1 c418ae42 2021-02-13 op These last twenty days were pretty productive on the gmid front: I ended up doing way more things that I had planned for this v1.5 release.
3 c418ae42 2021-02-13 op The headlines are the automatic sandboxing on OpenBSD, FreeBSD and linux and the introduction of the configuration file, but you’ll find the whole change log at the end of this entry.
5 c418ae42 2021-02-13 op On OpenBSD pledge and unveil were already in place, but their usage has been improved during this release cycle: the daemon was split into two processes that run with different pledges. This enabled also the usage of capsicum on FreeBSD and seccomp on linux. Always in the same spirit, support for chroot and privilege dropping has been added, so it’s safe to start the daemon with root privileges.
7 c418ae42 2021-02-13 op => /post/gmid-sandbox.gmi Read “Comparing sandboxing techniques” for more information.
9 c418ae42 2021-02-13 op With this release gmid has two modes: a daemon mode and a config-less mode. The config-less mode is similar to how gmid operated until now (i.e. running from the command line) and has been improved with an automatic certificate generation, while the daemon more is more akin to “normal” network daemons and needs a configuration file.
11 c418ae42 2021-02-13 op The configuration file syntax has been inspired from OpenBSD’ httpd and is quite flexible. It supports a wide range of customizable parameters and location blocks to alter the behaviour per matching path.
15 c418ae42 2021-02-13 op ## v1.5 “Interstellar Overdrive” Changelog
17 c418ae42 2021-02-13 op ### New features
19 c418ae42 2021-02-13 op * vhost support
20 c418ae42 2021-02-13 op * configuration file
21 c418ae42 2021-02-13 op * sandboxed by default on OpenBSD, FreeBSD and linux
22 c418ae42 2021-02-13 op * customize the accepted TLS version
23 c418ae42 2021-02-13 op * customizable default type
24 c418ae42 2021-02-13 op * customizable mime mappings
25 c418ae42 2021-02-13 op * provide a dockerfile
26 c418ae42 2021-02-13 op * provide a lang parameter when serving text/gemini files
27 c418ae42 2021-02-13 op * added a ‘configure’ script
28 c418ae42 2021-02-13 op * customizable directory index
29 c418ae42 2021-02-13 op * directory listings (disabled by default)
30 c418ae42 2021-02-13 op * [config] location blocks support
31 c418ae42 2021-02-13 op * chroot support
32 c418ae42 2021-02-13 op * punycode support
34 c418ae42 2021-02-13 op ### Improvements
36 c418ae42 2021-02-13 op * log ip, port, full request and response code (even for CGI scripts)
37 c418ae42 2021-02-13 op * host name matching with globbing rules
38 c418ae42 2021-02-13 op * automatically generate TLS certificates when running in config-less mode and no certificate was found
42 c418ae42 2021-02-13 op * [IRI] normalize scheme
43 c418ae42 2021-02-13 op * [IRI] normalize hostnames
44 c418ae42 2021-02-13 op * [IRI] accept a wider range of codepoints in hostnames
45 c418ae42 2021-02-13 op * set SERVER_NAME when executing CGI scripts
47 c418ae42 2021-02-13 op ### Breaking changes
49 c418ae42 2021-02-13 op * removed -C, -K flags
50 c418ae42 2021-02-13 op * -d changed meaning: the directory to serve is now given as positional parameter and -d is used to specify the directory for the TLS certificates (either autogenerated or not.)
