From 1b4b316c56021aa50684103f751b88929448add8 Mon Sep 17 00:00:00 2001 From: Matteo Bernardini Date: Fri, 12 Aug 2016 13:02:09 +0200 Subject: network/lighttpd: Refactor configuration, changed maintainer. Added the optional dependency lua. Fixed php.ini location in README.SLACKWARE and hardcoded lighttpd user (thanks to Andrzej Telszewski) Signed-off-by: Matteo Bernardini --- network/lighttpd/README | 2 + network/lighttpd/README.SLACKWARE | 2 +- network/lighttpd/conf/lighttpd.conf | 814 +++++++++++++++++-------------- network/lighttpd/conf/lighttpd.logrotate | 2 +- network/lighttpd/doinst.sh | 8 +- network/lighttpd/lighttpd.SlackBuild | 23 +- network/lighttpd/lighttpd.info | 4 +- 7 files changed, 487 insertions(+), 368 deletions(-) (limited to 'network') diff --git a/network/lighttpd/README b/network/lighttpd/README index 62ca3b139d..35ce9b776b 100644 --- a/network/lighttpd/README +++ b/network/lighttpd/README @@ -13,3 +13,5 @@ and groups, nor with any added by other SlackBuilds.org scripts. Be sure to see README.SLACKWARE (in this directory, and also installed with the package documentation) for configuration and setup information. + +lua is an optional dependency. diff --git a/network/lighttpd/README.SLACKWARE b/network/lighttpd/README.SLACKWARE index 6f6f39dd6e..63c0ba2884 100644 --- a/network/lighttpd/README.SLACKWARE +++ b/network/lighttpd/README.SLACKWARE @@ -21,7 +21,7 @@ to stop lighttpd on system shutdown. Slackware's default php package is meant to work with httpd(apache). It works fine with lighttpd with a couple of tweaks. -1) Copy the php.ini from /etc/httpd to /etc/lighttpd +1) Copy the php.ini from /etc /etc/lighttpd 2) Uncomment mod_fastcgi from the modules section of /etc/lighttpd/lighttpd.conf. diff --git a/network/lighttpd/conf/lighttpd.conf b/network/lighttpd/conf/lighttpd.conf index 974218d60a..bc88c5bd85 100644 --- a/network/lighttpd/conf/lighttpd.conf +++ b/network/lighttpd/conf/lighttpd.conf @@ -1,389 +1,493 @@ -# lighttpd configuration file -# -# use it as a base for lighttpd 1.0.0 and above +####################################################################### +## +## /etc/lighttpd/lighttpd.conf +## +## check /etc/lighttpd/conf.d/*.conf for the configuration of modules. +## +####################################################################### + +####################################################################### +## +## Some Variable definition which will make chrooting easier. +## +## if you add a variable here. Add the corresponding variable in the +## chroot example aswell. +## +var.log_root = "/var/log/lighttpd" +var.server_root = "/srv/www" +var.state_dir = "/var/run/lighttpd" +var.home_dir = "/var/lib/lighttpd" +var.conf_dir = "/etc/lighttpd" + +## +## run the server chrooted. +## +## This requires root permissions during startup. +## +## If you run Chrooted set the the variables to directories relative to +## the chroot dir. +## +## example chroot configuration: +## +#var.log_root = "/logs" +#var.server_root = "/" +#var.state_dir = "/run" +#var.home_dir = "/lib/lighttpd" +#var.vhosts_dir = "/vhosts" +#var.conf_dir = "/etc" # -# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $ - -############ Options you really have to take care of #################### - -## modules to load -# at least mod_access and mod_accesslog should be loaded -# all other module should only be loaded if really neccesary -# - saves some time -# - saves memory -server.modules = ( -# "mod_rewrite", -# "mod_redirect", -# "mod_alias", - "mod_access", -# "mod_cml", -# "mod_trigger_b4_dl", -# "mod_auth", -# "mod_status", -# "mod_setenv", -# "mod_fastcgi", -# "mod_proxy", -# "mod_simple_vhost", -# "mod_evhost", -# "mod_userdir", -# "mod_cgi", -# "mod_compress", -# "mod_ssi", -# "mod_usertrack", -# "mod_expire", -# "mod_secdownload", -# "mod_rrdtool", - "mod_accesslog" ) - -## a static document-root, for virtual-hosting take look at the -## server.virtual-* options -server.document-root = "/var/www/htdocs-lighttpd" - -## where to send error-messages to -server.errorlog = "/var/log/lighttpd/error.log" - -# files to check for if .../ is requested -index-file.names = ( "index.php", "index.html", - "index.htm", "default.htm" ) +#server.chroot = "/srv/www" + +## +## Some