Version bump to 1.5.2

It doesn't work yet because of:
https://github.com/hickory-dns/hickory-dns/issues/2108

Cargo.toml

@@ -1,27 +1,30 @@
 [package]
 name = "echoip-slatecave"
-version = "0.1.0"
+version = "1.5.2"
 edition = "2021"
 authors = ["Slatian <baschdel@disroot.org>"]
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-axum = { version = "0.6", features = ["macros", "headers"] }
-axum-extra = { version = "0.7", features = ["cookie"] }
-axum-client-ip = "0.4"
-clap = { version = "4", features = ["derive"] }
-governor = "0.5"
-idna = "0.3"
-lazy_static = "1.4.0"
+lib-humus = { version="0.2", features=["axum-view+cookie"] }
+
+axum = { version = "0.7", features = ["macros"] }
+axum-extra = { version = "0.9", features = ["cookie", "typed-header"] }
+axum-client-ip = "0.6"
+clap = { version = "4.5", features = ["derive"] }
+governor = "0.8"
+idna = "1.0"
 parking_lot = "0.12"
-regex = "1.7"
-serde = { version = "1", features = ["derive"] }
+regex = "1.11"
+serde = { version = "1", features = ["derive","rc"] }
 tokio = { version = "1", features = ["macros","signal"] }
 tera = "1"
-toml = "0.7"
-tower = "0.4"
-tower-http = { version = "0.4", features = ["fs"] }
-trust-dns-proto = "0.22"
-trust-dns-resolver =  { version = "0.22", features = ["dns-over-rustls","dns-over-https","dns-over-quic"] }
-maxminddb = "0.23"
+toml = "0.8"
+tower = "0.5"
+tower-http = { version = "0.6", features = ["fs"] }
+hickory-proto = "0.24"
+hickory-resolver =  { version = "0.24", features = ["dns-over-rustls","dns-over-https","dns-over-quic","native-certs"] }
+maxminddb = "0.24"
+mime = "0.3"
+http = "1.2"

Configuration.md

@@ -72,7 +72,7 @@ This configuration option will not be exposed over the webinterface.
 
 By default echoip-slatecave uses the system configuration for dns like most other programs.
 
-In case this is undesired one can difable it by setting `enable_system_resolver` to false.
+In case this is undesired one can disable it by setting `enable_system_resolver` to false.
 
 ```toml
 [dns]
@@ -90,10 +90,6 @@ In case you want to use the system resolver and customize it.
 `system_resolver_weight`
 : Equivalent to the `weight` of a custom resolver, default: 1000
 
-### `search`
-
-This is for a work in progress feature that allows confiuring search domains for all custom dns resolvers.
-
 ### Custom resolvers 
 
 It is possible to confgure custom resolvers in plce of or in addition to the default system resolver.

README.md

@@ -1,9 +1,20 @@
 # echoip-slatecave
 
-This is a service inspired by ifconfig.co, but built from scratch with a more useful feature set (in rust !!1!).
+This is a service inspired by ifconfig.co, but built from scratch with a more useful feature set. Currently live on [echoip.slatecave.net](https://echoip.slatecave.net).
 
 It is Licensed under the AGPL-v3 license.
 
+## Maintainence Mode
+
+This project is in maintanance mode.
+
+This means the following will happen:
+* Dependency updates
+* Bugfixes
+* Small quality of life improvements
+
+But no active feature development by Slatian.
+
 ## Building
 
 Simply run `cargo build` after cloning. The binary should be called `target/debug/echoip-slatecave`.
@@ -34,18 +45,45 @@ A less sane, but better for testing version can be found in [echoip_test.toml](e
 
 Templates in the templates folder exist for every rich page that `echoip-slatecave` supports.
 
-The code that rendeers them can be found in [src/templating_engine.rs](src/templating_engine.rs).
-
 There is a configuration file for templates which by default is the `extra.toml` file in the template directory. Its content is exposed to the templates in the `extra` struct.
 
 The default templates should make use of everything exposed to the templating part, the `data.result` or `data` object is usually what you get when you ask for the json version.
 
+In addition to that the following fields are accessible from inside the template:
+
+`view`
+: The views name (the basename of the template file, i.e. `404` or `ip`)
+
+`format`
+: The format name (`html`, `text`, `json`)
+
+`mimetype`
+: The resulting mimetype (i.e. `text/plain; charset=utf-8`)
+
+`http_status`
+: The numeric HTTP Status-Code at the time of rendering the template.
+
+`language`
+: The language requested by the browser.
+
+`dns_resolvers`
+: A list of [Selectable](src/settings.rs) structs representing the available DNS-Resolvers.
+
+`dns_resolver_id`
+: The id of the currently selected DNS-Resolver
+
 The templates are covered by the AGPL as well, please share them with your users if you modified them.
 
-### GeoLite2 database
+### Geolocation databases
 
 For geolocation to work you need a MaxMind format database, for full functionality you need the GeoLite2-ASN and GeoLite2-City databses. Unfortunately you have to sign up with [MaxMind](https://maxmind.com) to obtain them. Once you have a license key there is a helper script in [contrib/maxmind-download.sh](contrib/maxmind-download.sh) that helps you with keeping the databse updated.
 
+As an alternative to MaxMind there is also [DB-IP who offer their free databases without a login](https://db-ip.com/db/lite.php). You want the City and ASN databases in mmdb format.
+
+**Don't forget to set the atttribution in the template configuration appropriately.**
+
+See the file `templates/extra.toml`.
+
 Since v1.0 echoip-slatecave reloads the databses when it rececieves a `USR1` signal.
 
 ## Security Considerations
@@ -67,9 +105,9 @@ The default configuration is pretty liberal so that the average human probably w
 
 ## TODO
 
-* [ ] Investigate why search isn't working for global TLDs
 * [ ] Add a way to configure just the dns server addresses and derive the port from the protocol.
 * [ ] Add an about page for the system resolver
+* [ ] Expose DNS responses from the additional on the web interface
 
 ## License
 

echoip_test.toml

@@ -28,9 +28,6 @@ allow_reverse_lookup = true
 # that end with one of these suffixes don't exist
 hidden_suffixes = [".com"]
 
-# doesn't really work 🙁
-search = ["org","net"]
-
 [geoip]
 # Path to geoip databses
 # Currently only the mmdb format is supported
@@ -116,7 +113,7 @@ tls_dns_name = "cloudflare-dns.com"
 
 [dns.resolver.google]
 display_name = "Google"
-info_url = "https://www.cloudflare.com/dns/"
+info_url = "https://developers.google.com/speed/public-dns/docs/using"
 aliases = ["goo","8888"]
 weight = 440
 

src/config/dns.rs

@@ -1,7 +1,9 @@
 use serde::{Deserialize,Serialize};
-use trust_dns_resolver::config::Protocol;
-use trust_dns_resolver::Name;
+use hickory_resolver::config::Protocol;
+use hickory_resolver::config::ResolverConfig as HickoryResolverConfig;
+use hickory_resolver::config::NameServerConfig;
 
+use std::sync::Arc;
 use std::collections::HashMap;
 use std::net::SocketAddr;
 
@@ -11,13 +13,12 @@ pub struct DnsConfig {
 	pub allow_forward_lookup: bool,
 	pub allow_reverse_lookup: bool,
 	pub hidden_suffixes: Vec<String>,
-	pub search: Vec<String>,
-	pub resolver: HashMap<String,DnsResolverConfig>,
+	pub resolver: HashMap<Arc<str>,DnsResolverConfig>,
 
 	pub enable_system_resolver: bool,
-	pub system_resolver_name: String,
+	pub system_resolver_name: Arc<str>,
 	pub system_resolver_weight: i32,
-	pub system_resolver_id: String,
+	pub system_resolver_id: Arc<str>,
 }
 
 #[derive(Deserialize, Serialize, Clone)]
@@ -32,22 +33,20 @@ pub enum DnsProtocol {
 
 #[derive(Deserialize, Serialize, Clone)]
 pub struct DnsResolverConfig {
-	pub display_name: String,
+	pub display_name: Arc<str>,
 	#[serde(default)]
-	pub info_url: Option<String>,
+	pub info_url: Option<Arc<str>>,
 	#[serde(default)]
-	pub aliases: Vec<String>,
+	pub aliases: Vec<Arc<str>>,
 	#[serde(default="zero")]
 	pub weight: i32,
 	pub servers: Vec<SocketAddr>,
-	#[serde(default)]
-	pub search: Vec<String>,
 	pub protocol: DnsProtocol,
-	pub tls_dns_name: Option<String>,
+	pub tls_dns_name: Option<Arc<str>>,
 	#[serde(skip_serializing)] //Don't leak our bind address to the outside
 	pub bind_address: Option<SocketAddr>,
-	#[serde(default="default_true")]
-	pub trust_nx_responses: bool,
+	#[serde(default="default_true", alias="trust_nx_responses")]
+	pub trust_negative_responses: bool,
 }
 
 fn zero() -> i32 {
@@ -65,12 +64,11 @@ impl Default for DnsConfig {
 			allow_reverse_lookup: false,
 			hidden_suffixes: Vec::new(),
 			resolver: Default::default(),
-			search: Vec::new(),
 
 			enable_system_resolver: true,
-			system_resolver_name: "System".to_string(),
+			system_resolver_name: "System".into(),
 			system_resolver_weight: 1000,
-			system_resolver_id: "system".to_string(),
+			system_resolver_id: "system".into(),
 		}
 	}
 }
@@ -88,31 +86,24 @@ impl Into<Protocol> for DnsProtocol {
 }
 
 impl DnsResolverConfig {
-	pub fn to_trust_resolver_config(
-		&self,
-		additional_search: &Vec<String>,
-	) -> trust_dns_resolver::config::ResolverConfig {
-		let mut resolver = trust_dns_resolver::config::ResolverConfig::new();
+	pub fn to_hickory_resolver_config(
+		&self
+	) -> HickoryResolverConfig {
+		let mut resolver = HickoryResolverConfig::new();
 		for server in &self.servers {
-			resolver.add_name_server(trust_dns_resolver::config::NameServerConfig{
+			resolver.add_name_server(NameServerConfig{
 				socket_addr: *server,
 				protocol: self.protocol.clone().into(),
-				tls_dns_name: self.tls_dns_name.clone(),
-				trust_nx_responses: self.trust_nx_responses,
+				tls_dns_name: self.tls_dns_name.clone().map(|s| s.to_string()),
+				trust_negative_responses: self.trust_negative_responses,
 				tls_config: None,
 				bind_addr: self.bind_address,
 			});
 		}
-		for search in &self.search {
-			if let Ok(name) = Name::from_str_relaxed(search) {
-				resolver.add_search(name);
-			}
-		}
-		for search in additional_search {
-			if let Ok(name) = Name::from_str_relaxed(search) {
-				resolver.add_search(name);
-			}
-		}
+		// Not configuring domain search here because searching
+		// on the resolver level is a bad idea unless we are
+		// taling about the system resolver which we
+		// can't tell what to do (which is good!)
