💾 Archived View for gemini.conman.org › sourcecode › sample-conf.lua captured on 2021-12-17 at 13:26:06.
⬅️ Previous capture (2021-11-30)
-=-=-=-=-=-=-
-- ************************************************************************ -- -- Sample config file -- Copyright 2019 by Sean Conner. All Rights Reserved. -- -- This program is free software: you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by -- the Free Software Foundation, either version 3 of the License, or -- (at your option) any later version. -- -- This program is distributed in the hope that it will be useful, -- but WITHOUT ANY WARRANTY; without even the implied warranty of -- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- GNU General Public License for more details. -- -- You should have received a copy of the GNU General Public License -- along with this program. If not, see <http://www.gnu.org/licenses/>. -- -- Comments, questions and criticisms can be sent to: sean@conman.org -- -- ************************************************************************ -- luacheck: globals syslog address cgi scgi hosts -- luacheck: globals mime index no_access extension -- luacheck: globals language charset -- luacheck: ignore 611 -- ************************************************************************ -- syslog() definition block, optional, global only, default values -- ************************************************************************ syslog = { ident = 'gemini', -- ID of server facility = 'daemon', -- syslog facility to log under } -- ************************************************************************ -- address---optional, global or host, default value -- -- This should work fine on all systems, creating a listening socket bound -- to all active interfaces. If you only have IPv4, use "0.0.0.0:1965" to -- bind to all active interfaces. This can be a specific address if you -- don't want to bind all active interfaces. -- -- You do need to specify both the address (and it can be a hostname) AND -- the port number. If either is missing, then an error will be raised and -- the program will not run. The values here, both address and port, will -- become the default values if not specified in the hosts block. -- -- WARNING: beware of using a default address and binding to specific -- addresses in some hosts---either use the default address only, or specify -- an address for every host. Trying to mix the two may lead to anger, and -- anger leads to hate, and hate leads to suffering. Don't be lead to -- suffering. -- -- You have been warned. -- ************************************************************************ address = "[::]:1965" -- ************************************************************************ -- CGI definition block, optional, global, host, or filesystem handler, -- no default values -- -- Any file found with the executable bit set is considered a CGI script and -- will be executed as such. This module implements the CGI standard as -- defined in RFC-3875. The script will be executed, and any output will be -- sent to the Gemini client. The following environment variables will be -- defined: -- -- GEMINI_DOCUMENT_ROOT Top level directory of site -- GEMINI_SCRIPT_FILENAME The full path of the script being run -- GEMINI_URL_PATH The path portion of the URL -- GEMINI_URL The full URL of the request -- GATEWAY_INTERFACE Will be set to "CGI/1.1" -- PATH_INFO May be set (see RFC-3875 for details) -- PATH_TRANSLATED May be set (see RFC-3875 for deatils) -- QUERY_STRING Will be set to the passed in query string, or "" -- REMOTE_ADDR IP address of the client -- REMOTE_HOST IP address of the client (allowed in RFC-3875) -- REQUEST_METHOD "", as there are no requests types -- SCRIPT_NAME Name of the script per the URL path -- SERVER_NAME Domain -- SERVER_PORT Server connection port number -- SERVER_PROTOCOL Will be set to "GEMINI" -- SRVER_SOFTWARE Will be set to "GLV-1.12556/1" -- -- AUTH_TYPE If client certificate, set to "Certificate" -- REMOTE_USER If client certificate, set to the subject CN -- -- In addition, scripts written for a webserver can also be used. If such -- scripts are used, addtional headers will be set: -- -- REQUEST_METHOD Will be changed to "GET" -- SERVER_PROTOCOL Will be changed to "HTTP/1.0" -- HTTP_ACCEPT Will be set to "*/*" -- HTTP_ACCEPT_LANGUAGE Will be set to "*" -- HTTP_CONNECTION Will be set to "close" -- HTTP_REFERER Will be set to "" -- HTTP_USER_AGENT Will be set to "" -- -- Also, if HTTP based CGI scripts expect Apache-specific headers to be set, -- those too can be specified and the following will be set: -- -- DOCUMENT_ROOT Will be set to the top level directory being served -- CONTEXT_DOCUMENT_ROOT Will be set to the top level directory begin served -- CONTENT_PREFIX Will be set to "" -- SCRIPT_FILENAME The full path of the script being run -- -- If a certificate is required to run the script, and if it is so desired, -- the following environment variables can be set: -- -- TLS_CIPHER Cipher being used -- TLS_VERSION Version of TLS being used -- TLS_CLIENT_HASH Hash of the certificate -- TLS_CLIENT_ISSUER The x509 Issuer of the certificate -- TLS_CLIENT_ISSUER_* The x509 Issuer subfields -- TLS_CLIENT_SUBJECT The x509 Distinguished Name -- TLS_CLIENT_SUBJECT_* Various Distinguished Name subfields -- TLS_CLIENT_NOT_BEFORE Starting date of certificate -- TLS_CLIENT_NOT_AFTER Ending date of certificate -- TLS_CLIENT_REMAIN Number of days left for certificate -- -- If the script is expecting Apache style environment variables, those -- can be set instead: -- -- SSL_CIPHER aka TLS_CIPHER -- SSL_PROTOCOL aka TLS_VERSION -- SSL_CLIENT_I_DN ala TLS_CLIENT_ISSUER -- SSL_CLIENT_I_DN_* aka TLS_CLIENT_ISSUER_* -- SSL_CLIENT_S_DN aka TLS_CLIENT_SUBJECT -- SSL_CLIENT_S_DN_* aka TLS_CLIENT_SUBJECT_* -- SSL_CLIENT_V_START aka TLS_CLIENT_NOT_BEFORE -- SSL_CLIENT_V_END aka TLS_CLIENT_NOT_AFTER -- SSL_CLIENT_V_REMAIN aka TLS_CLIENT_REMAIN -- SSL_TLS_SNI aka SERVER_NAME -- -- Settings can be overwritten per site and per script. -- ************************************************************************ cgi = { -- ----------------------------------------------------------------- -- The following variables apply to ALL CGI scripts. They are all -- optional, and do not need to be defined. -- ----------------------------------------------------------------- http = false, -- (default value) use HTTP specific variables apache = false, -- (default value) use Aapche specific variables envtls = false, -- (default value) include details from TLS certificate -- ------------------------------------------------------------------ -- Additional environment variables can be set. The following list -- is probably what would be nice to have (no default values). -- ------------------------------------------------------------------ env = { PATH = "/usr/local/bin:/usr/bin:/bin", LANG = "en_US.UTF-8", SETTING = "global", }, -- ----------------------------------------------------------------- -- The instance block allow you to define values per CGI script -- (no default values). -- ----------------------------------------------------------------- instance = { ['^/private/index.gemini