How did I set up an onion (Tor) Gemini capsule

My onion (Tor) capsule is:

=> gemini://nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion/

In /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/gemini/
HiddenServicePort 1965 127.0.0.1:1965

(You don't need to use 1965 in 127.0.0.1:1965, just be sure that this port is the same as in the Gemini server configuration.)

Restart Tor. You will find the name of the capsule:

% cat /var/lib/tor/gemini/hostname 
nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion

I used Molly-Brown as the server. Since the server must listen only to local addresses, it has to bind to 127.0.0.1 (or ::1). Unfortunately, Molly-Brown does not offer a way to bind only to these addresses. I had to patch it:

% git diff
diff --git a/main.go b/main.go
index a616351..a291d9c 100644
--- a/main.go
+++ b/main.go
@@ -63,7 +63,7 @@ func main() {
 	}
 
 	// Create TLS listener
-	listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), tlscfg)
+	listener, err := tls.Listen("tcp", "127.0.0.1:"+strconv.Itoa(config.Port), tlscfg)
 	if err != nil {
 		errorLog.Println("Error creating TLS listener: " + err.Error())
 		log.Fatal(err)

Once it is done, go buildto recompile, go install.

Don't forget to put the onion name in Molly-Brown configuration file:

Hostname = "nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion"

Then just run Molly-Brown.

=> Molly-Brown site

Here is a test with the command-line client Agunua and the Tor wrapper torify:

% torify agunua -i -d gemini://nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion/
...
DEBUG: trying to connect to ('127.42.42.0', 1965) ...
DEBUG: connected with ('127.42.42.0', 1965)
...
Certificate issued by "/CN=nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion" for "/CN=nreqeynb23uo5btcibmpgj3xzrb7rdoe3bojab56golipzysgbbiavid.onion". Algorithm is sha256WithRSAEncryption, public key is of type 6 (2048 bits).
Header line: "20 text/gemini; lang=en"
...
# Stéphane Bortzmeyer's Gemini server

This is mostly an experimental server. You will not find a lot of content.

=> A more detailed article on setting up onion capsules

Proxy Information

Original URL: gemini://radia.bortzmeyer.org/gemini/onion.gmi
Status Code: Success (20)
Meta: text/gemini; lang=en
Capsule Response Time: 157.631555 milliseconds
Gemini-to-HTML Time: 0.312021 milliseconds

This content has been proxied by September (ba2dc).