diff options
Diffstat (limited to 'harmony/lighttpd/lighttpd.conf')
| -rw-r--r-- | harmony/lighttpd/lighttpd.conf | 261 |
1 files changed, 261 insertions, 0 deletions
diff --git a/harmony/lighttpd/lighttpd.conf b/harmony/lighttpd/lighttpd.conf new file mode 100644 index 000000000..cfec00065 --- /dev/null +++ b/harmony/lighttpd/lighttpd.conf @@ -0,0 +1,261 @@ +################################### +# Default lighttpd.conf for Adélie +################################### + + +######## Variables ######## +var.basedir = "/var/www/localhost" +var.logdir = "/var/log/lighttpd" +var.statedir = "/var/lib/lighttpd" + + +######## Modules ######## +# NOTE: the order of modules is important. +server.modules = ( +# "mod_rewrite", +# "mod_redirect", +# "mod_alias", + "mod_access", +# "mod_cml", +# "mod_trigger_b4_dl", +# "mod_auth", +# "mod_status", + "mod_setenv", +# "mod_proxy", +# "mod_simple_vhost", +# "mod_evhost", +# "mod_userdir", + "mod_compress", +# "mod_ssi", +# "mod_usertrack", + "mod_expire", +# "mod_secdownload", +# "mod_rrdtool", +# "mod_webdav", + "mod_accesslog" +) + + +######## Inclusions ######## +include "mime-types.conf" +# uncomment for cgi support +# include "mod_cgi.conf" +# uncomment for php/fastcgi support +# include "mod_fastcgi.conf" +# uncomment for php/fastcgi fpm support +# include "mod_fastcgi_fpm.conf" + + +######## Global Settings ######## +server.username = "lighttpd" +server.groupname = "lighttpd" + +server.document-root = var.basedir + "/htdocs" +server.pid-file = "/run/lighttpd.pid" + +server.errorlog = var.logdir + "/error.log" +# To log errors to syslog instead, use: +# server.errorlog-use-syslog = "enable" + +server.indexfiles = ("index.html", "index.htm", "default.htm") + +# server.tag = "lighttpd" + +server.follow-symlink = "enable" + +server.event-handler = "linux-sysepoll" + +# To chroot to a directory: +# server.chroot = "/" + +# Default bind port is 80. To change: +# server.port = 81 + +# Default bind address is global (0.0.0.0). To change: +# server.bind = "grisu.home.kneschke.de" + +# error-handler for status 404 +# server.error-handler-404 = "/error-handler.html" + +# Format: <errorfile-prefix><status-code>.html +# -> ..../status-404.html for 'File not found' +# server.errorfile-prefix = var.basedir + "/error/status-" + +# FAM support for caching stat() calls +server.stat-cache-engine = "fam" + +# which extensions should not be handled via static-file transfer +# (extensions that are usually handled by mod_cgi, mod_fastcgi, etc). +static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi") + + +######## mod_accesslog config ######## +accesslog.filename = var.logdir + "/access.log" + + +######## mod_dirlisting config ######## +# Enable directory listings if no indexfile is present. +#dir-listing.activate = "enable" + +# Don't list hidden files/directories (beginning with '.') +#dir-listing.hide-dotfiles = "enable" +# +# Specify a path here for custom directory listing CSS: +#dir-listing.external-css = "/path/to/dir-listing.css" +# +# Exclude files that match any regex in this list from directory listings: +#dir-listing.exclude = ("^\.", "~$") + + +######## mod_access config ######## +# See access.txt in lighttpd-doc package for more info. + +url.access-deny = ("~", ".inc") + + +######## mod_userdir config ######## +# This will give all users with valid homedirs the chance to publish a +# webpage from this server using traditional /~username/ paths. +# See userdir.txt in lighttpd-doc package for more info. +# +#userdir.path = "public_html" +#userdir.exclude-user = ("root") + + +######## mod_ssi config ######## +# This allows you to use server-side includes. +#ssi.extension = (".shtml") + + +######## SSL config ######## +# See ssl.txt in lighttpd-doc package for more info. +# The defaults