Mercurial Hosting > d2o

diff man/d2obase.5.md @ 11:350589d762a0 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add cgi, remove tls, update docs
author Atarwn Gard <a@qwa.su>
date Thu, 19 Mar 2026 20:00:49 +0500
parents 54ab94198677
children
line wrap: on
line diff
--- a/man/d2obase.5.md	Tue Mar 17 22:27:30 2026 +0500
+++ b/man/d2obase.5.md	Thu Mar 19 20:00:49 2026 +0500
@@ -80,11 +80,8 @@
 **port** *number*
 : Listen for plain HTTP on the given port.
 
-**port+tls** *number* [*cert* *key*]
-: Listen for HTTPS on the given port. Certificate and key paths are optional if a **tls** directive is present in the same block.
-
-**tls** *cert* *key*
-: Set the default certificate and key for **port+tls** directives in this block that do not specify their own paths.
+**port+tls** *number* *cert* *key*
+: Listen for HTTPS on the given port. Certificate and key paths are required.
 
 ## Serving
 
@@ -92,11 +89,14 @@
 : Serve static files from *path*. Without **show**, directory listing is forbidden (403). With **show**, an HTML directory listing is returned.
 
 **ndex** *file...*
-: List of index filenames to try when a directory is requested, checked left to right. If a matching file passes the **fcgi** pattern, it is handled by FastCGI instead of served directly.
+: List of index filenames to try when a directory is requested, checked left to right. If a matching file passes the **fcgi** or **cgi** pattern, it is handled accordingly instead of served directly.
 
 **fcgi** *address* [*pattern*]
 : Forward matching requests to a FastCGI server. *address* is either `unix:///path/to/socket` or `host:port`. *pattern* is a glob matched against the request path (default `*`). When used together with **root**, only requests matching the pattern are forwarded; everything else is served as static.
 
+**cgi** *executable* [*pattern*]
+: Run *executable* as a CGI program for matching requests. *pattern* is a glob matched against the request path (default `*`). The executable is invoked per-request with standard CGI environment variables (`REQUEST_METHOD`, `QUERY_STRING`, `PATH_INFO`, etc.). When used together with **root**, only requests matching the pattern are handled by CGI; everything else is served as static. Useful for simple CGI programs such as **cgit**(1).
+
 **rprx** *address*
 : Reverse-proxy all requests to *address*. The `http://` scheme is assumed if not specified.
 
@@ -150,8 +150,17 @@
     |> port+tls 443 $TLS.{crt,key}
     |> root $WWW show
 
+A minimal setup with cgit:
+
+    git.example.org
+    |> port 80
+    |> port+tls 443 /etc/acme/git.example.org.{crt,key}
+    |> root /usr/share/cgit
+    |> ndex cgit.cgi
+    |> cgi /usr/lib/cgit/cgit.cgi *.cgi
+
 # CAVEATS
-1. ICF does not support strings with spaces - there are **no quotes or escapes**. Every character except space is treated as part of a token, including `!`, `*`, `/`, and so on. Glob patterns passed to **fcgi** are forwarded as-is to the server.
+1. ICF does not support strings with spaces - there are **no quotes or escapes**. Every character except space is treated as part of a token, including `!`, `*`, `/`, and so on. Glob patterns passed to **fcgi** and **cgi** are forwarded as-is to the server.
 
 2. Variables are evaluated top-down at the point of declaration. Forward references do not work: if `B=$A` appears before `A=value`, `B` will contain the literal `$A`.