User Tools

Site Tools


lighttpd

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
lighttpd [2019/11/26 22:56]
francesco
lighttpd [2020/05/20 23:36] (current)
francesco
Line 1: Line 1:
-Per qualche mese ho usato questo server web in locale ​sul Ubuntu per lavorare ​sull mia dokuWiki ​e per poi sincronizzarla con quella che gira sotto FreeBSD/​nginx su firminmaillard.org+Per qualche mese ho usato questo server web in locale ​su Ubuntu per lavorare ​sulla mia DokuWiki ​e per poi sincronizzarla con quella che gira sotto FreeBSD/​nginx su firminmaillard.org.
  
 Questo era il file di configurazione:​ Questo era il file di configurazione:​
Line 677: Line 677:
 ## ##
 #######################################################################​ #######################################################################​
 +</​code>​
 +
 +----
 +
 +Questo invece è il file di configurazione per una macchina virtuale ospitata sull'​AWS,​ sotto FreeBSD:
 +
 +<​code>​
 +root@freebsd:​~ # cat /​usr/​local/​etc/​lighttpd/​lighttpd.conf
 +#######################################################################​
 +##
 +## /​usr/​local/​etc/​lighttpd/​lighttpd.conf
 +##
 +## check /​usr/​local/​etc/​lighttpd/​conf.d/​*.conf for the configuration of modules.
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +## Some Variable definition which will make chrooting easier.
 +##
 +## if you add a variable here. Add the corresponding variable in the
 +## chroot example aswell.
 +##
 +var.log_root ​   = "/​var/​log/​lighttpd"​
 +var.server_root = "/​usr/​local/​www/​lighttpd"​
 +var.state_dir ​  = "/​var/​run"​
 +var.home_dir ​   = "/​var/​run/​lighttpd"​
 +var.conf_dir ​   = "/​usr/​local/​etc/​lighttpd"​
 +
 +## 
 +## run the server chrooted.
 +## 
 +## This requires root permissions during startup.
 +##
 +## If you run Chrooted set the the variables to directories relative to
 +## the chroot dir.
 +##
 +## example chroot configuration:​
 +## 
 +#​var.log_root ​   = "/​logs"​
 +#​var.server_root = "/"​
 +#​var.state_dir ​  = "/​run"​
 +#​var.home_dir ​   = "/​lib/​lighttpd"​
 +#​var.vhosts_dir ​ = "/​vhosts"​
 +#​var.conf_dir ​   = "/​etc"​
 +#
 +#​server.chroot ​  = "/​srv/​www"​
 +
 +##
 +## Some additional variables to make the configuration easier
 +##
 +
 +##
 +## Base directory for all virtual hosts
 +##
 +## used in:
 +## conf.d/​evhost.conf
 +## conf.d/​simple_vhost.conf
 +## vhosts.d/​vhosts.template
 +##
 +var.vhosts_dir ​ = server_root + "/​vhosts"​
 +
 +##
 +## Cache for mod_compress
 +##
 +## used in:
 +## conf.d/​compress.conf
 +##
 +var.cache_dir ​  = "/​var/​cache/​lighttpd"​
 +
 +##
 +## Base directory for sockets.
 +##
 +## used in:
 +## conf.d/​fastcgi.conf
 +## conf.d/​scgi.conf
 +##
 +var.socket_dir ​ = home_dir + "/​sockets"​
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +## Load the modules.
 +include "​modules.conf"​
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +##  Basic Configuration
 +## ---------------------
 +##
 +server.port = 80
 +
 +##
 +## Use IPv6?
 +##
 +server.use-ipv6 = "​enable"​
 +
 +##
 +## bind to a specific IP
 +##
 +#​server.bind = "​localhost"​
 +
 +##
 +## Run as a different username/​groupname.
 +## This requires root permissions during startup. ​
 +##
 +server.username ​ = "​www"​
 +server.groupname = "​www"​
 +
 +##
 +## Enable lighttpd to serve requests on sockets received from systemd
 +## https://​www.freedesktop.org/​software/​systemd/​man/​systemd.socket.html
 +##
 +#​server.systemd-socket-activation = "​enable"​
 +
 +## 
 +## enable core files.
