Initial commit

dev-proxy.sh

@@ -0,0 +1,133 @@
+#!/bin/bash
+DOMAIN=$1
+TARGET=$2
+PATTERNS=$3
+REAL_IP_OVERRIDE=$4
+HOSTS_LINE="127.0.0.1 $DOMAIN"
+NGINX_CONF=$(mktemp)
+CERT_DIR=$(pwd)
+CLEANUP_DONE=0
+
+# Resolve real IP before we mess with hosts
+if [ -n "$REAL_IP_OVERRIDE" ]; then
+  REAL_IP="$REAL_IP_OVERRIDE"
+  echo "Using provided IP: $REAL_IP"
+else
+  # Use external DNS (8.8.8.8) to bypass /etc/hosts
+  # Get final IP (not CNAME) by filtering for IP addresses only
+  REAL_IP=$(dig +short "$DOMAIN" @8.8.8.8 | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' | head -n1)
+  if [ -z "$REAL_IP" ]; then
+    echo "Could not resolve $DOMAIN"
+    exit 1
+  fi
+  # Check if resolved IP is localhost (proxy loop)
+  if [[ "$REAL_IP" == "127.0.0.1" || "$REAL_IP" == "::1" || "$REAL_IP" == "localhost" ]]; then
+    echo "ERROR: $DOMAIN resolves to localhost ($REAL_IP)"
+    echo "This would cause a proxy loop."
+    echo "Provide the real IP as the 4th argument:"
+    echo "  $0 $DOMAIN $TARGET \"$PATTERNS\" <real-ip>"
+    exit 1
+  fi
+  echo "Resolved $DOMAIN to $REAL_IP"
+fi
+
+cleanup() {
+  [ "$CLEANUP_DONE" -eq 1 ] && return
+  CLEANUP_DONE=1
+  echo "Cleaning up..."
+  if [[ "$OSTYPE" == "darwin"* ]]; then
+    sudo sed -i "" "\|$HOSTS_LINE|d" /etc/hosts
+  else
+    sudo sed -i "\|$HOSTS_LINE|d" /etc/hosts
+  fi
+  rm -f "$DOMAIN.pem" "$DOMAIN-key.pem" "$NGINX_CONF"
+  echo "Done"
+}
+
+trap cleanup EXIT
+
+echo "$HOSTS_LINE" | sudo tee -a /etc/hosts
+mkcert "$DOMAIN"
+
+# Build passthrough location blocks
+PASSTHROUGH_LOCATIONS=""
+if [ -n "$PATTERNS" ]; then
+  IFS=',' read -ra PATTERN_ARRAY <<< "$PATTERNS"
+  for pattern in "${PATTERN_ARRAY[@]}"; do
+    # Remove trailing * from pattern if present
+    clean_pattern="${pattern%\*}"
+    PASSTHROUGH_LOCATIONS+="
+    # Passthrough for /${clean_pattern}
+    location ~* ^/${clean_pattern} {
+      proxy_pass https://$REAL_IP;
+      proxy_ssl_server_name on;
+      proxy_ssl_name $DOMAIN;
+      proxy_set_header Host \$host;
+      proxy_set_header X-Real-IP \$remote_addr;
+      proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto \$scheme;
+      proxy_http_version 1.1;
+      proxy_set_header Connection \"\";
+    }
+"
+  done
+fi
+
+cat > "$NGINX_CONF" <<EOF
+worker_processes 1;
+error_log /dev/stderr info;
+pid /tmp/nginx-dev-proxy.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    access_log /dev/stdout combined;
+
+    # Upstream for local dev server
+    upstream local_dev {
+        server $TARGET;
+    }
+
+    # Upstream for real server
+    upstream real_server {
+        server $REAL_IP:443;
+    }
+
+    server {
+        listen 443 ssl http2;
+        server_name $DOMAIN;
+
+        ssl_certificate $CERT_DIR/$DOMAIN.pem;
+        ssl_certificate_key $CERT_DIR/$DOMAIN-key.pem;
+
+        # Passthrough patterns go to real upstream
+        $PASSTHROUGH_LOCATIONS
+
+        # Everything else goes to local dev server
+        location / {
+            proxy_pass http://local_dev;
+            proxy_http_version 1.1;
+            proxy_set_header Host \$host;
+            proxy_set_header X-Real-IP \$remote_addr;
+            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto \$scheme;
+            proxy_set_header X-Forwarded-Host \$host;
+            proxy_set_header Upgrade \$http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_read_timeout 86400;
+        }
+    }
+}
+EOF
+
+# Save config for debugging
+cp "$NGINX_CONF" "$(pwd)/debug-nginx.conf"
+echo "Generated nginx config saved to: $(pwd)/debug-nginx.conf"
+echo "--- Generated nginx config ---"
+cat "$NGINX_CONF"
+echo "--- End nginx config ---"
+
+# Run nginx (needs sudo for port 443)
+sudo nginx -c "$NGINX_CONF" -g "daemon off;"