Lighttpd2
Jump to navigation
Jump to search
Installation
Lighttpd2 is the next generation of our beloved lighttpd:
sudo apt-get install automake gcc make libevent-dev zlib1g-dev libssl-dev libtool ragel libglib2.0-dev libev-dev libidn-dev libgnutls28-dev
Or, for RPM based distributions:
sudo yum install automake gcc libtool pkgconfig ragel pcre-devel glib2-devel libev-devel zlib-devel openssl-devel
Checkout the source from git:
git clone https://git.lighttpd.net/lighttpd/lighttpd2.git lighttpd2-git cd lighttpd2-git
Building with automake seems to work:
./autogen.sh && ./configure --prefix=/opt/lighttpd2 --with-gnutls --with-openssl --with-sni --without-lua --without-libunwind make sudo make install
Copy sample configuration files:
sudo mkdir -m0750 /usr/local/etc/lighttpd2 sudo mkdir -m0770 /var/log/lighttpd2 sudo chown root:www-data /usr/local/etc/lighttpd2 /var/log/lighttpd2 sudo install -m 0640 -o root -g www-data -v contrib/*conf contrib/systemd/lighttpd2.service /usr/local/etc/lighttpd2/
Configuration
angel.conf
# # angel.conf # https://doc.lighttpd.net/lighttpd2/core_config_angel.html # user "www-data"; group "www-data"; binary "/opt/lighttpd2/libexec/lighttpd2/lighttpd2-worker"; config "/usr/local/etc/lighttpd2/lighttpd.conf"; max_open_files 16384; copy_env [ "PATH" ]; # copy_env [ "PATH", "LD_LIBRARY_PATH" ]; # env [ "G_SLICE=always-malloc", "G_DEBUG=gc-friendly,fatal_criticals" ]; # wrapper [ "/usr/bin/valgrind", "--leak-check=full", "--show-reachable=yes", "--leak-resolution=high" ]; allow_listen [ "0.0.0.0/0:8080", "[::/0]:8080" ]; allow_listen [ "0.0.0.0/0:8443", "[::/0]:8443" ];
lighttpd2.conf
#
# lighttpd2.conf
# https://doc.lighttpd.net/lighttpd2/all.html
#
setup {
module_load [
"mod_accesslog",
"mod_dirlist",
"mod_fastcgi",
];
listen "0.0.0.0:8080";
listen "[::]:8080";
log [
"debug" => "",
default => "/var/log/lighttpd2/error.log"
];
accesslog "/var/log/lighttpd2/access.log";
accesslog.format "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"";
static.exclude_extensions [ ".php", ".pl", ".fcgi", "~", ".inc" ];
# https://doc.lighttpd.net/lighttpd2/all.html#mod_openssl
module_load "mod_openssl";
openssl [
"listen" => "0.0.0.0:8443",
"listen" => "[::]:8443",
"pemfile" => "/usr/local/etc/lighttpd2/example.combined",
"dh-params" => "/usr/local/etc/lighttpd2/dhparam.pem",
];
# https://doc.lighttpd.net/lighttpd2/all.html#mod_gnutls
# module_load "mod_gnutls";
# gnutls [
# "listen" => "0.0.0.0:8443",
# "listen" => "[::]:8443",
# "dh-params" => "/usr/local/etc/lighttpd2/dhparam.pem",
# "pemfile" => (
# "key" => "/usr/local/etc/lighttpd2/example.key",
# "cert" => "/usr/local/etc/lighttpd2/example.crt"
# )
# "protect-against-beast" => true,
# ];
# https://redmine.lighttpd.net/projects/lighttpd2/wiki/Howto_PHP
php = {
if phys.path =$ ".php" {
log.write "Accessing PHP file";
fastcgi "unix:/run/php/php-fpm.sock";
} else {
static;
dirlist;
}
};
};
docroot "/var/www";
index [ "index.php", "index.html" ];
include "/usr/local/etc/lighttpd2/mimetypes.conf";
pathinfo;
php;
Note: the order of directives matters here![1]
Usage
/opt/lighttpd2/sbin/lighttpd2 -c /usr/local/etc/lighttpd2/angel.conf
Install as a Systemd service:
ln -s /usr/local/etc/lighttpd2/lighttpd2.service /etc/systemd/system/ systemctl daemon-reload systemctl start lighttpd2.service