68 lines
1.3 KiB
Markdown
68 lines
1.3 KiB
Markdown
# backend (Cloudflare Workers demo)
|
|
|
|
This demo shows how to run the Wisp proxy path (`/wisp/`) on Cloudflare Workers by combining:
|
|
|
|
- Wisp protocol handling from `@mercuryworkshop/wisp-js`
|
|
- Outbound TCP from `cloudflare:sockets`
|
|
|
|
It is a minimal proof-of-concept based on:
|
|
|
|
- `../../AssppWeb/backend/src/services/wsProxy.ts`
|
|
- `../wisp-js`
|
|
|
|
The Worker also serves static files from `../frontend/dist` via Wrangler `assets`.
|
|
|
|
## What this demo supports
|
|
|
|
- `GET /healthz` health check
|
|
- `WS /wisp/` Wisp v2 server path
|
|
- Apple host allowlist + port `443` only
|
|
- Optional token auth (`?token=...`)
|
|
|
|
## What this demo does not support
|
|
|
|
- UDP streams (disabled)
|
|
- Legacy wsproxy path (for example `/wisp/example.com:443`)
|
|
- Asspp backend HTTP APIs (`/api/*`)
|
|
|
|
## Setup
|
|
|
|
```bash
|
|
cd backend
|
|
bun install
|
|
bun run types
|
|
bun run check
|
|
```
|
|
|
|
`bun run check` will build frontend first, then run Worker dry-run deploy.
|
|
|
|
## Local dev
|
|
|
|
```bash
|
|
cd backend
|
|
bun run dev
|
|
```
|
|
|
|
Default local URL: `http://127.0.0.1:8787`
|
|
|
|
## Deploy
|
|
|
|
```bash
|
|
cd backend
|
|
bun run deploy
|
|
```
|
|
|
|
## Optional auth
|
|
|
|
Set one of these as Worker secrets:
|
|
|
|
1. `ACCESS_TOKEN_HASH` (preferred): expected token value directly
|
|
2. `ACCESS_PASSWORD`: plaintext password, Worker computes SHA-256 hex and compares with `?token=`
|
|
|
|
```bash
|
|
cd backend
|
|
bunx wrangler secret put ACCESS_TOKEN_HASH
|
|
# or
|
|
bunx wrangler secret put ACCESS_PASSWORD
|
|
```
|