model

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ContainerName    = "popugate-telemt"
	DockerImageBase  = "popugate-telemt"
	DefaultTelemtVer = "3.3.39"
	DefaultTelemtRef = "bc69153"
	DefaultTelemtURL = "https://github.com/telemt/telemt.git"
	RegistryImage    = "ghcr.io/fussraider/popugate-telemt"
	GitHubRepo       = "fussraider/PopuGate"
	MaxSecrets       = 1000
	SecretKeyLen     = 32 // hex chars
)

Constants for the application.

Variables

View Source 
var Commit = "unknown"

Commit is the full git SHA, overridden at build time via -ldflags "-X main.commit=..."

View Source 
var InstallDir = "/opt/popugate"

InstallDir is the base data directory. Overridden at startup from the POPUGATE_DATA_DIR env var or the binary's directory.

View Source 
var Version = "dev"

Version is overridden at build time via -ldflags "-X main.version=..."

Functions

func ConfigDir 

func ConfigDir() string

ConfigDir returns the engine config directory.

func DefaultSSHKeyPath 

func DefaultSSHKeyPath() string

DefaultSSHKeyPath returns the default SSH key location.

func DefaultSSHLogPath 

func DefaultSSHLogPath() string

DefaultSSHLogPath returns the default replication log location.

func TagsMatch added in v0.1.0 

func TagsMatch(instanceTags, secretTags []string) bool

TagsMatch checks if an instance is accessible by a secret based on tag matching. An instance without tags is accessible to all secrets. An instance with tags is only accessible to secrets that share at least one tag.

func TelemtCommit 

func TelemtCommit() string

TelemtCommit returns the telemt commit/ref from env or default.

func TelemtRepo 

func TelemtRepo() string

TelemtRepo returns the telemt repository URL from env or default.

func TelemtVersion 

func TelemtVersion() string

TelemtVersion returns the telemt version from env or default.

func ValidateLabel 

func ValidateLabel(label string) error

ValidateLabel checks that a label is valid.

func ValidateTags added in v0.1.0 

func ValidateTags(tags string) error

ValidateTags checks that tags is a valid JSON array of strings.

func VersionURL added in v0.0.2 

func VersionURL() string

VersionURL returns a GitHub URL for the current version: release page for tags, commit page for SHAs, or the repo root as fallback.

Types

type AuditEntry added in v0.0.10 

type AuditEntry struct {
	ID        int64  `json:"id"`
	Timestamp int64  `json:"timestamp"`
	User      string `json:"user"`
	Action    string `json:"action"`
	Detail    string `json:"detail"`
}

AuditEntry represents a single audit log record.

type GlobalTraffic 

type GlobalTraffic struct {
	TotalIn  int64 `json:"total_in"`
	TotalOut int64 `json:"total_out"`
}

GlobalTraffic holds cumulative global traffic.

type Instance 

type Instance struct {
	ID          int64  `json:"id" db:"id"`
	Port        int    `json:"port" db:"port"`
	MetricsPort int    `json:"metrics_port" db:"metrics_port"`
	Enabled     bool   `json:"enabled" db:"enabled"`
	Label       string `json:"label" db:"label"`
	// Per-instance proxy configuration
	TLSDomain  string `json:"tls_domain" db:"tls_domain"`   // Primary masking domain (required)
	TLSDomains string `json:"tls_domains" db:"tls_domains"` // Additional domains (JSON array)
	FakeTLS    bool   `json:"fake_tls" db:"fake_tls"`       // Enable FakeTLS masking
	MaskHost   string `json:"mask_host" db:"mask_host"`     // Where to proxy non-MTProto traffic
	MaskPort   int    `json:"mask_port" db:"mask_port"`     // Port for mask_host
	Tags       string `json:"tags" db:"tags"`               // Access tags (JSON array)
}

Instance represents a fully independent proxy instance with its own port, domains, and config.

