return false
+	r.clients[newSlug] = client
-		}
-	}
-
 	return true
 }
 
-func isValidSlugChar(c byte) bool {
+func (r *registry) Register(slug string, session *SSHSession) (success bool) {
-	return (c >= 'a' && c <= 'z') || (c >= '0' && c <= '9') || c == '-'
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	if _, exists := r.clients[slug]; exists {
+		return false
+	}
+
+	r.clients[slug] = session
+	return true
 }
 
-func isForbiddenSlug(slug string) bool {
+func (r *registry) Remove(slug string) {
-	_, ok := forbiddenSlugs[slug]
+	r.mu.Lock()
-	return ok
+	defer r.mu.Unlock()
-}
 
-var forbiddenSlugs = map[string]struct{}{
+	delete(r.clients, slug)
-	"ping":          {},
-	"staging":       {},
-	"admin":         {},
-	"root":          {},
-	"api":           {},
-	"www":           {},
-	"support":       {},
-	"help":          {},
-	"status":        {},
-	"health":        {},
-	"login":         {},
-	"logout":        {},
-	"signup":        {},
-	"register":      {},
-	"settings":      {},
-	"config":        {},
-	"null":          {},
-	"undefined":     {},
-	"example":       {},
-	"test":          {},
-	"dev":           {},
-	"system":        {},
-	"administrator": {},
-	"dashboard":     {},
-	"account":       {},
-	"profile":       {},
-	"user":          {},
-	"users":         {},
-	"auth":          {},
-	"oauth":         {},
-	"callback":      {},
-	"webhook":       {},
-	"webhooks":      {},
-	"static":        {},
-	"assets":        {},
-	"cdn":           {},
-	"mail":          {},
-	"email":         {},
-	"ftp":           {},
-	"ssh":           {},
-	"git":           {},
-	"svn":           {},
-	"blog":          {},
-	"news":          {},
-	"about":         {},
-	"contact":       {},
-	"terms":         {},
-	"privacy":       {},
-	"legal":         {},
-	"billing":       {},
-	"payment":       {},
-	"checkout":      {},
-	"cart":          {},
-	"shop":          {},
-	"store":         {},
-	"download":      {},
-	"uploads":       {},
-	"images":        {},
-	"img":           {},
-	"css":           {},
-	"js":            {},
-	"fonts":         {},
-	"public":        {},
-	"private":       {},
-	"internal":      {},
-	"external":      {},
-	"proxy":         {},
-	"cache":         {},
-	"debug":         {},
-	"metrics":       {},
-	"monitoring":    {},
-	"graphql":       {},
-	"rest":          {},
-	"rpc":           {},
-	"socket":        {},
-	"ws":            {},
-	"wss":           {},
-	"app":           {},
-	"apps":          {},
-	"mobile":        {},
-	"desktop":       {},
-	"embed":         {},
-	"widget":        {},
-	"docs":          {},
-	"documentation": {},
-	"wiki":          {},
-	"forum":         {},
-	"community":     {},
-	"feedback":      {},
-	"report":        {},
-	"abuse":         {},
-	"spam":          {},
-	"security":      {},
-	"verify":        {},
-	"confirm":       {},
-	"reset":         {},
-	"password":      {},
-	"recovery":      {},
-	"unsubscribe":   {},
-	"subscribe":     {},
-	"notifications": {},
-	"alerts":        {},
-	"messages":      {},
-	"inbox":         {},
-	"outbox":        {},
-	"sent":          {},
-	"draft":         {},
-	"trash":         {},
-	"archive":       {},
-	"search":        {},
-	"explore":       {},
-	"discover":      {},
-	"trending":      {},
-	"popular":       {},
-	"featured":      {},
-	"new":           {},
-	"latest":        {},
-	"top":           {},
-	"best":          {},
-	"hot":           {},
-	"random":        {},
-	"all":           {},
-	"any":           {},
-	"none":          {},
-	"true":          {},
-	"false":         {},
 }
-
-var (
-	minSlugLength = 3
-	maxSlugLength = 20
-)

session/session.go

@@ -1,119 +1,75 @@
 package session
 
 import (
-	"bytes"
-	"encoding/binary"
-	"errors"
 	"fmt"
-	"io"
 	"log"
-	"net"
 	"time"
 	"tunnel_pls/internal/config"
-	portUtil "tunnel_pls/internal/port"
-	"tunnel_pls/internal/random"
 	"tunnel_pls/session/forwarder"
 	"tunnel_pls/session/interaction"
 	"tunnel_pls/session/lifecycle"
 	"tunnel_pls/session/slug"
-	"tunnel_pls/types"
 
