App-phoebe
view release on metacpan or search on metacpan
script/phoebe view on Meta::CPAN
Start Phoebe. It's going to prompt you for a hostname and create certificates
for you. If in doubt, answer C<localhost>. The certificate and a private key are
stored in the F<cert.pem> and F<key.pem> files, using elliptic curves, valid for
five years, without password protection.
perl5/bin/phoebe
This starts the server in the foreground. If it aborts, see the
L</Troubleshooting> section below. If it runs, open a second terminal and test
it:
perl5/bin/gemini gemini://localhost/
You should see a Gemini page starting with the following:
20 text/gemini; charset=UTF-8
Welcome to Phoebe!
Success!! 😀 🚀🚀
Let's create a new page using the Titan protocol, from the command line:
echo "Welcome to the wiki!" > test.txt
echo "Please be kind." >> test.txt
perl5/bin/titan --url=titan://localhost/raw/Welcome --token=hello test.txt
You should get a nice redirect message, with an appropriate date.
30 gemini://localhost:1965/page/Welcome
You can check the page, now (replacing the appropriate date):
perl5/bin/gemini gemini://localhost:1965/page/Welcome
You should get back a page that starts as follows:
20 text/gemini; charset=UTF-8
Welcome to the wiki!
Please be kind.
Yay! ðŸ˜ðŸŽ‰ 🚀🚀
If you have a bunch of Gemtext files in a directory, you can upload them all in
one go:
titan --url=titan://localhost/ --token=hello *.gmi
=head2 Image uploads
OK, how do image uploads work? First, we need to specify which MIME types Phoebe
accepts. The files are going to be served back with that MIME type, so even if
somebody uploads an executable and claim it's an image, other people's clients
will treat it as an image instead of executing it (one hopes!) – so let's start
with a list of common MIME types.
=over
=item * C<image/jpeg> is for photos (usually with the C<jpg> extension)
=item * C<image/png> is for graphics (usually with the C<png> extension)
=item * C<audio/mpeg> is for sound (usually with the C<mp3> extension)
=back
Let's continue using the setup we used for the L</Quickstart> section. Restart
the server and allow photos:
perl5/bin/phoebe --wiki_mime_type=image/jpeg
Upload the image using the C<titan> script:
perl5/bin/titan --url=titan://localhost:1965/jupiter.jpg \
--token=hello Pictures/Planets/Juno.jpg
You should get back a redirect to the uploaded image:
30 gemini://localhost:1965/file/jupiter.jpg
How did the C<titan> script know the MIME-type to use for the upload? If you
don't specify a MIME-type using C<--mime>, the C<file> utility is called to
guess the MIME type of the file.
Test it:
file --mime-type --brief Pictures/Planets/Juno.jpg
The result is the MIME-type we enabled for our wiki:
image/jpeg
Here's what happens when you're trying to upload an unsupported MIME-type:
titan --url=titan://localhost:1965/earth.png \
--token=hello Pictures/Planets/Earth.png
What you get back explains the problem:
59 This wiki does not allow image/png
In order to allow such graphics as well, you need to restart Phoebe:
phoebe --wiki_mime_type=image/jpeg --wiki_mime_type=image/png
Except that in my case, the image is too big:
59 This wiki does not allow more than 100000 bytes per page
I could scale it down before I upload the image, using C<convert> (which is part
of ImageMagick):
convert -scale 20% Pictures/Planets/Earth.png earth-small.png
Try again:
titan --url=titan://localhost:1965/earth.png \
--token=hello earth-small.png
Alternatively, you can increase the size limit using the
C<--wiki_page_size_limit> option, but you need to restart Phoebe:
phoebe --wiki_page_size_limit=10000000 \
--wiki_mime_type=image/jpeg --wiki_mime_type=image/png
Now you can upload about 10MB…
=head2 Using systemd
Systemd is going to handle daemonisation for us. There's more documentation
available online.
L<https://www.freedesktop.org/software/systemd/man/systemd.service.html>.
Basically, this is the template for our service:
[Unit]
Description=Phoebe
After=network.target
[Service]
Type=simple
WorkingDirectory=/home/phoebe
ExecStart=/home/phoebe/phoebe
Restart=always
User=phoebe
Group=phoebe
MemoryMax=100M
MemoryHigh=90M
[Install]
WantedBy=multi-user.target
Save this as F<phoebe.service>, and then link it:
sudo ln -s /home/phoebe/phoebe.service /etc/systemd/system/
Reload systemd:
sudo systemctl daemon-reload
Start Phoebe:
sudo systemctl start phoebe
Check the log output:
sudo journalctl --unit phoebe
=head2 Troubleshooting
🔥 B<1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher> 🔥 If you
created a new certificate and key using elliptic curves using an older OpenSSL,
you might run into this. Try to create a RSA key instead. It is larger, but at
least it'll work.
openssl req -new -x509 -newkey rsa \
-days 1825 -nodes -out cert.pem -keyout key.pem
=head1 FILES
Your home directory should now also contain a wiki directory called F<wiki>,
your wiki directory. In it, you'll find a few more files:
F<page> is the directory with all the page files in it; each file has the C<gmi>
extension and should be written in Gemtext format
script/phoebe view on Meta::CPAN
SSL Peer: "[::1]:52730" Local: "[::1]:1965"> and the like (in this case C<::1>
is my local address so that isn't too useful but it could also be your visitor's
IP numbers, in which case you will need to tell them about it using in order to
comply with the
L<GDPR|https://en.wikipedia.org/wiki/General_Data_Protection_Regulation>.
