1 f28d96d3 2021-01-25 op .\" Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3 3e4749f7 2020-10-02 op .\" Permission to use, copy, modify, and distribute this software for any
4 3e4749f7 2020-10-02 op .\" purpose with or without fee is hereby granted, provided that the above
5 3e4749f7 2020-10-02 op .\" copyright notice and this permission notice appear in all copies.
7 3e4749f7 2020-10-02 op .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 3e4749f7 2020-10-02 op .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 3e4749f7 2020-10-02 op .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 3e4749f7 2020-10-02 op .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 3e4749f7 2020-10-02 op .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 3e4749f7 2020-10-02 op .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 3e4749f7 2020-10-02 op .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 39a7b611 2021-01-30 op .Dd $Mdocdate: January 30 2021$
19 714685c1 2021-01-30 op .Nd simple and secure Gemini server
24 15902770 2021-01-15 op .Op Fl c Ar config
25 8e8b2e25 2021-04-28 op .Op Fl P Ar pidfile
30 f28d96d3 2021-01-25 op .Op Fl d Pa certs-dir
31 f28d96d3 2021-01-25 op .Op Fl H Ar hostname
32 721e2325 2020-11-18 op .Op Fl p Ar port
33 f28d96d3 2021-01-25 op .Op Fl x Pa cgi
36 3e4749f7 2020-10-02 op .Sh DESCRIPTION
38 8ff40039 2021-05-24 op is a simple and minimal gemini server that can serve static files,
39 8ff40039 2021-05-24 op execute CGI scripts and talk to FastCGI applications.
40 eb699783 2021-01-18 op It can run without a configuration file with a limited set of features
44 3007f565 2021-02-04 op rereads the configuration file when it receives
47 eb699783 2021-01-18 op The options are as follows:
48 f28d96d3 2021-01-25 op .Bl -tag -width 14m
49 eb699783 2021-01-18 op .It Fl c Pa config
50 f28d96d3 2021-01-25 op Specify the configuration file.
52 46af8c6c 2021-01-27 op Stays and logs on the foreground.
54 eb699783 2021-01-18 op Check that the configuration is valid, but don't start the server.
55 8e8b2e25 2021-04-28 op .It Fl P Pa pidfile
58 8e8b2e25 2021-04-28 op pid to the given path.
61 eb699783 2021-01-18 op If no configuration file is given,
63 f28d96d3 2021-01-25 op will look for the following options
64 f28d96d3 2021-01-25 op .Bl -tag -width 14m
67 f28d96d3 2021-01-25 op .It Fl d Pa certs-path
68 f28d96d3 2021-01-25 op Directory where certificates for the config-less mode are stored.
70 f28d96d3 2021-01-25 op .Pa $XDG_DATA_HOME/gmid ,
72 f28d96d3 2021-01-25 op .Pa ~/.local/share/gmid .
73 71cf3975 2021-01-25 op .It Fl H Ar hostname
74 f28d96d3 2021-01-25 op The hostname, by default
75 f28d96d3 2021-01-25 op .Ar localhost .
76 f28d96d3 2021-01-25 op Certificates for the given
78 f28d96d3 2021-01-25 op are searched inside the
80 f28d96d3 2021-01-25 op directory given with the
83 714685c1 2021-01-30 op They have the form
84 f28d96d3 2021-01-25 op .Pa hostname.cert.pem
86 f28d96d3 2021-01-25 op .Pa hostname.key.pem .
87 1de92289 2021-04-15 op If a certificate or key don't exists for a given hostname they
88 714685c1 2021-01-30 op will be automatically generated.
89 ba65dcc8 2021-06-29 op .It Fl h , Fl -help
90 fab952e1 2020-10-03 op Print the usage and exit.
91 721e2325 2020-11-18 op .It Fl p Ar port
92 eb699783 2021-01-18 op The port to listen on, by default 1965.
