Install Packages

# pkg_add vger
# echo "# it works" >> /var/gemini/index.gmi

Configure inetd

inetd(8) is a super server. It works by listening for incoming connections and launches a specific program when it receives one. Since no one actually uses gemini, this approach to services is better. Instead of running constantly, the gemini server only runs when someone sends it a packet. 

127.0.0.1:11965 stream tcp nowait _vger /usr/local/bin/vger vger

Ronfigure relayd

relayd(8) is proxying service. In this example, I've set it up to proxy requests on :1965 to :11965. The tls keypair line is important because tls is a mandatory component of the gemini protocol. 

log connection
tcp protocol "gemini" {
        tls keypair "example.com:1965"
}

relay "genimi" {
        listen on example.com port 1965 tls
        protocol "gemini"
        forward to 127.0.0.1 port 11965
}

Get Certs

Since I'm also running httpd, I just symlinked my existing ssl certs. The name is important here. After much fiddling around, I read the documentation and relalized that the name of the cert and key must be identical to hostname:port.{key,crt}. 

# ln -s /etc/ssl/example.com.fullchain.pem /etc/ssl/example.com\:1965.crt
# ln -s /etc/ssl/private/example.com.key /etc/ssl/private/example.com\:1965.key

Configure pf

pf(4) is the firewall on OpenBSD. Thsis is a fairly basic configuration. Skip on the loopback device, use a macro to list services, block all incoming traffic unless it's in the list, pass all traffic out. The last line is was included in /etc/examples/pf.conf so I thought it was worthwhile to keep it. 

set skip on lo
tcp_services="{ssh, http, https, 1965}"

block in all

pass in proto tcp to any port $tcp_services keep state
pass out all

block return in on ! lo0 proto tcp to port 6000:6010

Smoke Test 

# pfctl -f /etc/pf.conf
# rcctl enable inetd relayd
# rcctl start inetd relayd

test if it works 

# pkg_add bombadillo
# bombadillo gemini://example.com

Eventually, I will write a script that converts html to the gemini markdown format. I will likely set it up as a cron job so that I can serve this website over gemini and never have to touch it again.

Gemini Markdown cheatsheet

The 2 people that use genimi call this gemtext

Gemini Markdown cheatsheet

The 2 people that use genimi call this gemtext. I simply call it gemini markdown because it's a very bare bones markdown format. 

# Heading 1
## Heading 2
### Heading 3

=>	http://example.com	a link to a website

=>	gemini://example.com	a link to a gemini server

=>	gopher://example.com	a link to a gopher server

* list
* items
* like
* this

> blockquote

paragraphs are just plain text like this
If this website has been useful or interesting to you, consider leaving a donation with Monero:
86MhLkDofbCNqtk8daRfM4N6yXqLXyv6taZDejpK9uTYXSfZbyjoxbwGX21JrQbY754gxfiMbwV3qXbWvCyZ2bJBUnA37hx
or (less preferably) with Bitcoin:
bc1qapwjaen8w252r04wm8fr7wgcvexvdm2tmp5zaz
All content is licensed as CC BY-NC-SA 4.0 unless otherwise specified.
anybrowser | openbsd
0x19 - Bring back the joy of computing
Thanks lainanon!