PullFromGitHub/numa
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 25 Wiki Activity

Async architecture, local service proxy, TLS, blocking panel #3

Merged
dearsky merged 0 commits from refs/pull/3/head into main 2026-03-21 07:38:29 +08:00
Conversation 0 Commits - Files Changed 118 +1906 -28867
dearsky commented 2026-03-20 18:49:11 +08:00 (Migrated from gitea.proxy.dearsky.top)
Copy Link

Summary

Major rewrite of Numa from blocking to async architecture, plus new features:

  • Async tokio runtime — modular architecture with per-query task spawning
  • Ad blocking — 385K+ domains via hagezi (gzip), allowlist UI, pause/unpause, domain check
  • Live dashboard — real-time stats, query log, blocking panel (sources + allowlist), service management
  • Local service proxy — HTTP reverse proxy on :80 for .numa domains (peekm.numa -> localhost:6419), WebSocket upgrade for HMR
  • Local TLS — auto-generated CA + per-service certs on :443 via rustls, numa install trusts CA in OS keychain
  • Service persistence — user-added services saved to /usr/local/var/numa/services.json
  • DNS query types — recognizes A, NS, CNAME, SOA, PTR, MX, TXT, AAAA, SRV, HTTPS
  • System DNS integration — auto-detect upstream, conditional forwarding (Tailscale/VPN), launchd/systemd services
  • Deploy workflowmake deploy handles build + copy + codesign + restart
  • Dashboard UX — panel subtitles, better placeholders, proxy route display, blocking sources + allowlist management
  • Demo recordingscripts/record-demo.sh for hero GIF with Chrome CDP automation

Test results

  • cargo build --release compiles clean
  • make lint passes (clippy + rustfmt)
  • make deploy restarts the service successfully
  • sudo numa install sets DNS + trusts CA in keychain
  • dig @127.0.0.1 google.com resolves — 140.82.121.4
  • dig @127.0.0.1 ads.google.com blocked — 0.0.0.0
  • Dashboard loads at http://numa.numa — HTTP 200
  • Dashboard loads at https://numa.numa — HTTP 200, TLS valid
  • https://peekm.numa proxied — HTTP 200
  • Blocking panel shows sources (hagezi, 383K domains), refresh timestamp
  • Services API returns numa + peekm with health status
  • Service persistence — peekm in /usr/local/var/numa/services.json
  • sudo numa uninstall restores DNS + removes CA from keychain (verified: SecKeychainSearchCopyNext: item not found)
  • sudo numa install re-installs cleanly after uninstall
  • Vite dev server HMR works through .numa proxy (WebSocket upgrade)
  • Pause/unpause blocking from dashboard

🤖 Generated with Claude Code

## Summary Major rewrite of Numa from blocking to async architecture, plus new features: - **Async tokio runtime** — modular architecture with per-query task spawning - **Ad blocking** — 385K+ domains via hagezi (gzip), allowlist UI, pause/unpause, domain check - **Live dashboard** — real-time stats, query log, blocking panel (sources + allowlist), service management - **Local service proxy** — HTTP reverse proxy on :80 for `.numa` domains (`peekm.numa` -> `localhost:6419`), WebSocket upgrade for HMR - **Local TLS** — auto-generated CA + per-service certs on :443 via rustls, `numa install` trusts CA in OS keychain - **Service persistence** — user-added services saved to `/usr/local/var/numa/services.json` - **DNS query types** — recognizes A, NS, CNAME, SOA, PTR, MX, TXT, AAAA, SRV, HTTPS - **System DNS integration** — auto-detect upstream, conditional forwarding (Tailscale/VPN), launchd/systemd services - **Deploy workflow** — `make deploy` handles build + copy + codesign + restart - **Dashboard UX** — panel subtitles, better placeholders, proxy route display, blocking sources + allowlist management - **Demo recording** — `scripts/record-demo.sh` for hero GIF with Chrome CDP automation ## Test results - [x] `cargo build --release` compiles clean - [x] `make lint` passes (clippy + rustfmt) - [x] `make deploy` restarts the service successfully - [x] `sudo numa install` sets DNS + trusts CA in keychain - [x] `dig @127.0.0.1 google.com` resolves — `140.82.121.4` - [x] `dig @127.0.0.1 ads.google.com` blocked — `0.0.0.0` - [x] Dashboard loads at `http://numa.numa` — HTTP 200 - [x] Dashboard loads at `https://numa.numa` — HTTP 200, TLS valid - [x] `https://peekm.numa` proxied — HTTP 200 - [x] Blocking panel shows sources (hagezi, 383K domains), refresh timestamp - [x] Services API returns numa + peekm with health status - [x] Service persistence — peekm in `/usr/local/var/numa/services.json` - [x] `sudo numa uninstall` restores DNS + removes CA from keychain (verified: `SecKeychainSearchCopyNext: item not found`) - [x] `sudo numa install` re-installs cleanly after uninstall - [ ] Vite dev server HMR works through `.numa` proxy (WebSocket upgrade) - [ ] Pause/unpause blocking from dashboard 🤖 Generated with [Claude Code](https://claude.com/claude-code)
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
Something isn't working
 dependencies
Pull requests that update a dependency file
 docker
Pull requests that update docker code
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 github_actions
Pull requests that update GitHub Actions code
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 rust
Pull requests that update rust code
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
dearsky
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: PullFromGitHub/numa#3
Delete Branch "refs/pull/3/head"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?