This is my homepage, rewritten from the ground up in lwan so it is entirely in C. Right now, it is nothing flashy (very similar to the Haskell version); project pages (and perhaps a few other treats) are planned for the near future.
- lwan - used as a library to build the webserver and page logic
- hitch - TLS-terminating proxy server
- uacme - an ACME-protocol client for TLS Cert renewal
All running on Arch Linux using nftables for traffic redirection and forwarding
lwan does not officially support running on an externally-visible port, and it remains the author's express suggestion to not do so.
To bypass this limitation, we leverage hitch to redirect traffic from 443
to 8443
(where the contentful instance of lwan is running) and back.
Furthermore, to forcibly redirect HTTP to HTTPS, we use nftables to redirect traffic from 80
to 8080
.
Then, a very small instance of lwan is running on port 8080
that does nothing but respond to ACME challenge requests and redirect all other traffic to https://halosgho.st
.