additional variables to make the configuration easier +## + +## +## Base directory for all virtual hosts +## +## used in: +## conf.d/evhost.conf +## conf.d/simple_vhost.conf +## vhosts.d/vhosts.template +## +var.vhosts_dir = server_root + "/vhosts" + +## +## Cache for mod_compress +## +## used in: +## conf.d/compress.conf +## +var.cache_dir = "/var/cache/lighttpd" + +## +## Base directory for sockets. +## +## used in: +## conf.d/fastcgi.conf +## conf.d/scgi.conf +## +var.socket_dir = home_dir + "/sockets" + +## +####################################################################### + +####################################################################### +## +## Load the modules. +include "modules.conf" + +## +####################################################################### + +####################################################################### +## +## Basic Configuration +## --------------------- +## +server.port = 80 + +## +## Use IPv6? +## +# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_use-ipv6Details +server.use-ipv6 = "disable" + +## +## bind to a specific IP +## +# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_bindDetails +#server.bind = "localhost" + +## +## Run as a different username/groupname. +## This requires root permissions during startup. +## +server.username = "@USER@" +server.groupname = "@GROUP@" + +## +## enable core files. +## +#server.core-files = "disable" + +## +## Document root +## +server.document-root = server_root + "/htdocs-lighttpd" +## +## The value for the "Server:" response field. +## +## It would be nice to keep it at "lighttpd". +## +#server.tag = "lighttpd" + +## +## store a pid file +## +server.pid-file = state_dir + "/lighttpd.pid" + +## +####################################################################### + +####################################################################### +## +## Logging Options +## ------------------ +## +## all logging options can be overwritten per vhost. +## +## Path to the error log file +## +server.errorlog = log_root + "/error.log" + +## +## If you want to log to syslog you have to unset the +## server.errorlog setting and uncomment the next line. +## +#server.errorlog-use-syslog = "enable" + +## +## Access log config +## +include "conf.d/access_log.conf" + +## +## The debug options are moved into their own file. +## see conf.d/debug.conf for various options for request debugging. +## +include "conf.d/debug.conf" + +## +####################################################################### + +####################################################################### +## +## Tuning/Performance +## -------------------- +## +## corresponding documentation: +## http://www.lighttpd.net/documentation/performance.html +## ## set the event-handler (read the performance section in the manual) -# server.event-handler = "freebsd-kqueue" # needed on OS X - -# mimetype mapping -mimetype.assign = ( - ".pdf" => "application/pdf", - ".sig" => "application/pgp-signature", - ".spl" => "application/futuresplash", - ".class" => "application/octet-stream", - ".ps" => "application/postscript", - ".torrent" => "application/x-bittorrent", - ".dvi" => "application/x-dvi", - ".gz" => "application/x-gzip", - ".pac" => "application/x-ns-proxy-autoconfig", - ".swf" => "application/x-shockwave-flash", - ".tar.gz" => "application/x-tgz", - ".tgz" => "application/x-tgz", - ".tar" => "application/x-tar", - ".zip" => "application/zip", - ".mp3" => "audio/mpeg", - ".m3u" => "audio/x-mpegurl", - ".wma" => "audio/x-ms-wma", - ".wax" => "audio/x-ms-wax", - ".ogg" => "application/ogg", - ".wav" => "audio/x-wav", - ".gif" => "image/gif", - ".jpg" => "image/jpeg", - ".jpeg" => "image/jpeg", - ".png" => "image/png", - ".xbm" => "image/x-xbitmap", - ".xpm" => "image/x-xpixmap", - ".xwd" => "image/x-xwindowdump", - ".css" => "text/css", - ".html" => "text/html", - ".htm" => "text/html", - ".js" => "text/javascript", - ".asc" => "text/plain", - ".c" => "text/plain", - ".cpp" => "text/plain", - ".log" => "text/plain", - ".conf" => "text/plain", - ".text" => "text/plain", - ".txt" => "text/plain", - ".dtd" => "text/xml", - ".xml" => "text/xml", - ".mpeg" => "video/mpeg", - ".mpg" => "video/mpeg", - ".mov" => "video/quicktime", - ".qt" => "video/quicktime", - ".avi" => "video/x-msvideo", - ".asf" => "video/x-ms-asf", - ".asx" => "video/x-ms-asf", - ".wmv" => "video/x-ms-wmv", - ".bz2" => "application/x-bzip", - ".tbz" => "application/x-bzip-compressed-tar", - ".tar.bz2" => "application/x-bzip-compressed-tar" - ) - -# Use