1 .\" Copyright (c) 2020 Omar Polo <op@omarpolo.com>
3 .\" Permission to use, copy, modify, and distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 .Dd $Mdocdate: October 2 2020$
19 .Nd dead simple zero configuration gemini server
32 is a simple and minimal gemini server that can serve static files and
36 won't serve files outside the given directory and won't follow
43 are used to ensure that
45 dosen't do anything else than read files from the given directory,
46 accept network connections and, optionally, execute CGI scripts.
49 fully supports IRIs (Internationalized Resource Identifiers, see
52 It should be noted that
54 is very simple in its implementation, and so it may not be appropriate
55 for serving sites with lots of users.
56 After all, the code is single threaded and use a single process,
57 although it can handle multiple clients at the same time.
59 If a user request path is a directory,
63 file inside that directory.
65 The options are as follows:
70 The certificate to use, by default is
73 The root directory to serve.
75 won't serve any file that is outside that directory.
79 stays and log in the foreground, do not daemonize the process.
81 Print the usage and exit.
83 The key for the certificate, by default is
86 The port to bind to, by default 1965.
88 Enable execution of CGI scripts inside the given directory (relative
89 to the document root.) Cannot be provided more than once.
92 When CGI scripts are enabled for a directory, a request for an
93 executable file will execute it and fed its output to the client.
95 The CGI scripts will inherit the environment from
97 with these additional variables set:
99 .It Ev SERVER_SOFTWARE
104 The (public) path to the script.
105 .It Ev SCRIPT_EXECUTABLE
106 The full path to the executable.
108 The user request (without the query parameters.)
109 .It Ev REQUEST_RELATIVE
110 The request relative to the script.
112 The query parameters.
114 The remote IP address.
116 The remote IP address.
118 The root directory being served, the one provided with the
123 The string "Certificate" if the client used a certificate, otherwise unset.
125 The subject of the client certificate if provided, otherwise unset.
126 .It Ev TLS_CLIENT_ISSUER
127 The is the issuer of the client certificate if provided, otherwise unset.
128 .It Ev TLS_CLIENT_HASH
129 The hash of the client certificate if provided, otherwise unset.
130 The format is "ALGO:HASH".
133 Let's say you have a script in
135 and the user request is
136 .Pa /cgi-bin/script/foo/bar?quux .
141 .Ev SCRIPT_EXECUTABLE
143 .Pa $DOCUMENT_ROOT/cgi-bin/script ,
146 .Pa cgi-bin/script/foo/bar ,
155 To quickly getting started
156 .Bd -literal -offset indent
157 $ # generate a cert and a key
158 $ openssl req -x509 -newkey rsa:4096 -keyout key.pem \\
159 -out cert.pem -days 365 -nodes
161 $ cat <<EOF > docs/index.gmi
165 $ gmid -c cert.pem -k key.pem -d docs
168 Now you can visit gemini://localhost/ with your preferred gemini
171 To add some CGI scripts, assuming a setup similar to the previous
173 .Bd -literal -offset indent
175 $ cat <<EOF > docs/cgi-bin/hello-world
177 printf "20 text/plain\\r\\n"
183 Note that the argument to the
189 since it's relative to the document root.
192 uses the "Flexible and Economical" UTF-8 decoder written by
193 .An Bjoern Hoehrmann .
197 it doesn't support virtual hosts: the host part of the request URL is
200 a %2F sequence in the path part is indistinguishable from a literal
201 slash: this is not RFC3986-compliant.
203 a %00 sequence either in the path or in the query part is treated as
204 invalid character and thus rejected.