❯ rclone copy --retries 0 tmp/index.html ojf-dav:example-1.onlyjunk.fans/
❯ echo $status
0
Getting there.
Discussion
Loading...
It's funny that I implemented write sooner than read.
❯ rclone cat ojf-dav:example-1.onlyjunk.fans/small-index.html
<!doctype html><html><head><title>foo</title></head><body>bar</body></html>
Gotta implement seek, and more efficient partial read, and then some cleanup, and dav's done.
Oh, right. I need to implement create_dir file & dir removal too. Whoopsie!
Right. I can now mount the WebDav thing, and most operations work in reasonable ways. There are some rough edges and corner cases that don't, stemming from the fact that I don't really have directories.
All the quick wins are out of the way, I will have to focus on essentials now: play with ACME.
~8 more replies (not shown)
...except before I get there, I have to put some foundations in, like encrypted secret storage in the db, and some startup flow rework to allow starting up either in dev mode (http only) or prod mode (https only).
db
.secrets()
.put(&db, "my key", b"super secret shit")
.await?;
Takes care of generating a unique nonce, overwrites existing secrets silently (in this case, that is the desired mode of operation). The get counterpart is similar:
let plain = db
.secrets()
.get(&db, "my key)
.await?
.unwrap();
Ideally, .get() would return something that implements Deserialize, so I could do stuff like...
let foo: MyType = db
.secrets()
.get(&db, "foo")
.await?
.unwrap();
...and then deserialize the bytes into MyType.
Oooh.
I found another ACME library! One that's probably easier to use than instant-acme: tokio-rustls-acme.
This takes care of the bulk of the work! I "only" need to add a cache implementation, to store stuff in the db instead of on disk, and integrate it with Pingora.
If all goes well, this library will make ACME schenanigans a lot easier. I love that it has a cache trait, and that it focuses on tls-alpn-01 - that's the only challenge type I wish to support.