Blob


1 .\" Copyright (c) 2021, 2022 Omar Polo <op@omarpolo.com>
2 .\"
3 .\" Permission to use, copy, modify, and distribute this software for any
4 .\" purpose with or without fee is hereby granted, provided that the above
5 .\" copyright notice and this permission notice appear in all copies.
6 .\"
7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
10 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
12 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
13 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
14 .Dd September 8, 2022
15 .Dt GMID 8
16 .Os
17 .Sh NAME
18 .Nm gmid
19 .Nd simple and secure Gemini server
20 .Sh SYNOPSIS
21 .Nm
22 .Bk -words
23 .Op Fl dhnVv
24 .Op Fl D Ar macro Ns = Ns Ar value
25 .Op Fl f Ar config
26 .Op Fl P Ar pidfile
27 .Ek
28 .Sh DESCRIPTION
29 .Nm
30 is a simple and minimal gemini server that can serve static files,
31 talk to FastCGI applications and act as a gemini reverse proxy.
32 It can run without a configuration file with a limited set of features
33 available.
34 .Pp
35 .Nm
36 rereads the configuration file when it receives
37 .Dv SIGHUP .
38 .Pp
39 The options are as follows:
40 .Bl -tag -width 14m
41 .It Fl D Ar macro Ns = Ns Ar value
42 Define
43 .Ar macro
44 to be set to
45 .Ar value
46 on the command line.
47 Overrides the definition of
48 .Ar macro
49 in the config file if present.
50 .It Fl d
51 Debug mode.
52 Do not daemonize and log to stderr.
53 .It Fl f Ar config
54 Specifies the configuration file.
55 The default is
56 .Pa /etc/gmid.conf .
57 .It Fl h , Fl -help
58 Print the usage and exit.
59 .It Fl n
60 Check that the configuration is valid, but don't start the server.
61 If specified two or more time, dump the configuration in addition to
62 verify it.
63 .It Fl P Ar pidfile
64 Write daemon's pid to the given location.
65 .Ar pidfile
66 will also act as lock: if another process is holding a lock on that
67 file,
68 .Nm
69 will refuse to start.
70 .It Fl V , Fl -version
71 Print the version and exit.
72 .It Fl v
73 Verbose mode.
74 Multiple
75 .Fl v
76 options increase the verbosity.
77 .El
78 .Sh LOGGING
79 Messages and requests are logged by
80 .Xr syslog 3
81 using the
82 .Dv DAEMON
83 facility or printed on
84 .Em stderr .
85 .Pp
86 Requests are logged with the
87 .Dv NOTICE
88 severity.
89 Each request log entry has the following fields, separated by
90 whitespace:
91 .Pp
92 .Bl -bullet -compact
93 .It
94 Client IP address and the source port number, separated by a colon
95 .It
96 .Sy GET
97 keyword
98 .It
99 Request URL
100 .It
101 Response status
102 .It
103 Response meta
104 .El
105 .Sh EXAMPLES
106 To run
107 .Nm
108 a configuration file and a X.509 certificate must be provided.
109 A self-signed certificate, which are commonly used in the Geminispace,
110 can be generated using for e.g.\&
111 .Xr openssl 1 :
112 .Bd -literal -offset indent
113 # openssl req \-x509 \-newkey rsa:4096 \-nodes \e
114 \-keyout /etc/ssl/private/example.com.key \e
115 \-out /etc/ssl/example.com.pem \e
116 \-days 365 \-subj "/CN=example.com"
117 # chmod 600 /etc/ssl/example.com.crt
118 # chmod 600 /etc/ssl/private/example.com.key
119 .Ed
120 .Pp
121 Then
122 .Nm
123 can be started with
124 .Bd -literal -offset indent
125 # gmid -c /etc/gmid.conf
126 .Ed
127 .Sh SEE ALSO
128 .Xr gmid.conf 5
129 .Sh ACKNOWLEDGEMENTS
130 .Nm
131 uses the
132 .Dq Flexible and Economical
133 UTF-8 decoder written by
134 .An Bjoern Hoehrmann .
135 .Sh AUTHORS
136 .An -nosplit
137 The
138 .Nm
139 program was written by
140 .An Omar Polo Aq Mt op@omarpolo.com .
141 .Sh CAVEATS
142 .Bl -bullet
143 .It
144 All the root directories are opened during the daemon startup; if a
145 root directory is deleted and then re-created,
146 .Nm
147 won't be able to serve files inside that directory until a restart.
148 This restriction only applies to the root directories and not their
149 content.
150 .It
151 a %2F sequence is indistinguishable from a literal slash: this is not
152 RFC3986-compliant.
153 .It
154 a %00 sequence is treated as invalid character and thus rejected.
155 .El