tests/lighttpd.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216

debug.log-request-handling = "enable"
debug.log-condition-handling = "enable"
server.document-root         = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.pid-file              = env.SRCDIR + "/tmp/lighttpd/lighttpd.pid"

## 64 Mbyte ... nice limit
server.max-request-size = 65000

## bind to port (default: 80)
server.port                 = 2048

## bind to localhost (default: all interfaces)
server.bind                = "localhost"
server.errorlog            = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
server.name                = "www.example.org"
server.tag                 = "Apache 1.3.29"

server.dir-listing          = "enable"

#server.event-handler        = "linux-sysepoll"
#server.event-handler        = "linux-rtsig"

#server.modules.path         = ""
server.modules              = (
				"mod_rewrite",
				"mod_setenv",
				"mod_secdownload",
			        "mod_access",
				"mod_auth",
#				"mod_httptls",
				"mod_status",
				"mod_expire",
				"mod_simple_vhost",
				"mod_redirect",
#				"mod_evhost",
#				"mod_localizer",
				"mod_fastcgi",
				"mod_cgi",
				"mod_compress",
				"mod_userdir",
				"mod_ssi",
				"mod_accesslog" )

server.indexfiles           = ( "index.php", "index.html",
                                "index.htm", "default.htm" )


######################## MODULE CONFIG ############################

ssi.extension = ( ".shtml" )

accesslog.filename          = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.access.log"

mimetype.assign             = ( ".png"  => "image/png",
                                ".jpg"  => "image/jpeg",
                                ".jpeg" => "image/jpeg",
                                ".gif"  => "image/gif",
                                ".html" => "text/html",
                                ".htm"  => "text/html",
                                ".pdf"  => "application/pdf",
                                ".swf"  => "application/x-shockwave-flash",
                                ".spl"  => "application/futuresplash",
                                ".txt"  => "text/plain",
                                ".tar.gz" =>   "application/x-tgz",
                                ".tgz"  => "application/x-tgz",
                                ".gz"   => "application/x-gzip",
				".c"    => "text/plain",
				".conf" => "text/plain" )

$HTTP["host"] == "cache.example.org" {
  compress.cache-dir          = env.SRCDIR + "/tmp/lighttpd/cache/compress/"
}
compress.filetype           = ("text/plain", "text/html")

setenv.add-environment      = ( "TRAC_ENV" => "tracenv", "SETENV" => "setenv")
setenv.add-request-header   = ( "FOO" => "foo")
setenv.add-response-header  = ( "BAR" => "foo")

$HTTP["url"] =~ "\.pdf$" {
  server.range-requests = "disable"
}

fastcgi.debug               = 0
fastcgi.server              = ( ".php" =>        ( ( "host" => "127.0.0.1", "port" => 1026, "broken-scriptfilename" => "enable" ) ),
			        "/prefix.fcgi" => ( ( "host" => "127.0.0.1", "port" => 1026, "check-local" => "disable", "broken-scriptfilename" => "enable" ) )
			      )


cgi.assign                  = ( ".pl"  => "/usr/bin/perl",
                                ".cgi" => "/usr/bin/perl",
				".py"  => "/usr/bin/python" )

userdir.include-user = ( "jan" )
userdir.path = "/"

ssl.engine                  = "disable"
ssl.pemfile                 = "server.pem"

$HTTP["host"] == "auth-htpasswd.example.org" {
	auth.backend                = "htpasswd"
}

auth.backend                = "plain"
auth.backend.plain.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.user"

auth.backend.htpasswd.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.htpasswd"


auth.require                = ( "/server-status" =>
                                (
				  "method"  => "digest",
				  "realm"   => "download archiv",
				  "require" => "group=www|user=jan|host=192.168.2.10"
				),
				"/server-config" =>
                                (
				  "method"  => "basic",
				  "realm"   => "download archiv",
				  "require" => "valid-user"
				)
                              )

url.access-deny             = ( "~", ".inc")

url.rewrite		    = ( "^/rewrite/foo($|\?.+)" => "/indexfile/rewrite.php$1",
				"^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1" )

expire.url                  = ( "/expire/access" => "access 2 hours",
				"/expire/modification" => "access plus 1 seconds 2 minutes")

#cache.cache-dir             = "/home/weigon/wwwroot/cache/"

#### status module
status.status-url           = "/server-status"
status.config-url           = "/server-config"

$HTTP["host"] == "vvv.example.org" {
  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
  secdownload.secret          = "verysecret"
  secdownload.document-root   = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
  secdownload.uri-prefix      = "/sec/"
  secdownload.timeout         = 120
}

$HTTP["host"] == "zzz.example.org" {
  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
  server.name = "zzz.example.org"
}

$HTTP["host"] == "symlink.example.org" {
  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
  server.name = "symlink.example.org"
  server.follow-symlink = "enable"
}

$HTTP["host"] == "nosymlink.example.org" {
  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
  server.name = "symlink.example.org"
  server.follow-symlink = "disable"
}

$HTTP["host"] == "no-simple.example.org" {
  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/123.example.org/pages/"
  server.name = "zzz.example.org"
}

$HTTP["host"] !~ "(no-simple\.example\.org)" {
  simple-vhost.document-root  = "pages"
  simple-vhost.server-root    = env.SRCDIR + "/tmp/lighttpd/servers/"
  simple-vhost.default-host   = "www.example.org"
}

$HTTP["host"] =~ "(vvv).example.org" {
  url.redirect = ( "^/redirect/$" => "http://localhost:2048/" )
}

$HTTP["host"] =~ "(zzz).example.org" {
  url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
}

$HTTP["host"] =~ "(remoteip)\.example\.org" {
  $HTTP["remoteip"] =~ "(127\.0\.0\.1)" {
    url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
  }
}

$HTTP["remoteip"] =~ "(127\.0\.0\.1)" {
  $HTTP["host"] =~ "(remoteip2)\.example\.org" {
    url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
  }
}

$HTTP["host"] =~ "bug255\.example\.org$" {
  $HTTP["remoteip"] == "127.0.0.1" {
    url.access-deny = ( "" )
  }
}

$HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
  url.access-deny = ( ".jpg" )
}

# deny access for all image stealers
$HTTP["host"] == "referer.example.org" {
  $HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
    url.access-deny = ( ".png" )
  }
}

$HTTP["cookie"] =~ "empty-ref" {
  $HTTP["referer"] == "" {
    url.access-deny = ( "" )
  }
}