fix: imports

fix: version generate
save changes
2023-05-29 13:31:54 -06:00 · 2023-01-06 13:30:33 -07:00 · 2021-12-12 06:34:58 -07:00 · 2021-11-15 15:15:06 -07:00 · 2021-02-03 17:03:16 -07:00 · 2020-12-18 10:33:19 -07:00
26 changed files with 1905 additions and 541 deletions
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@ -0,0 +1,36 @@
 name: Go
 on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]
 jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
    - name: Set up Go 1.x
      uses: actions/setup-go@v2
      with:
        go-version: ^1.13
    - name: Check out code into the Go module directory
      uses: actions/checkout@v2
    - name: Get dependencies
      run: |
        go get -v -t -d ./...
        if [ -f Gopkg.toml ]; then
            curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
            dep ensure
        fi
    - name: Build
      run: go build -v ./...
    - name: Test
      run: go test -v ./...
--- a/.gitignore
+++ b/.gitignore
@ -14,4 +14,7 @@
 # Dependency directories (remove the comment below to include it)
 # vendor/
 sour.is-keyproofs
 .env
 /pub
 local.mk
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -0,0 +1,17 @@
 {
    // Use IntelliSense to learn about possible attributes.
    // Hover to view descriptions of existing attributes.
    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
            "name": "Launch",
            "type": "go",
            "request": "launch",
            "mode": "auto",
            "program": "${fileDirname}",
            "env": {},
            "args": []
        }
    ]
 }
--- a/10
+++ b/10
@ -1,9 +1,10 @@
 NAME=sour.is-keyproofs
 BUMP?=current
 DATE:=$(shell date -u +%FT%TZ)
-HASH:=$(shell git rev-pars HEAD 2> /dev/null)
+HASH:=$(shell git rev-parse HEAD 2> /dev/null)
 VERSION:=$(shell BUMP=$(BUMP) ./version.sh)
-
+-include local.mk
 DISABLE_VCARD=true
 build: $(NAME)
@ -12,10 +13,14 @@ clean:
 version:
 	@echo $(VERSION)
 tag:
 	git tag -a v$(VERSION) -m "Version: $(VERSION)"
 	git push --follow-tags
 release:
 	@make tag BUMP=patch
 run:
 	go run -v \
           -ldflags "\
@ -35,3 +40,4 @@ install: $(NAME)
 	install ./$(NAME) /usr/local/bin
 	install ./$(NAME).service /lib/systemd/system
 	systemctl daemon-reload
 	systemctl restart $(NAME)
--- a/README.md
+++ b/README.md
@ -1,2 +1,4 @@
 # keyproofs
 OpenPGP notation identity proof web app
 see it here: <https://a.sour.is/id/me@sour.is>
--- a/example.env
+++ b/example.env
@ -1,5 +1,7 @@
 # Rename to '.env' or pass required items to environment when running.
 # Basic Configuration.
 # REDDIT_APIKEY [REQUIRED]
 # REDDIT_SECRET [REQUIRED]
 #   To prevent reddits low ratelimits for non-authenticated requests
@ -26,6 +28,12 @@ HTTP_LISTEN=
 BASE_URL=
 # AVATAR_PATH [OPTIONAL]
 #   To set the path for avatar/bg/cover image directories to serve. (default: pub)
 #   Path should allow read/write to application. The folders will be generated automatically.
 # Advanced Options. These are used to customize the application in non-standard deployments
 # XMPP_URL [OPTIONAL]
 #   To set XMPP http url for VCard verification. (default: BASE_URL)
@ -35,3 +43,20 @@ XMPP_URL=
 #   To set DNS http url for DNS verification. (default: BASE_URL)
 XMPP_URL=
 # Avatar app
 # DISABLE_AVATAR [OPTIONAL]
 #    Disable the Avatar application. Set to any value other than "false"
 # DNS app
 # DISABLE_DNS [OPTIONAL]
 #    Disable the DNS application. Set to any value other than "false"
 # Keyproofs app
 # DISABLE_KEYPROOFS [OPTIONAL]
 #    Disable the KeyProofs application. Set to any value other than "false"
 # XMPP VCard app
 # DISABLE_VCARD [OPTIONAL]
 #    Disable the VCard application. Set to any value other than "false"
 #    If disabled the username/password are no longer required.
--- a/go.mod
+++ b/go.mod
@ -3,19 +3,26 @@ module github.com/sour-is/keyproofs
 go 1.15
 require (
 	github.com/disintegration/imaging v1.6.2
 	github.com/fsnotify/fsnotify v1.4.7
 	github.com/go-chi/chi v4.1.2+incompatible
-	github.com/google/go-cmp v0.5.3 // indirect
+	github.com/google/go-cmp v0.5.4 // indirect
 	github.com/hashicorp/golang-lru v0.5.4
 	github.com/joho/godotenv v1.3.0
 	github.com/lucasb-eyer/go-colorful v1.0.3
 	github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022
 	github.com/rs/cors v1.7.0
 	github.com/rs/zerolog v1.20.0
 	github.com/russross/blackfriday v1.5.2
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/sour-is/crypto v0.0.0-20201016232853-f42a24ba5a81
 	github.com/stretchr/testify v1.6.1 // indirect
 	github.com/tv42/zbase32 v0.0.0-20190604154422-aacc64a8f915
 	go.uber.org/multierr v1.6.0
 	go.uber.org/ratelimit v0.1.0
-	golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9
+	golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9
 	golang.org/x/net v0.0.0-20201110031124-69a78807bb2b // indirect
 	golang.org/x/sys v0.3.0 // indirect
 	golang.org/x/text v0.3.4 // indirect
 	gosrc.io/xmpp v0.5.1
 )
--- a/go.sum
+++ b/go.sum
@ -9,6 +9,8 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/disintegration/imaging v1.6.2 h1:w1LecBlG2Lnp8B3jk5zSuNqd7b4DXhcjwek1ei82L+c=
 github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44amcmDAg8hxG0Ewe4=
 github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
 github.com/fatih/color v1.6.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
@ -21,13 +23,14 @@ github.com/go-interpreter/wagon v0.6.0/go.mod h1:5+b/MBYkclRZngKF5s6qrgWxSLgE9F5
 github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo=
 github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
 github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM=
 github.com/gokyle/readpass v0.0.0-20150812192153-d7e39d2c89f5/go.mod h1:a1ng7o2dg1Q/Pn7zUkAZ8cxv+XDkjWcddLVxlmWjTVc=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.5.3 h1:x95R7cp+rSeeqAMI2knLtQ0DKlaBhv2NrtrOvafPHRo=
+github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/pprof v0.0.0-20190908185732-236ed259b199/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
 github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
@ -58,6 +61,8 @@ github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVc
 github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022 h1:Ys0rDzh8s4UMlGaDa1UTA0sfKgvF0hQZzTYX8ktjiDc=
 github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022/go.mod h1:x4NsS+uc7ecH/Cbm9xKQ6XzmJM57rWTkjywjfB2yQ18=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
@ -65,11 +70,15 @@ github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prologic/cryptutils v0.0.0-20201213145959-45b3763e425c h1:RzknJtk6Iojvy4S2itL1ZA1kV1vP3WhgkUXnVSD4PCs=
 github.com/prologic/cryptutils v0.0.0-20201213145959-45b3763e425c/go.mod h1:7YqkDf/i+MfquGe1Cs7KO7jCQDUBTv7w1ggtbn5cH6Y=
 github.com/rs/cors v1.7.0 h1:+88SsELBHx5r+hZ8TCkggzSstaWNbDvThkVK8H6f9ik=
 github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU=
 github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
 github.com/rs/zerolog v1.20.0 h1:38k9hgtUBdxFwE34yS8rTHmHBa4eN16E4DJlv177LNs=
 github.com/rs/zerolog v1.20.0/go.mod h1:IzD0RJ65iWH0w97OQQebJEvTZYvsCUm9WVLWBQrJRjo=
 github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/sirupsen/logrus v1.0.5/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
 github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
@ -93,14 +102,23 @@ github.com/twitchyliquid64/golang-asm v0.0.0-20190126203739-365674df15fc/go.mod
 go.coder.com/go-tools v0.0.0-20190317003359-0c6a35b74a16/go.mod h1:iKV5yK9t+J5nG9O3uF6KYdPEz3dyfMyB15MN1rbQ8Qw=
 go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
 go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
 go.uber.org/ratelimit v0.1.0 h1:U2AruXqeTb4Eh9sYQSTrMhH8Cb7M0Ian2ibBOnBcnAw=
 go.uber.org/ratelimit v0.1.0/go.mod h1:2X8KaoNd1J0lZV+PxJk/5+DGbO/tpwLR1m++a7FnB/Y=
 golang.org/x/crypto v0.0.0-20180426230345-b49d69b5da94/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9 h1:phUcVbl53swtrUN8kQEXFhUxPlIlWyBfKmidCu7P95o=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392 h1:xYJJ3S178yv++9zXV/hnr29plCAGO9vAFG9dorqaFQc=
 golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9 h1:sYNJzB4J8toYPQTM6pAkcmBRgw9SnQKP9oXCHfgy604=
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8 h1:hVwzHzIUGRjiF7EcUjqNxk3NCfkPxbDKRdnNE1Rpg0U=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181102091132-c10e9556a7bc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -108,6 +126,8 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -123,10 +143,13 @@ golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190927073244-c990c680b611/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.4 h1:0YWbFKbhXG/wIiuHDSKpS0Iy7FSA+u45VtBMfQcFTTc=
 golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
--- a/main.go
+++ b/main.go
@ -5,7 +5,6 @@ import (
 	"fmt"
 	"net/http"
 	"os"
 	"os/signal"
 	"strings"
 	"time"
@ -16,15 +15,24 @@ import (
 	"github.com/rs/cors"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	"gosrc.io/xmpp"
 	"github.com/sour-is/keyproofs/pkg/cache"
 	"github.com/sour-is/keyproofs/pkg/config"
-	"github.com/sour-is/keyproofs/pkg/keyproofs"
+	"github.com/sour-is/keyproofs/pkg/graceful"
 	"github.com/sour-is/keyproofs/pkg/httpsrv"
 	app_avatar "github.com/sour-is/keyproofs/pkg/app/avatar"
 	app_dns "github.com/sour-is/keyproofs/pkg/app/dns"
 	app_keyproofs "github.com/sour-is/keyproofs/pkg/app/keyproofs"
 	app_vcard "github.com/sour-is/keyproofs/pkg/app/vcard"
 	app_wkd "github.com/sour-is/keyproofs/pkg/app/wkd"
 )
 var (
 	// AppName Application Name
 	AppName string = "KeyProofs"
 	// AppVersion Application Version Number
 	AppVersion string
@ -36,27 +44,41 @@ var (
 )
 func main() {
-	log := zerolog.New(zerolog.NewConsoleWriter()).With().Timestamp().Caller().Logger()
+	log := zerolog.New(zerolog.NewConsoleWriter()).
 		With().
 		Timestamp().
 		Caller().
 		Logger()
 	ctx := context.Background()
 	ctx = log.WithContext(ctx)
-	ctx = WithInterupt(ctx)
+	ctx = graceful.WithInterupt(ctx)
 	ctx, _ = graceful.WithWaitGroup(ctx)
 	cfg := config.New()
-	cfg.Set("app-name", "KeyProofs")
+	cfg.Set("app-name", AppName)
 	cfg.Set("app-version", AppVersion)
 	cfg.Set("build-hash", BuildHash)
 	cfg.Set("build-date", BuildDate)
 	ctx = cfg.Apply(ctx)
 	log.Info().
 		Str("app", AppName).
 		Str("version", AppVersion).
 		Str("build-hash", BuildHash).
 		Str("build-date", BuildDate).
