Documentation rewording
This commit is contained in:
parent
349e56c28c
commit
ff78ea5049
2 changed files with 8 additions and 5 deletions
10
README.md
10
README.md
|
@ -1,7 +1,7 @@
|
||||||
# A simplistic and secure Gemini server
|
# A simplistic and secure Gemini server
|
||||||
|
|
||||||
**Vger** is a gemini server supporting chroot, virtualhosts, default
|
**Vger** is a gemini server supporting chroot, virtualhosts, CGI,
|
||||||
language choice, redirections and MIME types detection.
|
default language choice, redirections and MIME types detection.
|
||||||
|
|
||||||
**Vger** design is relying on inetd and a daemon to take care of
|
**Vger** design is relying on inetd and a daemon to take care of
|
||||||
TLS. The idea is to delegate TLS and network to daemons which
|
TLS. The idea is to delegate TLS and network to daemons which
|
||||||
|
@ -22,7 +22,9 @@ The average setup should look like:
|
||||||
**Vger** is perfectly secure if run on **OpenBSD**, using `unveil()`
|
**Vger** is perfectly secure if run on **OpenBSD**, using `unveil()`
|
||||||
the filesystem access is restricted to one directory (default to
|
the filesystem access is restricted to one directory (default to
|
||||||
`/var/gemini/`) and with `pledge()` only systems calls related to
|
`/var/gemini/`) and with `pledge()` only systems calls related to
|
||||||
reading files and reading input/output are allowed.
|
reading files and reading input/output are allowed. More explanations
|
||||||
|
about Vger security can be found
|
||||||
|
[on this link](https://dataswamp.org/~solene/2021-01-14-vger-security.html).
|
||||||
|
|
||||||
For all supported OS, it's possible to run **Vger** in a chroot
|
For all supported OS, it's possible to run **Vger** in a chroot
|
||||||
and drop privileges to a dedicated user.
|
and drop privileges to a dedicated user.
|
||||||
|
@ -57,7 +59,7 @@ without a `-d` parameter.
|
||||||
- `-u username`: enable chroot to the data directory and drop privileges to `username`.
|
- `-u username`: enable chroot to the data directory and drop privileges to `username`.
|
||||||
- `-m MIME` : use MIME as default instead of "application/octet-stream".
|
- `-m MIME` : use MIME as default instead of "application/octet-stream".
|
||||||
- `-i` : Enable auto index if no "index.gmi" file is found in a directory.
|
- `-i` : Enable auto index if no "index.gmi" file is found in a directory.
|
||||||
- `-c CGI_PATH` : Exec CGI_PATH instead of serving it.
|
- `-c CGI_PATH` : files in CGI_PATH are executed and their output is returned to the client.
|
||||||
|
|
||||||
|
|
||||||
# How to configure Vger using relayd and inetd
|
# How to configure Vger using relayd and inetd
|
||||||
|
|
3
vger.8
3
vger.8
|
@ -44,7 +44,8 @@ will read the file /var/gemini/hostname.example/file.gmi
|
||||||
.It Op Fl c
|
.It Op Fl c
|
||||||
Enable CGI support.
|
Enable CGI support.
|
||||||
.Ar cgi_path
|
.Ar cgi_path
|
||||||
will be executed as a cgi script. This path is relative to the directory set with
|
will be executed as a cgi script instead of returning its content.
|
||||||
|
This path is relative to the directory set with
|
||||||
.Fl d
|
.Fl d
|
||||||
flag. If using virtualhost, you must insert the virtualhost directory in the cgi path.
|
flag. If using virtualhost, you must insert the virtualhost directory in the cgi path.
|
||||||
As example, for a request gemini://hostname.example/cgi-bin/hello.cgi, one must set:
|
As example, for a request gemini://hostname.example/cgi-bin/hello.cgi, one must set:
|
||||||
|
|
Loading…
Reference in a new issue