gmid/README.md


# NAME

**gmid** - dead simple zero configuration gemini server

# SYNOPSIS

**gmid**
\[**-6fh**]
\[**-c**&nbsp;*cert.pem*]
\[**-d**&nbsp;*docs*]
\[**-k**&nbsp;*key.pem*]
\[**-p**&nbsp;*port*]
\[**-x**&nbsp;*cgi-bin*]

# DESCRIPTION

**gmid**
is a very simple and minimal gemini server that can serve static files
and execute CGI scripts.

**gmid**
won't serve files outside the given directory and won't follow
symlinks.
Furthermore, on
OpenBSD,
pledge(2)
and
unveil(2)
are used to ensure that
**gmid**
dosen't do anything else than read files from the given directory,
accept network connections and, optionally, execute CGI scripts.

**gmid**
fully supports IRIs (Internationalized Resource Identifiers, see
RFC3987).

It should be noted that
**gmid**
is very simple in its implementation, and so it may not be appropriate
for serving sites with lots of users.
After all, the code is single threaded and use a single process,
although it can handle multiple clients at the same time.

If a user request path is a directory,
**gmid**
will try to serve a
*index.gmi*
file inside that directory.

The options are as follows:

**-6**

> Enable IPv6.

**-c** *cert.pem*

> The certificate to use, by default is
> *cert.pem*.

**-d** *docs*

> The root directory to serve.
> **gmid**
> won't serve any file that is outside that directory.
> By default is
> *docs*.

**-f**

> stays and log in the foreground, do not daemonize the process.

**-h**

> Print the usage and exit.

**-k** *key.pem*

> The key for the certificate, by default is
> *key.pem*.

**-p** *port*

> The port to bind to, by default 1965.

**-x** *dir*

> Enable execution of CGI scripts inside the given directory (relative
> to the document root.)  Cannot be provided more than once.

# CGI

When CGI scripts are enabled for a directory, a request for an
executable file will execute it and fed its output to the client.

The CGI scripts will inherit the environment from
**gmid**
with these additional variables set:

`SERVER_SOFTWARE`

> "gmid"

`SERVER_PORT`

> "1965"

`SCRIPT_NAME`

> The (public) path to the script.

`SCRIPT_EXECUTABLE`

> The full path to the executable.

`REQUEST_URI`

> The user request (without the query parameters.)

`REQUEST_RELATIVE`

> The request relative to the script.

`QUERY_STRING`

> The query parameters.

`REMOTE_HOST`

> The remote IP address.

`REMOTE_ADDR`

> The remote IP address.

`DOCUMENT_ROOT`

> The root directory being served, the one provided with the
> *d*
> parameter to
> **gmid**

`AUTH_TYPE`

> The string "Certificate" if the client used a certificate, otherwise unset.

`REMOTE_USER`

> The subject of the client certificate if provided, otherwise unset.

`TLS_CLIENT_ISSUER`

> The is the issuer of the client certificate if provided, otherwise unset.

`TLS_CLIENT_HASH`

> The hash of the client certificate if provided, otherwise unset.
> The format is "ALGO:HASH".

Let's say you have a script in
*/cgi-bin/script*
and the user request is
*/cgi-bin/script/foo/bar?quux*.
Then
`SCRIPT_NAME`
will be
*/cgi-bin/script*,
`SCRIPT_EXECUTABLE`
will be
*$DOCUMENT\_ROOT/cgi-bin/script*,
`REQUEST_URI`
will be
*/cgi-bin/script/foo/bar*,
`REQUEST_RELATIVE`
will be
*foo/bar and*
`QUERY_STRING`
will be
*quux*.

# EXAMPLES

To quickly getting started

	$ # generate a cert and a key
	$ openssl req -x509 -newkey rsa:4096 -keyout key.pem \
	        -out cert.pem -days 365 -nodes
	$ mkdir docs
	$ cat <<EOF > docs/index.gmi
	# Hello world
	test paragraph...
	EOF
	$ gmid -c cert.pem -k key.pem -d docs

Now you can visit gemini://localhost/ with your preferred gemini
client.

To add some CGI scripts, assuming a setup similar to the previous
example, you can

	$ mkdir docs/cgi-bin
	$ cat <<EOF > docs/cgi-bin/hello-world
	#!/bin/sh
	printf "20 text/plain\r\n"
	echo "hello world!"
	EOF
	$ gmid -x cgi-bin

Note that the argument to the
**-x**
option is
*cgi-bin*
and not
*docs/cgi-bin*,
since it's relative to the document root.