 		Msg("startup...")
 	if err := run(ctx); err != nil {
-		log.Fatal().Stack().Err(err).Send()
+		log.Error().Err(err).Msg("Application Failed")
 		os.Exit(1)
 	}
 }
 func run(ctx context.Context) error {
 	log := log.Ctx(ctx)
 	wg := graceful.WaitGroup(ctx)
 	cfg := config.FromContext(ctx)
 	// derive baseURL from listener options
 	listen := env("HTTP_LISTEN", ":9061")
@ -66,97 +88,93 @@ func run(ctx context.Context) error {
 	}
 	baseURL := fmt.Sprintf("http://%s", host)
-	// Create cache for promise engine
+	// Setup router
-	arc, _ := lru.NewARC(4096)
+	cors := cors.New(cors.Options{
 	c := cache.New(arc)
 	// Set config values
 	cfg := config.FromContext(ctx)
 	cfg.Set("base-url", env("BASE_URL", baseURL))
 	cfg.Set("dns-url", env("DNS_URL", baseURL))
 	cfg.Set("xmpp-url", env("XMPP_URL", baseURL))
 	cfg.Set("reddit.api-key", os.Getenv("REDDIT_APIKEY"))
 	cfg.Set("reddit.secret", os.Getenv("REDDIT_SECRET"))
 	cfg.Set("xmpp-config", &xmpp.Config{
 		Jid:        os.Getenv("XMPP_USERNAME"),
 		Credential: xmpp.Password(os.Getenv("XMPP_PASSWORD")),
 	})
 	// configure cors middleware
 	corsMiddleware := cors.New(cors.Options{
 		AllowCredentials: true,
 		AllowedMethods:   strings.Fields(env("CORS_METHODS", "GET")),
 		AllowedOrigins:   strings.Fields(env("CORS_ORIGIN", "*")),
-	}).Handler
+	})
 	logFmt := &middleware.DefaultLogFormatter{Logger: accessLog(log.Info)}
 	mux := chi.NewRouter()
 	mux.Use(
 		cfg.ApplyHTTP,
 		corsMiddleware,
 		middleware.RequestID,
 		middleware.RealIP,
 		middleware.RequestLogger(&middleware.DefaultLogFormatter{Logger: accessLog(log.Info)}),
 		middleware.Recoverer,
 		middleware.RequestLogger(logFmt),
 		secHeaders,
 		cors.Handler,
 		addLogger(log),
 		cfg.ApplyHTTP,
 	)
-	app, err := keyproofs.New(ctx, c)
+	if env("DISABLE_KEYPROOF", "false") == "false" {
-	if err != nil {
+		// Set config values
-		return err
+		cfg.Set("base-url", env("BASE_URL", baseURL))
 		cfg.Set("dns-url", env("DNS_URL", baseURL))
 		cfg.Set("xmpp-url", env("XMPP_URL", baseURL))
 		cfg.Set("reddit.api-key", os.Getenv("REDDIT_APIKEY"))
 		cfg.Set("reddit.secret", os.Getenv("REDDIT_SECRET"))
 		cfg.Set("github.secret", os.Getenv("GITHUB_SECRET"))
 		// Create cache for promise engine
 		arc, _ := lru.NewARC(4096)
 		c := cache.New(arc)
 		app_keyproofs.NewKeyProofApp(ctx, c).Routes(mux)
 	}
-	app.Routes(mux)
+	if env("DISABLE_DNS", "false") == "false" {
 		app_dns.New(ctx).Routes(mux)
 	}
 	if env("DISABLE_AVATAR", "false") == "false" {
 		app, err := app_avatar.New(ctx, env("AVATAR_PATH", "pub"))
 		if err != nil {
 			return err
 		}
 		app.Routes(mux)
 	}
 	if env("DISABLE_WKD", "false") == "false" {
 		app, err := app_wkd.New(ctx, env("WKD_PATH", "pub"), env("WKD_DOMAIN", "sour.is"))
 		if err != nil {
 			return err
 		}
 		app.Routes(mux)
 	}
 	if env("DISABLE_VCARD", "false") == "false" {
 		app, err := app_vcard.New(ctx, &xmpp.Config{
 			Jid:        os.Getenv("XMPP_USERNAME"),
 			Credential: xmpp.Password(os.Getenv("XMPP_PASSWORD")),
 		})
 		if err != nil {
 			return err
 		}
 		app.Routes(mux)
 	}
 	log.Info().
 		Str("app", cfg.GetString("app-name")).
 		Str("version", cfg.GetString("app-version")).
 		Str("build-hash", cfg.GetString("build-hash")).
 		Str("build-date", cfg.GetString("build-date")).
 		Str("listen", listen).
-		Msg("startup")
+		Int("user", os.Geteuid()).
 		Int("group", os.Getgid()).
 		Msg("running")
-	err = New(&http.Server{
+	err := httpsrv.New(&http.Server{
 		Addr:         listen,
 		WriteTimeout: 15 * time.Second,
 		ReadTimeout:  15 * time.Second,
 		Handler:      mux,
 	}).Run(ctx)
 	if err != nil {
 		return err
 	}
-	log.Info().Msg("shutdown")
+	return wg.Wait(5 * time.Second)
 	return nil
 }
 type Server struct {
 	srv *http.Server
 }
 func New(s *http.Server) *Server {
 	return &Server{srv: s}
 }
 func (s *Server) Run(ctx context.Context) error {
 	log := log.Ctx(ctx)
 	go func() {
 		<-ctx.Done()
 		log.Info().Msg("Shutdown HTTP")
 		ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 		defer cancel()
 		err := s.srv.Shutdown(ctx)
 		if err != nil {
 			log.Fatal().Err(err)
 			return
 		}
 		log.Info().Msg("Stopped  HTTP")
 	}()
 	return s.srv.ListenAndServe()
 }
 func env(name, defaultValue string) string {
@ -167,30 +185,16 @@ func env(name, defaultValue string) string {
 	return defaultValue
 }
-func WithInterupt(ctx context.Context) context.Context {
+func secHeaders(h http.Handler) http.Handler {
-	log := log.Ctx(ctx)
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithCancel(ctx)
+		w.Header().Set("X-XSS-Protection", "1; mode=block")
 		w.Header().Set("X-Frame-Options", "DENY")
 		w.Header().Set("X-Content-Type-Options", "nosniff")
 		w.Header().Set("X-Content-Type-Options", "nosniff")
 		w.Header().Set("Content-Security-Policy", "font-src https://pagecdn.io")
-	// Listen for Interrupt signals
+		h.ServeHTTP(w, r)
-	c := make(chan os.Signal, 1)
+	})
 	signal.Notify(c, os.Interrupt)
 	defer signal.Stop(c)
 	go func() {
 		select {
 		case <-c:
 			cancel()
 			log.Warn().Msg("Shutting down! interrupt received")
 			return
 		case <-ctx.Done():
 			cancel()
 			log.Warn().Msg("Shutting down! context cancelled")
 			return
 		}
 	}()
 	return ctx
 }
 type accessLog func() *zerolog.Event
@ -198,3 +202,12 @@ type accessLog func() *zerolog.Event
 func (a accessLog) Print(v ...interface{}) {
 	a().Msg(fmt.Sprint(v...))
 }
 func addLogger(log *zerolog.Logger) func(next http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			r = r.WithContext(log.WithContext(r.Context()))
 			next.ServeHTTP(w, r)
 		})
 	}
 }
--- a/pkg/app/avatar/avatar.go
+++ b/pkg/app/avatar/avatar.go
@ -0,0 +1,354 @@
 package app_avatar
 import (
 	"context"
 	"crypto/md5"
 	"crypto/sha256"
 	"encoding/base64"
 	"fmt"
 	"hash"
 	"io"
 	"net/http"
 	"os"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"github.com/disintegration/imaging"
 	"github.com/fsnotify/fsnotify"
 	"github.com/go-chi/chi"
 	"github.com/nullrocks/identicon"
 	"github.com/rs/zerolog/log"
 	"github.com/sour-is/keyproofs/pkg/graceful"
 	"github.com/sour-is/keyproofs/pkg/style"
 )
 var pixl = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII="
 type avatar struct {
 	path string
 }
 func New(ctx context.Context, path string) (*avatar, error) {
 	log := log.Ctx(ctx)
 	path = filepath.Clean(path)
 	app := &avatar{path: path}
 	err := app.CheckFiles(ctx)
 	if err != nil {
 		return nil, fmt.Errorf("check files: %w", err)
 	}
 	watch, err := fsnotify.NewWatcher()
 	if err != nil {
 		return nil, err
 	}
 	for _, typ := range []string{"avatar", "bg", "cover"} {
 		err = watch.Add(filepath.Join(path, typ))
 		if err != nil {
 			return nil, fmt.Errorf("adding watch: %w", err)
 		}
 	}
 	log.Debug().Msg("startup avatar watcher")
 	wg := graceful.WaitGroup(ctx)
 	wg.Go(func() error {
 		for {
 			select {
 			case <-ctx.Done():
 				log.Debug().Msg("shutdown avatar watcher")
 				return nil
 			case op := <-watch.Events:
 				log.Print(op)
 				switch op.Op {
 				case fsnotify.Create:
 					path = filepath.Dir(op.Name)
 					kind := filepath.Base(path)
 					name := filepath.Base(op.Name)
 					if err := app.createLinks(kind, name); err != nil {
 						log.Err(err).Send()
 					}
 				case fsnotify.Remove, fsnotify.Rename:
 					path = filepath.Dir(op.Name)
 					kind := filepath.Base(path)
 					name := filepath.Base(op.Name)
 					if err := app.removeLinks(kind, name); err != nil {
 						log.Error().Err(err).Send()
 					}
 				default:
 				}
 			case err := <-watch.Errors:
 				log.Err(err).Send()
 			}
 		}
 	})
 	return app, nil
 }
 func (app *avatar) CheckFiles(ctx context.Context) error {
 	log := log.Ctx(ctx)
 	for _, name := range []string{".links", "avatar", "bg", "cover"} {
 		log.Debug().Msgf("mkdir: %s", filepath.Join(app.path, name))
 		err := os.MkdirAll(filepath.Join(app.path, name), 0700)
 		if err != nil {
 			return err
 		}
 	}
 	return filepath.Walk(app.path, func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			return fmt.Errorf("walk failed: %w", err)
 		}
 		if info.IsDir() {
 			switch info.Name() {
 			case "avatar", "bg", "cover":
 				return nil
 			default:
 				return filepath.SkipDir
 			}
 		}
 		path = filepath.Dir(path)
 		kind := filepath.Base(path)
 		name := info.Name()
 		log.Debug().Msgf("link: %s %s %s", app.path, kind, name)
 		return app.createLinks(kind, name)
 	})
 }
 func (app *avatar) get(w http.ResponseWriter, r *http.Request) {
 	log := log.Ctx(r.Context())
 	log.Print(r.Host)
 	kind := chi.URLParam(r, "kind")
 	hash := chi.URLParam(r, "hash")
 	sizeW, sizeH, resize := 0, 0, false
 	if s, err := strconv.Atoi(r.URL.Query().Get("s")); err == nil && s > 0 {
 		sizeW, sizeH, resize = sizeByKind(kind, s)
 	}
 	log.Debug().Int("width", sizeW).Int("height", sizeH).Bool("resize", resize).Str("kind", kind).Msg("Get Image")
 	if strings.ContainsRune(hash, '@') {
 		avatarHost, _, err := style.GetSRV(r.Context(), hash)
 		if err != nil {
 			writeText(w, 500, err.Error())
 			return
 		}
 		hash = hashSHA256(strings.ToLower(hash))
 		http.Redirect(w, r, fmt.Sprintf("https://%s/%s/%s?%s", avatarHost, kind, hash, r.URL.RawQuery), 301)
 		return
 	}
 	fname := filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	log.Debug().Msgf("path: %s", fname)
 	if !fileExists(fname) {
 		switch kind {
 		case "avatar":
 			ig, err := identicon.New("sour.is", 5, 3)
 			if err != nil {
 				writeText(w, 500, err.Error())
 				return
 			}
 			ii, err := ig.Draw(hash)
 			if err != nil {
 				writeText(w, 500, err.Error())
 				return
 			}
 			w.Header().Set("Content-Type", "image/png")
 			w.WriteHeader(200)
 			err = ii.Png(clamp(128, 512, sizeW), w)
 			log.Error().Err(err).Send()
 			return
 		default:
 			sp := strings.SplitN(pixl, ",", 2)
 			b, _ := base64.RawStdEncoding.DecodeString(sp[1])
 			w.Header().Set("Content-Type", "image/png")
 			w.WriteHeader(200)
 			if _, err := w.Write(b); err != nil {
 				log.Error().Err(err).Send()
 			}
 			return
 		}
 	}
 	if !resize {
 		f, err := os.Open(fname)
 		if err != nil {
 			writeText(w, 500, err.Error())
 			return
 		}
 		w.Header().Set("Content-Type", "image/png")
 		w.WriteHeader(200)
 		_, err = io.Copy(w, f)
 		if err != nil {
 			log.Error().Err(err).Send()
 		}
 		return
 	}
 	img, err := imaging.Open(fname, imaging.AutoOrientation(true))
 	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
 	img = imaging.Fill(img, sizeW, sizeH, imaging.Center, imaging.Lanczos)
