Project

General

Profile

Actions

Setting up PHP with Lighttpd and trac

If you want to serve php pages and restrict user's access to view their code or accidentally download them, but run a service that displays source of php pages (such as trac) at the same time, it can be done as shown below.

Enable fastcgi to serve normal site pages.


fastcgi.server = ( ".php" => ((
                     "bin-path" => "/usr/local/bin/php",
                     "socket" => "/tmp/php-fastcgi.socket",
                     "max-procs" => 2,
                     "bin-environment" => ( 
                       "PHP_FCGI_CHILDREN" => "16",
                       "PHP_FCGI_MAX_REQUESTS" => "10000" 
                     ),
                     "bin-copy-environment" => (
                       "PATH", "SHELL", "USER" 
                     ),
                     "broken-scriptfilename" => "enable")))

Run fastcgi for trac only when the trac area of the site is in use.


$HTTP["url"] =~ "^/trac" {
fastcgi.server = ( "/trac" =>
                   ("trac" =>
                     ("socket" => "/tmp/trac-fastcgi.sock",
                      "bin-path" => "<path to trac>/cgi-bin/trac.fcgi",
                      "check-local" => "disable",
                      "bin-environment" => ("TRAC_ENV" => "<path to trac project environment>")
                     )
                   ))
}

Source files in trac are usually in "/trac/browser/trunk", but change accordingly.
With the following conditional we assure that access is restricted to php pages, except when we browse the source repository.


$HTTP["url"] !~ "^/trac/browser/trunk/" {
     url.access-deny = (".php")
}

You might also want to check out HowToSetupTrac.

Updated by gstrauss almost 3 years ago · 6 revisions