+5

src/bin/mirror.rs

reviewed

··· 39 39 #[arg(long, requires("acme_domain"), env = "ALLEGEDLY_ACME_DIRECTORY_URL")] 40 40 #[clap(default_value = "https://acme-v02.api.letsencrypt.org/directory")] 41 41 acme_directory_url: Url, 42 42 + /// listen for ipv6 43 43 + #[arg(long, action, requires("acme_domain"), env = "ALLEGEDLY_ACME_IPV6")] 44 44 + acme_ipv6: bool, 42 45 } 43 46 44 47 pub async fn run( ··· 51 54 acme_domain, 52 55 acme_cache_path, 53 56 acme_directory_url, 57 57 + acme_ipv6, 54 58 }: Args, 55 59 ) -> anyhow::Result<()> { 56 60 let db = Db::new(wrap_pg.as_str(), wrap_pg_cert).await?; ··· 70 74 domains: acme_domain, 71 75 cache_path, 72 76 directory_url: acme_directory_url.to_string(), 77 77 + ipv6: acme_ipv6, 73 78 } 74 79 } 75 80 (bind, true, None) => ListenConf::Bind(bind),

+9 -1

src/mirror.rs

reviewed

··· 198 198 domains: Vec<String>, 199 199 cache_path: PathBuf, 200 200 directory_url: String, 201 201 + ipv6: bool, 201 202 }, 202 203 Bind(SocketAddr), 203 204 } ··· 237 238 domains, 238 239 cache_path, 239 240 directory_url, 241 241 + ipv6, 240 242 } => { 241 243 rustls::crypto::aws_lc_rs::default_provider() 242 244 .install_default() ··· 251 253 let auto_cert = auto_cert.build().expect("acme config to build"); 252 254 253 255 let notice_task = tokio::task::spawn(run_insecure_notice()); 254 254 - let app_res = run(app, TcpListener::bind("0.0.0.0:443").acme(auto_cert)).await; 256 256 + let listener = TcpListener::bind("0.0.0.0:443"); 257 257 + let app_res = if ipv6 { 258 258 + let listener = listener.combine(TcpListener::bind("[::]:443")); 259 259 + run(app, listener.acme(auto_cert)).await 260 260 + } else { 261 261 + run(app, listener.acme(auto_cert)).await 262 262 + }; 255 263 log::warn!("server task ended, aborting insecure server task..."); 256 264 notice_task.abort(); 257 265 app_res?;