func (*Instance) AllDomains added in v0.1.0 

func (i *Instance) AllDomains() []string

AllDomains returns tls_domain + tls_domains combined.

func (*Instance) ConfigPath 

func (i *Instance) ConfigPath() string

ConfigPath returns the TOML config file path for this instance.

func (*Instance) ContainerName 

func (i *Instance) ContainerName() string

ContainerName returns the Docker container name for this instance.

func (*Instance) GetMaskHost added in v0.1.0 

func (i *Instance) GetMaskHost() string

GetMaskHost returns the custom mask host or falls back to tls_domain.

func (*Instance) GetTLSDomains added in v0.1.0 

func (i *Instance) GetTLSDomains() []string

GetTLSDomains parses the JSON tls_domains array.

func (*Instance) GetTags added in v0.1.0 

func (i *Instance) GetTags() []string

GetTags parses the JSON tags array.

func (*Instance) Validate 

func (i *Instance) Validate() error

Validate checks instance fields.

type InstanceStatus 

type InstanceStatus struct {
	ID                  int64  `json:"id"`
	Port                int    `json:"port"`
	Running             bool   `json:"running"`
	Label               string `json:"label"`
	TLSDomain           string `json:"tls_domain"`
	FakeTLS             bool   `json:"fake_tls"`
	Status              string `json:"status"` // "healthy", "unhealthy", "stopped"
	ContainerName       string `json:"container_name,omitempty"`
	MatchingSecretCount int    `json:"matching_secret_count"`
}

InstanceStatus for multi-port instances.

type LiveMetrics 

type LiveMetrics struct {
	UptimeSeconds        float64                     `json:"uptime_seconds"`
	ConnsCurrent         float64                     `json:"conns_current"`
	ConnsTotal           float64                     `json:"conns_total"`
	ConnsBadTotal        float64                     `json:"conns_bad_total"`
	ConnsMECurrent       float64                     `json:"conns_me_current"`
	ConnsDirectCurrent   float64                     `json:"conns_direct_current"`
	UpstreamAttemptTotal float64                     `json:"upstream_attempt_total"`
	UpstreamSuccessTotal float64                     `json:"upstream_success_total"`
	UpstreamFailTotal    float64                     `json:"upstream_fail_total"`
	MEWritersActive      float64                     `json:"me_writers_active"`
	MEWritersWarm        float64                     `json:"me_writers_warm"`
	UserMetrics          map[string]*UserLiveMetrics `json:"users"`
}

LiveMetrics holds parsed Prometheus metrics from the telemt engine. 

type ProxyLink struct {
	InstanceLabel string `json:"instance_label"`
	InstancePort  int    `json:"instance_port"`
	Domain        string `json:"domain"`
	TGLink        string `json:"tg_link"`
	WebLink       string `json:"web_link"`
}

ProxyLink represents a single proxy link for a specific instance+domain combination.

type ProxyStatus 

type ProxyStatus struct {
	Running       bool             `json:"running"`
	Port          int              `json:"port"`
	Uptime        string           `json:"uptime,omitempty"`
	UptimeSeconds int64            `json:"uptime_seconds,omitempty"`
	ContainerID   string           `json:"container_id,omitempty"`
	StartedAt     time.Time        `json:"started_at,omitempty"`
	ConnsCurrent  int              `json:"conns_current,omitempty"`
	ConnsTotal    int64            `json:"conns_total,omitempty"`
	TrafficIn     int64            `json:"traffic_in,omitempty"`
	TrafficOut    int64            `json:"traffic_out,omitempty"`
	Instances     []InstanceStatus `json:"instances,omitempty"`
}

ProxyStatus represents the current state of the proxy.

