get author from md file, do not hardcode
This commit is contained in:
parent
4f7225e886
commit
4b01fd7f5f
|
@ -6,7 +6,6 @@ DOMAIN="https://vern.cc"
|
|||
TITLE="Blog | ~vern"
|
||||
DESCRIPTION="The blog of ~vern"
|
||||
COPYRIGHT="Copyright 2022, ~vern administrators"
|
||||
AUTHOR="root@vern.cc (~vern administrators)"
|
||||
OS="Linux" # "Linux" for Linux, "BSD" for BSD Systems (including MacOS)
|
||||
HTML_LANG="en_US" # Your document (HTML) language setting
|
||||
|
||||
|
|
2
pblog.sh
2
pblog.sh
|
@ -55,7 +55,7 @@ else
|
|||
CAT_DATE=$(date -u -d "$(sed -n 's|^<p class="date">\([^<]*\)</p>$|\1|p' $file)" +"%Y/%m/%d/%u")
|
||||
POST_DATE=$(date -u -d "$(sed -n 's|^<p class="date">\([^<]*\)</p>$|\1|p' $file)" +"%a, %d %b %Y")
|
||||
fi
|
||||
|
||||
AUTHOR="$(cat $file | htmlq .author --text)"
|
||||
echo "<item>
|
||||
<pubDate>$POST_DATE $TIME</pubDate>
|
||||
<category>$CAT_DATE</category>
|
||||
|
|
|
@ -0,0 +1,98 @@
|
|||
---
|
||||
title: How to setup vger, a gemini server
|
||||
date: Sun, 11 Sep 2022
|
||||
author: ~aryak
|
||||
---
|
||||
|
||||
Hi,
|
||||
|
||||
I recently setup vger, a gemini server to replace agate on ~vern.
|
||||
|
||||
Heres some instructions on how I did that, on GNU/Linux.
|
||||
|
||||
Firstly, one of the hurdles i came across was that the instructions at the [git repo](https://tildegit.org/solene/vger) were very BSD-focused.
|
||||
|
||||
In our setup, vger runs on the PubNixVM and the TLS Termination Proxy runs on the tilserv.
|
||||
|
||||
To install vger, I git clon'd the repo, then ran `nix-shell` to get a shell with all the deps I need. After that I just ran `./configure` and `make`, like any old unix program.
|
||||
|
||||
To start vger though, is a lot more weird. It cannot be started standalone, instead you have to start it through inetd (or an equivalent like xinetd).
|
||||
|
||||
I went with Xinetd, and used its nix service to set it up.
|
||||
|
||||
```
|
||||
services.xinetd.enable = true;
|
||||
#services.xinetd.services = [ vger
|
||||
services.xinetd.services = [ {
|
||||
name = "vger";
|
||||
user = "gemini";
|
||||
server = "/var/gemini/vger/vger";
|
||||
serverArgs = "-v -i";
|
||||
protocol = "tcp";
|
||||
port = 11965;
|
||||
unlisted = true;
|
||||
} ];
|
||||
```
|
||||
|
||||
This translated to a Xinetd.conf that looks like this :-
|
||||
|
||||
|
||||
```
|
||||
defaults
|
||||
{
|
||||
log_type = SYSLOG daemon info
|
||||
log_on_failure = HOST
|
||||
log_on_success = PID HOST DURATION EXIT
|
||||
|
||||
}
|
||||
|
||||
service vger
|
||||
{
|
||||
protocol = tcp
|
||||
type = UNLISTED
|
||||
|
||||
socket_type = stream
|
||||
port = 11965
|
||||
wait = no
|
||||
user = gemini
|
||||
server = /var/gemini/vger/vger
|
||||
server_args = -v -i
|
||||
|
||||
}
|
||||
```
|
||||
|
||||
Additionally, I enabled syslog with `services.syslogd.enable = true;` and set `ForwardToWall=no` in journald.conf (`services.journald.extraConfig = "ForwardToWall=no";`) so that it won't spam my terminal every time someone visits the capsule.
|
||||
|
||||
With a quick nixos-rebuild switch, vger is running on port 11965.
|
||||
|
||||
`-v` flag enabled virtual hosts. This means when you visit aryak.vern.cc, vger will look for the directory /var/gemini/aryak.vern.cc.
|
||||
|
||||
But if you try to visit localhost:11965 with any gemini client, it will just give you a TLS error.
|
||||
|
||||
This is because vger does not handle TLS, instead out-sourcing that to relayd, which hasn't been ported to GNU/Linux.
|
||||
|
||||
So, instead of that, I used this simple (100 LOC) Go project called [TLSify](https://github.com/tlsify/tlsify)
|
||||
|
||||
Its really simple, just run `tlsify tcp4 :11965 tcp4 :1965 /path/to/cert.pem /path/to/privkey.pem`
|
||||
|
||||
I also made a systemd service for it :-
|
||||
|
||||
```
|
||||
[Unit]
|
||||
Description=TLS Termination Proxy for vger
|
||||
After=libvirt.service
|
||||
|
||||
[Service]
|
||||
User=gemini
|
||||
Type=simple
|
||||
ExecStart=/usr/local/bin/tlsify tcp4 192.168.122.30:11965 tcp4 :1965 /etc/letsencrypt/live/vern.cc/cert.pem /etc/letsencrypt/live/vern.cc/privkey.pem
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
```
|
||||
|
||||
Now, just open 1965 through your firewall and you can access your gemini server!
|
||||
|
||||
If you have any doubts/questions/recommendations, feel free to ask in #vern-chat
|
||||
|
||||
~aryak
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
title: Welcome to the new ~vern blog
|
||||
date: Thu, 08 Sep 2022
|
||||
author: ~vern team
|
||||
---
|
||||
|
||||
Hi,
|
||||
|
|
Loading…
Reference in New Issue