1 f28d96d3 2021-01-25 op .\" Copyright (c) 2021 Omar Polo <op@omarpolo.com>
  2 3e4749f7 2020-10-02 op .\"
  3 3e4749f7 2020-10-02 op .\" Permission to use, copy, modify, and distribute this software for any
  4 3e4749f7 2020-10-02 op .\" purpose with or without fee is hereby granted, provided that the above
  5 3e4749f7 2020-10-02 op .\" copyright notice and this permission notice appear in all copies.
  6 3e4749f7 2020-10-02 op .\"
  7 3e4749f7 2020-10-02 op .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  8 3e4749f7 2020-10-02 op .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  9 3e4749f7 2020-10-02 op .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 10 3e4749f7 2020-10-02 op .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 11 3e4749f7 2020-10-02 op .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 12 3e4749f7 2020-10-02 op .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 13 3e4749f7 2020-10-02 op .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 14 39a7b611 2021-01-30 op .Dd $Mdocdate: January 30 2021$
 15 3e4749f7 2020-10-02 op .Dt GMIND 1
 16 3e4749f7 2020-10-02 op .Os
 17 3e4749f7 2020-10-02 op .Sh NAME
 18 3e4749f7 2020-10-02 op .Nm gmid
 19 714685c1 2021-01-30 op .Nd simple and secure Gemini server
 20 3e4749f7 2020-10-02 op .Sh SYNOPSIS
 21 3e4749f7 2020-10-02 op .Nm
 22 3e4749f7 2020-10-02 op .Bk -words
 23 46af8c6c 2021-01-27 op .Op Fl fn
 24 15902770 2021-01-15 op .Op Fl c Ar config
 25 15902770 2021-01-15 op |
 26 8904fa0e 2021-01-27 op .Op Fl 6hv
 27 f28d96d3 2021-01-25 op .Op Fl d Pa certs-dir
 28 f28d96d3 2021-01-25 op .Op Fl H Ar hostname
 29 721e2325 2020-11-18 op .Op Fl p Ar port
 30 f28d96d3 2021-01-25 op .Op Fl x Pa cgi
 31 f28d96d3 2021-01-25 op .Op Pa dir
 32 3e4749f7 2020-10-02 op .Ek
 33 3e4749f7 2020-10-02 op .Sh DESCRIPTION
 34 3e4749f7 2020-10-02 op .Nm
 35 b9220ca4 2021-01-11 op is a simple and minimal gemini server that can serve static files and
 36 b9220ca4 2021-01-11 op execute CGI scripts.
 37 eb699783 2021-01-18 op It can run without a configuration file with a limited set of features
 38 eb699783 2021-01-18 op available.
 39 eb699783 2021-01-18 op If a configuration file is given, no other flags shall be given,
 40 eb699783 2021-01-18 op except for
 41 46af8c6c 2021-01-27 op .Fl f
 42 46af8c6c 2021-01-27 op and
 43 eb699783 2021-01-18 op .Fl n .
 44 3e4749f7 2020-10-02 op .Pp
 45 eb699783 2021-01-18 op The options are as follows:
 46 f28d96d3 2021-01-25 op .Bl -tag -width 14m
 47 eb699783 2021-01-18 op .It Fl c Pa config
 48 f28d96d3 2021-01-25 op Specify the configuration file.
 49 46af8c6c 2021-01-27 op .It Fl f
 50 46af8c6c 2021-01-27 op Stays and logs on the foreground.
 51 eb699783 2021-01-18 op .It Fl n
 52 eb699783 2021-01-18 op Check that the configuration is valid, but don't start the server.
 53 eb699783 2021-01-18 op .El
 54 3e4749f7 2020-10-02 op .Pp
 55 eb699783 2021-01-18 op If no configuration file is given,
 56 fab952e1 2020-10-03 op .Nm
 57 f28d96d3 2021-01-25 op will look for the following options
 58 f28d96d3 2021-01-25 op .Bl -tag -width 14m
 59 85dff1f9 2021-01-11 op .It Fl 6
 60 85dff1f9 2021-01-11 op Enable IPv6.
