2019-08-24 05:36:24 +02:00
|
|
|
# Jetforce
|
|
|
|
|
|
|
|
An experimental python server for the new, under development Gemini Protocol.
|
|
|
|
|
|
|
|
Learn more about Project Gemini [here](https://gopher.commons.host/gopher://zaibatsu.circumlunar.space/1/~solderpunk/gemini).
|
|
|
|
|
|
|
|
![Rocket Launch](resources/rocket.jpg)
|
2019-08-09 03:45:26 +02:00
|
|
|
|
2019-08-05 04:57:34 +02:00
|
|
|
## Features
|
|
|
|
|
2019-08-24 05:21:43 +02:00
|
|
|
- A modern python codebase with type hinting and black formatting.
|
|
|
|
- A built-in static file server with support for gemini directory files.
|
|
|
|
- Lightweight, single-file framework with zero dependencies.
|
2019-08-05 04:57:34 +02:00
|
|
|
- Supports concurrent connections using an asynchronous event loop.
|
2019-08-24 06:34:05 +02:00
|
|
|
- Extendable - loosely implements the [WSGI](https://en.wikipedia.org/wiki/Web_Server_Gateway_Interface)
|
|
|
|
server/application pattern.
|
2019-08-05 04:57:34 +02:00
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
2019-08-24 06:34:05 +02:00
|
|
|
Requires Python 3.7+ and OpenSSL.
|
2019-08-05 04:57:34 +02:00
|
|
|
|
2019-08-24 06:34:05 +02:00
|
|
|
The latest release can be installed from [PyPI](https://pypi.org/project/Jetforce/)
|
|
|
|
|
|
|
|
```
|
2019-08-05 04:57:34 +02:00
|
|
|
$ pip install jetforce
|
|
|
|
```
|
|
|
|
|
2019-08-24 06:56:45 +02:00
|
|
|
Or, simply clone the repository and run the script directly
|
2019-08-05 04:57:34 +02:00
|
|
|
|
2019-08-24 06:34:05 +02:00
|
|
|
```
|
2019-08-05 04:57:34 +02:00
|
|
|
$ git clone https://github.com/michael-lazar/jetforce
|
|
|
|
$ cd jetforce
|
2019-08-24 05:29:18 +02:00
|
|
|
$ ./jetforce.py
|
2019-08-05 04:57:34 +02:00
|
|
|
```
|
2019-08-24 06:34:05 +02:00
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
Use the ``--help`` flag to view command-line options:
|
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
$ jetforce --help
|
|
|
|
usage: jetforce [-h] [--host HOST] [--port PORT] [--tls-certfile FILE]
|
|
|
|
[--tls-keyfile FILE] [--hostname HOSTNAME] [--dir DIR]
|
|
|
|
[--index-file INDEX_FILE]
|
|
|
|
|
|
|
|
An Experimental Gemini Protocol Server
|
|
|
|
|
|
|
|
optional arguments:
|
|
|
|
-h, --help show this help message and exit
|
|
|
|
--host HOST Address to bind server to (default: 127.0.0.1)
|
|
|
|
--port PORT Port to bind server to (default: 1965)
|
|
|
|
--tls-certfile FILE TLS certificate file (default: None)
|
|
|
|
--tls-keyfile FILE TLS private key file (default: None)
|
|
|
|
--hostname HOSTNAME Server hostname (default: localhost)
|
|
|
|
--dir DIR Path on the filesystem to serve (default: /var/gemini)
|
|
|
|
--index-file INDEX_FILE
|
2019-08-24 06:54:53 +02:00
|
|
|
The gemini directory index file (default: index.gmi)
|
2019-08-24 06:34:05 +02:00
|
|
|
|
|
|
|
If the TLS cert/keyfile is not provided, a self-signed certificate will
|
2019-08-24 06:54:53 +02:00
|
|
|
automatically be generated and saved to your temporary directory.
|
2019-08-24 06:34:05 +02:00
|
|
|
```
|
|
|
|
|
|
|
|
### TLS Certificates
|
|
|
|
|
|
|
|
The gemini specification *requires* that all connections be sent over TLS.
