Original setup directions for this gemini capsule

I wanted to preserve the directions I followed to create this gemini capsule in the off chance that I had to recreate or make another gemini capsule.

Original directions

Note: I am no longer using this setup. I am using the docker image provided in the github directions.

Agate Github

I am currently writing up how my own infrastructure is set up which I will post once complete.

Creating and serving gemini capsules

What is Gemini?

Gemini is a new internet protocol which is different from the HTTP and Gopher. It's much cleaner and has a growing community and audience of hackers.

Why use gemini protocol?

Gemini capsules (webpages of gemini) are lightweight, minimal, and don't use many resources to operate.
It can run along with your websites. Gemini capsules use port 1965 by default. Your webserver can run at port 80 or 443 along with gemini server at port 1965.
By exploring an alternative protocol, you can check different ways to serve data and blogs.

To access any gemini urls i.e. gemini://example.org, you can use any gemini client such as amfora, lagrange, elpher, etc.

Instructions

Create a gemini user

It is most secure and clean to have a separate gemini user, so let's create one:

useradd -m -s /bin/bash gemini

Now log in as gemini with the following command:

su -l gemini

To create and serve a gemini capsule, we need three basic steps:

1. Content - the webpages in our capsule
2. TLS certificate - Gemini requires encrypted connection.
3. Gemini server - the program that makes our capsule available (similar to Nginx for HTTP)

As the gemini user, we can create three different directories to simplify the process:

mkdir -p ~/gemini/{content,certificate,server}

Content

This will be the directory where your capsule files will be contained. Gemini uses text/gemini markup (in place of HTTP's equivalent HTML). It heavily borrows from Markdown. Similar to .html or .md, gemini uses .gmi as its extension.

To create one gemini file, go inside the content directory and create one index.gmi file.

nano gemini/content/index.gmi

We can add the content we want in our Gemini capsule here:

# This is Sample Gemini page
## With header 1 and header 2
And a short paragraph like this.
=> /index.gmi Link to the same page

TLS certificate

Go to the certificate directory which we created earlier and generate a TLS certificate using OpenSSL.

cd ~/gemini/certificate/
openssl req -new -subj "/CN=example.org" -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -days 3650 -nodes -out cert.pem -keyout key.pem

Gemini server

Download and prepare the server

There are many gemini server software choices available. We will use agate server for now. This is a simple gemini server written in Rust.

It's a good idea to always get the most recent version, which you can see on the agate releases page.

Releases page

At the time of this writing, that is agate v3.1.0 which we will now download. We will download it to the server directory we made.

> note: when following this guide, v3.3.0 was out

cd ~/gemini/server
wget https://github.com/mbrubeck/agate/releases/download/v3.1.0/agate.x86_64-unknown-linux-gnu.gz

> note: This server is using v3.3.0:

wget https://github.com/mbrubeck/agate/releases/download/v3.3.0/agate.x86_64-unknown-linux-gnu.gz

Unzip the gz, then rename and make it executable:

gunzip agate.x86_64-unknown-linux-gnu.gz
mv agate.x86_64-unknown-linux-gnu agate-server
chmod +x agate-server

Create a system service

Now we need to create a systemd service to autostart and manage agate. The gemini user does not have permission to do this, so press ctrl-d to log out of the gemini user and return to root. As root, create the file below by opening it in your text editor (nano, vim, etc.):

nano /etc/systemd/system/agate.service

Add the following content to the file customizing highlighted text to your use.

[Unit]
Description=agate
After=network.target

[Service]
User=gemini
Type=simple
ExecStart=/home/gemini/gemini/server/agate-server --content /home/gemini/gemini/content --certs /home/gemini/gemini/certificate/ --hostname example.org --lang en-US

[Install]
WantedBy=default.target

Now we are ready to run server. Enable and run agate server.

systemctl enable agate
systemctl start agate

Firewall

Lastly, if you have a firewall running, remember to open port 1965, which is the port number used by gemini:

ufw allow 1965

Finalization

Now your server should be running. If everything went okay, you can access your gemini capsule via any gemini client with a url like this:

gemini://example.org

Sample gemini site for reference:

gemini://gemini.circumlunar.space

Enjoy your first gemini capsule.

This webpage was automatically converted from my gemini capsule, there might be some issues. What is Gemini? Learn more here.