feat: switch to a central singleton handler

This also adds support for Headscale TLS installations

app/entry.server.tsx

@@ -3,9 +3,7 @@ import { createReadableStreamFromReadable } from '@react-router/node';
 import { isbot } from 'isbot';
 import type { RenderToPipeableStreamOptions } from 'react-dom/server';
 import { renderToPipeableStream } from 'react-dom/server';
-import { EntryContext, ServerRouter } from 'react-router';
+import { AppLoadContext, EntryContext, ServerRouter } from 'react-router';
-import { hp_loadLogger } from '~/utils/log';
-import type { AppContext } from '~server/context/app';
 
 export const streamTimeout = 5_000;
 export default function handleRequest(
@@ -13,14 +11,9 @@ export default function handleRequest(
 	responseStatusCode: number,
 	responseHeaders: Headers,
 	routerContext: EntryContext,
-	loadContext: AppContext,
+	loadContext: AppLoadContext,
 ) {
-	const { context } = loadContext;
 	return new Promise((resolve, reject) => {
-		// This is a promise but we don't need to wait for it to finish
-		// before we start rendering the shell since it only loads once.
-		hp_loadLogger(context.debug);
-
 		let shellRendered = false;
 		const userAgent = request.headers.get('user-agent');
 

app/layouts/dashboard.tsx

@@ -3,9 +3,9 @@ import { type LoaderFunctionArgs, redirect } from 'react-router';
 import { Outlet, useLoaderData } from 'react-router';
 import cn from '~/utils/cn';
 import { HeadscaleError, healthcheck, pull } from '~/utils/headscale';
-import log from '~/utils/log';
 import { destroySession, getSession } from '~/utils/sessions.server';
 import { useLiveData } from '~/utils/useLiveData';
+import log from '~server/utils/log';
 
 export async function loader({ request }: LoaderFunctionArgs) {
 	let healthy = false;

app/layouts/shell.tsx

@@ -7,33 +7,26 @@ import {
 import Footer from '~/components/Footer';
 import Header from '~/components/Header';
 import { hs_getConfig } from '~/utils/config/loader';
-import { noContext } from '~/utils/log';
 import { getSession } from '~/utils/sessions.server';
 import type { AppContext } from '~server/context/app';
+import { hp_getConfig } from '~server/context/global';
 
 // This loads the bare minimum for the application to function
 // So we know that if context fails to load then well, oops?
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs) {
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
 	if (!session.has('hsApiKey')) {
 		return redirect('/login');
 	}
 
-	if (!context) {
+	const context = hp_getConfig();
-		throw noContext();
-	}
-
-	const ctx = context.context;
 	const { mode, config } = hs_getConfig();
 
 	return {
 		config,
-		url: ctx.headscale.public_url ?? ctx.headscale.url,
+		url: context.headscale.public_url ?? context.headscale.url,
 		configAvailable: mode !== 'no',
-		debug: ctx.debug,
+		debug: context.debug,
 		user: session.get('user'),
 	};
 }

app/routes/acls/editor.tsx

@@ -9,11 +9,11 @@ import Spinner from '~/components/Spinner';
 import Tabs from '~/components/Tabs';
 import { hs_getConfig } from '~/utils/config/loader';
 import { HeadscaleError, pull, put } from '~/utils/headscale';
-import log from '~/utils/log';
 import { send } from '~/utils/res';
 import { getSession } from '~/utils/sessions.server';
 import toast from '~/utils/toast';
 import type { AppContext } from '~server/context/app';
+import log from '~server/utils/log';
 import { Differ, Editor } from './components/cm.client';
 import { ErrorView } from './components/error';
 import { Unavailable } from './components/unavailable';

app/routes/api/agent.ts

@@ -1,11 +1,10 @@
 import { LoaderFunctionArgs } from 'react-router';
-import type { AppContext } from '~server/context/app';
+import { hp_getSingleton, hp_getSingletonUnsafe } from '~server/context/global';
 
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs) {
-	request,
+	const data = hp_getSingletonUnsafe('ws_agent_data');
-	context,
+
-}: LoaderFunctionArgs<AppContext>) {
+	if (!data) {
-	if (!context?.agentData) {
 		return new Response(JSON.stringify({ error: 'Agent data unavailable' }), {
 			status: 400,
 			headers: {
@@ -25,13 +24,14 @@ export async function loader({
 		});
 	}
 
-	const entries = context.agentData.toJSON();
+	const entries = data.toJSON();
 	const missing = nodeIds.filter((nodeID) => !entries[nodeID]);
 	if (missing.length > 0) {
-		await context.hp_agentRequest(missing);
+		const requestCall = hp_getSingleton('ws_fetch_data');
+		requestCall(missing);
 	}
 
-	return new Response(JSON.stringify(context.agentData), {
+	return new Response(JSON.stringify(data), {
 		headers: {
 			'Content-Type': 'application/json',
 		},

app/routes/auth/login.tsx

@@ -10,15 +10,10 @@ import Code from '~/components/Code';
 import Input from '~/components/Input';
 import type { Key } from '~/types';
 import { pull } from '~/utils/headscale';
-import { noContext } from '~/utils/log';
-import { oidcEnabled } from '~/utils/oidc';
 import { commitSession, getSession } from '~/utils/sessions.server';
-import type { AppContext } from '~server/context/app';
+import { hp_getConfig, hp_getSingleton } from '~server/context/global';
 
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs) {
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
 	if (session.has('hsApiKey')) {
 		return redirect('/machines', {
@@ -28,37 +23,34 @@ export async function loader({
 		});
 	}
 
-	if (!context) {
+	const context = hp_getConfig();
-		throw noContext();
+	const disableApiKeyLogin = context.oidc?.disable_api_key_login;
-	}
+	let oidc = false;
 
