blog

RSS
  1. gemini-proxy

    A Gemini browser, inspired by Netscape Navigator 2.0

    One of the best and worst things about the Gemini Project is the barrier to entry. It's a sort of walled off part of the web, akin to a nuclear bunker for nerds. The whole thing has this sort of retro cyberpunk vibe, and browsing Geminispace feels a lot like browsing the early, pre-"Web 2.0" World Wide Web, where everything you see is created by ordinary people, not controlled by monopolistic corporations and spy-bots. I totally dig it, but I didn't want it to be so walled off. So I made a proxy.

    Click here to check out gemini-proxy!

    Gemini-proxy gives you the user experience of Netscape Navigator 2.0 running in Windows 98 SE, with the style and beauty of the excellent Lagrange Gemini Client, all running in the comfort and safety of your familiar web browser. I don't think it hurts anything to make Geminispace accessible to people who don't have the time or expertise to set up specialized software, and it was a fun way to learn about the Gemini Protocol, which was dead simple to implement.

    P.S. — I have disabled web crawlers from scraping Gemini URIs via robots.txt but if you hate gemini-proxy and don't want it touching your capsule, block 24.181.150.210

    Posted 2023-09-01 09:11:03 CST by henriquez. 1 comment
  2. How to host a Gemini capsule with Node and Nginx

    Project Gemini is a text-based web protocol, like a mash-up of TLS + Gopher. It's hyped as a "Small Internet" with outer space imagery, where instead of web sites, we have Gemini capsules. Some people love it, some people hate it, but it's there and I think it's kind of cool. Anyway, recently I was playing with it and I realized there aren't good docs on how to get it running with nginx. So here's a quick howto:

    1. Enable the nginx stream module

    Depending on your environment, you may need to install the nginx stream module (eg. sudo apt install libnginx-mod-stream), or it might just need to be enabled. Assuming it's installed, simply add this to the very top of your nginx.conf to enable it (the path may be different in your environment): load_module /usr/lib/nginx/modules/ngx_stream_module.so;

    2. Set up a stream directive in nginx.conf

    This should be in your nginx.conf as a sibling to the http directive (i.e. not within the http directive or sites_available). Basically in your actual nginx.conf, put it underneath the http directive, like this:

    http {
    
        ##
        # Basic Settings
        ##
    
        # ...
        # ... skipping ahead ...
        # ...
    
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
    }
    
    stream {
    
        ##
        # Configure ngx_stream_module for Gemini
        ##
    
        limit_conn_zone               $binary_remote_addr zone=addr:10m;
        limit_conn_log_level          warn;
        limit_conn                    addr 1;
    
        log_format                    basic '$remote_addr $upstream_addr [$time_local] '
                                      '$protocol $status $bytes_sent $bytes_received '
                                      '$session_time';
        access_log /var/log/nginx/gemini-access.log;
        error_log  /var/log/nginx/gemini-error.log;
    
        server {
            listen                    1965;
            proxy_buffer_size         16k;
            proxy_pass                'localhost:9003';  # set your actual port here
        }
    }

    3. Have a Gemini server listening on the local port specified in nginx.conf

    This is really easy to setup using the gemini-server npm package, which is modeled after Express (but really you can use any Gemini server). Here's a simple Node.js server written in TypeScript:

    import { readFileSync } from 'fs';
    import gemini, { Request, Response, status } from 'gemini-server';
    
    const PORT = 9003;
    
    const app = gemini({
      cert: readFileSync('./cert.pem'),
      key: readFileSync('./privkey.pem'),
      titanEnabled: false
    });
    
    app.on('/', (_req: Request, res: Response) => {
      res.file('pages/index.gmi');
    });
    
    // Get the facts.
    app.on('/facts/:file', (_req: Request, res: Response) => {
      try {
        res.file('pages/facts/' + _req.params.file);
      } catch(error) {
        res.error(40 as status, 'File not found.')
      }
    })
    
    app.listen(PORT, () => console.log('Gemini listening on ' + PORT + '...'));

    Note that Gemini requires TLS, so you'll have to use a real cert.pem and privkey.pem, but if you already have these for your HTTPS domain you can reuse them. Otherwise check out this wiki to set up a cert.

    That's it. Have fun!

    Posted 2023-08-12 17:59:59 CST by henriquez. 3 comments
  3. My review of Pop!_OS 22.04 vs. MacOS and Windows

    TL;DR: Pop!_OS > Windows > MacOS

    I've been building and tinkering with computers since I was a small child. Originally I would salvage old computer parts that schools and businesses were throwing away, swapping broken parts for whatever working hardware I could find, in the process converting my parents' family room into a junkyard of resurrected IBM PS/2s and dot matrix printers, all of them beeping and clicking and running my childish attempt at an artificial general intelligence.

    Now that I'm grown up, my life is much the same, although instead of finding old junk, I've blown altogether way too much money buying computers and experimenting with new builds. This means I've never been a "PC guy" or a "Mac guy" or a "Linux nerd" or anything else. I'm intimately familiar with Windows, MacOS and many flavors of Linux and I appreciate all of them for what they are.

    But recently, I sold off my Windows and Mac setups and made 2023 my year of Linux on the desktop. And so far I am loving it, thanks in great part to Pop!_OS 22.04, the only Linux distro I've used that fits me like a glove. So in the following post, I will ramble on about Pop!_OS and why I took the plunge.

    Read More

    Posted 2023-08-05 23:11:00 CST by henriquez. 1 comment
  4. Obsessive Facts hidden service now available on TOR

    Lately I've been playing with some alternative web protocols, specifically Project Gemini. But I realized before I create a "Smol Web" site, I've been missing the opportunity to release a "Dark Web" version of this site accessible to people using the TOR Browser. So I put my cores to work brute forcing the perfect vanity address, and a couple days later I'm happy with the result.

    Find us at http://obsessivecto5al3kdoe24cyt77np4w4owew7sm66qb7kwhlpzsgyuyd.onion

    This link only works if you have the TOR Browser, or another browser capable of loading onion addresses (but please don't use Brave for high security use-cases).

    In the spirit of the higher-security nature of TOR, I've disabled all JavaScript on the onion site. I've been bitching about JavaScript device fingerprinting for awhile now, so it was time to do this anyway. JavaScript is a progressive enhancement for most of the functionality on this site, so if you want the fancy animations and media streaming you can use the Clearnet version. And if you care more about security over all else, use the Darknet version. Mostly everything still works either way.

    Posted 2023-07-21 14:21:00 CST by henriquez. 1 comment
  5. How to control your Corsair RGB hardware in Linux

    I've been a Corsair fanboy for awhile now. Back in the day Corsair made a name for themselves by selling premium memory kits with lifetime warranties. Then they started releasing computer cases, mice, keyboards, SSDs and water cooling kits, and all of it was really good. Now they're even selling monitors and fully-built gaming PCs. Wow! Take my money, Corsair!

    Anyway Corsair has become notorious for putting RGB LEDs on pretty much everything they sell. (They even offer RGB RAM kits with no RAM!) All of this stuff can be controlled through Corsair's iCUE Application, which is sadly Windows- and MacOS-only. But what about us Linux users? Are we out of luck? The answer may shock you!

    Read More

    Posted 2023-07-17 14:00:00 CST by henriquez. 1 comment