Project

General

Profile

Bug #3084 » lighttpd.conf

ZivHung, 2021-06-02 05:44

 
1
server.document-root = "/usr/web/"
2

    
3
server.port = 443
4
ssl.engine = "enable"
5
ssl.pemfile = "/usr/etc/lighttpd.crt"
6
ssl.privkey = "/usr/etc/lighttpd.pem"
7
ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.2",
8
								"CipherString" => "EECDH+AESGCM:AES256+EECDH:CHACHA20")
9
server.stream-request-body = 2
10
server.stream-response-body = 2
11
server.tag = ""
12
server.stat-cache-engine = "disable"
13
server.feature-flags = ( "server.h2proto" => "disable" )
14
ssl.read-ahead = "disable"
15

    
16

    
17
# 100MB
18
server.max-request-size  = 104857600
19
server.network-backend="sendfile"
20
server.upload-dirs=("/tmp")
21

    
22
# listen to ipv6
23
# $SERVER["socket"] == "[::]:41931" {  }
24

    
25
# server.username = "root"
26
# server.groupname = "root"
27

    
28
mimetype.assign = (
29
	".pdf"          =>      "application/pdf",
30
  ".sig"          =>      "application/pgp-signature",
31
  ".spl"          =>      "application/futuresplash",
32
  ".class"        =>      "application/octet-stream",
33
  ".ps"           =>      "application/postscript",
34
  ".torrent"      =>      "application/x-bittorrent",
35
  ".dvi"          =>      "application/x-dvi",
36
  ".gz"           =>      "application/x-gzip",
37
  ".pac"          =>      "application/x-ns-proxy-autoconfig",
38
  ".swf"          =>      "application/x-shockwave-flash",
39
  ".tar.gz"       =>      "application/x-tgz",
40
  ".tgz"          =>      "application/x-tgz",
41
  ".tar"          =>      "application/x-tar",
42
  ".zip"          =>      "application/zip",
43
  ".mp3"          =>      "audio/mpeg",
44
  ".m3u"          =>      "audio/x-mpegurl",
45
  ".wma"          =>      "audio/x-ms-wma",
46
  ".wax"          =>      "audio/x-ms-wax",
47
  ".ogg"          =>      "application/ogg",
48
  ".wav"          =>      "audio/x-wav",
49
  ".gif"          =>      "image/gif",
50
  ".jpg"          =>      "image/jpeg",
51
  ".jpeg"         =>      "image/jpeg",
52
  ".png"          =>      "image/png",
53
  ".xbm"          =>      "image/x-xbitmap",
54
  ".xpm"          =>      "image/x-xpixmap",
55
  ".xwd"          =>      "image/x-xwindowdump",
56
  ".css"          =>      "text/css",
57
  ".html"         =>      "text/html",
58
  ".htm"          =>      "text/html",
59
  ".js"           =>      "text/javascript",
60
  ".asc"          =>      "text/plain",
61
  ".c"            =>      "text/plain",
62
  ".cpp"          =>      "text/plain",
63
  ".log"          =>      "text/plain",
64
  ".conf"         =>      "text/plain",
65
  ".text"         =>      "text/plain",
66
  ".txt"          =>      "text/plain",
67
  ".dtd"          =>      "text/xml",
68
  ".xml"          =>      "text/xml",
69
  ".mpeg"         =>      "video/mpeg",
70
  ".mpg"          =>      "video/mpeg",
71
  ".mp4"          =>      "video/mp4",
72
  ".mov"          =>      "video/quicktime",
73
  ".qt"           =>      "video/quicktime",
74
  ".avi"          =>      "video/x-msvideo",
75
  ".asf"          =>      "video/x-ms-asf",
76
  ".asx"          =>      "video/x-ms-asf",
77
  ".wmv"          =>      "video/x-ms-wmv",
78
  ".bz2"          =>      "application/x-bzip",
79
  ".tbz"          =>      "application/x-bzip-compressed-tar",
80
  ".tar.bz2"      =>      "application/x-bzip-compressed-tar",
81
  "" => ""
82
)
83

    
84
server.modules = (
85
  "mod_access",
86
  "mod_fastcgi",
87
  "mod_authn_file",
88
  "mod_auth", 
89
  "mod_setenv",  
90
  "mod_proxy",
91
  #"mod_cgi",
92
  "mod_openssl",
93
  "mod_redirect",
94
  "mod_alias",
95
  "mod_wstunnel",
96
)
97

    
98
# websocket to RTSP with URI (*/webrtsp)
99
$HTTP["url"] =~ "^/webrtsp" {
100
    wstunnel.ping-interval = 20
101
    wstunnel.server = ( "" => ( ( "host" => "0.0.0.0", "port" => "554") ) )
102
    wstunnel.frame-type = "binary" 
103
    server.stream-request-body  = 2
104
    server.stream-response-body = 2
105
    server.max-read-idle = 120
106
}else $HTTP["url"] != "" {
107
  setenv.add-response-header = ("Cache-Control" => "no-store, no-cache, must-revalidate, post-check=0, pre-check=0", 
108
  "Strict-Transport-Security" => "max-age=63072000",     
109
  "X-Frame-Options" => "DENY",
110
  "X-Content-Type-Options" => "nosniff",
111
  "X-Xss-Protection" => "1; mode=block"
112
  )
113
  etag.use-inode = "disable"
114
  etag.use-mtime = "disable"
115
  etag.use-size = "disable"
116
}
117
			   
118
fastcgi.server = (
119
    ".cgi"=>
120
    ((
121
        "socket"=>"/tmp/ability.fcgi.socket",
122
        #"port" => 1026,
123
        "check-local"=>"disable",
124
        "bin-path"=>"/bin/abfcgi",
125
        "max-procs" => 1,
126
        "allow-x-send-file" => "enable"
127
    )),
128
    "aiapp"=>
129
    ((
130
        "socket"=>"/tmp/abilitycalibration.fcgi.socket",
131
        "check-local"=>"disable",
132
        "bin-path"=>"/bin/ai_cgi_app",
133
        "max-procs" => 1,
134
        "allow-x-send-file" => "enable"
135
    ))
136
)
137

    
138
alias.url += (
139
        "/cgi-bin" 	=> "/usr/web/" + "/cgi-bin",
140
        "/axis-cgi" => "/usr/web/" + "/cgi-bin",
141
        "/css"     	=> "/usr/web/" + "/css",
142
        "/images"   => "/usr/web/" + "/images",
143
        "/js" 		=> "/usr/web/" + "/js",
144
        "/videos"   => "/usr/web/" + "/videos",
145
		"/websock"           => "/usr/web/" + "/websock"
146
)
147

    
148

    
149

    
150
cgi.assign = (
151
	#".cgi" => "",
152
	".py"  => "/usr/bin/python"
153
)
154
cgi.execute-all = "enable" 
155

    
156
#server.errorlog = "/var/log/lighttpd.error.log"
157
static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc", ".cgi", ".clb" )
158
index-file.names = ( "Welcome.html","AIDemo/index.html" )
159

    
160

    
161
#IPv6
162
#$SERVER["socket"] == "0.0.0.0:443" { <here your ssl options> }	
163
#$SERVER["socket"] == "[::]:443" { <here your ssl options again> }
(2-2/4)