diff options
| author | Glenn Strauss <gstrauss@gluelogic.com> | 2023-11-02 14:03:53 -0400 |
|---|---|---|
| committer | Glenn Strauss <gstrauss@gluelogic.com> | 2023-11-03 14:36:56 -0400 |
| commit | e08c32a45393aa31f660e138415a5bbe7603ee8d (patch) | |
| tree | 5cd36bdecc5aae71809912ee71b8fe5296eccc17 /user/lighttpd/lighttpd.conf | |
| parent | 7f11dddb9a842e04989855b18549e12783c287f4 (diff) | |
| download | packages-e08c32a45393aa31f660e138415a5bbe7603ee8d.tar.gz packages-e08c32a45393aa31f660e138415a5bbe7603ee8d.tar.bz2 packages-e08c32a45393aa31f660e138415a5bbe7603ee8d.tar.xz packages-e08c32a45393aa31f660e138415a5bbe7603ee8d.zip | |
user/lighttpd: Bump to 1.4.73, modernize config
Diffstat (limited to 'user/lighttpd/lighttpd.conf')
| -rw-r--r-- | user/lighttpd/lighttpd.conf | 61 |
1 files changed, 19 insertions, 42 deletions
diff --git a/user/lighttpd/lighttpd.conf b/user/lighttpd/lighttpd.conf index afb57fb17..9c9b89c7b 100644 --- a/user/lighttpd/lighttpd.conf +++ b/user/lighttpd/lighttpd.conf @@ -16,20 +16,17 @@ server.modules = ( # "mod_redirect", # "mod_alias", "mod_access", -# "mod_cml", -# "mod_trigger_b4_dl", # "mod_auth", # "mod_status", "mod_setenv", +# "mod_magnet", # "mod_proxy", # "mod_simple_vhost", # "mod_evhost", # "mod_userdir", - "mod_compress", + "mod_deflate", # "mod_ssi", -# "mod_usertrack", "mod_expire", -# "mod_secdownload", # "mod_rrdtool", # "mod_webdav", "mod_accesslog", @@ -58,14 +55,10 @@ server.errorlog = var.logdir + "/error.log" # To log errors to syslog instead, use: # server.errorlog-use-syslog = "enable" -server.indexfiles = ("index.html", "index.htm", "default.htm") +index-file.names = ("index.html", "index.htm", "default.htm") # server.tag = "lighttpd" -server.follow-symlink = "enable" - -server.event-handler = "linux-sysepoll" - # To chroot to a directory: # server.chroot = "/" @@ -82,8 +75,8 @@ server.event-handler = "linux-sysepoll" # -> ..../status-404.html for 'File not found' # server.errorfile-prefix = var.basedir + "/error/status-" -# FAM support for caching stat() calls -server.stat-cache-engine = "fam" +# inotify support for caching stat() calls +#server.stat-cache-engine = "inotify" # which extensions should not be handled via static-file transfer # (extensions that are usually handled by mod_cgi, mod_fastcgi, etc). @@ -130,26 +123,15 @@ url.access-deny = ("~", ".inc") ######## SSL config ######## # See ssl.txt in lighttpd-doc package for more info. -# The defaults here are NOT the server defaults. You need to uncomment -# them to use them. They are HIGHLY recommended; by default, lighttpd -# will serve older TLS protocols that may be vulnerable to attack. # #ssl.engine = "enable" -#ssl.honor-cipher-order = "enable" -#ssl.disable-client-renegotiation = "enable" -# pemfile is cert+privkey, ca-file is the intermediate chain in one file -#ssl.pemfile = "/path/to/signed_cert_plus_private_key.pem" -#ssl.ca-file = "/path/to/intermediate_certificate.pem" +# pemfile is certificate + intermediate chain in one file +# privkey is certificate private key +#ssl.pemfile = "/path/to/fullchain.pem" +#ssl.privkey = "/path/to/privkey.pem" # ECDH/ECDHE ciphers curve strength (see `openssl ecparam -list_curves`) -#ssl.ec-curve = "secp384r1" -# Environment flag for HTTPS enabled -#setenv.add-environment = ( -# "HTTPS" => "on" -#) +#ssl.openssl.ssl-conf-cmd += ("Groups" => "secp384r1") # Modern configuration, tweak to your needs -#ssl.use-sslv2 = "disable" -#ssl.use-sslv3 = "disable" -#ssl.cipher-list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256" # HSTS(15768000 seconds = 6 months) #setenv.add-response-header = ( # "Strict-Transport-Security" => "max-age=15768000;" @@ -163,9 +145,15 @@ url.access-deny = ("~", ".inc") #status.config-url = "/server-config" -######## mod_compress config ######## -compress.cache-dir = var.statedir + "/cache/compress" -compress.filetype = ("text/plain", "text/html") +######## mod_deflate config ######## +deflate.cache-dir = var.statedir + "/cache/compress" +deflate.mimetypes = ("text/plain", "text/html") +deflate.allowed-encodings = ( "zstd", "gzip", "deflate" ) + + +######## mod_magnet config ######## +# programmatic manipulation of requests using lua +# https://wiki.lighttpd.net/mod_magnet ######## mod_proxy config ######## @@ -231,17 +219,6 @@ compress.filetype = ("text/plain", "text/html") # "/asdhas/" => "access plus 1 seconds 2 minutes" #) -# {{{ mod_trigger_b4_dl -# see trigger_b4_dl.txt -# -# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db" -# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) -# trigger-before-download.trigger-url = "^/trigger/" -# trigger-before-download.download-url = "^/download/" -# trigger-before-download.deny-url = "http://127.0.0.1/index.html" -# trigger-before-download.trigger-timeout = 10 -# }}} - ######## mod_webdav config ######## # lighttpd can act as a WebDAV server. |