93 ba65dcc8 2021-06-29 op .It Fl V , Fl -version
94 ba65dcc8 2021-06-29 op Print the version and exit.
99 3abf91b0 2021-02-07 op options increase the verbosity.
100 f28d96d3 2021-01-25 op .It Fl x Pa path
101 eb699783 2021-01-18 op Enable execution of CGI scripts.
102 eb699783 2021-01-18 op See the description of the
104 eb699783 2021-01-18 op option in the section
106 eb699783 2021-01-18 op below to learn how
108 eb699783 2021-01-18 op is processed.
109 eb699783 2021-01-18 op Cannot be provided more than once.
111 f28d96d3 2021-01-25 op The root directory to serve.
112 f28d96d3 2021-01-25 op By default the current working directory is assumed.
114 eb699783 2021-01-18 op .Sh CONFIGURATION FILE
115 eb699783 2021-01-18 op The configuration file is divided into two sections:
116 eb699783 2021-01-18 op .Bl -tag -width xxxx
117 eb699783 2021-01-18 op .It Sy Global Options
118 eb699783 2021-01-18 op Global settings for
120 eb699783 2021-01-18 op .It Sy Servers
121 f28d96d3 2021-01-25 op Virtual hosts definition.
124 eb699783 2021-01-18 op Within the sections, empty lines are ignored and comments can be put
125 eb699783 2021-01-18 op anywhere in the file using a hash mark
127 eb699783 2021-01-18 op and extend to the end of the current line.
128 eb699783 2021-01-18 op A boolean is either the symbol
132 f28d96d3 2021-01-25 op A string is a sequence of characters wrapped in double quotes,
133 f28d96d3 2021-01-25 op .Dq like this .
134 eb699783 2021-01-18 op .Ss Global Options
135 eb699783 2021-01-18 op .Bl -tag -width 12m
136 ae08ec7d 2021-01-25 op .It Ic chroot Pa path
138 ae08ec7d 2021-01-25 op the process to the given
140 ae08ec7d 2021-01-25 op The daemon has to be run with root privileges and thus the option
142 714685c1 2021-01-30 op needs to be provided, so privileges can be dropped.
145 714685c1 2021-01-30 op will enter the chroot after loading the TLS keys, but before opening
146 714685c1 2021-01-30 op the virtual host root directories.
147 714685c1 2021-01-30 op It's recommended to keep the TLS keys outside the chroot.
148 ae08ec7d 2021-01-25 op Future version of
150 1de92289 2021-04-15 op may enforce this.
151 2b92a447 2021-02-06 op .It Ic ipv6 Ar bool
152 2b92a447 2021-02-06 op Enable or disable IPv6 support.
153 2b92a447 2021-02-06 op By default is off.
154 2b92a447 2021-02-06 op .It Ic mime Ar mime-type Ar file-extension
155 2b92a447 2021-02-06 op Add a mapping for the given
156 2b92a447 2021-02-06 op .Ar file-extension
158 2b92a447 2021-02-06 op .Ar mime-type .
159 2b92a447 2021-02-06 op Both argument are strings.
160 2b92a447 2021-02-06 op .It Ic port Ar portno
161 2b92a447 2021-02-06 op The port to listen on.
162 2b92a447 2021-02-06 op By default is 1965.
163 a709ddf5 2021-02-07 op .It Ic prefork Ar number
164 a709ddf5 2021-02-07 op Run the specified number of server processes.
165 a709ddf5 2021-02-07 op This increases the performance and prevents delays when connecting to
168 a709ddf5 2021-02-07 op runs 3 server processes by default, when not in config-less mode.
169 2c3e53da 2021-03-03 op The maximum number allowed is 16.
170 2b92a447 2021-02-06 op .It Ic protocols Ar string
171 2b92a447 2021-02-06 op Specify the TLS protocols to enable.
173 2b92a447 2021-02-06 op .Xr tls_config_parse_protocols 3
174 2b92a447 2021-02-06 op for the valid protocol string values.
