From: Glenn Strauss <gs-yoctoproject.org@gluelogic.com>
To: poky@lists.yoctoproject.org
Cc: Glenn Strauss <gstrauss@gluelogic.com>
Subject: [PATCH 3/3] lighttpd: modernize lighttpd.conf
Date: Fri, 20 Oct 2023 07:48:45 -0400 [thread overview]
Message-ID: <20231020114845.100062-4-gs-yoctoproject.org@gluelogic.com> (raw)
In-Reply-To: <20231020114845.100062-1-gs-yoctoproject.org@gluelogic.com>
From: Glenn Strauss <gstrauss@gluelogic.com>
- remove obsolete modules
- replace mod_compress directives with mod_deflate
- do not enable debug.log-request-handling by default
(should not be enabled *by default* on any production system,
especially not an embedded system)
- update TLS syntax for modern recommended use
(separate files for certificate+chain, and private key)
- remove incorrect comment about server.event-handler
lighttpd defaults correctly to use kqueue on *BSD systems
- remove ancient config which disables range requests for PDF
(cargo-culted config from ~15 years ago to address problem
in then-popular PDF client)
- use recommend config file include syntax
(more efficient and more deterministic include file ordering)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
.../lighttpd/lighttpd/lighttpd.conf | 38 ++++---------------
1 file changed, 8 insertions(+), 30 deletions(-)
diff --git a/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf b/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
index 6e8402d242..47a6c93349 100644
--- a/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
+++ b/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
@@ -16,8 +16,6 @@ server.modules = (
# "mod_redirect",
# "mod_alias",
"mod_access",
-# "mod_cml",
-# "mod_trigger_b4_dl",
# "mod_auth",
# "mod_status",
# "mod_setenv",
@@ -27,11 +25,9 @@ server.modules = (
# "mod_evhost",
# "mod_userdir",
# "mod_cgi",
-# "mod_compress",
# "mod_ssi",
-# "mod_usertrack",
# "mod_expire",
-# "mod_secdownload",
+# "mod_deflate",
# "mod_rrdtool",
# "mod_webdav",
"mod_accesslog" )
@@ -47,9 +43,6 @@ server.errorlog = "/www/logs/lighttpd.error.log"
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm" )
-## set the event-handler (read the performance section in the manual)
-# server.event-handler = "freebsd-kqueue" # needed on OS X
-
# mimetype mapping
mimetype.assign = (
".pdf" => "application/pdf",
@@ -115,7 +108,6 @@ mimetype.assign = (
#### accesslog module
accesslog.filename = "/www/logs/access.log"
-debug.log-request-handling = "enable"
@@ -127,10 +119,6 @@ debug.log-request-handling = "enable"
# of the document-root
url.access-deny = ( "~", ".inc" )
-$HTTP["url"] =~ "\.pdf$" {
- server.range-requests = "disable"
-}
-
##
# which extensions should not be handle via static-file transfer
#
@@ -177,6 +165,7 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
#dir-listing.activate = "enable"
## enable debugging
+#debug.log-request-header-on-error = "enable"
#debug.log-request-header = "enable"
#debug.log-response-header = "enable"
#debug.log-request-handling = "enable"
@@ -194,8 +183,9 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
#server.groupname = "wwwrun"
#### compress module
-#compress.cache-dir = "/tmp/lighttpd/cache/compress/"
-#compress.filetype = ("text/plain", "text/html")
+#deflate.cache-dir = "/tmp/lighttpd/cache/compress/"
+#deflate.mimetypes = ("text/plain", "text/html")
+#deflate.allowed-encodings = ("gzip")
#### proxy module
## read proxy.txt for more info
@@ -227,7 +217,8 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
#### SSL engine
#ssl.engine = "enable"
-#ssl.pemfile = "server.pem"
+#ssl.pemfile = "/path/to/fullchain.pem"
+#ssl.privkey = "/path/to/privkey.pem"
#### status module
#status.status-url = "/server-status"
@@ -291,19 +282,6 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
#setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" )
#setenv.add-response-header = ( "X-Secret-Message" => "42" )
-## for mod_trigger_b4_dl
-# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
-# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
-# trigger-before-download.trigger-url = "^/trigger/"
-# trigger-before-download.download-url = "^/download/"
-# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
-# trigger-before-download.trigger-timeout = 10
-
-## for mod_cml
-## don't forget to add index.cml to server.indexfiles
-# cml.extension = ".cml"
-# cml.memcache-hosts = ( "127.0.0.1:11211" )
-
#### variable usage:
## variable name without "." is auto prefixed by "var." and becomes "var.bar"
#bar = 1
@@ -328,4 +306,4 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
#var.a=1
# include other config file fragments from lighttpd.d subdir
-include_shell "find /etc/lighttpd.d -maxdepth 1 -name '*.conf' -exec cat {} \;"
+include "/etc/lighttpd.d/*.conf"
--
2.41.0
next prev parent reply other threads:[~2023-10-20 11:49 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-20 11:48 [PATCH 0/3] lighttpd-1.4.72 Glenn Strauss
2023-10-20 11:48 ` [PATCH 1/3] lighttpd: upgrade 1.4.71 -> 1.4.72 Glenn Strauss
2023-10-20 16:28 ` [poky] " Khem Raj
2023-10-20 11:48 ` [PATCH 2/3] lighttpd: update init script Glenn Strauss
2023-10-20 11:48 ` Glenn Strauss [this message]
2023-10-20 12:08 ` [poky] [PATCH 0/3] lighttpd-1.4.72 Richard Purdie
2023-10-20 12:18 ` Ross Burton
2023-10-20 12:54 ` gs-yoctoproject.org
2023-10-20 13:55 ` Ross Burton
2023-10-20 15:40 ` gs-yoctoproject.org
2024-03-14 18:32 ` Martin Jansa
[not found] ` <17BCB52E812AFFB8.6435@lists.yoctoproject.org>
2024-03-15 9:59 ` Martin Jansa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231020114845.100062-4-gs-yoctoproject.org@gluelogic.com \
--to=gs-yoctoproject.org@gluelogic.com \
--cc=gstrauss@gluelogic.com \
--cc=poky@lists.yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).