 +##
 +#​server.core-files = "​disable"​
 +
 +##
 +## Document root
 +##
 +### server.document-root = "/​usr/​local/​www"​ + "/​data"​
 +
 +server.document-root = "/​usr/​local/​www/​dokuwiki"​
 +
 +##
 +## The value for the "​Server:"​ response field.
 +##
 +## It would be nice to keep it at "​lighttpd"​.
 +##
 +#server.tag = "​lighttpd"​
 +
 +##
 +## store a pid file
 +##
 +server.pid-file = state_dir + "/​lighttpd.pid"​
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +##  Logging Options
 +## ------------------
 +##
 +## all logging options can be overwritten per vhost.
 +##
 +## Path to the error log file
 +##
 +server.errorlog ​            = log_root + "/​error.log"​
 +
 +##
 +## If you want to log to syslog you have to unset the 
 +## server.errorlog setting and uncomment the next line.
 +##
 +#​server.errorlog-use-syslog = "​enable"​
 +
 +##
 +## Access log config
 +## 
 +include "​conf.d/​access_log.conf"​
 +
 +##
 +## The debug options are moved into their own file.
 +## see conf.d/​debug.conf for various options for request debugging.
 +##
 +include "​conf.d/​debug.conf"​
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +##  Tuning/​Performance
 +## --------------------
 +##
 +## corresponding documentation:​
 +## https://​redmine.lighttpd.net/​projects/​lighttpd/​wiki/​Docs_Performance
 +##
 +## set the event-handler (read the performance section in the manual)
 +##
 +## possible options on linux are:
 +##
 +## select
 +## poll
 +## linux-sysepoll
 +##
 +## linux-sysepoll is recommended on kernel 2.6.
 +##
 +server.event-handler = "​freebsd-kqueue"​
 +
 +##
 +## The basic network interface for all platforms at the syscalls read()
 +## and write(). Every modern OS provides its own syscall to help network
 +## servers transfer files as fast as possible ​
 +##
 +## sendfile ​      - is recommended for small files.
 +## writev ​        - is recommended for sending many large files
 +##
 +server.network-backend = "​writev"​
 +
 +##
 +## As lighttpd is a single-threaded server, its main resource limit is
 +## the number of file descriptors,​ which is set to 1024 by default (on
 +## most systems).
 +##
 +## If you are running a high-traffic site you might want to increase this
 +## limit by setting server.max-fds.
 +##
 +## Changing this setting requires root permissions on startup. see
 +## server.username/​server.groupname.
 +##
 +## By default lighttpd would not change the operation system default.
 +## But setting it to 2048 is a better default for busy servers.
 +##
 +server.max-fds = 2048
 +
 +##
 +## listen-backlog is the size of the listen() backlog queue requested when
 +## the lighttpd server ask the kernel to listen() on the provided network
 +## address. ​ Clients attempting to connect() to the server enter the listen()
 +## backlog queue and wait for the lighttpd server to accept() the connection.
 +##
 +## The out-of-box default on many operating systems is 128 and is identified
 +## as SOMAXCONN. ​ This can be tuned on many operating systems. ​ (On Linux,
 +## cat /​proc/​sys/​net/​core/​somaxconn) ​ Requesting a size larger than operating
 +## system limit will be silently reduced to the limit by the operating system.
 +##
 +## When there are too many connection attempts waiting for the server to
 +## accept() new connections,​ the listen backlog queue fills and the kernel
 +## rejects additional connection attempts. ​ This can be useful as an
 +## indication to an upstream load balancer that the server is busy, and
 +## possibly overloaded. ​ In that case, configure a smaller limit for
 +## server.listen-backlog. ​ On the other hand, configure a larger limit to be
 +## able to handle bursts of new connections,​ but only do so up to an amount
 +## that the server can keep up with responding in a reasonable amount of
 +## time.  Otherwise, clients may abandon the connection attempts and the
 +## server will waste resources servicing abandoned connections.
