--- embedaddon/lighttpd/tests/lighttpd.conf 2013/10/14 10:32:47 1.1 +++ embedaddon/lighttpd/tests/lighttpd.conf 2016/11/02 10:35:00 1.1.1.2 @@ -1,7 +1,7 @@ debug.log-request-handling = "enable" debug.log-request-header = "enable" debug.log-response-header = "enable" -debug.log-condition-handling = "enable" +#debug.log-condition-handling = "enable" server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" ## 64 Mbyte ... nice limit @@ -19,220 +19,285 @@ server.tag = "Apache 1.3.29" server.dir-listing = "enable" -#server.event-handler = "linux-sysepoll" -#server.event-handler = "linux-rtsig" +server.modules = ( + "mod_rewrite", + "mod_setenv", + "mod_secdownload", + "mod_access", + "mod_auth", + "mod_status", + "mod_expire", + "mod_simple_vhost", + "mod_redirect", + "mod_fastcgi", + "mod_cgi", + "mod_compress", + "mod_userdir", + "mod_ssi", + "mod_accesslog", +) -#server.modules.path = "" -server.modules = ( - "mod_rewrite", - "mod_setenv", - "mod_secdownload", - "mod_access", - "mod_auth", -# "mod_httptls", - "mod_status", - "mod_expire", - "mod_simple_vhost", - "mod_redirect", -# "mod_evhost", -# "mod_localizer", - "mod_fastcgi", - "mod_cgi", - "mod_compress", - "mod_userdir", - "mod_ssi", - "mod_accesslog" ) +server.indexfiles = ( + "index.php", + "index.html", + "index.htm", + "default.htm", +) -server.indexfiles = ( "index.php", "index.html", - "index.htm", "default.htm" ) - - ######################## MODULE CONFIG ############################ -ssi.extension = ( ".shtml" ) +ssi.extension = ( + ".shtml", +) -accesslog.filename = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.access.log" +accesslog.filename = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.access.log" -mimetype.assign = ( ".png" => "image/png", - ".jpg" => "image/jpeg", - ".jpeg" => "image/jpeg", - ".gif" => "image/gif", - ".html" => "text/html", - ".htm" => "text/html", - ".pdf" => "application/pdf", - ".swf" => "application/x-shockwave-flash", - ".spl" => "application/futuresplash", - ".txt" => "text/plain", - ".tar.gz" => "application/x-tgz", - ".tgz" => "application/x-tgz", - ".gz" => "application/x-gzip", - ".c" => "text/plain", - ".conf" => "text/plain" ) +mimetype.assign = ( + ".png" => "image/png", + ".jpg" => "image/jpeg", + ".jpeg" => "image/jpeg", + ".gif" => "image/gif", + ".html" => "text/html", + ".htm" => "text/html", + ".pdf" => "application/pdf", + ".swf" => "application/x-shockwave-flash", + ".spl" => "application/futuresplash", + ".txt" => "text/plain", + ".tar.gz" => "application/x-tgz", + ".tgz" => "application/x-tgz", + ".gz" => "application/x-gzip", + ".c" => "text/plain", + ".conf" => "text/plain", +) $HTTP["host"] == "cache.example.org" { - compress.cache-dir = env.SRCDIR + "/tmp/lighttpd/cache/compress/" + compress.cache-dir = env.SRCDIR + "/tmp/lighttpd/cache/compress/" } -compress.filetype = ("text/plain", "text/html") +compress.filetype = ( + "text/plain", + "text/html", +) -setenv.add-environment = ( "TRAC_ENV" => "tracenv", "SETENV" => "setenv") -setenv.add-request-header = ( "FOO" => "foo") -setenv.add-response-header = ( "BAR" => "foo") +setenv.add-environment = ( + "TRAC_ENV" => "tracenv", + "SETENV" => "setenv", +) +setenv.add-request-header = ( + "FOO" => "foo", +) +setenv.add-response-header = ( + "BAR" => "foo", +) $HTTP["url"] =~ "\.pdf$" { - server.range-requests = "disable" + server.range-requests = "disable" } -fastcgi.debug = 0 -fastcgi.server = ( ".php" => ( ( "host" => "127.0.0.1", "port" => 1026, "broken-scriptfilename" => "enable", "allow-x-send-file" => "enable" ) ), - "/prefix.fcgi" => ( ( "host" => "127.0.0.1", "port" => 1026, "check-local" => "disable", "broken-scriptfilename" => "enable" ) ) - ) +fastcgi.debug = 0 +fastcgi.server = ( + ".php" => ( ( + "host" => "127.0.0.1", + "port" => 1026, + "broken-scriptfilename" => "enable", + "allow-x-send-file" => "enable", + ) ), + "/prefix.fcgi" => ( ( + "host" => "127.0.0.1", + "port" => 1026, + "check-local" => "disable", + "broken-scriptfilename" => "enable", + ) ), +) +cgi.assign = ( + ".pl" => env.PERL, + ".cgi" => env.PERL, +) -cgi.assign = ( ".pl" => "/usr/bin/perl", - ".cgi" => "/usr/bin/perl", - ".py" => "/usr/bin/python" ) - -userdir.include-user = ( "jan" ) +userdir.include-user = ( + "jan", +) userdir.path = "/" -ssl.engine = "disable" -# ssl.pemfile = "server.pem" - $HTTP["host"] == "auth-htpasswd.example.org" { - auth.backend = "htpasswd" + auth.backend = "htpasswd" } -auth.backend = "plain" +auth.backend = "plain" auth.backend.plain.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.user" auth.backend.htpasswd.userfile = env.SRCDIR + "/tmp/lighttpd/lighttpd.htpasswd" +auth.require = ( + "/server-status" => ( + "method" => "digest", + "realm" => "download archiv", + "require" => "group=www|user=jan|host=192.168.2.10", + ), + "/server-config" => ( + "method" => "basic", + "realm" => "download archiv", + "require" => "valid-user", + ), +) -auth.require = ( "/server-status" => - ( - "method" => "digest", - "realm" => "download archiv", - "require" => "group=www|user=jan|host=192.168.2.10" - ), - "/server-config" => - ( - "method" => "basic", - "realm" => "download archiv", - "require" => "valid-user" - ) - ) +url.access-deny = ( + "~", + ".inc", +) -url.access-deny = ( "~", ".inc") +url.rewrite = ( + "^/rewrite/foo($|\?.+)" => "/indexfile/rewrite.php$1", + "^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1", +) -url.rewrite = ( "^/rewrite/foo($|\?.+)" => "/indexfile/rewrite.php$1", - "^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1" ) +url.rewrite-if-not-file = ( + "^(/rewrite/[^?]*)(?:\?(.*))?$" => "/indexfile/rewrite.php?file=$1&$2", +) -url.rewrite-if-not-file = ( "^(/rewrite/[^?]*)(?:\?(.*))?$" => "/indexfile/rewrite.php?file=$1&$2" ) +expire.url = ( + "/expire/access" => "access 2 hours", + "/expire/modification" => "access plus 1 seconds 2 minutes", +) -expire.url = ( "/expire/access" => "access 2 hours", - "/expire/modification" => "access plus 1 seconds 2 minutes") - -#cache.cache-dir = "/home/weigon/wwwroot/cache/" - #### status module -status.status-url = "/server-status" -status.config-url = "/server-config" +status.status-url = "/server-status" +status.config-url = "/server-config" $HTTP["host"] == "vvv.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - secdownload.secret = "verysecret" - secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - secdownload.uri-prefix = "/sec/" - secdownload.timeout = 120 + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.secret = "verysecret" + secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.uri-prefix = "/sec/" + secdownload.timeout = 120 + secdownload.algorithm = "md5" } +$HTTP["host"] == "vvv-sha1.example.org" { + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.secret = "verysecret" + secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.uri-prefix = "/sec/" + secdownload.timeout = 120 + secdownload.algorithm = "hmac-sha1" +} + +$HTTP["host"] == "vvv-sha256.example.org" { + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.secret = "verysecret" + secdownload.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + secdownload.uri-prefix = "/sec/" + secdownload.timeout = 120 + secdownload.algorithm = "hmac-sha256" +} + $HTTP["host"] == "zzz.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - server.name = "zzz.example.org" - static-file.disable-pathinfo = "enable" + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + server.name = "zzz.example.org" + static-file.disable-pathinfo = "enable" } $HTTP["host"] == "symlink.