💾 Archived View for zaibatsu.circumlunar.space › ~visiblink › phlog › 20210117 captured on 2024-08-25 at 02:41:36.
View Raw
More Information
⬅️ Previous capture (2021-12-03)
-=-=-=-=-=-=-
This morning I set up Solderpunk's GeGoBi on my personal server to
mirror my gopher content to gemini. It's a great complement to
Pygopherd. Between Pygopherd and GeGoBi, my gopher hole is served to
gopher, http (on port 70), and gemini. I may yet add Shizaru and a
gophermap conversion script so that the gopher hole is mirrored on port
443 as well.
Here are the details of my GeGoBi setup on Debian 10. I suspect
there might be others out there who want to do the same thing.
Note that I was logged in as root when I did everything in part I. Then
I shut it all down and set GeGoBi up to run as a regular user and start
automatically in part II.
Part I: GeGoBi Setup
====================
1. Download GeGoBi from https://tildegit.org/solderpunk/gegobi
2. Unzip the contents to /opt/gegobi
You should have the following files in /opt/gegobi:
gegobi.py
LICENSE
README.md
3. Enter the directory and generate the SSL certificate and key that
you'll need for the gemini server. I figured it was easiest to keep
these files in the /opt/gegobi directory because I don't need them for
anything else.
Enter the following command:
openssl req -new -x509 -newkey ec \
-pkeyopt ec_paramgen_curve:prime256v1 \
-days 1825 -nodes -out cert.pem -keyout key.pem
In the dialog that follows, you can just enter a period to avoid
answering most of the questions, but it's probably best to enter your
server address under Common Name. In my case, I did this:
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:gopher.visiblink.ca
Email Address []:.
- I found this on Alex Schroeder's site (Thanks Alex!):
https://alexschroeder.ch/wiki/2020-07-20_Does_a_Gemini_certificate_need_a_Common_Name_matching_the_domain%3f
4. Figure out the command-line switches you'll need when you launch
gegobi.py. These are the options:
--base [BASE] Gopherhole base directory.
--cert [CERT] TLS certificate file.
--host HOST Hostname of Gemini server.
--key [KEY] TLS private key file.
--local Serve only on 127.0.0.1.
--port [PORT] TCP port to serve on.
--redirects [REDIRECTS]
File to read redirect definitions from.
--tilde [TILDE] Home subdirectory to map tilde URLs to.
My gopher content is in /var/gopher, so I ended up with this combination
of command-line switches, which works, as long as you're in /opt/gegobi
when you enter it:
./gegobi.py --base /var/gopher --cert cert.pem --key key.pem --host gopher.visiblink.ca --port 1965
5. Open port 1965 in your firewall.
ufw allow 1965
6. Set up port forwarding on the router. Once you've done that, the
world should be able to see your gopher content on gemini! You can
verify that by visiting your gopher hole from a gemini proxy.
7. Shut GeGoBi down. Don't run GeGoBi as root on a regular basis.
Part II: Setup GeGoBi to be run by a regular user and autostart with systemd
============================================================================
Systemd unit files -- which allow you to autostart GeGoBi -- don't
accept command-line switches, but you can still get them to work by
assigning them to variables in a config file.
1. Make a file in your /opt/gegobi directory called .conf
This file will hold the command-line switches you figured out in Part I.
Alter it to meet your specific requirements.
Here are the contents of my .conf (you may need to change the base
directory and you _will_ need to change the hostname):
ARG1=--base /var/gopher
ARG2=--cert /opt/gegobi/cert.pem
ARG3=--key /opt/gegobi/key.pem
ARG4=--host gopher.visiblink.ca
ARG5=--port 1965
2. Navigate to /etc/systemd/system/
3. Create a file called gegobi.service
Enter the following in the file:
[Unit]
Description=Run GeGoBi as a regular user
[Service]
Type=simple
User=your_username
Restart=always
EnvironmentFile=/opt/gegobi/.conf
ExecStart=/usr/bin/python3 /opt/gegobi/gegobi.py $ARG1 $ARG2 $ARG3 $ARG4 $ARG5
TimeoutStartSec=0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
4. Change the ownership of all of the files in /opt/gegobi/ to the
regular (non-root) user you have chosen to run gegobi.
chown your_username:your_username /opt/gegobi/*
You might have to change the ownership of the hidden /opt/gegobi/.conf
file separately. I can't remember if the wildcard changed it or not.
5. Make GeGoBi run as a daemon:
First, reload the daemon service files:
systemctl daemon-reload
Then you can start GeGoBi:
systemctl start gegobi.service
Finally, set GeGoBi to start up automatically with your server:
systemctl enable gegobi.service