 61 f28d96d3 2021-01-25 op .It Fl d Pa certs-path
 62 f28d96d3 2021-01-25 op Directory where certificates for the config-less mode are stored.
 63 f28d96d3 2021-01-25 op By default is
 64 f28d96d3 2021-01-25 op .Pa $XDG_DATA_HOME/gmid ,
 65 f28d96d3 2021-01-25 op i.e.
 66 f28d96d3 2021-01-25 op .Pa ~/.local/share/gmid .
 67 71cf3975 2021-01-25 op .It Fl H Ar hostname
 68 f28d96d3 2021-01-25 op The hostname, by default
 69 f28d96d3 2021-01-25 op .Ar localhost .
 70 f28d96d3 2021-01-25 op Certificates for the given
 71 f28d96d3 2021-01-25 op .Ar hostname
 72 f28d96d3 2021-01-25 op are searched inside the
 73 f28d96d3 2021-01-25 op .Pa certs-dir
 74 f28d96d3 2021-01-25 op directory given with the
 75 f28d96d3 2021-01-25 op .Fl d
 76 f28d96d3 2021-01-25 op option.
 77 714685c1 2021-01-30 op They have the form
 78 f28d96d3 2021-01-25 op .Pa hostname.cert.pem
 79 f28d96d3 2021-01-25 op and
 80 f28d96d3 2021-01-25 op .Pa hostname.key.pem .
 81 f28d96d3 2021-01-25 op If a certificate and key doesn't exists for a given hostname they
 82 714685c1 2021-01-30 op will be automatically generated.
 83 3e4749f7 2020-10-02 op .It Fl h
 84 fab952e1 2020-10-03 op Print the usage and exit.
 85 721e2325 2020-11-18 op .It Fl p Ar port
 86 eb699783 2021-01-18 op The port to listen on, by default 1965.
 87 8904fa0e 2021-01-27 op .It Fl v
 88 8904fa0e 2021-01-27 op Increase the verbosity of the logs.
 89 f28d96d3 2021-01-25 op .It Fl x Pa path
 90 eb699783 2021-01-18 op Enable execution of CGI scripts.
 91 eb699783 2021-01-18 op See the description of the
 92 eb699783 2021-01-18 op .Ic cgi
 93 eb699783 2021-01-18 op option in the section
 94 eb699783 2021-01-18 op .Sq Servers
 95 eb699783 2021-01-18 op below to learn how
 96 f28d96d3 2021-01-25 op .Pa path
 97 eb699783 2021-01-18 op is processed.
 98 eb699783 2021-01-18 op Cannot be provided more than once.
 99 f28d96d3 2021-01-25 op .It Pa dir
100 f28d96d3 2021-01-25 op The root directory to serve.
101 f28d96d3 2021-01-25 op By default the current working directory is assumed.
102 3e4749f7 2020-10-02 op .El
103 eb699783 2021-01-18 op .Sh CONFIGURATION FILE
104 eb699783 2021-01-18 op The configuration file is divided into two sections:
105 eb699783 2021-01-18 op .Bl -tag -width xxxx
106 eb699783 2021-01-18 op .It Sy Global Options
107 eb699783 2021-01-18 op Global settings for
108 eb699783 2021-01-18 op .Nm .
109 eb699783 2021-01-18 op .It Sy Servers
110 f28d96d3 2021-01-25 op Virtual hosts definition.
111 eb699783 2021-01-18 op .El
112 eb699783 2021-01-18 op .Pp
113 eb699783 2021-01-18 op Within the sections, empty lines are ignored and comments can be put
114 eb699783 2021-01-18 op anywhere in the file using a hash mark
115 eb699783 2021-01-18 op .Pq Sq # ,
116 eb699783 2021-01-18 op and extend to the end of the current line.
117 eb699783 2021-01-18 op A boolean is either the symbol
118 eb699783 2021-01-18 op .Sq on
119 eb699783 2021-01-18 op or
120 eb699783 2021-01-18 op .Sq off .
121 f28d96d3 2021-01-25 op A string is a sequence of characters wrapped in double quotes,
122 f28d96d3 2021-01-25 op .Dq like this .