 	"golang.org/x/crypto/ssh"
 )
 
-type Detail struct {
-	ForwardingType string    `json:"forwarding_type,omitempty"`
-	Slug           string    `json:"slug,omitempty"`
-	UserID         string    `json:"user_id,omitempty"`
-	Active         bool      `json:"active,omitempty"`
-	StartedAt      time.Time `json:"started_at,omitempty"`
-}
-
 type Session interface {
 	HandleGlobalRequest(ch <-chan *ssh.Request)
 	HandleTCPIPForward(req *ssh.Request)
 	HandleHTTPForward(req *ssh.Request, port uint16)
 	HandleTCPForward(req *ssh.Request, addr string, port uint16)
-	Lifecycle() lifecycle.Lifecycle
-	Interaction() interaction.Interaction
-	Forwarder() forwarder.Forwarder
-	Slug() slug.Slug
-	Detail() *Detail
-	Start() error
 }
 
-type session struct {
+type SSHSession struct {
 	initialReq    <-chan *ssh.Request
-	sshChan     <-chan ssh.NewChannel
+	sshReqChannel <-chan ssh.NewChannel
-	lifecycle   lifecycle.Lifecycle
+	lifecycle     lifecycle.SessionLifecycle
-	interaction interaction.Interaction
+	interaction   interaction.Controller
-	forwarder   forwarder.Forwarder
+	forwarder     forwarder.ForwardingController
-	slug        slug.Slug
+	slugManager   slug.Manager
 	registry      Registry
 }
 
-var blockedReservedPorts = []uint16{1080, 1433, 1521, 1900, 2049, 3306, 3389, 5432, 5900, 6379, 8080, 8443, 9000, 9200, 27017}
+func (s *SSHSession) GetLifecycle() lifecycle.SessionLifecycle {
+	return s.lifecycle
+}
 
-func New(conn *ssh.ServerConn, initialReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry, portRegistry portUtil.Registry, user string) Session {
+func (s *SSHSession) GetInteraction() interaction.Controller {
-	slugManager := slug.New()
+	return s.interaction
-	forwarderManager := forwarder.New(slugManager, conn)
+}
-	lifecycleManager := lifecycle.New(conn, forwarderManager, slugManager, portRegistry, sessionRegistry, user)
-	interactionManager := interaction.New(slugManager, forwarderManager, sessionRegistry, user, lifecycleManager.Close)
 
-	return &session{
+func (s *SSHSession) GetForwarder() forwarder.ForwardingController {
-		initialReq:  initialReq,
+	return s.forwarder
-		sshChan:     sshChan,
+}
+
+func (s *SSHSession) GetSlugManager() slug.Manager {
+	return s.slugManager
+}
+
+func New(conn *ssh.ServerConn, forwardingReq <-chan *ssh.Request, sshChan <-chan ssh.NewChannel, sessionRegistry Registry) *SSHSession {
+	slugManager := slug.NewManager()
+	forwarderManager := forwarder.NewForwarder(slugManager)
+	interactionManager := interaction.NewInteraction(slugManager, forwarderManager)
+	lifecycleManager := lifecycle.NewLifecycle(conn, forwarderManager, slugManager)
+
+	interactionManager.SetLifecycle(lifecycleManager)
+	interactionManager.SetSlugModificator(sessionRegistry.Update)
+	forwarderManager.SetLifecycle(lifecycleManager)
+	lifecycleManager.SetUnregisterClient(sessionRegistry.Remove)
+
+	return &SSHSession{
+		initialReq:    forwardingReq,
+		sshReqChannel: sshChan,
 		lifecycle:     lifecycleManager,
 		interaction:   interactionManager,
 		forwarder:     forwarderManager,
-		slug:        slugManager,
+		slugManager:   slugManager,
 		registry:      sessionRegistry,
 	}
 }
 
