To make a release build (the one you want to have on your server) run `cargo build --release`, the binary will end up in `target/release/echoip-slatecave`.
Without any configuration `echoip-slatecave` will be readchable on http://localhost:3000 and use the `templates` folder relative to the pwd for its templates.
*Before running it on your server read the [security considerations](#security-considerations) first!*
### Commandline arguments
On the commandline `echoip-slatecave` accepts options for configuring the address to listen on and where to search for files overriding what is specified in the configuration file.
Use `echoip-slatecave --help` to get an up to date list.
### Configuration file
This section is about the general configration file you specify with `--config`.
You can find an example configuration file with sane defaults for a public deployment behind a proxy in the [echoip_config.toml](echoip_config.toml) file.
A less sane, but better for testing version can be found in [echoip_test.toml](echoip_test.toml).
### Templates
Templates in the templates folder exist for every rich page that `echoip-slatecave` supports.
The code that rendeers them can be found in [src/templating_engine.rs](src/templating_engine.rs).
There is a configuration file for templates which by default is the `extra.toml` file in the template directory. Its content is exposed to the templates in the `extra` struct.
The default templates should make use of everything exposed to the templating part, the `data.result` or `data` object is usually what you get when you ask for the json version.
The templates are covered by the AGPL as well, please share them with your users if you modified them.
For geolocation to work you need a MaxMind format database, for full functionality you need the GeoLite2-ASN and GeoLite2-City databses. Unfortunately you have to sign up with [MaxMind](https://maxmind.com) to obtain them. Once you have a license key there is a helper script in [contrib/maxmind-download.sh](contrib/maxmind-download.sh) that helps you with keeping the databse updated.
Since v1.0 echoip-slatecave reloads the databses when it rececieves a `USR1` signal.
`echoip-slatecave` allows anyone with access to its web interface to place queries that result in multiple DNS lookups to your system configured DNS Sever. This can leak internal name mappings, the configuration file gives you some tools to limit what is exposed.
Most noably you can disable reverse dns lookups, hide domains with given suffixes and disable reverse lookup for ip-ranges that are classified as private or local.
### https and reverse proxy
`echoip-slatecave` only exposes an unencrypted http interface to keep the service itself simple.
For a public service you should use a reverse proxy like Caddy, apache2 or nginx and configure the `ip_header` option, see the echoip_config.toml file. Usually the preconfigured `RightmostXForwardedFor` is the correct one, but please doublecheck it matches your servers configuration, it should fail by simply not working, but no guarantees given.
`echoip-slatecave` has some simle ratelimiting built in (see the `[ratelimit]` section in the configuration file) this should help you with too frequest automated requests causung high load.
The default configuration is pretty liberal so that the average human probably won't notice the rate limit, but a misbehavingig bot will be limited to one request every 3 seconds after 15 requests.