poky.lists.yoctoproject.org archive mirror
 help / color / mirror / Atom feed
From: Glenn Strauss <gs-yoctoproject.org@gluelogic.com>
To: poky@lists.yoctoproject.org
Cc: Glenn Strauss <gstrauss@gluelogic.com>
Subject: [PATCH 3/3] lighttpd: modernize lighttpd.conf
Date: Fri, 20 Oct 2023 07:48:45 -0400	[thread overview]
Message-ID: <20231020114845.100062-4-gs-yoctoproject.org@gluelogic.com> (raw)
In-Reply-To: <20231020114845.100062-1-gs-yoctoproject.org@gluelogic.com>

From: Glenn Strauss <gstrauss@gluelogic.com>

- remove obsolete modules
- replace mod_compress directives with mod_deflate
- do not enable debug.log-request-handling by default
  (should not be enabled *by default* on any production system,
   especially not an embedded system)
- update TLS syntax for modern recommended use
  (separate files for certificate+chain, and private key)
- remove incorrect comment about server.event-handler
  lighttpd defaults correctly to use kqueue on *BSD systems
- remove ancient config which disables range requests for PDF
  (cargo-culted config from ~15 years ago to address problem
   in then-popular PDF client)
- use recommend config file include syntax
  (more efficient and more deterministic include file ordering)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
---
 .../lighttpd/lighttpd/lighttpd.conf           | 38 ++++---------------
 1 file changed, 8 insertions(+), 30 deletions(-)

diff --git a/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf b/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
index 6e8402d242..47a6c93349 100644
--- a/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
+++ b/meta/recipes-extended/lighttpd/lighttpd/lighttpd.conf
@@ -16,8 +16,6 @@ server.modules              = (
 #                               "mod_redirect",
 #                               "mod_alias",
                                 "mod_access",
-#                               "mod_cml",
-#                               "mod_trigger_b4_dl",
 #                               "mod_auth",
 #                               "mod_status",
 #                               "mod_setenv",
@@ -27,11 +25,9 @@ server.modules              = (
 #                               "mod_evhost",
 #                               "mod_userdir",
 #                               "mod_cgi",
-#                               "mod_compress",
 #                               "mod_ssi",
-#                               "mod_usertrack",
 #                               "mod_expire",
-#                               "mod_secdownload",
+#                               "mod_deflate",
 #                               "mod_rrdtool",
 #				"mod_webdav",
                                 "mod_accesslog" )
@@ -47,9 +43,6 @@ server.errorlog             = "/www/logs/lighttpd.error.log"
 index-file.names            = ( "index.php", "index.html",
                                 "index.htm", "default.htm" )
 
-## set the event-handler (read the performance section in the manual)
-# server.event-handler = "freebsd-kqueue" # needed on OS X
-
 # mimetype mapping
 mimetype.assign             = (
   ".pdf"          =>      "application/pdf",
@@ -115,7 +108,6 @@ mimetype.assign             = (
 
 #### accesslog module
 accesslog.filename          = "/www/logs/access.log"
-debug.log-request-handling = "enable"
 
 
 
@@ -127,10 +119,6 @@ debug.log-request-handling = "enable"
 #      of the document-root
 url.access-deny             = ( "~", ".inc" )
 
-$HTTP["url"] =~ "\.pdf$" {
-  server.range-requests = "disable"
-}
-
 ##
 # which extensions should not be handle via static-file transfer
 #
@@ -177,6 +165,7 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 #dir-listing.activate       = "enable"
 
 ## enable debugging
+#debug.log-request-header-on-error = "enable"
 #debug.log-request-header   = "enable"
 #debug.log-response-header  = "enable"
 #debug.log-request-handling = "enable"
@@ -194,8 +183,9 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 #server.groupname           = "wwwrun"
 
 #### compress module
-#compress.cache-dir         = "/tmp/lighttpd/cache/compress/"
-#compress.filetype          = ("text/plain", "text/html")
+#deflate.cache-dir          = "/tmp/lighttpd/cache/compress/"
+#deflate.mimetypes          = ("text/plain", "text/html")
+#deflate.allowed-encodings  = ("gzip")
 
 #### proxy module
 ## read proxy.txt for more info
@@ -227,7 +217,8 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
 #### SSL engine
 #ssl.engine                 = "enable"
-#ssl.pemfile                = "server.pem"
+#ssl.pemfile                = "/path/to/fullchain.pem"
+#ssl.privkey                = "/path/to/privkey.pem"
 
 #### status module
 #status.status-url          = "/server-status"
@@ -291,19 +282,6 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 #setenv.add-request-header  = ( "TRAV_ENV" => "mysql://user@host/db" )
 #setenv.add-response-header = ( "X-Secret-Message" => "42" )
 
-## for mod_trigger_b4_dl
-# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
-# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
-# trigger-before-download.trigger-url = "^/trigger/"
-# trigger-before-download.download-url = "^/download/"
-# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
-# trigger-before-download.trigger-timeout = 10
-
-## for mod_cml
-## don't forget to add index.cml to server.indexfiles
-# cml.extension               = ".cml"
-# cml.memcache-hosts          = ( "127.0.0.1:11211" )
-
 #### variable usage:
 ## variable name without "." is auto prefixed by "var." and becomes "var.bar"
 #bar = 1
@@ -328,4 +306,4 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 #var.a=1
 
 # include other config file fragments from lighttpd.d subdir
-include_shell "find /etc/lighttpd.d -maxdepth 1 -name '*.conf' -exec cat {} \;" 
+include "/etc/lighttpd.d/*.conf"
-- 
2.41.0


  parent reply	other threads:[~2023-10-20 11:49 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-20 11:48 [PATCH 0/3] lighttpd-1.4.72 Glenn Strauss
2023-10-20 11:48 ` [PATCH 1/3] lighttpd: upgrade 1.4.71 -> 1.4.72 Glenn Strauss
2023-10-20 16:28   ` [poky] " Khem Raj
2023-10-20 11:48 ` [PATCH 2/3] lighttpd: update init script Glenn Strauss
2023-10-20 11:48 ` Glenn Strauss [this message]
2023-10-20 12:08 ` [poky] [PATCH 0/3] lighttpd-1.4.72 Richard Purdie
2023-10-20 12:18 ` Ross Burton
2023-10-20 12:54   ` gs-yoctoproject.org
2023-10-20 13:55     ` Ross Burton
2023-10-20 15:40       ` gs-yoctoproject.org
2024-03-14 18:32       ` Martin Jansa
     [not found]       ` <17BCB52E812AFFB8.6435@lists.yoctoproject.org>
2024-03-15  9:59         ` Martin Jansa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231020114845.100062-4-gs-yoctoproject.org@gluelogic.com \
    --to=gs-yoctoproject.org@gluelogic.com \
    --cc=gstrauss@gluelogic.com \
    --cc=poky@lists.yoctoproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).