Blob

Date:
Message:
update gmid.8 - it doesn't run anymore without a config file - a reload is enough to re-open the directories. This last point in particular was done this way to allow using capsicum(4) on FreeBSD, something that is currently impossible. I may just remove it.
Actions:
History | Blame | Raw File
1 .\" Copyright (c) 2021, 2022, 2023 Omar Polo <op@omarpolo.com>

2 .\"

3 .\" Permission to use, copy, modify, and distribute this software for any

4 .\" purpose with or without fee is hereby granted, provided that the above

5 .\" copyright notice and this permission notice appear in all copies.

6 .\"

7 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

8 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

9 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

10 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

11 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

12 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

13 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

14 .Dd June 24, 2023

15 .Dt GMID 8

16 .Os

17 .Sh NAME

18 .Nm gmid

19 .Nd simple and secure Gemini server

20 .Sh SYNOPSIS

21 .Nm

22 .Bk -words

23 .Op Fl fhnVv

24 .Op Fl c Ar config

25 .Op Fl D Ar macro Ns = Ns Ar value

26 .Op Fl P Ar pidfile

27 .Ek

28 .Sh DESCRIPTION

29 .Nm

30 is a simple and minimal gemini server that can serve static files,

31 talk to FastCGI applications and act as a gemini reverse proxy.

32 .Pp

33 .Nm

34 rereads the configuration file when it receives

35 .Dv SIGHUP .

36 .Pp

37 The options are as follows:

38 .Bl -tag -width 14m

39 .It Fl c Ar config

40 Specifies the configuration file.

41 The default is

42 .Pa /etc/gmid.conf .

43 .It Fl D Ar macro Ns = Ns Ar value

44 Define

45 .Ar macro

46 to be set to

47 .Ar value

48 on the command line.

49 Overrides the definition of

50 .Ar macro

51 in the config file if present.

52 .It Fl f

53 Stays and logs on the foreground.

54 .It Fl h , Fl -help

55 Print the usage and exit.

56 .It Fl n

57 Check that the configuration is valid, but don't start the server.

58 If specified two or more time, dump the configuration in addition to

59 verify it.

60 .It Fl P Ar pidfile

61 Write daemon's pid to the given location.

62 .Ar pidfile

63 will also act as lock: if another process is holding a lock on that

64 file,

65 .Nm

66 will refuse to start.

67 .It Fl V , Fl -version

68 Print the version and exit.

69 .It Fl v

70 Verbose mode.

71 Multiple

72 .Fl v

73 options increase the verbosity.

74 .El

75 .Sh LOGGING

76 Messages and requests are logged by

77 .Xr syslog 3

78 using the

79 .Dv DAEMON

80 facility or printed on

81 .Em stderr .

82 .Pp

83 Requests are logged with the

84 .Dv NOTICE

85 severity.

86 Each request log entry has the following fields, separated by

87 whitespace:

88 .Pp

89 .Bl -bullet -compact

90 .It

91 Client IP address and the source port number, separated by a colon

92 .It

93 .Sy GET

94 keyword

95 .It

96 Request URL

97 .It

98 Response status

99 .It

100 Response meta

101 .El

102 .Sh EXAMPLES

103 To run

104 .Nm

105 a configuration file and a X.509 certificate must be provided.

106 A self-signed certificate, which are commonly used in the Geminispace,

107 can be generated using for e.g.\&

108 .Xr openssl 1 :

109 .Bd -literal -offset indent

110 # openssl req \-x509 \-newkey rsa:4096 \-nodes \e

111 	\-keyout /etc/ssl/private/example.com.key \e

112 	\-out /etc/ssl/example.com.pem \e

113 	\-days 365 \-subj "/CN=example.com"

114 # chmod 600 /etc/ssl/example.com.crt

115 # chmod 600 /etc/ssl/private/example.com.key

116 .Ed

117 .Pp

118 Then

119 .Nm

120 can be started with

121 .Bd -literal -offset indent

122 # gmid -c /etc/gmid.conf

123 .Ed

124 .Sh SEE ALSO

125 .Xr gmid.conf 5

126 .Sh ACKNOWLEDGEMENTS

127 .Nm

128 uses the

129 .Dq Flexible and Economical

130 UTF-8 decoder written by

131 .An Bjoern Hoehrmann .

132 .Sh AUTHORS

133 .An -nosplit

134 The

135 .Nm

136 program was written by

137 .An Omar Polo Aq Mt op@omarpolo.com .

138 .Sh CAVEATS

139 .Bl -bullet

140 .It

141 All the root directories are opened during the daemon configuration;

142 if a root directory is deleted and then re-created,

143 .Nm

144 won't be able to serve files inside that directory until a reload.

145 This restriction only applies to the root directories and not their

146 content.

147 .It

148 a %2F sequence is indistinguishable from a literal slash: this is not

149 RFC3986-compliant.

150 .It

151 a %00 sequence is treated as invalid character and thus rejected.

152 .El