type Secret 

type Secret struct {
	ID         int64  `json:"id" db:"id"`
	Label      string `json:"label" db:"label"`
	SecretKey  string `json:"secret_key" db:"secret_key"`
	CreatedAt  int64  `json:"created_at" db:"created_at"`
	Enabled    bool   `json:"enabled" db:"enabled"`
	MaxConns   int    `json:"max_conns" db:"max_conns"`
	MaxIPs     int    `json:"max_ips" db:"max_ips"`
	QuotaBytes int64  `json:"quota_bytes" db:"quota_bytes"`
	ExpiresAt  string `json:"expires_at" db:"expires_at"`
	Notes      string `json:"notes" db:"notes"`
	Tags       string `json:"tags" db:"tags"`
	ArchivedAt int64  `json:"archived_at" db:"archived_at"`

	// Computed fields (not in DB)
	TrafficIn  int64 `json:"traffic_in,omitempty" db:"-"`
	TrafficOut int64 `json:"traffic_out,omitempty" db:"-"`
}

Secret represents an MTProto proxy secret key with per-user limits.

func (*Secret) ExpiryWarning 

func (s *Secret) ExpiryWarning(within time.Duration) bool

ExpiryWarning returns true if the secret expires within the given duration.

func (*Secret) GetTags added in v0.1.0 

func (s *Secret) GetTags() []string

GetTags parses the JSON tags array.

func (*Secret) IsActive 

func (s *Secret) IsActive() bool

IsActive returns true if the secret is enabled and not expired.

func (*Secret) IsExpired 

func (s *Secret) IsExpired() bool

IsExpired returns true if the secret has an expiry date in the past.

func (*Secret) QuotaExceeded 

func (s *Secret) QuotaExceeded() bool

QuotaExceeded returns true if traffic exceeds the quota.

func (*Secret) QuotaPercent 

func (s *Secret) QuotaPercent() float64

QuotaPercent returns used quota as percentage (0 if no quota set).

func (*Secret) QuotaWarning 

func (s *Secret) QuotaWarning() bool

QuotaWarning returns true if traffic is at or above 80% of quota.

type SecretTemplate added in v0.0.10 

type SecretTemplate struct {
	ID          int64  `json:"id" db:"id"`
	Name        string `json:"name" db:"name"`
	MaxConns    int    `json:"max_conns" db:"max_conns"`
	MaxIPs      int    `json:"max_ips" db:"max_ips"`
	QuotaBytes  int64  `json:"quota_bytes" db:"quota_bytes"`
	ExpiresDays int    `json:"expires_days" db:"expires_days"`
	Notes       string `json:"notes" db:"notes"`
	Tags        string `json:"tags" db:"tags"`
}

SecretTemplate represents a reusable preset for secret limits.

func (*SecretTemplate) GetTags added in v0.1.0 

func (t *SecretTemplate) GetTags() []string

GetTags parses the JSON tags array. 

type SecretWithLink struct {
	Secret
	TGLink  string `json:"tg_link,omitempty"`
	WebLink string `json:"web_link,omitempty"`
}

SecretWithLink extends Secret with proxy link info. 

type SecretWithLinks struct {
	Secret
	Links []ProxyLink `json:"links"`
}

SecretWithLinks extends Secret with multiple proxy links (one per instance×domain).

type Settings 

type Settings struct {
	// Proxy
	ProxyPort                 int    `json:"proxy_port"`
	ProxyMetricsPort          int    `json:"proxy_metrics_port"`
	ProxyDomain               string `json:"proxy_domain"`
	ProxyConcurrency          int    `json:"proxy_concurrency"`
	ProxyCPUs                 string `json:"proxy_cpus"`
	ProxyMemory               string `json:"proxy_memory"`
	CustomIP                  string `json:"custom_ip"`
	FakeCertLen               int    `json:"fake_cert_len"`
	ProxyProtocol             bool   `json:"proxy_protocol"`
	ProxyProtocolTrustedCIDRs string `json:"proxy_protocol_trusted_cidrs"`

	// Ad tag
	AdTag string `json:"ad_tag"`

	// Geo-blocking
	GeoblockMode       string `json:"geoblock_mode"`
	BlocklistCountries string `json:"blocklist_countries"`