-	// Only set if OIDC is properly enabled anyways
+	try {
-	const ctx = context.context;
+		// Only set if OIDC is properly enabled anyways
-	if (oidcEnabled() && ctx.oidc?.disable_api_key_login) {
+		hp_getSingleton('oidc_client');
-		return redirect('/oidc/start');
+		oidc = true;
-	}
+
+		if (disableApiKeyLogin) {
+			return redirect('/oidc/start');
+		}
+	} catch {}
 
 	return {
-		oidc: oidcEnabled(),
+		oidc,
-		apiKey: !ctx.oidc?.disable_api_key_login,
+		apiKey: !disableApiKeyLogin,
 	};
 }
 
-export async function action({
+export async function action({ request }: ActionFunctionArgs) {
-	request,
-	context,
-}: ActionFunctionArgs<AppContext>) {
 	const formData = await request.formData();
 	const oidcStart = formData.get('oidc-start');
 	const session = await getSession(request.headers.get('Cookie'));
 
 	if (oidcStart) {
-		if (!context) {
+		const context = hp_getConfig();
-			throw noContext();
+		if (!context.oidc) {
-		}
-
-		const ctx = context.context;
-		if (!ctx.oidc) {
 			throw new Error('An invalid OIDC configuration was provided');
 		}
 

app/routes/auth/oidc-callback.ts

@@ -1,14 +1,21 @@
 import { type LoaderFunctionArgs, redirect } from 'react-router';
-import { noContext } from '~/utils/log';
 import { finishAuthFlow, formatError } from '~/utils/oidc';
 import { send } from '~/utils/res';
 import { commitSession, getSession } from '~/utils/sessions.server';
-import type { AppContext } from '~server/context/app';
+import { hp_getConfig, hp_getSingleton } from '~server/context/global';
+
+export async function loader({ request }: LoaderFunctionArgs) {
+	const { oidc } = hp_getConfig();
+	try {
+		if (!oidc) {
+			throw new Error('OIDC is not enabled');
+		}
+
+		hp_getSingleton('oidc_client');
+	} catch {
+		return send({ error: 'OIDC is not enabled' }, { status: 400 });
+	}
 
-export async function loader({
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	// Check if we have 0 query parameters
 	const url = new URL(request.url);
 	if (url.searchParams.toString().length === 0) {
@@ -20,15 +27,6 @@ export async function loader({
 		return redirect('/machines');
 	}
 
-	if (!context) {
-		throw noContext();
-	}
-
-	const { oidc } = context.context;
-	if (!oidc) {
-		throw new Error('An invalid OIDC configuration was provided');
-	}
-
 	const codeVerifier = session.get('oidc_code_verif');
 	const state = session.get('oidc_state');
 	const nonce = session.get('oidc_nonce');

app/routes/auth/oidc-start.ts

@@ -1,25 +1,24 @@
 import { type LoaderFunctionArgs, redirect } from 'react-router';
-import { noContext } from '~/utils/log';
 import { beginAuthFlow, getRedirectUri } from '~/utils/oidc';
+import { send } from '~/utils/res';
 import { commitSession, getSession } from '~/utils/sessions.server';
-import type { AppContext } from '~server/context/app';
+import { hp_getConfig, hp_getSingleton } from '~server/context/global';
 
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs) {
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
 	if (session.has('hsApiKey')) {
 		return redirect('/machines');
 	}
 
-	if (!context) {
+	const { oidc } = hp_getConfig();
-		throw noContext();
+	try {
-	}
+		if (!oidc) {
+			throw new Error('OIDC is not enabled');
+		}
 
-	const { oidc } = context.context;
+		hp_getSingleton('oidc_client');
-	if (!oidc) {
+	} catch {
-		throw new Error('An invalid OIDC configuration was provided');
+		return send({ error: 'OIDC is not enabled' }, { status: 400 });
 	}
 
 	const redirectUri = oidc.redirect_uri ?? getRedirectUri(request);

app/routes/machines/action.tsx

@@ -1,8 +1,8 @@
 import type { ActionFunctionArgs } from 'react-router';
 import { del, post } from '~/utils/headscale';
-import log from '~/utils/log';
 import { send } from '~/utils/res';
 import { getSession } from '~/utils/sessions.server';
+import log from '~server/utils/log';
 
 export async function menuAction(request: ActionFunctionArgs['request']) {
 	const session = await getSession(request.headers.get('Cookie'));

app/routes/machines/machine.tsx

@@ -14,16 +14,12 @@ import cn from '~/utils/cn';
 import { hs_getConfig } from '~/utils/config/loader';
 import { pull } from '~/utils/headscale';
 import { getSession } from '~/utils/sessions.server';
-import type { AppContext } from '~server/context/app';
+import { hp_getSingleton } from '~server/context/global';
 import { menuAction } from './action';
 import MenuOptions from './components/menu';
 import Routes from './dialogs/routes';
 
-export async function loader({
+export async function loader({ request, params }: LoaderFunctionArgs) {
-	request,
-	params,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
 	if (!params.id) {
 		throw new Error('No machine ID provided');
@@ -49,7 +45,7 @@ export async function loader({
 		routes: routes.routes.filter((route) => route.node.id === params.id),
 		users: users.users,
 		magic,
-		agent: context?.agents.includes(machine.node.id),
+		agent: [...hp_getSingleton('ws_agents').keys()].includes(machine.node.id),
 	};
 }
 
@@ -61,7 +57,6 @@ export default function Page() {
 	const { machine, magic, routes, users, agent } =
 		useLoaderData<typeof loader>();
 	const [showRouting, setShowRouting] = useState(false);
-	console.log(machine.expiry);
 
 	const expired =
 		machine.expiry === '0001-01-01 00:00:00' ||

app/routes/machines/overview.tsx

@@ -12,17 +12,13 @@ import { getSession } from '~/utils/sessions.server';
 
 import Tooltip from '~/components/Tooltip';
 import { hs_getConfig } from '~/utils/config/loader';
-import { noContext } from '~/utils/log';
 import useAgent from '~/utils/useAgent';
-import { AppContext } from '~server/context/app';
+import { hp_getConfig, hp_getSingleton } from '~server/context/global';
 import { menuAction } from './action';
 import MachineRow from './components/machine';
 import NewMachine from './dialogs/new';
 
