Differences

This shows you the differences between two versions of the page.

--- lighttpd [2019/10/26 17:31] – created francesco
+++ lighttpd [2019/11/26 22:56] – francesco
@@ Line 46: / Line 46: @@
 include "/etc/lighttpd/conf-enabled/*.conf"
+</code>
+----
+Questa invece è la configurazione per usarlo con FreeBSD e con Fast-CGI:
+<code>
+# cat /usr/local/etc/lighttpd/lighttpd.conf
+#######################################################################
+##
+## /usr/local/etc/lighttpd/lighttpd.conf
+##
+## check /usr/local/etc/lighttpd/conf.d/*.conf for the configuration of modules.
+##
+#######################################################################
+#######################################################################
+##
+## Some Variable definition which will make chrooting easier.
+##
+## if you add a variable here. Add the corresponding variable in the
+## chroot example aswell.
+##
+var.log_root    = "/var/log/lighttpd"
+var.server_root = "/usr/local/www/lighttpd"
+var.state_dir   = "/var/run"
+var.home_dir    = "/var/run/lighttpd"
+var.conf_dir    = "/usr/local/etc/lighttpd"
+##
+## run the server chrooted.
+##
+## This requires root permissions during startup.
+##
+## If you run Chrooted set the the variables to directories relative to
+## the chroot dir.
+##
+## example chroot configuration:
+##
+#var.log_root    = "/logs"
+#var.server_root = "/"
+#var.state_dir   = "/run"
+#var.home_dir    = "/lib/lighttpd"
+#var.vhosts_dir  = "/vhosts"
+#var.conf_dir    = "/etc"
+#
+#server.chroot   = "/srv/www"
+##
+## Some additional variables to make the configuration easier
+##
+##
+## Base directory for all virtual hosts
+##
+## used in:
+## conf.d/evhost.conf
+## conf.d/simple_vhost.conf
+## vhosts.d/vhosts.template
+##
+var.vhosts_dir  = server_root + "/vhosts"
+##
+## Cache for mod_compress
+##
+## used in:
+## conf.d/compress.conf
+##
+var.cache_dir   = "/var/cache/lighttpd"
+##
+## Base directory for sockets.
+##
+## used in:
+## conf.d/fastcgi.conf
+## conf.d/scgi.conf
+##
+var.socket_dir  = home_dir + "/sockets"
+##
+#######################################################################
+#######################################################################
+##
+## Load the modules.
+include "modules.conf"
+##
+#######################################################################
+#######################################################################
+##
+##  Basic Configuration
+## ---------------------
+##
+server.port = 80
+##
+## Use IPv6?
+##
+server.use-ipv6 = "enable"
+##
+## bind to a specific IP
+##
+#server.bind = "localhost"
+##
+## Run as a different username/groupname.
+## This requires root permissions during startup.
+##
+server.username  = "www"
+server.groupname = "www"
+##
+## Enable lighttpd to serve requests on sockets received from systemd
+## https://www.freedesktop.org/software/systemd/man/systemd.socket.html
+##
+#server.systemd-socket-activation = "enable"
+##
+## enable core files.
+##
+#server.core-files = "disable"
+##
+## Document root
+##
+### server.document-root = "/usr/local/www" + "/data"
+server.document-root = "/usr/local/www/dokuwiki"
+##
+## The value for the "Server:" response field.
+##
+## It would be nice to keep it at "lighttpd".
+##
+#server.tag = "lighttpd"
+##
+## store a pid file
+##
+server.pid-file = state_dir + "/lighttpd.pid"
+##
+#######################################################################
+#######################################################################
+##
+##  Logging Options
+## ------------------
+##
+## all logging options can be overwritten per vhost.
+##
+## Path to the error log file
+##
+server.errorlog             = log_root + "/error.log"
+##
+## If you want to log to syslog you have to unset the
+## server.errorlog setting and uncomment the next line.
+##
+#server.errorlog-use-syslog = "enable"
+##
+## Access log config
+##
+include "conf.d/access_log.conf"
+##
+## The debug options are moved into their own file.
+## see conf.d/debug.conf for various options for request debugging.
+##
+include "conf.d/debug.conf"
+##
+#######################################################################
+#######################################################################
+##
+##  Tuning/Performance
+## --------------------
+##
+## corresponding documentation:
+## https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_Performance
+##
+## set the event-handler (read the performance section in the manual)
+##
+## possible options on linux are:
+##
+## select
+## poll
+## linux-sysepoll
+##
+## linux-sysepoll is recommended on kernel 2.6.
