microcosm.blue / Allegedly
Server tools to backfill, tail, mirror, and verify PLC logs
50
fork

Configure Feed

Select the types of activity you want to include in your feed.

allow binding ipv6 when running behind acme

phil ad30f7f9 8e83a5f9

+14 -1
+5
src/bin/mirror.rs
··· 39 39 #[arg(long, requires("acme_domain"), env = "ALLEGEDLY_ACME_DIRECTORY_URL")] 40 40 #[clap(default_value = "https://acme-v02.api.letsencrypt.org/directory")] 41 41 acme_directory_url: Url, 42 + /// listen for ipv6 43 + #[arg(long, action, requires("acme_domain"), env = "ALLEGEDLY_ACME_IPV6")] 44 + acme_ipv6: bool, 42 45 } 43 46 44 47 pub async fn run( ··· 51 54 acme_domain, 52 55 acme_cache_path, 53 56 acme_directory_url, 57 + acme_ipv6, 54 58 }: Args, 55 59 ) -> anyhow::Result<()> { 56 60 let db = Db::new(wrap_pg.as_str(), wrap_pg_cert).await?; ··· 70 74 domains: acme_domain, 71 75 cache_path, 72 76 directory_url: acme_directory_url.to_string(), 77 + ipv6: acme_ipv6, 73 78 } 74 79 } 75 80 (bind, true, None) => ListenConf::Bind(bind),
+9 -1
src/mirror.rs
··· 198 198 domains: Vec<String>, 199 199 cache_path: PathBuf, 200 200 directory_url: String, 201 + ipv6: bool, 201 202 }, 202 203 Bind(SocketAddr), 203 204 } ··· 237 238 domains, 238 239 cache_path, 239 240 directory_url, 241 + ipv6, 240 242 } => { 241 243 rustls::crypto::aws_lc_rs::default_provider() 242 244 .install_default() ··· 251 253 let auto_cert = auto_cert.build().expect("acme config to build"); 252 254 253 255 let notice_task = tokio::task::spawn(run_insecure_notice()); 254 - let app_res = run(app, TcpListener::bind("0.0.0.0:443").acme(auto_cert)).await; 256 + let listener = TcpListener::bind("0.0.0.0:443"); 257 + let app_res = if ipv6 { 258 + let listener = listener.combine(TcpListener::bind("[::]:443")); 259 + run(app, listener.acme(auto_cert)).await 260 + } else { 261 + run(app, listener.acme(auto_cert)).await 262 + }; 255 263 log::warn!("server task ended, aborting insecure server task..."); 256 264 notice_task.abort(); 257 265 app_res?;