~aasg/snowweb

368954c4 — Aluísio Augusto Silva Gonçalves 2 months ago main
Remove superflous title from README

Joplin prepends note contents with the note's title.  I'm usually
careful to remove it before using the text but I missed it this time
around.
994b7753 — Aluísio Augusto Silva Gonçalves 2 months ago
Don't cache Nix flake references

If we're told to rebuild, re-fetch the flake (or at least don't blindly
assume the cache is up to date).
7caa04cd — Aluísio Augusto Silva Gonçalves 3 months ago 1.0.0
Don't cache API responses

Borrowed this from dn42regsrv, makes sense to me.
749f15b8 — Aluísio Augusto Silva Gonçalves 3 months ago
Add README
6b4ce770 — Aluísio Augusto Silva Gonçalves 3 months ago
Update a Nix profile with the current root, if given

Prevent the served path from being garbage-collected by pointing a
profile link to it.  The link must be given by the user through the
`--profile` flag.
daf2e096 — Aluísio Augusto Silva Gonçalves 3 months ago
Assign environment variables to command-line flags automatically

So far all flags have environmental counterparts, and I've been mostly
keeping to a pattern when naming them, so instead of specifying both I
can just give the flag name and derive the environment variable from it.
23675fc8 — Aluísio Augusto Silva Gonçalves 3 months ago
Allow custom trust roots for the ACME CA

Ran into this right before trying to use the Lorkep CA to double check
the instructions I was writing in the README.
e57c7643 — Aluísio Augusto Silva Gonçalves 3 months ago
Only call TLSArgs.ReloadCerts if TLS is enabled

ReloadCerts can handle TLS being disabled, this is just so that it
doesn't clutter the log.
a651c92f — Aluísio Augusto Silva Gonçalves 3 months ago
Proudly announce ourselves on responses
cb52b404 — Aluísio Augusto Silva Gonçalves 3 months ago
Add a flag to enable debug logging

Logging includes the Debug level by default, which is going to be quite
verbose.  Disable it and provide a flag to re-enable it.
77d45424 — Aluísio Augusto Silva Gonçalves 3 months ago
Load TLS certificates after the server is running

Doing it the other way around fails as there's no server to answer
TLS-ALPN challenges and provision certificates through ACME.

Another possibility, should this fail, is to enable on-demand TLS.
It is the second option as this one will validate all domains upfront.
c1262887 — Aluísio Augusto Silva Gonçalves 3 months ago
Build only the command package

This *might* speed up using the package in a NixOS configuration.
e0dfbf63 — Aluísio Augusto Silva Gonçalves 3 months ago
Fix service command line

Due to github:alecthomas/kong#153, $SNOWWEB_INSTALLABLE is not used
currently so we need to specify it in the command line regardless.
While we're at it, take advantage of freeform modules' partial typing
to ensure the installable is given and to provide defaults to ACME
options (but don't try to perform exhaustive checking).
7dc44a81 — Aluísio Augusto Silva Gonçalves 3 months ago
Provide a rough adapter between zap and zerolog

CertMagic uses zap for logging, while the rest of our program is set
up to use zerolog.  As in d70b5b53b8f0, we need to redirect one into
the other.  Unlike in that commit, we need to translate log levels and
serialized fields between both packages.
0ab397fc — Aluísio Augusto Silva Gonçalves 3 months ago
Update the NixOS module to handle TLS options

I gave up on having separate submodules for ACME-based and file-based
TLS options then merging then into a single option and turned it all
into a freeform module, using a function I wrote for ipfs-cluster to
turn the module into environment variables.
8003fd9d — Aluísio Augusto Silva Gonçalves 3 months ago
Use CertMagic to manage TLS certificates

Replace our custom file-based TLS certificate loader with CertMagic
so that we can provision certificates through ACME and TLS-ALPN-01
instead of having to rely on NixOS' ACME module and all the config
that comes with it.  Still, if a keypair is provided, we'll use that
just like before.
15630d19 — Aluísio Augusto Silva Gonçalves 3 months ago
Switch to Kong for command line argument parsing

I want to add ACME support via CertMagic, which is going to add a lot of
new variables.  To avoid stuffing the command line, I want to be able to
use environment variables instead.

Kong also reminds me of Rust's StructOpt, which is a plus.
14a7c86c — Aluísio Augusto Silva Gonçalves 3 months ago
Provide an initial NixOS module

No so much initial as one that works and that I'll commit while I do
other stuff.
a97d86da — Aluísio Augusto Silva Gonçalves 3 months ago
Enable the 'nix' command and flakes when calling Nix

These are needed for proper flake support.
46c964b7 — Aluísio Augusto Silva Gonçalves 3 months ago
Pipe Nix's stderr

Not sure if this is the best way to handle it, but Nix's error message
got to go somewhere or we can't figure out why a build has failed.
Next