blob: adcc44b73ed6fedc2a96b2c81921418d851c94d7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
[default]
# only one bind addr for now.
bind = '0.0.0.0'
# only one port for now.
ports = [1965]
# Can specify one or both of these.
tls = ['v1.2', 'v1.3']
## The following options are specific to default and will not work with vhost
# Working dir is used as a relative location if a 'pathy' option (like log_file) is not absolute.
# If working_dir does not have a path, then the *current working directory* is the used.
working_dir = "/etc/jakes-gemini-server" # avoid putting final '/'
# Unless path is absolute, it is relative to working_dir
log_file = "jakes-gemini-server.log"
# if log_to_stdout is true then log_file is ignored and the 'log' is printed (almost unbuffered) to stdout.
log_to_stdout = true
# Unless path is absolute, it is relative to working_dir.
# If this is not specified then it will place it in certs dir (and create the directory if needed, maybe not with the best permissions)
cert_key_dir = "certs" # avoid putting final '/'
# If the cert_key_dir directory is not writable, then a warning will emit
# because generating cert/key pairs will fail and cause the program to die.
# Setting the following to 'false' will not emit an error.
cert_key_dir_write_warning = true
# For each accepted connection a fork() is called. This toggles if that should happen or not.
# For debugging or memory reasons, it may help to set this to false, though it may result in clients timing out # if your server is busy serving a client.
# Will cause 'timed-out' and 'sysread failed' to appear at the same time in log files.
fork = true
# When the server accept()s the client needs to send, per the Gemini spec: '<URL><CR><LF>'
# This timeout option determines how long the server will wait before timing them out.
# 0 is equivalent to 'do not timeout'. Naughty bots/people sit there doing nothing but clogging the ports.
timeout = 5
## These are not specific to default and can be used with vhost
## Vhost options will override default options
# Default document root, when a vhost has none of its own.
root = "default_root"
# append 'index.gmi' when the path ends with '/' or is nothing
assume_index = true
# list the contents of a directory if no index.gmi is found and request is a directory
dir_listing = false
# otherwise the fallback is 'application/octet-stream' (gemini is primary text based so 'octet-stream' probably not wanted)
default_mime = 'text/plain'
### Not implimented yet
# similar to .htaccess, .gmiaccess
#gmi_access = true
# automatically reject access to .gmiaccess
#gmi_access_request_reject = true
# No need for a single config file
#include_configs = ["./sites_enabled"]
# A Vhost is *required* since it both serves as vhost and server name identification (sni)
# Vhost example - probably you want to see that it actually works right away
# `$ ncat --ssl localhost 1965'. Quick! You have 5 seconds! type: 'gemini://localhost ' (don't forget the whitespace as required by gemini spec)
# (ncat (probably) packaged with nmap)
['localhost']
# Generate certificate and key automatically? Uses cert_key_dir
auto_cert = true
# Overrides default setting
assume_index = true
# A more realistic example
#['example.com']
#auto_cert = false
# Location to the cert/key pair is relative to cert_key_dir unless the path is absolute
# The existance of cert and key option will cause auto_cert to be ignored.
#cert = "cert.pem" # a file
#key = "key.pem" # a file
#
# this Vhost's document root
#root = "/srv/gemini/example.com"
#
# Overrides default setting
#assume_index = true
#dir_listing = true
#default_mime = 'text/plain'
|
