More installation process in the readme

README.md

@@ -33,10 +33,9 @@ To provide all features:
 
 `# pacman -S tor knot openssh sudo nginx nginx-mod-headers-more certbot certbot-nginx php-fpm php-sqlite`
 
-To limit users storage:
-
-`# pacman -S quota-tool`
+Some tools you might find usefull to manage a server:
 
+`# pacman -S vnstat htop nload ufw vim man-db curl`
 
 ### maniver installation
 
@@ -46,6 +45,7 @@ $ rustup default stable
 $ git clone https://code.antopie.org/miraty/maniver-dev
 $ cd maniver-dev
 $ cargo build --release
+# cp ./target/release/maniver /usr/local/bin/
 ```
 
 ### gmnisrv installation
@@ -58,24 +58,95 @@ $ cd gmnisrv/build
 $ ../configure --prefix=/usr # Check gmnisrv dependencies and setup files needed for building
 $ make # Build gmnisrv
 # make install # Install gmnisrv binary and manpages on the system
+# useradd -U -r -s /usr/bin/nologin gmnisrv # Add the gmnisrv system user and group
+# vim /etc/systemd/system/gmnisrv.service
+```
+
+```
+[Unit]
+Description=A Gemini server
+After=network.target
+Wants=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/gmnisrv
+ExecStop=
+#Restart=on-failure
+User=gmnisrv
+Group=gmnisrv
+WorkingDirectory=/srv/ht
+
+[Install]
+WantedBy=multi-user.target
+```
+```
+# systemctl daemon-reload
+# mkdir -p /srv/gemini/niver.atope.art
+# echo "This is a testing Gemini capsule" > /srv/gemini/niver.atope.art/index.gmi
+# mkdir /var/local/gmnisrv
+# chmod -R 700 /var/local/gmnisrv
+# chown -R gmnisrv:gmnisrv /var/local/gmnisrv
+# vim /usr/local/etc/gmnisrv.ini
 ```
 
-`# useradd -U -r -s /usr/bin/nologin gmnisrv`
+```
+# Space-separated list of hosts
+listen=0.0.0.0:1965 [::]:1965
 
+[:tls]
+# Path to store certificates on disk
+store=/var/local/gmnisrv
 
-Some tools you might find usefull to manage a server:
+[niver.atope.art]
+root=/srv/gemini/niver.atope.art
+```
 
-`# pacman -S vnstat htop nload ufw vim man-db curl`
+To add knot as an additional group for user php-niver:
+`usermod -aG knot php-niver`
+
+To generate a key/certificate pair with ed25519 expiring in 10 years
+`openssl req -subj '/CN=domain' -new -newkey ED25519 -days 3650 -nodes -x509 -keyout domain.key -out domain.crt`
+
+### SFTP setup
+
+```
+# groupadd ht
+# echo "Ce compe n'est accessible qu'en SFTP, pas en SSH.
+This account is only available over SFTP, not over SSH." > /etc/nologin.txt
+```
+
+### Quota setup
+
+```
+# pacman -S quota-tool
+# dd if=/dev/zero of=/srv/ht.img count=4194304 # count is the size in octet
+# mkfs.ext4 /srv/ht.img
+# mkdir /srv/ht
+# mount /srv/ht.img /srv/ht
+```
+
+### PHP setup
+
+In php.ini :
+expose_php = Off
+
+### Niver PHP setup
+
+```
+EDITOR=vim visudo
+php-niver ALL=(root) NOPASSWD: /usr/local/bin/maniver
+```
 
 ## Features
 
 ### Web interface
 
 * Anonymous: you only need a pseudo/password set
-* Page lower than 10 KiB, without cache
-* No JavaScript, no images, and HTML is semantic so you could even block CSS
+* Page lower than 10 KiB
+* No JavaScript, no images, and CSS are optionnal
 * Dark and light themes
-* Free service running libre software (AGPLv3+)
+* Free service running libre software
 
 ### Hypertext
 
@@ -85,7 +156,7 @@ Some tools you might find usefull to manage a server:
 * TLS 1.2 & 1.3 or TLS 1.3 only
 * DNS (ICANN, OpenNIC or anything) and Onion v3 (through Tor)
 * HTTP/1.1 and HTTP/2
-* Let's Encrypt certificate
+* Let's Encrypt certificates
 * All HTTP security headers
 
 ### Nameserver
@@ -100,7 +171,48 @@ Some tools you might find usefull to manage a server:
 
 ## Anti-features
 
-* No internationalized domain support (you can only use ASCII in your domain)
+* No internationalized domain name support (you can only use ASCII in your domain name)
 * No BIND-style plaintext configuration (you need to fill a form for every record you add or remove)
 
 ## Nginx mimetypes association
+
+```
+text/plain            txt;
+text/gemini           gmi;
+text/markdown         md;
+text/html             html;
+text/css              css;
+text/xml              xml;
+text/csv              csv;
+text/javascript       js;
+
+application/xhtml+xml xhtml;
+application/atom+xml  atom;
+application/rss+xml   rss;
+
+application/json      json;
+application/gzip      gz;
+application/zip       zip;
+application/epub+zip  epub;
+application/pdf       pdf;
+
+font/woff             woff;
+font/woff2            woff2;
+
+image/png             png;
+image/tiff            tif tiff;
+image/gif             gif;
+image/jpeg            jpeg jpg;
+image/svg+xml         svg svgz;
+image/webp            webp;
+
+audio/mpeg            mp3;
+audio/ogg             ogg oga opus spx;
+audio/webm            weba;
+audio/flac            flac;
+
+video/webm            webm;
+video/mp4             mp4;
+video/ogg             ogv;
+
+```