-func (s *session) Lifecycle() lifecycle.Lifecycle {
+func (s *SSHSession) Start() error {
-	return s.lifecycle
+	channel := <-s.sshReqChannel
-}
-
-func (s *session) Interaction() interaction.Interaction {
-	return s.interaction
-}
-
-func (s *session) Forwarder() forwarder.Forwarder {
-	return s.forwarder
-}
-
-func (s *session) Slug() slug.Slug {
-	return s.slug
-}
-
-func (s *session) Detail() *Detail {
-	var tunnelType string
-	if s.forwarder.TunnelType() == types.HTTP {
-		tunnelType = "HTTP"
-	} else if s.forwarder.TunnelType() == types.TCP {
-		tunnelType = "TCP"
-	} else {
-		tunnelType = "UNKNOWN"
-	}
-	return &Detail{
-		ForwardingType: tunnelType,
-		Slug:           s.slug.String(),
-		UserID:         s.lifecycle.User(),
-		Active:         s.lifecycle.IsActive(),
-		StartedAt:      s.lifecycle.StartedAt(),
-	}
-}
-
-func (s *session) Start() error {
-	var channel ssh.NewChannel
-	var ok bool
-	select {
-	case channel, ok = <-s.sshChan:
-		if !ok {
-			log.Println("Forwarding request channel closed")
-			return nil
-		}
 	ch, reqs, err := channel.Accept()
 	if err != nil {
 		log.Printf("failed to accept channel: %v", err)
@@ -121,43 +77,22 @@ func (s *session) Start() error {
 	}
 	go s.HandleGlobalRequest(reqs)
 
-		s.lifecycle.SetChannel(ch)
-		s.interaction.SetChannel(ch)
-		s.interaction.SetMode(types.INTERACTIVE)
-	case <-time.After(500 * time.Millisecond):
-		s.interaction.SetMode(types.HEADLESS)
-	}
-
 	tcpipReq := s.waitForTCPIPForward()
 	if tcpipReq == nil {
-		err := s.interaction.Send(fmt.Sprintf("PortRegistry forwarding request not received. Ensure you ran the correct command with -R flag. Example: ssh %s -p %s -R 80:localhost:3000", config.Getenv("DOMAIN", "localhost"), config.Getenv("PORT", "2200")))
+		_, err := ch.Write([]byte(fmt.Sprintf("Port forwarding request not received. Ensure you ran the correct command with -R flag. Example: ssh %s -p %s -R 80:localhost:3000", config.Getenv("DOMAIN", "localhost"), config.Getenv("PORT", "2200"))))
 		if err != nil {
 			return err
 		}
-		if err = s.lifecycle.Close(); err != nil {
-			log.Printf("failed to close session: %v", err)
-		}
-		return fmt.Errorf("no forwarding Request")
-	}
-
-	if (s.interaction.Mode() == types.HEADLESS && config.Getenv("MODE", "standalone") == "standalone") && s.lifecycle.User() == "UNAUTHORIZED" {
-		if err := tcpipReq.Reply(false, nil); err != nil {
-			log.Printf("cannot reply to tcpip req: %s\n", err)
-			return err
-		}
 		if err := s.lifecycle.Close(); err != nil {
 			log.Printf("failed to close session: %v", err)
-			return err
 		}
-		return nil
+		return fmt.Errorf("No forwarding Request")
 	}
 
+	s.lifecycle.SetChannel(ch)
+	s.interaction.SetChannel(ch)
+
 	s.HandleTCPIPForward(tcpipReq)
-	s.interaction.Start()
-
-	if err := s.lifecycle.Connection().Wait(); err != nil && !errors.Is(err, io.EOF) && !errors.Is(err, net.ErrClosed) {
-		log.Printf("ssh connection closed with error: %v", err)
-	}
 
 	if err := s.lifecycle.Close(); err != nil {
 		log.Printf("failed to close session: %v", err)
@@ -166,7 +101,7 @@ func (s *session) Start() error {
 	return nil
 }
 
