💾 Archived View for gemi.dev › gemini-mailing-list › 000993.gmi captured on 2024-08-31 at 19:13:09. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
Hello geminauts, I am toying with the idea to separate the handling of the gemini request from the handling of TLS. I believe I have read about such a setup on a *bsd system somewhere, but I'm unable to find it again. I /think/ the tls-handling relay was called something with "jet" in the name, but I could be wrong. So why would I do this? The gemini/mercury server part could well run on a small microcontroller. Within my home network TLS is not really neccessary. But I would be nice to connect such a controller to the outside world using a proxy or similar, which does handle the tls and certificate side of things, and relays the raw request and its reply between the controller and the client via ethernet. Any pointers are highly appreciated. Thanks, ~ew PS: while I'm good at number crunchers and shell scripts, I am highly illiterate with respect to anything network and sockets. -- Keep it simple!
On 15 August 2021 18:26:08 CEST, "ew.gemini" <ew.gemini@nassur.net> wrote: > >Hello geminauts, > >I am toying with the idea to separate the handling of the gemini >request from the handling of TLS. I believe I have read about >such a setup on a *bsd system somewhere, but I'm unable to find >it again. I /think/ the tls-handling relay was called something >with "jet" in the name, but I could be wrong. > >So why would I do this? The gemini/mercury server part could >well run on a small microcontroller. Within my home network TLS >is not really neccessary. But I would be nice to connect such a >controller to the outside world using a proxy or similar, which >does handle the tls and certificate side of things, and relays >the raw request and its reply between the controller and the >client via ethernet. > > >Any pointers are highly appreciated. > >Thanks, >~ew > >PS: while I'm good at number crunchers and shell scripts, I am >highly illiterate with respect to anything network and sockets. you can try vger: it's meant to be run from inetd under relayd/nginx/... because it obviously doesn't handle TLS. But if you make inetd listen on 1965... :) -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
---
Previous Thread: Re: Gemini Digest, Vol 25, Issue 9
Next Thread: Re: Gemini Digest, Vol 25, Issue 12 - What we use