-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
found this today. looks interesting.
2023-08-11 · 9 months ago · 👍 kleb
Not a big fan of the syntax they use, but a PHP-style embedding of scripts inside content does have plenty of uses. It does mean you are no longer writing spec-compliant gemtext, though.
I might implement support for something like this in GmCapsule...
@skyjake as I currently use GmCapsule I would definitely welcome this feature.
Well, the portability goes out the window. If you switch servers for some reason, you have to change all your files. Reminds me of shortcodes in WordPress.
For the most part, it's adding frontmatter and dynamic output. Excatly the things, I want to get rid of for my website running Jekyll.
What I like most about Gemtext is the staticness and absence of anything non-content. I even don't like the need for a script to create an Atom feed.
@michaelnordmeyer Using a non-gemtext server-side source format certainly has drawbacks, as you note. It would in practice be a more convenient alternative to CGI for serving dynamic content.
@skyjake Wouldn't it be better to write a general Gemini reverse proxy? Then you could proxy to any language, runtime, whatever.
@michaelnordmeyer a general reverse proxy for gemini is not workable due to tls client certs, it works for non-cert urls though, some kind of cgi proxy might work or a http one that proxies gemini content
@alexlehm I'm meant a reverse proxy you host for yourself, not for other people's capsules. Why would such a proxy not be able to handle client certs?
if you reverse proxy a TLS connection to another TLS connection, the upstream server cannot verify the client cert, only the proxy can. Passing additional paramters like the cert hash could work, but gemini directly does not
Well, my idea of the proxy is to terminate TLS there, like you would terminate HTTPS requests for API ingress. Depending of the hosted content, the apps behind the proxy should know as little as possible about what's going on in front of the proxy.
yes, HTTPS would not work with client certs either, you have to add some metadata to the internal request. someone suggested using the PROXYv2 protocol. (I have to say that I have not tried anything yet, so I mostly guessing how it would work)
-- Response ended
-- Page fetched on Sun May 19 20:45:55 2024