 	w.Header().Set("Content-Type", "image/png")
 	w.WriteHeader(200)
 	log.Debug().Msg("writing image")
 	err = imaging.Encode(w, img, imaging.PNG)
 	if err != nil {
 		log.Error().Err(err).Send()
 	}
 }
 func (app *avatar) Routes(r *chi.Mux) {
 	r.MethodFunc("GET", "/{kind:avatar|bg|cover}/{hash}", app.get)
 }
 func hashString(value string, h hash.Hash) string {
 	_, _ = h.Write([]byte(value))
 	return fmt.Sprintf("%x", h.Sum(nil))
 }
 func hashMD5(name string) string {
 	return hashString(name, md5.New())
 }
 func hashSHA256(name string) string {
 	return hashString(name, sha256.New())
 }
 func (app *avatar) createLinks(kind, name string) error {
 	if !strings.ContainsRune(name, '@') {
 		return nil
 	}
 	src := filepath.Join("..", kind, name)
 	name = strings.ToLower(name)
 	hash := hashMD5(name)
 	link := filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err := app.replaceLink(src, link)
 	if err != nil {
 		return err
 	}
 	hash = hashSHA256(name)
 	link = filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err = app.replaceLink(src, link)
 	return err
 }
 func (app *avatar) removeLinks(kind, name string) error {
 	if !strings.ContainsRune(name, '@') {
 		return nil
 	}
 	name = strings.ToLower(name)
 	hash := hashMD5(name)
 	link := filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err := os.Remove(link)
 	if err != nil {
 		return err
 	}
 	hash = hashSHA256(name)
 	link = filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err = os.Remove(link)
 	return err
 }
 func (app *avatar) replaceLink(src, link string) error {
 	if dst, err := os.Readlink(link); err != nil {
 		if os.IsNotExist(err) {
 			err = os.Symlink(src, link)
 			if err != nil {
 				return err
 			}
 		}
 	} else {
 		if dst != src {
 			err = os.Remove(link)
 			if err != nil {
 				return err
 			}
 			err = os.Symlink(src, link)
 			if err != nil {
 				return err
 			}
 		}
 	}
 	return nil
 }
 func fileExists(filename string) bool {
 	info, err := os.Stat(filename)
 	if os.IsNotExist(err) {
 		return false
 	}
 	return !info.IsDir()
 }
 func sizeByKind(kind string, size int) (sizeW int, sizeH int, resize bool) {
 	switch kind {
 	case "avatar":
 		if size == 0 {
 			size = 128
 		}
 		sizeW = clamp(128, 640, size)
 		sizeH = sizeW
 		resize = true
 		return
 	case "cover":
 		if size == 0 {
 			size = 940
 		}
 		sizeW = clamp(640, 1300, size)
 		sizeH = ratio(sizeW, 2.7)
 		resize = true
 		return
 	default:
 		return 0, 0, false
 	}
 }
 func ratio(size int, ratio float64) int {
 	return int(float64(size) / ratio)
 }
 func clamp(min, max, size int) int {
 	if size > max {
 		return max
 	}
 	if size < min {
 		return min
 	}
 	return size
 }
 // WriteText writes plain text
 func writeText(w http.ResponseWriter, code int, o string) {
 	w.Header().Set("Content-Type", "text/plain")
 	w.WriteHeader(code)
 	_, _ = w.Write([]byte(o))
 }
--- a/pkg/app/dns/dns.go
+++ b/pkg/app/dns/dns.go
@ -0,0 +1,37 @@
 package app_dns
 import (
 	"context"
 	"fmt"
 	"net"
 	"net/http"
 	"strings"
 	"github.com/go-chi/chi"
 )
 type app struct {
 	resolver *net.Resolver
 }
 func New(ctx context.Context) *app {
 	return &app{resolver: net.DefaultResolver}
 }
 func (app *app) getDNS(w http.ResponseWriter, r *http.Request) {
 	domain := chi.URLParam(r, "domain")
 	w.Header().Set("Content-Type", "text/plain")
 	res, err := app.resolver.LookupTXT(r.Context(), domain)
 	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		fmt.Fprintln(w, err)
 		return
 	}
 	fmt.Fprintln(w, strings.Join(res, "\n"))
 }
 func (app *app) Routes(r *chi.Mux) {
 	r.MethodFunc("GET", "/dns/{domain}", app.getDNS)
 }
--- a/pkg/app/keyproofs/app.go
+++ b/pkg/app/keyproofs/app.go
@ -1,91 +1,69 @@
-package keyproofs
+package app_keyproofs
 import (
 	"context"
 	"encoding/base64"
 	"fmt"
-	"net"
+	"html/template"
 	"net/http"
 	"net/mail"
 	"strconv"
 	"strings"
 	"text/template"
 	"time"
 	"github.com/go-chi/chi"
 	zlog "github.com/rs/zerolog/log"
 	"github.com/russross/blackfriday"
 	"github.com/skip2/go-qrcode"
 	"gosrc.io/xmpp"
 	"github.com/sour-is/keyproofs/pkg/cache"
 	"github.com/sour-is/keyproofs/pkg/config"
 	"github.com/sour-is/keyproofs/pkg/opgp"
 	"github.com/sour-is/keyproofs/pkg/opgp/entity"
 	"github.com/sour-is/keyproofs/pkg/promise"
 	"github.com/sour-is/keyproofs/pkg/style"
 )
 var expireAfter = 20 * time.Minute
-
+var runnerTimeout = 30 * time.Second
 func New(ctx context.Context, c cache.Cacher) (*identity, error) {
 	log := zlog.Ctx(ctx)
 	var ok bool
 	var xmppConfig *xmpp.Config
 	if xmppConfig, ok = config.FromContext(ctx).Get("xmpp-config").(*xmpp.Config); !ok {
 		log.Error().Msg("no xmpp-config")
 		return nil, fmt.Errorf("no xmpp config")
 	}
 	conn, err := NewXMPP(ctx, xmppConfig)
 	if err != nil {
 		return nil, err
 	}
 	tasker := promise.NewRunner(ctx, promise.Timeout(30*time.Second), promise.WithCache(c, expireAfter))
 	i := &identity{
 		cache:  c,
 		tasker: tasker,
 		conn:   conn,
 	}
 	return i, nil
 }
 // 1x1 gif pixel
 var pixl = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII="
 var keypng, _ = base64.StdEncoding.DecodeString("iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAABKUlEQVQ4jZ2SvUoDURCFUy/Y2Fv4BoKIiFgLSWbmCWw0e3cmNgGfwacQsbCxUEFEEIVkxsQulaK1kheIiFVW1mJXiZv904FbXb5zzvzUaiWlPqyYwIkyvRjjqwmeaauxUcbFMKOvTKEJRVPv05hCY9wrhHt+fckEJ79gxg9rweJN8qdSkESZjlLOkQm+Xe9szlubFkxwYoznuQIm9DgrQJEyjZXpPU5Eo6L+H7IEUmJFAnBQJmAMp5nw0IFnjFoiEGrQXJuBLx14JtgtiR5qAO2c4aFLAffGeGiMT8b0rAEe96WxnBlbGbbia/vZ+2CwjXO5g0pN/TZ1NNXgoQPPHO2aJLsViu4E+xdVnXsOOtPOMbxeDY6jw/6/nL+r6+qryjQyhqs/OSf1Bf+pJC1wKqO/AAAAAElFTkSuQmCC")
-var defaultStyle = &Style{
+var defaultStyle = &style.Style{
 	Avatar:     pixl,
 	Cover:      pixl,
 	Background: pixl,
-	Palette:    getPalette("#93CCEA"),
+	Palette:    style.GetPalette("#93CCEA"),
 }
-type identity struct {
+type keyproofApp struct {
 	cache  cache.Cacher
 	tasker promise.Tasker
 	conn   *connection
 }
-func (s *identity) Routes(r *chi.Mux) {
+func NewKeyProofApp(ctx context.Context, c cache.Cacher) *keyproofApp {
-	r.Use(secHeaders)
+	return &keyproofApp{
-	r.MethodFunc("GET", "/id/{id}", s.get)
+		cache: c,
-	r.MethodFunc("GET", "/dns/{domain}", s.getDNS)
+		tasker: promise.NewRunner(
-	r.MethodFunc("GET", "/vcard/{jid}", s.getVCard)
+			ctx,
-	r.MethodFunc("GET", "/qr", s.getQR)
+			promise.Timeout(runnerTimeout),
 			promise.WithCache(c, expireAfter),
 		),
 	}
 }
 func (app *keyproofApp) Routes(r *chi.Mux) {
 	r.MethodFunc("GET", "/", app.getHome)
 	r.MethodFunc("GET", "/id/{id}", app.getProofs)
 	r.MethodFunc("GET", "/qr", app.getQR)
 	r.MethodFunc("GET", "/favicon.ico", func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "image/png")
 		w.WriteHeader(200)
 		_, _ = w.Write(keypng)
 	})
 }
-
+func (app *keyproofApp) getProofs(w http.ResponseWriter, r *http.Request) {
 func fmtKey(key promise.Key) string {
 	return fmt.Sprintf("%T", key.Key())
 }
 func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 	log := zlog.Ctx(r.Context())
 	cfg := config.FromContext(r.Context())
 	id := chi.URLParam(r, "id")
 	log.Debug().Str("get ", id).Send()
@ -95,24 +73,24 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 	defer cancel()
 	// Run tasks to resolve entity, style, and proofs.
-	task := s.tasker.Run(EntityKey(id), func(q promise.Q) {
+	task := app.tasker.Run(entity.Key(id), func(q promise.Q) {
 		ctx := q.Context()
 		log := zlog.Ctx(ctx).With().Interface(fmtKey(q), q.Key()).Logger()
-		key := q.Key().(EntityKey)
+		key := q.Key().(entity.Key)
-		entity, err := getOpenPGPkey(ctx, string(key))
+		e, err := opgp.GetKey(ctx, string(key))
 		if err != nil {
 			q.Reject(err)
 			return
 		}
 		log.Debug().Msg("Resolving Entity")
-		q.Resolve(entity)
+		q.Resolve(e)
 	})
 	task.After(func(q promise.ResultQ) {
-		entity := q.Result().(*Entity)
+		entity := q.Result().(*entity.Entity)
 		zlog.Ctx(q.Context()).
 			Info().
@ -120,14 +98,14 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 			Interface(fmtKey(q), q.Key()).
 			Msg("Do Style ")
-		q.Run(StyleKey(entity.Primary.Address), func(q promise.Q) {
+		q.Run(style.Key(entity.Primary.Address), func(q promise.Q) {
 			ctx := q.Context()
 			log := zlog.Ctx(ctx).With().Interface(fmtKey(q), q.Key()).Logger()
-			key := q.Key().(StyleKey)
+			key := q.Key().(style.Key)
 			log.Debug().Msg("start task")
-			style, err := s.getStyle(ctx, string(key))
+			style, err := style.GetStyle(ctx, string(key))
 			if err != nil {
 				q.Reject(err)
 				return
@ -136,11 +114,10 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 			log.Debug().Msg("Resolving Style")
 			q.Resolve(style)
 		})
 	})
 	task.After(func(q promise.ResultQ) {
-		entity := q.Result().(*Entity)
+		entity := q.Result().(*entity.Entity)
 		log := zlog.Ctx(ctx).
 			With().
 			Interface(fmtKey(q), q.Key()).
@ -172,6 +149,8 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 	})
 	page := page{Style: defaultStyle}
 	page.AppName = fmt.Sprintf("%s v%s", cfg.GetString("app-name"), cfg.GetString("app-version"))
 	page.AppBuild = fmt.Sprintf("%s %s", cfg.GetString("build-date"), cfg.GetString("build-hash"))
 	// Wait for either entity to resolve or timeout
 	select {
@ -182,12 +161,12 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 			page.IsComplete = true
 			break
 		}
-		page.Entity = task.Result().(*Entity)
+		page.Entity = task.Result().(*entity.Entity)
 	case <-ctx.Done():
 		log.Print("Deadline Timeout")
-		if e, ok := s.cache.Get(EntityKey(id)); ok {
+		if e, ok := app.cache.Get(entity.Key(id)); ok {
-			page.Entity = e.Value().(*Entity)
+			page.Entity = e.Value().(*entity.Entity)
 		}
 	}
@ -195,8 +174,8 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 	if page.Entity != nil {
 		var gotStyle, gotProofs bool
-		if s, ok := s.cache.Get(StyleKey(page.Entity.Primary.Address)); ok {
+		if s, ok := app.cache.Get(style.Key(page.Entity.Primary.Address)); ok {
-			page.Style = s.Value().(*Style)
+			page.Style = s.Value().(*style.Style)
 			gotStyle = true
 		}
@ -207,7 +186,7 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 			for i := range page.Entity.Proofs {
 				p := page.Entity.Proofs[i]
-				if s, ok := s.cache.Get(ProofKey(p)); ok {
+				if s, ok := app.cache.Get(ProofKey(p)); ok {
 					log.Debug().Str("uri", p).Msg("Proof from cache")
 					proofs[p] = s.Value().(*Proof)
 				} else {
@ -223,31 +202,62 @@ func (s *identity) get(w http.ResponseWriter, r *http.Request) {
 	}
 	// Template and display.