here are NOT the server defaults. You need to uncomment +# them to use them. They are HIGHLY recommended; by default, lighttpd +# will serve older TLS protocols that may be vulnerable to attack. +# +#ssl.engine = "enable" +#ssl.honor-cipher-order = "enable" +#ssl.disable-client-renegotiation = "enable" +# pemfile is cert+privkey, ca-file is the intermediate chain in one file +#ssl.pemfile = "/path/to/signed_cert_plus_private_key.pem" +#ssl.ca-file = "/path/to/intermediate_certificate.pem" +# ECDH/ECDHE ciphers curve strength (see `openssl ecparam -list_curves`) +#ssl.ec-curve = "secp384r1" +# Environment flag for HTTPS enabled +#setenv.add-environment = ( +# "HTTPS" => "on" +#) +# Modern configuration, tweak to your needs +#ssl.use-sslv2 = "disable" +#ssl.use-sslv3 = "disable" +#ssl.cipher-list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256" +# HSTS(15768000 seconds = 6 months) +#setenv.add-response-header = ( +# "Strict-Transport-Security" => "max-age=15768000;" +#) + + +######## mod_status config ######## +# This is generally handy and won't expose any sensitive info. +#status.status-url = "/server-status" +# This will expose some of your configuration to the world! +#status.config-url = "/server-config" + + +######## mod_compress config ######## +compress.cache-dir = var.statedir + "/cache/compress" +compress.filetype = ("text/plain", "text/html") + + +######## mod_proxy config ######## +# See proxy.txt in lighttpd-doc package for more info. +# proxy.server = ( ".php" => +# ( "localhost" => +# ( +# "host" => "192.168.0.101", +# "port" => 80 +# ) +# ) +# ) +# }}} + + +######## mod_auth config ######## +# See authentication.txt in lighttpd-doc package for more info. +#auth.backend = "plain" +#auth.backend.plain.userfile = "lighttpd.user" +#auth.backend.plain.groupfile = "lighttpd.group" + +#auth.backend.ldap.hostname = "localhost" +#auth.backend.ldap.base-dn = "dc=my-domain,dc=com" +#auth.backend.ldap.filter = "(uid=$)" + +#auth.require = ( "/server-status" => +# ( +# "method" => "digest", +# "realm" => "download archiv", +# "require" => "user=jan" +# ), +# "/server-info" => +# ( +# "method" => "digest", +# "realm" => "download archiv", +# "require" => "valid-user" +# ) +# ) + + +######## mod_rewrite config ######## +# Apache-style mod_rewrite for implementing URL rewriting. +# See rewrite.txt in lighttpd-doc package for more info. +# +#url.rewrite = ( +# "^/$" => "/server-status" +#) + + +######## mod_redirect config ######## +# See redirect.txt in lighttpd-doc package for more info. +# +#url.redirect = ( +# "^/wishlist/(.+)" => "http://www.123.org/$1" +#) + + +######## mod_expire config ######## +# It is highly recommended you configure Expire: headers correctly to +# conserve bandwidth, especially for users on slow links. +#expire.url = ( +# "/buggy/" => "access 2 hours", +# "/asdhas/" => "access plus 1 seconds 2 minutes" +#) + +# {{{ mod_trigger_b4_dl +# see trigger_b4_dl.txt +# +# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db" +# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) +# trigger-before-download.trigger-url = "^/trigger/" +# trigger-before-download.download-url = "^/download/" +# trigger-before-download.deny-url = "http://127.0.0.1/index.html" +# trigger-before-download.trigger-timeout = 10 +# }}} + + +######## mod_webdav config ######## +# lighttpd can act as a WebDAV server. +# See webdav.txt in lighttpd-doc package for more info. +# +#$HTTP["url"] =~ "^/dav($|/)" { +# webdav.activate = "enable" +# webdav.is-readonly = "enable" +#} + + +######## Debugging options ######## +# debug.log-request-header = "enable" +# debug.log-response-header = "enable" +# debug.log-request-handling = "enable" +# debug.log-file-not-found = "enable" + +# vim: set ft=conf foldmethod=marker et : |