175 2b92a447 2021-02-06 op By default, both TLSv1.3 and TLSv1.2 are enabled.
178 2b92a447 2021-02-06 op to enable only TLSv1.3.
179 ae08ec7d 2021-01-25 op .It Ic user Ar string
180 ae08ec7d 2021-01-25 op Run the daemon as the given user.
183 eb699783 2021-01-18 op Every virtual host is defined by a
186 eb699783 2021-01-18 op .Bl -tag -width Ds
187 eb699783 2021-01-18 op .It Ic server Ar hostname Brq ...
188 75fbb178 2021-01-28 op Match the server name using shell globbing rules.
189 75fbb178 2021-01-28 op This can be an explicit name,
190 de27389e 2021-01-21 op .Ar www.example.com ,
191 de27389e 2021-01-21 op or a name including a wildcards,
192 de27389e 2021-01-21 op .Ar *.example.com .
195 eb699783 2021-01-18 op Followed by a block of options that is enclosed in curly brackets:
196 eb699783 2021-01-18 op .Bl -tag -width Ds
197 cc8c2901 2021-04-29 op .It Ic alias Ar name
198 cc8c2901 2021-04-29 op Specify an additional alias
200 cc8c2901 2021-04-29 op for this server.
201 2b92a447 2021-02-06 op .It Ic auto Ic index Ar bool
202 2b92a447 2021-02-06 op If no index file is found, automatically generate a directory listing.
203 2b92a447 2021-02-06 op It's disabled by default.
204 2b92a447 2021-02-06 op .It Ic block Op Ic return Ar code Op Ar meta
205 2b92a447 2021-02-06 op Send a reply and close the connection;
211 2b92a447 2021-02-06 op .Dq temporary failure
215 2b92a447 2021-02-06 op is in the 3x range, then
217 2b92a447 2021-02-06 op must be provided.
220 2b92a447 2021-02-06 op the following special sequences are replaced:
221 fd1ae83d 2021-06-11 op .Bl -tag -width Ds -compact
223 2b92a447 2021-02-06 op is replaced with a single
226 2b92a447 2021-02-06 op is replaced with the request path.
228 2b92a447 2021-02-06 op is replaced with the query string of the request.
230 2b92a447 2021-02-06 op is replaced with the server port.
232 2b92a447 2021-02-06 op is replaced with the server name.
234 eb699783 2021-01-18 op .It Ic cert Pa file
235 eb699783 2021-01-18 op Path to the certificate to use for this server.
238 eb699783 2021-01-18 op should contain a PEM encoded certificate.
239 eb699783 2021-01-18 op This option is mandatory.
240 eb699783 2021-01-18 op .It Ic cgi Pa path
241 87f2b68b 2021-02-02 op Execute CGI scripts that matches
243 87f2b68b 2021-02-02 op using shell globbing rules.
244 6119e13e 2021-01-19 op .It Ic default type Ar string
245 6119e13e 2021-01-19 op Set the default media type that is used if the media type for a
246 6119e13e 2021-01-19 op specified extension is not found.
247 6119e13e 2021-01-19 op If not specified, the
248 6119e13e 2021-01-19 op .Ic default type
250 6119e13e 2021-01-19 op .Dq application/octet-stream .
251 2b92a447 2021-02-06 op .It Ic entrypoint Pa path
252 dafaf467 2021-04-15 op Handle all the requests for the current virtual host using the
253 dafaf467 2021-04-15 op CGI script at
255 9cc630aa 2021-04-28 op .It Ic env Ar name Ar value
256 9cc630aa 2021-04-28 op Set the environment variable
260 9cc630aa 2021-04-28 op when executing CGI scripts.
261 9cc630aa 2021-04-28 op Can be provided more than once.