+##
+server.event-handler = "freebsd-kqueue"
+##
+## The basic network interface for all platforms at the syscalls read()
+## and write(). Every modern OS provides its own syscall to help network
+## servers transfer files as fast as possible
+##
+## sendfile       - is recommended for small files.
+## writev         - is recommended for sending many large files
+##
+server.network-backend = "writev"
+##
+## As lighttpd is a single-threaded server, its main resource limit is
+## the number of file descriptors, which is set to 1024 by default (on
+## most systems).
+##
+## If you are running a high-traffic site you might want to increase this
+## limit by setting server.max-fds.
+##
+## Changing this setting requires root permissions on startup. see
+## server.username/server.groupname.
+##
+## By default lighttpd would not change the operation system default.
+## But setting it to 2048 is a better default for busy servers.
+##
+server.max-fds = 2048
+##
+## listen-backlog is the size of the listen() backlog queue requested when
+## the lighttpd server ask the kernel to listen() on the provided network
+## address.  Clients attempting to connect() to the server enter the listen()
+## backlog queue and wait for the lighttpd server to accept() the connection.
+##
+## The out-of-box default on many operating systems is 128 and is identified
+## as SOMAXCONN.  This can be tuned on many operating systems.  (On Linux,
+## cat /proc/sys/net/core/somaxconn)  Requesting a size larger than operating
+## system limit will be silently reduced to the limit by the operating system.
+##
+## When there are too many connection attempts waiting for the server to
+## accept() new connections, the listen backlog queue fills and the kernel
+## rejects additional connection attempts.  This can be useful as an
+## indication to an upstream load balancer that the server is busy, and
+## possibly overloaded.  In that case, configure a smaller limit for
+## server.listen-backlog.  On the other hand, configure a larger limit to be
+## able to handle bursts of new connections, but only do so up to an amount
+## that the server can keep up with responding in a reasonable amount of
+## time.  Otherwise, clients may abandon the connection attempts and the
+## server will waste resources servicing abandoned connections.
+##
+## It is best to leave this setting at its default unless you have modelled
+## your traffic and tested that changing this benefits your traffic patterns.
+##
+## Default: 1024
+##
+#server.listen-backlog = 128
+##
+## Stat() call caching.
+##
+## lighttpd can utilize FAM/Gamin to cache stat call.
+##
+## possible values are:
+## disable, simple or fam.
+##
+server.stat-cache-engine = "simple"
+##
+## Fine tuning for the request handling
+##
+## max-connections == max-fds/2 (maybe /3)
+## means the other file handles are used for fastcgi/files
+##
+server.max-connections = 1024
+##
+## How many seconds to keep a keep-alive connection open,
+## until we consider it idle.
+##
+## Default: 5
+##
+#server.max-keep-alive-idle = 5
+##
+## How many keep-alive requests until closing the connection.
+##
+## Default: 16
+##
+#server.max-keep-alive-requests = 16
+##
+## Maximum size of a request in kilobytes.
+## By default it is unlimited (0).
+##
+## Uploads to your server cant be larger than this value.
+##
+#server.max-request-size = 0
+##
+## Time to read from a socket before we consider it idle.
+##
+## Default: 60
+##
+#server.max-read-idle = 60
+##
+## Time to write to a socket before we consider it idle.
+##
+## Default: 360
+##
+#server.max-write-idle = 360
+##
+##  Traffic Shaping
+## -----------------
+##
+## see /usr/share/doc/lighttpd/traffic-shaping.txt
+##
+## Values are in kilobyte per second.
+##
+## Keep in mind that a limit below 32kB/s might actually limit the
+## traffic to 32kB/s. This is caused by the size of the TCP send
+## buffer.
+##
+## per server:
+##
+#server.kbytes-per-second = 128
+##
+## per connection:
+##
+#connection.kbytes-per-second = 32
+##
+#######################################################################
+#######################################################################
+##
+##  Filename/File handling
+## ------------------------
+##
+## files to check for if .../ is requested
+## index-file.names            = ( "index.php", "index.rb", "index.html",
+##                                 "index.htm", "default.htm" )
+##
+index-file.names += (
+  "index.xhtml", "index.html", "index.htm", "default.htm", "index.php"
+)
+##
+## deny access the file-extensions
+##
+## ~    is for backupfiles from vi, emacs, joe, ...
