💾 Archived View for zaibatsu.circumlunar.space › ~visiblink › phlog › 20210117 captured on 2024-08-25 at 02:41:36.

View Raw

More Information

⬅️ Previous capture (2021-12-03)

-=-=-=-=-=-=-

This morning I set up Solderpunk's GeGoBi on my personal server to 
mirror my gopher content to gemini. It's a great complement to 
Pygopherd. Between Pygopherd and GeGoBi, my gopher hole is served to 
gopher, http (on port 70), and gemini. I may yet add Shizaru and a 
gophermap conversion script so that the gopher hole is mirrored on port 
443 as well.

Here are the details of my GeGoBi setup on Debian 10. I suspect 
there might be others out there who want to do the same thing.

Note that I was logged in as root when I did everything in part I. Then 
I shut it all down and set GeGoBi up to run as a regular user and start 
automatically in part II.


Part I: GeGoBi Setup
====================


1. Download GeGoBi from https://tildegit.org/solderpunk/gegobi


2. Unzip the contents to /opt/gegobi

You should have the following files in /opt/gegobi:

gegobi.py
LICENSE
README.md


3. Enter the directory and generate the SSL certificate and key that 
you'll need for the gemini server. I figured it was easiest to keep 
these files in the /opt/gegobi directory because I don't need them for 
anything else.

Enter the following command: 

openssl req -new -x509 -newkey ec \
-pkeyopt ec_paramgen_curve:prime256v1 \
-days 1825 -nodes -out cert.pem -keyout key.pem

In the dialog that follows, you can just enter a period to avoid 
answering most of the questions, but it's probably best to enter your 
server address under Common Name. In my case, I did this:

Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (e.g. server FQDN or YOUR name) []:gopher.visiblink.ca
Email Address []:.


https://alexschroeder.ch/wiki/2020-07-20_Does_a_Gemini_certificate_need_a_Common_Name_matching_the_domain%3f


4. Figure out the command-line switches you'll need when you launch 
gegobi.py. These are the options:

  --base [BASE]         Gopherhole base directory.
  --cert [CERT]         TLS certificate file.
  --host HOST           Hostname of Gemini server.
  --key [KEY]           TLS private key file.
  --local               Serve only on 127.0.0.1.
  --port [PORT]         TCP port to serve on.
  --redirects [REDIRECTS]
                        File to read redirect definitions from.
  --tilde [TILDE]       Home subdirectory to map tilde URLs to.

My gopher content is in /var/gopher, so I ended up with this combination 
of command-line switches, which works, as long as you're in /opt/gegobi 
when you enter it:

./gegobi.py --base /var/gopher --cert cert.pem --key key.pem --host gopher.visiblink.ca --port 1965


5. Open port 1965 in your firewall.

ufw allow 1965


6. Set up port forwarding on the router. Once you've done that, the 
world should be able to see your gopher content on gemini! You can 
verify that by visiting your gopher hole from a gemini proxy.


7. Shut GeGoBi down. Don't run GeGoBi as root on a regular basis.



Part II: Setup GeGoBi to be run by a regular user and autostart with systemd
============================================================================


Systemd unit files -- which allow you to autostart GeGoBi -- don't 
accept command-line switches, but you can still get them to work by 
assigning them to variables in a config file.


1. Make a file in your /opt/gegobi directory called .conf

This file will hold the command-line switches you figured out in Part I. 
Alter it to meet your specific requirements.

Here are the contents of my .conf (you may need to change the base 
directory and you _will_ need to change the hostname):

ARG1=--base /var/gopher
ARG2=--cert /opt/gegobi/cert.pem
ARG3=--key /opt/gegobi/key.pem
ARG4=--host gopher.visiblink.ca
ARG5=--port 1965


2. Navigate to /etc/systemd/system/


3. Create a file called gegobi.service

Enter the following in the file:

[Unit]
Description=Run GeGoBi as a regular user

[Service]
Type=simple
User=your_username
Restart=always
EnvironmentFile=/opt/gegobi/.conf
ExecStart=/usr/bin/python3 /opt/gegobi/gegobi.py $ARG1 $ARG2 $ARG3 $ARG4 $ARG5 
TimeoutStartSec=0
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target


4. Change the ownership of all of the files in /opt/gegobi/ to the 
regular (non-root) user you have chosen to run gegobi.

chown your_username:your_username /opt/gegobi/*

You might have to change the ownership of the hidden /opt/gegobi/.conf 
file separately. I can't remember if the wildcard changed it or not.


5. Make GeGoBi run as a daemon:

First, reload the daemon service files:

systemctl daemon-reload

Then you can start GeGoBi:

systemctl start gegobi.service

Finally, set GeGoBi to start up automatically with your server:

systemctl enable gegobi.service