262 8ff40039 2021-05-24 op .\" don't document the "spawn <prog>" form because it probably won't
264 8ff40039 2021-05-24 op .It Ic fastcgi Oo Ic tcp Oc Pa socket Oo Ar port Oc
265 8ff40039 2021-05-24 op Enable FastCGI instead of serving files.
268 8ff40039 2021-05-24 op can either be a UNIX domain socket or a TCP socket.
269 8ff40039 2021-05-24 op If the FastCGI application is listening on a UNIX domain socket,
271 8ff40039 2021-05-24 op is a local path name within the
273 8ff40039 2021-05-24 op root directory of
275 8ff40039 2021-05-24 op Otherwise, the
277 8ff40039 2021-05-24 op keyword must be provided and
279 8ff40039 2021-05-24 op is interpreted as a hostname or an IP address.
281 8ff40039 2021-05-24 op can be either a port number or the name of a service enclosed in
282 8ff40039 2021-05-24 op double quotes.
283 8ff40039 2021-05-24 op If it's not specified defaults to 9000.
284 2b92a447 2021-02-06 op .It Ic index Ar string
285 2b92a447 2021-02-06 op Set the directory index file.
286 2b92a447 2021-02-06 op If not specified, it defaults to
287 2b92a447 2021-02-06 op .Pa index.gmi .
288 2b92a447 2021-02-06 op .It Ic key Pa file
289 2b92a447 2021-02-06 op Specify the private key to use for this server.
292 2b92a447 2021-02-06 op should contain a PEM encoded private key.
293 2b92a447 2021-02-06 op This option is mandatory.
294 05c23a54 2021-01-19 op .It Ic lang Ar string
295 05c23a54 2021-01-19 op Specify the language tag for the text/gemini content served.
296 05c23a54 2021-01-19 op If not specified, no
298 05c23a54 2021-01-19 op parameter will be added in the response.
299 c8b74339 2021-01-24 op .It Ic location Pa path Brq ...
300 c8b74339 2021-01-24 op Specify server configuration rules for a specific location.
303 c8b74339 2021-01-24 op argument will be matched against the request path with shell globbing
305 6016a593 2021-01-30 op In case of multiple location statements in the same context, the first
306 6016a593 2021-01-30 op matching location will be put into effect and the later ones ignored.
307 6016a593 2021-01-30 op Therefore is advisable to match for more specific paths first and for
308 6016a593 2021-01-30 op generic ones later on.
311 c8b74339 2021-01-24 op section may include most of the server configuration rules
313 fdea6aa0 2021-04-30 op .Ic alias , Ic cert , Ic env , Ic key , Ic location ,
314 e3ddf390 2021-02-06 op .Ic entrypoint No and Ic cgi .
315 2c43dcce 2021-06-17 op .It Ic log Ar bool
316 2c43dcce 2021-06-17 op Enable or disable the logging for the current server or location block.
317 ada16f87 2021-06-11 op .It Ic param Ar name Ar value
318 ada16f87 2021-06-11 op Set the param
323 2b92a447 2021-02-06 op .It Ic root Pa directory
324 2b92a447 2021-02-06 op Specify the root directory for this server.
325 2b92a447 2021-02-06 op It's relative to the chroot, if enabled.
326 02be96c6 2021-02-09 op .It Ic require Ic client Ic ca Pa path
327 02be96c6 2021-02-09 op Allow requests only from clients that provide a certificate signed by
328 02be96c6 2021-02-09 op the CA certificate in
330 02be96c6 2021-02-09 op It needs to be a PEM-encoded certificate and it's not relative to the
332 6abda252 2021-02-06 op .It Ic strip Ar number
335 0773413c 2021-05-15 op components from the beginning of the path before doing a lookup in the
336 0773413c 2021-05-15 op root directory.
337 0773413c 2021-05-15 op It's also considered for the
339 2b92a447 2021-02-06 op parameter in the scope of a
340 6abda252 2021-02-06 op .Ic block return .
