Project

General

Profile

[Solved] FastCGI authorizer hang with server.stream-respo... » lighttpd.conf

jefftharris, 2021-09-23 17:59

 
config {
var.PID = 569
var.CWD = "/root"
server.document-root = "/usr/www"
server.groupname = "nobody"
server.username = "nobody"
server.modules = (
"mod_cgi",
"mod_fastcgi",
"mod_setenv",
"mod_rewrite",
"mod_access",
"mod_openssl",
# 6
)
server.max-request-size = 1024
server.max-read-idle = 30
server.max-write-idle = 30
server.stream-request-body = 2
server.stream-response-body = 2
server.tag = ""
server.upload-dirs = ("/dev/shm")
server.errorlog-use-syslog = "enable"
cgi.execute-x-only = "enable"
dir-listing.set-footer = " "
url.rewrite = (
"(^/extjs/ext-all\.js$)" => "$1.gz",
"(^/extjs/resources/css/ext-all-gray\.css$)" => "$1.gz",
# 2
)
index-file.names = ("index.html")
ssl.honor-cipher-order = "disable"
server.port = 80
server.bind = "127.0.0.1"
ssl.pemfile = "/cfg/etc/ssl.pem2"
ssl.dh-file = "/etc/ssl/ffdhe2048.pem"
ssl.read-ahead = "disable"
ssl.ca-file = "/etc/ssl/ca-certs.crt"
ssl.cipher-list = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
fastcgi.server = (
"/" => (
(
"socket" => "/var/umi-fastcgi-auth.sock",
"mode" => "authorizer",
"check-local" => "disable",
# 3
),
),
"/index.html" => (
(
"socket" => "/var/umi-fastcgi.sock",
"check-local" => "disable",
# 2
),
),
"/umi/" => (
(
"socket" => "/var/umi-fastcgi.sock",
"check-local" => "disable",
# 2
),
),
# 3
)
mimetype.use-xattr = "disable"
mimetype.assign = (
".pdf" => "application/pdf",
".sig" => "application/pgp-signature",
".spl" => "application/futuresplash",
".json" => "application/json",
".map" => "application/json",
# 5
".class" => "application/octet-stream",
".ps" => "application/postscript",
".wasm" => "application/wasm",
".torrent" => "application/x-bittorrent",
".dvi" => "application/x-dvi",
# 10
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".tar" => "application/x-tar",
# 15
".zip" => "application/zip",
".mp3" => "audio/mpeg",
".m3u" => "audio/x-mpegurl",
".wma" => "audio/x-ms-wma",
".wax" => "audio/x-ms-wax",
# 20
".ogg" => "application/ogg",
".wav" => "audio/x-wav",
".ttc" => "font/collection",
".otf" => "font/otf",
".ttf" => "font/ttf",
# 25
".woff" => "font/woff",
".woff2" => "font/woff2",
".gif" => "image/gif",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
# 30
".png" => "image/png",
".svg" => "image/svg+xml",
".svgz" => "image/svg+xml",
".ico" => "image/x-icon",
".xbm" => "image/x-xbitmap",
# 35
".xpm" => "image/x-xpixmap",
".xwd" => "image/x-xwindowdump",
".ics" => "text/calendar",
".ifb" => "text/calendar",
".css" => "text/css",
# 40
".csv" => "text/csv",
".html" => "text/html",
".htm" => "text/html",
".shtml" => "text/html",
".js" => "text/javascript",
# 45
".mjs" => "text/javascript",
".markdown" => "text/markdown",
".md" => "text/markdown",
".asc" => "text/plain",
".c" => "text/plain",
# 50
".cpp" => "text/plain",
".log" => "text/plain",
".log.1" => "text/plain",
".log.2" => "text/plain",
".log.3" => "text/plain",
# 55
".log.4" => "text/plain",
".log.5" => "text/plain",
".conf" => "text/plain",
".text" => "text/plain",
".txt" => "text/plain",
# 60
".spec" => "text/plain",
".tsv" => "text/tab-separated-values",
".dtd" => "text/xml",
".xml" => "text/xml",
".yaml" => "text/yaml",
# 65
".yml" => "text/yaml",
".mpeg" => "video/mpeg",
".mpg" => "video/mpeg",
".mov" => "video/quicktime",
".qt" => "video/quicktime",
# 70
".avi" => "video/x-msvideo",
".asf" => "video/x-ms-asf",
".asx" => "video/x-ms-asf",
".wmv" => "video/x-ms-wmv",
".tbz" => "application/x-bzip-compressed-tar",
# 75
".tar.bz2" => "application/x-bzip-compressed-tar",
".odt" => "application/vnd.oasis.opendocument.text",
".ods" => "application/vnd.oasis.opendocument.spreadsheet",
".odp" => "application/vnd.oasis.opendocument.presentation",
".odg" => "application/vnd.oasis.opendocument.graphics",
# 80
".odc" => "application/vnd.oasis.opendocument.chart",
".odf" => "application/vnd.oasis.opendocument.formula",
".odi" => "application/vnd.oasis.opendocument.image",
".odm" => "application/vnd.oasis.opendocument.text-master",
".ott" => "application/vnd.oasis.opendocument.text-template",
# 85
".ots" => "application/vnd.oasis.opendocument.spreadsheet-template",
".otp" => "application/vnd.oasis.opendocument.presentation-template",
".otg" => "application/vnd.oasis.opendocument.graphics-template",
".otc" => "application/vnd.oasis.opendocument.chart-template",
".oti" => "application/vnd.oasis.opendocument.image-template",
# 90
".oth" => "application/vnd.oasis.opendocument.text-web",
".gz" => "application/x-gzip",
".bz2" => "application/x-bzip",
"" => "application/octet-stream",
# 94
)