123 eb699783 2021-01-18 op .Ss Global Options
124 eb699783 2021-01-18 op .Bl -tag -width 12m
125 eb699783 2021-01-18 op .It Ic ipv6 Ar bool
126 eb699783 2021-01-18 op Enable or disable IPv6 support.
127 eb699783 2021-01-18 op By default is off.
128 eb699783 2021-01-18 op .It Ic port Ar portno
129 eb699783 2021-01-18 op The port to listen on.
130 eb699783 2021-01-18 op By default is 1965.
131 eb699783 2021-01-18 op .It Ic protocols Ar string
132 eb699783 2021-01-18 op Specify the TLS protocols to enable.
133 eb699783 2021-01-18 op Refer to
134 eb699783 2021-01-18 op .Xr tls_config_parse_protocols 3
135 eb699783 2021-01-18 op for the valid protocol string values.
136 714685c1 2021-01-30 op By default, both TLSv1.3 and TLSv1.2 are enabled.
137 eb699783 2021-01-18 op Use
138 eb699783 2021-01-18 op .Dq tlsv1.3
139 eb699783 2021-01-18 op to enable only TLSv1.3.
140 eb699783 2021-01-18 op .It Ic mime Ar mime-type Ar file-extension
141 eb699783 2021-01-18 op Add a mapping for the given
142 eb699783 2021-01-18 op .Ar file-extension
143 eb699783 2021-01-18 op to the given
144 eb699783 2021-01-18 op .Ar mime-type .
145 eb699783 2021-01-18 op Both argument are strings.
146 ae08ec7d 2021-01-25 op .It Ic chroot Pa path
147 ae08ec7d 2021-01-25 op .Xr chroot 2
148 ae08ec7d 2021-01-25 op the process to the given
149 ae08ec7d 2021-01-25 op .Pa path .
150 ae08ec7d 2021-01-25 op The daemon has to be run with root privileges and thus the option
151 ae08ec7d 2021-01-25 op .Ic user
152 714685c1 2021-01-30 op needs to be provided, so privileges can be dropped.
153 714685c1 2021-01-30 op Note that
154 ae08ec7d 2021-01-25 op .Nm
155 714685c1 2021-01-30 op will enter the chroot after loading the TLS keys, but before opening
156 714685c1 2021-01-30 op the virtual host root directories.
157 714685c1 2021-01-30 op It's recommended to keep the TLS keys outside the chroot.
158 ae08ec7d 2021-01-25 op Future version of
159 ae08ec7d 2021-01-25 op .Nm
160 ae08ec7d 2021-01-25 op may require this.
161 ae08ec7d 2021-01-25 op .It Ic user Ar string
162 ae08ec7d 2021-01-25 op Run the daemon as the given user.
163 eb699783 2021-01-18 op .El
164 eb699783 2021-01-18 op .Ss Servers
165 eb699783 2021-01-18 op Every virtual host is defined by a
166 eb699783 2021-01-18 op .Ic server
167 eb699783 2021-01-18 op block:
168 eb699783 2021-01-18 op .Bl -tag -width Ds
169 eb699783 2021-01-18 op .It Ic server Ar hostname Brq ...
170 75fbb178 2021-01-28 op Match the server name using shell globbing rules.
171 75fbb178 2021-01-28 op This can be an explicit name,
172 de27389e 2021-01-21 op .Ar www.example.com ,
173 de27389e 2021-01-21 op or a name including a wildcards,
174 de27389e 2021-01-21 op .Ar *.example.com .
175 eb699783 2021-01-18 op .El
176 eb699783 2021-01-18 op .Pp
177 eb699783 2021-01-18 op Followed by a block of options that is enclosed in curly brackets:
178 eb699783 2021-01-18 op .Bl -tag -width Ds
179 eb699783 2021-01-18 op .It Ic cert Pa file
180 eb699783 2021-01-18 op Path to the certificate to use for this server.
181 eb699783 2021-01-18 op The
182 eb699783 2021-01-18 op .Pa file
183 eb699783 2021-01-18 op should contain a PEM encoded certificate.
184 eb699783 2021-01-18 op This option is mandatory.
185 eb699783 2021-01-18 op .It Ic key Pa file
186 eb699783 2021-01-18 op Specify the private key to use for this server.