the "Content-Type" extended attribute to obtain mime type if possible -#mimetype.use-xattr = "enable" - - -## send a different Server: header -## be nice and keep it at lighttpd -# server.tag = "lighttpd" - -#### accesslog module -accesslog.filename = "/var/log/lighttpd/access.log" +## +## possible options on linux are: +## +## select +## poll +## linux-sysepoll +## +## linux-sysepoll is recommended on kernel 2.6. +## +server.event-handler = "linux-sysepoll" + +## +## The basic network interface for all platforms at the syscalls read() +## and write(). Every modern OS provides its own syscall to help network +## servers transfer files as fast as possible +## +## sendfile - is recommended for small files. +## writev - is recommended for sending many large files +## +server.network-backend = "sendfile" + +## +## As lighttpd is a single-threaded server, its main resource limit is +## the number of file descriptors, which is set to 1024 by default (on +## most systems). +## +## If you are running a high-traffic site you might want to increase this +## limit by setting server.max-fds. +## +## Changing this setting requires root permissions on startup. see +## server.username/server.groupname. +## +## By default lighttpd would not change the operation system default. +## But setting it to 2048 is a better default for busy servers. +## +server.max-fds = 2048 + +## +## listen-backlog is the size of the listen() backlog queue requested when +## the lighttpd server ask the kernel to listen() on the provided network +## address. Clients attempting to connect() to the server enter the listen() +## backlog queue and wait for the lighttpd server to accept() the connection. +## +## The out-of-box default on many operating systems is 128 and is identified +## as SOMAXCONN. This can be tuned on many operating systems. (On Linux, +## cat /proc/sys/net/core/somaxconn) Requesting a size larger than operating +## system limit will be silently reduced to the limit by the operating system. +## +## When there are too many connection attempts waiting for the server to +## accept() new connections, the listen backlog queue fills and the kernel +## rejects additional connection attempts. This can be useful as an +## indication to an upstream load balancer that the server is busy, and +## possibly overloaded. In that case, configure a smaller limit for +## server.listen-backlog. On the other hand, configure a larger limit to be +## able to handle bursts of new connections, but only do so up to an amount +## that the server can keep up with responding in a reasonable amount of +## time. Otherwise, clients may abandon the connection attempts and the +## server will waste resources servicing abandoned connections. +## +## It is best to leave this setting at its default unless you have modelled +## your traffic and tested that changing this benefits your traffic patterns. +## +## Default: 1024 +## +#server.listen-backlog = 128 + +## +## Stat() call caching. +## +## lighttpd can utilize FAM/Gamin to cache stat call. +## +## possible values are: +## disable, simple or fam. +## +server.stat-cache-engine = "simple" + +## +## Fine tuning for the request handling +## +## max-connections == max-fds/2 (maybe /3) +## means the other file handles are used for fastcgi/files +## +server.max-connections = 1024 + +## +## How many seconds to keep a keep-alive connection open, +## until we consider it idle. +## +## Default: 5 +## +#server.max-keep-alive-idle = 5 + +## +## How many keep-alive requests until closing the connection. +## +## Default: 16 +## +#server.max-keep-alive-requests = 16 +## +## Maximum size of a request in kilobytes. +## By default it is unlimited (0). +## +## Uploads to your server cant be larger than this value. +## +#server.max-request-size = 0 + +## +## Time to read from a socket before we consider it idle. +## +## Default: 60 +## +#server.max-read-idle = 60 + +## +## Time to write to a socket before we