-	t, err := template.New("identity").Parse(pageTPL)
+	var err error
 	t := template.New("page")
 	t, err = t.Parse(pageTPL)
 	if err != nil {
-		WriteText(w, 500, err.Error())
+		writeText(w, 500, err.Error())
 		return
 	}
 	t, err = t.Parse(proofTPL)
 	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
 	err = t.Execute(w, page)
 	if err != nil {
-		WriteText(w, 500, err.Error())
+		writeText(w, 500, err.Error())
 		return
 	}
 }
 func (app *keyproofApp) getHome(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	cfg := config.FromContext(ctx)
-func (s *identity) getDNS(w http.ResponseWriter, r *http.Request) {
+	baseURL := cfg.GetString("base-url")
-	domain := chi.URLParam(r, "domain")
+	if id := r.URL.Query().Get("id"); id != "" {
 		http.Redirect(w, r, fmt.Sprintf("%s/id/%s", baseURL, id), http.StatusFound)
 		return
 	}
-	res, err := net.DefaultResolver.LookupTXT(r.Context(), domain)
+	page := page{Style: defaultStyle, IsComplete: true, Markdown: homeMKDN}
 	page.AppName = fmt.Sprintf("%s v%s", cfg.GetString("app-name"), cfg.GetString("app-version"))
 	// Template and display.
 	var err error
 	t := template.New("page")
 	t = t.Funcs(template.FuncMap{"markDown": markDowner})
 	t, err = t.Parse(pageTPL)
 	if err != nil {
-		WriteText(w, 400, err.Error())
+		writeText(w, 500, err.Error())
 		return
 	}
-	WriteText(w, 200, strings.Join(res, "\n"))
+	t, err = t.Parse(homeTPL)
-}
+	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
-func (s *identity) getQR(w http.ResponseWriter, r *http.Request) {
+	err = t.Execute(w, page)
 	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
 }
 func (app *keyproofApp) getQR(w http.ResponseWriter, r *http.Request) {
 	log := zlog.Ctx(r.Context())
 	content := r.URL.Query().Get("c")
@ -277,7 +287,7 @@ func (s *identity) getQR(w http.ResponseWriter, r *http.Request) {
 	png, err := qrcode.Encode(content, quality, size)
 	if err != nil {
-		WriteText(w, 400, err.Error())
+		writeText(w, 400, err.Error())
 		return
 	}
@ -287,38 +297,18 @@ func (s *identity) getQR(w http.ResponseWriter, r *http.Request) {
 	_, _ = w.Write(png)
 }
-func (s *identity) getVCard(w http.ResponseWriter, r *http.Request) {
+func markDowner(args ...interface{}) template.HTML {
-	jid := chi.URLParam(r, "jid")
+	s := blackfriday.MarkdownCommon([]byte(fmt.Sprintf("%s", args...)))
-	if _, err := mail.ParseAddress(jid); err != nil {
+	return template.HTML(s)
 		fmt.Fprint(w, err)
 		w.WriteHeader(400)
 	}
 	vcard, err := s.conn.GetXMPPVCard(r.Context(), jid)
 	if err != nil {
 		fmt.Fprint(w, err)
 		w.WriteHeader(500)
 	}
 	w.Header().Set("Content-Type", "text/xml")
 	w.WriteHeader(200)
 	fmt.Fprint(w, vcard)
 }
 func secHeaders(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("X-XSS-Protection", "1; mode=block")
 		w.Header().Set("X-Frame-Options", "DENY")
 		w.Header().Set("X-Content-Type-Options", "nosniff")
 		w.Header().Set("X-Content-Type-Options", "nosniff")
 		h.ServeHTTP(w, r)
 	})
 }
 // WriteText writes plain text
-func WriteText(w http.ResponseWriter, code int, o string) {
+func writeText(w http.ResponseWriter, code int, o string) {
 	w.Header().Set("Content-Type", "text/plain")
 	w.WriteHeader(code)
 	_, _ = w.Write([]byte(o))
 }
 func fmtKey(key promise.Key) string {
 	return fmt.Sprintf("%T", key.Key())
 }
--- a/pkg/app/keyproofs/proofs.go
+++ b/pkg/app/keyproofs/proofs.go
@ -1,7 +1,8 @@
-package keyproofs
+package app_keyproofs
 import (
 	"bufio"
 	"bytes"
 	"context"
 	"encoding/base64"
 	"encoding/json"
@ -205,6 +206,28 @@ func NewProof(ctx context.Context, uri, fingerprint string) ProofResolver {
 				return &httpResolve{p, url, nil}
 			}
 		case strings.Contains(p.URI.Path, "/conv/"):
 			if sp := strings.SplitN(p.URI.Path, "/", 3); len(sp) == 3 {
 				p.Icon = "fas fa-comment-alt"
 				p.Service = "Twtxt"
 				p.Name = fmt.Sprintf("...@%s", p.URI.Host)
 				p.Link = fmt.Sprintf("https://%s", p.URI.Host)
 				url := fmt.Sprintf("https://%s/api/v1/conv", p.URI.Host)
 				return &twtxtResolve{p, url, sp[2], nil}
 			}
 		case strings.Contains(p.URI.Path, "/twt/"):
 			if sp := strings.SplitN(p.URI.Path, "/", 3); len(sp) == 3 {
 				p.Icon = "fas fa-comment-alt"
 				p.Service = "Twtxt"
 				p.Name = fmt.Sprintf("...@%s", p.URI.Host)
 				p.Link = fmt.Sprintf("https://%s", p.URI.Host)
 				url := fmt.Sprintf("https://%s/twt/%v", p.URI.Host, sp[2])
 				return &httpResolve{p, url, nil}
 			}
 		default:
 			if sp := strings.SplitN(p.URI.Path, "/", 3); len(sp) > 1 {
 				p.Icon = "fas fa-project-diagram"
@ -219,6 +242,7 @@ func NewProof(ctx context.Context, uri, fingerprint string) ProofResolver {
 				return &httpResolve{p, p.Verify, nil}
 			}
 		}
 	default:
 		p.Icon = "exclamation-triangle"
 		p.Service = "unknown"
@ -294,8 +318,8 @@ func (r *gitlabResolve) Resolve(ctx context.Context) error {
 	return ErrNoFingerprint
 }
-func (p *gitlabResolve) Proof() *Proof {
+func (r *gitlabResolve) Proof() *Proof {
-	return &p.proof
+	return &r.proof
 }
 func (p *Proof) Resolve(ctx context.Context) error {
@ -305,6 +329,44 @@ func (p *Proof) Proof() *Proof {
 	return p
 }
 type twtxtResolve struct {
 	proof   Proof             `json:"-"`
 	url     string            `json:"-"`
 	Hash    string            `json:"hash"`
 	headers map[string]string `json:"-"`
 }
 func (t *twtxtResolve) Resolve(ctx context.Context) error {
 	t.proof.Status = ProofInvalid
 	twt := struct {
 		Twts []struct {
 			Text  string `json:"text"`
 			Twter struct{ Nick string }
 		} `json:"twts"`
 	}{}
 	if err := postJSON(ctx, t.url, nil, t, &twt); err != nil {
 		return err
 	}
 	if len(twt.Twts) > 0 {
 		nick := twt.Twts[0].Twter.Nick
 		t.proof.Name = fmt.Sprintf("%s@%s", nick, t.proof.URI.Host)
 		t.proof.Link += "/user/" + nick
 		ck := fmt.Sprintf("[Verifying my OpenPGP key: openpgp4fpr:%s]", t.proof.Fingerprint)
 		if strings.Contains(twt.Twts[0].Text, ck) {
 			t.proof.Status = ProofVerified
 			return nil
 		}
 	}
 	return ErrNoFingerprint
 }
 func (t *twtxtResolve) Proof() *Proof {
 	return &t.proof
 }
 func checkHTTP(ctx context.Context, uri, fingerprint string, hdr map[string]string) error {
 	log := log.Ctx(ctx)
@ -370,3 +432,36 @@ func httpJSON(ctx context.Context, uri string, hdr map[string]string, dst interf
 	return json.NewDecoder(res.Body).Decode(dst)
 }
 func postJSON(ctx context.Context, uri string, hdr map[string]string, payload, dst interface{}) error {
 	log := log.Ctx(ctx)
 	log.Info().Str("URI", uri).Msg("postJSON")
 	body, err := json.Marshal(payload)
 	if err != nil {
 		log.Err(err).Send()
 		return err
 	}
 	buf := bytes.NewBuffer(body)
 	req, err := http.NewRequestWithContext(ctx, "POST", uri, buf)
 	if err != nil {
 		log.Err(err).Send()
 		return err
 	}
 	req.Header.Set("Accept", "application/json")
 	for k, v := range hdr {
 		req.Header.Set(k, v)
 	}
 	res, err := http.DefaultClient.Do(req)
 	if err != nil {
 		log.Err(err)
 		return err
 	}
 	defer res.Body.Close()
 	return json.NewDecoder(res.Body).Decode(dst)
 }
--- a/pkg/app/keyproofs/template.go
+++ b/pkg/app/keyproofs/template.go
@ -0,0 +1,280 @@
 package app_keyproofs
 import (
 	"github.com/sour-is/keyproofs/pkg/opgp/entity"
 	"github.com/sour-is/keyproofs/pkg/style"
 )
 type page struct {
 	AppName  string
 	AppBuild string
 	Entity   *entity.Entity
 	Style    *style.Style
 	Proofs   *Proofs
 	Markdown   string
 	HasProofs  bool
 	IsComplete bool
 	Err        error
 }
 var pageTPL = `
 <html>
 <head>
 	{{if not .IsComplete}}<meta http-equiv="refresh" content="1">{{end}}
 	<link href="https://pagecdn.io/lib/bootstrap/4.5.1/css/bootstrap.min.css"       rel="stylesheet" crossorigin="anonymous" integrity="sha256-VoFZSlmyTXsegReQCNmbXrS4hBBUl/cexZvPmPWoJsY=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/fontawesome.min.css" rel="stylesheet" crossorigin="anonymous" integrity="sha256-7YMlwkILTJEm0TSengNDszUuNSeZu4KTN3z7XrhUQvc=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/solid.min.css"       rel="stylesheet" crossorigin="anonymous" integrity="sha256-s0DhrAmIsT5gZ3X4f+9wIXUbH52CMiqFAwgqCmdPoec=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/regular.min.css"     rel="stylesheet" crossorigin="anonymous" integrity="sha256-FAKIbnpfWhK6v5Re+NAi9n+5+dXanJvXVFohtH6WAuw=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/brands.min.css"      rel="stylesheet" crossorigin="anonymous" integrity="sha256-xN44ju35FR+kTO/TP/UkqrVbM3LpqUI1VJCWDGbG1ew=" >
 {{ with .Style }}
 	<style>
 		@font-face { font-family: "Font Awesome 5 Free"; font-weight: 900; src: url(https://pagecdn.io/lib/font-awesome/5.14.0/webfonts/fa-solid-900.woff2); }
 		@font-face { font-family: "Font Awesome 5 Free"; font-weight: 400; src: url(https://pagecdn.io/lib/font-awesome/5.14.0/webfonts/fa-regular-400.woff2); }
 		@font-face { font-family: "Font Awesome 5 Brands"; src: url(https://pagecdn.io/lib/font-awesome/5.14.0/webfonts/fa-brands-400.woff2); }
 		{{range $i, $val := .Palette}}.fg-color-{{$i}} { color: {{$val}}; }
 		{{end}}
 		{{range $i, $val := .Palette}}.bg-color-{{$i}} { background-color: {{$val}}; }
 		{{end}}
 		body {
 			background-image: url('{{.Background}}');
 			background-repeat: repeat;
 			background-color: {{index .Palette 7}};
 			padding-top: 1em;
 		}
 		.heading {
 			background-image: url('{{.Cover}}');
 			background-size: cover;
 			background-repeat: no-repeat;
 			background-color: {{index .Palette 3}};
 		}
 		.shade { background-color: {{index .Palette 3}}80; border-radius: .25rem;}
 		.lead { padding:0; margin:0;  }
 		.scroll { height: 20em; overflow: scroll; }
 		@media only screen and (max-width: 991px) {
 			.jumbotron h1 { font-size: 2rem; }
 			.jumbotron .lead { font-size: 1.0rem; }
 		}
 		@media only screen and (max-width: 768px) {
 			.center-xs { text-align: center; width: 100% }
 			.center-sm { text-align: center; width: 100% }
 			.center-md { text-align: center; width: 100% }
 			.jumbotron h1 { font-size: 2rem; }
 			.jumbotron .lead { font-size: 1.0rem; }
 		}
 		 @media only screen and (max-width: 576px) {
 			.center-xs { text-align: center; width: 100% }
 			.center-sm { text-align: center; width: 100% }
 			.center-md { text-align: center; width: 100% }
 			.jumbotron .lead { font-size: 0.8rem; }
 			body { font-size: 0.8rem; }
 		}
 	</style>
 {{end}}
 </head>
 <body>
 	<div class="container">
 		<div class="card">
 			{{template "content" .}}
 			<div class="card-footer text-muted text-center">
 				<a href="/" alt="{{.AppBuild}}">{{.AppName}}</a>
 				| &copy; 2020 Sour.is
 				| <a href="/id/me@sour.is">About me</a>
 				| <a href="https://github.com/sour-is/keyproofs">GitHub</a>
 				| Inspired by <a href="https://keyoxide.org/">keyoxide</a>
 			</div>
 		</div>
 	</div>
 </body>
 </html>
 `
 var homeTPL = `
 {{define "content"}}
 <div class="jumbotron heading">
 	<div class="container">
 		<div class="row shade">
 			<div class="col-md">
 				<h1 class="display-8 fg-color-8">Key Proofs</h1>
 				<p class="lead fg-color-11">Verify social identitys using OpenPGP</p>
 			</div>
 		</div>
 	</div>
 </div>
 <br/>
 <div class="card">
 	<div class="card-body">
 		<form method="GET" action="/">
 			<div class="input-group mb-3">
 				<input type="text"
 					   name="id"
 					   class="form-control"
 					   placeholder="Email or Fingerprint..."