 		return resolver;
 	}
 }

src/config/mod.rs

@@ -6,7 +6,7 @@ use std::num::NonZeroU32;
 
 mod dns;
 
-pub use crate::config::dns::{DnsConfig, DnsProtocol, DnsResolverConfig};
+pub use crate::config::dns::{DnsConfig, DnsResolverConfig};
 
 #[derive(Deserialize, Default, Clone)]
 pub struct EchoIpServiceConfig {
@@ -23,7 +23,6 @@ pub struct ServerConfig {
 	pub ip_header: SecureClientIpSource,
 
 	pub allow_private_ip_lookup: bool,
-	pub static_location: Option<String>,
 }
 
 
@@ -53,7 +52,6 @@ impl Default for ServerConfig {
 			listen_on: "127.0.0.1:3000".parse().unwrap(),
 			ip_header: SecureClientIpSource::ConnectInfo,
 			allow_private_ip_lookup: false,
-			static_location: None,
 		}
 	}
 }

src/main.rs

@@ -1,28 +1,28 @@
 use axum::{
+	body::Body,
 	extract::{
 		self,
 		Query,
 		State,
 		Extension,
 	},
-	headers,
-	http::Request,
 	handler::Handler,
+	http::Request,
 	middleware::{self, Next},
 	response::Response,
 	Router,
 	routing::get,
-	TypedHeader,
 };
 use axum_client_ip::SecureClientIp;
+use axum_extra::headers;
+use axum_extra::TypedHeader;
 use clap::Parser;
-use lazy_static::lazy_static;
 use regex::Regex;
 use serde::{Deserialize,Serialize};
-use tera::Tera;
 use tower::ServiceBuilder;
 use tower_http::services::ServeDir;
-use trust_dns_resolver::TokioAsyncResolver;
+use hickory_resolver::Name;
+use hickory_resolver::TokioAsyncResolver;
 
 use tokio::signal::unix::{
 	signal,
@@ -31,18 +31,23 @@ use tokio::signal::unix::{
 use tokio::task;
 
 use std::collections::HashMap;
-use std::fs;
 use std::net::IpAddr;
+use std::net::SocketAddr;
 use std::sync::Arc;
+use std::sync::LazyLock;
+
+use lib_humus::TemplateEngineLoader;
+use lib_humus::read_toml_from_file;
+use lib_humus::HumusEngine;
 
 mod config;
 mod geoip;
+mod idna;
 mod ipinfo;
 mod ratelimit;
 mod settings;
 mod simple_dns;
-mod templating_engine;
-mod idna;
+mod view;
 
 use crate::geoip::{
 	QueryAsn,
@@ -53,14 +58,17 @@ use crate::geoip::{
 use crate::idna::IdnaName;
 use crate::simple_dns::DnsLookupResult;
 use crate::settings::*;
-use crate::templating_engine::View;
+use crate::view::View;
 use crate::ipinfo::{AddressCast,AddressInfo,AddressScope};
 
+type TemplatingEngine = HumusEngine<View,QuerySettings,ResponseFormat>;
+
 #[derive(Deserialize, Serialize, Clone)]
 pub struct SettingsQuery {
 	format: Option<ResponseFormat>,
 	lang:   Option<String>,
 	dns:	Option<String>,
+	dns_self_lookup: Option<bool>,
 }
 
 #[derive(Deserialize, Serialize, Clone)]
@@ -75,26 +83,27 @@ pub struct IpResult {
 	asn:      Option<AsnResult>,
 	location: Option<LocationResult>,
 	ip_info:  AddressInfo,
-	used_dns_resolver: Option<String>,
+	used_dns_resolver: Option<Arc<str>>,
+	reverse_dns_disabled_for_privacy: bool,
 }
 
 // We need this one to hide the partial lookup field when irelevant
 pub fn not(b: &bool) -> bool { !b }
 
-#[derive(Serialize, Default, Clone)]
+#[derive(Serialize, Clone)]
 pub struct DigResult {
 	records: simple_dns::DnsLookupResult,
 	#[serde(skip_serializing_if = "IdnaName::was_ascii")]
 	idn: IdnaName,
 	#[serde(skip_serializing_if = "not")]
 	partial_lookup: bool,
-	used_dns_resolver: String,
+	used_dns_resolver: Arc<str>,
 }
 
 struct ServiceSharedState {
-	templating_engine:    templating_engine::Engine,
-	dns_resolvers:        HashMap<String,TokioAsyncResolver>,
-	dns_resolver_aliases: HashMap<String,String>,
+	templating_engine:    TemplatingEngine,
+	dns_resolvers:        HashMap<Arc<str>,TokioAsyncResolver>,
+	dns_resolver_aliases: HashMap<Arc<str>,Arc<str>>,
 	asn_db:               geoip::MMDBCarrier,
 	location_db:          geoip::MMDBCarrier,
 	config:               config::EchoIpServiceConfig,
@@ -104,7 +113,7 @@ struct ServiceSharedState {
 #[derive(Clone)]
 struct DerivedConfiguration {
 	dns_resolver_selectables: Vec<Selectable>,
-	default_resolver: String,
+	default_resolver: Arc<str>,
 }
 
 #[derive(Parser)]
@@ -113,7 +122,7 @@ struct CliArgs {
 	#[arg(short, long)]
 	config: Option<String>,
 	#[arg(short, long)]
-	listen_on: Option<String>,
+	listen_on: Option<SocketAddr>,
 	#[arg(short, long)]
 	template_location: Option<String>,
 	#[arg(short,long)]
@@ -132,23 +141,6 @@ fn match_domain_hidden_list(domain: &String, hidden_list: &Vec<String>) -> bool
 	return false;
 }
 
-fn read_toml_from_file<T: for<'de> serde::Deserialize<'de>>(path: &String) -> Option<T> {
-	let text = match fs::read_to_string(path) {
-		Ok(t) => t,
-		Err(e) => {
-			println!("Error while reading file '{path}': {e}");
-			return None;
-		}
-	};
-	match toml::from_str(&text) {
-		Ok(t) => Some(t),
-		Err(e) => {
-			println!("Unable to parse file '{path}':\n{e}");
-			return None;
-		}
-	}
-}
-
 #[tokio::main]
 async fn main() {
 	// Parse Command line arguments
@@ -158,9 +150,11 @@ async fn main() {
 	let config: config::EchoIpServiceConfig = match cli_args.config {
 		Some(config_path) => {
 			match read_toml_from_file::<config::EchoIpServiceConfig>(&config_path) {
-				Some(c) => c,
-				None => {
-					println!("Could not read confuration file, exiting.");
+				Ok(c) => c,
+				Err(e) => {
+					println!("Could not read confuration file!");
+					println!("{e}");
+					println!("Exiting ...");
 					::std::process::exit(1);
 				}
 			}
@@ -169,47 +163,25 @@ async fn main() {
 	};
 	
 	// Initalize Tera templates
-	let mut template_base_dir = match cli_args.template_location {
-		Some(template_base_dir) => template_base_dir,
-		None => (&config.template.template_location).to_owned(),
-	};
-	if !template_base_dir.ends_with("/") {
-		template_base_dir = template_base_dir + "/";
-	}
-	let template_extra_config = match &cli_args.extra_config {
-		Some(path) => read_toml_from_file(path),
-		None => match &config.template.extra_config {
-			Some(path) => read_toml_from_file(path),
-			None => {
-				println!("Trying to read default template configuration ...");
-				println!("(If this fails that may be ok, depending on your template)");
-				read_toml_from_file(&(template_base_dir.clone()+"extra.toml"))
-			},
-		},
-	};
-	let template_glob = template_base_dir.clone()+"*";
-	println!("Parsing Templates from '{}' ...", &template_glob);
-	let res = Tera::new((template_glob).as_str());
-	let tera = match res {
-		Ok(t) => t,
+	let template_loader = TemplateEngineLoader::new(
+		config.template.template_location.clone(),
+		config.template.extra_config.clone()
+	)
+		.cli_template_location(cli_args.template_location)
+		.cli_extra_config_location(cli_args.extra_config);
+		
+
+	let templating_engine = match template_loader.load_templates() {
+		Ok(t) => t.into(),
 		Err(e) => {
-			println!("Template parsing error(s): {}", e);
+			println!("{e}");
 			::std::process::exit(1);
 		}
 	};
 
-	let templating_engine = templating_engine::Engine{
-		tera: tera,
-		template_config: template_extra_config,
-	};
-
 	// Static file directory
 
-	let static_file_directory = cli_args.static_location.unwrap_or(
-		config.server.static_location.clone().unwrap_or(
-			template_base_dir+"/static"
-		)
-	);
+	let static_file_directory = template_loader.base_dir()+"/static";
 
 	println!("Static files will be served from: {static_file_directory}");
 
@@ -233,8 +205,8 @@ async fn main() {
 	println!("Initalizing dns resolvers ...");
 
 	let mut dns_resolver_selectables = Vec::<Selectable>::new();
-	let mut dns_resolver_map: HashMap<String,TokioAsyncResolver> = HashMap::new();
-	let mut dns_resolver_aliases: HashMap<String,String> = HashMap::new();
+	let mut dns_resolver_map: HashMap<Arc<str>,TokioAsyncResolver> = HashMap::new();
+	let mut dns_resolver_aliases: HashMap<Arc<str>,Arc<str>> = HashMap::new();
 
 	if config.dns.enable_system_resolver {
 		println!("Initalizing System resolver ...");
@@ -258,9 +230,9 @@ async fn main() {
 	for (key, resolver_config) in &config.dns.resolver {
 		println!("Initalizing {} resolver ...", key);
 		let resolver = TokioAsyncResolver::tokio(
-			resolver_config.to_trust_resolver_config(&config.dns.search),
