diff --git a/README.md b/README.md index 4b2c7bd..b8425dd 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,78 @@ their DNS server. [Demo which may or may not be live](https://domiply.mediocregopher.com) +## Build + +Domiply uses nix flakes for building and setting up the development environment. + +In order to create a release binary: + +``` +nix build +``` + +A statically compiled binary will be placed in the `result` directory. + +## Configuration + +Domiply is configured via command-line arguments or environment variables: + +``` + --http-domain + [env: DOMIPLY_HTTP_DOMAIN=] + + --http-listen-addr + [env: DOMIPLY_HTTP_LISTEN_ADDR=] [default: [::]:3030] + + --https-listen-addr + E.g. '[::]:443', if given then SSL certs will automatically be retrieved for all domains using LetsEncrypt [env: DOMIPLY_HTTPS_LISTEN_ADDR=] + + --passphrase + [env: DOMIPLY_PASSPHRASE=] + + --origin-store-git-dir-path + [env: DOMIPLY_ORIGIN_STORE_GIT_DIR_PATH=] + + --domain-checker-target-a + [env: DOMIPLY_DOMAIN_CHECKER_TARGET_A=] + + --domain-checker-resolver-addr + [env: DOMIPLY_DOMAIN_CHECKER_RESOLVER_ADDR=] [default: 1.1.1.1:53] + + --domain-config-store-dir-path + [env: DOMIPLY_DOMAIN_CONFIG_STORE_DIR_PATH=] + + --domain-acme-store-dir-path + [env: DOMIPLY_DOMAIN_ACME_STORE_DIR_PATH=] + + --domain-acme-contact-email + [env: DOMIPLY_DOMAIN_ACME_CONTACT_EMAIL=] + + -h, --help + Print help + + -V, --version + Print version +``` + +### HTTPS Support + +Domiply will automatically handle setting up HTTPS via LetsEncrypt for both the +domiply frontend site and all domains which it has been configured to serve. + +By default HTTPS is not enabled, but can be easily enabled by setting the +following arguments: + +``` +--https-listen-addr='[::]:443' +--domain-acme-contact-email='foo@example.com' +--domain-acme-store-dir-path='/some/secure/directory' +``` + +The contact email can be anything, it doesn't have to be real. The store +directory will have all SSL private keys written to it, and so should be +secured as best as possible. + ## Development Domiply uses nix flakes for building and setting up the development environment. @@ -19,12 +91,6 @@ nix develop Within the shell which opens you can do `cargo run` to start a local instance. -In order to create a release binary: - -``` -nix build -``` - ## Roadmap Check out the `src/service/http_tpl/index.html` file for the current roadmap. diff --git a/TODO b/TODO index 035c319..22eac60 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,4 @@ +- list existing domains - logging - expect statements (pretend it's "expected", not "expect") - map_unexpected annotation string diff --git a/src/service/http_tpl/index.html b/src/service/http_tpl/index.html index 99fe078..7296380 100644 --- a/src/service/http_tpl/index.html +++ b/src/service/http_tpl/index.html @@ -48,7 +48,6 @@ planned but not yet implemented:

  • Support for AAAA and CNAME records
    • -
  • HTTPS support, with automatic certificate syncing via Let's Encrypt.
  • Support for more backends than just git repositories, including: