search

nettings / medianet

A distribution overlay for Raspbian and similar systems to create a JACK-based embedded system for audio processing and streaming. Contract work for [mn] medianet. https://www.medianet-home.de
Other
11 stars 2 forks source link

update custom lighttpd config #112

Closed nettings closed 2 years ago

nettings commented 2 years ago 
medianet@mn-basic:/etc/lighttpd FS WRITABLE $ diff -urN lighttpd.conf.mn_ lighttpd.conf
--- lighttpd.conf.mn_   2022-01-10 08:38:09.000000000 +0100
+++ lighttpd.conf   2022-08-15 11:24:14.622475536 +0200
@@ -1,25 +1,22 @@
+# medianet-specific settings under commented-out defaults:
+
 server.modules = (
    "mod_indexfile",
    "mod_access",
    "mod_alias",
    "mod_redirect",
+   "mod_openssl",
 )

 server.document-root        = "/var/www/html"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
+#server.pid-file             = "/var/run/lighttpd.pid"
 server.pid-file             = "/run/lighttpd.pid"
 server.username             = "www-data"
 server.groupname            = "www-data"
 server.port                 = 80

-# features
-#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
-server.feature-flags       += ("server.h2proto" => "enable")
-server.feature-flags       += ("server.h2c"     => "enable")
-server.feature-flags       += ("server.graceful-shutdown-timeout" => 5)
-#server.feature-flags       += ("server.graceful-restart-bg" => "enable")
-
 # strict parsing and normalization of URL for consistency and security
 # https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
 # (might need to explicitly set "url-path-2f-decode" = "disable"
@@ -42,6 +39,9 @@
 url.access-deny             = ( "~", ".inc" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

+compress.cache-dir          = "/var/cache/lighttpd/compress/"
+compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
+
 # default listening port for IPv6 falls back to the IPv4 port
 include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
 include_shell "/usr/share/lighttpd/create-mime.conf.pl"
@@ -52,3 +52,11 @@
    "mod_dirlisting",
    "mod_staticfile",
 )
+
+# medianet server only ever listens on localhost:
+# server.bind                 = "127.0.0.1"
+
+$SERVER["socket"] == "0.0.0.0:443" {
+ssl.engine = "enable"
+ssl.pemfile = "/etc/lighttpd/ssl/server.pem"
+}
nettings commented 2 years ago

The compress.* statements throw non-fatal errors during startup. Either no longer supported or they require a module that's no longer loaded by default. In any case, they are not strictly necessary.