Skip to content

Latest commit

 

History

History
78 lines (69 loc) · 2.79 KB

TODO.md

File metadata and controls

78 lines (69 loc) · 2.79 KB
Raw

Porting to rust

  • Establish cli scaffolding

  • Detect DigitalOcean API var

  • Install DigitalOcean dependency

  • Create a droplet

  • Wait on droplet creation

  • Print droplet IPv4 addr

  • Port template logic for cloudinit

  • Create droplet from cloudinit data

  • Write out cloudinit to disk, for debugging

  • Write test for cloudinit header

  • Port SSH keygen

  • Port SSH cloudinit

  • Port SSH local kp

  • Port WG addr

  • Port WG cloudinit

  • Port WG up

  • Write tests for keypair matching

  • Silence command output in wg up

  • Add proxy code

  • Wire up "proxy" subcommand

  • Integrate proxy in up subcommand

  • Port deb pkg logic for rust

  • Pare down Cargo.toml proxy code

Housekeeping

  • SSH should use tmpfiles, not clobber primary dir
  • Package upgrade should be async
  • Configure unattended-upgrades
  • Add cleanup methods - dir
  • Add cleanup methods - droplet
  • Add cleanup methods - wg
  • Catch ctrl+c to cleanup
  • Tune nginx config, workers auto
  • Wireguard config should be a /30
  • SSH privkey should be 600
  • SSH pubkey file should contain pubkey, not privkey
  • SSH commands don't seem to report failure
  • Wire up floating ip
  • Wg command should fail
  • Tests should not error without API!
  • SSH pubkey lookup should fail gracefully
  • SSH pubkey lookup should merge all keys, not just the first, from API

Dev QOL

  • Support local ip service forwarding (i.e. no-proxy)

  • Add iptables rules to wg to block all but authorized

  • Make ip command fail if server doesnt exit

  • Make ssh command fail if server doesnt exit

  • Add lots of results for better error handling

  • Add doctor subcommand for checking

  • Service stop should clean up resources

  • Support SIGTERM and SIGKILL signals

  • Make 'release' builds reproducible

  • Make deb package builds reproducible

  • Build target musl for static binaries

  • Use a build.rs file for setting remap on rustcflags https://doc.rust-lang.org/cargo/reference/build-scripts.html Turns out maybe this isn't possible: RUSTFLAGS must be set above the cargo context in which build.rs runs. So, settling on a .env file for now to set RUSTFLAGS for reproducible builds.

  • Use std::net::IpAddr

  • Use std::net::SocketAddr

  • Support multiple tunnels on same host

  • Make IP address pairs adjacent /30

  • Make default name simply "innisfree", not "innisfree-innisfree"

  • Clean up service config dirs

  • Use ephemeral SSH keypair for user

  • Add all SSH keys on DO account by default

  • Update cli output for ssh to recommend name flag

  • Make IP address pairs deterministic (via ipgen)

  • Create wg interfaces early

  • Switch from Ubuntu LTS to Debian Stable (the freest OS <3)