- Introduced `getEnvOrPanic` helper to enforce non-empty required environment variables.
- Added strict validation for server (`HOP_SERVER_*`) and client (`HOP_CLIENT_*`) configurations at startup.
- Updated `.env` loader to prioritize OS env vars over `.env` file values.
- Enhanced structured logging for validated environment variables.
- Improved Makefile with `check-env-server` and `check-env-client` targets for build-time validation.
- Added `StreamAck`-based selective retransmission logic for reliable stream delivery.
- Introduced per-stream ARQ states (`expectedSeq`, `lost`, `received`) for out-of-order handling and lost frame tracking.
- Implemented mechanisms to send `StreamAck` with `AckSeq` and `LostSeqs` attributes in response to `StreamData`.
- Enhanced retransmission logic for unacknowledged frames in `streamSender`, ensuring robust recovery for lost data.
- Updated progress notes in `progress.md` to reflect ARQ implementation.
- Replaced single-envelope HTTP handling with stream-based tunneling (`StreamOpen`, `StreamData`, and `StreamClose`) for HTTP-over-DTLS.
- Added unique StreamID generation for per-session HTTP requests.
- Improved client and server logic for handling chunked body transmissions and reverse stream responses.
- Enhanced pseudo-header handling for HTTP metadata in tunneling.
- Updated error handling for local HTTP failures, ensuring proper stream-based responses.
- Added safeguards to restrict HTTP body and stream payload sizes to 4KiB (`StreamChunkSize`) in the Protobuf codec.
- Updated client logic to apply consistent limits for streaming and non-streaming scenarios.
- Improved error handling with clear messages for oversized payloads.
- Updated description of server-client transport to use Protobuf-based, length-prefixed envelopes.
- Revised notes on handling large HTTP bodies and outlined plans for stream/frame-based tunneling.
- Updated `progress.md` with finalized implementation of MTU-safe chunk size constant.
- Added support for `StreamOpen`, `StreamData`, `StreamClose`, and `StreamAck` types in the Protobuf codec.
- Defined new pseudo-header constants for HTTP-over-stream tunneling.
- Introduced `StreamChunkSize` constant for MTU-safe payload sizes (4 KiB).
- Updated encoding and decoding logic to handle stream-based types seamlessly.
- Defined `hopgate_stream.proto` with message definitions for stream-based DTLS tunneling, including `Request`, `Response`, `StreamOpen`, `StreamData`, `StreamAck`, and `StreamClose`.
- Added `Envelope` container for top-level message encapsulation.
- Integrated Protobuf code generation into the `Makefile` using `protoc` with `protoc-gen-go`.
- Generated Go types under `internal/protocol/pb`.
- Introduced `WireCodec` interface in `internal/protocol/codec.go` to abstract serialization/deserialization logic.
- Updated server and client to use `DefaultCodec`, replacing direct JSON encoding/decoding.
- Eliminated `bufio.Reader` from session handling, as `DefaultCodec` manages buffering for DTLS sessions.
- Marked related protocol tasks in `progress.md` as complete.
- Replaced single-envelope JSON model with a stream/frame-based protocol using `StreamOpen`, `StreamData`, and `StreamClose` for chunked transmission.
- Added application-level ARQ with selective retransmission (`StreamAck`) for reliability over DTLS/UDP.
- Defined MTU-safe chunk sizes and sequence-based flow control to handle large HTTP bodies effectively.
- Updated `internal/protocol` for structured stream message handling, including ACK/NACK support.
- Documented potential transition to binary serialization for performance optimization.
- Documented the custom `.env` loader behavior, prioritization of OS-level environment variables, and validation stages.
- Explained server and client-specific configuration loading process.
- Added best practices for environment variable usage in development and production environments.
- Replaced `godotenv` with a custom `.env` loader that respects OS-level environment variables.
- Updated server and client initialization to prioritize OS environment variables over `.env` values.
- Improved environment variable validation and logging with structured logs.
- Applied cleaner error handling and removed redundant `log` package usage.
- Added `github.com/joho/godotenv` for loading `.env` files in server and client.
- Implemented environment variable validation and logging in both main programs.
- Updated Makefile with `.env` export and validation steps for required variables.
- Simplified error handling in `writeErrorPage` rendering logic.
- Introduced handling for `502 Bad Gateway` errors with a dedicated HTML template.
- Updated `writeErrorPage` logic to include 502 and other new status mappings for custom templates.
- Improved error page rendering by mapping 4xx/5xx status codes to appropriate templates.
- Designed a stream/frame-based protocol leveraging `StreamOpen`, `StreamData`, and `StreamClose` fields for chunked transmission.
- Addressed DTLS/UDP MTU limits by capping tunneled body sizes to 48 KiB and replacing oversized responses with `502 Bad Gateway`.
- Updated `internal/protocol` to enable safe handling of large HTTP bodies via streaming.
