fix: validation rules resolved

Author: mrasif

README.md

@@ -96,8 +96,29 @@ telepath -h
 telepath -f /etc/telepath/telepath.json
 ```
 
+- Test tunnel configuration
+```sh
+telepath -f /etc/telepath/telepath.json --dry-run
+```
+
+## Run using Docker compose
+You can run using docker compose and use it's internal network to access it.
+```yaml
+services:
+  telepath:
+    container_name: autossh
+    image: ghcr.io/tech-thinker/telepath:latest
+    networks:
+      - telepath
+    volumes:
+      - ./myconfig:/etc/telepath
+
+networks:
+  telepath:
+```
+
 ## Define Config file
-Config file is a JSON file which contains list of config. Here I have attached a sample config file-
+The configuration file is a JSON array of objects. Each object defines a tunnel.
 
 ```json
 [
@@ -117,41 +138,94 @@ Config file is a JSON file which contains list of config. Here I have attached a
       "key": "/etc/autossh/id_rsa",
       "passphrase": "passphrase",
       "jump": {
-        "host": "jump-host-ip",
-        "port": 22,
-        "username": "user",
-        "authType": "KEY",
-        "password": "",
-        "key": "/etc/autossh/id_rsa",
-        "passphrase": "passphrase"
-      }
-    }
-  },
-  {
-    "name": "mysql",
-    "type": "R",
-    "localPort": 3306,
-    "localHost": "0.0.0.0",
-    "remotePort": 3306,
-    "remoteHost": "0.0.0.0",
-    "server": {
-      "host": "final-host-ip",
-      "port": 22,
-      "username": "user",
-      "authType": "KEY",
-      "password": "",
-      "key": "/etc/autossh/id_rsa",
-      "passphrase": "passphrase",
-      "jump": {
-        "host": "jump-host-ip",
+        "host": "jump-1-ip",
         "port": 22,
         "username": "user",
         "authType": "KEY",
         "password": "",
         "key": "/etc/autossh/id_rsa",
-        "passphrase": "passphrase"
+        "passphrase": "passphrase",
+        "jump": {
+          "host": "jump-2-ip",
+          "port": 22,
+          "username": "user",
+          "authType": "KEY",
+          "password": "",
+          "key": "/etc/autossh/id_rsa",
+          "passphrase": "passphrase"
+        }
       }
     }
   }
 ]
 ```
+
+### Fields Description
+
+| Field           | Type           | Required | Description                                                                 |
+|-----------------|----------------|----------|-----------------------------------------------------------------------------|
+| `name`          | string         | ✅       | Identifier for the tunnel.                                                 |
+| `type`          | string         | ✅       | Tunnel type: `L` for remote → local, `R` for local → remote.              |
+| `localPort`     | number         | ✅       | Port on the local machine.                                                 |
+| `localHost`     | string         | ✅       | Local host IP or `0.0.0.0` to bind all interfaces.                        |
+| `remotePort`    | number         | ✅       | Port on the remote machine.                                                |
+| `remoteHost`    | string         | ✅       | Remote host IP or `0.0.0.0`.                                              |
+| `server`        | object         | ✅       | Final destination SSH server configuration.                                |
+| `server.host`   | string         | ✅       | SSH server IP or hostname.                                                 |
+| `server.port`   | number         | ✅       | SSH server port, usually 22.                                               |
+| `server.username` | string       | ✅       | SSH username.                                                              |
+| `server.authType` | string       | ✅       | Authentication type: `KEY` or `PASS`.                                     |
+| `server.key`    | string         | 🔹       | Path to SSH key file if `authType` is `KEY`.                               |
+| `server.password` | string       | 🔹       | Password if `authType` is `PASS`.                                         |
+| `server.passphrase` | string     | 🔹       | Passphrase for the SSH key if required.                                    |
+| `server.jump`   | object/null    | ❌       | Optional jump host configuration (recursive structure).                   |
+
+> **Note:** Jump hosts are optional and can be nested multiple times.