|
|
|
|
Before you deploy jetforce, you should either generate your own self-signed
|
|
|
|
certificate, or obtain one from a Certificate Authority like
|
|
|
|
[Let's Encrypt](https://letsencrypt.org).
|
|
|
|
|
|
|
|
In order to make local development easier, if you do not specify the certificate
|
|
|
|
arguments, jetforce will automatically generate a temporary ad-hoc TLS certificate
|
2019-08-24 06:58:00 +02:00
|
|
|
to use. Here's the OpenSSL command that jetforce uses internally:
|
2019-08-24 06:34:05 +02:00
|
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
$ openssl req -newkey rsa:2048 -nodes -keyout {hostname}.key \
|
|
|
|
-nodes -x509 -out {hostname}.crt -subj "/CN={hostname}"
|
|
|
|
```
|
|
|
|
|
2019-08-24 20:38:57 +02:00
|
|
|
#### TLS Client Certificates
|
|
|
|
|
|
|
|
There are currently no plans to support transient self-signed client certificates.
|
|
|
|
This is due to a techinical limitation of the python standand library's ``ssl``
|
|
|
|
module, which is described in detail
|
|
|
|
[here](https://portal.mozz.us/?url=gemini%3A%2F%2Fmozz.us%2Fjournal%2F2019-08-21.txt).
|
|
|
|
|
2019-08-24 20:39:19 +02:00
|
|
|
Support for verified client certificates will be added in a future version.
|
2019-08-24 20:38:57 +02:00
|
|
|
|
2019-08-24 06:34:05 +02:00
|
|
|
### Hostname
|
|
|
|
|
2019-08-24 06:34:38 +02:00
|
|
|
Because the gemini protocol sends the *whole* URL in the request, it's required
|
2019-08-24 06:58:43 +02:00
|
|
|
that you declare which hostname your server is expecting to receive traffic under.
|
|
|
|
Jetforce will respond to any request containing a URL that don't match your hostname
|
2019-08-24 06:34:05 +02:00
|
|
|
with a status of ``Proxy Request Refused``.
|
|
|
|
|
|
|
|
Using python, you can modify this behavior to do fancy things like building a proxy
|
2019-08-24 06:59:51 +02:00
|
|
|
server for HTTP requests. See [server_http_proxy.py](examples/server_http_proxy.py) for
|
|
|
|
an example of how to accomplish this.
|
2019-08-24 06:54:53 +02:00
|
|
|
|
2019-08-24 07:05:45 +02:00
|
|
|
### Serving Files
|
2019-08-24 06:54:53 +02:00
|
|
|
|
|
|
|
Jetforce serves files from the ``/var/gemini/`` directory by default:
|
|
|
|
|
|
|
|
- Files with the **.gmi** extension will be interpreted as *text/gemini*.
|
2019-08-24 07:05:45 +02:00
|
|
|
- Other files will have their *mimetype* guessed based on their file extension.
|
2019-08-24 19:58:11 +02:00
|
|
|
- Directories will look for a file with the name **index.gmi**.
|
2019-08-24 20:11:17 +02:00
|
|
|
- If an index file does not exist, a directory listing will be generated.
|
2019-08-24 06:54:53 +02:00
|
|
|
|
|
|
|
There is not currently any support for CGI scripts. This feature might be added
|
|
|
|
in a future version.
|
2019-08-24 07:05:45 +02:00
|
|
|
|
|
|
|
## License
|
|
|
|
|
|
|
|
This project is licensed under the [Floodgap Free Software License](https://www.floodgap.com/software/ffsl/license.html).
|
|
|
|
|
|
|
|
> The Floodgap Free Software License (FFSL) has one overriding mandate: that software
|
|
|
|
> using it, or derivative works based on software that uses it, must be free. By free
|
|
|
|
> we mean simply "free as in beer" -- you may put your work into open or closed source
|
|
|
|
> packages as you see fit, whether or not you choose to release your changes or updates
|
|
|
|
> publicly, but you must not ask any fee for it.
|