+## .inc is often used for code includes which should in general not be part
+##      of the document-root
+url.access-deny             = ( "~", ".inc" )
+##
+## disable range requests for pdf files
+## workaround for a bug in the Acrobat Reader plugin.
+##
+$HTTP["url"] =~ "\.pdf$" {
+  server.range-requests = "disable"
+}
+##
+## url handling modules (rewrite, redirect)
+##
+#url.rewrite                = ( "^/$"             => "/server-status" )
+#url.redirect               = ( "^/wishlist/(.+)" => "http://www.example.com/$1" )
+##
+## both rewrite/redirect support back reference to regex conditional using %n
+##
+#$HTTP["host"] =~ "^www\.(.*)" {
+#  url.redirect            = ( "^/(.*)" => "http://%1/$1" )
+#}
+##
+## which extensions should not be handle via static-file transfer
+##
+## .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
+##
+static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" )
+##
+## error-handler for all status 400-599
+##
+#server.error-handler       = "/error-handler.html"
+#server.error-handler       = "/error-handler.php"
+##
+## error-handler for status 404
+##
+#server.error-handler-404   = "/error-handler.html"
+#server.error-handler-404   = "/error-handler.php"
+##
+## Format: <errorfile-prefix><status-code>.html
+## -> ..../status-404.html for 'File not found'
+##
+#server.errorfile-prefix    = "/srv/www/htdocs/errors/status-"
+##
+## mimetype mapping
+##
+include "conf.d/mime.conf"
+##
+## directory listing configuration
+##
+include "conf.d/dirlisting.conf"
+##
+## Should lighttpd follow symlinks?
+##
+server.follow-symlink = "enable"
+##
+## force all filenames to be lowercase?
+##
+#server.force-lowercase-filenames = "disable"
+##
+## defaults to /var/tmp as we assume it is a local harddisk
+##
+server.upload-dirs = ( "/var/tmp" )
+##
+#######################################################################
+#######################################################################
+##
+##  SSL Support
+## -------------
+##
+## To enable SSL for the whole server you have to provide a valid
+## certificate and have to enable the SSL engine.::
+##
+##   ssl.engine = "enable"
+##   ssl.pemfile = "/path/to/server.pem"
+##
+##   $SERVER["socket"] == "10.0.0.1:443" {
+##     ssl.engine                  = "enable"
+##     ssl.pemfile                 = "/etc/ssl/private/www.example.com.pem"
+##
+##     # Check your cipher list with: openssl ciphers -v '...'
+##     # (use single quotes as your shell won't like ! in double quotes)
+##     #ssl.cipher-list             = "HIGH"   # default
+##
+##     # (recommended to accept only TLSv1.2 and TLSv1.3)
+##     #ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2, TLSv1.3")
+##
+##     server.name                 = "www.example.com"
+##
+##     server.document-root        = "/srv/www/vhosts/example.com/www/"
+##   }
+##
+## If you have a .crt and a .key file, specify both ssl.pemfile and ssl.privkey,
+## or cat them together into a single PEM file:
+## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \
+##   > /etc/ssl/private/lighttpd.pem
+##
+#ssl.pemfile = "/etc/ssl/private/lighttpd.pem"
+#
+# or
+#
+#ssl.privkey = "/etc/ssl/private/privkey.pem"
+#ssl.pemfile = "/etc/ssl/private/cert.pem"
+##
+## optionally pass the CA certificate here.
+##
+##
+#ssl.ca-file = ""
+##
+## and the CRL revocation list here.
+##
+##
+#ssl.ca-crl-file = ""
+##
+#######################################################################
+#######################################################################
+##
+## custom includes like vhosts.
+##
+#include "conf.d/config.conf"
+#include "/usr/local/etc/lighttpd/vhosts.d/*.conf"
+##
+#######################################################################
+# IPv4 listening socket
+$SERVER["socket"] == "0.0.0.0:80" { }
+</code>
+e
+<code>
+# cat /usr/local/etc/lighttpd/conf.d/fastcgi.conf
+#######################################################################
+##
+##  FastCGI Module
+## ---------------
+##
+## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModFastCGI
+##
+server.modules += ( "mod_fastcgi" )
+##
+## PHP Example
+## For PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini.
