Blob
Date:
Thu Apr 7 17:50:37 2022
UTC
Message:
move the documentation of the config file into gmid.conf.5
.\" Copyright (c) 2021, 2022 Omar Polo <op@omarpolo.com>.\".\" Permission to use, copy, modify, and distribute this software for any.\" purpose with or without fee is hereby granted, provided that the above.\" copyright notice and this permission notice appear in all copies..\".\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE..Dd $Mdocdate: April 7 2022$.Dt GMID 1.Os.Sh NAME.Nm gmid.Nd simple and secure Gemini server.Sh SYNOPSIS.Nm.Bk -words.Op Fl fnv.Op Fl c Ar config.Op Fl D Ar macro Ns = Ns Ar value.Op Fl P Ar pidfile.Ek.Nm.Bk -words.Op Fl 6hVv.Op Fl d Ar certs-dir.Op Fl H Ar hostname.Op Fl p Ar port.Op Fl x Ar cgi.Op Ar dir.Ek.Sh DESCRIPTION.Nmis a simple and minimal gemini server that can serve static files,execute CGI scripts and talk to FastCGI applications.It can run without a configuration file with a limited set of featuresavailable..Pp.Nmrereads the configuration file when it receives.Dv SIGHUP ..PpThe options are as follows:.Bl -tag -width 14m.It Fl c Ar configSpecify the configuration file..It Fl D Ar macro Ns = Ns Ar valueDefine.Ar macroto be set to.Ar valueon the command line.Overrides the definition of.Ar macroin the config file if present..It Fl fStays and logs on the foreground..It Fl nCheck that the configuration is valid, but don't start the server.If specified two or more time, dump the configuration in addition toverify it..It Fl P Ar pidfileWrite daemon's pid to the given location..Ar pidfilewill also act as lock: if another process is holding a lock on thatfile,.Nmwill refuse to start..El.PpIf no configuration file is given,.Nmruns in.Dq config-less mode.Pq i.e. runs in the foreground to serve a directory from the shelland looks for the following options.Bl -tag -width 14m.It Fl 6Enable IPv6..It Fl d Ar certs-pathDirectory where certificates for the config-less mode are stored.By default it is.Pa $XDG_DATA_HOME/gmid ,i.e..Pa ~/.local/share/gmid ..It Fl H Ar hostnameThe hostname.Po.Ar localhostby default.Pc .Certificates for the given.Ar hostnameare searched inside the.Ar certs-dirdirectory given with the.Fl doption.They have the form.Pa hostname.cert.pemand.Pa hostname.key.pem .If a certificate or a key doesn't exist for a given hostname, theywill be generated automatically..It Fl h , Fl -helpPrint the usage and exit..It Fl p Ar portThe port to listen on, by default 1965..It Fl V , Fl -versionPrint the version and exit..It Fl vVerbose mode.Multiple.Fl voptions increase the verbosity..It Fl x Ar pathEnable execution of.Sx CGIscripts.See the description of the.Ic cgioption in the.Sq Serverssection below to learn how.Ar pathis processed.Cannot be provided more than once..It Ar dirThe root directory to serve.By default the current working directory is assumed..El.Sh LOGGINGMessages and requests are logged by.Xr syslog 3using the.Dv DAEMONfacility or printed on.Em stderr ..PpRequests are logged with the.Dv NOTICEseverity.Each request log entry has the following fields, separated bywhitespace:.Pp.Bl -bullet -compact.ItClient IP address and the source port number, separated by a colon.It.Sy GETkeyword.ItRequest URL.ItResponse status.ItResponse meta.El.Sh EXAMPLESServe the current directory.Bd -literal -offset indent$ gmid ..Ed.PpTo serve the directory.Pa docsand enable CGI scripts inside.Pa docs/cgi.Bd -literal -offset indent$ mkdir docs/cgi$ cat <<EOF > docs/cgi/hello#!/bin/shprintf "20 text/plain\er\en"echo "hello world"EOF$ chmod +x docs/cgi/hello$ gmid -x '/cgi/*' docs.Ed.PpAn X.509 certificate must be provided to run.Nmusing a configuration file.First, the RSA certificate is created using a wildcard common name:.Bd -literal -offset indent# openssl genrsa \-out /etc/ssl/private/example.com.key 4096# openssl req \-new \-x509 \e\-key /etc/ssl/private/example.com.key \e\-out /etc/ssl/example.com.crt \e\-days 36500 \-nodes \e\-subj "/CN=example.com"# chmod 600 /etc/ssl/example.com.crt# chmod 600 /etc/ssl/private/example.com.key.Ed.PpIn the example above, a certificate is valid for one hundred years fromthe date it was created, which is normal for TOFU..PpThen, to run.Nmas a daemon:.Bd -literal -offset indent$ gmid -c /etc/gmid.conf.Ed.Sh SEE ALSO.Xr gmid.conf 5.Sh ACKNOWLEDGEMENTS.Nmuses the.Dq Flexible and EconomicalUTF-8 decoder written by.An Bjoern Hoehrmann ..Sh AUTHORS.An -nosplitThe.Nmprogram was written by.An Omar Polo Aq Mt op@omarpolo.com ..Sh CAVEATS.Bl -bullet.ItAll the root directories are opened during the daemon startup; if aroot directory is deleted and then re-created,.Nmwon't be able to serve files inside that directory until a restart.This restriction only applies to the root directories and not theircontent..Ita %2F sequence is indistinguishable from a literal slash: this is notRFC3986-compliant..Ita %00 sequence is treated as invalid character and thus rejected..El
Omar Polo