98 lines
3.7 KiB
Markdown
98 lines
3.7 KiB
Markdown
---
|
|
id: setup/project-init
|
|
name: Initialize Rust project with Cargo, dependencies, and module skeleton
|
|
status: completed
|
|
depends_on: []
|
|
scope: moderate
|
|
risk: low
|
|
impact: project
|
|
level: implementation
|
|
---
|
|
|
|
## Description
|
|
|
|
Initialize the Rust project from scratch. The repo currently has only `docs/` and `.git/`. Set up a single-binary Rust project with all core dependencies per the architecture spec (overview.md), and create the module skeleton that subsequent tasks will fill in.
|
|
|
|
This is a single-binary project — there are no library exports. The product is the `reverse-proxy` binary.
|
|
|
|
### Core Dependencies
|
|
|
|
| Crate | Purpose |
|
|
|-------|---------|
|
|
| `axum` 0.8 | HTTP framework, routing, middleware, extractors |
|
|
| `tokio` 1 (full) | Async runtime |
|
|
| `hyper` 1 | HTTP protocol, proxy `Client` |
|
|
| `tower` 0.5 | Middleware ecosystem, Service trait |
|
|
| `rustls` 0.23 | TLS implementation, `aws_lc_rs` crypto provider |
|
|
| `tokio-rustls` 0.26 | Async TLS I/O |
|
|
| `rustls-acme` 0.12 | ACME client for Let's Encrypt |
|
|
| `serde` 1 | Serialization |
|
|
| `toml` 0.8 | Config format |
|
|
| `arc-swap` 1 | Atomic config swap for DynamicConfig |
|
|
| `tracing` 0.1 | Structured logging |
|
|
| `tracing-subscriber` 0.3 | Log output (file + stdout) |
|
|
| `rustls-pemfile` 2 | PEM parsing for manual cert loading |
|
|
| `rustls-pki-types` 1 | TLS types (CertificateDer, PrivateKeyDer) |
|
|
| `clap` 4 | CLI arguments |
|
|
| `signal-hook` 0.3 | SIGTERM/SIGINT/SIGHUP handling |
|
|
|
|
Pin exact versions in `Cargo.toml` per standard Rust practice.
|
|
|
|
### Module Skeleton
|
|
|
|
```
|
|
src/
|
|
├── main.rs — entry point, CLI parsing, startup orchestration
|
|
├── config/
|
|
│ ├── mod.rs — config module, re-exports
|
|
│ ├── static_config.rs — StaticConfig, ListenerConfig, TlsConfig, LoggingConfig
|
|
│ ├── dynamic_config.rs — DynamicConfig, SiteConfig, RateLimitConfig
|
|
│ └── validation.rs — config validation logic
|
|
├── proxy/
|
|
│ ├── mod.rs — proxy module, re-exports
|
|
│ ├── handler.rs — reverse proxy handler
|
|
│ ├── headers.rs — proxy header injection
|
|
│ └── error.rs — error response types
|
|
├── tls/
|
|
│ ├── mod.rs — TLS module, re-exports
|
|
│ ├── acceptor.rs — TLS acceptor construction (manual + ACME)
|
|
│ └── redirect.rs — HTTP → HTTPS redirect handler
|
|
├── rate_limit/
|
|
│ ├── mod.rs — rate limit module
|
|
│ └── bucket.rs — token bucket implementation
|
|
├── logging/
|
|
│ ├── mod.rs — logging module
|
|
│ └── format.rs — custom structured log format
|
|
├── admin/
|
|
│ ├── mod.rs — admin socket module
|
|
│ └── socket.rs — Unix domain socket handler
|
|
├── health.rs — health check endpoint
|
|
└── shutdown.rs — graceful shutdown logic
|
|
```
|
|
|
|
## Acceptance Criteria
|
|
|
|
- [ ] `Cargo.toml` with all dependencies listed in overview.md, exact versions pinned
|
|
- [ ] `src/main.rs` with minimal `fn main()` that compiles
|
|
- [ ] All module files exist with `mod.rs` re-exports and skeleton content
|
|
- [ ] `cargo check` succeeds with no errors
|
|
- [ ] `cargo clippy` succeeds with no warnings
|
|
- [ ] Binary name is `reverse-proxy` in `Cargo.toml`
|
|
- [ ] `.gitignore` covers `target/`
|
|
- [ ] Dual licensing: `MIT OR Apache-2.0` in `Cargo.toml`
|
|
|
|
## References
|
|
|
|
- docs/architecture/overview.md — crate dependencies, exports
|
|
- docs/architecture/config.md — config structure
|
|
- docs/architecture/proxy.md — proxy handler architecture
|
|
- docs/architecture/tls.md — TLS architecture
|
|
- docs/architecture/operations.md — rate limiting, logging, health check, shutdown
|
|
|
|
## Notes
|
|
|
|
> To be filled by implementation agent
|
|
|
|
## Summary
|
|
|
|
> To be filled on completion |