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs) {
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
 	const [machines, routes, users] = await Promise.all([
 		pull<{ nodes: Machine[] }>('v1/node', session.get('hsApiKey')!),
@@ -30,11 +26,7 @@ export async function loader({
 		pull<{ users: User[] }>('v1/user', session.get('hsApiKey')!),
 	]);
 
-	if (!context) {
+	const context = hp_getConfig();
-		throw noContext();
-	}
-
-	const ctx = context.context;
 	const { mode, config } = hs_getConfig();
 	let magic: string | undefined;
 
@@ -49,9 +41,9 @@ export async function loader({
 		routes: routes.routes,
 		users: users.users,
 		magic,
-		server: ctx.headscale.url,
+		server: context.headscale.url,
-		publicServer: ctx.headscale.public_url,
+		publicServer: context.headscale.public_url,
-		agents: context.agents,
+		agents: [...hp_getSingleton('ws_agents').keys()],
 	};
 }
 

app/routes/settings/auth-keys.tsx

@@ -7,13 +7,39 @@ import Select from '~/components/Select';
 import TableList from '~/components/TableList';
 import type { PreAuthKey, User } from '~/types';
 import { post, pull } from '~/utils/headscale';
-import { noContext } from '~/utils/log';
 import { send } from '~/utils/res';
 import { getSession } from '~/utils/sessions.server';
-import type { AppContext } from '~server/context/app';
+import { hp_getConfig } from '~server/context/global';
 import AuthKeyRow from './components/key';
 import AddPreAuthKey from './dialogs/new';
 
+export async function loader({ request }: LoaderFunctionArgs) {
+	const session = await getSession(request.headers.get('Cookie'));
+	const users = await pull<{ users: User[] }>(
+		'v1/user',
+		session.get('hsApiKey')!,
+	);
+
+	const context = hp_getConfig();
+	const preAuthKeys = await Promise.all(
+		users.users.map((user) => {
+			const qp = new URLSearchParams();
+			qp.set('user', user.name);
+
+			return pull<{ preAuthKeys: PreAuthKey[] }>(
+				`v1/preauthkey?${qp.toString()}`,
+				session.get('hsApiKey')!,
+			);
+		}),
+	);
+
+	return {
+		keys: preAuthKeys.flatMap((keys) => keys.preAuthKeys),
+		users: users.users,
+		server: context.headscale.public_url ?? context.headscale.url,
+	};
+}
+
 export async function action({ request }: ActionFunctionArgs) {
 	const session = await getSession(request.headers.get('Cookie'));
 	if (!session.has('hsApiKey')) {
@@ -91,40 +117,6 @@ export async function action({ request }: ActionFunctionArgs) {
 	}
 }
 
-export async function loader({
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
-	const session = await getSession(request.headers.get('Cookie'));
-	const users = await pull<{ users: User[] }>(
-		'v1/user',
-		session.get('hsApiKey')!,
-	);
-
-	if (!context) {
-		throw noContext();
-	}
-
-	const ctx = context.context;
-	const preAuthKeys = await Promise.all(
-		users.users.map((user) => {
-			const qp = new URLSearchParams();
-			qp.set('user', user.name);
-
-			return pull<{ preAuthKeys: PreAuthKey[] }>(
-				`v1/preauthkey?${qp.toString()}`,
-				session.get('hsApiKey')!,
-			);
-		}),
-	);
-
-	return {
-		keys: preAuthKeys.flatMap((keys) => keys.preAuthKeys),
-		users: users.users,
-		server: ctx.headscale.public_url ?? ctx.headscale.url,
-	};
-}
-
 export default function Page() {
 	const { keys, users, server } = useLoaderData<typeof loader>();
 	const [user, setUser] = useState('__headplane_all');

app/routes/users/components/manage-banner.tsx

@@ -1,11 +1,11 @@
 import { Building2, House, Key } from 'lucide-react';
 import Card from '~/components/Card';
 import Link from '~/components/Link';
-import type { AppContext } from '~server/context/app';
+import type { HeadplaneConfig } from '~server/context/parser';
 import CreateUser from '../dialogs/create-user';
 
 interface Props {
-	oidc?: NonNullable<AppContext['context']['oidc']>;
+	oidc?: NonNullable<HeadplaneConfig['oidc']>;
 }
 
 export default function ManageBanner({ oidc }: Props) {

app/routes/users/overview.tsx

@@ -15,22 +15,15 @@ import { pull } from '~/utils/headscale';
 import { getSession } from '~/utils/sessions.server';
 
 import { hs_getConfig } from '~/utils/config/loader';
-import { noContext } from '~/utils/log';
 import type { AppContext } from '~server/context/app';
+import { hp_getConfig } from '~server/context/global';
 import ManageBanner from './components/manage-banner';
 import DeleteUser from './dialogs/delete-user';
 import RenameUser from './dialogs/rename-user';
 import { userAction } from './user-actions';
 
-export async function loader({
+export async function loader({ request }: LoaderFunctionArgs<AppContext>) {
-	request,
-	context,
-}: LoaderFunctionArgs<AppContext>) {
 	const session = await getSession(request.headers.get('Cookie'));
-	if (!context) {
-		throw noContext();
-	}
-
 	const [machines, apiUsers] = await Promise.all([
 		pull<{ nodes: Machine[] }>('v1/node', session.get('hsApiKey')!),
 		pull<{ users: User[] }>('v1/user', session.get('hsApiKey')!),
@@ -41,7 +34,7 @@ export async function loader({
 		machines: machines.nodes.filter((machine) => machine.user.id === user.id),
 	}));
 
-	const ctx = context.context;
+	const { oidc } = hp_getConfig();
 	const { mode, config } = hs_getConfig();
 	let magic: string | undefined;
 