- Documented future work on replacing JSON with binary encoding for improved performance.
- Fixed session retrieval to use lowercased host for consistency.
- Ensured context cancellation is properly handled in HTTP forwarding.
- Refined proxy timeout configuration with better error logging and validation.
- Introduced `StatusGatewayTimeout` (504) for server-side timeouts between HopGate and backend.
- Implemented 504 error page with multilingual support.
- Enhanced `bufio.Reader` usage in JSON decoding to prevent "dtls: buffer too small" errors for large payloads.
- Applied request handling improvements for control domain and timeout scenarios.
- Added `canonicalizeDomainForDNS` to normalize domain strings for DNS and DB lookups.
- Implemented `domainGateValidator` to verify if client-provided domains resolve to expected IPs (`HOP_ACME_EXPECT_IPS`) using A/AAAA DNS queries.
- Included a fallback for DB-only validation if `HOP_ACME_EXPECT_IPS` is unset or empty.
- Updated `parseExpectedIPsFromEnv` to parse and validate IP lists from environment variables.
- Marked relevant handshake enhancements in `progress.md` as completed.
- Updated `domain_validator` to strip brackets from IPv6 addresses for proper normalization when `net.SplitHostPort` fails.
- Marked the Admin API integration task in `progress.md` as complete.
- Added `entDomainValidator` implementation to validate `(domain, client_api_key)` combinations from the `Domain` table using `ent.Client`.
- Replaced dummy validator with the new ent-based validator in server initialization.
- Updated documentation and progress tracking for domain validation implementation.
- Ensured compatibility with `host` and `host:port` formats by normalizing domain strings during validation.
- Updated `tlsCfg.ServerName` logic to extract and set hostname (DNS) from `ServerAddr` to comply with SNI requirements.
- Utilized `net.SplitHostPort` for accurate parsing of `host:port` format.
- Updated error templates (`400`, `404`, `500`, `525`) to apply consistent width (`w-[240px]`) for the HopGate logo.
- Adjusted Tailwind CSS to include the new `w-[240px]` class for accurate rendering.
- Fixed path prefix to ensure proper handling of `/__hopgate_assets__/` requests.
- Adjusted `http.StripPrefix` to match the corrected route for consistent file serving.
- Added safeguard to ensure `/__hopgate_assets__/` requests always serve static files, regardless of proxy routing or backend state.
- Implemented fallback to a 500 error page when embedded asset FS is unavailable.
- Implemented custom HTML templates for `400`, `404`, `500`, and `525` error pages with multilingual support.
- Added embedded file system for error page templates and assets.
- Introduced fallback mechanism to serve minimal plain text for missing error templates.
- Integrated TailwindCSS for styling error pages, with a build script in `package.json`.
- Introduced `HOP_ACME_STANDALONE_ONLY` env variable to run the ACME client without starting HTTP/DTLS servers.
- Allows certificate issuance/renewal solely and exits upon completion.
- Includes initialization of the ACME manager with domain verification, certificate management, and caching mechanisms. DomainService and expand Admin API
- Added `DomainServiceImpl` with support for registering, unregistering, and querying domains.
- Expanded Admin API with new endpoints:
- `GET /api/v1/admin/domains/exists` to check domain registration status.
- `GET /api/v1/admin/domains/status` to retrieve detailed domain information.
- Updated server initialization to wire `DomainService` and Admin API routes.
- Documented new Admin API endpoints in `API.md`.
- Introduced `HOP_ACME_STANDALONE_ONLY` env variable to run the ACME client without starting HTTP/DTLS servers.
- Allows certificate issuance/renewal solely and exits upon completion.
- Includes initialization of the ACME manager with domain verification, certificate management, and caching mechanisms.
- Introduced `docker-compose.yml` to simplify local development and service orchestration.
- Defined services for Hop Gate server and Postgres with environment, ports, and volume configurations.
- Added persistent volume settings for Postgres and ACME cache management.
- Added `TARGETOS` and `TARGETARCH` arguments for multi-architecture build support.
- Updated build commands to utilize the provided OS/ARCH arguments.
- Simplified Dockerfile by removing redundant conditional logic for `go.sum`.
- Refactored HTTP tunneling protocol to use `protocol.Envelope` for better extensibility.
- Implemented support for message types including HTTP requests, stream handling, and responses.
- Added common security headers like HSTS and X-Forwarded-For processing for improved security and identity handling.
- Introduced GitHub Actions workflow to build and publish Docker images to GHCR.
- Added new protocol structures for stream-based communication in anticipation of future WebSocket/TCP tunneling.
- Updated `go.sum` to remove unused dependencies and reflect new changes.
- Refactored `DISCUSSION_TEMPLATE.md` to enhance clarity and structure.
- Simplified sections and eliminated redundancy for better usability.
- Improved bilingual (Korean/English) guidance for consistency.