343 87f2b68b 2021-02-02 op When a request for an executable file matches the
345 87f2b68b 2021-02-02 op rule, that file will be execute and its output fed to the client.
347 ee655e64 2021-02-01 op The CGI scripts are executed in the directory they reside and inherit
348 a7b9bb4d 2021-01-24 op the environment from
350 0ed56567 2020-11-06 op with these additional variables set:
351 ee655e64 2021-02-01 op .Bl -tag -width 24m
352 28ec6178 2021-01-24 op .It Ev GATEWAY_INTERFACE
354 ee655e64 2021-02-01 op .It Ev GEMINI_DOCUMENT_ROOT
355 ee655e64 2021-02-01 op The root directory of the virtual host.
356 ee655e64 2021-02-01 op .It Ev GEMINI_SCRIPT_FILENAME
357 ee655e64 2021-02-01 op Full path to the CGI script being executed.
358 ee655e64 2021-02-01 op .It Ev GEMINI_URL
359 ee655e64 2021-02-01 op The full IRI of the request.
360 ee655e64 2021-02-01 op .It Ev GEMINI_URL_PATH
361 ee655e64 2021-02-01 op The path of the request.
362 ee655e64 2021-02-01 op .It Ev PATH_INFO
363 ee655e64 2021-02-01 op The portion of the requested path that is derived from the the IRI
364 ee655e64 2021-02-01 op path hierarchy following the part that identifies the script itself.
365 ee655e64 2021-02-01 op Can be unset.
366 ee655e64 2021-02-01 op .It Ev PATH_TRANSLATED
367 ee655e64 2021-02-01 op Present if and only if
368 ee655e64 2021-02-01 op .Ev PATH_INFO
370 ee655e64 2021-02-01 op It represent the translation of the
371 ee655e64 2021-02-01 op .Ev PATH_INFO .
373 ee655e64 2021-02-01 op builds this by appending the
374 ee655e64 2021-02-01 op .Ev PATH_INFO
375 ee655e64 2021-02-01 op to the virtual host directory root.
376 ee655e64 2021-02-01 op .It Ev QUERY_STRING
377 ee655e64 2021-02-01 op The decoded query string.
378 ee655e64 2021-02-01 op .It Ev REMOTE_ADDR , Ev REMOTE_HOST
379 ee655e64 2021-02-01 op Textual representation of the client IP.
380 ee655e64 2021-02-01 op .It Ev REQUEST_METHOD
381 ee655e64 2021-02-01 op This is present only for RFC3875 (CGI) compliance.
382 ee655e64 2021-02-01 op It's always set to the empty string.
383 ee655e64 2021-02-01 op .It Ev SCRIPT_NAME
384 ee655e64 2021-02-01 op The part of the
385 ee655e64 2021-02-01 op .Ev GEMINI_URL_PATH
386 ee655e64 2021-02-01 op that identifies the current CGI script.
387 ee655e64 2021-02-01 op .It Ev SERVER_NAME
388 ee655e64 2021-02-01 op The name of the server
389 ee655e64 2021-02-01 op .It Ev SERVER_PORT
390 ee655e64 2021-02-01 op The port the server is listening on.
391 28ec6178 2021-01-24 op .It Ev SERVER_PROTOCOL
393 0ed56567 2020-11-06 op .It Ev SERVER_SOFTWARE
394 ee655e64 2021-02-01 op The name and version of the server, i.e.
396 677afbd3 2020-12-02 op .It Ev AUTH_TYPE
397 28ec6178 2021-01-24 op The string "Certificate" if the client used a certificate, otherwise
399 677afbd3 2020-12-02 op .It Ev REMOTE_USER
400 677afbd3 2020-12-02 op The subject of the client certificate if provided, otherwise unset.
401 677afbd3 2020-12-02 op .It Ev TLS_CLIENT_ISSUER
402 28ec6178 2021-01-24 op The is the issuer of the client certificate if provided, otherwise
404 677afbd3 2020-12-02 op .It Ev TLS_CLIENT_HASH
405 677afbd3 2020-12-02 op The hash of the client certificate if provided, otherwise unset.
