# Niver setup on Debian 11 (bullseye) ``` # apt install tor knot openssh-server sudo nginx certbot python3-certbot-nginx php7.4-fpm php-sqlite3 quota ``` ## Create system users ``` # useradd -U -r -s /usr/sbin/nologin ``` ## Twins ``` $ wget https://golang.org/dl/go1.16.7.linux-amd64.tar.gz -o go.tar.gz $ tar -xf go.tar.gz $ go/bin/go get code.rocketnine.space/tslocum/twins $ cp go/bin/twins /usr/local/bin/ ``` ## maniver Installation ``` # apt install gcc git $ git clone https://code.antopie.org/Niver/maniver && cd maniver $ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh $ cargo build --release # cp target/release/maniver /usr/local/bin/ # chown root:php-niver /usr/local/bin/maniver # chmod 750 /usr/local/bin/maniver ``` Update ``` $ git fetch $ rustup update $ cargo update $ cargo build --release # cp target/release/maniver /usr/local/bin/ ``` ## gmnisrv ``` # apt install git make pkg-config libssl-dev scdoc $ git clone https://git.sr.ht/~sircmpwn/gmnisrv # Download gmnisrv sources $ mkdir gmnisrv/build $ cd gmnisrv/build $ ../configure --prefix=/usr # Check gmnisrv dependencies and setup files needed for building $ make # Build gmnisrv # make install # Install gmnisrv binary and manpages on the system # useradd -U -r -s /usr/sbin/nologin gmnisrv # Add the gmnisrv system user and group # vim /etc/systemd/system/gmnisrv.service ``` ``` [Unit] Description=Gmnisrv, a Gemini server After=network.target Wants=network.target [Service] Type=simple ExecStart=/usr/local/bin/gmnisrv Restart=always User=gmnisrv Group=gmnisrv WorkingDirectory=/srv/ht [Install] WantedBy=multi-user.target ``` ``` # systemctl daemon-reload # mkdir -p /srv/gmi/niver.4.niv.re # echo "This is a testing Gemini capsule" > /srv/gmi/niver.4.niv.re/index.gmi # mkdir /var/lib/gemini # chmod -R 700 /var/lib/gemini # chown -R gmnisrv:gmnisrv /var/lib/gemini # vim /etc/gmnisrv.ini ``` ``` # Space-separated list of hosts listen=0.0.0.0:1965 [::]:1965 [:tls] # Path to store certificates on disk store=/var/lib/gemini [niver.4.niv.re] root=/srv/gmi/niver.4.niv.re ``` ## SFTP ``` # groupadd ht ``` ## Quota ``` # quotacheck -cm / # vim /etc/fstab ``` UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx / ext4 usrquota,grpquota,errors=remount-ro 0 1 ## Knot DNS ``` # sudo -u knot knotc conf-init # sudo -u knot knotc conf-import ``` ## Nginx Generate a self-signed certificate for default Nginx site. ``` # openssl req -subj '/' -new -newkey RSA:3072 -days 3650 -nodes -x509 -keyout /etc/ssl/private/niver.key -out /etc/ssl/certs/niver.crt ``` ## Niver-PHP ``` # chown -R root:root /usr/local/share/niver # chmod -R u=rwX,go=rX /usr/local/share/niver # mkdir /etc/nginx/ht # chown -R php-niver:php-niver /etc/nginx/ht # chmod -R 775 /etc/nginx/ht ``` Increase `session.gc_maxlifetime` in /etc/php/7.4/fpm/php.ini to avoid sessions being cleared too soon. ## Tor This command only exist on Debian ``` # tor-instance-create niver ```