summaryrefslogtreecommitdiff
path: root/user/lighttpd/lighttpd.conf
diff options
context:
space:
mode:
Diffstat (limited to 'user/lighttpd/lighttpd.conf')
-rw-r--r--user/lighttpd/lighttpd.conf61
1 files changed, 19 insertions, 42 deletions
diff --git a/user/lighttpd/lighttpd.conf b/user/lighttpd/lighttpd.conf
index afb57fb17..9c9b89c7b 100644
--- a/user/lighttpd/lighttpd.conf
+++ b/user/lighttpd/lighttpd.conf
@@ -16,20 +16,17 @@ server.modules = (
# "mod_redirect",
# "mod_alias",
"mod_access",
-# "mod_cml",
-# "mod_trigger_b4_dl",
# "mod_auth",
# "mod_status",
"mod_setenv",
+# "mod_magnet",
# "mod_proxy",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_userdir",
- "mod_compress",
+ "mod_deflate",
# "mod_ssi",
-# "mod_usertrack",
"mod_expire",
-# "mod_secdownload",
# "mod_rrdtool",
# "mod_webdav",
"mod_accesslog",
@@ -58,14 +55,10 @@ server.errorlog = var.logdir + "/error.log"
# To log errors to syslog instead, use:
# server.errorlog-use-syslog = "enable"
-server.indexfiles = ("index.html", "index.htm", "default.htm")
+index-file.names = ("index.html", "index.htm", "default.htm")
# server.tag = "lighttpd"
-server.follow-symlink = "enable"
-
-server.event-handler = "linux-sysepoll"
-
# To chroot to a directory:
# server.chroot = "/"
@@ -82,8 +75,8 @@ server.event-handler = "linux-sysepoll"
# -> ..../status-404.html for 'File not found'
# server.errorfile-prefix = var.basedir + "/error/status-"
-# FAM support for caching stat() calls
-server.stat-cache-engine = "fam"
+# inotify support for caching stat() calls
+#server.stat-cache-engine = "inotify"
# which extensions should not be handled via static-file transfer
# (extensions that are usually handled by mod_cgi, mod_fastcgi, etc).
@@ -130,26 +123,15 @@ url.access-deny = ("~", ".inc")
######## SSL config ########
# See ssl.txt in lighttpd-doc package for more info.
-# The defaults here are NOT the server defaults. You need to uncomment
-# them to use them. They are HIGHLY recommended; by default, lighttpd
-# will serve older TLS protocols that may be vulnerable to attack.
#
#ssl.engine = "enable"
-#ssl.honor-cipher-order = "enable"
-#ssl.disable-client-renegotiation = "enable"
-# pemfile is cert+privkey, ca-file is the intermediate chain in one file
-#ssl.pemfile = "/path/to/signed_cert_plus_private_key.pem"
-#ssl.ca-file = "/path/to/intermediate_certificate.pem"
+# pemfile is certificate + intermediate chain in one file
+# privkey is certificate private key
+#ssl.pemfile = "/path/to/fullchain.pem"
+#ssl.privkey = "/path/to/privkey.pem"
# ECDH/ECDHE ciphers curve strength (see `openssl ecparam -list_curves`)
-#ssl.ec-curve = "secp384r1"
-# Environment flag for HTTPS enabled
-#setenv.add-environment = (
-# "HTTPS" => "on"
-#)
+#ssl.openssl.ssl-conf-cmd += ("Groups" => "secp384r1")
# Modern configuration, tweak to your needs
-#ssl.use-sslv2 = "disable"
-#ssl.use-sslv3 = "disable"
-#ssl.cipher-list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
# HSTS(15768000 seconds = 6 months)
#setenv.add-response-header = (
# "Strict-Transport-Security" => "max-age=15768000;"
@@ -163,9 +145,15 @@ url.access-deny = ("~", ".inc")
#status.config-url = "/server-config"
-######## mod_compress config ########
-compress.cache-dir = var.statedir + "/cache/compress"
-compress.filetype = ("text/plain", "text/html")
+######## mod_deflate config ########
+deflate.cache-dir = var.statedir + "/cache/compress"
+deflate.mimetypes = ("text/plain", "text/html")
+deflate.allowed-encodings = ( "zstd", "gzip", "deflate" )
+
+
+######## mod_magnet config ########
+# programmatic manipulation of requests using lua
+# https://wiki.lighttpd.net/mod_magnet
######## mod_proxy config ########
@@ -231,17 +219,6 @@ compress.filetype = ("text/plain", "text/html")
# "/asdhas/" => "access plus 1 seconds 2 minutes"
#)
-# {{{ mod_trigger_b4_dl
-# see trigger_b4_dl.txt
-#
-# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
-# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
-# trigger-before-download.trigger-url = "^/trigger/"
-# trigger-before-download.download-url = "^/download/"
-# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
-# trigger-before-download.trigger-timeout = 10
-# }}}
-
######## mod_webdav config ########
# lighttpd can act as a WebDAV server.