 +##
 +## It is best to leave this setting at its default unless you have modelled
 +## your traffic and tested that changing this benefits your traffic patterns.
 +##
 +## Default: 1024
 +##
 +#​server.listen-backlog = 128
 +
 +##
 +## Stat() call caching.
 +##
 +## lighttpd can utilize FAM/Gamin to cache stat call.
 +##
 +## possible values are:
 +## disable, simple or fam.
 +##
 +server.stat-cache-engine = "​simple"​
 +
 +##
 +## Fine tuning for the request handling
 +##
 +## max-connections == max-fds/2 (maybe /3)
 +## means the other file handles are used for fastcgi/​files
 +##
 +server.max-connections = 1024
 +
 +##
 +## How many seconds to keep a keep-alive connection open,
 +## until we consider it idle. 
 +##
 +## Default: 5
 +##
 +#​server.max-keep-alive-idle = 5
 +
 +##
 +## How many keep-alive requests until closing the connection.
 +##
 +## Default: 16
 +##
 +#​server.max-keep-alive-requests = 16
 +
 +##
 +## Maximum size of a request in kilobytes.
 +## By default it is unlimited (0).
 +##
 +## Uploads to your server cant be larger than this value.
 +##
 +#​server.max-request-size = 0
 +
 +##
 +## Time to read from a socket before we consider it idle.
 +##
 +## Default: 60
 +##
 +#​server.max-read-idle = 60
 +
 +##
 +## Time to write to a socket before we consider it idle.
 +##
 +## Default: 360
 +##
 +#​server.max-write-idle = 360
 +
 +##
 +##  Traffic Shaping ​
 +## -----------------
 +##
 +## see /​usr/​share/​doc/​lighttpd/​traffic-shaping.txt
 +##
 +## Values are in kilobyte per second.
 +##
 +## Keep in mind that a limit below 32kB/s might actually limit the
 +## traffic to 32kB/s. This is caused by the size of the TCP send
 +## buffer. ​
 +##
 +## per server:
 +##
 +#​server.kbytes-per-second = 128
 +
 +##
 +## per connection:
 +##
 +#​connection.kbytes-per-second = 32
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +##  Filename/​File handling
 +## ------------------------
 +
 +##
 +## files to check for if .../ is requested
 +## index-file.names ​           = ( "​index.php",​ "​index.rb",​ "​index.html",​
 +##                                 "​index.htm",​ "​default.htm"​ )
 +##
 +index-file.names += (
 +  "​index.xhtml",​ "​index.html",​ "​index.htm",​ "​default.htm",​ "​index.php"​
 +)
 +
 +##
 +## deny access the file-extensions
 +##
 +## ~    is for backupfiles from vi, emacs, joe, ...
 +## .inc is often used for code includes which should in general not be part
 +##      of the document-root
 +url.access-deny ​            = ( "​~",​ "​.inc"​ )
 +
 +##
 +## disable range requests for pdf files
 +## workaround for a bug in the Acrobat Reader plugin.
 +##
 +$HTTP["​url"​] =~ "​\.pdf$"​ {
 +  server.range-requests = "​disable"​
 +}
 +
 +##
 +## url handling modules (rewrite, redirect)
 +##
 +#​url.rewrite ​               = ( "​^/​$" ​            => "/​server-status"​ )
 +#​url.redirect ​              = ( "​^/​wishlist/​(.+)"​ => "​http://​www.example.com/​$1"​ )
 +
 +##
 +## both rewrite/​redirect support back reference to regex conditional using %n
 +##
 +#​$HTTP["​host"​] =~ "​^www\.(.*)"​ {
 +#  url.redirect ​           = ( "​^/​(.*)"​ => "​http://​%1/​$1"​ )
 +#}
 +
 +##
 +## which extensions should not be handle via static-file transfer
 +##
 +## .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
 +##
 +static-file.exclude-extensions = ( "​.php",​ "​.pl",​ "​.fcgi",​ "​.scgi"​ )
 +
 +##
 +## error-handler for all status 400-599
 +##
 +#​server.error-handler ​      = "/​error-handler.html"​
 +#​server.error-handler ​      = "/​error-handler.php"​
 +
 +##
 +## error-handler for status 404
 +##
 +#​server.error-handler-404 ​  = "/​error-handler.html"​
 +#​server.error-handler-404 ​  = "/​error-handler.php"​
 +
 +##
 +## Format: <​errorfile-prefix><​status-code>​.html
 +## -> ..../​status-404.html for 'File not found'
 +##
 +#​server.errorfile-prefix ​   = "/​srv/​www/​htdocs/​errors/​status-"​
 +
 +##
 +## mimetype mapping
 +##
 +include "​conf.d/​mime.conf"​
 +
 +##
 +## directory listing configuration
 +##
 +include "​conf.d/​dirlisting.conf"​
 +
 +##
 +## Should lighttpd follow symlinks?