187 eb699783 2021-01-18 op The
188 eb699783 2021-01-18 op .Pa file
189 eb699783 2021-01-18 op should contain a PEM encoded private key.
190 eb699783 2021-01-18 op This option is mandatory.
191 eb699783 2021-01-18 op .It Ic root Pa directory
192 eb699783 2021-01-18 op Specify the root directory for this server.
193 eb699783 2021-01-18 op This option is mandatory.
194 f28d96d3 2021-01-25 op It's relative to the chroot, if enabled.
195 eb699783 2021-01-18 op .It Ic cgi Pa path
196 87f2b68b 2021-02-02 op Execute CGI scripts that matches
197 eb699783 2021-01-18 op .Pa path
198 87f2b68b 2021-02-02 op using shell globbing rules.
199 6119e13e 2021-01-19 op .It Ic default type Ar string
200 6119e13e 2021-01-19 op Set the default media type that is used if the media type for a
201 6119e13e 2021-01-19 op specified extension is not found.
202 6119e13e 2021-01-19 op If not specified, the
203 6119e13e 2021-01-19 op .Ic default type
204 6119e13e 2021-01-19 op is set to
205 6119e13e 2021-01-19 op .Dq application/octet-stream .
206 05c23a54 2021-01-19 op .It Ic lang Ar string
207 05c23a54 2021-01-19 op Specify the language tag for the text/gemini content served.
208 05c23a54 2021-01-19 op If not specified, no
209 05c23a54 2021-01-19 op .Dq lang
210 05c23a54 2021-01-19 op parameter will be added in the response.
211 e7a2a99b 2021-01-24 op .It Ic index Ar string
212 e7a2a99b 2021-01-24 op Set the directory index file.
213 e7a2a99b 2021-01-24 op If not specified, it defaults to
214 f28d96d3 2021-01-25 op .Pa index.gmi .
215 252908e6 2021-01-24 op .It Ic auto Ic index Ar bool
216 252908e6 2021-01-24 op If no index file is found, automatically generate a directory listing.
217 252908e6 2021-01-24 op It's disabled by default.
218 c8b74339 2021-01-24 op .It Ic location Pa path Brq ...
219 c8b74339 2021-01-24 op Specify server configuration rules for a specific location.
220 c8b74339 2021-01-24 op The
221 c8b74339 2021-01-24 op .Pa path
222 c8b74339 2021-01-24 op argument will be matched against the request path with shell globbing
223 c8b74339 2021-01-24 op rules.
224 6016a593 2021-01-30 op In case of multiple location statements in the same context, the first
225 6016a593 2021-01-30 op matching location will be put into effect and the later ones ignored.
226 6016a593 2021-01-30 op Therefore is advisable to match for more specific paths first and for
227 6016a593 2021-01-30 op generic ones later on.
228 c8b74339 2021-01-24 op A
229 c8b74339 2021-01-24 op .Ic location
230 c8b74339 2021-01-24 op section may include most of the server configuration rules
231 c8b74339 2021-01-24 op except
232 6016a593 2021-01-30 op .Ic cert , Ic key , Ic root , Ic location No and Ic cgi .
233 eb699783 2021-01-18 op .El
234 72342dc9 2020-11-06 op .Sh CGI
235 87f2b68b 2021-02-02 op When a request for an executable file matches the
236 87f2b68b 2021-02-02 op .Ic cgi
237 87f2b68b 2021-02-02 op rule, that file will be execute and its output fed to the client.
238 72342dc9 2020-11-06 op .Pp
239 ee655e64 2021-02-01 op The CGI scripts are executed in the directory they reside and inherit
240 a7b9bb4d 2021-01-24 op the environment from
241 0ed56567 2020-11-06 op .Nm
242 0ed56567 2020-11-06 op with these additional variables set:
243 ee655e64 2021-02-01 op .Bl -tag -width 24m
244 28ec6178 2021-01-24 op .It Ev GATEWAY_INTERFACE
245 ee655e64 2021-02-01 op .Dq CGI/1.1
246 ee655e64 2021-02-01 op .It Ev GEMINI_DOCUMENT_ROOT
247 ee655e64 2021-02-01 op The root directory of the virtual host.
