Gemini Servers

Agate

Agate took a good long while to compile, and looks to have worse security than the C projects that follow. How could rust be worse than C on the security front, one might ask? First, Agate pulls in a whole lot of crates, which in theory would need to be reviewed for malicious code and supply chain attacks. Second, this is not clear, but Agate does not appear to make use of pledge nor unveil, unless that is hidden off undocumented in some nook or cranny (a search for pledge only found a code of conduct). So, one could learn rust (eh...) and figure out how to integrate yet more crates for pledge and unveil support (eh...) or you could use

gmid

=> gemini://gemini.omarpolo.com/post/gmid-2.0-first-alpha.gmi

Supports pledge and unveil. Configuration is very similar to httpd; one could think of gmid as "httpd, but for gemini". The downside of being like httpd is that there is about 8000 lines of C to review, according to cloc. 

    # /etc/gmid.conf
    chroot "/var/gemini"
    ipv6 on
    user "_gemini"
    server "example.org" {
        cert "/etc/ssl/example.org.fullchain.pem"
        key "/etc/ssl/private/example.org.key"
        log off
        auto index on
        root "/example.org"
    	location ".git*" {
    		block return 50 "nope"
    	}
    	location "*/.gitignore" {
    		block return 50 "nope"
    	}
    }

This uses the same ACME client certificate at httpd does, which means in theory 

    acme-client && rcctl reload gmi http

should bring new certificates into play automatically, but I have no idea (yet) how that plays with TOFU certificates in gemini clients. Answer! Poorly, unless you instruct Let's Encrypt to retain the private key and if the gemini client (such as Amfora) hashes the certificate in a particular way.

=> /tech/ssl/fingerprint.gmi

The git ignores are for if you use git and use a post-receive hook to pull changes on commit. 

    thrig$ cat var/gemini/thrig.me.git/hooks/post-receive  
    #!/bin/sh
    while read oldrev newrev refname; do
            if [ "$refname" = "refs/heads/master" ]; then
                    unset GIT_DIR
                    git -C /var/gemini/thrig.me pull -q
            fi
    done

vger

Supports pledge and unveil. Much functionality that increases the code size (and thus attack surface) in gmid is pushed off to inetd and relayd. Has a package in the OpenBSD ports system. Has very little code to review (about 700 lines of C).

=> gemini://perso.pw:1965/blog//articles/vger-security.gmi

Both gmid and vger appear to have CGI support but I have not looked into that.

Related Links

=> ../openbsd/pledge.gmi | TOFU

=> back to index

Proxy Information
Original URL
gemini://thrig.me/tech/gemini/servers.gmi
Status Code
Success (20)
Meta
text/gemini
Capsule Response Time
1030.482032 milliseconds
Gemini-to-HTML Time
0.720912 milliseconds

This content has been proxied by September (3851b).