 +## 
 +server.follow-symlink = "​enable"​
 +
 +##
 +## force all filenames to be lowercase?
 +##
 +#​server.force-lowercase-filenames = "​disable"​
 +
 +##
 +## defaults to /var/tmp as we assume it is a local harddisk
 +##
 +server.upload-dirs = ( "/​var/​tmp"​ )
 +
 +##
 +#######################################################################​
 +
 +
 +#######################################################################​
 +##
 +##  SSL Support
 +## ------------- ​
 +##
 +## To enable SSL for the whole server you have to provide a valid
 +## certificate and have to enable the SSL engine.::
 +##
 +##   ​ssl.engine = "​enable"​
 +##   ​ssl.pemfile = "/​path/​to/​server.pem"​
 +##
 +##   ​$SERVER["​socket"​] == "​10.0.0.1:​443"​ {
 +##     ​ssl.engine ​                 = "​enable"​
 +##     ​ssl.pemfile ​                = "/​etc/​ssl/​private/​www.example.com.pem"​
 +##
 +##     # Check your cipher list with: openssl ciphers -v '​...'​
 +##     # (use single quotes as your shell won't like ! in double quotes)
 +##     #​ssl.cipher-list ​            = "​HIGH" ​  # default
 +##
 +##     # (recommended to accept only TLSv1.2 and TLSv1.3)
 +##     #​ssl.openssl.ssl-conf-cmd = ("​Protocol"​ => "-ALL, TLSv1.2, TLSv1.3"​)
 +##
 +##     ​server.name ​                = "​www.example.com"​
 +##
 +##     ​server.document-root ​       = "/​srv/​www/​vhosts/​example.com/​www/"​
 +##   }
 +##
 +
 +## If you have a .crt and a .key file, specify both ssl.pemfile and ssl.privkey,​
 +## or cat them together into a single PEM file:
 +## $ cat /​etc/​ssl/​private/​lighttpd.key /​etc/​ssl/​certs/​lighttpd.crt \
 +##   > /​etc/​ssl/​private/​lighttpd.pem
 +##
 +#​ssl.pemfile = "/​etc/​ssl/​private/​lighttpd.pem"​
 +#
 +# or
 +#
 +#​ssl.privkey = "/​etc/​ssl/​private/​privkey.pem"​
 +#​ssl.pemfile = "/​etc/​ssl/​private/​cert.pem"​
 +
 +##
 +## optionally pass the CA certificate here.
 +##
 +##
 +#​ssl.ca-file = ""​
 +
 +##
 +## and the CRL revocation list here.
 +##
 +##
 +#​ssl.ca-crl-file = ""​
 +
 +##
 +#######################################################################​
 +
 +#######################################################################​
 +##
 +## custom includes like vhosts.
 +##
 +#include "​conf.d/​config.conf"​
 +#include "/​usr/​local/​etc/​lighttpd/​vhosts.d/​*.conf"​
 +##
 +#######################################################################​
 +
 +# IPv4 listening socket
 +$SERVER["​socket"​] == "​0.0.0.0:​80"​ { }
 </​code>​ </​code>​
lighttpd.txt · Last modified: 2020/05/20 23:36 by francesco