# ACKNOWLEDGEMENTS

**gmid**
uses the "Flexible and Economical" UTF-8 decoder written by
Bjoern Hoehrmann.

# CAVEATS

*	it doesn't support virtual hosts: the host part of the request URL is
	completely ignored.

*	a %2F sequence in the path part is indistinguishable from a literal
	slash: this is not RFC3986-compliant.

*	a %00 sequence either in the path or in the query part is treated as
	invalid character and thus rejected.
initial commit 2020-10-02 19:39:00 +02:00
			`# NAME`

minor documentation edits 2020-10-03 17:49:09 +02:00			`gmid - dead simple zero configuration gemini server`
initial commit 2020-10-02 19:39:00 +02:00
			`# SYNOPSIS`

			`gmid`
fix remote_user for CGI and add -6 flag to enable ipv6 2021-01-11 13:08:50 +01:00			`\[-6fh]`
initial commit 2020-10-02 19:39:00 +02:00			`\[-c cert.pem]`
			`\[-d docs]`
			`\[-k key.pem]`
make port number configurable 2020-11-18 09:12:27 +01:00			`\[-p port]`
regen readme 2020-11-06 18:12:57 +01:00			`\[-x cgi-bin]`
initial commit 2020-10-02 19:39:00 +02:00
			`# DESCRIPTION`

			`gmid`
regen readme 2020-11-06 18:12:57 +01:00			`is a very simple and minimal gemini server that can serve static files`
			`and execute CGI scripts.`
initial commit 2020-10-02 19:39:00 +02:00
			`gmid`
IRI support This extends the URI parser so it supports full IRI (Internationalized Resource Identifiers, RFC3987). Some areas of it can/may be improved, but here's a start. Note: we assume UTF-8 encoded IRI. 2020-12-26 00:33:11 +01:00			`won't serve files outside the given directory and won't follow`
			`symlinks.`
fix errors in manpage man -Tlint -l gmid.1 helped a lot 2020-10-02 19:44:32 +02:00			`Furthermore, on`
			`OpenBSD,`
			`pledge(2)`
initial commit 2020-10-02 19:39:00 +02:00			`and`
fix errors in manpage man -Tlint -l gmid.1 helped a lot 2020-10-02 19:44:32 +02:00			`unveil(2)`
initial commit 2020-10-02 19:39:00 +02:00			`are used to ensure that`
			`gmid`
regen readme 2020-11-06 18:12:57 +01:00			`dosen't do anything else than read files from the given directory,`
			`accept network connections and, optionally, execute CGI scripts.`
initial commit 2020-10-02 19:39:00 +02:00
IRI support This extends the URI parser so it supports full IRI (Internationalized Resource Identifiers, RFC3987). Some areas of it can/may be improved, but here's a start. Note: we assume UTF-8 encoded IRI. 2020-12-26 00:33:11 +01:00			`gmid`
			`fully supports IRIs (Internationalized Resource Identifiers, see`
			`RFC3987).`

initial commit 2020-10-02 19:39:00 +02:00			`It should be noted that`
			`gmid`
			`is very simple in its implementation, and so it may not be appropriate`
regen readme 2020-11-06 18:12:57 +01:00			`for serving sites with lots of users.`
			`After all, the code is single threaded and use a single process,`
improve wording "concurrently" means at the same time, which can be confusing when we say that it's single-threaded on a single process. 2020-12-21 15:51:09 +01:00			`although it can handle multiple clients at the same time.`
initial commit 2020-10-02 19:39:00 +02:00
minor documentation edits 2020-10-03 17:49:09 +02:00			`If a user request path is a directory,`
			`gmid`
			`will try to serve a`
			`index.gmi`
			`file inside that directory.`

initial commit 2020-10-02 19:39:00 +02:00			`The options are as follows:`

fix remote_user for CGI and add -6 flag to enable ipv6 2021-01-11 13:08:50 +01:00			`-6`

			`> Enable IPv6.`

initial commit 2020-10-02 19:39:00 +02:00			`-c cert.pem`

			`> The certificate to use, by default is`
minor documentation edits 2020-10-03 17:49:09 +02:00			`> cert.pem.`
initial commit 2020-10-02 19:39:00 +02:00
			`-d docs`

			`> The root directory to serve.`
			`> gmid`
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`> won't serve any file that is outside that directory.`
			`> By default is`
regen readme 2020-11-06 18:12:57 +01:00			`> docs.`
initial commit 2020-10-02 19:39:00 +02:00
logging reworked and daemonize by default The -l option was removed: now it logs on syslog if -f (foreground) is not passed. 2020-12-02 21:18:01 +01:00			`-f`

