workers-sdk VS portmaster

Workers

https://github.com/cloudflare/workers-sdk/blob/main/packages...

The Wrangler, Cloudflare's Developer Platform command-line interface (CLI), allows you to manage Worker projects and has an in-built Miniflare, which runs an HTTP server.

/** * Welcome to Cloudflare Workers! This is your first worker. * * - Run `npm run dev` in your terminal to start a development server * - Open a browser tab at http://localhost:8787/ to see your worker in action * - Run `npm run deploy` to publish your worker * * Learn more at https://developers.cloudflare.com/workers/ */ export interface Env { // Example binding to KV. Learn more at https://developers.cloudflare.com/workers/runtime-apis/kv/ // MY_KV_NAMESPACE: KVNamespace; // // Example binding to Durable Object. Learn more at https://developers.cloudflare.com/workers/runtime-apis/durable-objects/ // MY_DURABLE_OBJECT: DurableObjectNamespace; // // Example binding to R2. Learn more at https://developers.cloudflare.com/workers/runtime-apis/r2/ // MY_BUCKET: R2Bucket; // // Example binding to a Service. Learn more at https://developers.cloudflare.com/workers/runtime-apis/service-bindings/ // MY_SERVICE: Fetcher; // // Example binding to a Queue. Learn more at https://developers.cloudflare.com/queues/javascript-apis/ // MY_QUEUE: Queue; } export default { async fetch(request: Request, env: Env, ctx: ExecutionContext): Promise { return new Response('Hello World!'); }, };

$ npm create cloudflare@latest using create-cloudflare version 2.9.0 ╭ Create an application with Cloudflare Step 1 of 3 │ ├ In which directory do you want to create your application? │ dir ./apps/worker │ ├ What type of application do you want to create? │ type "Hello World" Worker │ ├ Do you want to use TypeScript? │ yes typescript │ ├ Copying files from "hello-world" template │ ├ Retrieving current workerd compatibility date │ compatibility date 2023-12-18 │ ╰ Application created ╭ Installing dependencies Step 2 of 3 │ ├ Installing dependencies │ installed via `npm install` │ ├ Installing @cloudflare/workers-types │ installed via npm │ ├ Adding latest types to `tsconfig.json` │ skipped couldn't find latest compatible version of @cloudflare/workers-types │ ╰ Dependencies Installed ╭ Deploy with Cloudflare Step 3 of 3 │ ├ Do you want to deploy your application? │ no deploy via `npm run deploy` │ ├ APPLICATION CREATED Deploy your application with npm run deploy │ │ Navigate to the new directory cd apps/worker │ Run the development server npm run start │ Deploy your application npm run deploy │ Read the documentation https://developers.cloudflare.com/workers │ Stuck? Join us at https://discord.gg/cloudflaredev │ ╰ See you again soon!

Except that there is. Cloudflare is pretty great for free SSL certificates and DNS management, but they also offer a free Workers plan. A Cloudflare worker is basically JavaScript code that runs on Cloudflare's edge network and handles HTTP traffic. You can do a lot with workers, including modifying/rewriting HTML responses. You can probably see where this is going: If a worker can modify HTML responses, then it can inject the umami script into every HTML response.

Cloudflare Workers

And what about the DX of using Workers with Pages?

I tried to use that recently and it was a disaster. I wrote about my experience here:

https://twitter.com/pierbover/status/1641474067013271552

I then opened these two issues:

https://github.com/cloudflare/workers-sdk/issues/2962

https://github.com/cloudflare/workers-sdk/issues/2964

I ended up moving the project over to Netlify + Edge functions. I had it all working in like 5-10 mins as it should. Took me two hours to figure out why Workers weren't working in my Pages project, and could never get Workers working properly with my Astro project.

I think you're working exclusively on the engine of Workers which is really top notch, but Cloudflare really needs to improve the outer layer which affects DX considerably.

If you think this is a bug, please open an issue at: https://github.com/cloudflare/workers-sdk/issues/new/choose ```

There's a very good relatively new open-source GUI firewall app like this called Portmaster:

https://safing.io/

It's available for Windows and Linux

You can get your own firewall app. Portmaster by safing.io lets you open and close what ever ports you want on your windows system

amazing work OP! what's the difference between zen and portmaster? :) i would like to compare options to see which one fits my needs the best way

For Context: Technical Introduction from https://github.com/safing/portmaster#technical-introduction

Portmaster is a privacy suite for your Windows and Linux desktop.

Base Technology

- Portmaster integrates into network stack using nfqueue on Linux and a kernel driver (WFP) on Windows.

- Packets are intercepted at the raw packet level - every packet is seen and can be stopped.

- Ownership of connections is found using eBPF and `/proc` on Linux and a kernel driver and the IP Helper API (`iphlpapi.dll`) on Windows.

- Most settings can be defined per app, which can be matched in different ways.

- Support for special processes with weird or concealed paths/actors:

--- Snap, AppImage and Script support on Linux

--- Windows Store apps and svchost.exe system services support on Windows

- Everything is 100% local on your device. (except the SPN, naturally)

--- Updates are fully signed and downloaded automatically.

--- Intelligence data (block lists, geoip) is downloaded and applied automatically.

- The Portmaster Core Service runs as a system service, the UI elements (App, Notifier) run in user context.

- The main UI still uses electron as a wrapper :/ - but this will change in the future. You can also open the UI in the browser

Feature: Secure DNS

- Portmaster intercepts "astray" DNS queries and reroutes them to itself for seamless integration.

- DNS queries are resolved by the default or configured DoT/DoH resolvers.

- Full support for split horizon and horizon validation to defend against rebinding attacks.

Feature: Privacy Filter

- Define allowed network scopes: Localhost, LAN, Internet, P2P, Inbound.

- Easy rules based on Internet entities: Domain, IP, Country and more.

- Filter Lists block common malware, ad, tracker domains etc.

Feature: Network History ($)

- Record connections and their details in a local database and search all of it later

- Auto-delete old history or delete on demand

Feature: Bandwidth Visibility ($)

- Monitor bandwidth usage per connection and app

Feature: SPN - Safing Privacy Network ($)

- A Privacy Network aimed at use cases "between" VPN and Tor.

- Uses onion encryption over multiple hops just like Tor.

- Routes are chosen to cover most distance within the network to increase privacy.

- Exits are chosen near the destination server. This automatically geo-unblocks in many cases.

- Exclude apps and domains/entities from using SPN.

- Change routing algorithm and focus per app.

- Nodes are hosted by Safing (company behind Portmaster) and the community.

- Speeds are pretty decent (>100MBit/s).

Portmaster itself is open source (https://github.com/safing/portmaster)

Then install https://safing.io/ (Portmaster); it's free.