etc edits

2019-06-15 16:00:46 +02:00
parent 548ae2be2c
commit dddd6e8632
53 changed files with 0 additions and 3 deletions
@@ -0,0 +1,25 @@
+# /usr/share/doc/lighttpd/authentication.txt.gz
+
+server.modules                += ( "mod_auth" )
+
+# auth.backend                 = "plain"
+# auth.backend.plain.userfile  = "lighttpd.user"
+# auth.backend.plain.groupfile = "lighttpd.group"
+
+# auth.backend.ldap.hostname   = "localhost"
+# auth.backend.ldap.base-dn    = "dc=my-domain,dc=com"
+# auth.backend.ldap.filter     = "(uid=$)"
+
+# auth.require                 = ( "/server-status" => 
+#                                ( 
+#				  "method"  => "digest",
+#				  "realm"   => "download archiv",
+#				  "require" => "group=www|user=jan|host=192.168.2.10"
+#				),
+#				"/server-info" => 
+#                                ( 
+#				  "method"  => "digest",
+#				  "realm"   => "download archiv",
+#				  "require" => "group=www|user=jan|host=192.168.2.10"
+#				)
+#                              )
@@ -0,0 +1,3 @@
+server.modules += ( "mod_accesslog" )
+
+accesslog.filename = "/var/log/lighttpd/access.log"
@@ -0,0 +1,15 @@
+# /usr/share/doc/lighttpd/cgi.txt
+
+server.modules += ( "mod_cgi" )
+
+$HTTP["url"] =~ "^/cgi-bin/" {
+	cgi.assign = ( "" => "" )
+}
+
+## Warning this represents a security risk, as it allow to execute any file
+## with a .pl/.py even outside of /usr/lib/cgi-bin.
+#
+#cgi.assign      = (
+#	".pl"  => "/usr/bin/perl",
+#	".py"  => "/usr/bin/python",
+#)
@@ -0,0 +1,2 @@
+dir-listing.encoding = "utf-8"
+server.dir-listing   = "enable"
@@ -0,0 +1 @@
+server.modules += ( "mod_evasive" )
@@ -0,0 +1,5 @@
+# http://redmine.lighttpd.net/wiki/1/Docs:ModEVhost
+
+server.modules += ( "mod_evhost" )
+
+evhost.path-pattern = "/srv/%_/htdocs"
@@ -0,0 +1,3 @@
+# http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModExpire
+
+server.modules += ( "mod_expire" )
@@ -0,0 +1,4 @@
+# /usr/share/doc/lighttpd/fastcgi.txt.gz
+# http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions#mod_fastcgi-fastcgi
+
+server.modules += ( "mod_fastcgi" )
@@ -0,0 +1 @@
+server.modules += ( "mod_flv_streaming" )
@@ -0,0 +1,3 @@
+$HTTP["host"] =~ "^www\.(.*)" {
+  url.redirect = ( "^/(.*)" => "http://%1/$1" )
+}
@@ -0,0 +1,25 @@
+# /usr/share/doc/lighttpd/proxy.txt
+
+server.modules   += ( "mod_proxy" )
+
+## Balance algorithm, possible values are: "hash", "round-robin" or "fair" (default)
+# proxy.balance     = "hash" 
+
+
+## Redirect all queries to files ending with ".php" to 192.168.0.101:80 
+#proxy.server     = ( ".php" =>
+#                     ( 
+#                       ( "host" => "192.168.0.101",
+#                         "port" => 80
+#                       )
+#                     )
+#                    )
+
+## Redirect all connections on www.example.com to 10.0.0.1{0,1,2,3}
+#$HTTP["host"] == "www.example.com" {
+#  proxy.balance = "hash"
+#  proxy.server  = ( "" => ( ( "host" => "10.0.0.10" ),
+#                            ( "host" => "10.0.0.11" ),
+#                            ( "host" => "10.0.0.12" ),
+#                            ( "host" => "10.0.0.13" ) ) )
+#}
@@ -0,0 +1,4 @@
+# /usr/share/doc/lighttpd/rewrite.txt
+# http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ConfigurationOptions#mod_rewrite-rewriting
+
+server.modules += ( "mod_rewrite" )
@@ -0,0 +1,10 @@
+# /usr/share/doc/lighttpd/rrdtool.txt
+
+server.modules += ( "mod_rrdtool" )
+
+## path to the rrdtool binary
+rrdtool.binary   = "/usr/bin/rrdtool"
+
+## file to store the rrd database, will be created by lighttpd
+rrdtool.db-name   = "/var/www/lighttpd.rrd"
+
@@ -0,0 +1,11 @@
+# /usr/share/doc/lighttpd/simple-vhost.txt
+
+server.modules += ( "mod_simple_vhost" )
+
+## The document root of a virtual host is document-root =
+##   simple-vhost.server-root + $HTTP["host"] + simple-vhost.document-root
+simple-vhost.server-root         = "/srv"
