GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
VGER(8) FreeBSD System Manager's Manual VGER(8)

vger
inetd gemini server

vger [-l lang] [-v] [-i] [-c cgi_path] [-d path] [-u username] [-m mimetype]

vger is a secure gemini server that is meant to be run on inetd(8) behind a relay daemon offering TLS capabilities like relayd(8).

If an incoming gemini query doesn't explicitly request a file, vger will serves a default "index.gmi" file if present.

It is possible to create redirections by creating a symbolic link containing the new file location.

[-l lang]
Set the lang in the return code to lang. A list can be specified, i.e "-l en,fr" will send "lang=en,fr". Default is no lang metadata.
[-i]
Enable auto index if no index.gmi is found in a directory. The index is a file that will contain a link to every file within the current directory.
[-v]
Enable virtualhost support, the hostname in the query will be considered as a directory name. As example, for request gemini://hostname.example/file.gmi vger will read the file /var/gemini/hostname.example/file.gmi
[-c]
Enable CGI support. cgi_path files will be executed as a cgi script instead of returning their content. cgi_path must not end with '/'. If using virtualhost, you must insert the virtualhost directory in the cgi path. As example, for a request gemini://hostname.example/cgi-bin/hello.cgi, one must set: 
vger -c /var/gemini/hostname.example/cgi-bin/hello.cgi

In this case, pledge(2) promises and unveil permission are set to enable cgi execution.

Be very careful on how you write your CGI, it can read outside the chroot.

[-m mimetype]
Use mimetype instead of the "application/octet-stream" as content type for which vger is unable to find the type.
[-d path]
Use path instead of the default "/var/gemini/" path to look for files. On OpenBSD vger will use unveil(2) on this path to only allow read-only file access within this directory.
[-u username]
Enable chroot(2) on the data directory and then drop privileges to username. This requires vger to be run as root user.

vger is meant to be run by inetd(8). vger can be used on any port because it won't be public.

/etc/inetd.conf example using a dedicated gemini_user:

127.0.0.1:11965 stream tcp nowait gemini_user /usr/local/bin/vger vger

The public port TCP/1965 must be served by a daemon like relayd(8) which negociate TLS connections and forward them to the inetd daemon on the vger port. Do not forget to open the TCP/1965 port in your firewall.

relayd.conf(5) configuration example:

log connection
relay "gemini" {
    listen on hostname.example port 1965 tls
    forward to 127.0.0.1 port 11965
}

The vger utility exits 0 on success, and >0 if an error occurs.

chroot(2), unveil(2), relayd.conf(5), inetd(8), relayd(8)

See the LICENSE file for the authors.

See the LICENSE file for the terms of redistribution.
December 3, 2020 FreeBSD 13.1-RELEASE
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.