{"id":13513961,"url":"https://github.com/gemfast/server","last_synced_at":"2026-01-12T06:51:45.414Z","repository":{"id":186786157,"uuid":"510490707","full_name":"gemfast/server","owner":"gemfast","description":"A drop in replacement for geminabox written in Go","archived":false,"fork":false,"pushed_at":"2024-08-21T14:37:35.000Z","size":40911,"stargazers_count":68,"open_issues_count":6,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-11-01T17:37:09.816Z","etag":null,"topics":["private-rubygems","ruby","ruby-on-rails","rubygems","rubygems-mirror"],"latest_commit_sha":null,"homepage":"https://gemfast.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gemfast.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-04T20:10:46.000Z","updated_at":"2024-10-27T03:44:11.000Z","dependencies_parsed_at":"2023-08-07T18:43:23.115Z","dependency_job_id":"6d1b9493-371d-40ca-9075-f843900039b7","html_url":"https://github.com/gemfast/server","commit_stats":null,"previous_names":["gemfast/server"],"tags_count":28,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gemfast%2Fserver","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gemfast%2Fserver/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gemfast%2Fserver/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gemfast%2Fserver/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gemfast","download_url":"https://codeload.github.com/gemfast/server/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246407400,"owners_count":20772126,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["private-rubygems","ruby","ruby-on-rails","rubygems","rubygems-mirror"],"created_at":"2024-08-01T05:00:41.042Z","updated_at":"2026-01-12T06:51:45.406Z","avatar_url":"https://github.com/gemfast.png","language":"Go","readme":"# Gemfast\n\n[Gemfast](https://gemfast.io) is a fast and secure rubygems server written in Go. That means it can be compiled into a single binary file and work on linux, darwin and windows operating systems. Gemfast can be quickly installed on a server without any other dependencies and configured using a single HashiCorp Configuration Language (HCL) file.\n\n- [Gemfast](#gemfast)\n - [Why Gemfast](#why-gemfast)\n - [Installing](#installing)\n - [Docker](#docker)\n - [Prebuilt Binaries](#prebuilt-binaries)\n - [Building From Source](#building-from-source)\n - [Docs](#docs)\n - [UI](#ui)\n - [License](#license)\n\n## Why Gemfast\n\nGemfast was created for users who need to self-host their rubygems and want something quick to setup and easy to manage. Gemfast allows users to mirror and cache gems from rubygems.org as well as upload their own internally developed gems which can't be distributed publically. It supports both the legacy Dependency API and the newer Compact Index API.\n\nGemfast has the following unique benefits:\n\n* Two installation methods: [Docker Image](#docker) or precompiled binaries\n* No need to install/upgrade/manage a version of Ruby on the server\n* No external server dependencies like postgres, redis or memcached\n* User login via GitHub oAuth\n* Allow/Deny gems based on CVE severity or a regex list using the [ruby-advisory-db](https://github.com/rubysec/ruby-advisory-db)\n* Performance benefits of Go\n\n## Installing\n\nGemfast is currently distributed in two different ways, a `docker` image and precompiled binaries.\n\n### Docker\n\nWhen running Gemfast as a container, its important to mount the following directories:\n\n* /var/lib/gemfast/data - The directory for the Gemfast data including gems and database\n* /etc/gemfast - The directory for the gemfast.hcl config file\n\n```bash\ndocker run -d --name gemfast-server \\\n -p 2020:2020 \\\n -v ./gemfast.hcl:/etc/gemfast/gemfast.hcl:ro \\\n -v ./data:/var/lib/gemfast/data \\\n ghcr.io/gemfast/server:latest\n```\n\n### Prebuilt Binaries\n\nCurrently Prebuild binaries are available on each GitHub release for the following platforms.\n\n- linux_amd64\n- linux_arm64\n- darwin_arm64\n\nSimply download and extract the tarball to run the server.