+simple-vhost.document-root       = "htdocs"
+
+## the default host if no host is sent
+simple-vhost.default-host        = "www.example.com"
@@ -0,0 +1,5 @@
+# /usr/share/doc/lighttpd/ssi.txt
+
+server.modules += ( "mod_ssi" )
+
+ssi.extension   = ( ".shtml" )
@@ -0,0 +1,9 @@
+# /usr/share/doc/lighttpd/ssl.txt
+
+$SERVER["socket"] == "0.0.0.0:443" {
+	ssl.engine  = "enable"
+	ssl.pemfile = "/etc/lighttpd/server.pem"
+
+	ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
+	ssl.honor-cipher-order = "enable"
+}
@@ -0,0 +1,15 @@
+# /usr/share/doc/lighttpd/status.txt
+# http://trac.lighttpd.net/trac/wiki/Docs%3AModStatus
+
+server.modules += ( "mod_status" )
+
+# status.status-url = "/server-status"
+
+# status.config-url = "/server-config"
+
+## relative URL for a plain-text page containing the internal statistics
+# status.statistics-url = "/server-statistics"
+
+## add JavaScript which allows client-side sorting for the connection overview
+## default: enable
+# status.enable-sort = "disable"
@@ -0,0 +1,13 @@
+## The userdir module provides a simple way to link user-based directories into
+## the global namespace of the webserver.
+##
+# /usr/share/doc/lighttpd/userdir.txt
+
+server.modules      += ( "mod_userdir" )
+
+## the subdirectory of a user's home dir which should be accessible
+## under http://$host/~$user
+userdir.path         = "public_html"
+
+## The users whose home directories should not be accessible
+userdir.exclude-user = ( "root", "postmaster" )
@@ -0,0 +1 @@
+server.modules += ( "mod_usertrack" )
@@ -0,0 +1,6 @@
+# -*- depends: accesslog -*-
+
+server.modules += ( "mod_extforward" )
+
+# extforward.headers = ("X-Cluster-Client-Ip")
+# extforward.forwarder = ("10.0.0.232" => "trust")
@@ -0,0 +1,20 @@
+# -*- depends: fastcgi -*-
+# /usr/share/doc/lighttpd/fastcgi.txt.gz
+# http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions#mod_fastcgi-fastcgi
+
+## Start an FastCGI server for php (needs the php5-cgi package)
+fastcgi.server += ( ".php" => 
+	((
+		"bin-path" => "/usr/bin/php-cgi",
+		"socket" => "/var/run/lighttpd/php.socket",
+		"max-procs" => 1,
+		"bin-environment" => ( 
+			"PHP_FCGI_CHILDREN" => "4",
+			"PHP_FCGI_MAX_REQUESTS" => "10000"
+		),
+		"bin-copy-environment" => (
+			"PATH", "SHELL", "USER"
+		),
+		"broken-scriptfilename" => "enable"
+	))
+)
@@ -0,0 +1,15 @@
+#### handle Debian Policy Manual, Section 11.5. urls
+## by default allow them only from localhost
+$HTTP["remoteip"] =~ "^127\.0\.0\.1$|^::1$" {
+        alias.url += (
+		"/cgi-bin/" => "/usr/lib/cgi-bin/",
+                "/doc/" => "/usr/share/doc/",
+                "/images/" => "/usr/share/images/"
+        )
+        $HTTP["url"] =~ "^/doc/|^/images/" {
+                dir-listing.activate = "enable"
+        }
+        $HTTP["url"] =~ "^/cgi-bin/" {
+                cgi.assign = ( "" => "" )
+        }
+}
@@ -0,0 +1 @@
+alias.url += ("/javascript" => "/usr/share/javascript")
@@ -0,0 +1,22 @@
+ligghttpd Configuration under Debian GNU/Linux
+==============================================
+
+Files and Directories in /etc/lighttpd:
+---------------------------------------
+
+lighttpd.conf:
+	 main configuration file
+
+conf-available/
+	This directory contains a series of .conf files. These files contain
+        configuration directives necessary to load and run webserver modules.
+	If you want to create your own files they names should be
+        build as nn-name.conf where "nn" is two digit number (number
+	is used to find order for loading files)
+
+conf-enabled/	  
+	To actually enable a module for lighttpd, it is necessary to create a 
+        symlink in this directory to the .conf file in conf-available/.
+
+Enabling and disabling modules could be done by provided
+/usr/sbin/lighty-enable-mod and /usr/sbin/lighty-disable-mod scripts.
				`@@ -0,0 +1 @@`
				`alias.url += ("/javascript" => "/usr/share/javascript")`