summaryrefslogtreecommitdiff
path: root/recipes-core/lighttpd/files/lighttpd.conf
diff options
context:
space:
mode:
authorPatrick Murphy <Patrick.Murphy@multitech.com>2020-04-30 13:04:00 -0500
committerJohn Klug <john.klug@multitech.com>2020-06-18 20:22:08 -0500
commit5724d72ffb2d6f4e44b65a92d5b69bcdf8551118 (patch)
treeff5b1f6243f931eccda3f378887681c086c0021e /recipes-core/lighttpd/files/lighttpd.conf
parenta3020c1257ad6bd653b5c619f1552b5e22fe7e0c (diff)
downloadmeta-mlinux-5724d72ffb2d6f4e44b65a92d5b69bcdf8551118.tar.gz
meta-mlinux-5724d72ffb2d6f4e44b65a92d5b69bcdf8551118.tar.bz2
meta-mlinux-5724d72ffb2d6f4e44b65a92d5b69bcdf8551118.zip
moved 5.2.1 changes to master
Diffstat (limited to 'recipes-core/lighttpd/files/lighttpd.conf')
-rw-r--r--recipes-core/lighttpd/files/lighttpd.conf209
1 files changed, 209 insertions, 0 deletions
diff --git a/recipes-core/lighttpd/files/lighttpd.conf b/recipes-core/lighttpd/files/lighttpd.conf
new file mode 100644
index 0000000..a3e02da
--- /dev/null
+++ b/recipes-core/lighttpd/files/lighttpd.conf
@@ -0,0 +1,209 @@
+# lighttpd configuration file for the rcell
+# include config file (/var/run/config/lighttpd_port.conf) generated at start up
+#
+# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $
+
+#IMPORT PORT SETTINGS
+include "/var/run/config/lighttpd_port.conf"
+
+## local access from startup scripts and apps
+$SERVER["socket"] == "/var/run/api/http.sock" { }
+
+## modules
+server.modules = (
+ "mod_rewrite",
+ "mod_redirect",
+ "mod_proxy",
+ "mod_alias",
+ "mod_access",
+ "mod_fastcgi",
+ "mod_accesslog",
+ "mod_openssl",
+ "mod_setenv")
+
+
+## static document-root
+server.document-root = "/var/www/"
+setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*",
+ "Content-Security-Policy" => "default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com 'self'; font-src https://fonts.gstatic.com 'self'; connect-src 'self'; img-src 'self' data:",
+ "X-Frame-Options" =>"SAMEORIGIN",
+ "X-XSS-Protection" => "1; mode=block",
+ "X-Content-Type-Options" => "nosniff",
+ "Referrer-Policy" => "strict-origin-when-cross-origin",
+ "Feature-Policy" => "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; payment 'none'; usb 'none'",
+ "Strict-Transport-Security" => "max-age=31536000",
+ "Cache-Control" => "no-cache"
+)
+server.socket-perms = "0760"
+
+## where to send error-messages to
+#server.errorlog = "/var/log/lighttpd.error.log"
+server.errorlog-use-syslog = "enable"
+
+# disable stat cache
+server.stat-cache-engine = "disable"
+
+## where to send access log
+#accesslog.filename = "/var/log/lighttpd.access.log"
+accesslog.use-syslog = "enable"
+
+## enable debugging
+#debug.log-request-header = "enable"
+#debug.log-response-header = "enable"
+#debug.log-request-handling = "enable"
+#debug.log-file-not-found = "enable"
+#debug.log-condition-handling = "enable"
+
+## where to upload files
+server.upload-dirs = ( "/var/volatile/tmp" )
+
+# files to check for if .../ is requested
+index-file.names = ( "index.php", "index.html",
+ "index.htm", "default.htm" )
+
+# mimetype mapping
+mimetype.assign = (
+ ".pdf" => "application/pdf",
+ ".sig" => "application/pgp-signature",
+ ".spl" => "application/futuresplash",
+ ".class" => "application/octet-stream",
+ ".ps" => "application/postscript",
+ ".torrent" => "application/x-bittorrent",
+ ".dvi" => "application/x-dvi",
+ ".pac" => "application/x-ns-proxy-autoconfig",
+ ".swf" => "application/x-shockwave-flash",
+ ".tar.gz" => "application/x-tgz",
+ ".tgz" => "application/x-tgz",
+ ".tar" => "application/x-tar",
+ ".xhtml" => "application/xhtml+xml",
+ ".xht" => "application/xhtml+xml",
+ ".zip" => "application/zip",
+ ".mp3" => "audio/mpeg",
+ ".m3u" => "audio/x-mpegurl",