+
+### Tunnel Type
+- **L (Local)**: Forwards traffic from **remote → local**  
+- **R (Remote)**: Forwards traffic from **local → remote**
+
+### Example Topology Diagram
+```mermaid
+flowchart LR
+    A[Local Machine] -->|SSH Tunnel| J1[Jump Host 2]
+    J1 --> J2[Jump Host 1]
+    J2 --> S[Final SSH Server]
+    S --> M[MongoDB:27017]
+```
+
+- **A:** Your local machine
+- **J1, J2:** Intermediate jump hosts
+- **S:** Final SSH server
+- **M:** MongoDB service running on the remote host
+
+### Simple Tunnel Diagram (No Jump Hosts)
+```mermaid
+flowchart LR
+    L[Local Machine] -->|SSH Tunnel| F[Final Server]
+    F --> D[Service:27017]
+```
+
+- **L:** Local machine
+- **F:** Final SSH server
+- **D:** Remote service (MongoDB, PostgreSQL, etc.)
+
+### Authentication Flow
+1. **KEY authentication**
+   - Uses a private key (`key`) and optional `passphrase`.
+2. **Password authentication**
+   - Uses `password` field directly.
+
+```mermaid
+flowchart TB
+    LocalMachine --> SSHAuth[SSH Authentication]
+    SSHAuth -->|KEY| PrivateKey["Key + Passphrase"]
+    SSHAuth -->|PASS| Password["Password"]
+```
+
+## Usage Notes
+- You can have multiple tunnels defined in the JSON array.
+- Jump hosts can be nested arbitrarily.
+- Each tunnel should have a unique `name`.
+- All ports and hosts are configurable to support complex network setups.

main.go

@@ -21,6 +21,7 @@ var (
 
 func main() {
 	var configPath string
+	var dryRun bool = false
 
 	cli.VersionPrinter = func(c *cli.Context) {
 		fmt.Printf("Version: %s\n", AppVersion)
@@ -40,6 +41,12 @@ func main() {
 				Required:    true,
 				Destination: &configPath,
 			},
+			&cli.BoolFlag{
+				Name:        "dry-run",
+				Usage:       "use to tests your configuration.",
+				Required:    false,
+				Destination: &dryRun,
+			},
 		},
 		Action: func(ctx *cli.Context) error {
 			cfgs, err := services.ParseConfig(configPath)
@@ -51,6 +58,11 @@ func main() {
 				return err
 			}
 
+			if dryRun {
+				fmt.Println("Your configuration format is valid.")
+				return nil
+			}
+
 			// Root context — cancelled on Ctrl+C / SIGTERM
 			rootCtx, cancel := context.WithCancel(context.Background())
 			defer cancel()

man/telepath.1

@@ -20,12 +20,16 @@ telepath [global options] [file]
 .SH COMMANDS
 .PP
 \fB--config-file, -f\fP [path of config file.]