248 ee655e64 2021-02-01 op .It Ev GEMINI_SCRIPT_FILENAME
249 ee655e64 2021-02-01 op Full path to the CGI script being executed.
250 ee655e64 2021-02-01 op .It Ev GEMINI_URL
251 ee655e64 2021-02-01 op The full IRI of the request.
252 ee655e64 2021-02-01 op .It Ev GEMINI_URL_PATH
253 ee655e64 2021-02-01 op The path of the request.
254 ee655e64 2021-02-01 op .It Ev PATH_INFO
255 ee655e64 2021-02-01 op The portion of the requested path that is derived from the the IRI
256 ee655e64 2021-02-01 op path hierarchy following the part that identifies the script itself.
257 ee655e64 2021-02-01 op Can be unset.
258 ee655e64 2021-02-01 op .It Ev PATH_TRANSLATED
259 ee655e64 2021-02-01 op Present if and only if
260 ee655e64 2021-02-01 op .Ev PATH_INFO
261 ee655e64 2021-02-01 op is set.
262 ee655e64 2021-02-01 op It represent the translation of the
263 ee655e64 2021-02-01 op .Ev PATH_INFO .
264 ee655e64 2021-02-01 op .Nm
265 ee655e64 2021-02-01 op builds this by appending the
266 ee655e64 2021-02-01 op .Ev PATH_INFO
267 ee655e64 2021-02-01 op to the virtual host directory root.
268 ee655e64 2021-02-01 op .It Ev QUERY_STRING
269 ee655e64 2021-02-01 op The decoded query string.
270 ee655e64 2021-02-01 op .It Ev REMOTE_ADDR , Ev REMOTE_HOST
271 ee655e64 2021-02-01 op Textual representation of the client IP.
272 ee655e64 2021-02-01 op .It Ev REQUEST_METHOD
273 ee655e64 2021-02-01 op This is present only for RFC3875 (CGI) compliance.
274 ee655e64 2021-02-01 op It's always set to the empty string.
275 ee655e64 2021-02-01 op .It Ev SCRIPT_NAME
276 ee655e64 2021-02-01 op The part of the
277 ee655e64 2021-02-01 op .Ev GEMINI_URL_PATH
278 ee655e64 2021-02-01 op that identifies the current CGI script.
279 ee655e64 2021-02-01 op .It Ev SERVER_NAME
280 ee655e64 2021-02-01 op The name of the server
281 ee655e64 2021-02-01 op .It Ev SERVER_PORT
282 ee655e64 2021-02-01 op The port the server is listening on.
283 28ec6178 2021-01-24 op .It Ev SERVER_PROTOCOL
284 ee655e64 2021-02-01 op .Dq GEMINI
285 0ed56567 2020-11-06 op .It Ev SERVER_SOFTWARE
286 ee655e64 2021-02-01 op The name and version of the server, i.e.
287 ee655e64 2021-02-01 op .Dq gmid/1.5
288 677afbd3 2020-12-02 op .It Ev AUTH_TYPE
289 28ec6178 2021-01-24 op The string "Certificate" if the client used a certificate, otherwise
290 28ec6178 2021-01-24 op unset.
291 677afbd3 2020-12-02 op .It Ev REMOTE_USER
292 677afbd3 2020-12-02 op The subject of the client certificate if provided, otherwise unset.
293 677afbd3 2020-12-02 op .It Ev TLS_CLIENT_ISSUER
294 28ec6178 2021-01-24 op The is the issuer of the client certificate if provided, otherwise
295 28ec6178 2021-01-24 op unset.
296 677afbd3 2020-12-02 op .It Ev TLS_CLIENT_HASH
297 677afbd3 2020-12-02 op The hash of the client certificate if provided, otherwise unset.
298 ee655e64 2021-02-01 op The format is
299 ee655e64 2021-02-01 op .Dq ALGO:HASH .
300 0ed56567 2020-11-06 op .El
301 a5d310bc 2020-11-10 op .Pp
302 75fbb178 2021-01-28 op .Sh MIME
303 75fbb178 2021-01-28 op To auto-detect the MIME type of the response
304 75fbb178 2021-01-28 op .Nm
305 75fbb178 2021-01-28 op looks at the file extension and consults its internal table.
