npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@opsimathically/nodenetproccalld

v0.0.3

Published

Standalone TypeScript daemon that wraps @opsimathically/networkprocedurecall capabilities.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

opsimathicallyopsimathically

Keywords

procedurecallnetworkencrypteddynamic

Readme

nodenetproccalld

nodenetproccalld is a standalone TypeScript daemon that wraps:

  • @opsimathically/workerprocedurecall
  • @opsimathically/networkprocedurecall

It exposes a resilient mTLS TCP service with API-key authentication and privilege-based access control for remote function operations (invoke, define, undefine, constants, dependencies).

Features

  • mTLS TCP daemon (tls.createServer) via NetworkProcedureCall
  • API key auth callback with privilege mapping and optional TLS identity constraints
  • JSON5 config files with comments/trailing commas support
  • Startup validation for config shape, regex rules, and TLS PEM file presence
  • Worker pool startup and worker event logging
  • Graceful shutdown on SIGINT / SIGTERM / uncaught process errors
  • Optional periodic runtime metrics logging

Config Files

Default paths:

  • ./config/server.config.json5
  • ./config/api_keys.config.json5

Sample files are included in config/.

Server Config (server.config.json5)

Defines:

  • information.server_name
  • network.bind_addr and network.tcp_listen_port
  • tls_mtls file paths and TLS options
  • workerprocedurecall worker count/options
  • optional abuse_controls
  • optional observability options

tls_mtls.key_file, cert_file, and ca_file are required and resolved relative to the server config file directory when not absolute paths.

API Keys Config (api_keys.config.json5)

Defines:

  • api_keys[] entries with:
  • key_id
  • api_key
  • privileges
  • optional enabled
  • optional identity_constraints regex patterns (remote_address, peer cert fields)

Running

  1. Build:
npm run build
  1. Start daemon with default config paths:
npm run start
  1. Generate default config files in ./config (relative to where command is run):
nodenetproccalld --generate-default-config

By default this writes:

  • ./config/server.config.json5
  • ./config/api_keys.config.json5

Useful options:

nodenetproccalld \
  --generate-default-config \
  --default-config-output-dir ./config \
  --default-config-overwrite
  1. Generate a default TLS-generation JSON5 config:
nodenetproccalld --generate-default-tls-config

By default this writes:

  • ./config/tls_generation.config.json5

You can choose a different output path:

nodenetproccalld \
  --generate-default-tls-config \
  --default-tls-config-file ./config/tls_generation.config.json5 \
  --default-tls-config-overwrite
  1. Generate TLS material for fresh installs (CA/server/client):
nodenetproccalld --generate-tls-material --tls-generation-config ./config/tls_generation.config.json5

By default (from config) this writes:

  • ./config/certs/ca.key.pem
  • ./config/certs/ca.cert.pem
  • ./config/certs/server.key.pem
  • ./config/certs/server.cert.pem
  • ./config/certs/client.key.pem
  • ./config/certs/client.cert.pem

This JSON5 config controls SAN values (server_dns_sans, server_ip_sans) so the generated server certificate matches real hostnames like your_server_name_here, FQDNs, or service IPs. output_dir in this config is interpreted relative to your current working directory.

You can still override via direct CLI options when needed:

nodenetproccalld \
  --generate-tls-material \
  --tls-generation-config ./config/tls_generation.config.json5 \
  --tls-output-dir ./config/certs \
  --tls-overwrite \
  --tls-ca-cn my-local-ca \
  --tls-server-cn localhost \
  --tls-client-cn daemon-client \
  --tls-valid-days 365
  1. Generate a default client TLS package JSON5 config:
nodenetproccalld --generate-default-client-tls-config

By default this writes:

  • ./config/client_tls_packages.config.json5
  1. Generate client certificate packages from JSON5 config:
nodenetproccalld \
  --generate-client-tls-packages \
  --client-tls-generation-config ./config/client_tls_packages.config.json5

This reads CA key/cert paths from the config file and outputs per-client bundle tarballs in the configured output directory (default template uses ./config/client_certs). Paths in client_tls_packages.config.json5 are resolved relative to that config file.

  1. Start daemon with custom config paths:
nodenetproccalld \
  --server-config /absolute/or/relative/server.config.json5 \
  --api-keys-config /absolute/or/relative/api_keys.config.json5
  1. CLI help:
nodenetproccalld --help

Installed package binaries:

  • nodenetproccalld

Packaging and Deployment

TypeScript daemons are usually deployed as built JavaScript plus a Node.js runtime.

Local package artifact

Build and create a deployable tarball:

npm run build
npm pack

This creates a file like:

  • opsimathically-nodenetproccalld-0.0.1.tgz

Install on target host

Install Node.js LTS on target host, then install daemon package globally:

npm install -g ./opsimathically-nodenetproccalld-0.0.1.tgz

Then run:

nodenetproccalld --help

Typical service deployment (systemd)

Example /etc/systemd/system/nodenetproccalld.service:

[Unit]
Description=nodenetproccalld
After=network.target

[Service]
Type=simple
User=nodenetprocd
WorkingDirectory=/opt/nodenetproccalld
ExecStart=/usr/bin/nodenetproccalld --server-config /opt/nodenetproccalld/config/server.config.json5 --api-keys-config /opt/nodenetproccalld/config/api_keys.config.json5
Restart=always
RestartSec=2
Environment=NODE_ENV=production

[Install]
WantedBy=multi-user.target

Then:

sudo systemctl daemon-reload
sudo systemctl enable nodenetproccalld
sudo systemctl start nodenetproccalld
sudo systemctl status nodenetproccalld

Development

  • Run tests:
npm test
  • Run type checking:
npm run typecheck
  • Run daemon directly from TypeScript sources:
npm run start:daemon -- --server-config ./config/server.config.json5 --api-keys-config ./config/api_keys.config.json5

mTLS Notes

  • Use a private CA for server and client certs.
  • Ensure client servername matches server cert SAN/CN (for local examples, localhost).
  • Keep API key privileges minimal (all_privileges only for trusted operators).