Hosting Gemini Capsules

From D-Wiki

Hosting Gemini Capsules

For this guide we are using the agate server software for hosting our capsule.

Download the latest release of agate to your supported server of choice. Then run chmod +x agate-server to make the main server file executable.

Also remember to create a directory where your Gemini capsule will be residing.

Creating a TLS Certificate

The Gemini protocol uses TLS certificates to secure the corresponding requests. So we also need to create one for our capsule like that. Create a new directory where you want it to be residing. We will need it later.

Then run.

openssl req -new -subj "/CN={FQND_OF_YOUR_CAPSULE}" -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -days 3650 -nodes -out cert.pem -keyout key.pem

Creating a system service

Create a new file in here /etc/systemd/system/agate.service and fill this file with the following service content. This will make managing your hosting server a lot easier and you can use different pre-defined parameters.

[Unit]
Description=agate
After=network.target

[Service]
User={YOUR_SYSTEM_USER}
Type=simple
ExecStart={PATH_TO_AGATE_SERVER_EXECUTABLE} --content {PATH_TO_GEMINI_CAPSULE_CONTENT_DIRECTORY} --certs {DIRECTORY_WITH_TLS_CERTIFICATE} --hostname {YOUR_FQDN_OF_YOUR_CAPSULE} --lang en-US

[Install]
WantedBy=default.target

Finishing Touches

Now start up your agate server like this.

systemctl enable agate systemctl start agate

Now you are up and running with your new and fresh Gemini capsule. To test it out go to your capsule content directory, add a file called index.gmi and fill it with some text. Then you should be able to access your shiny little site.

If it doesn't work by now, remember to allow requests through your firewall on port "1965" and redirect your requests through a reverse proxy you might have. Otherwise you cannot access your capsule from the outside.