+			resolver_config.to_hickory_resolver_config(),
 			Default::default()
-		).unwrap();
+		);
 		dns_resolver_map.insert(key.clone(), resolver);
 		dns_resolver_selectables.push(Selectable {
 			id: key.clone(),
@@ -272,7 +244,7 @@ async fn main() {
 		}
 	}
 	
-	let listen_on = config.server.listen_on;
+	let listen_on = cli_args.listen_on.unwrap_or(config.server.listen_on);
 	let ip_header = config.server.ip_header.clone();
 
 	// Initialize shared state
@@ -289,7 +261,7 @@ async fn main() {
 	dns_resolver_selectables.sort_by(|a,b| b.weight.cmp(&a.weight));
 	let default_resolver = dns_resolver_selectables.get(0)
 		.map(|s| s.id.clone() )
-		.unwrap_or("none".to_string());
+		.unwrap_or("none".into());
 	let derived_config = DerivedConfiguration {
 		dns_resolver_selectables: dns_resolver_selectables,
 		default_resolver: default_resolver,
@@ -343,30 +315,30 @@ async fn main() {
 
 	println!("Starting Server on {} ...",listen_on);
 
-    axum::Server::bind(&listen_on)
-        .serve(app.into_make_service_with_connect_info::<std::net::SocketAddr>())
+	let listener = tokio::net::TcpListener::bind(&listen_on).await.unwrap();
+    axum::serve(listener, app.into_make_service_with_connect_info::<std::net::SocketAddr>())
         .await
         .unwrap();
 }
 
 
-async fn settings_query_middleware<B>(
+async fn settings_query_middleware(
 	Query(query): Query<SettingsQuery>,
 	Extension(config): Extension<config::EchoIpServiceConfig>,
 	Extension(derived_config): Extension<DerivedConfiguration>,
 	cookie_header: Option<TypedHeader<headers::Cookie>>,
 	user_agent_header: Option<TypedHeader<headers::UserAgent>>,
-	mut req: Request<B>,
-	next: Next<B>
+	mut req: Request<Body>,
+	next: Next
 ) -> Response {
 	let mut format = query.format;
 	let mut dns_resolver_id = derived_config.default_resolver;
 
 	if let Some(resolver_id) = query.dns {
-		dns_resolver_id = resolver_id;
+		dns_resolver_id = resolver_id.into();
 	} else if let Some(cookie_header) = cookie_header {
 		if let Some(resolver_id) = cookie_header.0.get("dns_resolver") {
-			dns_resolver_id = resolver_id.to_string();
+			dns_resolver_id = resolver_id.into();
 		}
 	}
 	
@@ -376,7 +348,7 @@ async fn settings_query_middleware<B>(
 			let ua = user_agent.as_str();
 			for tua in config.template.text_user_agents {
 				if ua.starts_with(&tua) {
-					format = Some(ResponseFormat::TextPlain);
+					format = Some(ResponseFormat::Text);
 					break;
 				}
 			}
@@ -384,10 +356,11 @@ async fn settings_query_middleware<B>(
 	}
 	// Add the request settings extension
 	req.extensions_mut().insert(QuerySettings{
-		format: format.unwrap_or(ResponseFormat::TextHtml),
+		format: format.unwrap_or(ResponseFormat::Html),
 		lang: query.lang.unwrap_or("en".to_string()),
 		available_dns_resolvers: derived_config.dns_resolver_selectables,
 		dns_resolver_id: dns_resolver_id,
+		dns_disable_self_lookup: !query.dns_self_lookup.unwrap_or(false),
 	});
 	next.run(req).await
 }
@@ -400,8 +373,8 @@ async fn not_found_handler(
 
 	state.templating_engine.render_view(
 		&settings,
-		&View::NotFound,
-	).await
+		View::NotFound,
+	)
 }
 
 async fn hello_world_handler(
@@ -412,11 +385,11 @@ async fn hello_world_handler(
 
 	state.templating_engine.render_view(
 		&settings,
-		&View::Message{
+		View::Message{
 			title: "Hey There!".to_string(),
-			message: "You,You are an awesome Creature!".to_string()
+			message: "You are an awesome Creature!".to_string()
 		},
-	).await
+	)
 }
 
 
@@ -431,7 +404,7 @@ async fn handle_default_route(
 	State(arc_state): State<Arc<ServiceSharedState>>,
 	Extension(settings): Extension<QuerySettings>,
 	user_agent_header: Option<TypedHeader<headers::UserAgent>>,
-	SecureClientIp(address): SecureClientIp
+	SecureClientIp(client_ip): SecureClientIp
 ) -> Response {
 	
 	let state = Arc::clone(&arc_state);
@@ -442,12 +415,20 @@ async fn handle_default_route(
 				search_query,
 				false,
 				settings,
-				state
+				state,
+				&client_ip
 			).await;
 		}
 	}
 
-	let result = get_ip_result(&address, &settings.lang, &"default".to_string(), &state).await;
+	let result = get_ip_result(
+		&client_ip,
+		&settings.lang,
+		&settings.dns_resolver_id,
+		settings.dns_disable_self_lookup,
+		&client_ip,
+		&state,
+	).await;
 
 	let user_agent: Option<String> = match user_agent_header {
 		Some(TypedHeader(user_agent)) => Some(user_agent.to_string()),
@@ -456,29 +437,27 @@ async fn handle_default_route(
 
 	state.templating_engine.render_view(
 		&settings,
-		&View::Index{
+		View::Index{
 			result: result,
 			user_agent: user_agent,
 		}
-	).await
+	)
 }
 
+static ASN_REGEX: LazyLock<Regex> = LazyLock::new(|| { Regex::new(r"^[Aa][Ss][Nn]?\s*(\d{1,7})$").unwrap() });
+static VIA_REGEX: LazyLock<Regex> = LazyLock::new(|| { Regex::new(r"[Vv][Ii][Aa]\s+(\S+)").unwrap() });
 
 async fn handle_search_request(
 	search_query: String,
 	this_should_have_been_an_ip: bool,
 	settings: QuerySettings,
 	arc_state: Arc<ServiceSharedState>,
+	client_ip: &IpAddr,
 ) -> Response {
 
 	let mut search_query = search_query.trim().to_string();
 	let mut settings = settings;
 
-	lazy_static!{
-		static ref ASN_REGEX: Regex = Regex::new(r"^[Aa][Ss][Nn]?\s*(\d{1,7})$").unwrap();
-		static ref VIA_REGEX: Regex = Regex::new(r"[Vv][Ii][Aa]\s+(\S+)").unwrap();
-	}
-
 	//If someone asked for an asn, give an asn answer
 	if let Some(asn_cap) = ASN_REGEX.captures(&search_query) {
 		if let Some(asn) = asn_cap.get(1).map_or(None, |m| m.as_str().parse::<u32>().ok()) {
@@ -486,17 +465,17 @@ async fn handle_search_request(
 			let state = Arc::clone(&arc_state);
 			return state.templating_engine.render_view(
 				&settings,
-				&View::Asn{asn: asn},
-			).await
+				View::Asn{asn: asn},
+			)
 		}
 	}
 
 	if let Some(via_cap) = VIA_REGEX.captures(&search_query) {
-		if let Some(via) = via_cap.get(1).map(|c| c.as_str().to_string()) {
+		if let Some(via) = via_cap.get(1) {
 			let state = Arc::clone(&arc_state);
-			if state.dns_resolvers.contains_key(&via) {
-				settings.dns_resolver_id = via;
-			} else if let Some(alias) = state.dns_resolver_aliases.get(&via) {
+			if state.dns_resolvers.contains_key(via.as_str()) {
+				settings.dns_resolver_id = via.as_str().into();
+			} else if let Some(alias) = state.dns_resolver_aliases.get(via.as_str()) {
 				settings.dns_resolver_id = alias.clone();
 			}
 		}
@@ -505,7 +484,7 @@ async fn handle_search_request(
 
 	// Try to interpret as an IP-Address
 	if let Ok(address) = search_query.parse() {
-		return handle_ip_request(address, settings, arc_state).await;
+		return handle_ip_request(address, settings, arc_state, client_ip).await;
 	}
 
 	// Fall back to treating it as a hostname
@@ -525,8 +504,8 @@ async fn handle_dns_resolver_route(
 	let state = Arc::clone(&arc_state);
 	state.templating_engine.render_view(
 		&settings,
-		&View::DnsResolverList,
-	).await	
+		View::DnsResolverList,
+	)
 }
 
 
@@ -536,16 +515,16 @@ async fn handle_dns_resolver_route_with_path(
 	extract::Path(query): extract::Path<String>,
 ) -> Response {
 	let state = Arc::clone(&arc_state);
-	if let Some(resolver) = state.config.dns.resolver.get(&query) {
+	if let Some(resolver) = state.config.dns.resolver.get(query.as_str()) {
 		state.templating_engine.render_view(
 			&settings,
-			&View::DnsResolver{ config: resolver.clone() },
-		).await
+			View::DnsResolver{ config: resolver.clone() },
+		)
 	} else {
 		state.templating_engine.render_view(
 			&settings,
-			&View::NotFound,
-		).await
+			View::NotFound,
+		)
 	}
 }
 
@@ -553,11 +532,12 @@ async fn handle_ip_route_with_path(
 	Extension(settings): Extension<QuerySettings>,
 	State(arc_state): State<Arc<ServiceSharedState>>,
 	extract::Path(query): extract::Path<String>,
+	SecureClientIp(client_ip): SecureClientIp
 ) -> Response {
 	if let Ok(address) = query.parse() {
-		return handle_ip_request(address, settings, arc_state).await
