-- Leo's gemini proxy
-- Connecting to ew.srht.site:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
Some time back Toby Kurien published details and code about his favourite setup regarding self hosting services at home. He did put in quite some effort to make this simple to install and run. I quite like this setup and I have written a minimal finger daemon to run in this setup.
The source of bws (bubblewrapped services) is available at
including installation instructions.
Finger is one of the oldest toys found on what evolved into the so called internet. It does have a specification, and it was created in times, when the network participants were mostly friendly. But times have changed, a standard finger installation could rightly be called a data leak daemon.
I looked around to see, what implementations were available. Most of them need inetd to start finger in order to answer a request. I did not like this, I wanted to have the finger daemon run standalone. Additionally, finger is using port 79, which is not usable for a daemon not running or starting with root priviledges. The following features or requirements are on my list:
run as $USER (not as root or dedicated or nobody)
listen on port > 1024 (not 79), default 10079, or argv[1]
start and run standalone (not via inetd)
only one connection at a time (no threads or similar)
can serve only one request "finger://$USER@$HOST:$PORT", ignore anything else. In particular it will not report on what users are available, or the state of the machine.
Quite certainly such a thing exists already, however, I couldn't find it. So I set out to write my own implementation in C, recycling code from example echo server implementations:
My code can be found at
The C source comes in at a whopping 154 lines of code, a Makefile for compilation is provided. I have attempted to ignore input or .plan files too big to fit into the given buffer. Upon a readable request, the server just serves the content of the .plan file, nothing else.
So, how to integrate this thing into the bubblewrapped services mentioned abobe?
In the ~/services directory we add a new directory named nanofingerd. It basically holds 3 files:
./bin/linux-x86_64/nanofingerd -- the freshly compiled executable
./sandbox.args -- a configuration snippet to make the plan file available inside the bubblewrap container, for example:
--ro-bind $HOME/public/finger/plan $HOME/.plan
./start.sh -- a start script cloned from one of the start scripts coming with the source of bws.
#!/bin/sh OS="$(uname -s)" PLATFORM="$(uname -m)" BIN="unknown" if test "$OS" = "Linux"; then BIN="linux-$PLATFORM" elif test "$OS" = "Darwin"; then BIN="macos-$PLATFORM" fi ./bin/$BIN/nanofingerd 10079
Have the appropriate amount of fun!
-- Response ended
-- Page fetched on Thu May 2 19:24:05 2024