 					   aria-label="Email or Fingerprint"
 					   aria-describedby="button-addon" />
 				<div class="input-group-append">
 					<button class="btn btn-outline-secondary" type="submit" id="button-addon">GO</button>
 				</div>
 			</div>
 		</form>
 	</div>
 </div>
 <div class="container"> {{.Markdown | markDown}} </div>
 {{end}}
 `
 var proofTPL = `
 {{define "content"}}
 <div class="jumbotron heading">
 	<div class="container">
 		<div class="row shade">
 		{{ with .Err }}
 			<div class="col-xs center-md">
 				<i class="fas fa-exclamation-triangle fa-4x fg-color-11"></i>
 			</div>
 			<div class="col-md">
 				<h1 class="display-8 fg-color-8">Something went wrong...</h1>
 				<pre class="fg-color-11">{{.}}</pre>
 			</div>
 		{{else}}
 			{{ with .Style }}
 				<div class="col-xs center-md">
 					<img src="{{.Avatar}}" class="img-thumbnail" alt="avatar" style="width:88px; height:88px">
 				</div>
 			{{end}}
 			{{with .Entity}}
 				<div class="col-md center-md">
 					<h1 class="display-8 fg-color-8">{{.Primary.Name}}</h1>
 					<p class="lead fg-color-11"><i class="fas fa-fingerprint"></i> {{.Fingerprint}}</p>
 				</div>
 				<div class="col-xs center-md">
 					<img src="/qr?s=-2&c=OPENPGP4FPR%3A{{.Fingerprint}}" class="img-thumbnail" alt="qrcode" style="width:88px; height:88px">
 				</div>
 			{{else}}
 				<div class="col-md">
 					<h1 class="display-8 fg-color-8">Loading...</h1>
 					<p class="lead fg-color-11">Reading key from remote service.</p>
 				</div>
 			{{end}}
 		{{end}}
 		</div>
 	</div>
 </div>
 <div class="container">
 	<div class="row">
 		<div class="col-lg-4 col-md-12 col-sm-12 col-xs-12">
 		{{ with .Entity }}
 			<div class="card">
 				<div class="card-header">Contact</div>
 				<div class="list-group list-group-flush">
 					{{with .Primary}}<a href="mailto:{{.Address}}" class="list-group-item list-group-item-action"><i class="fas fa-envelope"></i> <b>{{.Name}} &lt;{{.Address}}&gt;</b> <span class="badge badge-secondary">Primary</span></a>{{end}}
 					{{range .Emails}}<a href="mailto:{{.Address}}" class="list-group-item list-group-item-action"><i class="far fa-envelope"></i> {{.Name}} &lt;{{.Address}}&gt;</a>{{end}}
 				</div>
 			</div>
 			<br />
 		{{end}}
 		{{if .HasProofs}}
 		{{with .Proofs}}
 			<div class="card">
 				<div class="card-header">Proofs</div>
 					<ul class="list-group list-group-flush">
 						{{range .}}
 						<li class="list-group-item">
 							<div>
 								<a title="{{.Link}}" class="font-weight-bold" href="{{.Link}}">
 									<i title="{{.Service}}" class="{{.Icon}}"></i>
 									{{.Name}}
 								</a>
 								{{if eq .Status 0}}
 									<a class="text-muted" href="{{.Verify}}"> <i class="fas fa-ellipsis-h"> Checking</i></a>
 								{{else if eq .Status 1}}
 									<a class="text-warning" href="{{.Verify}}"> <i class="fas fa-exclamation-triangle"></i> Error</a>
 								{{else if eq .Status 2}}
 									<a class="text-danger" href="{{.Verify}}"> <i class="far fa-times-circle"></i> Invalid</a>
 								{{else if eq .Status 3}}
 									<a class="text-success" href="{{.Verify}}"> <i class="far fa-check-square"></i> Verified</a>
 								{{end}}
 							</div>
 							<div>
 							{{if eq .Service "xmpp"}}
 								<br/>
 								<img src="/qr?s=-2&c={{.Link}}" alt="qrcode" style="width:88px; height:88px">
 							{{end}}
 							</div>
 						</li>
 						{{end}}
 					</ul>
 				</div>
 			</div>
 		{{else}}
 			<div class="card">
 				<div class="card-header">Proofs</div>
 				<div class="card-body">Loading...</div>
 			</div>
 			<br/>
 		{{end}}
 		{{end}}
 		<div class="col-lg-8 col-md-12 col-sm-12 col-xs-12">
 			<div class="card">
 				<div class="card-header">Public Key</div>
 				<div class="card-body scroll">
 					<pre><code>
 Last Updated {{.Entity.SelfSignature.CreationTime}}
 {{.Entity.ArmorText}}
 </code></pre>
 				</div>
 			</div>
 		</div>
 	</div>
 </div>
 {{end}}
 `
 var homeMKDN = `
 ## About Keyproofs
 KeyProofs is a server side version of Keyoxide. There is no JavaScript executed on this page and resourcesKeys are looked up via [Web key directory](https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/)
 or from <https://keys.openpgp.org/>.
 ### Decentralized online identity proofs
 - You decide which accounts are linked together
 - You decide where this data is stored
 - KeyProofs does not store your identity data on its servers
 - KeyProofs merely verifies the identity proofs and displays them
 ### Empowering the internet citizen
 - A verified identity proof proves ownership of an account and builds trust
 - No bad actor can impersonate you as long as your accounts aren't compromised
 - Your online identity data is safe from greedy internet corporations
 ### User-centric platform
 - KeyProofs generates QR codes that integrate with OpenKeychain and Conversations
 - KeyProofs fetches the key wherever the user decides to store it
 - KeyProofs is self-hostable, meaning you could put it on any server you trust
 ### Secure and privacy-friendly
 - KeyProofs doesn't want your personal data, track you or show you ads
 - KeyProofs relies on OpenPGP, a widely used public-key cryptography standard (RFC-4880)
 - Cryptographic operations are performed on server.
 `
--- a/pkg/app/vcard/app.go
+++ b/pkg/app/vcard/app.go
@ -0,0 +1,48 @@
 package app_vcard
 import (
 	"context"
 	"fmt"
 	"net/http"
 	"net/mail"
 	"github.com/go-chi/chi"
 	"gosrc.io/xmpp"
 )
 type app struct {
 	conn *connection
 }
 func New(ctx context.Context, xmppConfig *xmpp.Config) (*app, error) {
 	conn, err := NewXMPP(ctx, xmppConfig)
 	if err != nil {
 		return nil, err
 	}
 	return &app{conn: conn}, nil
 }
 func (app *app) Routes(r *chi.Mux) {
 	r.MethodFunc("GET", "/vcard/{jid}", app.getVCard)
 }
 func (app *app) getVCard(w http.ResponseWriter, r *http.Request) {
 	jid := chi.URLParam(r, "jid")
 	if _, err := mail.ParseAddress(jid); err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		fmt.Fprint(w, err)
 		return
 	}
 	vcard, err := app.conn.GetXMPPVCard(r.Context(), jid)
 	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		fmt.Fprint(w, err)
 		return
 	}
 	w.Header().Set("Content-Type", "text/xml")
 	w.WriteHeader(200)
 	fmt.Fprint(w, vcard)
 }
--- a/pkg/app/vcard/vcard.go
+++ b/pkg/app/vcard/vcard.go
@ -0,0 +1,36 @@
 package app_vcard
 import (
 	"encoding/xml"
 	"gosrc.io/xmpp/stanza"
 )
 type VCard struct {
 	XMLName     xml.Name `xml:"vcard-temp vCard"`
 	FullName    string   `xml:"FN"`
 	NickName    string   `xml:"NICKNAME"`
 	Description string   `xml:"DESC"`
 	URL         string   `xml:"URL"`
 }
 func NewVCard() *VCard {
 	return &VCard{}
 }
 func (c *VCard) Namespace() string {
 	return c.XMLName.Space
 }
 func (c *VCard) GetSet() *stanza.ResultSet {
 	return nil
 }
 func (c *VCard) String() string {
 	b, _ := xml.MarshalIndent(c, "", "  ")
 	return string(b)
 }
 func init() {
 	stanza.TypeRegistry.MapExtension(stanza.PKTIQ, xml.Name{Space: "vcard-temp", Local: "vCard"}, VCard{})
 }
--- a/pkg/keyproofs/vcard.go
+++ b/pkg/keyproofs/vcard.go
@ -1,4 +1,4 @@
-package keyproofs
+package app_vcard
 import (
 	"context"
@ -6,62 +6,41 @@ import (
 	"fmt"
 	"github.com/rs/zerolog/log"
 	"github.com/sour-is/keyproofs/pkg/graceful"
 	"gosrc.io/xmpp"
 	"gosrc.io/xmpp/stanza"
 )
 type VCard struct {
 	XMLName     xml.Name `xml:"vcard-temp vCard"`
 	FullName    string   `xml:"FN"`
 	NickName    string   `xml:"NICKNAME"`
 	Description string   `xml:"DESC"`
 	URL         string   `xml:"URL"`
 }
 func NewVCard() *VCard {
 	return &VCard{}
 }
 func (c *VCard) Namespace() string {
 	return c.XMLName.Space
 }
 func (c *VCard) GetSet() *stanza.ResultSet {
 	return nil
 }
 func (c *VCard) String() string {
 	b, _ := xml.MarshalIndent(c, "", "  ")
 	return string(b)
 }
 func init() {
 	stanza.TypeRegistry.MapExtension(stanza.PKTIQ, xml.Name{Space: "vcard-temp", Local: "vCard"}, VCard{})
 }
 type connection struct {
-	client *xmpp.Client
+	client xmpp.StreamClient
 }
 func NewXMPP(ctx context.Context, config *xmpp.Config) (*connection, error) {
 	log := log.Ctx(ctx)
 	wg := graceful.WaitGroup(ctx)
 	router := xmpp.NewRouter()
 	conn := &connection{}
-	var err error
+	cl, err := xmpp.NewClient(config, router, func(err error) { log.Error().Err(err).Send() })
 	conn.client, err = xmpp.NewClient(config, router, func(err error) { log.Error().Err(err).Send() })
 	if err != nil {
 		return nil, err
 	}
 	conn.client = cl
 	sc := xmpp.NewStreamManager(cl, func(c xmpp.Sender) { log.Info().Msg("XMPP Client connected.") })
 	wg.Go(func() error {
 		log.Debug().Msg("starting XMPP")
 		return sc.Run()
 	})
 	go func() {
 		<-ctx.Done()
-		err := conn.client.Disconnect()
+		sc.Stop()
-		log.Error().Err(err).Send()
+		log.Info().Msg("XMPP Client shutdown.")
