Lighttpd2
Jump to navigation
Jump to search
Installation
Lighttpd2 is the next generation of our beloved lighttpd:
sudo apt-get install automake gcc make libevent-dev zlib1g-dev libssl-dev libtool ragel libglib2.0-dev libev-dev libidn-dev libgnutls28-dev
Or, for RPM based distributions:
sudo yum install automake gcc libtool pkgconfig ragel pcre-devel glib2-devel libev-devel zlib-devel openssl-devel
Checkout the source from git:
git clone https://git.lighttpd.net/lighttpd/lighttpd2.git lighttpd2-git cd lighttpd2-git
Building with automake seems to work:
./autogen.sh && ./configure --prefix=/opt/lighttpd2 --with-gnutls --with-openssl --with-sni --without-lua --without-libunwind make sudo make install
Copy sample configuration files:
sudo mkdir -m0750 /usr/local/etc/lighttpd2 sudo mkdir -m0770 /var/log/lighttpd2 sudo chown root:www-data /usr/local/etc/lighttpd2 /var/log/lighttpd2 sudo install -m 0640 -o root -g www-data -v contrib/*conf contrib/systemd/lighttpd2.service /usr/local/etc/lighttpd2/
Configuration
angel.conf
# # angel.conf # https://doc.lighttpd.net/lighttpd2/core_config_angel.html # user "www-data"; group "www-data"; binary "/opt/lighttpd2/libexec/lighttpd2/lighttpd2-worker"; config "/usr/local/etc/lighttpd2/lighttpd.conf"; max_open_files 16384; copy_env [ "PATH" ]; # copy_env [ "PATH", "LD_LIBRARY_PATH" ]; # env [ "G_SLICE=always-malloc", "G_DEBUG=gc-friendly,fatal_criticals" ]; # wrapper [ "/usr/bin/valgrind", "--leak-check=full", "--show-reachable=yes", "--leak-resolution=high" ]; allow_listen [ "0.0.0.0/0:8080", "[::/0]:8080" ]; allow_listen [ "0.0.0.0/0:8443", "[::/0]:8443" ];
lighttpd2.conf
# # lighttpd2.conf # https://doc.lighttpd.net/lighttpd2/all.html # setup { module_load [ "mod_accesslog", "mod_dirlist", "mod_fastcgi", ]; listen "0.0.0.0:8080"; listen "[::]:8080"; log [ "debug" => "", default => "/var/log/lighttpd2/error.log" ]; accesslog "/var/log/lighttpd2/access.log"; accesslog.format "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""; static.exclude_extensions [ ".php", ".pl", ".fcgi", "~", ".inc" ]; # https://doc.lighttpd.net/lighttpd2/all.html#mod_openssl module_load "mod_openssl"; openssl [ "listen" => "0.0.0.0:8443", "listen" => "[::]:8443", "pemfile" => "/usr/local/etc/lighttpd2/example.combined", "dh-params" => "/usr/local/etc/lighttpd2/dhparam.pem", ]; # https://doc.lighttpd.net/lighttpd2/all.html#mod_gnutls # module_load "mod_gnutls"; # gnutls [ # "listen" => "0.0.0.0:8443", # "listen" => "[::]:8443", # "dh-params" => "/usr/local/etc/lighttpd2/dhparam.pem", # "pemfile" => ( # "key" => "/usr/local/etc/lighttpd2/example.key", # "cert" => "/usr/local/etc/lighttpd2/example.crt" # ) # "protect-against-beast" => true, # ]; # https://redmine.lighttpd.net/projects/lighttpd2/wiki/Howto_PHP php = { if phys.path =$ ".php" { log.write "Accessing PHP file"; fastcgi "unix:/run/php/php-fpm.sock"; } else { static; dirlist; } }; }; docroot "/var/www"; index [ "index.php", "index.html" ]; include "/usr/local/etc/lighttpd2/mimetypes.conf"; pathinfo; php;
Note: the order of directives matters here![1]
Usage
/opt/lighttpd2/sbin/lighttpd2 -c /usr/local/etc/lighttpd2/angel.conf
Install as a Systemd service:
ln -s /usr/local/etc/lighttpd2/lighttpd2.service /etc/systemd/system/ systemctl daemon-reload systemctl start lighttpd2.service