About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(NixOS BSD OpenBSD Lisp cmdline gaming security QubesOS internet-stuff). I love percent and lambda characters. OpenBSD developer solene@.

Contact me: solene+www at dataswamp dot org or @solene@bsd.network (mastodon). If for some reason you want to support my work, this is my paypal address: donate@perso.pw.

Consider sponsoring me on Patreon to help me writing this blog and contributing to Free Software as my daily job.

Run your Gemini server on Guix with Agate

Written by Solène, on 17 June 2021.
Tags: #guix #gemini

Comments on Fediverse/Mastodon

1. Introduction §

This article is about deploying the Gemini server agate on the Guix linux distribution.

Gemini quickstart to explain Gemini to beginners

Guix website

2. Configuration §

Guix manual about web services, search for Agate.

Add the agate-service definition in your /etc/config.scm file, we will store the Gemini content in /srv/gemini/content and store the certificate and its private key in the upper directory.

(service agate-service-type
         (agate-configuration
          (content "/srv/gemini/content")
          (cert "/srv/gemini/cert.pem")
          (key "/srv/gemini/key.rsa"))

If you have something like %desktop-services or %base-services, you need to wrap the services list a list using "list" function and add the %something-services to that list using the function "append" like this.

(services
  (append
    (list (service openssh-service-type)
          (service agate-service-type
                   (agate-configuration
                    (content "/srv/gemini/content")
                    (cert "/srv/gemini/cert.pem")
                    (key "/srv/gemini/key.rsa"))))
    %desktop-services))

3. Generating the certificate §

- Create directories /srv/gemini/content

- run the following command in /srv/gemini/

openssl req -x509 -newkey rsa:4096 -keyout key.rsa -out cert.pem -days 3650 -nodes -subj "/CN=YOUR_DOMAIN.TLD"

- Apply a chmod 400 on both files cert.pem and key.rsa

- Use "guix system reconfigure /etc/config.scm" to install agate

- Use "chown agate:agate cert.pem key.rsa" to allow agate user to read the certificates

- Use "herd restart agate" to restart the service, you should have a working gemini server on port 1965 now

4. Conclusion §

You are now ready to publish content on Gemini by adding files in /srv/gemini/content , enjoy!