commit - 2ae10bb4ee41cd16a6f2abdb6196ab515818aa32
commit + 33c4c3a5ba6331d7140be52dc3a4612abc07694d
blob - 61e3f649748592e6728edfeec760c19aaa0fa1e6
blob + 95bbd29ce08dcf882f35e66c7be595ad25247cae
--- site/quickstart.gmi
+++ site/quickstart.gmi
# /etc/gmid.conf
server "example.com" {
- cert "/path/to/certificate"
- key "/path/to/private-key"
+ cert "/etc/ssl/example.com.pem"
+ key "/etc/ssl/private/example.com.key"
+
+ # path to the root directory of your capsule
root "/var/gemini/example.com"
}
```
-You also need to generate a certificate for the capsule. A X.509 (TLS) certificate can be generated for e.g. with contrib/gencert
+A certificate is needed for the capsule. Generate one for e.g. using contrib/gencert:
=> https://git.omarpolo.com/gmid/tree/contrib/gencert contrib/gencert
./example.com.key : private key
```
-Optionally, move ‘example.com.pem’ and ‘example.com.key’ to another location.
+Move ‘example.com.pem’ and ‘example.com.key’ to a safe place and double check that the ‘cert’ and ‘key’ options in the configuration points to these files.
-Make sure that the ‘cert’ and ‘key’ options in the configuration file points to these files.
+For example, save them in ‘/etc/ssl/’ (as root)
+```how to save the certificate and private key in /etc/ssl
+# mkdir -p /etc/ssl/private
+# chown 700 /etc/ssl/private
+# mv example.com.pem /etc/ssl/
+# mv example.com.key /etc/ssl/private/
+```
+
Then running gmid is as easy as
```running gmid
gmid employs various techniques to prevent the damage caused by bugs, but some steps needs to be done manually.
-If gmid was installed from your distribution package manager, chance are that it already does all of this and is also providing a service to run gmid automatically (e.g. a systemd unit file, a rc script, …) Otherwise, it’s heavily suggested to create at least a dedicated user.
+If gmid was installed from your distribution package manager, chance are that it already does all of this and is also providing a service to run gmid automatically (e.g. a rc script, a systemd unit file, …) Otherwise, it’s heavily suggested to create at least a dedicated user.
### A dedicated user
blob - 470db033e31872a7d7a0057d5ce83c3a3fa2d656
blob + ded73b32f02c8a948c0dae2f0534edd821f994d3
--- site/quickstart.html
+++ site/quickstart.html
<pre># /etc/gmid.conf
server "example.com" {
- cert "/path/to/certificate"
- key "/path/to/private-key"
+ cert "/etc/ssl/example.com.pem"
+ key "/etc/ssl/private/example.com/key"
+
+ # path to the root directory of your capsule
root "/var/gemini/example.com"
}</pre>
<p>
- You also need to generate a certificate for the capsule. A
- X.509 (TLS) certificate can be generated for e.g. with
+ A certificate is needed for the capsule. Generate one for
+ e.g. using
<a href="https://git.omarpolo.com/gmid/tree/contrib/gencert">contrib/gencert</a>:
</p>
<pre>$ ./contrib/gencert example.com
./example.com.pem : certificate
./example.com.key : private key</pre>
<p>
- Optionally, move ‘example.com.pem’ and ‘example.com.key’ to
- another location.
+ Move ‘example.com.pem’ and ‘example.com.key’ to a safe place and
+ double check that the ‘cert’ and ‘key’ options in the
+ configuration points to these files.
</p>
+ <p>For example, save them in ‘/etc/ssl/’ (as root)</p>
+ <pre># mkdir -p /etc/ssl/private
+# chown 700 /etc/ssl/private
+# mv example.com.pem /etc/ssl/
+# mv example.com.key /etc/ssl/private/</pre>
<p>
Make sure that the ‘cert’ and ‘key’ options in the configuration
file points to these files.
<p>
If gmid was installed from your distribution package manager,
chance are that it already does all of this and is also
- providing a service to run gmid automatically (e.g. a systemd
- unit file, a rc script, …) Otherwise, it’s heavily suggested to
+ providing a service to run gmid automatically (e.g. a rc script,
+ a systemd unit file …) Otherwise, it’s heavily suggested to
create at least a dedicated user.
</p>
<h3>A dedicated user</h3>