=head1 EXAMPLE
Here's an example for how to start Phoebe. It listens on C<localhost> port 1965,
adds the "Welcome" and the "About" page to the main menu, and allows editing
using one of two tokens.
phoebe \
--wiki_token=Elrond \
--wiki_token=Thranduil \
--wiki_page=Welcome \
--wiki_page=About
Here's what my F<phoebe.service> file actually looks like:
[Unit]
Description=Phoebe
After=network.target
[Install]
WantedBy=multi-user.target
[Service]
Type=simple
WorkingDirectory=/home/alex/farm
Restart=always
User=alex
Group=ssl-cert
MemoryMax=100M
MemoryHigh=90M
ExecStart=/home/alex/src/phoebe/script/phoebe \
--port=1965 \
--log_level=debug \
--wiki_dir=/home/alex/phoebe \
--host=transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=toki.transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=vault.transjovian.org \
--cert_file=/var/lib/dehydrated/certs/transjovian.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/transjovian.org/privkey.pem \
--host=communitywiki.org \
--cert_file=/var/lib/dehydrated/certs/communitywiki.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/communitywiki.org/privkey.pem \
--host=alexschroeder.ch \
--cert_file=/var/lib/dehydrated/certs/alexschroeder.ch/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/alexschroeder.ch/privkey.pem \
--host=next.oddmuse.org \
--cert_file=/var/lib/dehydrated/certs/oddmuse.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/oddmuse.org/privkey.pem \
--host=emacswiki.org \
--cert_file=/var/lib/dehydrated/certs/emacswiki.org/fullchain.pem \
--key_file=/var/lib/dehydrated/certs/emacswiki.org/privkey.pem \
--wiki_main_page=Welcome \
--wiki_page=About \
--wiki_mime_type=image/png \
--wiki_mime_type=image/jpeg \
--wiki_mime_type=audio/mpeg \
--wiki_space=transjovian.org/test \
--wiki_space=transjovian.org/phoebe \
--wiki_space=transjovian.org/anthe \
--wiki_space=transjovian.org/gemini \
--wiki_space=transjovian.org/titan
=head2 Certificates and File Permission
In the example above, I'm using certificates I get from Let's Encrypt. Thus, the
regular website served on port 443 and the Phoebe website on port 1965 use the
same certificates. My problem is that for the regular website, Apache can read
the certificates, but in the setup above Phoebe runs as the user C<alex> and
cannot access the certificates. My solution is to use the group C<ssl-cert>.
This is the group that already has read access to F</etc/ssl/private> on my
system. I granted the following permissions:
drwxr-x--- root ssl-cert /var/lib/dehydrated/certs
drwxr-s--- root ssl-cert /var/lib/dehydrated/certs/*
drwxr----- root ssl-cert /var/lib/dehydrated/certs/*/*.pem
=head2 Main Page and Title
The main page will include ("transclude") a page of your choosing if you use the
C<--wiki_main_page> option. This also sets the title of your wiki in various
places like the RSS and Atom feeds.
In order to be more flexible, the name of the main page does not get printed. If
you want it, you need to add it yourself using a header. This allows you to keep
the main page in a page called "Welcome" containing some ASCII art such that the
word "Welcome" does not show on the main page. This assumes you're using
C<--wiki_main_page=Welcome>, of course.
If you have pages with names that start with an ISO date like 2020-06-30, then
I'm assuming you want some sort of blog. In this case, up to ten of them will be
shown on your front page.
=head2 robots.txt
There are search machines out there that will index your site. Ideally, these
wouldn't index the history pages and all that: they would only get the list of
all pages, and all the pages. I'm not even sure that we need them to look at all
the files. The Robots Exclusion Standard lets you control what the bots ought to
index and what they ought to skip. It doesn't always work.
L<https://en.wikipedia.org/wiki/Robots_exclusion_standard>
Here's my suggestion:
User-agent: *
Disallow: /raw
Disallow: /html
Disallow: /diff
Disallow: /history
Disallow: /do/comment
Disallow: /do/changes
Disallow: /do/all/changes
Disallow: /do/all/latest/changes
Disallow: /do/rss
Disallow: /do/atom
( run in 2.027 seconds using v1.01-cache-2.11-cpan-df04353d9ac )