feat: resolve .numa services to LAN IP for remote clients (#23)

* feat: resolve .numa services to LAN IP for remote clients Remote DNS clients (e.g. phones on same WiFi) received 127.0.0.1 for local .numa services, which is unreachable from their perspective. Now returns the host's LAN IP when the query originates from a non-loopback address. Also auto-widens proxy bind to 0.0.0.0 when DNS is already public, and adds a startup warning when the proxy remains localhost-only. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: respect proxy bind_addr config, don't auto-widen The auto-widen silently overrode an explicit config value — the user's config should be the source of truth. Now the proxy always uses the configured bind_addr, and the warning fires whenever it's 127.0.0.1. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * docs: update proxy bind_addr comment in example config Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 23:15:42 +03:00
parent 49535568d9
commit ff1200eb10
3 changed files with 24 additions and 14 deletions
--- a/src/main.rs
+++ b/src/main.rs
@@ -208,7 +208,6 @@ async fn main() -> numa::Result<()> {
    });

    let zone_count: usize = ctx.zone_map.values().map(|m| m.len()).sum();
-
    // Build banner rows, then size the box to fit the longest value
    let api_url = format!("http://localhost:{}", api_port);
    let proxy_label = if config.proxy.enabled {
@@ -308,6 +307,17 @@ async fn main() -> numa::Result<()> {
    );
    if let Some(ref label) = proxy_label {
        row("Proxy", g, label);
+        if config.proxy.bind_addr == "127.0.0.1" {
+            let y = "\x1b[38;2;204;176;59m"; // yellow
+            row(
+                "",
+                y,
+                &format!(
+                    "⚠ proxy on 127.0.0.1 — .{} not LAN reachable",
+                    config.proxy.tld
+                ),
+            );
+        }
    }
    if config.lan.enabled {
        row("LAN", g, "mDNS (_numa._tcp.local)");
@@ -375,16 +385,11 @@ async fn main() -> numa::Result<()> {
        axum::serve(listener, app).await.unwrap();
    });

-    // Proxy binds 0.0.0.0 when LAN is enabled (cross-machine access), otherwise config value
-    let proxy_bind: std::net::Ipv4Addr = if config.lan.enabled {
-        std::net::Ipv4Addr::UNSPECIFIED
-    } else {
-        config
-            .proxy
-            .bind_addr
-            .parse()
-            .unwrap_or(std::net::Ipv4Addr::LOCALHOST)
-    };
+    let proxy_bind: std::net::Ipv4Addr = config
+        .proxy
+        .bind_addr
+        .parse()
+        .unwrap_or(std::net::Ipv4Addr::LOCALHOST);

    // Spawn HTTP reverse proxy for .numa domains
    if config.proxy.enabled {