+		return handle_ip_request(address, settings, arc_state, &client_ip).await
 	} else {
-		return handle_search_request(query, true, settings, arc_state).await;
+		return handle_search_request(query, true, settings, arc_state, &client_ip).await;
 	}
 }
 
@@ -565,6 +545,7 @@ async fn handle_ip_request(
 	address: IpAddr,
 	settings: QuerySettings,
 	arc_state: Arc<ServiceSharedState>,
+	client_ip: &IpAddr,
 ) -> Response {
 
 	let state = Arc::clone(&arc_state);
@@ -572,21 +553,33 @@ async fn handle_ip_request(
 		&address,
 		&settings.lang,
 		&settings.dns_resolver_id,
+		settings.dns_disable_self_lookup,
+		client_ip,
 		&state).await;
 
 	state.templating_engine.render_view(
 		&settings,
-		&View::Ip{result: result}
-	).await
+		View::Ip{result: result}
+	)
 }
 
 async fn get_ip_result(
 	address: &IpAddr,
 	lang: &String,
-	dns_resolver_name: &String,
+	dns_resolver_name: &Arc<str>,
+	dns_disable_self_lookup: bool,
+	client_ip: &IpAddr,
 	state: &ServiceSharedState,
 ) -> IpResult {
 
+	let mut reverse_dns_disabled_for_privacy = false;
+	
+	if state.config.dns.allow_reverse_lookup {
+		if address == client_ip && dns_disable_self_lookup {
+			reverse_dns_disabled_for_privacy = true;
+		}
+	}
+		
 	let ip_info = AddressInfo::new(&address);
 
 	if !(ip_info.scope == AddressScope::Global || ip_info.scope == AddressScope::Shared) || ip_info.cast != AddressCast::Unicast {
@@ -598,14 +591,15 @@ async fn get_ip_result(
 				location: None,
 				ip_info: ip_info,
 				used_dns_resolver: None,
+				reverse_dns_disabled_for_privacy: reverse_dns_disabled_for_privacy,
 			}
 		}
 	} 
 
 	// do reverse lookup
 	let mut hostname: Option<String> = None;
-	let mut used_dns_resolver: Option<String> = None;
-	if state.config.dns.allow_reverse_lookup {
+	let mut used_dns_resolver: Option<Arc<str>> = None;
+	if state.config.dns.allow_reverse_lookup && !reverse_dns_disabled_for_privacy {
 		if let Some(dns_resolver) = &state.dns_resolvers.get(dns_resolver_name) {
 			hostname = simple_dns::reverse_lookup(&dns_resolver, &address).await;
 			used_dns_resolver = Some(dns_resolver_name.clone());
@@ -636,6 +630,7 @@ async fn get_ip_result(
 		location: location_result,
 		ip_info: ip_info,
 		used_dns_resolver: used_dns_resolver,
+		reverse_dns_disabled_for_privacy: reverse_dns_disabled_for_privacy,
 	}
 }
 
@@ -665,46 +660,68 @@ async fn handle_dig_request(
 
 	state.templating_engine.render_view(
 		&settings,
-		&View::Dig{ query: dig_query, result: dig_result}
-	).await
+		View::Dig{ query: dig_query, result: dig_result}
+	)
 
 }
 
 async fn get_dig_result(
 	dig_query:         &String,
-	dns_resolver_name: &String,
+	dns_resolver_name: &Arc<str>,
 	state:             &ServiceSharedState,
 	do_full_lookup:     bool,
 ) -> DigResult {
 	let name = &dig_query.trim().trim_end_matches(".").to_string();
 	let idna_name = IdnaName::from_string(&name);
-	if let Some(dns_resolver) = &state.dns_resolvers.get(dns_resolver_name) {
-		if match_domain_hidden_list(&name, &state.config.dns.hidden_suffixes) {
-			// Try to hide the fact that we didn't do dns resolution at all
-			// We resolve example.org as basic avoidance of timing sidechannels.
-			// WARNING: this timing sidechannel avoidance is very crude.
-			simple_dns::lookup(
+	if let Some(dns_resolver) = state.dns_resolvers.get(dns_resolver_name) {
+		if let Ok(domain_name) = Name::from_str_relaxed(name.to_owned()+".") {
+			if match_domain_hidden_list(&name, &state.config.dns.hidden_suffixes) {
+				// Try to hide the fact that we didn't do dns resolution at all
+				// We resolve example.org as basic avoidance of timing sidechannels.
+				// WARNING: this timing sidechannel avoidance is very crude.
+				simple_dns::lookup(
+							&dns_resolver,
+							&Name::from_ascii("example.org.").expect("Static Dummy Name"),
+							do_full_lookup).await;
+				return DigResult {
+					records: DnsLookupResult{ nxdomain: true , ..Default::default() },
+					idn: idna_name,
+					partial_lookup: !do_full_lookup,
+					used_dns_resolver: dns_resolver_name.clone(),
+				}
+			} else {
+				return DigResult {
+					records: simple_dns::lookup(
 						&dns_resolver,
-						&("example.org.".to_string()),
-						do_full_lookup).await;
-			DigResult {
-				records: DnsLookupResult{ nxdomain: true , ..Default::default() },
-				idn: idna_name,
-				partial_lookup: !do_full_lookup,
-				used_dns_resolver: dns_resolver_name.clone(),
+						&domain_name,
+						do_full_lookup).await,
+					idn: idna_name,
+					partial_lookup: !do_full_lookup,
+					used_dns_resolver: dns_resolver_name.clone(),
+				}
 			}
 		} else {
-			DigResult {
-				records: simple_dns::lookup(
-					&dns_resolver,
-					&(idna_name.idn.clone().unwrap_or(name.to_owned())+"."),
-					do_full_lookup).await,
+			// Invalid domain name
+			return DigResult {
+				records: DnsLookupResult{
+					invalid_name: true,
+					.. Default::default()
+				},
 				idn: idna_name,
 				partial_lookup: !do_full_lookup,
 				used_dns_resolver: dns_resolver_name.clone(),
 			}
 		}
 	} else {
-		return Default::default();
+		// Unknown resolver name
+		return DigResult {
+			records: DnsLookupResult{
+				unkown_resolver: true,
+				.. Default::default()
+			},
+			idn: idna_name,
+			partial_lookup: !do_full_lookup,
+			used_dns_resolver: "unkown_resolver".into(),
+		}
 	}
 }

src/ratelimit.rs

@@ -1,5 +1,6 @@
 use axum_client_ip::SecureClientIp;
 use axum::{
+	body::Body,
 	extract::Extension,
 	http::{
 		Request,
@@ -40,11 +41,11 @@ pub fn build_rate_limiting_state(
 	Extension(arc_limiter)
 }
 
-pub async fn rate_limit_middleware<B>(
+pub async fn rate_limit_middleware(
 	SecureClientIp(address): SecureClientIp,
 	Extension(arc_limiter): Extension<Arc<SimpleRateLimiter<IpAddr>>>,
-	req: Request<B>,
-	next: Next<B>
+	req: Request<Body>,
+	next: Next
 ) -> Response {
 	let limiter = Arc::clone(&arc_limiter);
 

src/settings.rs

@@ -1,36 +1,13 @@
 use serde::{Deserialize,Serialize};
 
+use lib_humus::HtmlTextJsonFormat;
+use lib_humus::HumusQuerySettings;
+
+use std::sync::Arc;
+
 /* Response format */
 
-#[derive(Deserialize, Serialize, Clone, Copy)]
-pub enum ResponseFormat {
-	#[serde(rename="text/plain", alias="text")]
-	TextPlain,
-	#[serde(rename="text/html", alias="html")]
-	TextHtml,
-	#[serde(rename="application/json", alias="json")]
-	ApplicationJson,
-}
-
-impl ToString for ResponseFormat {
-	fn to_string(&self) -> String {
-		match self {
-			ResponseFormat::TextPlain => "text/plain",
-			ResponseFormat::TextHtml => "text/html",
-			ResponseFormat::ApplicationJson => "application/json",
-		}.to_string()
-	}
-}
-
-impl ResponseFormat {
-	pub fn to_file_extension(&self) -> String {
-		match self {
-			ResponseFormat::TextPlain => ".txt",
-			ResponseFormat::TextHtml => ".html",
-			ResponseFormat::ApplicationJson => ".json",
-		}.to_string()
-	}
-}
+pub type ResponseFormat = HtmlTextJsonFormat;
 
 /* Query and Template Settings */
 
@@ -39,13 +16,27 @@ pub struct QuerySettings {
 	pub format: ResponseFormat,
 	pub lang: String,
 	pub available_dns_resolvers: Vec<Selectable>,
-	pub dns_resolver_id: String,
+	pub dns_resolver_id: Arc<str>,
+	pub dns_disable_self_lookup: bool,
 }
 
 #[derive(Deserialize, Serialize, Clone)]
 pub struct Selectable {
-	pub id: String,
-	pub name: String,
+	pub id: Arc<str>,
+	pub name: Arc<str>,
 	pub weight: i32,
 }
 
+impl HumusQuerySettings<ResponseFormat> for QuerySettings {
+	
+	fn initalize_template_context(&self, context: &mut tera::Context) {
+		context.insert("language", &self.lang);
+		context.insert("dns_resolvers", &self.available_dns_resolvers);
+		context.insert("dns_resolver_id", &self.dns_resolver_id);
+	}
+
+	fn get_format(&self) -> ResponseFormat {
+		self.format.clone()
+	}
+
+}

src/simple_dns.rs

@@ -1,20 +1,20 @@
-/*
- * This module wraps the trust_dns_resolver library
- * to generate results thaat are ready for serializing
- * or templating.
