mods/sample-Lighttpd.config

   1 Below is a sample config for Lighttpd that
   2 seems to work well on Debian Squeeze, with "lighttpd/1.4.28 (ssl)"
   3
   4 The idea is: if someone enters the bare URL for my site, 'example.com',
   5 they get redirected to https://example.com/index.html, which is simply a
   6 page with two links on it: https://wordpress.example.com and
   7 https://friendica.example.com.
   8
   9 If someone enters https://example.com, they get redirected to
  10 https://wordpress.example.com/main/, which is the 'main' blog in a Word
  11 Press 'network install' of the 'subdirectory' variety.
  12
  13 I thought it might be nice to offer people who join my Friendica
  14 instance their own blogs, if they like.
  15
  16 One can obtain free, signed, single subdomain SSL certificates from
  17 StartCom CA, which upon checking I noticed was already installed in both
  18 Firefox and Google Chromium.  Info at http://cert.startcom.org/ .  So I
  19 got one for each site, and have Lighty use the appropriate cert based on
  20 the requested URL.
  21
  22 Enjoy!
  23
  24 On Debian Jessie with lighttpd 1.4.35-4 there was a problem encountered
  25 between curl (which is used by Friendica in the background) and lighttp.
  26 This problem caused requests being served with an error code of 417 in
  27 the logs and no delivery of postings from the contacts.
  28
  29 One can solve the issue by adding
  30
  31     server.reject-expect-100-with-417 = "disable"
  32
  33 to the lighttpd configuratiion file (e.g. in the beginning with the
  34 other 'server.xxx' settings.
  35
  36 ---------------( config starts )-----------------
  37
  38 debug.log-request-handling = "disable"
  39 debug.log-condition-handling = "disable"
  40
  41 server.modules = (
  42         "mod_access",
  43         "mod_alias",
  44         "mod_compress",
  45         "mod_redirect",
  46         "mod_fastcgi",
  47         "mod_rewrite"
  48 )
  49
  50 server.document-root        = "/var/www"
  51 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
  52 server.errorlog             = "/var/log/lighttpd/error.log"
  53 server.pid-file             = "/var/run/lighttpd.pid"
  54 server.username             = "www-data"
  55 server.groupname            = "www-data"
  56
  57 # enable SSL
  58 ssl.engine = "enable"
  59 ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
  60 ssl.ca-file = "/etc/lighttpd/ssl/ca.pem"
  61
  62 # fix for problem between curl and lighttpd
  63 server.reject-expect-100-with-417 = "disable"
  64
  65 # Send everybody to landing page:
  66 $SERVER["socket"] == ":80" {
  67
  68 $HTTP["scheme"] == "http" {
  69     $HTTP["host"] =~ ".*" {
  70     # This next redirect doesn't appear to ever execute in Firefox
  71     # (sometimes, anyway -- caching issue?), but it does seem to
  72     # reliably in Google's Chromium browser. If I change it here
  73     # and restart Lighty, Firefox still goes to the URL in the
  74     # last 'else' below. Or something.
  75 Sometimes.
  76         server.document-root = "/var/www"
  77         url.redirect = (".*" => "https://example.com")
  78     }
  79 }
  80
  81 }
  82 else $SERVER["socket"] == ":443" {
  83
  84 $HTTP["scheme"] == "https" {
  85
  86     $HTTP["host"] == "wordpress.example.com" {
  87         server.document-root = "/var/www/wordpress"
  88         ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
  89         # include "wpmu-rewrites.conf"
  90         url.rewrite-if-not-file = (
  91             "^/(.*/)?files/$" => "/index.php",
  92              "^/(.*/)?files/(.*)" => "/wp-includes/ms-files.php?file=$2",
  93              "^(/wp-admin/.*)" => "$1",
  94              "^/([_0-9a-zA-Z-]+/)?(wp-.*)" => "/$2",
  95              "^/([_0-9a-zA-Z-]+/)?(.*\.php)" => "/$2",
  96              "^/(.*)/?$" => "/index.php/$1"
  97         )
  98     }
  99     else $HTTP["host"] == "friendica.example.com" {
 100         server.document-root = "/var/www/friendica"
 101         ssl.pemfile = "/etc/lighttpd/ssl/friendica.pem"
 102         # Got the following 'Drupal Clean URL'after Mike suggested trying
 103         # something along those lines, from http://drupal.org/node/1414950
 104         url.rewrite-if-not-file = (
 105             "^\/([^\?]*)\?(.*)$" => "/index.php?pagename=$1&$2",
 106             "^\/(.*)$" => "/index.php?pagename=$1"
 107         )
 108         $HOST["url"] =~ "^/bin/" {
 109             url.access.deny ( "" )
 110         }
 111     }
 112     else $HTTP["host"] !~ "(friendica.example.com|wordpress.example.com)" {
 113         server.document-root = "/var/www/wordpress"
 114         ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
 115         url.redirect = (".*" => "https://wordpress.example.com/main/")
 116     }
 117 }
 118
 119 }
 120
 121 index-file.names            = ( "index.php", "index.html",
 122                                 "index.htm", "default.htm",
 123                                "index.lighttpd.html" )
 124
 125 url.access-deny             = ( "~", ".inc" )
 126
 127 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 128
 129 include_shell "/usr/share/lighttpd/use-ipv6.pl"
 130
 131 dir-listing.encoding        = "utf-8"
 132 server.dir-listing          = "disable"
 133
 134 #compress.cache-dir          = "/var/cache/lighttpd/compress/"
 135 #compress.filetype           = ( "application/x-javascript", "text/css", "text/html", "text/p\lain" )
 136
 137
 138 include_shell "/usr/share/lighttpd/create-mime.assign.pl"
 139 include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
 140
 141 ---------------( config ends )-----------------