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - server.name = "symlink.example.org" - server.follow-symlink = "enable" + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + server.name = "symlink.example.org" + server.follow-symlink = "enable" } $HTTP["host"] == "nosymlink.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - server.name = "symlink.example.org" - server.follow-symlink = "disable" + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + server.name = "symlink.example.org" + server.follow-symlink = "disable" } $HTTP["host"] == "no-simple.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/123.example.org/pages/" - server.name = "zzz.example.org" + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/123.example.org/pages/" + server.name = "zzz.example.org" } $HTTP["host"] !~ "(no-simple\.example\.org)" { - simple-vhost.document-root = "pages" - simple-vhost.server-root = env.SRCDIR + "/tmp/lighttpd/servers/" - simple-vhost.default-host = "www.example.org" + simple-vhost.document-root = "pages" + simple-vhost.server-root = env.SRCDIR + "/tmp/lighttpd/servers/" + simple-vhost.default-host = "www.example.org" } $HTTP["host"] == "auth.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - server.name = "auth.example.org" - auth.backend = "htpasswd" - auth.require = ( "" => - ( - "method" => "basic", - "realm" => "download archiv", - "require" => "valid-user" - ) - ) + server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" + server.name = "auth.example.org" + auth.backend = "htpasswd" + auth.require = ( + "" => ( + "method" => "basic", + "realm" => "download archiv", + "require" => "valid-user", + ), + ) } $HTTP["host"] =~ "(vvv).example.org" { - url.redirect = ( "^/redirect/$" => "http://localhost:2048/" ) + url.redirect = ( + "^/redirect/$" => "http://localhost:2048/", + ) } $HTTP["host"] =~ "(zzz).example.org" { - url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" ) + url.redirect = ( + "^/redirect/$" => "http://localhost:2048/%1", + ) } $HTTP["host"] =~ "(remoteip)\.example\.org" { - $HTTP["remoteip"] =~ "(127\.0\.0\.1)" { - url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" ) - } + $HTTP["remoteip"] =~ "(127\.0\.0\.1)" { + url.redirect = ( + "^/redirect/$" => "http://localhost:2048/%1", + ) + } } $HTTP["remoteip"] =~ "(127\.0\.0\.1)" { - $HTTP["host"] =~ "(remoteip2)\.example\.org" { - url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" ) - } + $HTTP["host"] =~ "(remoteip2)\.example\.org" { + url.redirect = ( + "^/redirect/$" => "http://localhost:2048/%1", + ) + } } $HTTP["host"] =~ "bug255\.example\.org$" { - $HTTP["remoteip"] == "127.0.0.1" { - url.access-deny = ( "" ) - } + $HTTP["remoteip"] == "127.0.0.1" { + url.access-deny = ( + "", + ) + } } $HTTP["referer"] !~ "^($|http://referer\.example\.org)" { - url.access-deny = ( ".jpg" ) + url.access-deny = ( + ".jpg", + ) } # deny access for all image stealers $HTTP["host"] == "referer.example.org" { - $HTTP["referer"] !~ "^($|http://referer\.example\.org)" { - url.access-deny = ( ".png" ) - } + $HTTP["referer"] !~ "^($|http://referer\.example\.org)" { + url.access-deny = ( + ".png", + ) + } } $HTTP["cookie"] =~ "empty-ref" { - $HTTP["referer"] == "" { - url.access-deny = ( "" ) - } + $HTTP["referer"] == "" { + url.access-deny = ( + "", + ) + } } +$HTTP["host"] =~ "allow\.example\.org$" { + url.access-allow = ( ".txt" ) # allow takes precedence over deny + url.access-deny = ( ".txt" ) +} $HTTP["host"] == "etag.example.org" { - static-file.etags = "disable" - compress.filetype = () + static-file.etags = "disable" + compress.filetype = () }