- * It does not aim to be reusable for any other purpose,
- * the trust_dns_resolver library already does that.
- */
 
-use trust_dns_proto::op::response_code::ResponseCode;
-use trust_dns_proto::rr::{
+//! This module wraps the hickory_resolver library
+//! to generate results thaat are ready for serializing
+//! or templating.
+//! It does not aim to be reusable for any other purpose,
+//! the hickory_resolver library already does that.
+
+use hickory_proto::op::response_code::ResponseCode;
+use hickory_proto::rr::{
 	RData,
 	record_type::RecordType,
 };
-use trust_dns_resolver::{
+use hickory_resolver::{
 	error::ResolveError,
 	error::ResolveErrorKind,
 	lookup::Lookup,
+	Name,
 	TokioAsyncResolver,
 };
 
@@ -37,10 +37,12 @@ pub struct DnsLookupResult {
 	pub txt:   Option<Vec<String>>,
 	pub srv:   Option<Vec<SrvRecord>>,
 	pub caa:   Option<Vec<String>>,
-	pub other_error: bool,
-	pub dns_error:   bool,
-	pub nxdomain:    bool,
-	pub timeout:     bool,
+	pub other_error:     bool,
+	pub dns_error:       bool,
+	pub nxdomain:        bool,
+	pub timeout:         bool,
+	pub invalid_name:    bool,
+	pub unkown_resolver: bool,
 }
 
 #[derive(serde::Deserialize, serde::Serialize, Clone, PartialEq)]
@@ -118,9 +120,9 @@ pub fn set_default_if_none<T>(opt_vec: &mut Option<Vec<T>>) {
 
 pub fn add_record_to_lookup_result(result: &mut DnsLookupResult, record: &RData){
 	match record {
-		RData::AAAA(address) => opush(&mut result.aaaa, std::net::IpAddr::V6(*address)),
+		RData::AAAA(aaaa) => opush(&mut result.aaaa, std::net::IpAddr::V6(aaaa.0)),
 		RData::ANAME(aname) => opush(&mut result.aname, aname.to_string()),
-		RData::A(address) => opush(&mut result.a, std::net::IpAddr::V4(*address)),
+		RData::A(a) => opush(&mut result.a, std::net::IpAddr::V4(a.0)),
 		RData::CAA(caa) => opush(&mut result.caa, caa.to_string()),
 		RData::CNAME(cname) => opush(&mut result.cname, cname.to_string()),
 		RData::MX(mx) => opush(&mut result.mx, MxRecord{
@@ -171,8 +173,14 @@ pub fn integrate_lookup_result(dig_result: &mut DnsLookupResult, lookup_result:
 				RecordType::TXT =>   set_default_if_none(&mut dig_result.txt),
 				_ => { /* This should not happen */ },
 			};
-			for record in lookup.iter() {
-				add_record_to_lookup_result(dig_result, record);
+			let name = lookup.query().name();
+			for record in lookup.record_iter() {
+				if name == record.name() {
+					if let Some(data) = record.data() {
+						add_record_to_lookup_result(dig_result, data);
+					}
+				}
+				//TODO: handle additional responses
 			}
 		},
 		Err(e) => {
@@ -210,7 +218,7 @@ pub fn integrate_lookup_result(dig_result: &mut DnsLookupResult, lookup_result:
 // records will be fetched.
 pub async fn lookup(
 	resolver: &TokioAsyncResolver,
-	name: &String,
+	name: &Name,
 	do_full_lookup: bool,
 ) -> DnsLookupResult {
 	let (
@@ -219,10 +227,10 @@ pub async fn lookup(
 		cname_lookup_res,
 		aname_lookup_res
 	) = join!(
-		resolver.lookup(name, RecordType::A),
-		resolver.lookup(name, RecordType::AAAA),
-		resolver.lookup(name, RecordType::CNAME),
-		resolver.lookup(name, RecordType::ANAME),
+		resolver.lookup(name.clone(), RecordType::A),
+		resolver.lookup(name.clone(), RecordType::AAAA),
+		resolver.lookup(name.clone(), RecordType::CNAME),
+		resolver.lookup(name.clone(), RecordType::ANAME),
 	);
 
 	// initlize an empty lookup result
@@ -243,12 +251,12 @@ pub async fn lookup(
 			srv_lookup_res,
 			txt_lookup_res
 		) = join!(
-			resolver.lookup(name, RecordType::MX),
-			resolver.lookup(name, RecordType::NS),
-			resolver.lookup(name, RecordType::SOA),
-			resolver.lookup(name, RecordType::CAA),
-			resolver.lookup(name, RecordType::SRV),
-			resolver.lookup(name, RecordType::TXT),
+			resolver.lookup(name.clone(), RecordType::MX),
+			resolver.lookup(name.clone(), RecordType::NS),
+			resolver.lookup(name.clone(), RecordType::SOA),
+			resolver.lookup(name.clone(), RecordType::CAA),
+			resolver.lookup(name.clone(), RecordType::SRV),
+			resolver.lookup(name.clone(), RecordType::TXT),
 		);
 
 		integrate_lookup_result(&mut dig_result, mx_lookup_res);

src/templating_engine.rs

@@ -1,135 +0,0 @@
-/*
- * This is the echoip-slatecave templating engine.
- * It wraps around tera in is specialized for echoip-slatecave.
- */
-
-use axum::{
-	headers::HeaderValue,
-	http::StatusCode,
-	http::header::SET_COOKIE,
-	response::Html,
-	response::IntoResponse,
-	response::Response,
-	response::Json,
-};
-use axum_extra::extract::cookie::Cookie;
-use axum_extra::extract::cookie;
-use tera::Tera;
-use toml::Table;
-
-use crate::DigResult;
-use crate::IpResult;
-use crate::config::DnsResolverConfig;
-use crate::settings::*;
-
-
-/* The echoip view */
-
-#[derive(serde::Serialize, Clone)]
-#[serde(untagged)]
-pub enum View {
-	Asn { asn: u32 },
-	Dig { query: String, result: DigResult },
-	DnsResolver{ config: DnsResolverConfig },
-	DnsResolverList,
-	Index { result: IpResult, user_agent: Option<String> },
-	Ip { result: IpResult },
-	Message{ title: String, message: String },
-	#[serde(rename="404")]
-	NotFound,
-}
-
-impl View {
-	pub fn template_name(&self) -> String {
-		match self {
-			View::Asn{..} => "asn",
-			View::Dig{..} => "dig",
-			View::DnsResolver{..} => "dns_resolver",
-			View::DnsResolverList => "dns_resolver_list",
-			View::Index{..} => "index",
-			View::Ip{..} => "ip",
-			View::Message{..} => "message",
-			View::NotFound => "404",
-		}.to_string()
-	}
-}
-
-/* The engine itself */
-
-#[derive(Clone)]
-pub struct Engine {
-	pub tera: Tera,
-	pub template_config: Option<Table>,
-}
-
-impl Engine {
-	pub async fn render_view(
-		&self,
-		settings: &QuerySettings,
-		view: &View,
-	) -> Response {
-		let mut response = match settings.format {
-			ResponseFormat::TextHtml | ResponseFormat::TextPlain => {
-				let template_name = view.template_name();
-
-				let mut context = tera::Context::new();
-				context.insert("view", &template_name);
-				//intented for shared macros
-				context.insert("format", &settings.format.to_string());
-				context.insert("language", &settings.lang);
-				context.insert("dns_resolvers", &settings.available_dns_resolvers);
-				context.insert("dns_resolver_id", &settings.dns_resolver_id);
-				context.insert("data", &view);
-				context.insert("extra", &self.template_config);
-
-				match self.tera.render(&(template_name+&settings.format.to_file_extension()), &context) {
-					Ok(text) =>
-						match settings.format {
-							ResponseFormat::TextHtml => Html(text).into_response(),
-							_ => text.into_response(),
-						}
-					Err(e) => {
-						println!("There was an error while rendering template {}: {e:?}", view.template_name());
-						(
-							StatusCode::INTERNAL_SERVER_ERROR,
-						format!("Template error in {}, contact owner or see logs.\n", view.template_name())
-						).into_response()
-					}
-				}
-			}
-			//TODO: Plain Text should have its own matcher
-			ResponseFormat::ApplicationJson => {
-				match view {
-					View::Dig{result, ..} => {
-						Json(result).into_response()
-					},
-					View::Index{result, ..} | View::Ip{result, ..} => {
-						Json(result).into_response()
-					},
-					View::DnsResolverList => {
-						Json(settings.available_dns_resolvers.clone()).into_response()
-					},
-					View::DnsResolver{ config } => {
-						Json(config).into_response()
-					}
-					_ => Json(view).into_response(),
-				}
-			}
-		};
-		match view {
-			View::NotFound => *response.status_mut() = StatusCode::NOT_FOUND,
-			_ => {},
-		}
-		let cookie = Cookie::build("dns_resolver",settings.dns_resolver_id.clone())
-			.path("/")
-			.same_site(cookie::SameSite::Strict)