406 ee655e64 2021-02-01 op The format is
407 ee655e64 2021-02-01 op .Dq ALGO:HASH .
408 89541eee 2021-04-13 op .It Ev TLS_VERSION
409 89541eee 2021-04-13 op The TLS version negotiated with the peer.
410 89541eee 2021-04-13 op .It Ev TLS_CIPHER
411 89541eee 2021-04-13 op The cipher suite negotiated with the peer.
412 89541eee 2021-04-13 op .It Ev TLS_CIPHER_STRENGTH
413 89541eee 2021-04-13 op The strength in bits for the symmetric cipher that is being used with
415 b63e30ff 2021-02-07 op .It Ev TLS_CLIENT_NOT_AFTER
416 b63e30ff 2021-02-07 op The time corresponding to the end of the validity period of the peer
417 b63e30ff 2021-02-07 op certificate in the ISO 8601 format
418 b63e30ff 2021-02-07 op .Pq e.g. Dq 2021-02-07T20:17:41Z .
419 b63e30ff 2021-02-07 op .It Ev TLS_CLIENT_NOT_BEFORE
420 b63e30ff 2021-02-07 op The time corresponding to the start of the validity period of the peer
421 b63e30ff 2021-02-07 op certificate in the ISO 8601 format.
425 ada16f87 2021-06-11 op optionally supports FastCGI.
428 ada16f87 2021-06-11 op rule must be present in a server or location block.
429 ada16f87 2021-06-11 op Then, all requests matching that server or location will be handled
430 ada16f87 2021-06-11 op via the specified FastCGI backend.
432 ada16f87 2021-06-11 op By default the following variables
433 ada16f87 2021-06-11 op .Pq parameters
434 ada16f87 2021-06-11 op are sent, and carry the same semantics as with CGI.
435 ada16f87 2021-06-11 op More parameters can be added with the
438 ada16f87 2021-06-11 op .Bl -bullet -compact
440 ada16f87 2021-06-11 op GATEWAY_INTERFACE
442 ada16f87 2021-06-11 op GEMINI_URL_PATH
450 ada16f87 2021-06-11 op REQUEST_METHOD
454 ada16f87 2021-06-11 op SERVER_PROTOCOL
456 ada16f87 2021-06-11 op SERVER_SOFTWARE
462 ada16f87 2021-06-11 op TLS_CLIENT_ISSUER
464 ada16f87 2021-06-11 op TLS_CLIENT_HASH
470 ada16f87 2021-06-11 op TLS_CIPHER_STRENGTH
472 ada16f87 2021-06-11 op TLS_CLIENT_NOT_BEFORE
474 ada16f87 2021-06-11 op TLS_CLIENT_NOT_AFTER
477 75fbb178 2021-01-28 op To auto-detect the MIME type of the response
479 75fbb178 2021-01-28 op looks at the file extension and consults its internal table.
480 75fbb178 2021-01-28 op By default the following mappings are loaded, but they can be
481 75fbb178 2021-01-28 op overridden or extended using the
483 75fbb178 2021-01-28 op configuration option.
