💾 Archived View for cadence.moe › bliz-documentation › 01-setup.gmi captured on 2024-09-28 at 23:39:24. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-04-28)

-=-=-=-=-=-=-

Bliz documentation: Setup

Creating a user

Follow these steps to set up Bliz on your computer or on a server. You do not need root access - do not run any of these steps as root.

You may wish to create a sandboxed user to run Bliz as. That way, in the case of a security issue, damage to your server would be limited.

I have been running my Bliz server at cadence.moe for more than a year, and nothing bad has happened to it. You can audit the source code yourself if there are things you'd like to check. I believe the risk is low. Still, better safe than sorry!

Dependencies

Fish shell

Bliz is written in Fish's scripting language. You need Fish. It's probably in your package manager.

a TLS+TCP listener

Choose one of these:

ncat is the preferred listener! It supports TLS 1.3 and 1.2.

Note: ncat is *not* the same as netcat, nc, openbsd-nc, or busybox nc.

You should be able to obtain the actual ncat command by installing your system's nmap package.

If not, you can download ncat from its official website here.

If you can't get ncat for some reason, socat is available as a fallback. It's TLS 1.2 only though, so if your gemini client thinks it's cool and hip to disable TLS 1.2, it won't be able to connect. It also has a bug where TLS sessions are not properly ended, which causes some clients to hang.

socat is probably available in your package manager.

Setting up files

The repository is available at:

https://git.sr.ht/~cadence/bliz

Then, you need to generate certificates. If you already have a server and a keypair, drop `cert.pem` and `key.pem` into the `certs` directory. Otherwise, if you don't already have a keypair (this is the most likely situation) run `./certs.fish` to generate one.

That's it! Setup is done.

Starting the server

You're totally done. Bliz is set up and running.

You can access the server right now with any client on port 1965.

Now you can go write some documents for people to see!

Next page: Static content

Back to documentation index