consider it idle. +## +## Default: 360 +## +#server.max-write-idle = 360 + +## +## Traffic Shaping +## ----------------- +## +## see /usr/share/doc/lighttpd/traffic-shaping.txt +## +## Values are in kilobyte per second. +## +## Keep in mind that a limit below 32kB/s might actually limit the +## traffic to 32kB/s. This is caused by the size of the TCP send +## buffer. +## +## per server: +## +#server.kbytes-per-second = 128 + +## +## per connection: +## +#connection.kbytes-per-second = 32 + +## +####################################################################### + +####################################################################### +## +## Filename/File handling +## ------------------------ + +## +## files to check for if .../ is requested +## index-file.names = ( "index.php", "index.rb", "index.html", +## "index.htm", "default.htm" ) +## +index-file.names += ( + "index.xhtml", "index.html", "index.htm", "default.htm", "index.php" +) + +## ## deny access the file-extensions -# -# ~ is for backupfiles from vi, emacs, joe, ... -# .inc is often used for code includes which should in general not be part -# of the document-root +## +## ~ is for backupfiles from vi, emacs, joe, ... +## .inc is often used for code includes which should in general not be part +## of the document-root url.access-deny = ( "~", ".inc" ) +## +## disable range requests for pdf files +## workaround for a bug in the Acrobat Reader plugin. +## $HTTP["url"] =~ "\.pdf$" { server.range-requests = "disable" } ## -# which extensions should not be handle via static-file transfer -# -# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi -static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) +## url handling modules (rewrite, redirect) +## +#url.rewrite = ( "^/$" => "/server-status" ) +#url.redirect = ( "^/wishlist/(.+)" => "http://www.example.com/$1" ) -######### Options that are good to be but not neccesary to be changed ####### +## +## both rewrite/redirect support back reference to regex conditional using %n +## +#$HTTP["host"] =~ "^www\.(.*)" { +# url.redirect = ( "^/(.*)" => "http://%1/$1" ) +#} -## bind to port (default: 80) -#server.port = 81 +## +## which extensions should not be handle via static-file transfer +## +## .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi +## +static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" ) -## bind to localhost (default: all interfaces) -#server.bind = "grisu.home.kneschke.de" +## +## error-handler for all status 400-599 +## +#server.error-handler = "/error-handler.html" +#server.error-handler = "/error-handler.php" +## ## error-handler for status 404 +## #server.error-handler-404 = "/error-handler.html" #server.error-handler-404 = "/error-handler.php" -## to help the rc.scripts -server.pid-file = "/var/run/lighttpd/lighttpd.pid" +## +## Format: .html +## -> ..../status-404.html for 'File not found' +## +#server.errorfile-prefix = "/srv/www/htdocs/errors/status-" +## +## mimetype mapping +## +include "conf.d/mime.conf" -###### virtual hosts ## -## If you want name-based virtual hosting add the next three settings and load -## mod_simple_vhost +## directory listing configuration ## -## document-root = -## virtual-server-root + virtual-server-default-host + virtual-server-docroot -## or -## virtual-server-root + http-host + virtual-server-docroot +include "conf.d/dirlisting.conf" + ## -#simple-vhost.server-root = "/home/weigon/wwwroot/servers/" -#simple-vhost.default-host = "grisu.home.kneschke.de" -#simple-vhost.document-root = "/pages/" +## Should lighttpd follow symlinks? +## +server.follow-symlink = "enable" +## +## force all filenames to be lowercase? +## +#server.force-lowercase-filenames = "disable" ## -## Format: .html -## -> ..../status-404.html for 'File not found' -#server.errorfile-prefix = "/home/weigon/projects/lighttpd/doc/status-" +## defaults to /var/tmp as we assume it is a local harddisk +## +server.upload-dirs = ( "/var/tmp" ) -## virtual directory listings -#dir-listing.activate = "enable" +## +####################################################################### -## enable debugging -#debug.log-request-header = "enable" -#debug.log-response-header = "enable" -#debug.log-request-handling = "enable" -#debug.log-file-not-found = "enable" -### only root can use these options -# -# chroot() to directory (default: no chroot() ) -#server.chroot = "/" - -## change uid to (default: don't care) -server.username = "lighttpd" - -## change uid to (default: don't care) -server.groupname = "lighttpd" - -#### compress module -#compress.cache-dir = "/tmp/lighttpd/cache/compress/" -#compress.filetype = ("text/plain", "text/html") - -#### proxy module -## read proxy.txt for more info -#proxy.server = ( ".php" => -# ( "localhost" => -# ( -# "host" => "192.168.0.101", -# "port" => 80 -# ) -# ) -# ) - -#### fastcgi module -## read fastcgi.txt for more info -## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini -#fastcgi.server = ( ".php" => -# ( "localhost" => -# ( -# "socket" => "/var/run/lighttpd/php-fastcgi.socket", -# "bin-path" => "/usr/bin/php" -# ) -# ) -# ) - -#### CGI module -#cgi.assign = ( ".pl" => "/usr/bin/perl", -# ".cgi" => "/usr/bin/perl" ) -# +####################################################################### +## +## SSL Support +## ------------- +## +## To enable SSL for the whole server you have to provide a valid +## certificate and have to enable the SSL engine.:: +## +## ssl.engine = "enable" +## ssl.pemfile = "/path/to/server.pem" +## +## The HTTPS protocol does not allow you to use name-based virtual +## hosting with SSL. If you want to run multiple SSL servers with +## one lighttpd instance you must use IP-based virtual hosting: :: +## +## Mitigate CVE-2009-3555 by disabling client triggered renegotation +## This is enabled by default. +## +## IMPORTANT: this setting can only be used in the global scope. +## It does *not* work inside conditionals +## +# ssl.disable-client-renegotiation = "enable" +## +## $SERVER["socket"] == "10.0.0.1:443" { +## ssl.engine = "enable" +## ssl.pemfile = "/etc/ssl/private/www.example.com.pem" +## # +## # (Following SSL/TLS Deployment Best Practices 1.3 / 17 September 2013 from: +## # https://www.ssllabs.com/projects/best-practices/index.html) +## # - BEAST is considered mitigaed on client side now, and new weaknesses have been found in RC4, +## # so it is strongly advised to disable RC4 ciphers (HIGH doesn't include RC4) +## # - It is recommended to disable 3DES too (although disabling RC4 and 3DES breaks IE6+8 on Windows XP, +## # so you might want to support 3DES for now - just remove the '!3DES' parts below). +## # - The examples below prefer ciphersuites with "Forward Secrecy" (and ECDHE over DHE (alias EDH)), remove '+kEDH +kRSA' +## # if you don't want that. +## # - SRP and PSK are not supported anyway, excluding those ('!kSRP !kPSK') just keeps the list smaller (easier to review) +## # Check your cipher list with: openssl ciphers -v '...' (use single quotes as your shell won't like ! in double quotes) +## # +## # If you know you have RSA keys (standard), you can use: +## ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK" +## # The more generic version (without the restriction to RSA keys) is +## # ssl.cipher-list = "HIGH !aNULL !3DES +kEDH +kRSA !kSRP !kPSK" +## # +## # Make the server prefer the order of the server side cipher suite instead of the client suite. +## # This option is enabled by default, but only used if ssl.cipher-list is set. +## # +## # ssl.honor-cipher-order = "enable" +## # +## server.name = "www.example.com" +## +## server.document-root = "/srv/www/vhosts/example.com/www/" +## } +## + +## If you have a .crt and a .key file, cat them together into a +## single PEM file: +## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \ +## > /etc/ssl/private/lighttpd.pem +## +#ssl.pemfile = "/etc/ssl/private/lighttpd.pem" -#### SSL engine +## +## optionally pass the CA certificate here. +## +## +#ssl.ca-file = "" + +## ####################################################################### -### -### SSL Support -### ------------- -### -### To enable SSL for the whole server you have to provide a valid -### certificate and have to enable the SSL engine.:: -### -### ssl.engine = "enable" -### ssl.pemfile = "/path/to/server.pem" -### -### The HTTPS protocol does not allow you to use name-based virtual -### hosting with SSL. If you want to run multiple SSL servers with -### one lighttpd instance you must use IP-based virtual