+##
+## The number of php processes you will get can be easily calculated:
+##
+## num-procs = max-procs * ( 1 + PHP_FCGI_CHILDREN )
+##
+## for the php-num-procs example it means you will get 17*5 = 85 php
+## processes. you always should need this high number for your very
+## busy sites. And if you have a lot of RAM. :)
+##
+fastcgi.server = ( ".php" =>
+                   ( "php-local" =>
+                     (
+                       "socket" => socket_dir + "/php-fastcgi-1.socket",
+                       "bin-path" => "/usr/local/bin/php-cgi",
+                       "max-procs" => 1,
+                       "broken-scriptfilename" => "enable",
+                     ),
+                     "php-tcp" =>
+                     (
+                       "host" => "127.0.0.1",
+                       "port" => 9999,
+                       "check-local" => "disable",
+                       "broken-scriptfilename" => "enable",
+                     ),
+                     "php-num-procs" =>
+                     (
+                       "socket" => socket_dir + "/php-fastcgi-2.socket",
+                       "bin-path" => "/usr/local/bin/php-cgi",
+                       "bin-environment" => (
+                         "PHP_FCGI_CHILDREN" => "16",
+                         "PHP_FCGI_MAX_REQUESTS" => "10000",
+                       ),
+                       "max-procs" => 5,
+                       "broken-scriptfilename" => "enable",
+                     ),
+                   ),
+                 )
+##
+## Ruby on Rails Example
+##
+## Normally you only run one Rails application on one vhost.
+##
+#$HTTP["host"] == "rails1.example.com" {
+#  server.document-root  = server_root + "/rails/someapp/public"
+#  server.error-handler-404 = "/dispatch.fcgi"
+#  fastcgi.server = ( ".fcgi" =>
+#    ("someapp" =>
+#      ( "socket" => socket_dir + "/someapp-fcgi.socket",
+#        "bin-path" => server_root + "/rails/someapp/public/dispatch.fcgi",
+#        "bin-environment" => (
+#              "RAILS_ENV" => "production",
+#              "TMP" => home_dir + "/rails/someapp",
+#        ),
+#      )
+#    )
+#  )
+#}
+##
+## Another example with multiple rails applications on one vhost.
+##
+## https://blog.lighttpd.net/articles/2005/11/23/lighttpd-1-4-8-and-multiple-rails-apps
+##
+#$HTTP["host"] == "rails2.example.com" {
+#  $HTTP["url"] =~ "^/someapp1" {
+#    server.document-root  = server_root + "/rails/someapp1/public"
+#    server.error-handler-404 = "/dispatch.fcgi"
+#    fastcgi.server = ( ".fcgi" =>
+#      ("someapp1" =>
+#        ( "socket" => socket_dir + "/someapp1-fcgi.socket",
+#          "bin-path" => server_root + "/rails/someapp1/public/dispatch.fcgi",
+#          "bin-environment" => (
+#                "RAILS_ENV" => "production",
+#                "TMP" => home_dir + "/rails/someapp1",
+#          ),
+#          "strip-request-uri" => "/someapp1/"
+#        )
+#      )
+#    )
+#  }
+#
+#  $HTTP["url"] =~ "^/someapp2" {
+#    server.document-root  = server_root + "/rails/someapp2/public"
+#    server.error-handler-404 = "/dispatch.fcgi"
+#    fastcgi.server = ( ".fcgi" =>
+#      ("someapp2" =>
+#        ( "socket" => socket_dir + "/someapp2-fcgi.socket",
+#          "bin-path" => server_root + "/rails/someapp2/public/dispatch.fcgi",
+#          "bin-environment" => (
+#                "RAILS_ENV" => "production",
+#                "TMP" => home_dir + "/rails/someapp2",
+#          ),
+#          "strip-request-uri" => "/someapp2/"
+#        )
+#      )
+#    )
+#  }
+#}
+## chrooted webserver + external PHP
+##
+## $ spawn-fcgi -f /usr/bin/php-cgi -p 2000 -a 127.0.0.1 -C 8
+##
+## webserver chrooted to /srv/www/
+## php running outside the chroot
+#
+#fastcgi.server = (
+#  ".php" => ((
+#    "host" => "127.0.0.1",
+#    "port" => "2000",
+#    "docroot" => "/srv/www/servers/www.example.org/htdocs/"
+#  )))
+#
+#server.chroot = "/srv/www"
+#server.document-root = "/servers/wwww.example.org/htdocs/"
+#
+##
+#######################################################################
 </code>