Florian Viehweger <[email protected]> wrote:
> Am Mon, 25 Apr 2022 13:40:32 +0200
> schrieb Omar Polo <[email protected]>:
>
> > Solène Rapenne <[email protected]> wrote:
> > > I disagree with the change to use example.com, there are TLD
> > > reserved for examples and documentation and .example is one of
> > > them, see RFC2606
> > >
> > > https://www.rfc-editor.org/rfc/rfc2606.html#section-2
> >
> > TIL! :)
> >
> > > $ext_addr macro used in relayd is not defined before, so this won't
> > > work out of the box and may mislead admins reading the readme.
> >
> > I tried to follow the sample configuration in
> > /etc/examples/relayd.conf, but I agree on both points.
> >
> > > ok solene@ otherwise
> >
> > i'll wait a bit for Florian to chime in and then commit, thanks!
>
> I'm fine with the change, thank you both!
committed, thanks! ;)
> What about the user and group '_vger', are they still needed then?
vger switches to the _vger user before serving the request, so it's
still needed. it's just /var/gemini that doesn't need to be owned by
the _vger user.
> > Index: Makefile
> > ===================================================================
> > RCS file: /home/cvs/ports/net/vger/Makefile,v
> > retrieving revision 1.4
> > diff -u -p -r1.4 Makefile
> > --- Makefile 26 Mar 2022 13:50:30 -0000 1.4
> > +++ Makefile 25 Apr 2022 10:07:32 -0000
> > @@ -1,5 +1,5 @@
> > COMMENT = gemini server written in C used with inetd
> > -V = 1.09
> > +V = 1.10
> > DISTNAME = vger-${V}
> >
> > CATEGORIES = net
> > Index: distinfo
> > ===================================================================
> > RCS file: /home/cvs/ports/net/vger/distinfo,v
> > retrieving revision 1.3
> > diff -u -p -r1.3 distinfo
> > --- distinfo 26 Mar 2022 13:50:30 -0000 1.3
> > +++ distinfo 25 Apr 2022 10:07:36 -0000
> > @@ -1,2 +1,2 @@
> > -SHA256 (vger-1.09.tar.gz) =
> > sjuLH9gk0AV6BixQ7UJQN+omJtskyIzJh3HY34iYFh4= -SIZE (vger-1.09.tar.gz)
> > = 13594 +SHA256 (vger-1.10.tar.gz) =
> > H7jCRt0B/vag1KI3iwoKlYxVvNh8jcSQzxCNv4IA7PM= +SIZE (vger-1.10.tar.gz)
> > = 13853 Index: pkg/PLIST
> > ===================================================================
> > RCS file: /home/cvs/ports/net/vger/pkg/PLIST,v
> > retrieving revision 1.2
> > diff -u -p -r1.2 PLIST
> > --- pkg/PLIST 11 Mar 2022 19:48:05 -0000 1.2
> > +++ pkg/PLIST 7 Apr 2022 21:49:05 -0000
> > @@ -3,7 +3,4 @@
> > @bin bin/vger
> > @man man/man8/vger.8
> > share/doc/pkg-readmes/${PKGSTEM}
> > -@mode 755
> > -@owner _vger
> > -@group _vger
> > @sample /var/gemini/
> > Index: pkg/README
> > ===================================================================
> > RCS file: /home/cvs/ports/net/vger/pkg/README,v
> > retrieving revision 1.2
> > diff -u -p -r1.2 README
> > --- pkg/README 11 Mar 2022 19:48:05 -0000 1.2
> > +++ pkg/README 25 Apr 2022 11:39:06 -0000
> > @@ -2,43 +2,41 @@
> > | Running ${PKGSTEM} on OpenBSD
> >
> > +-------------------------------------------------------------------------------
> >
> > -Modify configuration files
> > -==========================
> > +Configuring inetd(8) and relayd(8)
> > +==================================
> >
> > -In order to run Vger, you need to modify /etc/inetd.conf and
> > /etc/relayd.conf. +Vger is meant to be run run by inetd(8) behind a
> > relay daemon offering +TLS capabilities like relayd(8).
> >
> > -inetd.conf
> > -----------
> > +sample inetd.conf
> > +-----------------
> >
> > 127.0.0.1:11965 stream tcp nowait _vger
> > ${TRUEPREFIX}/bin/vger vger
> > -relayd.conf
> > ------------
> > +sample relayd.conf
> > +------------------
> >
> > log connection
> > +
> > tcp protocol "gemini" {
> > tls keypair hostname.example
> > }
> >
> > relay "gemini" {
> > - listen on hostname.example port 1965 tls
> > - protocol "gemini"
> > - forward to 127.0.0.1 port 11965
> > + listen on hostname.example port 1965 tls
> > + protocol "gemini"
> > + forward to 127.0.0.1 port 11965
> > }
> >
> > +Then enable and start inetd and relayd:
> >
> > -Enable respective services
> > -==========================
> > -
> > -You need to enable and start inetd and relayd.
> > -
> > -$ rcctl enable relayd inetd
> > -$ rcctl start relayd inetd
> > + # rcctl enable relayd inetd
> > + # rcctl start relayd inetd
> >
> > Firewall configuration
> > ======================
> >
> > -Enable TCP port 1965.
> > +Allow TCP traffic on port 1965.
> >
> > Usage
> > =====