hosting: :: -### -### $SERVER["socket"] == "10.0.0.1:443" { -### ssl.engine = "enable" -### ssl.pemfile = "/etc/ssl/private/www.example.com.pem" -### # -### # Mitigate BEAST attack: -### # -### # A stricter base cipher suite. For details see: -### # http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html -### # -### ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" -### # -### # Make the server prefer the order of the server side cipher suite instead of the client suite. -### # This is necessary to mitigate the BEAST attack (unless you disable all non RC4 algorithms). -### # This option is enabled by default, but only used if ssl.cipher-list is set. -### # -### # ssl.honor-cipher-order = "enable" -### # -### # Mitigate CVE-2009-3555 by disabling client triggered renegotation -### # This is enabled by default. -### # -### # ssl.disable-client-renegotiation = "enable" -### # -### server.name = "www.example.com" -### -### server.document-root = "/var/www/vhosts/example.com/www/" -### } -### -#ssl.engine = "enable" -#ssl.pemfile = "server.pem" - -#### status module -#status.status-url = "/server-status" -#status.config-url = "/server-config" - -#### auth module -## read authentication.txt for more info -#auth.backend = "plain" -#auth.backend.plain.userfile = "lighttpd.user" -#auth.backend.plain.groupfile = "lighttpd.group" - -#auth.backend.ldap.hostname = "localhost" -#auth.backend.ldap.base-dn = "dc=my-domain,dc=com" -#auth.backend.ldap.filter = "(uid=$)" - -#auth.require = ( "/server-status" => -# ( -# "method" => "digest", -# "realm" => "download archiv", -# "require" => "user=jan" -# ), -# "/server-config" => -# ( -# "method" => "digest", -# "realm" => "download archiv", -# "require" => "valid-user" -# ) -# ) - -#### url handling modules (rewrite, redirect, access) -#url.rewrite = ( "^/$" => "/server-status" ) -#url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" ) -#### both rewrite/redirect support back reference to regex conditional using %n -#$HTTP["host"] =~ "^www\.(.*)" { -# url.redirect = ( "^/(.*)" => "http://%1/$1" ) -#} -# -# define a pattern for the host url finding -# %% => % sign -# %0 => domain name + tld -# %1 => tld -# %2 => domain name without tld -# %3 => subdomain 1 name -# %4 => subdomain 2 name -# -#evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/" - -#### expire module -#expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes") - -#### ssi -#ssi.extension = ( ".shtml" ) - -#### rrdtool -#rrdtool.binary = "/usr/bin/rrdtool" -#rrdtool.db-name = "/var/www/lighttpd.rrd" - -#### setenv -#setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" ) -#setenv.add-response-header = ( "X-Secret-Message" => "42" ) - -## for mod_trigger_b4_dl -# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db" -# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) -# trigger-before-download.trigger-url = "^/trigger/" -# trigger-before-download.download-url = "^/download/" -# trigger-before-download.deny-url = "http://127.0.0.1/index.html" -# trigger-before-download.trigger-timeout = 10 - -## for mod_cml -## don't forget to add index.cml to server.indexfiles -# cml.extension = ".cml" -# cml.memcache-hosts = ( "127.0.0.1:11211" ) - -#### variable usage: -## variable name without "." is auto prefixed by "var." and becomes "var.bar" -#bar = 1 -#var.mystring = "foo" - -## integer add -#bar += 1 -## string concat, with integer cast as string, result: "www.foo1.com" -#server.name = "www." + mystring + var.bar + ".com" -## array merge -#index-file.names = (foo + ".php") + index-file.names -#index-file.names += (foo + ".php") - -## Another example on how to start an FastCGI server for php - uses php-cgi -## - copy the php.ini from /etc/httpd/php.ini into /etc/lighttpd/ -## (or change the path, if you prefeer): don't forget to enable in it -## cgi.fix_pathinfo = 1 -## - the socket is created into /var/run/lighttpd/ -## - /var/lib/php must be owned by the user owning the lighttpd -## process for php supporting sessions -## Uncomment the section below to enable. -#fastcgi.server = ( ".php" => -# (( -# "bin-path" => "/usr/bin/php-cgi -c /etc/lighttpd/php.ini", -# "socket" => "/var/run/lighttpd/php.socket", -# "max-procs" => 1, -# "idle-timeout" => 