@@ -52,7 +45,7 @@ export async function loader({
 	}
 
 	return {
-		oidc: ctx.oidc,
+		oidc,
 		magic,
 		users,
 	};

app/routes/util/healthz.ts

@@ -1,5 +1,5 @@
 import { healthcheck } from '~/utils/headscale';
-import log from '~/utils/log';
+import log from '~server/utils/log';
 
 export async function loader() {
 	let healthy = false;

app/utils/config/loader.ts

@@ -1,8 +1,9 @@
 import { constants, access, readFile, writeFile } from 'node:fs/promises';
 import { Document, parseDocument } from 'yaml';
 import { hp_getIntegration } from '~/utils/integration/loader';
-import log from '~/utils/log';
 import mutex from '~/utils/mutex';
+import { hp_getConfig } from '~server/context/global';
+import log from '~server/utils/log';
 import { HeadscaleConfig, validateConfig } from './parser';
 
 let runtimeYaml: Document | undefined = undefined;
@@ -181,8 +182,9 @@ export async function hs_patchConfig(patches: PatchConfig[]) {
 	}
 
 	// Revalidate the configuration
+	const context = hp_getConfig();
 	const newRawConfig = runtimeYaml.toJSON() as unknown;
-	runtimeConfig = __hs_context.config_strict
+	runtimeConfig = context.headscale.config_strict
 		? validateConfig(newRawConfig, true)
 		: (newRawConfig as HeadscaleConfig);
 
@@ -196,5 +198,7 @@ export async function hs_patchConfig(patches: PatchConfig[]) {
 }
 
 // IMPORTANT THIS IS A SIDE EFFECT ON INIT
-hs_loadConfig(__hs_context.config_path, __hs_context.config_strict);
+// TODO: Replace this into the new singleton system
+const context = hp_getConfig();
+hs_loadConfig(context.headscale.config_path, context.headscale.config_strict);
 hp_getIntegration();

app/utils/config/parser.ts

@@ -1,5 +1,5 @@
 import { type } from 'arktype';
-import log from '~/utils/log';
+import log from '~server/utils/log';
 
 const goBool = type('boolean | "true" | "false"').pipe((v) => {
 	if (v === 'true') return true;

app/utils/headscale.ts

@@ -1,4 +1,6 @@
-import log, { noContext } from '~/utils/log';
+import { request } from 'undici';
+import { hp_getConfig, hp_getSingleton } from '~server/context/global';
+import log from '~server/utils/log';
 
 export class HeadscaleError extends Error {
 	status: number;
@@ -19,24 +21,18 @@ export class FatalError extends Error {
 	}
 }
 
-interface HeadscaleContext {
-	url: string;
-}
-
-declare const global: typeof globalThis & { __hs_context: HeadscaleContext };
 export async function healthcheck() {
-	const prefix = __hs_context.url;
 	log.debug('APIC', 'GET /health');
-
+	const health = new URL('health', hp_getConfig().headscale.url);
-	const health = new URL('health', prefix);
+	const response = await request(health.toString(), {
-	const response = await fetch(health.toString(), {
+		dispatcher: hp_getSingleton('api_agent'),
 		headers: {
 			Accept: 'application/json',
 		},
 	});
 
 	// Intentionally not catching
-	return response.status === 200;
+	return response.statusCode === 200;
 }
 
 export async function pull<T>(url: string, key: string) {
@@ -44,26 +40,26 @@ export async function pull<T>(url: string, key: string) {
 		throw new Error('Missing API key, could this be a cookie setting issue?');
 	}
 
-	const prefix = __hs_context.url;
+	const prefix = hp_getConfig().headscale.url;
-
 	log.debug('APIC', 'GET %s', `${prefix}/api/${url}`);
-	const response = await fetch(`${prefix}/api/${url}`, {
+	const response = await request(`${prefix}/api/${url}`, {
+		dispatcher: hp_getSingleton('api_agent'),
 		headers: {
 			Authorization: `Bearer ${key}`,
 		},
 	});
 
-	if (!response.ok) {
+	if (response.statusCode >= 400) {
 		log.debug(
 			'APIC',
 			'GET %s failed with status %d',
 			`${prefix}/api/${url}`,
-			response.status,
+			response.statusCode,
 		);
-		throw new HeadscaleError(await response.text(), response.status);
+		throw new HeadscaleError(await response.body.text(), response.statusCode);
 	}
 
-	return response.json() as Promise<T>;
+	return response.body.json() as Promise<T>;
 }
 
 export async function post<T>(url: string, key: string, body?: unknown) {
@@ -71,10 +67,10 @@ export async function post<T>(url: string, key: string, body?: unknown) {
 		throw new Error('Missing API key, could this be a cookie setting issue?');
 	}
 
-	const prefix = __hs_context.url;
+	const prefix = hp_getConfig().headscale.url;
-
 	log.debug('APIC', 'POST %s', `${prefix}/api/${url}`);
-	const response = await fetch(`${prefix}/api/${url}`, {
+	const response = await request(`${prefix}/api/${url}`, {
+		dispatcher: hp_getSingleton('api_agent'),
 		method: 'POST',
 		body: body ? JSON.stringify(body) : undefined,
 		headers: {
@@ -82,17 +78,17 @@ export async function post<T>(url: string, key: string, body?: unknown) {
 		},
 	});
 
-	if (!response.ok) {
+	if (response.statusCode >= 400) {
 		log.debug(
 			'APIC',
 			'POST %s failed with status %d',
 			`${prefix}/api/${url}`,
-			response.status,
+			response.statusCode,
 		);
-		throw new HeadscaleError(await response.text(), response.status);
+		throw new HeadscaleError(await response.body.text(), response.statusCode);
 	}
 
-	return response.json() as Promise<T>;
+	return response.body.json() as Promise<T>;
 }
 
 export async function put<T>(url: string, key: string, body?: unknown) {
@@ -100,10 +96,10 @@ export async function put<T>(url: string, key: string, body?: unknown) {
 		throw new Error('Missing API key, could this be a cookie setting issue?');
 	}
 
-	const prefix = __hs_context.url;
+	const prefix = hp_getConfig().headscale.url;
-
 	log.debug('APIC', 'PUT %s', `${prefix}/api/${url}`);
-	const response = await fetch(`${prefix}/api/${url}`, {
+	const response = await request(`${prefix}/api/${url}`, {
+		dispatcher: hp_getSingleton('api_agent'),
 		method: 'PUT',
 		body: body ? JSON.stringify(body) : undefined,
 		headers: {
@@ -111,17 +107,17 @@ export async function put<T>(url: string, key: string, body?: unknown) {
 		},
 	});
 