-func (s *session) waitForTCPIPForward() *ssh.Request {
+func (s *SSHSession) waitForTCPIPForward() *ssh.Request {
 	select {
 	case req, ok := <-s.initialReq:
 		if !ok {
@@ -186,243 +121,3 @@ func (s *session) waitForTCPIPForward() *ssh.Request {
 		return nil
 	}
 }
-
-func (s *session) HandleGlobalRequest(GlobalRequest <-chan *ssh.Request) {
-	for req := range GlobalRequest {
-		switch req.Type {
-		case "shell", "pty-req":
-			err := req.Reply(true, nil)
-			if err != nil {
-				log.Println("Failed to reply to request:", err)
-				return
-			}
-		case "window-change":
-			p := req.Payload
-			if len(p) < 16 {
-				log.Println("invalid window-change payload")
-				err := req.Reply(false, nil)
-				if err != nil {
-					log.Println("Failed to reply to request:", err)
-					return
-				}
-				return
-			}
-			cols := binary.BigEndian.Uint32(p[0:4])
-			rows := binary.BigEndian.Uint32(p[4:8])
-
-			s.interaction.SetWH(int(cols), int(rows))
-
-			err := req.Reply(true, nil)
-			if err != nil {
-				log.Println("Failed to reply to request:", err)
-				return
-			}
-		default:
-			log.Println("Unknown request type:", req.Type)
-			err := req.Reply(false, nil)
-			if err != nil {
-				log.Println("Failed to reply to request:", err)
-				return
-			}
-		}
-	}
-}
-
-func (s *session) HandleTCPIPForward(req *ssh.Request) {
-	log.Println("PortRegistry forwarding request detected")
-
-	fail := func(msg string) {
-		log.Println(msg)
-		if err := req.Reply(false, nil); err != nil {
-			log.Println("Failed to reply to request:", err)
-			return
-		}
-		if err := s.lifecycle.Close(); err != nil {
-			log.Printf("failed to close session: %v", err)
-		}
-	}
-
-	reader := bytes.NewReader(req.Payload)
-
-	addr, err := readSSHString(reader)
-	if err != nil {
-		fail(fmt.Sprintf("Failed to read address from payload: %v", err))
-		return
-	}
-
-	var rawPortToBind uint32
-	if err = binary.Read(reader, binary.BigEndian, &rawPortToBind); err != nil {
-		fail(fmt.Sprintf("Failed to read port from payload: %v", err))
-		return
-	}
-
-	if rawPortToBind > 65535 {
-		fail(fmt.Sprintf("PortRegistry %d is larger than allowed port of 65535", rawPortToBind))
-		return
-	}
-
-	portToBind := uint16(rawPortToBind)
-	if isBlockedPort(portToBind) {
-		fail(fmt.Sprintf("PortRegistry %d is blocked or restricted", portToBind))
-		return
-	}
-
-	switch portToBind {
-	case 80, 443:
-		s.HandleHTTPForward(req, portToBind)
-	default:
-		s.HandleTCPForward(req, addr, portToBind)
-	}
-}
-
-func (s *session) HandleHTTPForward(req *ssh.Request, portToBind uint16) {
-	fail := func(msg string, key *types.SessionKey) {
-		log.Println(msg)
-		if key != nil {
-			s.registry.Remove(*key)
-		}
-		if err := req.Reply(false, nil); err != nil {
-			log.Println("Failed to reply to request:", err)
-		}
-	}
-
-	randomString, err := random.GenerateRandomString(20)
-	if err != nil {
-		fail(fmt.Sprintf("Failed to create slug: %s", err), nil)
-		return
-	}
-	key := types.SessionKey{Id: randomString, Type: types.HTTP}
-	if !s.registry.Register(key, s) {
-		fail(fmt.Sprintf("Failed to register client with slug: %s", randomString), nil)
-		return
-	}
-
-	buf := new(bytes.Buffer)
-	err = binary.Write(buf, binary.BigEndian, uint32(portToBind))
-	if err != nil {
-		fail(fmt.Sprintf("Failed to write port to buffer: %v", err), &key)
-		return
-	}
-	log.Printf("HTTP forwarding approved on port: %d", portToBind)
-
-	err = req.Reply(true, buf.Bytes())
-	if err != nil {
-		fail(fmt.Sprintf("Failed to reply to request: %v", err), &key)
-		return
-	}
-
-	s.forwarder.SetType(types.HTTP)
-	s.forwarder.SetForwardedPort(portToBind)
-	s.slug.Set(randomString)
-	s.lifecycle.SetStatus(types.RUNNING)
-}
-
-func (s *session) HandleTCPForward(req *ssh.Request, addr string, portToBind uint16) {
-	fail := func(msg string) {
-		log.Println(msg)
-		if err := req.Reply(false, nil); err != nil {
-			log.Println("Failed to reply to request:", err)
-			return
-		}
-		if err := s.lifecycle.Close(); err != nil {
-			log.Printf("failed to close session: %v", err)
-		}
-	}
-
-	cleanup := func(msg string, port uint16, listener net.Listener, key *types.SessionKey) {
-		log.Println(msg)
-		if key != nil {
-			s.registry.Remove(*key)
-		}
-		if port != 0 {
-			if setErr := s.lifecycle.PortRegistry().SetPortStatus(port, false); setErr != nil {
-				log.Printf("Failed to reset port status: %v", setErr)
-			}
-		}
-		if listener != nil {
-			if closeErr := listener.Close(); closeErr != nil {
-				log.Printf("Failed to close listener: %v", closeErr)
-			}
-		}
-		if err := req.Reply(false, nil); err != nil {
-			log.Println("Failed to reply to request:", err)
-		}
-		_ = s.lifecycle.Close()
-	}
-
-	if portToBind == 0 {
-		unassigned, ok := s.lifecycle.PortRegistry().GetUnassignedPort()
-		if !ok {
-			fail("No available port")
-			return
-		}
-		portToBind = unassigned
-	}
-
-	if claimed := s.lifecycle.PortRegistry().ClaimPort(portToBind); !claimed {
-		fail(fmt.Sprintf("PortRegistry %d is already in use or restricted", portToBind))
-		return
-	}
-
-	log.Printf("Requested forwarding on %s:%d", addr, portToBind)
-	listener, err := net.Listen("tcp", fmt.Sprintf("0.0.0.0:%d", portToBind))
-	if err != nil {
-		cleanup(fmt.Sprintf("PortRegistry %d is already in use or restricted", portToBind), portToBind, nil, nil)
-		return
-	}
-
-	key := types.SessionKey{Id: fmt.Sprintf("%d", portToBind), Type: types.TCP}
-
-	if !s.registry.Register(key, s) {
-		cleanup(fmt.Sprintf("Failed to register TCP client with id: %s", key.Id), portToBind, listener, nil)
-		return
-	}
-
-	buf := new(bytes.Buffer)
-	err = binary.Write(buf, binary.BigEndian, uint32(portToBind))
-	if err != nil {
-		cleanup(fmt.Sprintf("Failed to write port to buffer: %v", err), portToBind, listener, &key)
-		return
-	}
-
-	log.Printf("TCP forwarding approved on port: %d", portToBind)
-	err = req.Reply(true, buf.Bytes())
-	if err != nil {
-		cleanup(fmt.Sprintf("Failed to reply to request: %v", err), portToBind, listener, &key)
-		return
-	}
-
-	s.forwarder.SetType(types.TCP)
-	s.forwarder.SetListener(listener)
-	s.forwarder.SetForwardedPort(portToBind)
-	s.slug.Set(key.Id)
-	s.lifecycle.SetStatus(types.RUNNING)
-	go s.forwarder.AcceptTCPConnections()
-}
-
-func readSSHString(reader *bytes.Reader) (string, error) {
-	var length uint32
-	if err := binary.Read(reader, binary.BigEndian, &length); err != nil {
-		return "", err
-	}
-	strBytes := make([]byte, length)
-	if _, err := reader.Read(strBytes); err != nil {
-		return "", err
-	}
-	return string(strBytes), nil
-}
-
-func isBlockedPort(port uint16) bool {
-	if port == 80 || port == 443 {
-		return false
-	}
-	if port < 1024 && port != 0 {
-		return true
-	}
-	for _, p := range blockedReservedPorts {
-		if p == port {
-			return true
-		}
-	}
-	return false
-}

