mike/vger
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add missing useradd, simplify cert usage with relayd

Browse source
This commit is contained in:
prx 2020-12-09 14:26:08 +01:00 committed by Solene Rapenne
parent 395eeeccea
commit 6d0d8d8130
1 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
README.md
View file

@ -34,7 +34,7 @@ and drop privileges to a dedicated user.
git clone https://tildegit.org/solene/vger.git git clone https://tildegit.org/solene/vger.git
cd vger cd vger
make make
sudo make install doas make install
``` ```
# Running tests # Running tests
@ -60,6 +60,8 @@ without a `-d` parameter.
Create directory `/var/gemini/` (I'd allow this to be configured Create directory `/var/gemini/` (I'd allow this to be configured
later), files will be served from there. later), files will be served from there.
Create an user `gemini_user`.
Add this line to inetd.conf: Add this line to inetd.conf:
``` ```
@ -69,17 +71,20 @@ Add this line to inetd.conf:
Add this to relayd.conf Add this to relayd.conf
``` ```
log connection log connection
tcp protocol "gemini" {
tls keypair hostname.example
}
relay "gemini" { relay "gemini" {
listen on hostname.example port 1965 tls listen on hostname.example port 1965 tls
protocol "gemini"
forward to 127.0.0.1 port 11965 forward to 127.0.0.1 port 11965
} }
``` ```
Make links to the certificates and key files according to relayd.conf documentation Make sure certificates files match hostname:
``` `/etc/ssl/private/hostname.example.key` and
# ln -s /etc/ssl/acme/cert.pem /etc/ssl/hostname.example\:1965.crt `/etc/ssl/hostname.example.crt`.
# ln -s /etc/ssl/acme/private/privkey.pem /etc/ssl/private/hostname.example\:1965.key
```
On OpenBSD, enable inetd and relayd and start them: On OpenBSD, enable inetd and relayd and start them:
``` ```