💾 Archived View for zozoandsqueak.ca › articles › tech › running-zozoandsqueak-pt-ii.gmi captured on 2023-01-29 at 15:34:28. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-06-03)

-=-=-=-=-=-=-

running zozoandsqueak pt ii

certificates (again)

well apparently i've done this all wrong. this tofu thing seems counter to everything i know about certificates, but i'll give it a go.

openssl req \
        -new \
        -subj "/CN=zozoandsqueak.ca" \
        -x509 \
        -newkey ec \
        -pkeyopt ec_paramgen_curve:prime256v1 \
        -days 1825 \
        -nodes \
        -out server.crt \
        -keyout server.key

this seems to be an acceptable way of doing that. i've dumped these in a new directory, so the server startup command is a bit different

docker run \
       -d \
       --restart=always \
       -v /home/user/certs:/certs \
       -e PORT=1965 \
       -e DOMAIN=zozoandsqueak.ca \
       -v /opt/zozoandsqueak/:/content \
       -p 1965:1965 \
       adrianhesketh/gemini:latest

reloading my homepage/capsule/whatever we call these thing displayed a certificate warning as expected, but as i'm almost entirely sure i'm the only one that knows this is here, that's an acceptable level of disruption.