67 lines
1.8 KiB
Rust
67 lines
1.8 KiB
Rust
|
use anyhow::Result;
|
||
|
use rustls::internal::pemfile::{certs, rsa_private_keys};
|
||
|
use rustls::{
|
||
|
AllowAnyAnonymousOrAuthenticatedClient, Certificate, PrivateKey, RootCertStore, ServerConfig,
|
||
|
};
|
||
|
use std::fs::File;
|
||
|
use std::io::{self, BufReader};
|
||
|
use std::path::{Path, PathBuf};
|
||
|
use structopt::StructOpt;
|
||
|
|
||
|
#[derive(StructOpt, Debug)]
|
||
|
pub struct Options {
|
||
|
/// host to listen on
|
||
|
#[structopt(short = "H", long, env = "HOST", default_value = "10.77.2.8")]
|
||
|
host: String,
|
||
|
|
||
|
/// port to listen on
|
||
|
#[structopt(short = "p", long, env = "PORT", default_value = "1965")]
|
||
|
port: u16,
|
||
|
|
||
|
/// cert file
|
||
|
#[structopt(short = "c", long = "cert", env = "CERT_FILE")]
|
||
|
cert: PathBuf,
|
||
|
|
||
|
/// key file
|
||
|
#[structopt(short = "k", long = "key", env = "KEY_FILE")]
|
||
|
key: PathBuf,
|
||
|
|
||
|
/// server hostname
|
||
|
#[structopt(
|
||
|
long = "hostname",
|
||
|
env = "SERVER_HOSTNAME",
|
||
|
default_value = "shachi.wg.akua"
|
||
|
)]
|
||
|
hostname: String,
|
||
|
}
|
||
|
|
||
|
fn load_certs(path: &Path) -> io::Result<Vec<Certificate>> {
|
||
|
certs(&mut BufReader::new(File::open(path)?))
|
||
|
.map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid cert"))
|
||
|
}
|
||
|
|
||
|
fn load_keys(path: &Path) -> io::Result<Vec<PrivateKey>> {
|
||
|
rsa_private_keys(&mut BufReader::new(File::open(path)?))
|
||
|
.map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "invalid key"))
|
||
|
}
|
||
|
|
||
|
pub async fn run(opts: Options) -> Result<()> {
|
||
|
let certs = load_certs(&opts.cert)?;
|
||
|
let mut keys = load_keys(&opts.key)?;
|
||
|
|
||
|
log::info!(
|
||
|
"serving gemini://{} on {}:{}",
|
||
|
opts.hostname,
|
||
|
opts.host,
|
||
|
opts.port
|
||
|
);
|
||
|
|
||
|
let mut config = ServerConfig::new(AllowAnyAnonymousOrAuthenticatedClient::new(
|
||
|
RootCertStore::empty(),
|
||
|
));
|
||
|
config
|
||
|
.set_single_cert(certs, keys.remove(0))
|
||
|
.map_err(|err| io::Error::new(io::ErrorKind::InvalidInput, err))?;
|
||
|
Ok(())
|
||
|
}
|