-			.finish();
-		if let Ok(header_value) = HeaderValue::from_str(&cookie.to_string()) {
-			response.headers_mut().append(
-				SET_COOKIE,
-				header_value,
-			);
-		}
-		response
-	}
-}

src/view.rs

@@ -0,0 +1,80 @@
+
+use axum::http::status::StatusCode;
+use axum::Json;
+use axum::response::IntoResponse;
+use axum::response::Response;
+use axum_extra::extract::cookie::Cookie;
+use axum_extra::extract::cookie;
+use lib_humus::HumusView;
+
+use crate::DigResult;
+use crate::IpResult;
+use crate::config::DnsResolverConfig;
+use crate::settings::QuerySettings;
+use crate::settings::ResponseFormat;
+
+
+#[derive(serde::Serialize, Clone)]
+#[serde(untagged)]
+pub enum View {
+	Asn { asn: u32 },
+	Dig { query: String, result: DigResult },
+	DnsResolver{ config: DnsResolverConfig },
+	DnsResolverList,
+	Index { result: IpResult, user_agent: Option<String> },
+	Ip { result: IpResult },
+	Message{ title: String, message: String },
+	#[serde(rename="404")]
+	NotFound,
+}
+
+impl HumusView<QuerySettings, ResponseFormat> for View {
+	fn get_template_name(&self) -> String {
+		match self {
+			View::Asn{..} => "asn",
+			View::Dig{..} => "dig",
+			View::DnsResolver{..} => "dns_resolver",
+			View::DnsResolverList => "dns_resolver_list",
+			View::Index{..} => "index",
+			View::Ip{..} => "ip",
+			View::Message{..} => "message",
+			View::NotFound => "404",
+		}.to_string()
+	}
+
+	fn get_status_code(&self, _: &QuerySettings) -> StatusCode {
+		match self {
+			Self::NotFound => StatusCode::NOT_FOUND,
+			_ => StatusCode::OK,
+		}
+	}
+	
+	fn get_cookie_header(&self, settings: &QuerySettings) -> Option<String> {
+		Some(
+			Cookie::build(Cookie::new("dns_resolver",settings.dns_resolver_id.to_string()))
+				.path("/")
+				.same_site(cookie::SameSite::Strict)
+				.build()
+				.to_string()
+		)
+	}
+		
+	fn get_api_response(self, settings: &QuerySettings) -> Response {
+		match self {
+			Self::Dig{result, ..} => {
+				Json(result).into_response()
+			},
+			Self::Index{result, ..} | Self::Ip{result, ..} => {
+				Json(result).into_response()
+			},
+			Self::DnsResolverList => {
+				Json(settings.available_dns_resolvers.clone()).into_response()
+			},
+			Self::DnsResolver{ config } => {
+				Json(config).into_response()
+			}
+			_ => Json(self).into_response(),
+		}
+	}
+}
+

templates/base.html

@@ -5,6 +5,9 @@
 	<meta charset="utf-8">
 	<title>{% block title %}{{ extra[view].title | default(value="…") }}{% endblock %} | {{extra.site_name|default(value="echoip")}}</title>
 	<meta content="width=device-width, initial-scale=1" name="viewport">
+	<meta name="color-scheme" content="echoip-slatecave <https://codeberg.org/slatian/service.echoip-slatecave>">
+	{% block robots_meta %}
+	{% endblock robots_meta %}
 	<!-- Open-Graph -->
 	{% block metadata %}
 	<meta name="description" property="og:description" content="{% block description %}{{ extra[view].description | default(value="One of the best echoip services") | escape_xml }}{% endblock %}" />
@@ -24,7 +27,11 @@
 <body>
 	<header>
 		<nav>
-			<a href="{{ extra.base_url }}" class="sitename">{{extra.site_name|default(value="echoip")}}</a>
+			<a href="{{ extra.base_url }}" class="sitename">
+				{%- if extra.display_icon -%}
+				<img src="{{extra.display_icon}}" alt="">
+				{%- endif -%}
+				{{extra.site_name|default(value="echoip")}}</a>
 			<form class="search" method="GET" action="{{ extra.base_url }}">
 				<input type="search" name="query" autocomplete="on" maxlength="260"
 					title="Search for an IP-Adress, Domain-Name, or ASN."

templates/dig.html

@@ -2,6 +2,8 @@
 {% import "helpers.html" as helper %}
 {% import "links.html" as links %}
 
+{% block robots_meta %}<meta name="robots" content="noindex,nofollow">{% endblock %}
+
 {% block title %}dig {{ data.query }}{% endblock %}
 {% block og_title %}dig {{ data.query }}{% endblock %}
 {% block h1 %}dig <code>{{ helper::breadcrumb_domain(extra=extra, name=data.query) }}</code> <small>via <a href="{{extra.base_url}}/dns_resolver/{{data.result.used_dns_resolver}}">{{data.result.used_dns_resolver}}</a></small>{% endblock %}
@@ -26,8 +28,16 @@
 <section>
 	<h2>DNS Records</h2>
 
-	{% if r.nxdomain %}
-	<p class="error box">Our DNS-Server claims that this domain doesn't exist, there shouldn't be any results.</p>
+	{% set show_nonpresent = true %}
+	{% if r.unkown_resolver %}
+	<p class="error box">The resolver you chose is not one of the available ones, if you can reproduce this error by just using the UI <a href="https://codeberg.org/slatian/service.echoip-slatecave/issues/new">please report it</a>.</p>
+	{% set show_nonpresent = false %}
+	{% elif r.invalid_name %}
+	<p class="error box">This domain name does not conform to <a href="https://www.rfc-editor.org/info/std3">the dns specification (std3)</a> rules and was therefore not resolved.</p>
+	{% set show_nonpresent = false %}
+	{% elif r.nxdomain %}
+	<p class="error box">The DNS-Server claims that this domain doesn't exist, there shouldn't be any results.</p>
+	{% set show_nonpresent = false %}
 	{% elif r.timeout %}
 	<p class="error box">There was at least one timeout error while resolving this domain, the results below are incomplete.</p>
 	{% elif r.other_error %}
@@ -66,7 +76,7 @@
 	<li>{{ helper::ip(extra=extra, ip=address) }}</li>
 	{% endfor %}
 	</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p>No <code>A</code> (IPv4) Records.</p>
 	{% endif %}
 
@@ -77,7 +87,7 @@
 	<li>{{ helper::ip(extra=extra, ip=address) }}</li>
 	{% endfor %}
 	</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p>No <code>AAAA</code> (IPv6) Records.</p>
 	{% endif %}
 
@@ -90,7 +100,7 @@
 	<li>{{ helper::dig(extra=extra, name=mx.exchange, fqdn=true, prefix=mx.preference) }}</li>
 	{% endfor %}
 	</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="mx">No <code>MX</code> (Mail Exchange) records.</p>
 	{% endif %}
 
@@ -116,7 +126,7 @@
 			</dl></li>
 			{% endfor %}
 		</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="soa">No <code>SOA</code> records.</p>
 	{% endif %}
 
@@ -129,7 +139,7 @@
 	<li>{{ helper::dig(extra=extra, name=ns) }}</li>
 	{% endfor %}
 	</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="ns">No <code>NS</code> (Name Server) records.</p>
 	{% endif %}
 
@@ -141,7 +151,7 @@
 			<li><code>{{caa}}</code></li>
 			{% endfor %}
 		</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="caa">No <code>CAA</code> (<a target="_blank" href="https://de.wikipedia.org/wiki/DNS_Certification_Authority_Authorization">Certification Authority Authorization</a>) records.</p>
 	{% endif %}
 	
@@ -152,7 +162,7 @@
 			<li><code>{{txt}}</code></li>
 			{% endfor %}
 		</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="txt">No <code>TXT</code> records.</p>
 	{% endif %}
 
@@ -172,7 +182,7 @@
 			</dl></li>
 			{% endfor %}
 		</ul>
-	{% elif not r.nxdomain %}
+	{% elif show_nonpresent %}
 	<p id="srv">No <code>SRV</code> records.</p>
 	<p><code>SRV</code> or Service records usually live on their own subdomains like {{ helper::dig(extra=extra, name="_xmpp-client._tcp."~data.query) }}.
 	{% endif %}

templates/dig.txt

@@ -2,7 +2,8 @@
 
 {% block path %}dig/{{ data.query | urlencode_strict }}{% endblock %}
 
-{% block content -%}
+{% set r = data.result.records %}
+{%- block content -%}
 # dig {{data.query}} via {{ data.result.used_dns_resolver }}
 
 {% if data.result.idn -%}
@@ -25,7 +26,16 @@ Your IDN would decode to
 
 {% set r = data.result.records -%}
 ## DNS Records
-{% if r.nxdomain %}
+{% if r.unkown_resolver %}
+{%- set show_nonpresent = false %}
+The resolver you chose is not one of the available ones.
