10 $ go get go.stargrave.org/paster
13 If you have got problems with your trust anchors, unwilling to
14 authenticate @code{go.stargrave.org}'s TLS connection, then clone the
15 repository from @url{git://git.stargrave.org/paster.git} and build it
16 as ordinary Go package with @code{go build}.
19 Add @code{paster} user and @code{pastes} directory, also accessible by
20 HTTP service (@url{http://www.godlighty.stargrave.org/, @code{godlighty}}
21 user in current example):
24 # pw useradd paster -s /usr/sbin/nologin -w no -d /path/to/pastes
25 # mkdir /path/to/pastes
26 # cat > /path/to/pastes/index.html <<EOF
29 <head><title>paster</title></head>
30 <body>Paste service.</body>
33 # chown -R paster:godlighty pastes
35 # chmod 640 /path/to/pastes/index.html
39 Create @url{http://cr.yp.to/daemontools.html, daemontools} +
40 @url{https://cr.yp.to/ucspi-tcp.html, UCSPI-TCP} service:
43 # mkdir -p /var/service/.paster/log/main
45 # cat > /var/service/.paster/run <<EOF
49 exec setuidgid paster tcpserver -DHR -l 0 ::0 2020 \
50 timeout 1m $GOPATH/bin/paster http://paster.example.com/ 2>&1
53 # cat > /var/service/.paster/log/run <<EOF
55 exec setuidgid paster multilog t ./main
58 # chmod +x /var/service/.paster/run /var/service/.paster/log/run
59 # chown paster /var/service/.paster/log/main
60 # mv /var/service/.paster /var/service/paster
64 Optionally prepare X.509 certificate for TLS enabled service:
68 # certtool --generate-privkey --bits 256 --ecc --outfile \
69 paster.example.com.key.pem
73 dn = "cn=paster.example.com"
76 dns_name = "paster.example.com"
79 # certtool --generate-self-signed \
80 --load-privkey paster.example.com.key.pem \
81 --template $tmpl --outfile paster.example.com.pem
84 # chown paster:paster paster.example.com*.pem
85 # chmod 600 paster.example.com.key.pem
88 and choose from plenty of UCSPI-friendly TLS wrappers:
89 @url{http://www.fehcom.de/ipnet/ucspi-ssl.html},
90 @url{https://github.com/younix/ucspi}
91 or likely the @code{go.cypherpunks.ru/ucspi/cmd/tlss}:
94 exec setuidgid paster tcpserver -DHR -l 0 ::0 2021 tlss \
95 -key paster.example.com.key.pem -cert paster.example.com.pem \
96 timeout 1m $GOPATH/bin/paster http://paster.example.com/ 2>&1
100 Be sure that your HTTP/whatever server uses proper @code{Content-Type}
101 based on filename's extension (@code{text/plain} for @file{.txt},
102 @code{image/jxl} for @file{.jxl} and so on).