20, -# "bin-environment" => ( -# "PHP_FCGI_CHILDREN" => "8", -# "PHP_FCGI_MAX_REQUESTS" => "200" -# ), -# "bin-copy-environment" => ( -# "PATH", "SHELL", "USER" -# ), -# "broken-scriptfilename" => "enable" -# )) -#) - -#### include -#include /etc/lighttpd/lighttpd-inc.conf -## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf" -#include "lighttpd-inc.conf" - -#### include_shell -#include_shell "echo var.a=1" -## the above is same as: -#var.a=1 +####################################################################### +## +## custom includes like vhosts. +## +#include "conf.d/config.conf" +#include_shell "cat /etc/lighttpd/vhosts.d/*.conf" +## +####################################################################### diff --git a/network/lighttpd/conf/lighttpd.logrotate b/network/lighttpd/conf/lighttpd.logrotate index 7001f869bd..1a44bd9aa5 100644 --- a/network/lighttpd/conf/lighttpd.logrotate +++ b/network/lighttpd/conf/lighttpd.logrotate @@ -4,7 +4,7 @@ missingok copytruncate rotate 7 - create 0644 lighttpd lighttpd + create 0644 @USER@ @GROUP@ compress notifempty sharedscripts diff --git a/network/lighttpd/doinst.sh b/network/lighttpd/doinst.sh index f606c2f077..15d061192f 100644 --- a/network/lighttpd/doinst.sh +++ b/network/lighttpd/doinst.sh @@ -18,10 +18,6 @@ if [ -e etc/rc.d/rc.lighttpd ]; then mv etc/rc.d/rc.lighttpd.new.incoming etc/rc.d/rc.lighttpd.new fi -config etc/lighttpd/lighttpd.conf.new -config etc/logrotate.d/lighttpd.new -config etc/rc.d/rc.lighttpd.new - # Create dummy logfiles, but throw them away if logfiles are already here: for i in access error ; do if [ -e var/log/lighttpd/${i}.log ]; then @@ -31,3 +27,7 @@ for i in access error ; do fi done +config etc/logrotate.d/lighttpd.new +config etc/rc.d/rc.lighttpd.new +config etc/lighttpd/lighttpd.conf.new +config etc/lighttpd/modules.conf.new diff --git a/network/lighttpd/lighttpd.SlackBuild b/network/lighttpd/lighttpd.SlackBuild index 5a655d7f2b..c764ad0417 100644 --- a/network/lighttpd/lighttpd.SlackBuild +++ b/network/lighttpd/lighttpd.SlackBuild @@ -73,6 +73,8 @@ else LIBDIRSUFFIX="" fi +if pkg-config --exists lua; then with_lua="--with-lua"; else with_lua=""; fi + set -e rm -rf $PKG @@ -99,6 +101,7 @@ CXXFLAGS="$SLKCFLAGS" \ --with-pcre \ --with-attr \ --with-openssl \ + $with_lua \ --build=$ARCH-slackware-linux make @@ -119,7 +122,19 @@ mkdir -p $PKG/etc/logrotate.d sed -e "s,@USER@,$LIGHTTPD_USER," -e "s,@GROUP@,$LIGHTTPD_GROUP," \ $CWD/conf/$PRGNAM.logrotate > $PKG/etc/logrotate.d/lighttpd.new -install -D -m 0644 $CWD/conf/$PRGNAM.conf $PKG/etc/$PRGNAM/$PRGNAM.conf.new +mkdir -p $PKG/etc/$PRGNAM/{conf,vhosts}.d +sed -e "s,@USER@,$LIGHTTPD_USER," -e "s,@GROUP@,$LIGHTTPD_GROUP," \ + $CWD/conf/$PRGNAM.conf > $PKG/etc/$PRGNAM/$PRGNAM.conf.new +cp doc/config/modules.conf $PKG/etc/$PRGNAM/modules.conf.new +cp doc/config/vhosts.d/vhosts.template $PKG/etc/$PRGNAM/vhosts.d + +mkdir -p $PKG/install +cat $CWD/doinst.sh > $PKG/install/doinst.sh +( cd doc/config/conf.d + for i in *.conf; do + cat $i > $PKG/etc/$PRGNAM/conf.d/$i.new + echo "config etc/lighttpd/conf.d/$i.new" >> $PKG/install/doinst.sh + done ) chown -R $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/log/lighttpd/ chown -R $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/cache/lighttpd @@ -127,15 +142,13 @@ chown -R $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/cache/lighttpd find $PKG/usr/man -type f -exec gzip -9 {} \; mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a AUTHORS COPYING INSTALL NEWS README doc/* \ +cp -a AUTHORS COPYING INSTALL NEWS README \ + doc/scripts/*.{sh,pl} doc/*.css \ $PKG/usr/doc/$PRGNAM-$VERSION -rm -f $PKG/usr/doc/$PRGNAM-$VERSION/Makefile* cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild -mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc -cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/lighttpd/lighttpd.info b/network/lighttpd/lighttpd.info index bce3461f78..f7c327b733 100644 --- a/network/lighttpd/lighttpd.info +++ b/network/lighttpd/lighttpd.info @@ -6,5 +6,5 @@ MD5SUM="1df2e4dbc965cfe6f99f008ac3db4d8d" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" -MAINTAINER="paul wisehart" -EMAIL="paul@oldcode.org" +MAINTAINER="Matteo Bernardini" +EMAIL="ponce@slackbuilds.org" -- cgit v1.2.3