+.PP
+\fB--dry-run  [use this flag to tests your configuration. (default: false)]
 
 .SH EXAMPLES
 .TP
 telepath --config-file=/etc/telepath/config.json
 .TP
 telepath -f /etc/telepath/config.json
+.TP
+telepath -f /etc/telepath/config.json --dry-run
 
 .SH SEE ALSO
 .BR gozen (1),

models/config.go

@@ -1,5 +1,12 @@
 package models
 
+import (
+	"fmt"
+	"slices"
+
+	"github.com/tech-thinker/telepath/constants"
+)
+
 type Server struct {
 	Host       string  `json:"host"`
 	Port       int     `json:"port"`
@@ -11,6 +18,45 @@ type Server struct {
 	Jump       *Server `json:"jump"`
 }
 
+func (s *Server) String() string {
+	return fmt.Sprintf("%+v", *s)
+}
+
+func (s *Server) Validate(fieldName string) error {
+	if len(s.Host) == 0 {
+		return fmt.Errorf("`%s.host` must be present.", fieldName)
+	}
+
+	if s.Port == 0 {
+		return fmt.Errorf("`%s.port` is invalid.", fieldName)
+	}
+
+	if len(s.Username) == 0 {
+		return fmt.Errorf("`%s.username` must be present.", fieldName)
+	}
+
+	if !slices.Contains([]string{constants.CREDIENTIAL_KEY, constants.CREDIENTIAL_PASS}, s.AuthType) {
+		return fmt.Errorf("`%s.authType` must be present.", fieldName)
+	}
+
+	if s.AuthType == constants.CREDIENTIAL_KEY && len(s.Key) == 0 {
+		return fmt.Errorf("`%s.key` must be present for authType KEY.", fieldName)
+	}
+
+	if s.AuthType == constants.CREDIENTIAL_PASS && len(s.Password) == 0 {
+		return fmt.Errorf("`%s.password` must be present for authType PASS.", fieldName)
+	}
+
+	if s.Jump != nil {
+		err := s.Jump.Validate(fmt.Sprintf("%s.jump", fieldName))
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 type Config struct {
 	Name       string  `json:"name"`
 	Type       string  `json:"type"`
@@ -20,3 +66,43 @@ type Config struct {
 	RemoteHost string  `json:"remoteHost"`
 	Server     *Server `json:"server"`
 }
+
+func (c *Config) String() string {
+	return fmt.Sprintf("%+v", *c)
+}
+
+func (c *Config) Validate() error {
+	if len(c.Name) == 0 {
+		return fmt.Errorf("`name` must be present.")
+	}
+
+	if !slices.Contains([]string{"L", "R"}, c.Type) {
+		return fmt.Errorf("`type` must be L or R.")
+	}
+
+	if c.LocalPort <= 0 {
+		return fmt.Errorf("`localPort` is invalid.")
+	}
+
+	if len(c.LocalHost) == 0 {
+		c.LocalHost = "0.0.0.0"
+	}
+
+	if c.RemotePort <= 0 {
+		return fmt.Errorf("`remotePort` is invalid.")
+	}
+
+	if len(c.RemoteHost) == 0 {
+		c.RemoteHost = "0.0.0.0"
+	}
+
+	if c.Server == nil {
+		return fmt.Errorf("`server` must be present.")
+	}
+
+	err := c.Server.Validate("server")
+	if err != nil {
+		return err
+	}
+	return nil
+}

services/configParser.go

@@ -3,19 +3,28 @@ package services
 import (
 	"encoding/json"
 	"os"
+	"regexp"
 
 	"github.com/tech-thinker/telepath/models"
 )
 
 func ParseConfig(configPath string) ([]models.Config, error) {
-	configFile, err := os.Open(configPath)
+	data, err := os.ReadFile(configPath)
 	if err != nil {
 		return nil, err
 	}
-	defer configFile.Close()
 
+	// Remove single-line comments: // comment
+	reSingle := regexp.MustCompile(`(?m)//.*$`)
+	data = reSingle.ReplaceAll(data, []byte(""))
+
+	// Remove multi-line comments: /* comment */
+	reMulti := regexp.MustCompile(`(?s)/\*.*?\*/`)
+	data = reMulti.ReplaceAll(data, []byte(""))
+
+	// Parse cleaned JSON
 	var config []models.Config
-	if err := json.NewDecoder(configFile).Decode(&config); err != nil {
+	if err := json.Unmarshal(data, &config); err != nil {
 		return nil, err
 	}
 

services/validator.go

@@ -1,16 +1,17 @@
 package services
 
 import (
-	"fmt"
-
 	"github.com/tech-thinker/telepath/models"
 )
 
 func ValidateConfig(configs []models.Config) ([]models.Config, error) {
+	var validCfgs []models.Config
 	for _, cfg := range configs {
-		if cfg.Type != "L" && cfg.Type != "R" {
-			return nil, fmt.Errorf("invalid tunnel type %s for %s", cfg.Type, cfg.Name)
+		err := cfg.Validate()
+		if err != nil {
+			return nil, err
 		}
+		validCfgs = append(validCfgs, cfg)
 	}
-	return configs, nil
+	return validCfgs, nil
 }