💾 Archived View for zozoandsqueak.ca › articles › tech › running-zozoandsqueak-pt-ii.gmi captured on 2023-01-29 at 15:34:28. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-06-03)
-=-=-=-=-=-=-
well apparently i've done this all wrong. this tofu thing seems counter to everything i know about certificates, but i'll give it a go.
openssl req \ -new \ -subj "/CN=zozoandsqueak.ca" \ -x509 \ -newkey ec \ -pkeyopt ec_paramgen_curve:prime256v1 \ -days 1825 \ -nodes \ -out server.crt \ -keyout server.key
this seems to be an acceptable way of doing that. i've dumped these in a new directory, so the server startup command is a bit different
docker run \ -d \ --restart=always \ -v /home/user/certs:/certs \ -e PORT=1965 \ -e DOMAIN=zozoandsqueak.ca \ -v /opt/zozoandsqueak/:/content \ -p 1965:1965 \ adrianhesketh/gemini:latest
reloading my homepage/capsule/whatever we call these thing displayed a certificate warning as expected, but as i'm almost entirely sure i'm the only one that knows this is here, that's an acceptable level of disruption.