1 
2 # NAME
3 
4 **gmid** - dead simple zero configuration gemini server
5 
6 # SYNOPSIS
7 
8 **gmid**
9 \[**-h**]
10 \[**-c** *cert.pem*]
11 \[**-d** *docs*]
12 \[**-k** *key.pem*]
13 \[**-l** *logfile*]
14 \[**-x** *cgi-bin*]
15 
16 # DESCRIPTION
17 
18 **gmid**
19 is a very simple and minimal gemini server that can serve static files
20 and execute CGI scripts.
21 
22 **gmid**
23 will strip any sequence of
24 *../*
25 or trailing
26 *..*
27 in the requests made by clients and will refuse to follow symlinks.
28 Furthermore, on
29 OpenBSD,
30 pledge(2)
31 and
32 unveil(2)
33 are used to ensure that
34 **gmid**
35 dosen't do anything else than read files from the given directory,
36 accept network connections and, optionally, execute CGI scripts.
37 
38 It should be noted that
39 **gmid**
40 is very simple in its implementation, and so it may not be appropriate
41 for serving sites with lots of users.
42 After all, the code is single threaded and use a single process,
43 although it can handle multiple requests concurrently.
44 
45 If a user request path is a directory,
46 **gmid**
47 will try to serve a
48 *index.gmi*
49 file inside that directory.
50 
51 The options are as follows:
52 
53 **-c** *cert.pem*
54 
55 > The certificate to use, by default is
56 > *cert.pem*.
57 
58 **-d** *docs*
59 
60 > The root directory to serve.
61 > **gmid**
62 > won't serve any file that is outside that directory.
63 > By default is
64 > *docs*.
65 
66 **-h**
67 
68 > Print the usage and exit.
69 
70 **-k** *key.pem*
71 
72 > The key for the certificate, by default is
73 > *key.pem*.
74 
75 **-l** *logfile*
76 
77 > log to the given file instead of the standard error.
78 
79 **-x** *dir*
80 
81 > Enable execution of CGI scripts inside the given directory (relative
82 > to the document root.)  Cannot be provided more than once.
83 
84 # CGI
85 
86 When CGI scripts are enabled for a directory, a request for an
87 executable file will execute it and fed its output to the client.
88 
89 The CGI scripts will inherit the environment from
90 **gmid**
91 with these additional variables set:
92 
93 `SERVER_SOFTWARE`
94 
95 > "gmid"
96 
97 `SERVER_PORT`
98 
99 > "1965"
100 
101 `SCRIPT_NAME`
102 
103 > The (public) path to the script.
104 
105 `SCRIPT_EXECUTABLE`
106 
107 > The full path to the executable.
108 
109 `REQUEST_URI`
110 
111 > The user request (without the query parameters.)
112 
113 `REQUEST_RELATIVE`
114 
115 > The request relative to the script.
116 
117 `QUERY_STRING`
118 
119 > The query parameters.
120 
121 `REMOTE_HOST`
122 
123 > The remote IP address.
124 
125 `DOCUMENT_ROOT`
126 
127 > The root directory being served, the one provided with the
128 > *d*
129 > parameter to
130 > **gmid**
131 
132 Let's say you have a script in
133 */cgi-bin/script*
134 and the user request is
135 */cgi-bin/script/foo/bar?quux*.
136 Then
137 `SCRIPT_NAME`
138 will be
139 */cgi-bin/script*,
140 `SCRIPT_EXECUTABLE`
141 will be
142 *$DOCUMENT\_ROOT/cgi-bin/script*,
143 `REQUEST_URI`
144 will be
145 */cgi-bin/script/foo/bar*,
146 `REQUEST_RELATIVE`
147 will be
148 *foo/bar and*
149 `QUERY_STRING`
150 will be
151 *quux*.
152 
153 # EXAMPLES
154 
155 To quickly getting started
156 
157 	$ # generate a cert and a key
158 	$ openssl req -x509 -newkey rsa:4096 -keyout key.pem \
159 	        -out cert.pem -days 365 -nodes
160 	$ mkdir docs
161 	$ cat <<EOF > docs/index.gmi
162 	# Hello world
163 	test paragraph...
164 	EOF
165 	$ gmid -c cert.pem -k key.pem -d docs
166 
167 Now you can visit gemini://localhost/ with your preferred gemini
168 client.
169 
170 To add some CGI scripts, assuming a setup similar to the previous
171 example, you can
172 
173 	$ mkdir docs/cgi-bin
174 	$ cat <<EOF > docs/cgi-bin/hello-world
175 	#!/bin/sh
176 	printf "20 text/plain\r\n"
177 	echo "hello world!"
178 	EOF
179 	$ gmid -x cgi-bin
180 
181 Note that the argument to the
182 **-x**
183 option is
184 *cgi-bin*
185 and not
186 *docs/cgi-bin*,
187 since it's relative to the document root.
188 
189 # CAVEATS
190 
191 *	it doesn't support virtual hosts: the host part of the request URL is
192 	completely ignored.
193 
194 *	it doesn't fork in the background or anything like that.
195