Add https-dns option #192

Author: joepio

CHANGELOG.md

@@ -19,7 +19,7 @@ See [STATUS.md](server/STATUS.md) to learn more about which features will remain
 - Meta tags server side #577
 - Include JSON-AD in initial response, speed up first render #511
 - Remove feature to index external RDF files and search them #579
-- Replace `acme_lib` with `instant-acme`, drop OpenSSL dependency #192
+- Replace `acme_lib` with `instant-acme`, drop OpenSSL dependency, add DNS verification for TLS option with `--https-dns` #192
 - Add staging environment #588
 - Add systemd instructions to readme #271
 

lib/src/client.rs

@@ -13,7 +13,7 @@ use crate::{
 /// Checks the datatypes for the Values.
 /// Ignores all atoms where the subject is different.
 /// WARNING: Calls store methods, and is called by store methods, might get stuck in a loop!
-#[tracing::instrument(skip(store))]
+#[tracing::instrument(skip(store), level = "info")]
 pub fn fetch_resource(
     subject: &str,
     store: &impl Storelike,
@@ -63,7 +63,7 @@ pub fn fetch_body(url: &str, content_type: &str, for_agent: Option<Agent>) -> At
         .get(url)
         .set("Accept", content_type)
         .call()
-        .map_err(|e| format!("Error when fetching {} : {}", url, e))?;
+        .map_err(|e| format!("Error when server tried fetching {} : {}", url, e))?;
     let status = resp.status();
     let body = resp
         .into_string()

server/src/config.rs

@@ -31,28 +31,37 @@ pub struct Opts {
     #[clap(long, default_value = "localhost", env = "ATOMIC_DOMAIN")]
     pub domain: String,
 
-    /// The contact mail address for Let's Encrypt HTTPS setup
-    #[clap(long, env = "ATOMIC_EMAIL")]
-    pub email: Option<String>,
-
     // 9.883 is decimal for the `⚛` character.
     /// The port where the HTTP app is available. Set to 80 if you want this to be available on the network.
     #[clap(short, long, default_value = "9883", env = "ATOMIC_PORT")]
     pub port: u32,
 
-    /// The port where the HTTPS app is available. Sert to 443 if you want this to be available on the network.
-    #[clap(long, default_value = "9884", env = "ATOMIC_PORT_HTTPS")]
+    /// The port where the HTTPS app is available. Set to 443 if you want this to be available on the network.
+    #[clap(
+        long,
+        default_value = "9884",
+        env = "ATOMIC_PORT_HTTPS",
+        requires = "https"
+    )]
     pub port_https: u32,
 
     /// The IP address of the server. Set to :: if you want this to be available to other devices on your network.
     #[clap(long, default_value = "::", env = "ATOMIC_IP")]
     pub ip: IpAddr,
 
     /// Use HTTPS instead of HTTP.
-    /// Will get certificates from LetsEncrypt.
+    /// Will get certificates from LetsEncrypt fully automated.
     #[clap(long, env = "ATOMIC_HTTPS")]
     pub https: bool,
 
+    /// Initializes DNS-01 challenge for LetsEncrypt. Use this if you want to use subdomains.
+    #[clap(long, env = "ATOMIC_HTTPS_DNS", requires = "https")]
+    pub https_dns: bool,
+
+    /// The contact mail address for Let's Encrypt HTTPS setup
+    #[clap(long, env = "ATOMIC_EMAIL")]
+    pub email: Option<String>,
+
     /// Endpoint where the front-end assets are hosted
     #[clap(long, default_value = "/app_assets", env = "ATOMIC_ASSET_URL")]
     pub asset_url: String,
@@ -86,6 +95,7 @@ pub struct Opts {
     pub log_level: LogLevel,
 
     /// How you want to trace what's going on with the server. Useful for monitoring performance and errors in production.
+    /// Combine with `log_level` to get more or less data (`trace` is the most verbose)
     #[clap(arg_enum, long, env = "ATOMIC_TRACING", default_value = "stdout")]
     pub trace: Tracing,
 }