[Solved] help with rewrite
Added by jello over 2 years ago
Hello,
I'm running lighttpd 1.4.59 on Debian GNU/Linux 11 (bullseye) and trying to set up kanboard. I have php-fpm set up for other things running on this machine, and have put the kanboard files in /usr/share/kanaboard
, so I added the following to my lighttpd config:
$HTTP["url"] =~ "^/kanboard/" { alias.url += ( "/kanboard/" => "/usr/share/kanboard/" ) index-file.names += ( "index.php" ) }
However, while this seems to work at first glance, I cannot retrieve any of the static assets within this path; for example going to https://myserver.example.org/kanboard/favicon.ico
just returns the login page -- as if I went to /kanboard/index.php
.
Any ideas?
Replies (4)
RE: help with rewrite - Added by jello over 2 years ago
The files are, of course, in /usr/share/kanboard/
, not kanaboard
.
RE: help with rewrite - Added by jello over 2 years ago
jello wrote:
However, while this seems to work at first glance, I cannot retrieve any of the static assets within this path; for example going to
https://myserver.example.org/kanboard/favicon.ico
just returns the login page -- as if I went to/kanboard/index.php
.
To be more precise, upon further digging, I seem to get a 302 redirect to Location: /kanboard/?controller=AuthController&action=login
. Not really sure how/why that is happening.
I'm attaching my full config here.
full_lighttpd.config (5.48 KB) full_lighttpd.config | config |
RE: help with rewrite - Added by gstrauss over 2 years ago
url.rewrite-once = ( "^/kanboard/assets/.+" => "/kanboard/$0", "^/kanboard/favicon\.png$" => "/kanboard/$0", "^/kanboard(/[^\?]*)(\?.*)?" => "/kanboard/index.php$2", )
Some of those are probably not doing what you think they are doing.
"^/kanboard/assets/.+" => "/kanboard/$0"
rewrites /kanboard/assets/foo to /kanboard/kanboard/assets/foo"^/kanboard/favicon\.png$" => "/kanboard/$0"
rewrites /kanboard/favicon.png to /kanboard/kanboard/favicon.pngDid you mean favicon.ico instead of favicon.png?
If you do not want those to be rewritten, the special target
=> ""
says "don't rewrite this URL, and do not process further rewrite rules" "^/kanboard/(?:assets/|favicon\.ico$)" => ""
For "^/kanboard(/[^\?]*)(\?.*)?" => "/kanboard/index.php$2"
if you want to match everything that remains and pass the query string to index.php, this is more direct:"" => "/kanboard/index.php${qsa}"
since the url.rewrite-once rules are alread inside a $HTTP["url"] =~ "^/kanboard/"
condition.
Your rewrite rules might also be simplified to a single rule with url.rewrite-if-not-file
url.rewrite-if-not-file = ("" => "/kanboard/index.php${qsa}")
since the url.rewrite-once rules are alread inside a $HTTP["url"] =~ "^/kanboard/"
condition.
Other comments on your config:
The repetition of index.php is redundant.index-file.names = ("index.php", "index.html", "index.php")
and index-file.names
is probably not even necessary with url.rewrite-if-not-file = ("" => "/kanboard/index.php${qsa}")
Better TLS config:
ssl.openssl.ssl-conf-cmd = ( "MinProtocol" => "TLSv1.2", # lighttpd default "Options" => "-ServerPreference", "CipherString" => "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", ) # not needed; better CipherString defined above #ssl.cipher-list = "HIGH" # should use fullchain.pem and omit ssl.ca-file #ssl.pemfile = "/etc/letsencrypt/live/example.org/cert.pem" ssl.pemfile = "/etc/letsencrypt/live/example.org/fullchain.pem" ssl.privkey = "/etc/letsencrypt/live/example.org/privkey.pem" #ssl.ca-file = "/etc/letsencrypt/live/example.org/chain.pem" ssl.stapling-file = "/var/cache/lighttpd/ocsp.der" # not needed with modern TLS libraries unless you have some obscure requirement #ssl.dh-file = "/etc/ssl/example.org/dhparams.pem"
RE: help with rewrite - Added by jello over 2 years ago
Thanks for the assistance and the SSL critique! I ended up using the following:
$HTTP["url"] =~ "^/kanboard/" { alias.url += ( "/kanboard/" => "/usr/share/kanboard/" ) index-file.names += ( "index.php" ) url.rewrite-once = ( "^/kanboard/assets/.+" => "", "^/kanboard/favicon\..*$" => "", "" => "/kanboard/index.php${qsa}", ) }
--Joe