rewrite everything and use rustserve-platform as the base for building out the server

Author: technetos

Cargo.lock

@@ -1,9 +1,39 @@
-[workspace]
-
-members = [
-  "flair_args",
-  "flair_server",
-  "flair_data",
-  "flair_hyper",
-  "flair_auth",
-]
+[package]
+name = "flair"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+rustserve = { path = "../rustserve" }
+rustserve-platform = { path = "../rustserve-platform" }
+
+http = "0.2"
+
+serde = { version = "1.0", features = ["derive"] }
+serde_json = "1.0"
+
+anyhow = "1.0"
+
+tracing = "0.1"
+tracing-subscriber = "0.2.0"
+tracing-futures = "0.2.5"
+
+tokio = { version = "1", features = [
+    "macros",
+    "rt",
+    "rt-multi-thread", # so examples can use #[tokio::main]
+] }
+
+sqlx = { version = "0.6", features = [ "runtime-tokio-native-tls" , "postgres" ] }
+
+futures = { version = "0.3.1" }
+
+[lib]
+name = "flair"
+path = "src/lib.rs"
+
+[[bin]]
+name = "main"
+path = "src/main.rs"

Cargo.toml

@@ -1,28 +1,17 @@
-# Flair - A tiny url service
+# Flair - A name service for hosts
 
 # Dependencies
 
-You need `rustserve` in your file system at the same level as your clone of
-`flair`
+You need a few deps..
 
 ```sh
 git clone https://github.com/technetos/rustserve.git
+git clone https://github.com/technetos/rustserve-platform.git
 ```
 
 # Usage
 
-Run the `flair_data` RPC service
-
-```sh
-cd flair_data
-cargo r --release -- -server_addr=127.0.0.1:3001
-```
-
-Run the `flair_server` REST service
-
 ```sh
-cd flair_server
-cargo r --release -- -search_service_addr=http://127.0.0.1:3001 -server_addr=127.0.0.1:3000
+cd flair
+cargo r --release -- -server_addr=127.0.0.1:3000
 ```
-
-Open your browser and navigate to http://127.0.0.1:3000/1/search/test

README.md

@@ -0,0 +1,176 @@
+#!/bin/sh
+
+set -xe
+
+rm -rf rsa/ ecdsa/ eddsa/
+mkdir -p rsa/ ecdsa/ eddsa/
+
+openssl req -nodes \
+          -x509 \
+          -days 3650 \
+          -newkey rsa:4096 \
+          -keyout rsa/ca.key \
+          -out rsa/ca.cert \
+          -sha256 \
+          -batch \
+          -subj "/CN=ponytown RSA CA"
+
+openssl req -nodes \
+          -newkey rsa:3072 \
+          -keyout rsa/inter.key \
+          -out rsa/inter.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=ponytown RSA level 2 intermediate"
+
+openssl req -nodes \
+          -newkey rsa:2048 \
+          -keyout rsa/end.key \
+          -out rsa/end.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=testserver.com"
+
+openssl rsa \
+          -in rsa/end.key \
+          -out rsa/end.rsa
+
+openssl req -nodes \
+          -newkey rsa:2048 \
+          -keyout rsa/client.key \
+          -out rsa/client.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=ponytown client"
+
+openssl rsa \
+          -in rsa/client.key \
+          -out rsa/client.rsa
+
+# ecdsa
+openssl ecparam -name prime256v1 -out ecdsa/nistp256.pem
+openssl ecparam -name secp384r1 -out ecdsa/nistp384.pem
+
+openssl req -nodes \
+          -x509 \
+          -newkey ec:ecdsa/nistp384.pem \
+          -keyout ecdsa/ca.key \
+          -out ecdsa/ca.cert \
+          -sha256 \
+          -batch \
+          -days 3650 \
+          -subj "/CN=ponytown ECDSA CA"
+
+openssl req -nodes \
+          -newkey ec:ecdsa/nistp256.pem \
+          -keyout ecdsa/inter.key \
+          -out ecdsa/inter.req \
+          -sha256 \
+          -batch \
+          -days 3000 \
+          -subj "/CN=ponytown ECDSA level 2 intermediate"
+
+openssl req -nodes \
+          -newkey ec:ecdsa/nistp256.pem \
+          -keyout ecdsa/end.key \
+          -out ecdsa/end.req \
+          -sha256 \
+          -batch \
+          -days 2000 \
+          -subj "/CN=testserver.com"
+
+openssl req -nodes \
+          -newkey ec:ecdsa/nistp384.pem \
+          -keyout ecdsa/client.key \
+          -out ecdsa/client.req \
+          -sha256 \
+          -batch \
+          -days 2000 \
+          -subj "/CN=ponytown client"
+
+# eddsa
+
+# TODO: add support for Ed448
+# openssl genpkey -algorithm Ed448 -out eddsa/ca.key
+openssl genpkey -algorithm Ed25519 -out eddsa/ca.key
+
+openssl req -nodes \
+          -x509 \
+          -key eddsa/ca.key \
+          -out eddsa/ca.cert \
+          -sha256 \
+          -batch \
+          -days 3650 \
+          -subj "/CN=ponytown EdDSA CA"
+
+openssl genpkey -algorithm Ed25519 -out eddsa/inter.key
+
+openssl req -nodes \
+          -new \
+          -key eddsa/inter.key \
+          -out eddsa/inter.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=ponytown EdDSA level 2 intermediate"
+
+openssl genpkey -algorithm Ed25519 -out eddsa/end.key
+
+openssl req -nodes \
+          -new \
+          -key eddsa/end.key \
+          -out eddsa/end.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=testserver.com"
+
+# TODO: add support for Ed448
+# openssl genpkey -algorithm Ed448 -out eddsa/client.key
+openssl genpkey -algorithm Ed25519 -out eddsa/client.key
+
+openssl req -nodes \
+          -new \
+          -key eddsa/client.key \
+          -out eddsa/client.req \
+          -sha256 \
+          -batch \
+          -subj "/CN=ponytown client"
+
+for kt in rsa ecdsa eddsa ; do
+  openssl x509 -req \
+            -in $kt/inter.req \
+            -out $kt/inter.cert \
+            -CA $kt/ca.cert \
+            -CAkey $kt/ca.key \
+            -sha256 \
+            -days 3650 \
+            -set_serial 123 \
+            -extensions v3_inter -extfile openssl.cnf
+
+  openssl x509 -req \
+            -in $kt/end.req \
+            -out $kt/end.cert \
+            -CA $kt/inter.cert \
+            -CAkey $kt/inter.key \
+            -sha256 \
+            -days 2000 \
+            -set_serial 456 \
+            -extensions v3_end -extfile openssl.cnf
+
+  openssl x509 -req \
+            -in $kt/client.req \
+            -out $kt/client.cert \
+            -CA $kt/inter.cert \
+            -CAkey $kt/inter.key \
+            -sha256 \
+            -days 2000 \
+            -set_serial 789 \
+            -extensions v3_client -extfile openssl.cnf
+
+  cat $kt/inter.cert $kt/ca.cert > $kt/end.chain
+  cat $kt/end.cert $kt/inter.cert $kt/ca.cert > $kt/end.fullchain
+
+  cat $kt/inter.cert $kt/ca.cert > $kt/client.chain
+  cat $kt/client.cert $kt/inter.cert $kt/ca.cert > $kt/client.fullchain
+
+  openssl asn1parse -in $kt/ca.cert -out $kt/ca.der > /dev/null
+done