💾 Archived View for gemini.uxq.ch › running.gmi captured on 2021-12-03 at 12:44:48. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

Running geminid

This section describes the way I used to run geminid. Since then I have migrated to a systemd-based setup. Yeah, love it or hate it, it's what's available on my system at the time. You can read the details below.

I have created a new user "gemini", which is used to run the daemon (which doesn't daemonize yet...). Also, I have created the following directories:

My previous configuration for geminid (/usr/local/etc/geminid/geminid.conf) looked like this:

global = {
        serverroot = "/srv/geminid";
        logdir = "/var/log/geminid";
        loglocaltime = "yes";
        logtimeformat = "[%d/%b/%Y:%H:%M:%S %z]";
        port = 1965;
};

vhost = (
        {
                name = "gemini.uxq.ch";
                docroot = "gemini.uxq.ch";
                accesslog = "gemini.uxq.ch_access.log";
                errorlog = "gemini.uxq.ch_error.log";
                cert = "/usr/local/etc/geminid/certs/gemini.uxq.ch.pem";
                key = "/usr/local/etc/geminid/keys/gemini.uxq.ch.pem";
                index = "index.gmi";
        }
);

Furthermore it's missing a proper init script, but since the start of the process is pretty simple, I haven't taken the time to do that. I keep running the server in a screen-session in the context of the "gemini" user. Starting the server is done via

geminid -c /usr/local/etc/geminid/geminid.conf

Running with systemd

I've recently switched from a tiny virtual machine to bare metal, mainly because I have several services I want to run and some data which I want to be accessible from everywhere without NATing into my home network. I took the occasion to think about proper service start. Since I'm running OpenSUSE on this machine, it was clear that the solution would involve systemd in some way.

I also wanted to keep things separated, so running the daemon in a chroot seemed reasonable.

I created a user and a corresponding group:

# useradd -d /users/gemini -m -U -s /usr/bin/csh gemini

Then I built the geminid binary and built a directory structure:

# su - gemini
$ mkdir -p bin etc/geminid/{keys,certs} lib64 src srv/geminid/gemini.ux{q,w}.ch var/log/geminid
$ cd src
$ git clone https://github.com/jovoro/geminid.git geminid-code
$ cd geminid-code
$ make
$ mv geminid ~/bin

I used ldd to identify the needed libraries and copied them over to the chroot:

$ cd
$ ldd bin/geminid
$ cp /usr/lib64/libconfig.so.11 /usr/lib64/libmagic.so.1 /usr/lib64/libssl.so.1.1 /usr/lib64/libcrypto.so.1.1 /lib64/libc.so.6 /lib64/libz.so.1 /lib64/libpthread.so.0 /lib64/libdl.so.2 /lib64/ld-linux-x86-64.so.2 lib64

After that I copied the content over and moved the configuration file to ~/etc/geminid. The next step was to test running geminid in a chroot environment:

# chroot --userspec=gemini:gemini /users/gemini /bin/geminid -c /etc/geminid/geminid.conf

Which seemd to work, so the final step was to write corresponding instructions for systemd. The resulting unit file looks like this:

[Unit]
Description=Geminid, a gemini server written in C
After=network.target

[Service]
Type=simple
User=gemini
Group=gemini
RootDirectory=/users/gemini
ExecStart=/bin/geminid -c /etc/geminid/geminid.conf

[Install]
WantedBy=multi-user.target

Now systemd handles the starting and stopping of a chrooted geminid, which is kind of relaxing. I might get to write some examples for other init systems and put them into the repository, but that has to wait a little longer.

Last updated: 2021-11-12