update deps: mark svc as http(s)

Author: GlenDC

Cargo.lock

@@ -6,9 +6,14 @@ use rama::{
     error::{BoxError, ErrorContext as _},
     graceful::{self, ShutdownGuard},
     http::{server::HttpServer, tls::CertIssuerHttpClient},
+    layer::AddExtensionLayer,
     net::{
+        Protocol,
         socket::Interface,
-        tls::server::{CacheKind, ServerAuth, ServerCertIssuerData, ServerConfig},
+        tls::{
+            ApplicationProtocol,
+            server::{CacheKind, ServerAuth, ServerCertIssuerData, ServerConfig},
+        },
     },
     proxy::haproxy::server::HaProxyLayer,
     rt::Executor,
@@ -59,7 +64,14 @@ async fn spawn_service_http(
     interface: Interface,
     https_enabled: bool,
 ) -> Result<(), BoxError> {
-    let svc = self::service::load_https_service(https_enabled).await?;
+    let svc = AddExtensionLayer::new(Protocol::HTTP).into_layer(
+        self::service::load_http_service(if https_enabled {
+            self::service::ServiceMode::Http
+        } else {
+            self::service::ServiceMode::HttpOnly
+        })
+        .await?,
+    );
 
     let http_server = HttpServer::auto(Executor::graceful(guard.clone())).service(svc);
     let tcp_server = HaProxyLayer::new().with_peek(true).into_layer(http_server);
@@ -81,15 +93,22 @@ async fn spawn_service_https(guard: ShutdownGuard, interface: Interface) -> Resu
 
     issuer.prefetch_certs_in_background(&executor);
 
-    let tls_server_config = ServerConfig::new(ServerAuth::CertIssuer(ServerCertIssuerData {
-        kind: issuer.into(),
-        cache_kind: CacheKind::default(),
-    }));
+    let tls_server_config = ServerConfig {
+        application_layer_protocol_negotiation: Some(vec![
+            ApplicationProtocol::HTTP_2,
+            ApplicationProtocol::HTTP_11,
+        ]),
+        ..ServerConfig::new(ServerAuth::CertIssuer(ServerCertIssuerData {
+            kind: issuer.into(),
+            cache_kind: CacheKind::default(),
+        }))
+    };
 
     let acceptor_data =
         TlsAcceptorData::try_from(tls_server_config).context("create acceptor data")?;
 
-    let svc = self::service::load_https_service(true).await?;
+    let svc = AddExtensionLayer::new(Protocol::HTTPS)
+        .into_layer(self::service::load_http_service(self::service::ServiceMode::Https).await?);
 
     let http_server = HttpServer::auto(executor).service(svc);
     let tcp_server = (

src/main.rs

@@ -2,7 +2,7 @@ use std::{convert::Infallible, sync::Arc, time::Duration};
 
 use rama::{
     Layer as _, Service,
-    combinators::Either,
+    combinators::Either3,
     error::{ErrorContext as _, OpaqueError},
     http::{
         Body, HeaderName, HeaderValue, Request, Response,
@@ -18,8 +18,15 @@ use rama::{
     utils::include_dir::include_dir,
 };
 
-pub async fn load_https_service(
-    https_enabled: bool,
+#[derive(Debug, Clone, Copy)]
+pub enum ServiceMode {
+    Http,
+    HttpOnly,
+    Https,
+}
+
+pub async fn load_http_service(
+    mode: ServiceMode,
 ) -> Result<impl Service<Request, Response = Response, Error = Infallible>, OpaqueError> {
     let app = Router::new().dir_embed_with_serve_mode(
         "/",
@@ -39,17 +46,16 @@ pub async fn load_https_service(
             HeaderValue::from_static("fly.io"),
         ),
         cors::CorsLayer::permissive(),
-        UriMatchRedirectLayer::permanent(Arc::new(if https_enabled {
-            Either::A([
-                UriMatchReplaceRule::http_to_https(),
+        UriMatchRedirectLayer::permanent(Arc::new(match mode {
+            ServiceMode::Https => Either3::A(
                 UriMatchReplaceRule::try_new("https://www.*", "https://$1")
                     .context("create www to APEX redirect rule")?,
-            ])
-        } else {
-            Either::B(
+            ),
+            ServiceMode::Http => Either3::B(UriMatchReplaceRule::http_to_https()),
+            ServiceMode::HttpOnly => Either3::C(
                 UriMatchReplaceRule::try_new("http://www.*", "http://$1")
                     .context("create www to APEX redirect rule")?,
-            )
+            ),
         })),
     )
         .into_layer(app))