			`> stays and log in the foreground, do not daemonize the process.`

initial commit 2020-10-02 19:39:00 +02:00			`-h`

minor documentation edits 2020-10-03 17:49:09 +02:00			`> Print the usage and exit.`
initial commit 2020-10-02 19:39:00 +02:00
			`-k key.pem`

			`> The key for the certificate, by default is`
minor documentation edits 2020-10-03 17:49:09 +02:00			`> key.pem.`
initial commit 2020-10-02 19:39:00 +02:00
make port number configurable 2020-11-18 09:12:27 +01:00			`-p port`

			`> The port to bind to, by default 1965.`

documentation improvements 2020-11-06 18:11:45 +01:00			`-x dir`
implementing CGI – NOT READY YET! This is a first try at implementing CGI scripting. The idea is that, if CGI is explicitly enabled by the user, when a user requires an executable file instead of serving it to the client, that file will be executed and its output fed to the client. There are various pieces that are still lacking, the firsts that comes to mind are: - performance: the handle_cgi just loops ignoring the WANT_POLLIN/POLLOUT and blocking if the child process hasn’t outputted anything. - we don’t parse query variable (yet) - we need to set more variables in the child environment side question: it’s better to set the variables using setenv() or by providing an explicit environment? - document what environment the CGI script will get - improve the horrible unveil/pledge(cgi ? …) but now I can serve “hello-world”-tier script from gmid! 2020-11-06 13:01:31 +01:00
documentation improvements 2020-11-06 18:11:45 +01:00			`> Enable execution of CGI scripts inside the given directory (relative`
			`> to the document root.) Cannot be provided more than once.`
implementing CGI – NOT READY YET! This is a first try at implementing CGI scripting. The idea is that, if CGI is explicitly enabled by the user, when a user requires an executable file instead of serving it to the client, that file will be executed and its output fed to the client. There are various pieces that are still lacking, the firsts that comes to mind are: - performance: the handle_cgi just loops ignoring the WANT_POLLIN/POLLOUT and blocking if the child process hasn’t outputted anything. - we don’t parse query variable (yet) - we need to set more variables in the child environment side question: it’s better to set the variables using setenv() or by providing an explicit environment? - document what environment the CGI script will get - improve the horrible unveil/pledge(cgi ? …) but now I can serve “hello-world”-tier script from gmid! 2020-11-06 13:01:31 +01:00
			`# CGI`

documentation improvements 2020-11-06 18:11:45 +01:00			`When CGI scripts are enabled for a directory, a request for an`
			`executable file will execute it and fed its output to the client.`
implementing CGI – NOT READY YET! This is a first try at implementing CGI scripting. The idea is that, if CGI is explicitly enabled by the user, when a user requires an executable file instead of serving it to the client, that file will be executed and its output fed to the client. There are various pieces that are still lacking, the firsts that comes to mind are: - performance: the handle_cgi just loops ignoring the WANT_POLLIN/POLLOUT and blocking if the child process hasn’t outputted anything. - we don’t parse query variable (yet) - we need to set more variables in the child environment side question: it’s better to set the variables using setenv() or by providing an explicit environment? - document what environment the CGI script will get - improve the horrible unveil/pledge(cgi ? …) but now I can serve “hello-world”-tier script from gmid! 2020-11-06 13:01:31 +01:00
regen readme 2020-11-06 18:12:57 +01:00			`The CGI scripts will inherit the environment from`
			`gmid`
			`with these additional variables set:`

			`SERVER_SOFTWARE`

			`> "gmid"`

			`SERVER_PORT`

			`> "1965"`

[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`SCRIPT_NAME`

			`> The (public) path to the script.`

			`SCRIPT_EXECUTABLE`

			`> The full path to the executable.`

			`REQUEST_URI`
regen readme 2020-11-06 18:12:57 +01:00
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`> The user request (without the query parameters.)`
regen readme 2020-11-06 18:12:57 +01:00
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`REQUEST_RELATIVE`
regen readme 2020-11-06 18:12:57 +01:00
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`> The request relative to the script.`
regen readme 2020-11-06 18:12:57 +01:00
			`QUERY_STRING`

[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`> The query parameters.`
regen readme 2020-11-06 18:12:57 +01:00
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`REMOTE_HOST`
regen readme 2020-11-06 18:12:57 +01:00
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`> The remote IP address.`

clients certs support for CGI internally, gmid doesn’t care if the client issued a certificate, but now we pass that information to the CGI script in some new environment variables. 2020-12-02 15:17:19 +01:00			`REMOTE_ADDR`

