summaryrefslogtreecommitdiff
path: root/config/example.sr71
diff options
context:
space:
mode:
Diffstat (limited to 'config/example.sr71')
-rw-r--r--config/example.sr7188
1 files changed, 88 insertions, 0 deletions
diff --git a/config/example.sr71 b/config/example.sr71
new file mode 100644
index 0000000..6c1a977
--- /dev/null
+++ b/config/example.sr71
@@ -0,0 +1,88 @@
+# define a gopher server
+# This IP/port is the default, both components are optional.
+# To specify a port without changing the IP default, write it like ":70".
+gopher 0.0.0.0:70 {
+ # A gopher server MUST include a single "host" directive with a single hostname.
+ # It will be used for internal links, such as in directory listings.
+ host tjp.lol
+
+ # The "static" directive exposes a filesystem directory at a given path prefix.
+ # It will only serve files which are world-readable.
+ # "with" introduces comma-separated modifiers to a directive.
+ # - "exec" causes world-executable files to be executed as if they were in a cgi directory.
+ # - "extendedgophermap" allows the sliderule extended form for gophermap files.
+ # - "dirdefault <name>" uses a given filename for requests made for the directory.
+ # - "dirlist" builds listings of requested directories, at a lower priority than "dirdefault".
+ static /var/gopher/docs at / with dirdefault gophermap, dirlist, exec, extendedgophermap
+
+ # The "cgi" directive exposes a filesystem directory at a path prefix as well but executes requested files.
+ # It will only execute world-executable files.
+ # It supports the "extendedgophermap" and "dirdefault" modifiers.
+ # Executed files are assumed to produce gophermap, although the "extendedgophermap" modifier can make this more friendly.
+ cgi /var/gopher/cgi at /cgi-bin with extendedgophermap
+
+ # Directives which result in exposing a filesystem directory may include tilde (~) characters.
+ # It must be present in both the path prefix and the filesystem path, or neither.
+ # In the path prefix it will match a "~username" path segment and the user name will be captured.
+ # If the filesystem path begins with the ~ character it represents the user's home directory.
+ # Otherwise, it will be replaced by the user's name.
+ # So on a system where users' home directories are at /home, "/home/~" and "~" are the same (though the latter is more general).
+ static ~/public_gopher at /~ with dirdefault gophermap, dirlist, exec, extendedgophermap
+ cgi ~/public_gopher/cgi-bin at /~/cgi-bin
+
+ # The "git" directive exposes git repos under a filesystem directory.
+ # Only git repositories in the given filesystem directory (not its children) are exposed.
+ git ~/code at /~/code
+}
+
+# define a finger server
+# This is the default host and port, and both or either may be omitted.
+# Only a single "static" or "cgi" directive is allowed in a finger server.
+# In either case a ~ must be present in the path, and there is no "at <prefix>" clause.
+# "static ... with exec" differs from "cgi" in that if the file is not executable, "static" will serve the file's contents instead.
+# There is no support for /W extended form, user listings, or serving as a jump host.
+finger 0.0.0.0:79 {
+ static ~/.finger with exec
+}
+
+# define a gemini server
+# This is the default host and port, and both or either may be omitted.
+gemini 0.0.0.0:1965 {
+ # "host" directives are allowed in gemini servers.
+ # "host" is followed by one or more comma-separated hostnames that will be used to match this server.
+ # Multiple gemini servers may be defined on the same IP/port, in which case the hosts will delineate
+ # which server's behavior is triggered by a given request.
+ host tjp.lol
+
+ # A gemini server MUST have a single "servertls" directive with "key <keyfile>" and "cert <certfile>" clauses.
+ servertls key /var/gemini/tls/server.key cert /var/gemini/tls/server.crt
+
+ # "static" and "cgi" directives work much like in gopher servers.
+ # There is no "extendedgophermap" modifier in gemini, however.
+ static /var/gemini/docs at / with dirdefault index.gmi, dirlist, exec
+ cgi /var/gemini/cgi at /cgi-bin
+
+ static ~/public_gemini at /~ with dirdefault index.gmi, dirlist, exec
+ cgi ~/public_gemini/cgi-bin at /~/cgi-bin
+
+ # "titan" enables uploads into to (over-)write into world-writable directories.
+ # It REQUIRES an "auth" clause that references an auth directive.
+ titan ~/public_gemini at /~ auth private_gemini
+
+ # "static" and "cgi" directives support an "auth <name>" clause which requires that an authentication pass.
+ cgi ~/public_gemini/cgi-bin/private at /~/cgi-bin/private auth private_gemini
+
+ git ~/code at /~/code
+}
+
+# "auth" is a global directive that defines a named authentication strategy.
+# The "auth" keyword is followed by a name, and then the strategy.
+# "clienttlsfile" is a strategy which takes a path to a file which contains line-delimited SHA256 fingerprints of client certificates.
+# Tildes (~) are allowed in the file path, in which case the strategy is only usable in a ~user-scoped directive.
+auth private_gemini clienttlsfile ~/.private_gemini
+
+# The "clienttls" strategy takes comma-separated SHA256 fingerprints of client certificates.
+auth is_tony clienttls 0284bcb38d7c98548df4a67587163276373ea8f9a8cc931a89f475557bd9f3a3
+
+# The "hasclienttls" strategy requires only that the request be made with a client certificate.
+auth is_named hasclienttls
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-08 14:53:38 +0000