commit c4b54e027b62d0ba6c6ebe1f71977ef53d8e8ee8 Author: n Date: Sat Feb 20 09:54:59 2021 +0100 initial commit diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..456c488 --- /dev/null +++ b/LICENSE @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2004 Sam Hocevar + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/freebsd.gmi b/freebsd.gmi new file mode 100644 index 0000000..db5fe7d --- /dev/null +++ b/freebsd.gmi @@ -0,0 +1,101 @@ +# Installing vger on FreeBSD, using inetd and nginx + +## Get the sources and compile 'em + +```shell +$ git clone https://tildegit.org/solene/vger.git +$ cd vger +$ make +$ sudo make install +``` + +## Create a dedicated user + +Create a user with no shell and no password +```shell +# adduser +Username: gemini +Full name: gemini +Uid (Leave empty for default): +Login group [gemini]: +Login group is gemini. Invite gemini into other groups? []: +Login class [default]: +Shell (sh csh tcsh bash rbash zsh rzsh git-shell nologin) [sh]: nologin +Home directory [/home/gemini]: +Home directory permissions (Leave empty for default): +Use password-based authentication? [yes]: no +Lock out the account after creation? [no]: +Username : gemini +Password : +Full Name : gemini +Uid : 1015 +Class : +Groups : gemini +Home : /home/gemini +Home Mode : +Shell : /usr/sbin/nologin +Locked : no +OK? (yes/no): yes +adduser: INFO: Successfully added (gemini) to the user database. +Add another user? (yes/no): no +Goodbye! +``` + +## Add a service + +inetd requires a defined service in /etc/services, so let's add it +``` +echo "gemini 11965/tcp">>/etc/services +``` + +## Activate and launch inetd + +* Add the following lines to /etc/inetd.conf. Adjust -d parameter to previously created user's home directory, don't forget the last slash: +``` +gemini stream tcp nowait gemini /usr/local/bin/vger vger -v -i -d /home/gemini/ +gemini stream tcp6 nowait gemini /usr/local/bin/vger vger -v -i -d /home/gemini/ +``` + +* Activate inetd either by issuing +```shell +# sysrc inetd_enable="YES" +``` + +or, if you use separate files: +``` +# echo "inetd_enable=\"YES\"">/usr/local/etc/rc.conf.d/inetd +``` + +* Finaly, launch inetd: +```shell +# service inetd start +``` + +## Use nginx as a "TLS Proxy" + +* Compile the port with the stream module +* Activate it in configuration file, and create a stream section at the same level as the http section used for your virtualhosts: + +``` +load_module /usr/local/libexec/nginx/ngx_stream_module.so; + +stream { + server { + listen 1965 ssl; + + ssl_certificate /path/to/cert.pem; + ssl_certificate_key /path/to/privkey.pem; + ssl_trusted_certificate /path/to/fullchain.pem; + + proxy_pass 127.0.0.1:11965; + } +} +``` + +# Usage + +vger's vhost parameter is set (-v), so we'll have to create one or more directories within gemini's home directory, -i (directory index) is also set, so creating an index.gmi is not mandatory. + +# Greetings + +Many many thanks to @solene@bsd.network for writing that wonderful little piece of software thas is vger, and @hucste@framapiaf.org for pointing it to me.