Feature #1313


Allow conditional config based on local IP and port

Added by at2000 almost 15 years ago. Updated almost 6 years ago.

Target version:


$HTTP["localip"] == "" {
  # config that is shared by both HTTP and HTTPS on this interface

$HTTP["port"] == "443" {
  # all SSL sites

I think we cannot do this using $SERVERsocket without massively duplicating the configs.

Actions #1

Updated by darix almost 15 years ago

  • Status changed from New to Fixed
  • Resolution set to invalid

you dont have to duplicate stuff. you just put them into a seperate file and use:

include "sharedconfig.conf" 
Actions #2

Updated by at2000 almost 15 years ago

  • Status changed from Fixed to Need Feedback
  • Resolution deleted (invalid)

OK, you got a valid workaround to avoid duplication of config, but I am not convinced that this is the more preferred way than the features I asked for.

It is common to have some rules shared by both http and https, e.g. both forward to the same fastcgi connection. It is also common to have some rules shared by all https connections, e.g. enabling the ssl backend and implementing those IE and Opera SSL hacks.

Are we satisfied with moving each of these configs to a separate file "as the ultimate solution"?

Actions #3

Updated by darix almost 15 years ago

you can do that already
$HTTPhost is evaluate within https hosts too.
sadly it has downsides.

Actions #4

Updated by at2000 almost 15 years ago

$HTTP[ "host" ] can partly replace $HTTP[ "localip" ], but again we may got different "Host:" headers even on the same interface, most notably being both the IP address and the domain name pointing thereto.

I am not sure how difficult it is to write the code, but from a user point of view I think it is a useful feature, especially it completes the missing pieces in writing conditionals.

Actions #5

Updated by at2000 over 14 years ago

The recently added $HTTPscheme is one step forward towards this direction. Users simply want at least (if not more than) one way to achieve their configuration needs, instead of being forced to use hacks.

Actions #6

Updated by gstrauss about 6 years ago

  • Assignee deleted (jan)
Actions #7

Updated by gstrauss about 6 years ago

  • Target version deleted (1.5.0)
Actions #8

Updated by gstrauss almost 6 years ago

  • Description updated (diff)
  • Status changed from Need Feedback to Wontfix

Using $HTTP["scheme"] is the recommended way to differentiate http and https

Using $HTTP["host"] =~ "^(host1\.com|host2\.com|host3\.com)$" is one way to apply common config to multiple hosts.

Another way is to put the common config into an include file, and to include that within each $HTTP["host"] which should have that common config.

While there could, of course, be more and better ways to group and share configs, doing so by local IP would be one of the more expensive ways to do so. If there is only one listening IP on the machine, then $SERVER["socket"] condition can contain the shared config. If there are multiple IPs and they are not differentiated by multiple $SERVER["socket"] directives (which could contain config for that local IP), then lighttpd would need to call getsockname() to get the actual local IP address of the connection, and then handle IPv4, IPv6, unix domain socket formats for comparison to the local IP address that was given in the config file.


Also available in: Atom