 	}()
 	err = conn.client.Connect()
 	return conn, err
 }
--- a/pkg/app/wkd/app.go
+++ b/pkg/app/wkd/app.go
@ -0,0 +1,397 @@
 package app_wkd
 import (
 	"context"
 	"crypto/sha1"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"net"
 	"net/http"
 	"net/url"
 	"os"
 	"path/filepath"
 	"strings"
 	"github.com/fsnotify/fsnotify"
 	"github.com/go-chi/chi"
 	"github.com/rs/zerolog/log"
 	"github.com/sour-is/crypto/openpgp"
 	"github.com/tv42/zbase32"
 	"github.com/sour-is/keyproofs/pkg/graceful"
 	"github.com/sour-is/keyproofs/pkg/opgp/entity"
 )
 type wkdApp struct {
 	path   string
 	domain string
 }
 func New(ctx context.Context, path, domain string) (*wkdApp, error) {
 	log := log.Ctx(ctx)
 	log.Debug().Str("domain", domain).Str("path", path).Msg("NewWKDApp")
 	path = filepath.Clean(path)
 	app := &wkdApp{path: path, domain: domain}
 	err := app.CheckFiles(ctx)
 	if err != nil {
 		return nil, err
 	}
 	watch, err := fsnotify.NewWatcher()
 	if err != nil {
 		return nil, err
 	}
 	for _, typ := range []string{"keys"} {
 		err = watch.Add(filepath.Join(path, typ))
 		if err != nil {
 			return nil, err
 		}
 	}
 	log.Debug().Msg("startup wkd watcher")
 	wg := graceful.WaitGroup(ctx)
 	wg.Go(func() error {
 		for {
 			select {
 			case <-ctx.Done():
 				log.Debug().Msg("shutdown wkd watcher")
 				return nil
 			case op := <-watch.Events:
 				log.Print(op)
 				switch op.Op {
 				case fsnotify.Create:
 					path = filepath.Dir(op.Name)
 					kind := filepath.Base(path)
 					name := filepath.Base(op.Name)
 					if err := app.createLinks(kind, name); err != nil {
 						log.Err(err).Send()
 					}
 				case fsnotify.Remove, fsnotify.Rename:
 					path = filepath.Dir(op.Name)
 					kind := filepath.Base(path)
 					name := filepath.Base(op.Name)
 					if err := app.removeLinks(kind, name); err != nil {
 						log.Error().Err(err).Send()
 					}
 				default:
 				}
 			case err := <-watch.Errors:
 				log.Err(err).Send()
 			}
 		}
 	})
 	return app, nil
 }
 func (app *wkdApp) CheckFiles(ctx context.Context) error {
 	log := log.Ctx(ctx)
 	for _, name := range []string{".links", "keys"} {
 		log.Debug().Msgf("mkdir: %s", filepath.Join(app.path, name))
 		err := os.MkdirAll(filepath.Join(app.path, name), 0700)
 		if err != nil {
 			return err
 		}
 	}
 	return filepath.Walk(app.path, func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			return err
 		}
 		log.Debug().Msg(info.Name())
 		if path == app.path {
 			return nil
 		}
 		if info.IsDir() {
 			switch info.Name() {
 			case "keys":
 				return nil
 			}
 			return filepath.SkipDir
 		}
 		path = filepath.Dir(path)
 		kind := filepath.Base(path)
 		name := info.Name()
 		log.Debug().Msgf("link: %s %s %s", app.path, kind, name)
 		return app.createLinks(kind, name)
 	})
 }
 func (app *wkdApp) getRedirect(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	log := log.Ctx(ctx)
 	log.Print(r.Host)
 	hash := chi.URLParam(r, "hash")
 	if strings.ContainsRune(hash, '@') {
 		hash, domain := hashHuman(hash)
 		log.Debug().Str("hash", hash).Str("domain", domain).Msg("redirect")
 		if host, adv := getWKDDomain(ctx, domain); adv {
 			log.Debug().Str("host", host).Str("domain", domain).Bool("adv", adv).Msg("redirect")
 			http.Redirect(w, r, fmt.Sprintf("https://%s/.well-known/openpgpkey/%s/hu/%s", host, domain, hash), http.StatusTemporaryRedirect)
 		} else {
 			log.Debug().Str("host", host).Str("domain", domain).Bool("adv", adv).Msg("redirect")
 			http.Redirect(w, r, fmt.Sprintf("https://%s/.well-known/openpgpkey/hu/%s", domain, hash), http.StatusTemporaryRedirect)
 		}
 		return
 	}
 	writeText(w, http.StatusBadRequest, "Bad Request")
 }
 func (app *wkdApp) getPolicy(w http.ResponseWriter, r *http.Request) {
 	writeText(w, 200, "")
 	return
 }
 func (app *wkdApp) get(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	log := log.Ctx(ctx)
 	log.Debug().Msgf("Host: %v %v %v", r.Host, app.domain, "foo")
 	hash := chi.URLParam(r, "hash")
 	domain := chi.URLParam(r, "domain")
 	if domain == "" {
 		domain = app.domain
 	}
 	if strings.ContainsRune(hash, '@') {
 		hash, domain = hashHuman(hash)
 	}
 	fname := filepath.Join(app.path, ".links", strings.Join([]string{"keys", domain, hash}, "-"))
 	log.Debug().Msgf("path: %s", fname)
 	f, err := os.Open(fname)
 	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
 	_, err = io.Copy(w, f)
 	if err != nil {
 		writeText(w, 500, err.Error())
 		return
 	}
 }
 func (app *wkdApp) Routes(r *chi.Mux) {
 	r.MethodFunc("GET", "/wkd/{hash}", app.getRedirect)
 	r.MethodFunc("GET", "/key/{hash}", app.get)
 	r.MethodFunc("POST", "/pks/add", app.postKey)
 	r.MethodFunc("GET", "/.well-known/openpgpkey/hu/{hash}", app.get)
 	r.MethodFunc("GET", "/.well-known/openpgpkey/{domain}/hu/{hash}", app.get)
 	r.MethodFunc("GET", "/.well-known/openpgpkey/policy", app.getPolicy)
 	r.MethodFunc("GET", "/.well-known/openpgpkey/{domain}/policy", app.getPolicy)
 }
 func (app *wkdApp) createLinks(kind, name string) error {
 	if !strings.ContainsRune(name, '@') {
 		return nil
 	}
 	src := filepath.Join("..", kind, name)
 	name = strings.ToLower(name)
 	hash, _ := hashHuman(name)
 	link := filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err := app.replaceLink(src, link)
 	if err != nil {
 		return err
 	}
 	return err
 }
 func hashHuman(name string) (string, string) {
 	name = strings.ToLower(name)
 	parts := strings.SplitN(name, "@", 2)
 	hash := sha1.Sum([]byte(parts[0]))
 	lp := zbase32.EncodeToString(hash[:])
 	return lp, parts[1]
 }
 func (app *wkdApp) removeLinks(kind, name string) error {
 	if !strings.ContainsRune(name, '@') {
 		return nil
 	}
 	name = strings.ToLower(name)
 	hash, _ := hashHuman(name)
 	link := filepath.Join(app.path, ".links", strings.Join([]string{kind, hash}, "-"))
 	err := os.Remove(link)
 	if err != nil {
 		return err
 	}
 	return err
 }
 func (app *wkdApp) replaceLink(src, link string) error {
 	if dst, err := os.Readlink(link); err != nil {
 		if os.IsNotExist(err) {
 			err = os.Symlink(src, link)
 			if err != nil {
 				return err
 			}
 		}
 	} else {
 		if dst != src {
 			err = os.Remove(link)
 			if err != nil {
 				return err
 			}
 			err = os.Symlink(src, link)
 			if err != nil {
 				return err
 			}
 		}
 	}
 	return nil
 }
 func getWKDDomain(ctx context.Context, domain string) (string, bool) {
 	adv := "openpgpkey." + domain
 	_, err := net.DefaultResolver.LookupCNAME(ctx, adv)
 	if err == nil {
 		return adv, true
 	}
 	return domain, false
 }
 func (app *wkdApp) postKey(w http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	log := log.Ctx(ctx)
 	body, err := ioutil.ReadAll(r.Body)
 	r.Body.Close()
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusBadRequest, "ERR BODY")
 		return
 	}
 	q, err := url.ParseQuery(string(body))
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusBadRequest, "ERR PARSE")
 		return
 	}
 	lis, err := openpgp.ReadArmoredKeyRing(strings.NewReader(q.Get("keytext")))
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusBadRequest, "ERR READ KEY")
 		return
 	}
 	e, err := entity.GetOne(lis)
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusBadRequest, "ERR ENTITY")
 		return
 	}
 	fname := filepath.Join(app.path, "keys", e.Primary.Address)
 	f, err := os.Open(fname)
 	if os.IsNotExist(err) {
 		out, err := os.Create(fname)
 		if err != nil {
 			log.Err(err).Send()
 			writeText(w, http.StatusInternalServerError, "ERR CREATE")
 			return
 		}
 		err = e.Serialize(out)
 		if err != nil {
 			log.Err(err).Send()
 			writeText(w, http.StatusInternalServerError, "ERR WRITE")
 			return
 		}
 		w.Header().Set("X-HKP-Status", "Created key")
 		writeText(w, http.StatusOK, "OK CREATED")
 		return
 	}
 	current, err := openpgp.ReadKeyRing(f)
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusInternalServerError, "ERR READ")
 		return
 	}
 	f.Close()
 	compare, err := entity.GetOne(current)
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusInternalServerError, "ERR PARSE")
 		return
 	}
 	if e.Fingerprint != compare.Fingerprint {
 		w.Header().Set("X-HKP-Status", "Mismatch fingerprint")
 		writeText(w, http.StatusBadRequest, "ERR FINGERPRINT")
 		return
 	}
 	if e.SelfSignature == nil || compare.SelfSignature == nil {
 		w.Header().Set("X-HKP-Status", "Missing signature")
 		writeText(w, http.StatusBadRequest, "ERR SIGNATURE")
 		return
 	}
 	log.Debug().Msgf("%v < %v", e.SelfSignature.CreationTime, compare.SelfSignature.CreationTime)
 	if !compare.SelfSignature.CreationTime.Before(e.SelfSignature.CreationTime) {
 		w.Header().Set("X-HKP-Status", "out of date")
 		writeText(w, http.StatusBadRequest, "ERR OUT OF DATE")
 		return
 	}
 	out, err := os.Create(fname)
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusInternalServerError, "ERR CREATE")
 		return
 	}
 	err = e.Serialize(out)
 	if err != nil {
 		log.Err(err).Send()
 		writeText(w, http.StatusInternalServerError, "ERR WRITE")
 		return
 	}
 	w.Header().Set("X-HKP-Status", "Updated key")
 	writeText(w, http.StatusOK, "OK UPDATED")
 }
 // WriteText writes plain text
 func writeText(w http.ResponseWriter, code int, o string) {
 	w.Header().Set("Content-Type", "text/plain")
 	w.WriteHeader(code)
 	_, _ = w.Write([]byte(o))
 }
--- a/pkg/graceful/with-interrupt.go
+++ b/pkg/graceful/with-interrupt.go
@ -0,0 +1,127 @@
 package graceful
 import (
 	"context"
 	"errors"
 	"fmt"
 	"os"
 	"os/signal"
 	"sync"
 	"time"
 	"github.com/rs/zerolog/log"
 	"go.uber.org/multierr"
 )
 func WithInterupt(ctx context.Context) context.Context {
 	log := log.Ctx(ctx)
 	ctx, cancel := context.WithCancel(ctx)
 	// Listen for Interrupt signals
 	c := make(chan os.Signal, 1)
 	signal.Notify(c, os.Interrupt)
 	go func() {
 		defer signal.Stop(c)
 		for {
 			select {
 			case <-c:
 				cancel()
 				log.Warn().Msg("Shutting down! interrupt received")
 				return
 			case <-ctx.Done():
 				log.Warn().Msg("Shutting down! context cancelled")
 				return
 			}
 		}
 	}()
 	return ctx
 }
 type contextKey struct{ string }
 var wgKey = contextKey{"waitgroup"}
 type wgContext struct {
 	wg  sync.WaitGroup
 	err error
 	ctx context.Context
 }
 func (wg *wgContext) String() string {
 	return fmt.Sprintf("WaitGroup[%v %v]", wg.err, wg.ctx)
 }
 type WG interface {
 	Wait(time.Duration) error
 	Go(func() error)
 }
 func WithWaitGroup(ctx context.Context) (context.Context, WG) {
 	if wg := WaitGroup(ctx); wg != nil {
 		return ctx, wg
 	}
 	wg := &wgContext{ctx: ctx}
 	return context.WithValue(ctx, wgKey, wg), wg
 }
 func WaitGroup(ctx context.Context) *wgContext {
 	if wg, ok := ctx.Value(wgKey).(*wgContext); ok {
 		return wg
 	}
 	return nil
 }
 func (wg *wgContext) Go(fn func() error) {
 	if wg == nil {
 		panic("nil wait group")
 	}
 	wg.Add(1)
 	go func() {
 		err := fn()
 		wg.err = multierr.Append(wg.err, err)
 		wg.Done()
 	}()
 }
 func (wg *wgContext) Add(n int) {
 	wg.wg.Add(n)
 }
 func (wg *wgContext) Done() {
 	wg.wg.Done()
 }
 func (wg *wgContext) Wait(gracetime time.Duration) error {
 	if wg == nil {
 		return nil
 	}
 	log := log.Ctx(wg.ctx)
 	ch := make(chan struct{})
 	go func() {
 		wg.wg.Wait()
 		close(ch)
 	}()
 	<-wg.ctx.Done()
 	wg.err = multierr.Append(wg.err, wg.ctx.Err())
 	log.Debug().Msg("shutdown begin")
 	timer := time.NewTimer(gracetime)
 	select {
 	case <-ch:
 	case <-timer.C:
