Lighttpd

This is for version 1.4.x, I use lighttpd 2 snapshots myself now.

Debian Warning

The debian maintainer(s) decided it would be cool to have “lighty-enable-mod” and “lighty-disable-mod” scripts like apache has.

Unfortunately, the lighttpd config wasn’t designed for such use, and this often leads to problems.
So i advise you to always have an eye on the enabled subconfig files in /etc/lighttpd/conf-enabled/, as many tutorials for lighttpd don’t use them.

CGI

I used “lighty-enable-mod cgi”, but disabled all cgi.assigns… so i could have just added the module in the main lighttpd.conf.

I needed CGI only for cgit, and am using fcgi-cgi now (necessary for lighttpd2, but should work with 1.4.x too)

FastCGI

Fastcgi is the core of all dynamic content with lighttpd; i used the “lighty-enable-mod fastcgi” again, but used another setup for php then the default one (see Execwrap for details) to get some basic priviledge separation.

conf-enabled/10-fastcgi.conf:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
server.modules   += ( "mod_fastcgi" )

fastcgi.server    = ( ".php" =>
        ((
                "socket" => "/tmp/php.socket",
                "bin-path" => "/usr/sbin/execwrap",
                "max-procs" => 1,
                "idle-timeout" => 20,
                "bin-environment" => (
                        "PHP_FCGI_CHILDREN" => "4",
                        "PHP_FCGI_MAX_REQUESTS" => "10000",
                        "UID" => "10000",
                        "GID" => "10000",
                        "TARGET" => "/srv/www/fcgi-bin/php5",
                        "CHECK_GID" => "1",
                ),
                "bin-copy-environment" => (
                        "PATH"
                ),
                "broken-scriptfilename" => "enable"
        ))
)

SSL

See SSL-Certs for how to get ssl certificates for lighttpd.

Redirect all users to https within a conditional:

1
2
3
4
5
 
        $HTTP["scheme"] == "http" {
                $HTTP["host"] =~ "^(.*)$" {
                        url.redirect = ( "^/(.*)" => "https://%1/$1" )
                }
        }

Misc

/usr/share/doc

So you can browse the documentation with your browser:

1
2
3
4
5
 
$HTTP["host"] == "doc.example.com" {
        fastcgi.server = ()
        cgi.assign = ()
        server.document-root = "/usr/share/doc/"
}

phppgadmin

I used an extra vhost for that (you could use mod_alias instead)

1
2
3
 
$HTTP["host"] == "pg.example.com" {
        server.document-root = "/usr/share/phppgadmin"
}

cgit

See cgit

Redmine

See Redmine

Generated using nanoc and bootstrap - Last content change: 2011-06-10 07:41