484 75fbb178 2021-01-28 op If no MIME is found, the value of
485 75fbb178 2021-01-28 op .Ic default type
486 75fbb178 2021-01-28 op matching the file
488 75fbb178 2021-01-28 op will be used, which is
489 75fbb178 2021-01-28 op .Dq application/octet-stream
492 75fbb178 2021-01-28 op .Bl -tag -offset indent -width 14m -compact
495 75fbb178 2021-01-28 op .It gemini, gmi
503 75fbb178 2021-01-28 op .It markdown, md
504 75fbb178 2021-01-28 op text/markdown
508 75fbb178 2021-01-28 op application/pdf
512 75fbb178 2021-01-28 op image/svg+xml
519 f28d96d3 2021-01-25 op Serve the current directory
520 6980aad6 2020-10-02 op .Bd -literal -offset indent
524 f28d96d3 2021-01-25 op To serve the directory
526 f28d96d3 2021-01-25 op and enable CGI scripts inside
527 f28d96d3 2021-01-25 op .Pa docs/cgi ,
529 0ed56567 2020-11-06 op .Bd -literal -offset indent
530 f28d96d3 2021-01-25 op $ mkdir docs/cgi
531 b7a99061 2021-04-15 op $ cat <<EOF > docs/cgi/hello
533 0ed56567 2020-11-06 op printf "20 text/plain\\r\\n"
534 f28d96d3 2021-01-25 op echo "hello world"
536 f28d96d3 2021-01-25 op $ chmod +x docs/cgi/hello
537 b890467e 2021-03-20 op $ gmid -x '/cgi/*' docs
540 eb699783 2021-01-18 op The following is an example of a possible configuration for a site
541 eb699783 2021-01-18 op that enables only TLSv1.3, adds a mime type for the file extension
542 eb699783 2021-01-18 op "rtf" and defines two virtual host:
543 eb699783 2021-01-18 op .Bd -literal -offset indent
544 eb699783 2021-01-18 op ipv6 on # enable ipv6
546 eb699783 2021-01-18 op protocols "tlsv1.3"
548 eb699783 2021-01-18 op mime "application/rtf" "rtf"
550 eb699783 2021-01-18 op server "example.com" {
551 eb699783 2021-01-18 op cert "/path/to/cert.pem"
552 eb699783 2021-01-18 op key "/path/to/key.pem"
553 eb699783 2021-01-18 op root "/var/gemini/example.com"
556 eb699783 2021-01-18 op server "it.example.com" {
557 eb699783 2021-01-18 op cert "/path/to/cert.pem"
558 eb699783 2021-01-18 op key "/path/to/key.pem"
559 eb699783 2021-01-18 op root "/var/gemini/it.example.com"
560 87f2b68b 2021-02-02 op cgi "/cgi-bin/*"
565 f28d96d3 2021-01-25 op Yet another example, showing how to enable a
570 f28d96d3 2021-01-25 op .Bd -literal -offset indent
571 f28d96d3 2021-01-25 op chroot "/var/gemini"
574 f28d96d3 2021-01-25 op server "example.com" {
575 f28d96d3 2021-01-25 op cert "/path/to/cert.pem"
576 f28d96d3 2021-01-25 op key "/path/to/key.pem"
577 714685c1 2021-01-30 op root "/example.com" # in the /var/gemini chroot
579 4ee08bd1 2021-02-03 op location "/static/*" {
580 f28d96d3 2021-01-25 op auto index on
581 f28d96d3 2021-01-25 op index "index.gemini"
585 ef04b551 2021-01-09 op .Sh ACKNOWLEDGEMENTS
588 eb699783 2021-01-18 op .Dq Flexible and Economical
589 eb699783 2021-01-18 op UTF-8 decoder written by
590 f28d96d3 2021-01-25 op .An Bjoern Hoehrmann .
595 714685c1 2021-01-30 op program was written by
596 714685c1 2021-01-30 op .An Omar Polo Aq Mt op@omarpolo.com .
600 eb699783 2021-01-18 op The root directories of all virtual hosts are opened during the daemon
601 eb699783 2021-01-18 op startup; this means that if a root directory gets deleted and then
604 eb699783 2021-01-18 op won't be able to serve files inside that directory until a restart.
605 eb699783 2021-01-18 op This restriction applies only to the root directories and not their content.
607 714685c1 2021-01-30 op a %2F sequence is indistinguishable from a literal slash: this is not
608 714685c1 2021-01-30 op RFC3986-compliant.
610 714685c1 2021-01-30 op a %00 sequence is treated as invalid character and thus rejected.
