Jeena
8fa30c2545
- Complete Gemini server implementation with logging - Add comprehensive documentation (README.md, AGENTS.md) - Implement certificate management guidelines - Add .gitignore for security and build artifacts - All unit tests passing (14/14) - Ready for production deployment
1.3 KiB
1.3 KiB
Overview
This project is a very simple gemini server which only serves static files, nothing else. It is meant to be generic so other people can use it.
Setup
This is a modern Rust project with the default rust setup.
Security
In this project cyber security is very important because we are implementing a server which reads arbitrary data from other computers and we need to make sure that bad actors can't break it and read random things from outside the directory, or even worse write things.
Testing
We have UnitTests which should be kept up to date before committing any new code.
Fix every compiler warning before committing.
Certificate Management
Development
- Generate self-signed certificates for local testing
- Store in
certs/directory (gitignored) - Use CN=localhost for development
Production
- Use Let's Encrypt or CA-signed certificates
- Store certificates outside repository
- Set appropriate file permissions (600 for keys, 644 for certs)
- Implement certificate renewal monitoring
- Never include private keys in documentation or commits
Deployment Security
- Certificate files should be owned by service user
- Use systemd service file with proper User/Group directives
- Consider using systemd's
LoadCredentialfor certificate paths