[Solved] help with rewrite
Added by jello over 2 years ago
Hello,
I'm running lighttpd 1.4.59 on Debian GNU/Linux 11 (bullseye) and trying to set up kanboard. I have php-fpm set up for other things running on this machine, and have put the kanboard files in /usr/share/kanaboard, so I added the following to my lighttpd config:
$HTTP["url"] =~ "^/kanboard/" {
alias.url += ( "/kanboard/" => "/usr/share/kanboard/" )
index-file.names += ( "index.php" )
}
However, while this seems to work at first glance, I cannot retrieve any of the static assets within this path; for example going to https://myserver.example.org/kanboard/favicon.ico just returns the login page -- as if I went to /kanboard/index.php.
Any ideas?
Replies (4)
RE: help with rewrite - Added by jello over 2 years ago
The files are, of course, in /usr/share/kanboard/, not kanaboard.
RE: help with rewrite - Added by jello over 2 years ago
jello wrote:
However, while this seems to work at first glance, I cannot retrieve any of the static assets within this path; for example going to
https://myserver.example.org/kanboard/favicon.icojust returns the login page -- as if I went to/kanboard/index.php.
To be more precise, upon further digging, I seem to get a 302 redirect to Location: /kanboard/?controller=AuthController&action=login. Not really sure how/why that is happening.
I'm attaching my full config here.
| full_lighttpd.config (5.48 KB) full_lighttpd.config | config |
RE: help with rewrite - Added by gstrauss over 2 years ago
url.rewrite-once = (
"^/kanboard/assets/.+" => "/kanboard/$0",
"^/kanboard/favicon\.png$" => "/kanboard/$0",
"^/kanboard(/[^\?]*)(\?.*)?" => "/kanboard/index.php$2",
)
Some of those are probably not doing what you think they are doing.
"^/kanboard/assets/.+" => "/kanboard/$0" rewrites /kanboard/assets/foo to /kanboard/kanboard/assets/foo"^/kanboard/favicon\.png$" => "/kanboard/$0" rewrites /kanboard/favicon.png to /kanboard/kanboard/favicon.pngDid you mean favicon.ico instead of favicon.png?
If you do not want those to be rewritten, the special target
=> "" says "don't rewrite this URL, and do not process further rewrite rules" "^/kanboard/(?:assets/|favicon\.ico$)" => ""
For "^/kanboard(/[^\?]*)(\?.*)?" => "/kanboard/index.php$2" if you want to match everything that remains and pass the query string to index.php, this is more direct:"" => "/kanboard/index.php${qsa}" since the url.rewrite-once rules are alread inside a $HTTP["url"] =~ "^/kanboard/" condition.
Your rewrite rules might also be simplified to a single rule with url.rewrite-if-not-fileurl.rewrite-if-not-file = ("" => "/kanboard/index.php${qsa}") since the url.rewrite-once rules are alread inside a $HTTP["url"] =~ "^/kanboard/" condition.
Other comments on your config:
The repetition of index.php is redundant.index-file.names = ("index.php", "index.html", "index.php")
and index-file.names is probably not even necessary with url.rewrite-if-not-file = ("" => "/kanboard/index.php${qsa}")
Better TLS config:
ssl.openssl.ssl-conf-cmd = (
"MinProtocol" => "TLSv1.2", # lighttpd default
"Options" => "-ServerPreference",
"CipherString" => "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384",
)
# not needed; better CipherString defined above
#ssl.cipher-list = "HIGH"
# should use fullchain.pem and omit ssl.ca-file
#ssl.pemfile = "/etc/letsencrypt/live/example.org/cert.pem"
ssl.pemfile = "/etc/letsencrypt/live/example.org/fullchain.pem"
ssl.privkey = "/etc/letsencrypt/live/example.org/privkey.pem"
#ssl.ca-file = "/etc/letsencrypt/live/example.org/chain.pem"
ssl.stapling-file = "/var/cache/lighttpd/ocsp.der"
# not needed with modern TLS libraries unless you have some obscure requirement
#ssl.dh-file = "/etc/ssl/example.org/dhparams.pem"
RE: help with rewrite - Added by jello over 2 years ago
Thanks for the assistance and the SSL critique! I ended up using the following:
$HTTP["url"] =~ "^/kanboard/" {
alias.url += ( "/kanboard/" => "/usr/share/kanboard/" )
index-file.names += ( "index.php" )
url.rewrite-once = (
"^/kanboard/assets/.+" => "",
"^/kanboard/favicon\..*$" => "",
"" => "/kanboard/index.php${qsa}",
)
}
--Joe