App-phoebe
view release on metacpan or search on metacpan
20 text/gemini; charset=UTF-8
Welcome to Phoebe!
Success!! 😀 🚀🚀
Let's create a new page using the Titan protocol, from the command line:
echo "Welcome to the wiki!" > test.txt
echo "Please be kind." >> test.txt
perl5/bin/titan --url=titan://localhost/raw/Welcome --token=hello test.txt
You should get a nice redirect message, with an appropriate date.
30 gemini://localhost:1965/page/Welcome
You can check the page, now (replacing the appropriate date):
perl5/bin/gemini gemini://localhost:1965/page/Welcome
You should get back a page that starts as follows:
20 text/gemini; charset=UTF-8
Welcome to the wiki!
Please be kind.
Yay! ðŸ˜ðŸŽ‰ 🚀🚀
If you have a bunch of Gemtext files in a directory, you can upload them all in
one go:
titan --url=titan://localhost/ --token=hello *.gmi
## Image uploads
OK, how do image uploads work? First, we need to specify which MIME types Phoebe
accepts. The files are going to be served back with that MIME type, so even if
somebody uploads an executable and claim it's an image, other people's clients
will treat it as an image instead of executing it (one hopes!) – so let's start
with a list of common MIME types.
- `image/jpeg` is for photos (usually with the `jpg` extension)
- `image/png` is for graphics (usually with the `png` extension)
- `audio/mpeg` is for sound (usually with the `mp3` extension)
Let's continue using the setup we used for the ["Quickstart"](#quickstart) section. Restart
the server and allow photos:
perl5/bin/phoebe --wiki_mime_type=image/jpeg
Upload the image using the `titan` script:
perl5/bin/titan --url=titan://localhost:1965/jupiter.jpg \
--token=hello Pictures/Planets/Juno.jpg
You should get back a redirect to the uploaded image:
30 gemini://localhost:1965/file/jupiter.jpg
How did the `titan` script know the MIME-type to use for the upload? If you
don't specify a MIME-type using `--mime`, the `file` utility is called to
guess the MIME type of the file.
Test it:
file --mime-type --brief Pictures/Planets/Juno.jpg
The result is the MIME-type we enabled for our wiki:
image/jpeg
Here's what happens when you're trying to upload an unsupported MIME-type:
titan --url=titan://localhost:1965/earth.png \
--token=hello Pictures/Planets/Earth.png
What you get back explains the problem:
59 This wiki does not allow image/png
In order to allow such graphics as well, you need to restart Phoebe:
phoebe --wiki_mime_type=image/jpeg --wiki_mime_type=image/png
Except that in my case, the image is too big:
59 This wiki does not allow more than 100000 bytes per page
I could scale it down before I upload the image, using `convert` (which is part
of ImageMagick):
convert -scale 20% Pictures/Planets/Earth.png earth-small.png
Try again:
titan --url=titan://localhost:1965/earth.png \
--token=hello earth-small.png
Alternatively, you can increase the size limit using the
`--wiki_page_size_limit` option, but you need to restart Phoebe:
phoebe --wiki_page_size_limit=10000000 \
--wiki_mime_type=image/jpeg --wiki_mime_type=image/png
Now you can upload about 10MB…
## Using systemd
Systemd is going to handle daemonisation for us. There's more documentation
available online.
[https://www.freedesktop.org/software/systemd/man/systemd.service.html](https://www.freedesktop.org/software/systemd/man/systemd.service.html).