306 75fbb178 2021-01-28 op By default the following mappings are loaded, but they can be
307 75fbb178 2021-01-28 op overridden or extended using the
308 75fbb178 2021-01-28 op .Ic mime
309 75fbb178 2021-01-28 op configuration option.
310 75fbb178 2021-01-28 op If no MIME is found, the value of
311 75fbb178 2021-01-28 op .Ic default type
312 75fbb178 2021-01-28 op matching the file
313 75fbb178 2021-01-28 op .Ic location
314 75fbb178 2021-01-28 op will be used, which is
315 75fbb178 2021-01-28 op .Dq application/octet-stream
316 75fbb178 2021-01-28 op by default.
317 75fbb178 2021-01-28 op .Pp
318 75fbb178 2021-01-28 op .Bl -tag -offset indent -width 14m -compact
319 75fbb178 2021-01-28 op .It gemini, gmi
320 75fbb178 2021-01-28 op text/gemini
321 75fbb178 2021-01-28 op .It gif
322 75fbb178 2021-01-28 op image/gif
323 75fbb178 2021-01-28 op .It jpeg
324 75fbb178 2021-01-28 op image/jpeg
325 75fbb178 2021-01-28 op .It jpg
326 75fbb178 2021-01-28 op image/jpeg
327 75fbb178 2021-01-28 op .It markdown, md
328 75fbb178 2021-01-28 op text/markdown
329 75fbb178 2021-01-28 op .It pdf
330 75fbb178 2021-01-28 op application/pdf
331 75fbb178 2021-01-28 op .It png
332 75fbb178 2021-01-28 op image/png
333 75fbb178 2021-01-28 op .It svg
334 75fbb178 2021-01-28 op image/svg+xml
335 75fbb178 2021-01-28 op .It txt
336 75fbb178 2021-01-28 op text/plain
337 75fbb178 2021-01-28 op .It xml
338 75fbb178 2021-01-28 op text/xml
339 75fbb178 2021-01-28 op .El
340 3e4749f7 2020-10-02 op .Sh EXAMPLES
341 f28d96d3 2021-01-25 op Serve the current directory
342 6980aad6 2020-10-02 op .Bd -literal -offset indent
343 f28d96d3 2021-01-25 op $ gmid .
344 6980aad6 2020-10-02 op .Ed
345 3e4749f7 2020-10-02 op .Pp
346 f28d96d3 2021-01-25 op To serve the directory
347 f28d96d3 2021-01-25 op .Pa docs
348 f28d96d3 2021-01-25 op and enable CGI scripts inside
349 f28d96d3 2021-01-25 op .Pa docs/cgi ,
350 f28d96d3 2021-01-25 op you can
351 0ed56567 2020-11-06 op .Bd -literal -offset indent
352 f28d96d3 2021-01-25 op $ mkdir docs/cgi
353 f28d96d3 2021-01-25 op $ cat <<EOF > cgi/hello
354 0ed56567 2020-11-06 op #!/bin/sh
355 0ed56567 2020-11-06 op printf "20 text/plain\\r\\n"
356 f28d96d3 2021-01-25 op echo "hello world"
357 0ed56567 2020-11-06 op EOF
358 f28d96d3 2021-01-25 op $ chmod +x docs/cgi/hello
359 f28d96d3 2021-01-25 op $ gmid -x cgi docs
360 0ed56567 2020-11-06 op .Ed
361 0ed56567 2020-11-06 op .Pp
362 eb699783 2021-01-18 op The following is an example of a possible configuration for a site
363 eb699783 2021-01-18 op that enables only TLSv1.3, adds a mime type for the file extension
364 eb699783 2021-01-18 op "rtf" and defines two virtual host:
365 eb699783 2021-01-18 op .Bd -literal -offset indent
366 eb699783 2021-01-18 op ipv6 on		# enable ipv6
367 eb699783 2021-01-18 op 
368 eb699783 2021-01-18 op protocols "tlsv1.3"
369 eb699783 2021-01-18 op 
370 eb699783 2021-01-18 op mime "application/rtf" "rtf"
371 eb699783 2021-01-18 op 
