Remove superflous title from README
Joplin prepends note contents with the note's title. I'm usually
careful to remove it before using the text but I missed it this time
Don't cache Nix flake references
If we're told to rebuild, re-fetch the flake (or at least don't blindly
assume the cache is up to date).
Don't cache API responses
Borrowed this from dn42regsrv, makes sense to me.
Update a Nix profile with the current root, if given
Prevent the served path from being garbage-collected by pointing a
profile link to it. The link must be given by the user through the
Assign environment variables to command-line flags automatically
So far all flags have environmental counterparts, and I've been mostly
keeping to a pattern when naming them, so instead of specifying both I
can just give the flag name and derive the environment variable from it.
Allow custom trust roots for the ACME CA
Ran into this right before trying to use the Lorkep CA to double check
the instructions I was writing in the README.
Only call TLSArgs.ReloadCerts if TLS is enabled
ReloadCerts can handle TLS being disabled, this is just so that it
doesn't clutter the log.
Proudly announce ourselves on responses
Add a flag to enable debug logging
Logging includes the Debug level by default, which is going to be quite
verbose. Disable it and provide a flag to re-enable it.
Load TLS certificates after the server is running
Doing it the other way around fails as there's no server to answer
TLS-ALPN challenges and provision certificates through ACME.
Another possibility, should this fail, is to enable on-demand TLS.
It is the second option as this one will validate all domains upfront.
Build only the command package
This *might* speed up using the package in a NixOS configuration.
Fix service command line
Due to github:alecthomas/kong#153, $SNOWWEB_INSTALLABLE is not used
currently so we need to specify it in the command line regardless.
While we're at it, take advantage of freeform modules' partial typing
to ensure the installable is given and to provide defaults to ACME
options (but don't try to perform exhaustive checking).
Provide a rough adapter between zap and zerolog
CertMagic uses zap for logging, while the rest of our program is set
up to use zerolog. As in d70b5b53b8f0, we need to redirect one into
the other. Unlike in that commit, we need to translate log levels and
serialized fields between both packages.
Update the NixOS module to handle TLS options
I gave up on having separate submodules for ACME-based and file-based
TLS options then merging then into a single option and turned it all
into a freeform module, using a function I wrote for ipfs-cluster to
turn the module into environment variables.
Use CertMagic to manage TLS certificates
Replace our custom file-based TLS certificate loader with CertMagic
so that we can provision certificates through ACME and TLS-ALPN-01
instead of having to rely on NixOS' ACME module and all the config
that comes with it. Still, if a keypair is provided, we'll use that
just like before.
Switch to Kong for command line argument parsing
I want to add ACME support via CertMagic, which is going to add a lot of
new variables. To avoid stuffing the command line, I want to be able to
use environment variables instead.
Kong also reminds me of Rust's StructOpt, which is a plus.
Provide an initial NixOS module
No so much initial as one that works and that I'll commit while I do
Enable the 'nix' command and flakes when calling Nix
These are needed for proper flake support.
Pipe Nix's stderr
Not sure if this is the best way to handle it, but Nix's error message
got to go somewhere or we can't figure out why a build has failed.