Features & why to use Kvarn
All of these are available in Mölla!
Kvarn tries to package many useful features without being bloated. Optional extensions are available in the extensions crate.
When using Kvarn as a library: some require certain Cargo “features” to be compiled in, and some require
kvarn_extensions
. This will be explicitly noted.
Batteries included, but not required
The Kvarn ecosystem has extensions for many common website features, all included in Mölla.
- Automatic HTTPS certificates: Kvarn handles your
certificates for you—no need to renew or use
certbot
to get certificates. - Kvarn auth: A fast, simple, and customizable authentication extension. It provides a JWT implementation with support for persistent logins and validation servers.
- Kvarn search: A site search engine. You can try it out on the front page.
- Kvarn extensions: a crate with several useful extensions, including a reverse proxy, PHP support, and templates.
Sane defaults
The example of running a Kvarn server provides sane defaults, which optimize security; speed; and help mitigate DOS attacks.
HTTP/3
Requires the feature
http3
(part ofdefault
andfull
)
Using a modern transport protocol, QUIC, enables HTTP/3 to be what HTTP/2 aimed to be: fault-tolerant and massively parallel. Add way faster handshakes on top on that, and HTTP/3 is groundbreaking. You can naturally disable the feature.
HTTP/2
Requires the feature
http2
(part ofdefault
andfull
)
HTTP/2 is abstracted from all other internal and extension logic; offering complete parity. This means you get all the pros of the latest protocols without any code.
Kvarn passes the h2spec test. If something doesn’t work, it’s the user agent not conforming.
HTTP/2 Push
Part of
kvarn_extensions
under the featurepush
(part ofdefault
)
HTTP/2 introduced a features where the server can push other resources before the client requests them. This has not been widely used because of the problem with pushing to the client when it’s already got the resource in a cache.
Kvarn aims to solve this by making it simple to integrate, not requiring any configuration and not sending the same resource twice to a client.
io_uring
Requires the feature
uring
(notdefault
)
Kvarn can be compiled to use
io_uring
, the hottest IO platform
under Linux. io_uring can be used with both HTTP over TCP (HTTP/1 & HTTP/2), and
HTTP/3 (using a custom, first-of-a-kind QUIC interop).
HTTPS
Requires the feature
https
(part ofdefault
andfull
)
HTTPS makes the web more secure. Kvarn’s design is not only influenced by HTTPS, but encourages you to use it.
When creating a virtual host, the recommended constructor redirects all HTTP requests to HTTPS before the request reaches your code.
Kvarn also suggest using HSTS. When you’re ready, you only need to add one line of code to enable it for a host, improving security further.
If you want maximum security, you can of course simply not listen on port 80
,
reducing the code you write.
Automatic certificates
If you’re using Mölla (which is recommended), you can enable HTTPS and automatic certificates through Let’s Encrypt:
(
// --snip--
hosts: [
Plain (
name: "icelk.dev",
// the path to store the certificate chain at
cert: "icelk-cert.pem"