+=> {{ extra.base_url }}/dns_resolver
+{% elif r.invalid_name %}
+{%- set show_nonpresent = false %}
+This domain name does not conform to the dns specification (std3) rules and was therefore not resolved.
+=> https://www.rfc-editor.org/info/std3
+{% elif r.nxdomain %}
+{%- set show_nonpresent = false %}
 Our DNS-Server claims that this domain doesn't exist, there shouldn't be any results.
 {%- elif r.timeout -%}
 There was at least one timeout error while resolving this domain, the results below are incomplete.
@@ -61,7 +71,7 @@ A (IPv4) records:
 {% for address in r.a -%}
 * {{ address }}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No A (IPv4) Records.
 {% endif -%}
 
@@ -70,7 +80,7 @@ AAAA (IPv6) records:
 {% for address in r.aaaa -%}
 * {{ address }}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No AAAA (IPv6) Records.
 {% endif -%}
 
@@ -81,7 +91,7 @@ MX (Mail Exchange) records:
 {% for mx in r.mx | sort(attribute="preference") | reverse -%}
 * {{ mx.preference }} {{ mx.exchange }}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No MX (Mail Exchange) records.
 {% endif %}
 
@@ -96,7 +106,7 @@ SOA (Source Of Authority) records:
 * expire:   {{soa.expire / 3600 | round(precision=2)}}h
 * minimum:  {{soa.minimum / 60 | round(precision=2)}}m TTL
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No SOA (Source Of Authority) records.
 {% endif %}
 
@@ -105,7 +115,7 @@ NS (Name Server) records:
 {% for ns in r.ns -%}
 * {{ns}}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No NS (Name Server) records.
 {% endif %}
 
@@ -114,7 +124,7 @@ CAA (Certification Authority Authorization) records:
 {% for caa in r.caa -%}
 * {{caa}}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No CAA (Certification Authority Authorization) records.
 {% endif %}
 	
@@ -123,7 +133,7 @@ TXT records:
 {% for txt in r.txt -%}
 * {{txt}}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No TXT records.
 {% endif %}
 
@@ -135,7 +145,7 @@ SRV records:
 * Port:     {{srv.port}}
 * Target:   {{srv.target}}
 {% endfor %}
-{%- elif not r.nxdomain %}
+{%- elif show_nonpresent %}
 No SRV records.
 
 SRV or Service records usually live on their own subdomains like {{ "_xmpp-client._tcp."~data.query }}.

templates/dns_resolver.html

@@ -31,12 +31,6 @@
 	<dd>{{ helper::dig(extra=extra, name=c.tls_dns_name) }}</dd>
 	{%- endif %}
 
-	{%- if c.search | length > 0 %}
-	<dt>Search</dt>
-	{%- for s in c.search %}
-	<dd>{{s}}</dd>
-	{%- endfor %}
-	{%- endif %}
 </dl>
 		{%- if c.info_url %}
 		<p class="button-paragraph"><a href="{{c.info_url}}">More about the {{c.display_name}} DNS Server <small>(external link)</small></a></p>

templates/dns_resolver.txt

@@ -16,14 +16,6 @@ Protocol: {{ c.protocol }}
 {%-if c.tls_dns_name %}
 DNS Name: {{ c.tls_dns_name }}
 {%- endif %}
-{%- if c.search | length == 1 %}
-Search: {{ c.search | first }}
-{%- elif c.search | length > 1 %}
-Search:
-{%- for s in c.search %}
-* {{s}}
-{%- endfor %}
-{%- endif %}
 {%- if c.aliases | length == 1 %}
 Alias: {{ c.aliases | first }}
 {%- elif c.aliases | length > 1 %}

templates/extra.toml

@@ -8,15 +8,26 @@ base_url="http://localhost:3000"
 stylesheet = "/style.css"
 
 # URL to and mimetype of your favicon
-# favicon = ""
-# favicon_mimetype = "image/png"
+favicon = "/icon_64.png"
+favicon_mimetype = "image/png"
+# favicon_mimetype = "image/svg+xml"
 # favicon_mimetype = "image/jpeg"
 
+# Icon to display next to the title
+display_icon = "/icon_64.png"
+
 # URLs to look up v4 and v6 addresses explicitly
 # If you have not configured them, comment them out, the button will stay hidden
 v4_url="http://v4.localhost:3000/"
 v6_url="http://v6.localhost:3000/"
 
+# Geolocation Attribution for MaxMind
+#geo_attribution_html="The Geolocation and ASN information is provided by the GeoLite2 database created by <a href='https://www.maxmind.com/'>MaxMind</a>."
+
+# Geolocation Attribution for DB-IP
+#geo_attribution_html="The Geolocation and ASN information is provided by <a href='https://db-ip.com/'>DB-IP</a>."
+
+
 [404]
 # configure the 404 page, this is available for other pages too!
 # Use the template name as the section name.

templates/helpers.html

@@ -1,6 +1,6 @@
 {% macro place_dl(place, label="", iso_code_prefix="") -%}
 	{%- if place -%}
-		{%- if format=="text/html" %}
+		{%- if format=="html" %}
 		{% if label %}<dt>{{label}}</dt>{% endif %}
 		<dd>{{place.name}} {% if place.iso_code%}({% if iso_code_prefix %}{{iso_code_prefix}}-{% endif %}{{place.iso_code}}){% endif %}</dd>
 		{% else -%}
@@ -17,8 +17,8 @@
 <a href="{{ self::dig_link(extra=extra, name=name) }}">{% if prefix %}{{ prefix }} {% endif %}{% if fqdn or name=="." %}{{ name }}{% else %}{{ name | trim_end_matches(pat=".") }}{% endif %}</a>
 {% endmacro dig %}
 
-{% macro ip(extra, ip, text=false) %}
-<a href="{{ extra.base_url }}/ip/{{ ip | urlencode_strict | replace(from="%2e", to=".") | replace(from="%3a", to=":") | safe }}"><code>{% if text %}{{ text }}{% else %}{{ ip }}{% endif %}</code></a>
+{% macro ip(extra, ip, text=false, with_self_lookup=false) %}
+<a href="{{ extra.base_url }}/ip/{{ ip | urlencode_strict | replace(from="%2e", to=".") | replace(from="%3a", to=":") | safe }}{% if with_self_lookup %}?dns_self_lookup=true{% endif %}"><code>{% if text %}{{ text }}{% else %}{{ ip }}{% endif %}</code></a>
 {% endmacro dig %}
 
 {% macro breadcrumb_domain(extra, name) %}

templates/index.html

@@ -1,6 +1,8 @@
 {% extends "ip.html" %}
 {% import "helpers.html" as helper %}
 
+{% block robots_meta %}{# Allow indexing for landing page #}{% endblock %}
+
 {% block title %}Your IP: {{ data.result.address }}{% endblock %}
 {% block og_title %}What is my IP-Address?{% endblock %}
 {% block h1 %}Your IPv{% if data.result.ip_info.is_v6_address %}6{% else %}4{% endif %}: <code>{{ data.result.address }}</code>{% endblock %}

templates/ip.html

@@ -2,6 +2,8 @@
 {% import "helpers.html" as helper %}
 {% import "links.html" as links %}
 
+{% block robots_meta %}<meta name="robots" content="noindex,nofollow">{% endblock %}
+
 {% block title %}{{ data.result.address }}{% endblock %}
 {% block og_title %}Lookup {{ data.result.address }}{% endblock %}
 {% block h1 %}Lookup <code>{{ data.result.address }}</code>{% endblock %}
@@ -18,6 +20,9 @@
 		{% if r.hostname %}
 			<dt>Hostname</dt>
 			<dd>{{ helper::dig(extra=extra, name=r.hostname) }}</dd>
+		{% elif r.reverse_dns_disabled_for_privacy %}
+			<dt>Hostname</dt>
+			<dd>Lookup disabled by default: {{ helper::ip(ip=r.address, extra=extra, text="enable", with_self_lookup=true)}}</dd>
 		{% endif %}
 		{% if r.asn %}
 			<dt><abbr="Autonomous System Number">ASN</abbr></dt>
@@ -31,43 +36,44 @@
 	{% if r.location %}
 	<section>
 		<h2>Geolocation</h2>
-		<dl>
-			{{ helper::place_dl(place=r.location.continent, label="Continent") }}
-			{{ helper::place_dl(place=r.location.country, label="Country") }}
-			{% if r.location.country.iso_code | default(value="") != r.location.registered_country.iso_code | default(value="") %}
-			{{ helper::place_dl(place=r.location.registered_country, label="Registered in") }}
-			{% endif %}
-			{% if r.location.country.iso_code | default(value="") != r.location.represented_country.iso_code | default(value="")%}
-			{{ helper::place_dl(place=r.location.represented_country, label="Represents") }}
-			{% endif %}
-			{% if r.location.subdivisions %}
-			{% for sd in r.location.subdivisions %}
-			{{ helper::place_dl(place=sd, label="Subdivision", iso_code_prefix=r.location.country.iso_code|default(value="")) }}
-			{% endfor %}
-			{% endif %}
-			{{ helper::place_dl(place=r.location.city, label="City") }}
-			{% if r.location.postal_code %}
-			<dt>Postal Code</dt>
-			<dd>{{r.location.postal_code}}</dd>
-			{% endif %}
-			{% if r.location.time_zone %}
-			<dt>Timezone</dt>
-			<dd>{{r.location.time_zone}}</dd>
-			{% endif %}
-			{% if r.location.accuracy %}
-			<dt>Accuracy</dt>
-			<dd>~{{r.location.accuracy}}km</dd>
-			{% endif %}
-			{% if r.location.coordinates %}
-			<dt>Coordinates</dt>
-			<dd><a target="_blank" href="{{ links::map_link(lat=r.location.coordinates.lat, lon=r.location.coordinates.lon)}}">lat: {{r.location.coordinates.lat}}, lon: {{r.location.coordinates.lon}}</a></dd>
-			{% endif %}
-		</dl>
-		<!--We have to put that there to comply with maxminds licensing-->
-		<p><small>
-			The GeoIP and ASN information is provided by the GeoLite2 database created by
-			<a target="_blank" href="https://www.maxmind.com">MaxMind</a>.
