About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(BSD OpenBSD Lisp cmdline gaming internet-stuff). I love percent and lambda characters. OpenBSD developer solene@.

Contact me: solene on libera.chat, solene+www at dataswamp dot org or @solene@bsd.network (mastodon). If for some reason you want to support my work, this is my paypal address: donate@perso.pw.

Run your Gemini server on Guix with Agate

Written by Solène, on 17 June 2021.
Tags: #guix #gemini

Comments on Mastodon

Introduction §

This article is about deploying the Gemini server agate on the Guix linux distribution.

Gemini quickstart to explain Gemini to beginners

Guix website

Configuration §

Guix manual about web services, search for Agate.

Add the agate-service definition in your /etc/config.scm file, we will store the Gemini content in /srv/gemini/content and store the certificate and its private key in the upper directory.

(service agate-service-type
         (agate-configuration
          (content "/srv/gemini/content")
          (cert "/srv/gemini/cert.pem")
          (key "/srv/gemini/key.rsa"))

If you have something like %desktop-services or %base-services, you need to wrap the services list a list using "list" function and add the %something-services to that list using the function "append" like this.

(services
  (append
    (list (service openssh-service-type)
          (service agate-service-type
                   (agate-configuration
                    (content "/srv/gemini/content")
                    (cert "/srv/gemini/cert.pem")
                    (key "/srv/gemini/key.rsa"))))
    %desktop-services))

Generating the certificate §

- Create directories /srv/gemini/content

- run the following command in /srv/gemini/

openssl req -x509 -newkey rsa:4096 -keyout key.rsa -out cert.pem -days 3650 -nodes -subj "/CN=YOUR_DOMAIN.TLD"

- Apply a chmod 400 on both files cert.pem and key.rsa

- Use "guix system reconfigure /etc/config.scm" to install agate

- Use "chown agate:agate cert.pem key.rsa" to allow agate user to read the certificates

- Use "herd restart agate" to restart the service, you should have a working gemini server on port 1965 now

Conclusion §

You are now ready to publish content on Gemini by adding files in /srv/gemini/content , enjoy!