 		wg.err = multierr.Append(wg.err, ErrExpiredGrace)
 	}
 	log.Debug().Msg("shutdown complete")
 	return wg.err
 }
 var ErrExpiredGrace = errors.New("grace time expired")
--- a/pkg/httpsrv/server.go
+++ b/pkg/httpsrv/server.go
@ -0,0 +1,46 @@
 package httpsrv
 import (
 	"context"
 	"net/http"
 	"time"
 	"github.com/rs/zerolog/log"
 	"github.com/sour-is/keyproofs/pkg/graceful"
 )
 type Server struct {
 	srv *http.Server
 }
 func New(s *http.Server) *Server {
 	return &Server{srv: s}
 }
 func (s *Server) Run(ctx context.Context) error {
 	log := log.Ctx(ctx)
 	wg := graceful.WaitGroup(ctx)
 	wg.Go(func() error {
 		<-ctx.Done()
 		log.Info().Msg("Shutdown HTTP")
 		ctx := context.Background()
 		ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
 		defer cancel()
 		err := s.srv.Shutdown(ctx)
 		if err != nil && err != http.ErrServerClosed {
 			return err
 		}
 		log.Info().Msg("Stopped  HTTP")
 		return nil
 	})
 	err := s.srv.ListenAndServe()
 	if err != nil && err != http.ErrServerClosed {
 		return err
 	}
 	return nil
 }
--- a/pkg/keyproofs/template.go
+++ b/pkg/keyproofs/template.go
@ -1,182 +0,0 @@
 package keyproofs
 type page struct {
 	Entity *Entity
 	Style  *Style
 	Proofs *Proofs
 	HasProofs  bool
 	IsComplete bool
 	Err        error
 }
 var pageTPL = `
 <html>
 <head>
 	{{if not .IsComplete}}<meta http-equiv="refresh" content="1">{{end}}
 	<script src="https://pagecdn.io/lib/font-awesome/5.14.0/js/fontawesome.min.js"                   crossorigin="anonymous" integrity="sha256-dNZKI9qQEpJG03MLdR2Rg9Dva1o+50fN3zmlDP+3I+Y="></script>
 	<link href="https://pagecdn.io/lib/bootstrap/4.5.1/css/bootstrap.min.css"       rel="stylesheet" crossorigin="anonymous" integrity="sha256-VoFZSlmyTXsegReQCNmbXrS4hBBUl/cexZvPmPWoJsY=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/fontawesome.min.css" rel="stylesheet" crossorigin="anonymous" integrity="sha256-7YMlwkILTJEm0TSengNDszUuNSeZu4KTN3z7XrhUQvc=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/solid.min.css"       rel="stylesheet" crossorigin="anonymous" integrity="sha256-s0DhrAmIsT5gZ3X4f+9wIXUbH52CMiqFAwgqCmdPoec=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/regular.min.css"     rel="stylesheet" crossorigin="anonymous" integrity="sha256-FAKIbnpfWhK6v5Re+NAi9n+5+dXanJvXVFohtH6WAuw=" >
 	<link href="https://pagecdn.io/lib/font-awesome/5.14.0/css/brands.min.css"      rel="stylesheet" crossorigin="anonymous" integrity="sha256-xN44ju35FR+kTO/TP/UkqrVbM3LpqUI1VJCWDGbG1ew=" >
 {{ with .Style }}
 	<style>
 		{{range $i, $val := .Palette}}.fg-color-{{$i}} { color: {{$val}}; }
 		{{end}}
 		{{range $i, $val := .Palette}}.bg-color-{{$i}} { background-color: {{$val}}; }
 		{{end}}
 		body {
 			background-image: url('{{.Background}}');
 			background-repeat: repeat;
 			background-color: {{index .Palette 7}};
 			padding-top: 1em;
 		}
 		.heading {
 			background-image: url('{{.Cover}}');
 			background-size: cover;
 			background-repeat: no-repeat;
 			background-color: {{index .Palette 3}};
 		}
 		.shade { background-color: {{index .Palette 3}}80; border-radius: .25rem;}
 		.lead { padding:0; margin:0;  }
 		@media only screen and (max-width: 768px) {
 			 .center-xs { text-align: center; width: 100% }
 			 .center-sm { text-align: center; width: 100% }
 			 .center-md { text-align: center; width: 100% }
 			 h1, h2, h3, h4, h5, h6, .lead  { font-size: 75% }
 			}
 		 @media only screen and (max-width: 576px) {
 			.center-xs { text-align: center; width: 100% }
 			.center-sm { text-align: center; width: 100% }
 			.center-md { text-align: center; width: 100% }
 			h1, h2, h3, h4, h5, h6, .lead  { font-size: 75% }
 		}
 		@media only screen and (max-width: 0) {
 			.center-xs { text-align: center; width: 100% }
 			.center-sm { text-align: center; width: 100% }
 			.center-md { text-align: center; width: 100% }
 			h1, h2, h3, h4, h5, h6, .lead { font-size: 60% }
 		}
 	</style>
 {{end}}
 </head>
 <body>
 	<div class="container">
 	<div class="card">
 		<div class="jumbotron heading">
 		<div class="container">
 			<div class="row shade">
 				{{ with .Err }}
 					<div class="col-xs center-md">
 						<i class="fas fa-exclamation-triangle fa-4x fg-color-11"></i>
 					</div>
 					<div class="col-md">
 						<h1 class="display-8 fg-color-8">Something went wrong...</h1>
 						<pre class="fg-color-11">{{.}}</pre>
 					</div>
 				{{else}}
 					{{ with .Style }}
 						<div class="col-xs center-md">
 							<img src="{{.Avatar}}" class="img-thumbnail" alt="avatar" style="width:88px; height:88px">
 						</div>
 					{{end}}
 					{{with .Entity}}
 						<div class="col-md center-md">
 							<h1 class="display-8 fg-color-8">{{.Primary.Name}}</h1>
 							<p class="lead fg-color-11"><i class="fas fa-fingerprint"></i> {{.Fingerprint}}</p>
 						</div>
 						<div class="col-xs center-md">
 							<img src="/qr?s=-2&c=OPENPGP4FPR%3A{{.Fingerprint}}" class="img-thumbnail" alt="qrcode" style="width:88px; height:88px">
 						</div>
 					{{else}}
 						<div class="col-md">
 							<h1 class="display-8 fg-color-8">Loading...</h1>
 							<p class="lead fg-color-11">Reading key from remote service.</p>
 						</div>
 					{{end}}
 				{{end}}
 			</div>
 		</div>
 		</div>
 		<div class="container">
 		{{ with .Entity }}
 		 	<div class="card">
 				<div class="card-header">Contact</div>
 				<div class="list-group list-group-flush">
 					{{with .Primary}}<a href="mailto:{{.Address}}" class="list-group-item list-group-item-action"><i class="fas fa-envelope"></i> <b>{{.Name}} &lt;{{.Address}}&gt;</b> <span class="badge badge-secondary">Primary</span></a>{{end}}
 					{{range .Emails}}<a href="mailto:{{.Address}}" class="list-group-item list-group-item-action"><i class="far fa-envelope"></i> {{.Name}} &lt;{{.Address}}&gt;</a>{{end}}
 				</div>
 			</div>
 			<br />
 		{{end}}
 		{{if .HasProofs}}
 		{{with .Proofs}}
 			<div class="card">
 				<div class="card-header">Proofs</div>
 				<ul class="list-group list-group-flush">
 					{{range .}}
 					<li class="list-group-item">
 						<div class="d-flex w-100 justify-content-between">
 						<div>
 						<a title="{{.Link}}" class="font-weight-bold" href="{{.Link}}">
 							<i title="{{.Service}}" class="{{.Icon}}"></i>
 							{{.Name}}
 						</a>
 						{{if eq .Status 0}}
 							<a class="text-muted" href="{{.Verify}}"> <i class="fas fa-ellipsis-h"> Checking</i></a>
 						{{else if eq .Status 1}}
 							<a class="text-warning" href="{{.Verify}}"> <i class="fas fa-exclamation-triangle"></i> Error</a>
 						{{else if eq .Status 2}}
 							<a class="text-danger" href="{{.Verify}}"> <i class="far fa-times-circle"></i> Invalid</a>
 						{{else if eq .Status 3}}
 							<a class="text-success" href="{{.Verify}}"> <i class="far fa-check-square"></i> Verified</a>
 						{{end}}
 						</div>
 						<div>
 						{{if eq .Service "xmpp"}}
 							<img src="/qr?s=-2&c={{.Link}}" alt="qrcode" style="width:88px; height:88px">
 						{{end}}
 						</div>
 						</div>
 					</li>
 					{{end}}
 				</ul>
 			</div>
 			<br/>
 		{{else}}
 			<div class="card">
 				<div class="card-header">Proofs</div>
 				<div class="card-body">Loading...</div>
 			</div>
 			<br/>
 		{{end}}
 		{{end}}
 		</div>
 		<div class="card-footer text-muted text-center">
 			&copy; 2020 Sour.is | <a href="/id/me@sour.is">About me</a> | <a href="https://github.com/sour-is/keyproofs">GitHub</a> | Inspired by <a href="https://keyoxide.org/">keyoxide</a>
 		</div>
 	</div>
 	</div>
 </body>
 </html>
 `
--- a/pkg/opgp/entity/entity.go
+++ b/pkg/opgp/entity/entity.go
@ -0,0 +1,89 @@
 package entity
 import (
 	"fmt"
 	"io"
 	"net/mail"
 	"github.com/sour-is/crypto/openpgp"
 	"github.com/sour-is/crypto/openpgp/packet"
 )
 type Key string
 func (k Key) Key() interface{} {
 	return k
 }
 type Entity struct {
 	Primary       *mail.Address
 	SelfSignature *packet.Signature
 	Emails        []*mail.Address
 	Fingerprint   string
 	Proofs        []string
 	ArmorText     string
 	entity        *openpgp.Entity
 }
 func (e *Entity) Serialize(f io.Writer) error {
 	return e.entity.Serialize(f)
 }
 func GetOne(lis openpgp.EntityList) (*Entity, error) {
 	entity := &Entity{}
 	var err error
 	for _, e := range lis {
 		if e == nil {
 			continue
 		}
 		if e.PrimaryKey == nil {
 			continue
 		}
 		entity.entity = e
 		entity.Fingerprint = fmt.Sprintf("%X", e.PrimaryKey.Fingerprint)
 		for name, ident := range e.Identities {
 			// Pick first identity
 			if entity.Primary == nil {
 				entity.Primary, err = mail.ParseAddress(name)
 				if err != nil {
 					return entity, err
 				}
 			}
 			// If one is marked primary use that
 			if ident.SelfSignature != nil && ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
 				entity.Primary, err = mail.ParseAddress(name)
 				if err != nil {
 					return entity, err
 				}
 			} else {
 				var email *mail.Address
 				if email, err = mail.ParseAddress(name); err != nil {
 					return entity, err
 				}
 				if email.Address != entity.Primary.Address {
 					entity.Emails = append(entity.Emails, email)
 				}
 			}
 			// If identity is self signed read notation data.
 			if ident.SelfSignature != nil && ident.SelfSignature.NotationData != nil {
 				entity.SelfSignature = ident.SelfSignature
 				// Get proofs and append to list.
 				if proofs, ok := ident.SelfSignature.NotationData["proof@metacode.biz"]; ok {
 					entity.Proofs = append(entity.Proofs, proofs...)
 				}
 			}
 		}
 		break
 	}
 	if entity.Primary == nil {
 		entity.Primary, _ = mail.ParseAddress("nobody@nodomain.xyz")
 	}
 	return entity, err
 }
--- a/pkg/keyproofs/opengpg.go
+++ b/pkg/keyproofs/opengpg.go
@ -1,4 +1,4 @@
-package keyproofs
+package opgp
 import (
 	"bytes"
@ -13,21 +13,27 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/sour-is/crypto/openpgp"
 	"github.com/sour-is/keyproofs/pkg/opgp/entity"
 	"github.com/tv42/zbase32"
 	"golang.org/x/crypto/openpgp/armor"
 )
-func getOpenPGPkey(ctx context.Context, id string) (entity *Entity, err error) {
+func GetKey(ctx context.Context, id string) (entity *entity.Entity, err error) {
 	if isFingerprint(id) {
 		addr := "https://keys.openpgp.org/vks/v1/by-fingerprint/" + strings.ToUpper(id)
 		return getEntityHTTP(ctx, addr, true)
 	} else if email, err := mail.ParseAddress(id); err == nil {
-		addr := getWKDPubKeyAddr(email)
+		addr, advAddr := getWKDPubKeyAddr(email)
 		req, err := getEntityHTTP(ctx, addr, false)
 		if err == nil {
 			return req, err
 		}
 		req, err = getEntityHTTP(ctx, advAddr, false)
 		if err == nil {
 			return req, err
 		}
 		addr = "https://keys.openpgp.org/vks/v1/by-email/" + url.QueryEscape(id)
 		return getEntityHTTP(ctx, addr, true)
 	} else {
@ -35,7 +41,7 @@ func getOpenPGPkey(ctx context.Context, id string) (entity *Entity, err error) {
 	}
 }
-func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *Entity, err error) {
+func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *entity.Entity, err error) {
 	log := log.Ctx(ctx)
 	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
@ -44,16 +50,15 @@ func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *En
 	}
 	cl := http.Client{}
 	resp, err := cl.Do(req)
 	if err != nil {
 		return entity, fmt.Errorf("Requesting key: %w\nRemote URL: %v", err, url)
 	}
 	log.Debug().
