From mboxrd@z Thu Jan 1 00:00:00 1970 From: Maxime Ripard Date: Fri, 3 Feb 2012 15:27:25 +0100 Subject: [Buildroot] [PATCH 3/5] Fix installation for the lighttpd package In-Reply-To: <1328279247-7277-1-git-send-email-maxime.ripard@free-electrons.com> References: <1328279247-7277-1-git-send-email-maxime.ripard@free-electrons.com> Message-ID: <1328279247-7277-4-git-send-email-maxime.ripard@free-electrons.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: buildroot@busybox.net Signed-off-by: Maxime Ripard --- package/lighttpd/lighttpd.conf | 445 ++++++++++++++++++++++++++++++++++++++++ package/lighttpd/lighttpd.mk | 33 +++ 2 files changed, 478 insertions(+), 0 deletions(-) create mode 100644 package/lighttpd/lighttpd.conf diff --git a/package/lighttpd/lighttpd.conf b/package/lighttpd/lighttpd.conf new file mode 100644 index 0000000..89be6f6 --- /dev/null +++ b/package/lighttpd/lighttpd.conf @@ -0,0 +1,445 @@ +####################################################################### +## +## /etc/lighttpd/lighttpd.conf +## +## check /etc/lighttpd/conf.d/*.conf for the configuration of modules. +## +####################################################################### + +####################################################################### +## +## Some Variable definition which will make chrooting easier. +## +## if you add a variable here. Add the corresponding variable in the +## chroot example aswell. +## +var.log_root = "/var/log/lighttpd" +var.server_root = "/srv/www" +var.state_dir = "/var/run" +var.home_dir = "/var/lib/lighttpd" +var.conf_dir = "/etc/lighttpd" + +## +## run the server chrooted. +## +## This requires root permissions during startup. +## +## If you run Chrooted set the the variables to directories relative to +## the chroot dir. +## +## example chroot configuration: +## +#var.log_root = "/logs" +#var.server_root = "/" +#var.state_dir = "/run" +#var.home_dir = "/lib/lighttpd" +#var.vhosts_dir = "/vhosts" +#var.conf_dir = "/etc" +# +#server.chroot = "/srv/www" + +## +## Some additional variables to make the configuration easier +## + +## +## Base directory for all virtual hosts +## +## used in: +## conf.d/evhost.conf +## conf.d/simple_vhost.conf +## vhosts.d/vhosts.template +## +var.vhosts_dir = server_root + "/vhosts" + +## +## Cache for mod_compress +## +## used in: +## conf.d/compress.conf +## +var.cache_dir = "/var/cache/lighttpd" + +## +## Base directory for sockets. +## +## used in: +## conf.d/fastcgi.conf +## conf.d/scgi.conf +## +var.socket_dir = home_dir + "/sockets" + +## +####################################################################### + +####################################################################### +## +## Load the modules. +include "modules.conf" + +## +####################################################################### + +####################################################################### +## +## Basic Configuration +## --------------------- +## +server.port = 80 + +## +## Use IPv6? +## +server.use-ipv6 = "disable" + +## +## bind to a specific IP +## +#server.bind = "localhost" + +## +## Run as a different username/groupname. +## This requires root permissions during startup. +## +server.username = "root" +server.groupname = "root" + +## +## enable core files. +## +#server.core-files = "disable" + +## +## Document root +## +server.document-root = server_root + "/htdocs" + +## +## The value for the "Server:" response field. +## +## It would be nice to keep it at "lighttpd". +## +#server.tag = "lighttpd" + +## +## store a pid file +## +server.pid-file = state_dir + "/lighttpd.pid" + +## +####################################################################### + +####################################################################### +## +## Logging Options +## ------------------ +## +## all logging options can be overwritten per vhost. +## +## Path to the error log file +## +server.errorlog = log_root + "/error.log" + +## +## If you want to log to syslog you have to unset the +## server.errorlog setting and uncomment the next line. +## +#server.errorlog-use-syslog = "enable" + +## +## Access log config +## +include "conf.d/access_log.conf" + +## +## The debug options are moved into their own file. +## see conf.d/debug.conf for various options for request debugging. +## +include "conf.d/debug.conf" + +## +####################################################################### + +####################################################################### +## +## Tuning/Performance +## -------------------- +## +## corresponding documentation: +## http://www.lighttpd.net/documentation/performance.html +## +## set the event-handler (read the performance section in the manual) +## +## possible options on linux are: +## +## select +## poll +## linux-sysepoll +## +## linux-sysepoll is recommended on kernel 2.6. +## +server.event-handler = "linux-sysepoll" + +## +## The basic network interface for all platforms at the syscalls read() +## and write(). Every modern OS provides its own syscall to help network +## servers transfer files as fast as possible +## +## linux-sendfile - is recommended for small files. +## writev - is recommended for sending many large files +## +server.network-backend = "linux-sendfile" + +## +## As lighttpd is a single-threaded server, its main resource limit is +## the number of file descriptors, which is set to 1024 by default (on +## most systems). +## +## If you are running a high-traffic site you might want to increase this +## limit by setting server.max-fds. +## +## Changing this setting requires root permissions on startup. see +## server.username/server.groupname. +## +## By default lighttpd would not change the operation system default. +## But setting it to 2048 is a better default for busy servers. +## +server.max-fds = 2048 + +## +## Stat() call caching. +## +## lighttpd can utilize FAM/Gamin to cache stat call. +## +## possible values are: +## disable, simple or fam. +## +server.stat-cache-engine = "simple" + +## +## Fine tuning for the request handling +## +## max-connections == max-fds/2 (maybe /3) +## means the other file handles are used for fastcgi/files +## +server.max-connections = 1024 + +## +## How many seconds to keep a keep-alive connection open, +## until we consider it idle. +## +## Default: 5 +## +#server.max-keep-alive-idle = 5 + +## +## How many keep-alive requests until closing the connection. +## +## Default: 16 +## +#server.max-keep-alive-requests = 16 + +## +## Maximum size of a request in kilobytes. +## By default it is unlimited (0). +## +## Uploads to your server cant be larger than this value. +## +#server.max-request-size = 0 + +## +## Time to read from a socket before we consider it idle. +## +## Default: 60 +## +#server.max-read-idle = 60 + +## +## Time to write to a socket before we consider it idle. +## +## Default: 360 +## +#server.max-write-idle = 360 + +## +## Traffic Shaping +## ----------------- +## +## see /usr/share/doc/lighttpd/traffic-shaping.txt +## +## Values are in kilobyte per second. +## +## Keep in mind that a limit below 32kB/s might actually limit the +## traffic to 32kB/s. This is caused by the size of the TCP send +## buffer. +## +## per server: +## +#server.kbytes-per-second = 128 + +## +## per connection: +## +#connection.kbytes-per-second = 32 + +## +####################################################################### + +####################################################################### +## +## Filename/File handling +## ------------------------ + +## +## files to check for if .../ is requested +## index-file.names = ( "index.php", "index.rb", "index.html", +## "index.htm", "default.htm" ) +## +index-file.names += ( + "index.xhtml", "index.html", "index.htm", "default.htm", "index.php" +) + +## +## deny access the file-extensions +## +## ~ is for backupfiles from vi, emacs, joe, ... +## .inc is often used for code includes which should in general not be part +## of the document-root +url.access-deny = ( "~", ".inc" ) + +## +## disable range requests for pdf files +## workaround for a bug in the Acrobat Reader plugin. +## +#$HTTP["url"] =~ "\.pdf$" { +# server.range-requests = "disable" +#} + +## +## url handling modules (rewrite, redirect) +## +#url.rewrite = ( "^/$" => "/server-status" ) +#url.redirect = ( "^/wishlist/(.+)" => "http://www.example.com/$1" ) + +## +## both rewrite/redirect support back reference to regex conditional using %n +## +#$HTTP["host"] =~ "^www\.(.*)" { +# url.redirect = ( "^/(.*)" => "http://%1/$1" ) +#} + +## +## which extensions should not be handle via static-file transfer +## +## .