-	if (!response.ok) {
+	if (response.statusCode >= 400) {
 		log.debug(
 			'APIC',
 			'PUT %s failed with status %d',
 			`${prefix}/api/${url}`,
-			response.status,
+			response.statusCode,
 		);
-		throw new HeadscaleError(await response.text(), response.status);
+		throw new HeadscaleError(await response.body.text(), response.statusCode);
 	}
 
-	return response.json() as Promise<T>;
+	return response.body.json() as Promise<T>;
 }
 
 export async function del<T>(url: string, key: string) {
@@ -129,25 +125,25 @@ export async function del<T>(url: string, key: string) {
 		throw new Error('Missing API key, could this be a cookie setting issue?');
 	}
 
-	const prefix = __hs_context.url;
+	const prefix = hp_getConfig().headscale.url;
-
 	log.debug('APIC', 'DELETE %s', `${prefix}/api/${url}`);
-	const response = await fetch(`${prefix}/api/${url}`, {
+	const response = await request(`${prefix}/api/${url}`, {
+		dispatcher: hp_getSingleton('api_agent'),
 		method: 'DELETE',
 		headers: {
 			Authorization: `Bearer ${key}`,
 		},
 	});
 
-	if (!response.ok) {
+	if (response.statusCode >= 400) {
 		log.debug(
 			'APIC',
 			'DELETE %s failed with status %d',
 			`${prefix}/api/${url}`,
-			response.status,
+			response.statusCode,
 		);
-		throw new HeadscaleError(await response.text(), response.status);
+		throw new HeadscaleError(await response.body.text(), response.statusCode);
 	}
 
-	return response.json() as Promise<T>;
+	return response.body.json() as Promise<T>;
 }

app/utils/integration/docker.ts

@@ -2,8 +2,8 @@ import { constants, access } from 'node:fs/promises';
 import { setTimeout } from 'node:timers/promises';
 import { Client } from 'undici';
 import { HeadscaleError, healthcheck, pull } from '~/utils/headscale';
-import log from '~/utils/log';
 import { HeadplaneConfig } from '~server/context/parser';
+import log from '~server/utils/log';
 import { Integration } from './abstract';
 
 type T = NonNullable<HeadplaneConfig['integration']>['docker'];

app/utils/integration/kubernetes.ts

@@ -5,8 +5,8 @@ import { kill } from 'node:process';
 import { setTimeout } from 'node:timers/promises';
 import { Config, CoreV1Api, KubeConfig } from '@kubernetes/client-node';
 import { HeadscaleError, healthcheck } from '~/utils/headscale';
-import log from '~/utils/log';
 import { HeadplaneConfig } from '~server/context/parser';
+import log from '~server/utils/log';
 import { Integration } from './abstract';
 
 // TODO: Upgrade to the new CoreV1Api from @kubernetes/client-node

app/utils/integration/loader.ts

@@ -1,5 +1,6 @@
-import log from '~/utils/log';
+import { hp_getConfig } from '~server/context/global';
 import { HeadplaneConfig } from '~server/context/parser';
+import log from '~server/utils/log';
 import { Integration } from './abstract';
 import dockerIntegration from './docker';
 import kubernetesIntegration from './kubernetes';
@@ -66,4 +67,6 @@ function getIntegration(integration: HeadplaneConfig['integration']) {
 }
 
 // IMPORTANT THIS IS A SIDE EFFECT ON INIT
-hp_loadIntegration(__integration_context);
+// TODO: Switch this to the new singleton system
+const context = hp_getConfig();
+hp_loadIntegration(context.integration);

app/utils/integration/proc.ts

@@ -4,8 +4,8 @@ import { join, resolve } from 'node:path';
 import { kill } from 'node:process';
 import { setTimeout } from 'node:timers/promises';
 import { HeadscaleError, healthcheck } from '~/utils/headscale';
-import log from '~/utils/log';
 import { HeadplaneConfig } from '~server/context/parser';
+import log from '~server/utils/log';
 import { Integration } from './abstract';
 
 type T = NonNullable<HeadplaneConfig['integration']>['proc'];

app/utils/log.ts

@@ -1,42 +0,0 @@
-export function hp_loadLogger(debug: boolean) {
-	if (debug) {
-		log.debug = (category: string, message: string, ...args: unknown[]) => {
-			defaultLog('DEBG', category, message, ...args);
-		};
-	}
-}
-
-const log = {
-	info: (category: string, message: string, ...args: unknown[]) => {
-		defaultLog('INFO', category, message, ...args);
-	},
-
-	warn: (category: string, message: string, ...args: unknown[]) => {
-		defaultLog('WARN', category, message, ...args);
-	},
-
-	error: (category: string, message: string, ...args: unknown[]) => {
-		defaultLog('ERRO', category, message, ...args);
-	},
-
-	// Default to a no-op until the logger is initialized
-	debug: (category: string, message: string, ...args: unknown[]) => {},
-};
-
-function defaultLog(
-	level: string,
-	category: string,
-	message: string,
-	...args: unknown[]
-) {
-	const date = new Date().toISOString();
-	console.log(`${date} (${level}) [${category}] ${message}`, ...args);
-}
-
-export function noContext() {
-	return new Error(
-		'Context is not loaded. This is most likely a configuration error with your reverse proxy.',
-	);
-}
-
-export default log;

app/utils/oidc.ts

@@ -1,9 +1,10 @@
 import { readFile } from 'node:fs/promises';
 import * as client from 'openid-client';
-import type { AppContext } from '~server/context/app';
+import { hp_getSingleton, hp_setSingleton } from '~server/context/global';
+import { HeadplaneConfig } from '~server/context/parser';
 import log from '~server/utils/log';
 
