|
## modules to load
|
|
# at least mod_access and mod_accesslog should be loaded
|
|
# all other module should only be loaded if really neccesary
|
|
# - saves some time
|
|
# - saves memory
|
|
server.modules = (
|
|
"mod_redirect",
|
|
"mod_auth",
|
|
"mod_cgi",
|
|
"mod_accesslog" )
|
|
|
|
server.document-root = "/opt/www/"
|
|
server.upload-dirs = ( "/opt-pdd/" )
|
|
server.event-handler = "poll"
|
|
server.stream-request-body = 1
|
|
|
|
|
|
server.errorfile-prefix = "/errors/err"
|
|
|
|
server.port=443
|
|
|
|
$SERVER["socket"] == ":443" { ssl.engine = "enable" }
|
|
$SERVER["socket"] == "[::]:443" { ssl.engine="enable" }
|
|
|
|
|
|
server.modules += ("mod_openssl")
|
|
|
|
ssl.pemfile = "/etc/lighttpd/lighttpd.pem"
|
|
ssl.read-ahead = "disable"
|
|
|
|
#redirect http to https
|
|
$HTTP["scheme"] == "http" { url.redirect = ( "" => "https://${url.authority}${url.path}${qsa}" ) }
|
|
|
|
server.errorlog-use-syslog = "enable"
|
|
|
|
|
|
index-file.names = ( "index.html" )
|
|
static-file.exclude-extensions = ( ".cgi" )
|
|
|
|
|
|
cgi.assign = ( ".cgi" => "" )
|
|
|
|
mimetype.assign = (
|
|
".html" => "text/html",
|
|
".htm" => "text/html",
|
|
".css" => "text/css",
|
|
".js" => "application/javascript",
|
|
".jpg" => "image/jpeg",
|
|
".gif" => "image/gif",
|
|
".png" => "image/png",
|
|
".txt" => "text/plain",
|
|
".log" => "text/plain",
|
|
".conf" => "text/plain",
|
|
".mib" => "text/plain"
|
|
)
|
|
|
|
################
|
|
|
|
## type of backend
|
|
# plain, htpasswd, htdigest (mod_authn_file); ldap (mod_authn_ldap); gssapi (mod_authn_gssapi); mysql (mod_authn_mysql); pam (mod_authn_pam); sasl (mod_authn_sasl)
|
|
server.modules += ( "mod_authn_pam" )
|
|
auth.backend = "pam"
|
|
|
|
auth.require = ( "/" =>
|
|
(
|
|
"method" => "basic",
|
|
"realm" => "Password protected area",
|
|
"require" => "valid-user"
|
|
)
|
|
)
|
|
|
|
#### accesslog module
|
|
accesslog.use-syslog = "enable"
|
|
accesslog.format = "%h %u \"%r\" %>s \"%{User-Agent}i\""
|