This is a program/proof of concept for a simple status reporting system.
- if website integration is set up, just point your browser to wherever the result is displayed
- point your Gemini browser to
<hostname> - if Finger support is set up,
finger <status account>@<hostname>(orecho <status account> | nc <hostname> <port (79 probably)>ortelnet <hostname> <port>and then type<status account><Enter>if you don't have a Finger client installed)
Point your Gemini browser (with the appropriate client certificate present), there should be 2 options:
- Toggle, to alternate between the 2 predefined states
- Set, to set the status to an arbitrary string
This program is a single CGI script meant for the gmid Gemini server, but it should work for any Gemini server with client certificate (Fast)CGI support, save for some adapting of the environment variable names it receives. It is configured by editing the global variables at the top of the file, and is intended to be toggled from a handful of physical locations, hence only 1 TLS client certificate fingerprint can be specified.
Keep in mind that this script isn't very extensible at the moment on purpose.
/etc/
`- gmid.conf
/var/
`- gemini/
`- bin/
`- sh
`- cat
`- status.lmao.cringe/
`- simple-status-reporter
gmid works in a chroot (by default /var/gemini), so sh and cat must be hardlinked (consult ln(1)) or copied at the root of the chroot, in the same directory structure as it would be outside of it. ldd is your friend here, make sure to link/copy over all dependent libraries in a similar manner depending on what the binaries (and dependent libraries) themselves may depend on (for instance, on OpenBSD, both of the aforementioned binaries have no dependencies, but many others at different binary directory paths do). That being done, simply make an entrypoint to this script in gmid.conf, refer to gmid.conf(5) for a complete reference. Example:
user "_gmid"
chroot "/var/gemini"
office_status = "status.lmao.cringe"
server $office_status {
cert "/etc/ssl/gemini/" $office_status ".pem"
key "/etc/ssl/gemini/private/" $office_status ".key"
root "/" $office_status
entrypoint "/simple-status-reporter"
}
To obtain the SHA256 fingerprint of the client certificate you want to use, something like openssl x509 -in <cert.crt or cert.pem> -noout -sha256 -fingerprint | cut -d "=" -f 2 | tr "[A-Z]" "[a-z]" | tr -d ":" might be useful, or copy it from your Gemini browser (Lagrange has support for this for example) if it was generated there.
Paste the hex value in the script as 1 string without any colons and all lowercase, make sure the script is executable, don’t forget to change ownership to the Gemini server user, typically _gmid with gmid (chown _gmid:_gmid <path to status.txt>), and make $STATUS_FILE group-writable (chmod g+w <path to status.txt>), start gmid, and it should work.
Finger can also be supported with the provided finger-handler script (at least on OpenBSD, consult inetd(8) and fingerd(8) for a full reference); essentially it is meant to be set as the program which is called by the Finger daemon to actually retrieve info on the specified user (the -P flag on OpenBSD's fingerd), which should make it intercept only a specific username of your choosing, and in that case read wherever you told simple-status-reporter to write its status to. Make sure to adapt the paths and names to your situation.
For other operating systems, it depends a lot on which Finger daemon (and/or inetd) you are using, if your system has one available. If so, it probably has a manpage, which is a good place to start figuring out the appropriate options. Keep in mind that Finger's default port, port 79, is for privileged processes only.
The script will write the current state (and only the current state) to $STATUS_FILE (if running in a chroot, make sure that the path is within the chroot), so here's an example of how to integrate it so that the status can be displayed on a website:
- tell the web server to show the contents of the file at a given location/virtualhost (in the case of OpenBSD's
httpdwhich also runs in a chroot, actually hard links are useful here, make one from the status file withingmid's chroot to somewhere inhttpd's, for instanceln /var/gemini/status.lmao.cringe/status.txt /var/www/htdocs/status.txt; remember to consultln(1)for a full reference) - use the Fetch API to query that location at regular intervals on the website