Basically, this is the template for our service:
[Unit]
Description=Phoebe
After=network.target
[Service]
Type=simple
WorkingDirectory=/home/phoebe
ExecStart=/home/phoebe/phoebe
Restart=always
- `--wiki_page_size_limit` is the number of bytes to allow for uploads,
both for pages and for files; the default is 10000 (10kB)
- `--host` is the hostname to serve; the default is `localhost` – you
probably want to pick the name of your machine, if it is reachable from
the Internet; if you use it multiple times, each host gets its own wiki
space (see `--wiki_space` below)
- `--port` is the port to use; the default is 1965
- `--wiki_dir` is the wiki data directory to use; the default is either
the value of the `PHOEBE_DATA_DIR` environment variable, or the "./wiki"
subdirectory
- `--wiki_space` adds an extra space that acts as its own wiki; a
subdirectory with the same name gets created in your wiki data directory
and thus you shouldn't name spaces like any of the files and directories
already there (see ["FILES"](#files)); not that settings such as
`--wiki_page` and `--wiki_main_page` apply to all spaces, but the page
content will be different for every wiki space
- `--cert_file` is the certificate PEM file to use; the default is
`cert.pem`
- `--key_file` is the private key PEM file to use; the default is
`key.pem`
- `--log_level` is the log level to use (`fatal`, `error`, `warn`,
`info`, `debug`); the default is `warn`
- `--log_file` is the log file to use; the default is undefined, which
means that STDERR is used
## Uploads
If you allow uploads of binary files, these are stored separately from the
regular pages; the wiki doesn't keep old revisions of files around. If somebody
overwrites a file, the old revision is gone.
You definitely don't want random people uploading all sorts of images, videos
and binaries to your server. Make sure you set up those [tokens](#security)
using `--wiki_token`!
# Notes
## Security
The server uses "access tokens" to check whether people are allowed to edit
files. You could also call them "passwords", if you want. They aren't associated
with a username. You set them using the `--wiki_token` option. By default, the
only password is "hello". That's why the Titan command above contained
"token=hello". 😊
If you're going to check up on your wiki often (daily!), you could just tell
people about the token on a page of your wiki. Spammers would at least have to
read the instructions and in my experience the hardly ever do.
You could also create a separate password for every contributor and when they
leave the project, you just remove the token from the options and restart
Phoebe. They will no longer be able to edit the site.
## Privacy
The server only actively logs changes to pages. It calculates a "code" for every
contribution: it is a four digit octal code. The idea is that you could colour
every digit using one of the eight standard terminal colours and thus get little
four-coloured flags.
This allows you to make a pretty good guess about edits made by the same person,
without telling you their IP numbers.
The code is computed as follows: the IP numbers is turned into a 32bit number
using a hash function, converted to octal, and the first four digits are the
code. Thus all possible IP numbers are mapped into 8â´=4096 codes.
If you increase the log level, the server will produce more output, including
information about the connections happening, like `2020/06/29-15:35:59 CONNECT
SSL Peer: "[::1]:52730" Local: "[::1]:1965"` and the like (in this case `::1`
is my local address so that isn't too useful but it could also be your visitor's
IP numbers, in which case you will need to tell them about it using in order to
comply with the
[GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation).
# Example
Here's an example for how to start Phoebe. It listens on `localhost` port 1965,
adds the "Welcome" and the "About" page to the main menu, and allows editing
using one of two tokens.
phoebe \
--wiki_token=Elrond \
--wiki_token=Thranduil \
--wiki_page=Welcome \
--wiki_page=About
Here's what my `phoebe.service` file actually looks like:
[Unit]
Description=Phoebe
After=network.target
[Install]
WantedBy=multi-user.target
[Service]
Type=simple
WorkingDirectory=/home/alex/farm
Restart=always
User=alex
Group=ssl-cert
MemoryMax=100M
MemoryHigh=90M
ExecStart=/home/alex/src/phoebe/script/phoebe \
--port=1965 \
--log_level=debug \
--wiki_dir=/home/alex/phoebe \
--host=transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=toki.transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=vault.transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=communitywiki.org \
--cert_file=/var/lib/dehydrated/certs/communitywiki.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/communitywiki.org/privkey.pem \
--host=alexschroeder.ch \
--cert_file=/var/lib/dehydrated/certs/alexschroeder.ch/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/alexschroeder.ch/privkey.pem \
package App::Phoebe;
use Modern::Perl;
our ($server);
$server->{wiki_token} = [];
This code simply deactivates the token list. No more tokens!
## Virtual Hosting
Sometimes you want have a machine reachable under different domain names and you
want each domain name to have their own wiki space, automatically. You can do
this by using multiple `--host` options.