	// Traffic masking
	MaskingEnabled       bool   `json:"masking_enabled"`
	MaskingHost          string `json:"masking_host"`
	MaskingPort          int    `json:"masking_port"`
	MaskingRelayMaxBytes int64  `json:"masking_relay_max_bytes"`
	UnknownSNIAction     string `json:"unknown_sni_action"`

	// Custom Telegram infrastructure URLs (for restricted regions)
	ProxySecretURL   string `json:"proxy_secret_url"`
	ProxyConfigV4URL string `json:"proxy_config_v4_url"`
	ProxyConfigV6URL string `json:"proxy_config_v6_url"`

	// Telegram
	TelegramEnabled       bool   `json:"telegram_enabled"`
	TelegramBotToken      string `json:"telegram_bot_token"`
	TelegramChatID        string `json:"telegram_chat_id"`
	TelegramInterval      int    `json:"telegram_interval"`
	TelegramAlertsEnabled bool   `json:"telegram_alerts_enabled"`
	TelegramServerLabel   string `json:"telegram_server_label"`

	// Auto-update
	AutoUpdateEnabled    bool `json:"auto_update_enabled"`
	SecretAutoRotateDays int  `json:"secret_auto_rotate_days"`

	// Maintenance
	MaintenanceMode bool `json:"maintenance_mode"`

	// Replication
	ReplicationEnabled         bool   `json:"replication_enabled"`
	ReplicationRole            string `json:"replication_role"`
	ReplicationSyncInterval    int    `json:"replication_sync_interval"`
	ReplicationSSHPort         int    `json:"replication_ssh_port"`
	ReplicationSSHUser         string `json:"replication_ssh_user"`
	ReplicationDeleteExtra     bool   `json:"replication_delete_extra"`
	ReplicationSSHKeyPath      string `json:"replication_ssh_key_path"`
	ReplicationExclude         string `json:"replication_exclude"`
	ReplicationRestartOnChange bool   `json:"replication_restart_on_change"`
	ReplicationLog             string `json:"replication_log"`
	Debug                      bool   `json:"debug"`

	// Backup
	BackupRetentionDays int `json:"backup_retention_days"`

	// telemt engine
	TelemtVersion string `json:"telemt_version"`
	TelemtCommit  string `json:"telemt_commit"`
	TelemtRepo    string `json:"telemt_repo"`
}

Settings holds all application configuration. Maps to the key-value settings table in SQLite.

func DefaultSettings 

func DefaultSettings() Settings

Defaults returns a Settings struct populated with default values.

func (*Settings) SSHKeyPath 

func (s *Settings) SSHKeyPath() string

SSHKeyPath returns current SSH key path or default if empty.

func (*Settings) SSHLogPath 

func (s *Settings) SSHLogPath() string

SSHLogPath returns current replication log path or default if empty.

func (*Settings) Validate 

func (s *Settings) Validate()

Validate corrects invalid/missing values to defaults.

type Slave 

type Slave struct {
	ID       int64  `json:"id" db:"id"`
	Host     string `json:"host" db:"host"`
	Port     int    `json:"port" db:"port"`
	Label    string `json:"label" db:"label"`
	Enabled  bool   `json:"enabled" db:"enabled"`
	LastSync int64  `json:"last_sync" db:"last_sync"`
	Status   string `json:"status" db:"status"`
}

Slave represents a replication slave server.

func (*Slave) Validate 

func (s *Slave) Validate() error

Validate checks slave fields.

type SlaveTestResult 

type SlaveTestResult struct {
	Host         string `json:"host"`
	SSHOK        bool   `json:"ssh_ok"`
	DockerStatus string `json:"docker_status,omitempty"`
	Error        string `json:"error,omitempty"`
}

SlaveTestResult holds the result of an SSH connectivity test.