			`> The remote IP address.`

[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`DOCUMENT_ROOT`

			`> The root directory being served, the one provided with the`
			`> d`
			`> parameter to`
			`> gmid`

clients certs support for CGI internally, gmid doesn’t care if the client issued a certificate, but now we pass that information to the CGI script in some new environment variables. 2020-12-02 15:17:19 +01:00			`AUTH_TYPE`

			`> The string "Certificate" if the client used a certificate, otherwise unset.`

			`REMOTE_USER`

			`> The subject of the client certificate if provided, otherwise unset.`

			`TLS_CLIENT_ISSUER`

			`> The is the issuer of the client certificate if provided, otherwise unset.`

			`TLS_CLIENT_HASH`

			`> The hash of the client certificate if provided, otherwise unset.`
			`> The format is "ALGO:HASH".`

[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`Let's say you have a script in`
			`/cgi-bin/script`
			`and the user request is`
			`/cgi-bin/script/foo/bar?quux.`
			`Then`
			`SCRIPT_NAME`
			`will be`
			`/cgi-bin/script,`
			`SCRIPT_EXECUTABLE`
			`will be`
			`$DOCUMENT\_ROOT/cgi-bin/script,`
			`REQUEST_URI`
			`will be`
			`/cgi-bin/script/foo/bar,`
			`REQUEST_RELATIVE`
			`will be`
			`foo/bar and`
			`QUERY_STRING`
			`will be`
			`quux.`
regen readme 2020-11-06 18:12:57 +01:00
initial commit 2020-10-02 19:39:00 +02:00			`# EXAMPLES`

			`To quickly getting started`

			`$ # generate a cert and a key`
			`$ openssl req -x509 -newkey rsa:4096 -keyout key.pem \`
			`-out cert.pem -days 365 -nodes`
			`$ mkdir docs`
			`$ cat <<EOF > docs/index.gmi`
			`# Hello world`
			`test paragraph...`
			`EOF`
			`$ gmid -c cert.pem -k key.pem -d docs`

regen readme 2020-11-06 18:12:57 +01:00			`Now you can visit gemini://localhost/ with your preferred gemini`
documentation improvements 2020-11-06 18:11:45 +01:00			`client.`

			`To add some CGI scripts, assuming a setup similar to the previous`
regen readme 2020-11-06 18:12:57 +01:00			`example, you can`
documentation improvements 2020-11-06 18:11:45 +01:00
			`$ mkdir docs/cgi-bin`
			`$ cat <<EOF > docs/cgi-bin/hello-world`
			`#!/bin/sh`
regen readme 2020-11-06 18:12:57 +01:00			`printf "20 text/plain\r\n"`
documentation improvements 2020-11-06 18:11:45 +01:00			`echo "hello world!"`
			`EOF`
regen readme 2020-11-06 18:12:57 +01:00			`$ gmid -x cgi-bin`
documentation improvements 2020-11-06 18:11:45 +01:00
regen readme 2020-11-06 18:12:57 +01:00			`Note that the argument to the`
documentation improvements 2020-11-06 18:11:45 +01:00			`-x`
			`option is`
			`cgi-bin`
			`and not`
			`docs/cgi-bin,`
[cgi] added support for path parameters enhance the CGI scripting support so that script can take path parameters. That is, a script at /cgi/foo is called when the request path is /cgi/foo/bar/... This commit also introduce some backward incompatible changes as the default env variables set for the CGI script changed. 2020-11-10 14:07:36 +01:00			`since it's relative to the document root.`
initial commit 2020-10-02 19:39:00 +02:00
switch to Bjoern Hoehrmann UTF-8 decoder It's correct, while my hacked valid_multibyte_utf8 would allow things that aren't technically UTF8. 2021-01-09 21:32:23 +01:00			`# ACKNOWLEDGEMENTS`

			`gmid`
			`uses the "Flexible and Economical" UTF-8 decoder written by`
			`Bjoern Hoehrmann.`

initial commit 2020-10-02 19:39:00 +02:00			`# CAVEATS`

minor documentation edits 2020-10-03 17:49:09 +02:00			`* it doesn't support virtual hosts: the host part of the request URL is`
initial commit 2020-10-02 19:39:00 +02:00			`completely ignored.`

mention the %2F caveat 2020-12-25 13:15:15 +01:00			`* a %2F sequence in the path part is indistinguishable from a literal`
			`slash: this is not RFC3986-compliant.`

reject %00 2020-12-26 00:37:43 +01:00			`* a %00 sequence either in the path or in the query part is treated as`
			`invalid character and thus rejected.`