Domani connects your domain to whatever you want to host on it, all with no account needed
Go to file
2023-07-19 16:18:13 +02:00
src Add add/remove_path_prefix fields to domain settings 2023-07-19 16:18:13 +02:00
.dev-config.yml Add ability to add request headers to proxied requests 2023-07-17 16:54:03 +02:00
.env.dev Switch to using a config file 2023-07-09 16:09:00 +02:00
.gitignore Build release as a static binary 2023-05-15 22:58:40 +02:00
Cargo.lock Initial implementation of proxy module 2023-07-16 16:09:20 +02:00
Cargo.toml Initial implementation of proxy module 2023-07-16 16:09:20 +02:00
default.nix init 2023-05-03 09:58:06 +02:00
flake.lock Switch to using nightly 2023-05-08 18:25:51 +02:00
flake.nix Implemented acme store, started on manager 2023-05-18 12:22:35 +02:00
README.md Support serve_protocols field on domain settings 2023-07-17 20:22:22 +02:00
rust-toolchain.toml Build release as a static binary 2023-05-15 22:58:40 +02:00
shell.nix init 2023-05-03 09:58:06 +02:00

Domani

Domani is a self-hosted rust service which connects a DNS hostname to a data backend (e.g. a git repository), all with no account needed. The user only inputs their domain name, their desired backend, and then adds two entries to their DNS server.

Demo which may or may not be live

Build

Domani uses nix flakes for building and setting up the development environment.

In order to create a release binary:

nix build

A statically compiled binary will be placed in the result directory.

Configuration

Domani is configured via a YAML file whose path is given on the command-line. The format of the YAML file, along with all default values, is as follows:

origin:

  # Path under which all origin data (i.e. git repositories, file caches,
  # etc...) will be stored.
  #
  # This should be different than any other store_dir_paths.
  #store_dir_path: REQUIRED

domain:

  # Path under which all domain data (i.e. domains configured by users, HTTPS
  # certificates, etc...) will be stored.
  #
  # This should be different than any other store_dir_paths.
  #store_dir_path: REQUIRED

  #dns:

    # Address of DNS resolver to use.
    #resolver_addr: "1.1.1.1:53"

  #acme:

    # Contact email to use when creating HTTPS certificates using LetsEncrypt.
    # This email will be used for notifying you if certificates are not being
    # renewed.
    #contact_email: REQUIRED if service.http.https_addr is set

  # builtins are domains whose configuration is built into domani. These domains
  # are not able to be configured via the web interface, and will be hidden from
  # it unless the `public` key is set to true.
  #builtins:

    # An example built-in domain backed by a git repo.
    #git.example.com:
    #  kind: git
    #  url: "https://somewhere.com/some/repo.git"
    #  branch_name: main
    #  public: false
    #
    #  # Which protocols to serve the domain on. The given list overwrites the
    #  # default, which is to serve on all available protocols.
    #  #serve_protocols:
    #  #- protocol: http
    #  #- protocol: https

    # An example built-in domain backed by a reverse-proxy to some other
    # web-service. Requests to the backing service will automatically have
    # X-Forwarded-For and (if HTTPS) X-Forwarded-Proto headers added to them.
    #
    # Proxies are currently limited in the following ways:
    # * url must be to an http endpoint (not https)
    # * dns.resolver_addr is ignored and the system-wide dns is used
    #
    #proxy.example.com:
    #  kind: proxy
    #  url: "http://some.other.service.com"
    #
    #  # Extra headers to add to requests being proxied
    #  request_http_headers:
    #    - name: Host
    #      value: "yet.another.service.com"
    #    - name: X-HEADER-TO-DELETE
    #      value: ""
    #
    #  public: false
    #
    #  # Which protocols to serve the domain on. The given list overwrites the
    #  # default, which is to serve on all available protocols.
    #  #serve_protocols:
    #  #- protocol: http
    #  #- protocol: https

service:

  # Passphrase which must be given by users who are configuring new domains via
  # the web interface.
  #passphrase: REQUIRED

  # DNS records which users must add to their domain's DNS so that
  # Domani can serve the domains. All records given must route to this Domani
  # instance.
  #
  # A CNAME record with the primary_domain of this server is automatically
  # included.
  dns_records:
    #- kind: A
    #  addr: 127.0.0.1

    #- kind: AAAA
    #  addr: ::1

    # NOTE that the name given here must resolve to the Domani server.
    #- kind: CNAME
    #  name: domain.com

  # The domain name which will be used to serve the web interface of Domani. If
  # service.http.https_addr is enabled then an HTTPS certificate for this domain
  # will be retrieved automatically.
  #primary_domain: "localhost"

  #http:

    # The address to listen for HTTP requests on. This must use port 80 if
    # https_addr is set.
    #http_addr: "[::]:3030"

    # The address to listen for HTTPS requests on. This is optional.
    #https_addr: "[::]:443"

The YAML config file can be passed to the Domani process via the --config-path CLI parameter:

domani --config-path <path>

HTTPS Support

By default HTTPS is not enabled, but can be enabled by setting the service.http.https_addr field in the YAML config. There are a few other fields in the configuration file which must be correctly configured if HTTPS is set up, please read through the example file above carefully.

Once HTTPS is enabled, Domani will automatically handle setting it up via LetsEncrypt for both the Domani web interface and all domains which it is configured to serve.

Development

Domani uses nix flakes for building and setting up the development environment. In order to open a shell with all necessary tooling (expected rust toolchain versions, etc...) simply do:

nix develop

Within the shell which opens you can do cargo run to start a local instance.

Roadmap

  • Support for more backends than just git repositories, including:
    • IPFS/IPNS
    • Small static files (e.g. for well-knowns)
    • Google Drive
    • Dropbox