-type OidcConfig = NonNullable<AppContext['context']['oidc']>;
+type OidcConfig = NonNullable<HeadplaneConfig['oidc']>;
 declare global {
 	const __PREFIX__: string;
 }
@@ -103,13 +104,7 @@ function clientAuthMethod(
 }
 
 export async function beginAuthFlow(oidc: OidcConfig, redirect_uri: string) {
-	const config = await client.discovery(
+	const config = hp_getSingleton('oidc_client');
-		new URL(oidc.issuer),
-		oidc.client_id,
-		oidc.client_secret,
-		clientAuthMethod(oidc.token_endpoint_auth_method)(__oidc_context.secret),
-	);
-
 	const codeVerifier = client.randomPKCECodeVerifier();
 	const codeChallenge = await client.calculatePKCECodeChallenge(codeVerifier);
 
@@ -145,16 +140,7 @@ interface FlowOptions {
 }
 
 export async function finishAuthFlow(oidc: OidcConfig, options: FlowOptions) {
-	const config = await client.discovery(
+	const config = hp_getSingleton('oidc_client');
-		new URL(oidc.issuer),
-		oidc.client_id,
-		oidc.client_secret,
-		clientAuthMethod(oidc.token_endpoint_auth_method)(__oidc_context.secret),
-	);
-
-	let subject: string;
-	let accessToken: string;
-
 	const tokens = await client.authorizationCodeGrant(
 		config,
 		new URL(options.redirect_uri),
@@ -255,10 +241,6 @@ export function formatError(error: unknown) {
 	};
 }
 
-export function oidcEnabled() {
-	return __oidc_context.valid;
-}
-
 export async function testOidc(oidc: OidcConfig) {
 	await resolveClientSecret(oidc);
 	if (!oidcSecret) {
@@ -312,5 +294,6 @@ export async function testOidc(oidc: OidcConfig) {
 	}
 
 	log.debug('OIDC', 'OIDC configuration is valid');
+	hp_setSingleton('oidc_client', config);
 	return true;
 }

app/utils/sessions.server.ts

@@ -1,4 +1,5 @@
 import { Session, createCookieSessionStorage } from 'react-router';
+import { hp_getConfig } from '~server/context/global';
 
 export type SessionData = {
 	hsApiKey: string;
@@ -21,6 +22,8 @@ type SessionFlashData = {
 };
 
 // TODO: Domain config in cookies
+// TODO: Move this to the singleton system
+const context = hp_getConfig();
 const sessionStorage = createCookieSessionStorage<
 	SessionData,
 	SessionFlashData
@@ -31,8 +34,8 @@ const sessionStorage = createCookieSessionStorage<
 		maxAge: 60 * 60 * 24, // 24 hours
 		path: '/',
 		sameSite: 'lax',
-		secrets: [__cookie_context.cookie_secret],
+		secrets: [context.server.cookie_secret],
-		secure: __cookie_context.cookie_secure,
+		secure: context.server.cookie_secure,
 	},
 });
 

app/utils/ws-agent.ts

@@ -4,7 +4,7 @@ import { setTimeout as pSetTimeout } from 'node:timers/promises';
 import type { LoaderFunctionArgs } from 'react-router';
 import { WebSocket } from 'ws';
 import type { HostInfo } from '~/types';
-import log from './log';
+import log from '~server/utils/log';
 
 // Essentially a HashMap which invalidates entries after a certain time.
 // It also is capable of syncing as a compressed file to disk.
@@ -99,7 +99,6 @@ export function initAgentSocket(context: LoaderFunctionArgs['context']) {
 // If we aren't connected to an agent, then debug log and return the cache
 export async function queryAgent(nodes: string[]) {
 	return;
-	// biome-ignore lint: bruh
 	if (!cache) {
 		log.error('CACH', 'Cache not initialized');
 		return;

config.example.yaml

@@ -17,8 +17,16 @@ server:
 headscale:
     # The URL to your Headscale instance
     # (All API requests are routed through this URL)
+    # (THIS IS NOT the gRPC endpoint, but the HTTP endpoint)
+    #
+    # IMPORTANT: If you are using TLS this MUST be set to `https://`
     url: "http://headscale:5000"
 
+    # If you use the TLS configuration in Headscale, and you are not using
+    # Let's Encrypt for your certificate, pass in the path to the certificate.
+    # (This has no effect `url` does not start with `https://`)
+    # tls_cert_path: "/var/lib/headplane/tls.crt"
+
     # Optional, public URL if they differ
     # This affects certain parts of the web UI
     # public_url: "https://headscale.example.com"

server/context/app.ts

@@ -1,22 +1,11 @@
-import type { HostInfo } from '~/types';
+import { hp_agentRequest } from '~server/ws/data';
-import { TimedCache } from '~server/ws/cache';
-import { hp_agentRequest, hp_getAgentCache } from '~server/ws/data';
-import { hp_getAgents } from '~server/ws/socket';
-import { hp_getConfig } from './loader';
-import type { HeadplaneConfig } from './parser';
 
 export interface AppContext {
-	context: HeadplaneConfig;
 	hp_agentRequest: typeof hp_agentRequest;
-	agents: string[];
-	agentData?: TimedCache<HostInfo>;
 }
 
 export default function appContext(): AppContext {
 	return {
-		context: hp_getConfig(),
 		hp_agentRequest,
-		agents: [...hp_getAgents().keys()],
-		agentData: hp_getAgentCache(),
 	};
 }

