Features & why to use Kvarn

All of these are available in Mölla!

Kvarn tries to package many useful features without being bloated. Optional extensions are available in the extensions crate.

When using Kvarn as a library: some require certain Cargo “features” to be compiled in, and some require kvarn_extensions. This will be explicitly noted.

Contents
1 Features & why to use Kvarn
2 Batteries included, but not required
3 Sane defaults
4 HTTP/3
5 HTTP/2
5.1 HTTP/2 Push
6 io_uring
7 HTTPS
7.1 Automatic certificates
8 Full documentation coverage
9 Extensions
10 Cache
11 PHP
12 MarkDown
13 Templates
14 Full text search engine
15 CORS
16 Graceful shutdown & handover
17 Reverse proxy
18 Guaranteed memory-safety
19 Other fundamental features & systems
20 Back to the basics

Batteries included, but not required

The Kvarn ecosystem has extensions for many common website features, all included in Mölla.

Automatic HTTPS certificates: Kvarn handles your certificates for you—no need to renew or use certbot to get certificates.
Kvarn auth: A fast, simple, and customizable authentication extension. It provides a JWT implementation with support for persistent logins and validation servers.
Kvarn search: A site search engine. You can try it out on the front page.
Kvarn extensions: a crate with several useful extensions, including a reverse proxy, PHP support, and templates.

Sane defaults

The example of running a Kvarn server provides sane defaults, which optimize security; speed; and help mitigate DOS attacks.

HTTP/3

Requires the feature http3 (part of default and full)

Using a modern transport protocol, QUIC, enables HTTP/3 to be what HTTP/2 aimed to be: fault-tolerant and massively parallel. Add way faster handshakes on top on that, and HTTP/3 is groundbreaking. You can naturally disable the feature.

HTTP/2

Requires the feature http2 (part of default and full)

HTTP/2 is abstracted from all other internal and extension logic; offering complete parity. This means you get all the pros of the latest protocols without any code.

Kvarn passes the h2spec test. If something doesn’t work, it’s the user agent not conforming.

HTTP/2 Push

Part of kvarn_extensions under the feature push (part of default)

HTTP/2 introduced a features where the server can push other resources before the client requests them. This has not been widely used because of the problem with pushing to the client when it’s already got the resource in a cache.

Kvarn aims to solve this by making it simple to integrate, not requiring any configuration and not sending the same resource twice to a client.

io_uring

Requires the feature uring (not default)

Kvarn can be compiled to use io_uring, the hottest IO platform under Linux. io_uring can be used with both HTTP over TCP (HTTP/1 & HTTP/2), and HTTP/3 (using a custom, first-of-a-kind QUIC interop).

HTTPS

Requires the feature https (part of default and full)

HTTPS makes the web more secure. Kvarn’s design is not only influenced by HTTPS, but encourages you to use it.

When creating a virtual host, the recommended constructor redirects all HTTP requests to HTTPS before the request reaches your code.

Kvarn also suggest using HSTS. When you’re ready, you only need to add one line of code to enable it for a host, improving security further.

If you want maximum security, you can of course simply not listen on port 80, reducing the code you write.

Automatic certificates

If you’re using Mölla (which is recommended), you can enable HTTPS and automatic certificates through Let’s Encrypt:

(
    // --snip--
    hosts: [
        Plain (
            name: "icelk.dev",
            // the path to store the certificate chain at
            cert: "icelk-cert.pem"