 		Bool("useArmored", useArmored).
 		Str("status", resp.Status).
 		Str("url", url).
 		Msg("getEntityHTTP")
 	if err != nil {
 		return entity, fmt.Errorf("Requesting key: %w\nRemote URL: %v", err, url)
 	}
 	if resp.StatusCode != 200 {
 		return entity, fmt.Errorf("bad response from remote: %s\nRemote URL: %v", resp.Status, url)
 	}
@ -67,83 +72,17 @@ func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *En
 	return ReadKey(resp.Body, useArmored)
 }
-type EntityKey string
+func ReadKey(r io.Reader, useArmored bool) (e *entity.Entity, err error) {
 func (k EntityKey) Key() interface{} {
 	return k
 }
 type Entity struct {
 	Primary     *mail.Address
 	Emails      []*mail.Address
 	Fingerprint string
 	Proofs      []string
 	ArmorText   string
 }
 func getEntity(lis openpgp.EntityList) (*Entity, error) {
 	entity := &Entity{}
 	var err error
 	for _, e := range lis {
 		if e == nil {
 			continue
 		}
 		if e.PrimaryKey == nil {
 			continue
 		}
 		entity.Fingerprint = fmt.Sprintf("%X", e.PrimaryKey.Fingerprint)
 		for name, ident := range e.Identities {
 			// Pick first identity
 			if entity.Primary == nil {
 				entity.Primary, err = mail.ParseAddress(name)
 				if err != nil {
 					return entity, err
 				}
 			}
 			// If one is marked primary use that
 			if ident.SelfSignature != nil && ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
 				entity.Primary, err = mail.ParseAddress(name)
 				if err != nil {
 					return entity, err
 				}
 			} else {
 				var email *mail.Address
 				if email, err = mail.ParseAddress(name); err != nil {
 					return entity, err
 				}
 				if email.Address != entity.Primary.Address {
 					entity.Emails = append(entity.Emails, email)
 				}
 			}
 			// If identity is self signed read notation data.
 			if ident.SelfSignature != nil && ident.SelfSignature.NotationData != nil {
 				// Get proofs and append to list.
 				if proofs, ok := ident.SelfSignature.NotationData["proof@metacode.biz"]; ok {
 					entity.Proofs = append(entity.Proofs, proofs...)
 				}
 			}
 		}
 		break
 	}
 	if entity.Primary == nil {
 		entity.Primary, _ = mail.ParseAddress("nobody@nodomain.xyz")
 	}
 	return entity, err
 }
 func ReadKey(r io.Reader, useArmored bool) (e *Entity, err error) {
 	var buf bytes.Buffer
 	var w io.Writer = &buf
 	e = &entity.Entity{}
-	e = &Entity{}
+	defer func() {
 		if e != nil {
 			e.ArmorText = buf.String()
 		}
 	}()
 	if !useArmored {
 		var aw io.WriteCloser
@ -155,11 +94,6 @@ func ReadKey(r io.Reader, useArmored bool) (e *Entity, err error) {
 		w = aw
 	}
 	defer func() {
 		if e != nil {
 			e.ArmorText = buf.String()
 		}
 	}()
 	r = io.TeeReader(r, w)
@ -174,7 +108,7 @@ func ReadKey(r io.Reader, useArmored bool) (e *Entity, err error) {
 		return e, fmt.Errorf("Read key: %w", err)
 	}
-	e, err = getEntity(lis)
+	e, err = entity.GetOne(lis)
 	if err != nil {
 		return e, fmt.Errorf("Parse key: %w", err)
 	}
@ -194,11 +128,11 @@ func isFingerprint(s string) bool {
 	return true
 }
-func getWKDPubKeyAddr(email *mail.Address) string {
+func getWKDPubKeyAddr(email *mail.Address) (string, string) {
 	parts := strings.SplitN(email.Address, "@", 2)
 	hash := sha1.Sum([]byte(parts[0]))
 	lp := zbase32.EncodeToString(hash[:])
-	return fmt.Sprintf("https://%s/.well-known/openpgpkey/hu/%s", parts[1], lp)
+	return fmt.Sprintf("https://%s/.well-known/openpgpkey/hu/%s", parts[1], lp),
 		fmt.Sprintf("https://openpgpkey.%s/.well-known/openpgpkey/hu/%s/%s", parts[1], parts[1], lp)
 }
--- a/pkg/keyproofs/style.go
+++ b/pkg/keyproofs/style.go
@ -1,4 +1,4 @@
-package keyproofs
+package style
 import (
 	"context"
@ -11,9 +11,11 @@ import (
 	"github.com/rs/zerolog/log"
 )
-type StyleKey string
+var pixl = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkYAAAAAYAAjCB0C8AAAAASUVORK5CYII="
-func (s StyleKey) Key() interface{} {
+type Key string
 func (s Key) Key() interface{} {
 	return s
 }
@ -25,10 +27,10 @@ type Style struct {
 	Palette []string
 }
-func (s *identity) getStyle(ctx context.Context, email string) (*Style, error) {
+func GetStyle(ctx context.Context, email string) (*Style, error) {
 	log := log.Ctx(ctx)
-	avatarHost, styleHost, err := styleSRV(ctx, email)
+	avatarHost, styleHost, err := GetSRV(ctx, email)
 	if err != nil {
 		return nil, err
 	}
@ -37,15 +39,14 @@ func (s *identity) getStyle(ctx context.Context, email string) (*Style, error) {
 	hash := md5.New()
 	email = strings.TrimSpace(strings.ToLower(email))
 	_, _ = hash.Write([]byte(email))
 	id := hash.Sum(nil)
 	style := &Style{}
-	style.Palette = getPalette(fmt.Sprintf("#%x", id[:3]))
+	style.Palette = GetPalette(fmt.Sprintf("#%x", id[:3]))
 	style.Avatar = fmt.Sprintf("https://%s/avatar/%x", avatarHost, id)
 	style.Cover = pixl
-	style.Background = "https://lavana.sour.is/bg/52548b3dcb032882675afe1e4bcba0e9"
+	style.Background = pixl
 	if styleHost != "" {
 		style.Cover = fmt.Sprintf("https://%s/cover/%x", styleHost, id)
@ -55,11 +56,11 @@ func (s *identity) getStyle(ctx context.Context, email string) (*Style, error) {
 	return style, err
 }
-func styleSRV(ctx context.Context, email string) (avatar string, style string, err error) {
+func GetSRV(ctx context.Context, email string) (avatar string, style string, err error) {
 	// Defaults
 	style = ""
-	avatar = "www.gravatar.com"
+	avatar = "www.libravatar.org"
 	parts := strings.SplitN(email, "@", 2)
 	if _, srv, err := net.DefaultResolver.LookupSRV(ctx, "style-sec", "tcp", parts[1]); err == nil {
@ -83,7 +84,7 @@ func styleSRV(ctx context.Context, email string) (avatar string, style string, e
 }
 // getPalette maes a complementary color palette. https://play.golang.org/p/nBXLUocGsU5
-func getPalette(hex string) []string {
+func GetPalette(hex string) []string {
 	reference, _ := colorful.Hex(hex)
 	reference = sat(lum(reference, 0, .5), 0, .5)
--- a/sour.is-keyproofs.service
+++ b/sour.is-keyproofs.service
@ -1,10 +1,11 @@
 [Unit]
-Description=sour.is paste API
+Description=sour.is KeyProofs API
 After=syslog.target network.target
 [Service]
 Type=simple
 User=www-data
 Group=www-data
 WorkingDirectory=/var/www
 ExecStart=/usr/local/bin/sour.is-keyproofs
--- a/version.sh
+++ b/version.sh
@ -1,8 +1,8 @@
 #!/bin/bash
 # Increment a version string using Semantic Versioning (SemVer) terminology.
 # Parse command line options.
 BUMP="${BUMP:="$1"}"
 case $BUMP in
  current ) ;;
@ -11,43 +11,43 @@ case $BUMP in
  patch   ) patch=true;;
 esac
-version=$(git describe --tags `git rev-list --tags --max-count=1 2> /dev/null` 2> /dev/null|cut -b2-)
+version=$(git describe --tags "$(git rev-list --tags --max-count=1 2> /dev/null)" 2> /dev/null|cut -b2-)
 # Build array from version string.
-a=( ${version//./ } )
+IFS="." read -r -a a <<< "$version"
 # If version string is missing or has the wrong number of members, show usage message.
 if [ ${#a[@]} -ne 3 ]
 then
  version=0.0.0
-  a=( ${version//./ } )
+  IFS="." read -r -a a <<< "$version"
 fi
 # Increment version numbers as requested.
-if [ ! -z $major ]
+if [ -n "$major" ]
 then
  ((a[0]++))
  a[1]=0
  a[2]=0
 fi
-if [ ! -z $minor ]
+if [ -n "$minor" ]
 then
  ((a[1]++))
  a[2]=0
 fi
-if [ ! -z $patch ]
+if [ -n "$patch" ]
 then
  ((a[2]++))
 fi
 if git status --porcelain >/dev/null
 then
-  echo "${a[0]}.${a[1]}.${a[2]}"
+  echo "v${a[0]}.${a[1]}.${a[2]}"
 else
-  echo "${a[0]}.${a[1]}.${a[2]}-dirty"
+  echo "v${a[0]}.${a[1]}.${a[2]}-dirty"
 fi
Author	SHA1	Message	Date
xuu	8feb86948e	fix: imports	2023-05-29 13:31:54 -06:00
Jon Lundy	8ccdd9e013	fix: version generate	2023-01-06 13:30:33 -07:00
Jon Lundy	e6a79496e8	save changes	2021-12-12 06:34:58 -07:00
Jon Lundy	5c584680a4	fix: advanced url fix	2021-11-15 15:15:06 -07:00
Jon Lundy	ea0289c2ac	remove domain	2021-02-03 17:03:16 -07:00
Jon Lundy	e6fe68a548	Merge branch 'main' of github.com:sour-is/keyproofs into main	2020-12-18 10:33:19 -07:00
Jon Lundy	cefa2d7874	fix: wkd handling for domains	2020-12-18 10:33:12 -07:00
Jon Lundy	eefe823632	Create go.yml	2020-12-15 15:50:33 -07:00
Jon Lundy	50a3399718	update deps	2020-12-09 08:22:34 -07:00
Jon Lundy	c00d091ed2	refactor out into packages for easier unit test writing	2020-12-04 11:36:24 -07:00
Jon Lundy	9db6377526	use cname instead of resove it for wkd	2020-12-03 13:40:39 -07:00
Jon Lundy	b8be51799c	fix error in xmpp	2020-12-03 12:38:26 -07:00
Jon Lundy	caa625e2d1	finish wkd store. add hkp key updates.	2020-12-03 12:32:24 -07:00
Jon Lundy	05df6253db	fixes to gpg key and twt proofs	2020-12-02 09:27:23 -07:00
Jon Lundy	b294d4fdc8	add additional url point for twtxt	2020-12-01 12:28:56 -07:00
Jon Lundy	90bba0e527	adding twtxt proofs	2020-12-01 12:24:35 -07:00
Jon Lundy	b3922980db	add image resize, default avatars, and other fixes	2020-11-30 11:54:52 -07:00
Jon Lundy	7878834155	fixes and such	2020-11-30 11:53:49 -07:00
Jon Lundy	8f48e36da8	fix missing files	2020-11-28 15:17:44 -07:00
Jon Lundy	7e3eee56e0	push tags on create	2020-11-28 15:14:02 -07:00
Jon Lundy	616997fdc6	add libravatar/style endpoint	2020-11-28 15:11:49 -07:00
Jon Lundy	b56f27dcfb	update template	2020-11-25 10:49:26 -07:00
Jon Lundy	819cc1ba64	update styles and add home page	2020-11-24 21:59:48 -07:00
Jon Lundy	7b285f38ab	Merge branch 'main' of github.com:sour-is/keyproofs into main	2020-11-23 20:46:53 -07:00
Jon Lundy	7d1463296d	add app name and version	2020-11-23 20:46:46 -07:00
Jon Lundy	ed68ce9254	Update README.md	2020-11-23 15:12:39 -07:00
Jon Lundy	2b0b454063	remove binary	2020-11-23 14:59:41 -07:00
Jon Lundy	a344a32fc4	remove binary	2020-11-23 14:57:42 -07:00