session/slug/slug.go

@@ -1,24 +1,24 @@
 package slug
 
-type Slug interface {
+type Manager interface {
-	String() string
+	Get() string
 	Set(slug string)
 }
 
-type slug struct {
+type manager struct {
 	slug string
 }
 
-func New() Slug {
+func NewManager() Manager {
-	return &slug{
+	return &manager{
 		slug: "",
 	}
 }
 
-func (s *slug) String() string {
+func (s *manager) Get() string {
 	return s.slug
 }
 
-func (s *slug) Set(slug string) {
+func (s *manager) Set(slug string) {
 	s.slug = slug
 }

types/types.go

@@ -1,32 +1,20 @@
 package types
 
-type Status int
+type Status string
 
 const (
-	INITIALIZING Status = iota
+	INITIALIZING Status = "INITIALIZING"
-	RUNNING
+	RUNNING      Status = "RUNNING"
+	SETUP        Status = "SETUP"
 )
 
-type Mode int
+type TunnelType string
 
 const (
-	INTERACTIVE Mode = iota
+	HTTP TunnelType = "HTTP"
-	HEADLESS
+	TCP  TunnelType = "TCP"
 )
 
-type TunnelType int
-
-const (
-	UNKNOWN TunnelType = iota
-	HTTP
-	TCP
-)
-
-type SessionKey struct {
-	Id   string
-	Type TunnelType
-}
-
 var BadGatewayResponse = []byte("HTTP/1.1 502 Bad Gateway\r\n" +
 	"Content-Length: 11\r\n" +
 	"Content-Type: text/plain\r\n\r\n" +