$HTTP["url"] =~ "^/umi/" {
# block 1
server.max-request-size = 102400

} # end of $HTTP["url"] =~ "^/umi/"

$HTTP["request-method"] !~ "^(HEAD|GET|POST|PUT|DELETE)$" {
# block 2
url.access-deny = ("")

} # end of $HTTP["request-method"] !~ "^(HEAD|GET|POST|PUT|DELETE)$"

$HTTP["url"] =~ "^/cgi-bin" {
# block 3
cgi.assign = (
"" => "",
)

} # end of $HTTP["url"] =~ "^/cgi-bin"

$HTTP["url"] =~ "^/jobdata/" {
# block 4
dir-listing.activate = "enable"

} # end of $HTTP["url"] =~ "^/jobdata/"

$HTTP["url"] =~ "^/pkgdb/" {
# block 5
dir-listing.activate = "enable"

} # end of $HTTP["url"] =~ "^/pkgdb/"

$HTTP["url"] =~ "^/extjs/ext-all\.js\.gz$" {
# block 6
mimetype.assign = (
"" => "text/javascript",
)
setenv.add-response-header = (
"Content-Encoding" => "gzip",
)

} # end of $HTTP["url"] =~ "^/extjs/ext-all\.js\.gz$"

$HTTP["url"] =~ "^/extjs/resources/css/ext-all-gray\.css\.gz$" {
# block 7
mimetype.assign = (
"" => "text/css",
)
setenv.add-response-header = (
"Content-Encoding" => "gzip",
)

} # end of $HTTP["url"] =~ "^/extjs/resources/css/ext-all-gray\.css\.gz$"

$SERVER["socket"] == "169.254.10.1:443" {
# block 8
ssl.engine = "enable"

} # end of $SERVER["socket"] == "169.254.10.1:443"

$SERVER["socket"] == "192.168.237.13:443" {
# block 9
ssl.engine = "enable"

} # end of $SERVER["socket"] == "192.168.237.13:443"

$SERVER["socket"] == "[::]:443" {
# block 10
ssl.engine = "enable"

} # end of $SERVER["socket"] == "[::]:443"

$HTTP["url"] =~ "\.svgz$" {
# block 11
setenv.add-response-header = (
"Content-Encoding" => "gzip",
)

} # end of $HTTP["url"] =~ "\.svgz$"
}
(1-1/2)