+ ".wma" => "audio/x-ms-wma",
+ ".wax" => "audio/x-ms-wax",
+ ".ogg" => "application/ogg",
+ ".wav" => "audio/x-wav",
+ ".gif" => "image/gif",
+ ".jpg" => "image/jpeg",
+ ".jpeg" => "image/jpeg",
+ ".png" => "image/png",
+ ".svg" => "image/svg+xml",
+ ".ico" => "image/x-icon",
+ ".xbm" => "image/x-xbitmap",
+ ".xpm" => "image/x-xpixmap",
+ ".xwd" => "image/x-xwindowdump",
+ ".css" => "text/css",
+ ".html" => "text/html",
+ ".htm" => "text/html",
+ ".asc" => "text/plain",
+ ".c" => "text/plain",
+ ".cpp" => "text/plain",
+ ".log" => "text/plain",
+ ".conf" => "text/plain",
+ ".text" => "text/plain",
+ ".txt" => "text/plain",
+ ".dtd" => "text/xml",
+ ".xml" => "text/xml",
+ ".mpeg" => "video/mpeg",
+ ".mpg" => "video/mpeg",
+ ".mov" => "video/quicktime",
+ ".qt" => "video/quicktime",
+ ".avi" => "video/x-msvideo",
+ ".asf" => "video/x-ms-asf",
+ ".asx" => "video/x-ms-asf",
+ ".wmv" => "video/x-ms-wmv",
+ ".bz2" => "application/x-bzip",
+ ".tbz" => "application/x-bzip-compressed-tar",
+ ".tar.bz2" => "application/x-bzip-compressed-tar",
+ ".mib" => "application/text",
+ ".js" => "application/javascript"
+ )
+
+## deny access the file-extensions
+url.access-deny = ( "~", ".inc" )
+
+# send a different Server: header
+server.tag = ""
+
+#server.error-handler-404 = "/index.html"
+
+#Range request are requests of one or more sub-ranges of a file.
+#Range requests are very helpful for resuming interrupted downloads and fetching small portions of huge files.
+#Note: Adobe Acrobat Reader can crash when it tries to open a PDF file if range requests are enabled.
+$HTTP["url"] =~ "\.pdf$" {
+ server.range-requests = "disable"
+}
+
+##
+# which extensions should not be handle via static-file transfer
+#
+# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
+static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
+
+## to help the rc.scripts
+server.pid-file = "/var/run/lighttpd.pid"
+
+# Restrict server process to non priveleged user
+server.username = "www"
+server.groupname = "www"
+
+# server limit POST size in kilobytes (60MB for firmware update)
+server.max-request-size = 113246
+
+# server limits
+server.max-keep-alive-requests = 16
+server.max-keep-alive-idle = 15
+server.max-read-idle = 60
+server.max-write-idle = 360
+
+##
+## Format: <errorfile-prefix><status-code>.html
+## -> ..../status-404.html for 'File not found'
+server.errorfile-prefix = "/var/www/errors/status-"
+
+## virtual directory listings
+#dir-listing.activate = "enable"
+
+#IMPORTED CONFIGS WILL HANDLE SETTING HTTP/HTTPS
+
+#### fastcgi module
+fastcgi.server = ( "/" =>
+ ( "authorizer" =>
+ (
+ "mode" => "authorizer",
+ "check-local" => "disable",
+ "socket" => "/var/run/api/rcell_api.sock",
+ "docroot" => "/var/www"
+ )
+ )
+)
+
+
+$HTTP["url"] =~ "/static/js" {
+ setenv.add-response-header = ( "Content-Encoding" => "gzip")
+ mimetype.assign = ("" => "text/javascript" )
+ } else $HTTP["url"] =~ "/help/template/scripts" {
+ setenv.add-response-header = ( "Content-Encoding" => "gzip")
+ mimetype.assign = ("" => "text/javascript" )
+ } else $HTTP["url"] =~ "/help/whxdata/" {
+ setenv.add-response-header = ( "Content-Encoding" => "gzip")
+ mimetype.assign = ("" => "text/javascript" )
+ } else $HTTP["url"] =~ "/help/template/Azure_Blue_MTS_1/layout.css" {
+ setenv.add-response-header = ( "Content-Encoding" => "gzip")
+ mimetype.assign = ("" => "text/css" )
+ } else $HTTP["url"] =~ "^/api" {
+ fastcgi.server = ( "/api" =>
+ ( "api" =>
+ (
+ "mode" => "responder",
+ "check-local" => "disable",
+ "socket" => "/var/run/api/rcell_api.sock"
+ )
+ )
+ )
+}
+
+#INCLUDE DIPSERVICE SETTINGS
+include "/var/run/config/lighttpd_dipservice.conf"
+include "/var/run/config/lighttpd_custom_images.conf"