type SystemResources added in v0.0.10 

type SystemResources struct {
	CPUUsage    float64 `json:"cpu_usage"`    // percent (0-100)
	MemoryUsed  uint64  `json:"memory_used"`  // bytes
	MemoryTotal uint64  `json:"memory_total"` // bytes
	DiskUsed    uint64  `json:"disk_used"`    // bytes
	DiskTotal   uint64  `json:"disk_total"`   // bytes
	Load1       float64 `json:"load1"`
	Load5       float64 `json:"load5"`
	Load15      float64 `json:"load15"`
	Uptime      uint64  `json:"uptime"` // seconds
}

SystemResources holds current system resource usage.

type TrafficHistoryRecord added in v0.0.10 

type TrafficHistoryRecord struct {
	Timestamp int64 `json:"timestamp"`
	BytesIn   int64 `json:"bytes_in"`
	BytesOut  int64 `json:"bytes_out"`
}

TrafficHistoryRecord is a single timestamped traffic snapshot.

type TrafficReport 

type TrafficReport struct {
	Global GlobalTraffic `json:"global"`
	Users  []UserTraffic `json:"users"`
}

TrafficReport combines global and per-user traffic.

type TrafficSnapshot 

type TrafficSnapshot struct {
	BytesIn  int64 `json:"bytes_in"`
	BytesOut int64 `json:"bytes_out"`
	SnapIn   int64 `json:"snap_in"`
	SnapOut  int64 `json:"snap_out"`
}

TrafficSnapshot represents a point-in-time traffic reading.

type Upstream 

type Upstream struct {
	ID       int64        `json:"id" db:"id"`
	Name     string       `json:"name" db:"name"`
	Type     UpstreamType `json:"type" db:"type"`
	Address  string       `json:"address" db:"address"`
	Username string       `json:"username" db:"username"`
	Password string       `json:"password" db:"password"`
	Weight   int          `json:"weight" db:"weight"`
	Iface    string       `json:"iface" db:"iface"`
	Enabled  bool         `json:"enabled" db:"enabled"`

	// Health fields
	LastCheckAt int64  `json:"last_check_at" db:"last_check_at"` // unix timestamp
	LastCheckOK *bool  `json:"last_check_ok" db:"last_check_ok"` // nil=never tested
	LatencyMs   int64  `json:"latency_ms" db:"latency_ms"`       // last test latency
	LastError   string `json:"last_error" db:"last_error"`       // last error message
	FailCount   int    `json:"fail_count" db:"fail_count"`       // consecutive failures
}

Upstream represents a proxy upstream configuration.

func (*Upstream) Validate 

func (u *Upstream) Validate() error

Validate checks upstream fields.

type UpstreamTestResult 

type UpstreamTestResult struct {
	OK        bool   `json:"ok"`
	ExitIP    string `json:"exit_ip,omitempty"`
	LatencyMs int64  `json:"latency_ms,omitempty"`
	Error     string `json:"error,omitempty"`
}

UpstreamTestResult holds the result of a connectivity test.

type UpstreamType 

type UpstreamType string

UpstreamType defines the proxy upstream type. 

const (
	UpstreamDirect UpstreamType = "direct"
	UpstreamSOCKS5 UpstreamType = "socks5"
	UpstreamSOCKS4 UpstreamType = "socks4"
)

type UserLiveMetrics 

type UserLiveMetrics struct {
	OctetsFromClient float64 `json:"octets_from_client"`
	OctetsToClient   float64 `json:"octets_to_client"`
	Connections      float64 `json:"connections"`
	UniqueIPs        float64 `json:"unique_ips"`
}

UserLiveMetrics holds per-user live Prometheus metrics.

type UserTraffic 

type UserTraffic struct {
	Label    string `json:"label"`
	BytesIn  int64  `json:"bytes_in"`
	BytesOut int64  `json:"bytes_out"`
}

UserTraffic holds per-user traffic stats.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.