initial commit

This commit is contained in:
n 2021-02-20 09:54:59 +01:00
commit c4b54e027b
2 changed files with 114 additions and 0 deletions

13
LICENSE Normal file
View file

@ -0,0 +1,13 @@
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
Version 2, December 2004
Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
Everyone is permitted to copy and distribute verbatim or modified
copies of this license document, and changing it is allowed as long
as the name is changed.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. You just DO WHAT THE FUCK YOU WANT TO.

101
freebsd.gmi Normal file
View file

@ -0,0 +1,101 @@
# Installing vger on FreeBSD, using inetd and nginx
## Get the sources and compile 'em
```shell
$ git clone https://tildegit.org/solene/vger.git
$ cd vger
$ make
$ sudo make install
```
## Create a dedicated user
Create a user with no shell and no password
```shell
# adduser
Username: gemini
Full name: gemini
Uid (Leave empty for default):
Login group [gemini]:
Login group is gemini. Invite gemini into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash rbash zsh rzsh git-shell nologin) [sh]: nologin
Home directory [/home/gemini]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]: no
Lock out the account after creation? [no]:
Username : gemini
Password : <disabled>
Full Name : gemini
Uid : 1015
Class :
Groups : gemini
Home : /home/gemini
Home Mode :
Shell : /usr/sbin/nologin
Locked : no
OK? (yes/no): yes
adduser: INFO: Successfully added (gemini) to the user database.
Add another user? (yes/no): no
Goodbye!
```
## Add a service
inetd requires a defined service in /etc/services, so let's add it
```
echo "gemini 11965/tcp">>/etc/services
```
## Activate and launch inetd
* Add the following lines to /etc/inetd.conf. Adjust -d parameter to previously created user's home directory, don't forget the last slash:
```
gemini stream tcp nowait gemini /usr/local/bin/vger vger -v -i -d /home/gemini/
gemini stream tcp6 nowait gemini /usr/local/bin/vger vger -v -i -d /home/gemini/
```
* Activate inetd either by issuing
```shell
# sysrc inetd_enable="YES"
```
or, if you use separate files:
```
# echo "inetd_enable=\"YES\"">/usr/local/etc/rc.conf.d/inetd
```
* Finaly, launch inetd:
```shell
# service inetd start
```
## Use nginx as a "TLS Proxy"
* Compile the port with the stream module
* Activate it in configuration file, and create a stream section at the same level as the http section used for your virtualhosts:
```
load_module /usr/local/libexec/nginx/ngx_stream_module.so;
stream {
server {
listen 1965 ssl;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_trusted_certificate /path/to/fullchain.pem;
proxy_pass 127.0.0.1:11965;
}
}
```
# Usage
vger's vhost parameter is set (-v), so we'll have to create one or more directories within gemini's home directory, -i (directory index) is also set, so creating an index.gmi is not mandatory.
# Greetings
Many many thanks to @solene@bsd.network for writing that wonderful little piece of software thas is vger, and @hucste@framapiaf.org for pointing it to me.