Till Wegmueller
c993f4d703
feat: add database migrations for domains, resources, service_tokens, links
2026-04-06 17:15:27 +02:00
Till Wegmueller
8123752c9c
feat: project scaffold with config and error types
2026-04-06 17:15:24 +02:00
Till Wegmueller
59d7c88707
Add webfingerd implementation plan (16 tasks)
...
Covers: project scaffold, migrations, entities, cache, auth (prefixed
tokens for O(1) lookup), webfinger/host-meta endpoints, domain
onboarding with ChallengeVerifier trait, service token CRUD, link
registration with transactional batch, TTL reaper, keyed rate limiting,
Prometheus metrics, server-rendered UI, and integration tests.
2026-04-06 17:14:36 +02:00
Till Wegmueller
92e355e63b
Address minor spec review suggestions
...
- Document orphaned resource cleanup by reaper
- Acknowledge intentional domain_id denormalization on links
- Enable SQLite WAL mode by default for concurrent reads
- Fix session_secret config to be commented-out placeholder
2026-04-06 17:14:36 +02:00
Till Wegmueller
045365e0eb
Address spec review findings
...
- Add resources table for JRD subject/aliases (RFC 7033 compliance)
- Secure verify endpoint with registration secret (prevent race condition)
- Add unique constraint on (resource_id, rel, href) with upsert semantics
- Add cascade behavior for domain deletion and token revocation
- Add owner token rotation endpoint
- Fix host-meta to be domain-aware via Host/X-Forwarded-Host
- Define batch endpoint as all-or-nothing transactions
- Pin glob matching semantics with validation rules
- Document domain re-verification as known v1 limitation
- Require session_secret (no default), restrict /metrics via network
- Clarify multi-rel filtering and CORS scoping
2026-04-06 17:14:36 +02:00
Till Wegmueller
ed5ff2a796
Add webfingerd design specification
...
Multi-tenant WebFinger server (RFC 7033) with ACME-style domain
onboarding, scoped service token authorization, in-memory cache
backed by SQLite, and server-rendered management UI.
2026-04-06 17:14:35 +02:00
Till Wegmüller
a526566a43
Initial commit
2026-04-06 17:14:00 +02:00