Here's a simple, stand-alone setup that will work on your local machine. These
are usually reachable using the IPv4 `127.0.0.1` or the name `localhost`. The
following command tells Phoebe to serve both `127.0.0.1` and `localhost`
(the default is to just serve `localhost`).
phoebe --host=127.0.0.1 --host=localhost
Visit both at [gemini://localhost/](gemini://localhost/) and [gemini://127.0.0.1/](gemini://127.0.0.1/), and create a
new page in each one, then examine the data directory `wiki`. You'll see both
`wiki/localhost` and `wiki/127.0.0.1`.
If you're using more wiki spaces, you need to prefix them with the respective
hostname if you use more than one:
phoebe --host=127.0.0.1 --host=localhost \
--wiki_space=127.0.0.1/alex --wiki_space=localhost/berta
In this situation, you can visit [gemini://127.0.0.1/](gemini://127.0.0.1/),
[gemini://127.0.0.1/alex/](gemini://127.0.0.1/alex/), [gemini://localhost/](gemini://localhost/), and
[gemini://localhost/berta/](gemini://localhost/berta/), and they will all be different.
If this is confusing, remember that not using virtual hosting and not using
spaces is fine, too. 😀
## Multiple Certificates
If you're using virtual hosting as discussed above, you have two options: you
can use one certificate for all your hostnames, or you can use different
certificates for the hosts. If you want to use just one certificate for all your
hosts, you don't need to do anything else. If you want to use different
certificates for different hosts, you have to specify them all on the command
line. Generally speaking, use `--host` to specifiy one or more hosts, followed
by both `--cert_file` and `--key_file` to specifiy the certificate and key to
use for the hosts.
For example:
phoebe --host=transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/cert.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=alexschroeder.ch \
--cert_file=/var/lib/dehydrated/certs/alexschroeder.ch/cert.pem \
--key_file=/var/lib/dehydrated/certs/alexschroeder.ch/privkey.pem
# See also
As you might have guessed, the system is easy to tinker with, if you know some
Perl. The Transjovian Council has a wiki space dedicated to Phoebe, and it
includes a section with more configuration examples.
See [gemini://transjovian.org/](gemini://transjovian.org/) or [https://transjovian.org:1965/](https://transjovian.org:1965/).
# License
GNU Affero General Public License
# Gemini
**gemini** \[**--help**\] \[**--verbose**\] \[**--cert\_file=**_filename_
**--key\_file=**_filename_\] _URL_
This is a very simple client. All it does is print the response. The header is
printed to standard error so the rest can be redirected to get just the content.
Usage:
gemini gemini://alexschroeder.ch/Test
Download an image:
gemini gemini://alexschroeder.ch:1965/do/gallery/2016-aminona/thumbs/Bisse_de_Tsittoret.jpg \
> Bisse_de_Tsittoret.jpg
Download all the images on a page:
for url in $(./gemini gemini://alexschroeder.ch:1965/do/gallery/2016-aminona \
| grep thumbs | cut --delimiter=' ' --fields=2); do
echo $url
./gemini "$url" > $(basename "$url")
done
In the shell script above, the first call to gemini gets the page with all the
links, grep then filters for the links to thumbnails, extract the URL using cut
(assuming a space between "=>" and the URL), and download each URL, and save the
output in the filename indicated by the URL.
## Client Certificates
You can provide a certificate and a key file:
gemini --cert_file=cert.pem --key_file=key.pem \
gemini://campaignwiki.org/play/ijirait
# Gemini
All `gemini-chat` does is repeatedly post stuff to a Gemini URL. For example,
assume that there is a Phoebe wiki with chat enabled via [App::Phoebe::Chat](https://metacpan.org/pod/App%3A%3APhoebe%3A%3AChat).
First, you connect to the _listen_ URL using `gemini`:
gemini --cert_file=cert.pem --key_file=key.pem \
gemini://localhost/do/chat/listen
Then you connect the chat client to the _say_ URL using `gemini-chat`:
gemini-chat --cert=cert.pem --key=key.pem \
gemini://transjovian.org/do/chat/say
To generate your client certificate for 100 days and using “Alex†as your common
( run in 3.835 seconds using v1.01-cache-2.11-cpan-5837b0d9d2c )