372 eb699783 2021-01-18 op server "example.com" {
373 eb699783 2021-01-18 op 	cert "/path/to/cert.pem"
374 eb699783 2021-01-18 op 	key  "/path/to/key.pem"
375 eb699783 2021-01-18 op 	root "/var/gemini/example.com"
376 eb699783 2021-01-18 op }
377 eb699783 2021-01-18 op 
378 eb699783 2021-01-18 op server "it.example.com" {
379 eb699783 2021-01-18 op 	cert "/path/to/cert.pem"
380 eb699783 2021-01-18 op 	key  "/path/to/key.pem"
381 eb699783 2021-01-18 op 	root "/var/gemini/it.example.com"
382 87f2b68b 2021-02-02 op 	cgi  "/cgi-bin/*"
383 de27389e 2021-01-21 op 	lang "it"
384 eb699783 2021-01-18 op }
385 eb699783 2021-01-18 op .Ed
386 f28d96d3 2021-01-25 op .Pp
387 f28d96d3 2021-01-25 op Yet another example, showing how to enable a
388 f28d96d3 2021-01-25 op .Ic chroot
389 f28d96d3 2021-01-25 op and use
390 f28d96d3 2021-01-25 op .Ic location
391 f28d96d3 2021-01-25 op rule
392 f28d96d3 2021-01-25 op .Bd -literal -offset indent
393 f28d96d3 2021-01-25 op chroot "/var/gemini"
394 f28d96d3 2021-01-25 op user "_gmid"
395 f28d96d3 2021-01-25 op 
396 f28d96d3 2021-01-25 op server "example.com" {
397 f28d96d3 2021-01-25 op 	cert "/path/to/cert.pem"
398 f28d96d3 2021-01-25 op 	key  "/path/to/key.pem"
399 714685c1 2021-01-30 op 	root "/example.com" # in the /var/gemini chroot
400 f28d96d3 2021-01-25 op 
401 4ee08bd1 2021-02-03 op 	location "/static/*" {
402 f28d96d3 2021-01-25 op 		auto index on
403 f28d96d3 2021-01-25 op 		index "index.gemini"
404 f28d96d3 2021-01-25 op 	}
405 f28d96d3 2021-01-25 op }
406 f28d96d3 2021-01-25 op .Ed
407 ef04b551 2021-01-09 op .Sh ACKNOWLEDGEMENTS
408 ef04b551 2021-01-09 op .Nm
409 eb699783 2021-01-18 op uses the
410 eb699783 2021-01-18 op .Dq Flexible and Economical
411 eb699783 2021-01-18 op UTF-8 decoder written by
412 f28d96d3 2021-01-25 op .An Bjoern Hoehrmann .
413 714685c1 2021-01-30 op .Sh AUTHORS
414 714685c1 2021-01-30 op .An -nosplit
415 714685c1 2021-01-30 op The
416 714685c1 2021-01-30 op .Nm
417 714685c1 2021-01-30 op program was written by
418 714685c1 2021-01-30 op .An Omar Polo Aq Mt op@omarpolo.com .
419 3e4749f7 2020-10-02 op .Sh CAVEATS
420 3e4749f7 2020-10-02 op .Bl -bullet
421 3e4749f7 2020-10-02 op .It
422 eb699783 2021-01-18 op The root directories of all virtual hosts are opened during the daemon
423 eb699783 2021-01-18 op startup; this means that if a root directory gets deleted and then
424 eb699783 2021-01-18 op re-created,
425 eb699783 2021-01-18 op .Nm
426 eb699783 2021-01-18 op won't be able to serve files inside that directory until a restart.
427 eb699783 2021-01-18 op This restriction applies only to the root directories and not their content.
428 043acc97 2020-12-25 op .It
429 714685c1 2021-01-30 op a %2F sequence is indistinguishable from a literal slash: this is not
430 714685c1 2021-01-30 op RFC3986-compliant.
431 00781742 2020-12-25 op .It
432 714685c1 2021-01-30 op a %00 sequence is treated as invalid character and thus rejected.
433 3e4749f7 2020-10-02 op .El