1 .\" Copyright (c) 2021, 2022 Omar Polo <op@omarpolo.com>
3 .\" Permission to use, copy, modify, and distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 .Dd $Mdocdate: April 7 2022$
19 .Nd simple and secure Gemini server
25 .Op Fl D Ar macro Ns = Ns Ar value
38 is a simple and minimal gemini server that can serve static files,
39 talk to FastCGI applications and act as a gemini reverse proxy.
40 It can run without a configuration file with a limited set of features
44 rereads the configuration file when it receives
47 The options are as follows:
50 Specify the configuration file.
51 .It Fl D Ar macro Ns = Ns Ar value
57 Overrides the definition of
59 in the config file if present.
61 Stays and logs on the foreground.
63 Check that the configuration is valid, but don't start the server.
64 If specified two or more time, dump the configuration in addition to
67 Write daemon's pid to the given location.
69 will also act as lock: if another process is holding a lock on that
75 If no configuration file is given,
79 .Pq i.e. runs in the foreground to serve a directory from the shell
80 and looks for the following options
84 .It Fl d Ar certs-path
85 Directory where certificates for the config-less mode are stored.
87 .Pa $XDG_DATA_HOME/gmid ,
89 .Pa ~/.local/share/gmid .
96 Certificates for the given
98 are searched inside the
100 directory given with the
104 .Pa hostname.cert.pem
106 .Pa hostname.key.pem .
107 If a certificate or a key doesn't exist for a given hostname, they
108 will be generated automatically.
110 Print the usage and exit.
112 The port to listen on, by default 1965.
113 .It Fl V , Fl -version
114 Print the version and exit.
119 options increase the verbosity.
121 The root directory to serve.
122 By default the current working directory is assumed.
125 Messages and requests are logged by
129 facility or printed on
132 Requests are logged with the
135 Each request log entry has the following fields, separated by
140 Client IP address and the source port number, separated by a colon
152 Serve the current directory
153 .Bd -literal -offset indent
159 as a deamon a configuration file and a X.509 certificate must be provided.
160 A self-signed certificate, which are commonly used in the Geminispace,
161 can be generated using for e.g.\&
163 .Bd -literal -offset indent
164 # openssl req \-x509 \-newkey rsa:4096 \-nodes \e
165 \-keyout /etc/ssl/private/example.com.key \e
166 \-out /etc/ssl/example.com.pem \e
167 \-days 365 \-subj "/CN=example.com"
168 # chmod 600 /etc/ssl/example.com.crt
169 # chmod 600 /etc/ssl/private/example.com.key
175 .Bd -literal -offset indent
176 # gmid -c /etc/gmid.conf
183 .Dq Flexible and Economical
184 UTF-8 decoder written by
185 .An Bjoern Hoehrmann .
190 program was written by
191 .An Omar Polo Aq Mt op@omarpolo.com .
195 All the root directories are opened during the daemon startup; if a
196 root directory is deleted and then re-created,
198 won't be able to serve files inside that directory until a restart.
199 This restriction only applies to the root directories and not their
202 a %2F sequence is indistinguishable from a literal slash: this is not
205 a %00 sequence is treated as invalid character and thus rejected.