-		</small></p>
+		{% if extra.geo_attribution_html %}
+			<dl>
+				{{ helper::place_dl(place=r.location.continent, label="Continent") }}
+				{{ helper::place_dl(place=r.location.country, label="Country") }}
+				{% if r.location.country.iso_code | default(value="") != r.location.registered_country.iso_code | default(value="") %}
+				{{ helper::place_dl(place=r.location.registered_country, label="Registered in") }}
+				{% endif %}
+				{% if r.location.country.iso_code | default(value="") != r.location.represented_country.iso_code | default(value="")%}
+				{{ helper::place_dl(place=r.location.represented_country, label="Represents") }}
+				{% endif %}
+				{% if r.location.subdivisions %}
+				{% for sd in r.location.subdivisions %}
+				{{ helper::place_dl(place=sd, label="Subdivision", iso_code_prefix=r.location.country.iso_code|default(value="")) }}
+				{% endfor %}
+				{% endif %}
+				{{ helper::place_dl(place=r.location.city, label="City") }}
+				{% if r.location.postal_code %}
+				<dt>Postal Code</dt>
+				<dd>{{r.location.postal_code}}</dd>
+				{% endif %}
+				{% if r.location.time_zone %}
+				<dt>Timezone</dt>
+				<dd>{{r.location.time_zone}}</dd>
+				{% endif %}
+				{% if r.location.accuracy %}
+				<dt>Accuracy</dt>
+				<dd>~{{r.location.accuracy}}km</dd>
+				{% endif %}
+				{% if r.location.coordinates %}
+				<dt>Coordinates</dt>
+				<dd><a target="_blank" href="{{ links::map_link(lat=r.location.coordinates.lat, lon=r.location.coordinates.lon)}}">lat: {{r.location.coordinates.lat}}, lon: {{r.location.coordinates.lon}}</a></dd>
+				{% endif %}
+			</dl>
+			<p><small>{{extra.geo_attribution_html | safe}}</small></p>
+		{% else %}
+			<p><strong style="font-size: 2em">Please configure the <code>geo_attribution_html</code> key in the template extra configuration!</strong></p>
+			<p>The geolocation information will then become visible.</p>
+		{% endif %}
 	</section>
 	{% endif %}
 	{% block extra_content %}{% endblock %}

templates/ip.txt

@@ -13,12 +13,19 @@
 * Type of Address: {{ helper::ip_info(ip_info=r.ip_info) }}
 {% if r.hostname -%}
 * Hostname: {{ r.hostname }}
+{%- elif r.reverse_dns_disabled_for_privacy %}
+* Hostname: Lookup disabled by default
 {%- endif %}
 {% if r.asn -%}
 * ASN: AS{{ r.asn.asn }}
 * AS Name: {{r.asn.name}}
 {%- endif -%}
 
+{%- if r.reverse_dns_disabled_for_privacy %}
+
+=> /ip/{{ data.result.address }}?dns_self_lookup=true Do a reverse DNS lookup
+{% endif %}
+
 {%- if r.location %}
 
 ## Geolocation
@@ -52,7 +59,7 @@ lat: {{r.location.coordinates.lat}}, lon: {{r.location.coordinates.lon}}
 => {{ links::map_link(lat=r.location.coordinates.lat, lon=r.location.coordinates.lon)}}
 {%- endif %}
 
-The GeoIP and ASN information is provided by the GeoLite2 database created by MaxMind.
+{{ extra.geo_attribution_html | default(value="Please configure the geo_attribution_html key in the template extra configuration.") | striptags }}
 {% endif -%}
 
 {%- block extra_content %}{% endblock -%}

templates/links.html

@@ -16,12 +16,13 @@
 {% macro domain_name_links(name) %}
 	<p>Look up <code>{{name}}</code></p>
 	<ul class="link-list">
-		<li><a target="_blank" href="https://www.shodan.io/domain/{{ name }}">… on shodan.io <small>(limited query's per day, wants an account)</small></a></li>
-		<li><a target="_blank" href="https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q={{ name }}">… on search.censys.io <small>(10 query's per day, wants an account)</small></a></li>
-		<li><a target="_blank" href="https://www.virustotal.com/gui/domain/{{ name }}">… on virustotal.com</a></li>
-		<li><a target="_blank" href="https://observatory.mozilla.org/analyze/{{ name }}">… on the Mozilla Observatory (http and tls checks)</a></li>
-		<li><a target="_blank" href="https://internet.nl/site/{{ name }}">… on the Internet.nl Website test</a></li>
-		<li><a target="_blank" href="https://client.rdap.org/?type=domain&object={{ name }}">… on client.rdap.org <small>(a modern whois, make sure to allow xhr to 3rd parties)</small></a></li>
+		<li><a target="_blank" href="https://www.shodan.io/domain/{{ name | urlencode_strict }}">… on shodan.io <small>(limited query's per day, wants an account)</small></a></li>
+		<li><a target="_blank" href="https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q={{ name | urlencode_strict }}">… on search.censys.io <small>(10 query's per day, wants an account)</small></a></li>
+		<li><a target="_blank" href="https://www.virustotal.com/gui/domain/{{ name | urlencode_strict }}">… on virustotal.com</a></li>
+		<li><a target="_blank" href="https://observatory.mozilla.org/analyze/{{ name | urlencode_strict }}">… on the Mozilla Observatory (http and tls checks)</a></li>
+		<li><a target="_blank" href="https://internet.nl/site/{{ name | urlencode_strict }}">… on the Internet.nl Website test</a></li>
+		<li><a target="_blank" href="https://client.rdap.org/?type=domain&object={{ name | urlencode_strict }}">… on client.rdap.org <small>(a modern whois, make sure to allow xhr to 3rd parties)</small></a></li>
+		<li><a target="_blank" href="https://crt.sh/?Identity={{ name | urlencode_strict }}&match==">… on crt.sh <small>(Certificate Transparancy Monitor)</small></a></li>
 	</ul>
 {% endmacro domain_name_links %}
 

templates/static/icon.svg

@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   width="48"
+   height="48"
+   viewBox="0 0 48 48"
+   version="1.1"
+   id="svg1"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <defs
+     id="defs1">
+    <linearGradient
+       id="linearGradient8">
+      <stop
+         style="stop-color:#fb9a00;stop-opacity:1;"
+         offset="0"
+         id="stop8" />
+      <stop
+         style="stop-color:#884f00;stop-opacity:1;"
+         offset="0.49966338"
+         id="stop10" />
+      <stop
+         style="stop-color:#be8700;stop-opacity:1;"
+         offset="1"
+         id="stop9" />
+    </linearGradient>
+    <linearGradient
+       xlink:href="#linearGradient8"
+       id="linearGradient9"
+       x1="10.202637"
+       y1="35.241699"
+       x2="39.21582"
+       y2="12.833984"
+       gradientUnits="userSpaceOnUse" />
+  </defs>
+  <g
+     id="layer1">
+    <path
+       id="path2"
+       style="fill:url(#linearGradient9);fill-opacity:1;stroke-width:3.15427;stroke-linejoin:round;paint-order:stroke markers fill"
+       d="m 2,7 v 33.767595 l 1.586,0.0021 L 8.299716,45.41681 12.826,40.767584 H 46 V 7 Z" />
+    <path
+       id="rect1"
+       style="fill:#111111;stroke-width:3;stroke-linejoin:round;paint-order:stroke markers fill"
+       d="M 3 8 L 3 40 L 4.0019531 40 L 4 40.001953 L 8.2792969 44.205078 L 12.412109 40 L 45 40 L 45 8 L 3 8 z M 35.671875 11.712891 L 39.357422 11.712891 L 39.357422 36.287109 L 35.671875 36.287109 L 35.671875 17.033203 L 31.494141 21.363281 L 28.839844 18.804688 C 31.107109 16.462871 35.671875 11.712891 35.671875 11.712891 z M 8.6425781 21.542969 L 12.328125 21.542969 L 12.328125 25.228516 L 8.6425781 25.228516 L 8.6425781 21.542969 z M 20.927734 21.542969 L 24.615234 21.542969 L 24.615234 25.228516 L 20.927734 25.228516 L 20.927734 21.542969 z M 8.6425781 32.599609 L 12.328125 32.599609 L 12.328125 36.287109 L 8.6425781 36.287109 L 8.6425781 32.599609 z M 20.927734 32.599609 L 24.615234 32.599609 L 24.615234 36.287109 L 20.927734 36.287109 L 20.927734 32.599609 z " />
+  </g>
+</svg>

templates/static/style.css

@@ -380,6 +380,8 @@ a:visited {
 	color: var(--page-link-visited);
 }
 
+a.sitename { display: inline-block; }
+
 h1, a.sitename {
 	margin: var(--heading-mg);
 	padding: var(--heading-pad);
@@ -597,3 +599,10 @@ form.search {
   background: var(--button-bg);
 }
 
+/* Custom icon style for sitename*/
+
+.sitename > img {
+	height: 1.2em;
+	padding: 0 0.3ch;
+	margin-bottom: -.2em;
+}