About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(BSD OpenBSD Qubes OS Lisp cmdline gaming security QubesOS internet-stuff). I love percent and lambda characters. OpenBSD developer solene@. No AI is involved in this blog.
Contact me: solene at dataswamp dot org or @solene@bsd.network (mastodon).
You can sponsor my work financially if you want to help me writing this blog and contributing to Free Software as my daily job.
This article is about deploying the Gemini server agate on the Guix linux distribution.
Gemini quickstart to explain Gemini to beginners
Guix manual about web services, search for Agate.
Add the agate-service definition in your /etc/config.scm file, we will store the Gemini content in /srv/gemini/content and store the certificate and its private key in the upper directory.
(service agate-service-type
(agate-configuration
(content "/srv/gemini/content")
(cert "/srv/gemini/cert.pem")
(key "/srv/gemini/key.rsa"))
If you have something like %desktop-services or %base-services, you need to wrap the services list a list using "list" function and add the %something-services to that list using the function "append" like this.
(services
(append
(list (service openssh-service-type)
(service agate-service-type
(agate-configuration
(content "/srv/gemini/content")
(cert "/srv/gemini/cert.pem")
(key "/srv/gemini/key.rsa"))))
%desktop-services))
- Create directories /srv/gemini/content
- run the following command in /srv/gemini/
openssl req -x509 -newkey rsa:4096 -keyout key.rsa -out cert.pem -days 3650 -nodes -subj "/CN=YOUR_DOMAIN.TLD"
- Apply a chmod 400 on both files cert.pem and key.rsa
- Use "guix system reconfigure /etc/config.scm" to install agate
- Use "chown agate:agate cert.pem key.rsa" to allow agate user to read the certificates
- Use "herd restart agate" to restart the service, you should have a working gemini server on port 1965 now
You are now ready to publish content on Gemini by adding files in /srv/gemini/content , enjoy!