fuchsiaaaaaaaaaaaaaaaaa
Today I got started on #pixie pages, an alternative to Github/Gitlab/Codeberg Pages:
Static site hosting from Gitea repositories
so far none of the gitea related parts are worked on, but it can seamlessly request ACME ssl certificates for *any domain* it's accessed from, which is really cool imo
How does #pixie pages work? (not yet, that's how :p)
- Gitea user adds `domains.txt` to their repo/branch for verification
- Site is available at branch.repo.user.pages.pixie.town or similar (with defaults so you can leave out branch.repo.)
- This can also be used to CNAME a custom domain to the same content
- Or a combination of A/AAAA records + TXT because you can't CNAME @
- Upon access, pixie-pages automatically requests TLS certificates from Let's Encrypt to respond
- ???
- (non-)Profit!
I kind of reached my initial goal for #pixie pages: Implementing the basic static site hosting functionality in 2 days
Still a bit more to do before i get bored of the project :p
https://git.pixie.town/f0x/pixie-pages
Served through a Pixie Pages test-instance, with on-the-fly markdown rendering:
https://testsite.f0x.pages.pixie.town/README.md
anything under https://testsite.f0x.pages.pixie.town is served directly from https://git.pixie.town/f0x/testsite/src/branch/pages
other subdomains are currently disabled until I've improved the Let's Encrypt stuff more, currently they're not stored on disk yet and that's going to be fucky with the ratelimits. (In general, 50 (sub)domains per week might become an issue)
ah wtf, zerossl is actually limited to just 3 certificates in the free plan
the letsencrypt ratelimits are workable I think:
- 50 certificates on the same domain per week (custom domain for pixie pages so it doesn't interfere with main pixie.town infra)
- use wildcard for *.PAGES_DOMAIN and for user project pages generate a *.user.PAGES_DOMAIN wildcard on first use
- custom domains are no issue as they each can do the 50 domains
ohh https://zerossl.com/documentation/acme/ actually supports unlimited certificates, no ratelimiting at all. Should be a drop-in replacement with the configured ACME directory url too