lighttpd 1.4.x https://www.lighttpd.net/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

282 lines
6.8 KiB

debug.log-request-handling = "enable"
debug.log-request-header = "enable"
debug.log-response-header = "enable"
#debug.log-condition-handling = "enable"
## 64 Mbyte ... nice limit
server.max-request-size = 65000
server.systemd-socket-activation = "enable"
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
server.name = "www.example.org"
server.tag = "lighttpd-1.4.x"
server.dir-listing = "enable"
server.modules = (
"mod_extforward",
"mod_auth",
"mod_authn_file",
"mod_setenv",
"mod_access",
"mod_expire",
"mod_simple_vhost",
"mod_cgi",
"mod_userdir",
"mod_ssi",
"mod_status",
"mod_secdownload",
"mod_deflate",
"mod_accesslog",
)
index-file.names = (
"index.html",
)
ssi.extension = (
".shtml",
)
accesslog.filename = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.access.log"
mimetype.assign = (
".png" => "image/png",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".gif" => "image/gif",
".html" => "text/html",
".htm" => "text/html",
".pdf" => "application/pdf",
".swf" => "application/x-shockwave-flash",
".spl" => "application/futuresplash",
".txt" => "text/plain",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".gz" => "application/x-gzip",
".c" => "text/plain",
".conf" => "text/plain",
)
setenv.add-environment = (
"TRAC_ENV" => "tracenv",
"SETENV" => "setenv",
)
setenv.set-environment = (
"NEWENV" => "newenv",
)
setenv.add-request-header = (
"FOO" => "foo",
)
setenv.set-request-header = (
"FOO2" => "foo2",
)
setenv.add-response-header = (
"BAR" => "foo",
)
setenv.set-response-header = (
"BAR2" => "bar2",
)
$HTTP["url"] =~ "\.pdf$" {
server.range-requests = "disable"
}
cgi.local-redir = "enable"
cgi.assign = (
".pl" => env.PERL,
".cgi" => env.PERL,
)
extforward.headers = ( "Forwarded", "X-Forwarded-For" )
extforward.forwarder = (
"127.0.0.1" => "trust",
"127.0.30.1" => "trust",
)
userdir.include-user = (
"jan",
)
userdir.path = "/"
url.access-deny = (
"~",
".inc",
)
expire.url = (
"/expire/access" => "access 2 hours",
"/expire/modification" => "access plus 1 seconds 2 minutes",
)
$HTTP["host"] == "symlink.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.follow-symlink = "enable"
}
$HTTP["host"] == "nosymlink.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.follow-symlink = "disable"
}
$HTTP["host"] == "no-simple.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/123.example.org/pages/"
}
else {
simple-vhost.document-root = "pages"
simple-vhost.server-root = env.SRCDIR + "/tmp/lighttpd/servers/"
simple-vhost.default-host = "www.example.org"
}
$HTTP["host"] =~ "bug255\.example\.org$" {
$HTTP["remoteip"] == "127.0.0.1" {
url.access-deny = (
"",
)
}
}
$HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
url.access-deny = (
".jpg",
)
}
# deny access for all image stealers
$HTTP["host"] == "referer.example.org" {
$HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
url.access-deny = (
".png",
)
}
}
$HTTP["cookie"] =~ "empty-ref" {
$HTTP["referer"] == "" {
url.access-deny = (
"",
)
}
}
$HTTP["host"] =~ "allow\.example\.org$" {
url.access-allow = ( ".txt" ) # allow takes precedence over deny
url.access-deny = ( ".txt" )
}
$HTTP["host"] == "cgi.example.org" {
cgi.x-sendfile = "enable"
}
$HTTP["host"] == "errors.example.org" {
$HTTP["url"] =~ "^/static/" {
server.error-handler-404 = "/404.html"
}
else $HTTP["url"] =~ "^/dynamic/redirect_status/" {
server.error-handler = "/404.pl"
}
else {
server.error-handler-404 = "/404.pl"
}
}
$HTTP["host"] == "lowercase-allow" {
server.force-lowercase-filenames = "enable"
}
$HTTP["host"] == "lowercase-deny" {
server.force-lowercase-filenames = "enable"
url.access-deny = (
".jpg",
)
}
$HTTP["host"] == "lowercase-exclude" {
server.force-lowercase-filenames = "enable"
static-file.exclude-extensions = (
".jpg",
)
}
$HTTP["host"] == "lowercase-auth" {
server.force-lowercase-filenames = "enable"
auth.backend = "plain"
auth.backend.plain.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.user"
auth.require = (
"/image.jpg" => (
"method" => "digest",
"realm" => "download archiv",
"require" => "valid-user",
),
)
}
$HTTP["host"] =~ "^deflate(?:-cache)?\.example\.org$" {
$HTTP["url"] == "/index.txt" {
# (force Content-Type for test; do not copy)
setenv.set-response-header = (
"Content-Type" => "text/plain; charset=utf-8"
)
}
deflate.mimetypes = (
"text/plain",
"text/html",
)
deflate.allowed-encodings = (
"gzip",
"deflate",
)
$HTTP["host"] == "deflate-cache.example.org" {
deflate.cache-dir = env.SRCDIR + "/tmp/lighttpd/cache/compress/"
}
}
$HTTP["host"] =~ "^auth-" {
$HTTP["host"] == "auth-htpasswd.example.org" {
auth.backend = "htpasswd"
auth.backend.htpasswd.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.htpasswd"
}
$HTTP["host"] == "auth-plain.example.org" {
auth.backend = "plain"
auth.backend.plain.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.user"
}
auth.require = (
"/server-status" => (
"method" => "digest",
"realm" => "download archiv",
"require" => "group=www|user=jan|host=192.168.2.10",
),
"/server-config" => (
"method" => "basic",
"realm" => "download archiv",
"require" => "valid-user",
),
)
status.status-url = "/server-status"
status.config-url = "/server-config"
}
$HTTP["host"] == "vvv.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.secret = "verysecret"
secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.uri-prefix = "/sec/"
secdownload.timeout = 120
secdownload.algorithm = "md5"
}
$HTTP["host"] == "vvv-sha1.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.secret = "verysecret"
secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.uri-prefix = "/sec/"
secdownload.timeout = 120
secdownload.algorithm = "hmac-sha1"
}
$HTTP["host"] == "vvv-sha256.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.secret = "verysecret"
secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
secdownload.uri-prefix = "/sec/"
secdownload.timeout = 120
secdownload.algorithm = "hmac-sha256"
secdownload.hash-querystr = "enable"
}