server/context/global.ts

@@ -0,0 +1,85 @@
+import type { Configuration } from 'openid-client';
+import type { Agent } from 'undici';
+import type { WebSocket } from 'ws';
+import type { HostInfo } from '~/types';
+import type { HeadplaneConfig } from '~server/context/parser';
+import type { Logger } from '~server/utils/log';
+import type { TimedCache } from '~server/ws/cache';
+
+// This is a stupid workaround for how the Remix import context works
+// Even though they run in the same Node instance, they have different
+// contexts which means importing this in the app code will not work
+// because it will be a different instance of the module.
+//
+// Instead we can rely on globalThis to share the module between the
+// different contexts and use some helper functions to make it easier.
+// As a part of this global module, we also define all our singletons
+// here in order to avoid polluting the global scope and instead just using
+// the `__headplane_server_context` object.
+
+interface ServerContext {
+	config: HeadplaneConfig;
+	singletons: ServerSingletons;
+}
+
+interface ServerSingletons {
+	api_agent: Agent;
+	logger: Logger;
+	oidc_client: Configuration;
+	ws_agents: Map<string, WebSocket>;
+	ws_agent_data: TimedCache<HostInfo>;
+	ws_fetch_data: (nodeList: string[]) => Promise<void>;
+}
+
+// These declarations are separate to prevent the Remix context
+// from modifying the globalThis object and causing issues with
+// the server context.
+declare namespace globalThis {
+	let __headplane_server_context: {
+		[K in keyof ServerContext]: ServerContext[K] | null | object;
+	};
+}
+
+// We need to check if the context is already initialized and set a default
+// value. This is fine as a side-effect since it's just setting up a framework
+// for the object to get modified later.
+if (!globalThis.__headplane_server_context) {
+	globalThis.__headplane_server_context = {
+		config: null,
+		singletons: {},
+	};
+}
+
+declare global {
+	const __headplane_server_context: ServerContext;
+}
+
+export function hp_getConfig(): HeadplaneConfig {
+	return __headplane_server_context.config;
+}
+
+export function hp_setConfig(config: HeadplaneConfig): void {
+	__headplane_server_context.config = config;
+}
+
+export function hp_getSingleton<T extends keyof ServerSingletons>(
+	key: T,
+): ServerSingletons[T] {
+	if (!__headplane_server_context.singletons[key]) {
+		throw new Error(`Singleton ${key} not initialized`);
+	}
+
+	return __headplane_server_context.singletons[key];
+}
+
+export function hp_getSingletonUnsafe<T extends keyof ServerSingletons>(
+	key: T,
+): ServerSingletons[T] | undefined {
+	return __headplane_server_context.singletons[key];
+}
+
+export function hp_setSingleton<
+	T extends ServerSingletons[keyof ServerSingletons],
+>(key: keyof ServerSingletons, value: T): void {
+	(__headplane_server_context.singletons[key] as T) = value;
+}

server/context/globals.ts

@@ -1,21 +0,0 @@
-import { HeadplaneConfig } from './parser';
-
-declare global {
-	const __cookie_context: {
-		cookie_secret: string;
-		cookie_secure: boolean;
-	};
-
-	const __hs_context: {
-		url: string;
-		config_path?: string;
-		config_strict?: boolean;
-	};
-
-	const __oidc_context: {
-		valid: boolean;
-		secret: string;
-	};
-
-	let __integration_context: HeadplaneConfig['integration'];
-}

server/context/loader.ts

@@ -2,32 +2,14 @@ import { constants, access, readFile } from 'node:fs/promises';
 import { env } from 'node:process';
 import { type } from 'arktype';
 import dotenv from 'dotenv';
+import { Agent } from 'undici';
 import { parseDocument } from 'yaml';
-import { getOidcSecret, testOidc } from '~/utils/oidc';
+import { testOidc } from '~/utils/oidc';
-import log, { hpServer_loadLogger } from '~server/utils/log';
+import log, { hp_loadLogger } from '~server/utils/log';
 import mutex from '~server/utils/mutex';
+import { hp_setConfig, hp_setSingleton } from './global';
 import { HeadplaneConfig, coalesceConfig, validateConfig } from './parser';
 
-declare namespace globalThis {
-	let __cookie_context: {
-		cookie_secret: string;
-		cookie_secure: boolean;
-	};
-
-	let __hs_context: {
-		url: string;
-		config_path?: string;
-		config_strict?: boolean;
-	};
-
-	let __oidc_context: {
-		valid: boolean;
-		secret: string;
-	};
-
-	let __integration_context: HeadplaneConfig['integration'];
-}
-
 const envBool = type('string | undefined').pipe((v) => {
 	return ['1', 'true', 'yes', 'on'].includes(v?.toLowerCase() ?? '');
 });
@@ -39,30 +21,12 @@ const rootEnvs = type({
 }).onDeepUndeclaredKey('reject');
 
 const HEADPLANE_DEFAULT_CONFIG_PATH = '/etc/headplane/config.yaml';
-let runtimeConfig: HeadplaneConfig | undefined = undefined;
 const runtimeLock = mutex();
 
-// We need to acquire here to ensure that the configuration is loaded
-// properly. We can't request a configuration if its in the process
-// of being updated.
-export function hp_getConfig() {
-	runtimeLock.acquire();
-	if (!runtimeConfig) {
-		runtimeLock.release();
-		// This shouldn't be possible, we NEED to have a configuration
-		throw new Error('Configuration not loaded');
-	}
-
-	const config = runtimeConfig;
-	runtimeLock.release();
-	return config;
-}
-
 // hp_loadConfig should ONLY be called when we explicitly need to reload
 // the configuration. This should be done when the configuration file
 // changes and we ignore environment variable changes.
 //
-// To read the config hp_getConfig should be used.
 // TODO: File watching for hp_loadConfig()
 export async function hp_loadConfig() {
 	runtimeLock.acquire();
@@ -84,7 +48,7 @@ export async function hp_loadConfig() {
 	}
 
 	// Load our debug based logger before ANYTHING
-	hpServer_loadLogger(envs.HEADPLANE_DEBUG_LOG);
+	await hp_loadLogger(envs.HEADPLANE_DEBUG_LOG);
 	if (envs.HEADPLANE_CONFIG_PATH) {
 		path = envs.HEADPLANE_CONFIG_PATH;
 	}
@@ -133,28 +97,31 @@ export async function hp_loadConfig() {
 			if (!result) {
 				log.error('CFGX', 'OIDC configuration failed validation, disabling');
 			}
-
-			globalThis.__oidc_context = {
-				valid: result,
-				secret: getOidcSecret() ?? '',
-			};
 		}
 	}
 