\n\n### Building From Source\n\nGemfast uses Make to build binaries. To build and run a static binary:\n\n```bash\nmake\n./bin/gemfast-server\n```\n\n## Configuration\n\n### Configuration File\n\nGemfast is configured using an HCL file. You can customize the location of this file using the `$GEMFAST_CONFIG_FILE` environment variable or by passing the `--config` argument when starting the server.\n\nThe places Gemfast automatically checks for configuration files are: `[\"/etc/gemfast/gemfast.hcl\", \"~/.config/gemfast/gemfast.hcl\"]`\n\n### Configuration Options\n\n```terraform\n# ========== gemfast.hcl ==========\n\n# Port to bind the HTTP server to. Defaults to 2020.\nport = 2020\n\n# Log level (trace, debug, info, warn, error, fatal, panic)\nlog_level = \"info\"\n\n# Base data directory for gemfast. If not set, defaults to platform-specific user data dir.\ndir = \"/var/lib/gemfast/data\"\n\n# Directory to store downloaded gem files.\ngem_dir = \"/var/lib/gemfast/data/gems\"\n\n# Directory to store SQLite database files.\ndb_dir = \"/var/lib/gemfast/data/db\"\n\n# Optional path to an ACL file (Casbin policy).\nacl_path = \"/var/lib/gemfast/data/acl.csv\"\n\n# Optional path to an authorization model file (Casbin model).\nauth_model_path = \"/var/lib/gemfast/data/model.conf\"\n\n# Namespace prefix for private gems (default is \"private\").\nprivate_gems_namespace = \"private\"\n\n# Disable the web UI if true.\nui_disabled = false\n\n# Disable Prometheus metrics endpoint if true.\nmetrics_disabled = false\n\n# ==== Mirror block ====\n# Define external sources to mirror gems from.\nmirror \"https://rubygems.org\" {\n enabled = true # Set to false to disable this mirror\n # hostname is auto-derived from upstream, but can be overridden\n # hostname = \"rubygems.org\"\n}\n\n# ==== Filter block ====\n# Configure regex-based gem allow/deny logic.\nfilter {\n enabled = true # Enable filtering\n action = \"deny\" # Action can be \"allow\" or \"deny\"\n regex = [\"^evil-.*\", \"^bad-gem$\"] # Regex list for filtering gem names\n}\n\n# ==== CVE block ====\n# Control Ruby CVE integration.\ncve {\n enabled = true # Enable CVE scanning\n max_severity = \"high\" # Only block gems above this severity\n ruby_advisory_db_dir = \"/var/lib/gemfast/data/ruby-advisory-db\" # Directory to store the CVE DB\n}\n\n# ==== Auth block ====\n# Configure authentication settings. You can only specify a single auth block.\nauth \"local\" { # can be local, github, or none\n bcrypt_cost = 10 # bcrypt cost for hashing passwords\n allow_anonymous_read = false # Allow unauthenticated read access\n default_user_role = \"read\" # Default role for newly created users\n\n # If no users are specified, a default admin user will be created and the password written to the logs\n user { # repeat this block to add more users\n username = \"admin\"\n password = \"changeme\"\n role = \"admin\"\n }\n\n # JWT secret used to sign access tokens (you can provide one or generate it automatically)\n secret_key_path = \"/var/lib/gemfast/data/.jwt_secret_key\"\n}\n\n# GitHub OAuth integration\n# auth \"github\" {\n \n # github_client_id = \"\"\n # github_client_secret = \"\"\n # github_user_orgs = [\"my-org\"] # Restrict access to users in these GitHub orgs\n# }\n\n# No auth\n# auth \"none\" {}\n```\n\n## UI\n\nšŸš§ **The UI feature is currently under construction and is considered experimental** šŸš§\n\n![Dashboard UI](https://github.com/gemfast/server/raw/main/SCREENSHOT.png)\n\nGemfast includes a basic ui which is accessible from `my.server.url/ui`. For example, running it locally you can access it at `http://localhost:2020/ui`.\n\nThe ui currently supports viewing and searching gems from both the private gems namespace and gems that have been cached from an upsteam. \n\nYou can also disable the ui in /etc/gemfast/gemfast.hcl:\n\n```terraform\nui_disabled = true\n```\n\n## License\n\nGemfast is open source software licensed under the Apache 2.0 License.\n\n```text\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License..\n```","funding_links":[],"categories":["Go","Gem Servers"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgemfast%2Fserver","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgemfast%2Fserver","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgemfast%2Fserver/lists"}