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi +## +static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" ) + +## +## error-handler for status 404 +## +#server.error-handler-404 = "/error-handler.html" +#server.error-handler-404 = "/error-handler.php" + +## +## Format: .html +## -> ..../status-404.html for 'File not found' +## +#server.errorfile-prefix = "/srv/www/htdocs/errors/status-" + +## +## mimetype mapping +## +include "conf.d/mime.conf" + +## +## directory listing configuration +## +include "conf.d/dirlisting.conf" + +## +## Should lighttpd follow symlinks? +## +server.follow-symlink = "enable" + +## +## force all filenames to be lowercase? +## +#server.force-lowercase-filenames = "disable" + +## +## defaults to /var/tmp as we assume it is a local harddisk +## +server.upload-dirs = ( "/var/tmp" ) + +## +####################################################################### + + +####################################################################### +## +## SSL Support +## ------------- +## +## To enable SSL for the whole server you have to provide a valid +## certificate and have to enable the SSL engine.:: +## +## ssl.engine = "enable" +## ssl.pemfile = "/path/to/server.pem" +## +## The HTTPS protocol does not allow you to use name-based virtual +## hosting with SSL. If you want to run multiple SSL servers with +## one lighttpd instance you must use IP-based virtual hosting: :: +## +## $SERVER["socket"] == "10.0.0.1:443" { +## ssl.engine = "enable" +## ssl.pemfile = "/etc/ssl/private/www.example.com.pem" +## # +## # Mitigate BEAST attack: +## # +## # A stricter base cipher suite. For details see: +## # http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html +## # +## ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" +## # +## # Make the server prefer the order of the server side cipher suite instead of the client suite. +## # This is necessary to mitigate the BEAST attack (unless you disable all non RC4 algorithms). +## # This option is enabled by default, but only used if ssl.cipher-list is set. +## # +## # ssl.honor-cipher-order = "enable" +## # +## # Mitigate CVE-2009-3555 by disabling client triggered renegotation +## # This is enabled by default. +## # +## # ssl.disable-client-renegotiation = "enable" +## # +## server.name = "www.example.com" +## +## server.document-root = "/srv/www/vhosts/example.com/www/" +## } +## + +## If you have a .crt and a .key file, cat them together into a +## single PEM file: +## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \ +## > /etc/ssl/private/lighttpd.pem +## +#ssl.pemfile = "/etc/ssl/private/lighttpd.pem" + +## +## optionally pass the CA certificate here. +## +## +#ssl.ca-file = "" + +## +####################################################################### + +####################################################################### +## +## custom includes like vhosts. +## +#include "conf.d/config.conf" +#include_shell "cat /etc/lighttpd/vhosts.d/*.conf" +## +####################################################################### diff --git a/package/lighttpd/lighttpd.mk b/package/lighttpd/lighttpd.mk index b8aa310..58617a6 100644 --- a/package/lighttpd/lighttpd.mk +++ b/package/lighttpd/lighttpd.mk @@ -56,6 +56,39 @@ else LIGHTTPD_CONF_OPT += --without-lua endif +define LIGHTTPD_INSTALL_CONFIG +mkdir -p $(TARGET_DIR)/etc/lighttpd +mkdir -p $(TARGET_DIR)/etc/lighttpd/conf.d +mkdir -p $(TARGET_DIR)/var/log/lighttpd +mkdir -p $(TARGET_DIR)/srv/www/htdocs + +[ -f $(TARGET_DIR)/etc/lighttpd/lighttpd.conf ] || \ + $(INSTALL) -D -m 755 package/lighttpd/lighttpd.conf \ + $(TARGET_DIR)/etc/lighttpd/lighttpd.conf + +[ -f $(TARGET_DIR)/etc/lighttpd/modules.conf ] || \ + $(INSTALL) -D -m 755 $(@D)/doc/config/modules.conf \ + $(TARGET_DIR)/etc/lighttpd/modules.conf + +[ -f $(TARGET_DIR)/etc/lighttpd/conf.d/access_log.conf ] || \ + $(INSTALL) -D -m 755 $(@D)/doc/config/conf.d/access_log.conf \ + $(TARGET_DIR)/etc/lighttpd/conf.d/access_log.conf + +[ -f $(TARGET_DIR)/etc/lighttpd/conf.d/debug.conf ] || \ + $(INSTALL) -D -m 755 $(@D)/doc/config/conf.d/debug.conf \ + $(TARGET_DIR)/etc/lighttpd/conf.d/debug.conf + +[ -f $(TARGET_DIR)/etc/lighttpd/conf.d/dirlisting.conf ] || \ + $(INSTALL) -D -m 755 $(@D)/doc/config/conf.d/dirlisting.conf \ + $(TARGET_DIR)/etc/lighttpd/conf.d/dirlisting.conf + +[ -f $(TARGET_DIR)/etc/lighttpd/conf.d/mime.conf ] || \ + $(INSTALL) -D -m 755 $(@D)/doc/config/conf.d/mime.conf \ + $(TARGET_DIR)/etc/lighttpd/conf.d/mime.conf +endef + +LIGHTTPD_POST_INSTALL_TARGET_HOOKS += LIGHTTPD_INSTALL_CONFIG + define LIGHTTPD_UNINSTALL_TARGET_CMDS rm -f $(TARGET_DIR)/usr/sbin/lighttpd rm -f $(TARGET_DIR)/usr/sbin/lighttpd-angel -- 1.7.5.4