-	globalThis.__cookie_context = {
+	if (config.headscale.tls_cert_path) {
-		cookie_secret: config.server.cookie_secret,
+		log.debug('CFGX', 'Attempting to load supplied Headscale TLS cert');
-		cookie_secure: config.server.cookie_secure,
+		try {
-	};
+			const data = await readFile(config.headscale.tls_cert_path, 'utf8');
+			log.info('CFGX', 'Headscale TLS cert loaded successfully');
+			hp_setSingleton(
+				'api_agent',
+				new Agent({
+					connect: {
+						ca: data.trim(),
+					},
+				}),
+			);
+		} catch (error) {
+			log.error('CFGX', 'Failed to load Headscale TLS cert');
+			log.debug('CFGX', 'Error Details: %o', error);
+		}
+	} else {
+		hp_setSingleton('api_agent', new Agent());
+	}
 
-	globalThis.__hs_context = {
+	hp_setConfig(config);
-		url: config.headscale.url,
-		config_path: config.headscale.config_path,
-		config_strict: config.headscale.config_strict,
-	};
-
-	globalThis.__integration_context = config.integration;
-
-	runtimeConfig = config;
 	runtimeLock.release();
 }
 

server/entry.ts

@@ -1,11 +1,12 @@
 import { constants, access } from 'node:fs/promises';
 import { createServer } from 'node:http';
 import { WebSocketServer } from 'ws';
-import { hp_getConfig, hp_loadConfig } from '~server/context/loader';
+import { hp_getConfig } from '~server/context/global';
+import { hp_loadConfig } from '~server/context/loader';
 import { listener } from '~server/listener';
-import log from '~server/utils/log';
 import { hp_loadAgentCache } from '~server/ws/data';
 import { initWebsocket } from '~server/ws/socket';
+import log from './utils/log';
 
 log.info('SRVX', 'Running Node.js %s', process.versions.node);
 

server/utils/log.ts

@@ -1,19 +1,45 @@
-export function hpServer_loadLogger(debug: boolean) {
+import {
+	hp_getSingleton,
+	hp_getSingletonUnsafe,
+	hp_setSingleton,
+} from '~server/context/global';
+
+export interface Logger {
+	info: (category: string, message: string, ...args: unknown[]) => void;
+	warn: (category: string, message: string, ...args: unknown[]) => void;
+	error: (category: string, message: string, ...args: unknown[]) => void;
+	debug: (category: string, message: string, ...args: unknown[]) => void;
+}
+
+export function hp_loadLogger(debug: boolean) {
+	const newLog = { ...log };
 	if (debug) {
-		log.debug = (category: string, message: string, ...args: unknown[]) => {
+		newLog.debug = (category: string, message: string, ...args: unknown[]) => {
 			defaultLog('DEBG', category, message, ...args);
 		};
 
-		log.info('CFGX', 'Debug logging enabled');
+		newLog.info('CFGX', 'Debug logging enabled');
-		log.info(
+		newLog.info(
 			'CFGX',
 			'This is very verbose and should only be used for debugging purposes',
 		);
-		log.info(
+		newLog.info(
 			'CFGX',
 			'If you run this in production, your storage COULD fill up quickly',
 		);
 	}
+
+	hp_setSingleton('logger', newLog);
+}
+
+function defaultLog(
+	level: string,
+	category: string,
+	message: string,
+	...args: unknown[]
+) {
+	const date = new Date().toISOString();
+	console.log(`${date} (${level}) [${category}] ${message}`, ...args);
 }
 
 const log = {
@@ -32,14 +58,4 @@ const log = {
 	debug: (category: string, message: string, ...args: unknown[]) => {},
 };
 
-function defaultLog(
+export default hp_getSingletonUnsafe('logger') ?? log;
-	level: string,
-	category: string,
-	message: string,
-	...args: unknown[]
-) {
-	const date = new Date().toISOString();
-	console.log(`${date} (${level}) [${category}] ${message}`, ...args);
-}
-
-export default log;

server/ws/data.ts

@@ -1,10 +1,13 @@
 import { open } from 'node:fs/promises';
 import type { HostInfo } from '~/types';
+import {
+	hp_getSingleton,
+	hp_getSingletonUnsafe,
+	hp_setSingleton,
+} from '~server/context/global';
 import log from '~server/utils/log';
 import { TimedCache } from './cache';
-import { hp_getAgents } from './socket';
 
-let cache: TimedCache<HostInfo> | undefined;
 export async function hp_loadAgentCache(defaultTTL: number, filepath: string) {
 	log.debug('CACH', `Loading agent cache from ${filepath}`);
 
@@ -17,18 +20,16 @@ export async function hp_loadAgentCache(defaultTTL: number, filepath: string) {
 		return;
 	}
 
-	cache = new TimedCache(defaultTTL, filepath);
+	const cache = new TimedCache<HostInfo>(defaultTTL, filepath);
-}
+	hp_setSingleton('ws_agent_data', cache);
-
-export function hp_getAgentCache() {
-	return cache;
 }
 
 export async function hp_agentRequest(nodeList: string[]) {
 	// Request to all connected agents (we can have multiple)
 	// Luckily we can parse all the data at once through message parsing
 	// and then overlapping cache entries will be overwritten by time
-	const agents = hp_getAgents();
+	const agents = hp_getSingleton('ws_agents');
+	const cache = hp_getSingletonUnsafe('ws_agent_data');
 
 	// Deduplicate the list of nodes
 	const NodeIDs = [...new Set(nodeList)];

server/ws/socket.ts

@@ -1,8 +1,14 @@
 import WebSocket, { WebSocketServer } from 'ws';
+import { hp_setSingleton } from '~server/context/global';
 import log from '~server/utils/log';
+import { hp_agentRequest } from './data';
 
 export function initWebsocket(server: WebSocketServer, authKey: string) {
 	log.info('SRVX', 'Starting a WebSocket server for agent connections');
+	const agents = new Map<string, WebSocket>();
+	hp_setSingleton('ws_agents', agents);
+	hp_setSingleton('ws_fetch_data', hp_agentRequest);
+
 	server.on('connection', (ws, req) => {
 		const tailnetID = req.headers['x-headplane-tailnet-id'];
 		if (!tailnetID || typeof tailnetID !== 'string') {
@@ -50,8 +56,3 @@ export function initWebsocket(server: WebSocketServer, authKey: string) {
 
 	return server;
 }
-
-const agents = new Map<string, WebSocket>();
-export function hp_getAgents() {
-	return agents;
-}