diff options
Diffstat (limited to 'recipes-core/lighttpd/files/lighttpd.conf')
-rw-r--r-- | recipes-core/lighttpd/files/lighttpd.conf | 209 |
1 files changed, 209 insertions, 0 deletions
diff --git a/recipes-core/lighttpd/files/lighttpd.conf b/recipes-core/lighttpd/files/lighttpd.conf new file mode 100644 index 0000000..a3e02da --- /dev/null +++ b/recipes-core/lighttpd/files/lighttpd.conf @@ -0,0 +1,209 @@ +# lighttpd configuration file for the rcell +# include config file (/var/run/config/lighttpd_port.conf) generated at start up +# +# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $ + +#IMPORT PORT SETTINGS +include "/var/run/config/lighttpd_port.conf" + +## local access from startup scripts and apps +$SERVER["socket"] == "/var/run/api/http.sock" { } + +## modules +server.modules = ( + "mod_rewrite", + "mod_redirect", + "mod_proxy", + "mod_alias", + "mod_access", + "mod_fastcgi", + "mod_accesslog", + "mod_openssl", + "mod_setenv") + + +## static document-root +server.document-root = "/var/www/" +setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*", + "Content-Security-Policy" => "default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self'; style-src 'unsafe-inline' https://fonts.googleapis.com 'self'; font-src https://fonts.gstatic.com 'self'; connect-src 'self'; img-src 'self' data:", + "X-Frame-Options" =>"SAMEORIGIN", + "X-XSS-Protection" => "1; mode=block", + "X-Content-Type-Options" => "nosniff", + "Referrer-Policy" => "strict-origin-when-cross-origin", + "Feature-Policy" => "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; payment 'none'; usb 'none'", + "Strict-Transport-Security" => "max-age=31536000", + "Cache-Control" => "no-cache" +) +server.socket-perms = "0760" + +## where to send error-messages to +#server.errorlog = "/var/log/lighttpd.error.log" +server.errorlog-use-syslog = "enable" + +# disable stat cache +server.stat-cache-engine = "disable" + +## where to send access log +#accesslog.filename = "/var/log/lighttpd.access.log" +accesslog.use-syslog = "enable" + +## enable debugging +#debug.log-request-header = "enable" +#debug.log-response-header = "enable" +#debug.log-request-handling = "enable" +#debug.log-file-not-found = "enable" +#debug.log-condition-handling = "enable" + +## where to upload files +server.upload-dirs = ( "/var/volatile/tmp" ) + +# files to check for if .../ is requested +index-file.names = ( "index.php", "index.html", + "index.htm", "default.htm" ) + +# mimetype mapping +mimetype.assign = ( + ".pdf" => "application/pdf", + ".sig" => "application/pgp-signature", + ".spl" => "application/futuresplash", + ".class" => "application/octet-stream", + ".ps" => "application/postscript", + ".torrent" => "application/x-bittorrent", + ".dvi" => "application/x-dvi", + ".pac" => "application/x-ns-proxy-autoconfig", + ".swf" => "application/x-shockwave-flash", + ".tar.gz" => "application/x-tgz", + ".tgz" => "application/x-tgz", + ".tar" => "application/x-tar", + ".xhtml" => "application/xhtml+xml", + ".xht" => "application/xhtml+xml", + ".zip" => "application/zip", + ".mp3" => "audio/mpeg", + ".m3u" => "audio/x-mpegurl", + ".wma" => "audio/x-ms-wma", + ".wax" => "audio/x-ms-wax", + ".ogg" => "application/ogg", + ".wav" => "audio/x-wav", + ".gif" => "image/gif", + ".jpg" => "image/jpeg", + ".jpeg" => "image/jpeg", + ".png" => "image/png", + ".svg" => "image/svg+xml", + ".ico" => "image/x-icon", + ".xbm" => "image/x-xbitmap", + ".xpm" => "image/x-xpixmap", + ".xwd" => "image/x-xwindowdump", + ".css" => "text/css", + ".html" => "text/html", + ".htm" => "text/html", + ".asc" => "text/plain", + ".c" => "text/plain", + ".cpp" => "text/plain", + ".log" => "text/plain", + ".conf" => "text/plain", + ".text" => "text/plain", + ".txt" => "text/plain", + ".dtd" => "text/xml", + ".xml" => "text/xml", + ".mpeg" => "video/mpeg", + ".mpg" => "video/mpeg", + ".mov" => "video/quicktime", + ".qt" => "video/quicktime", + ".avi" => "video/x-msvideo", + ".asf" => "video/x-ms-asf", + ".asx" => "video/x-ms-asf", + ".wmv" => "video/x-ms-wmv", + ".bz2" => "application/x-bzip", + ".tbz" => "application/x-bzip-compressed-tar", + ".tar.bz2" => "application/x-bzip-compressed-tar", + ".mib" => "application/text", + ".js" => "application/javascript" + ) + +## deny access the file-extensions +url.access-deny = ( "~", ".inc" ) + +# send a different Server: header +server.tag = "" + +#server.error-handler-404 = "/index.html" + +#Range request are requests of one or more sub-ranges of a file. +#Range requests are very helpful for resuming interrupted downloads and fetching small portions of huge files. +#Note: Adobe Acrobat Reader can crash when it tries to open a PDF file if range requests are enabled. +$HTTP["url"] =~ "\.pdf$" { + server.range-requests = "disable" +} + +## +# which extensions should not be handle via static-file transfer +# +# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi +static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) + +## to help the rc.scripts +server.pid-file = "/var/run/lighttpd.pid" + +# Restrict server process to non priveleged user +server.username = "www" +server.groupname = "www" + +# server limit POST size in kilobytes (60MB for firmware update) +server.max-request-size = 113246 + +# server limits +server.max-keep-alive-requests = 16 +server.max-keep-alive-idle = 15 +server.max-read-idle = 60 +server.max-write-idle = 360 + +## +## Format: <errorfile-prefix><status-code>.html +## -> ..../status-404.html for 'File not found' +server.errorfile-prefix = "/var/www/errors/status-" + +## virtual directory listings +#dir-listing.activate = "enable" + +#IMPORTED CONFIGS WILL HANDLE SETTING HTTP/HTTPS + +#### fastcgi module +fastcgi.server = ( "/" => + ( "authorizer" => + ( + "mode" => "authorizer", + "check-local" => "disable", + "socket" => "/var/run/api/rcell_api.sock", + "docroot" => "/var/www" + ) + ) +) + + +$HTTP["url"] =~ "/static/js" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + mimetype.assign = ("" => "text/javascript" ) + } else $HTTP["url"] =~ "/help/template/scripts" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + mimetype.assign = ("" => "text/javascript" ) + } else $HTTP["url"] =~ "/help/whxdata/" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + mimetype.assign = ("" => "text/javascript" ) + } else $HTTP["url"] =~ "/help/template/Azure_Blue_MTS_1/layout.css" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + mimetype.assign = ("" => "text/css" ) + } else $HTTP["url"] =~ "^/api" { + fastcgi.server = ( "/api" => + ( "api" => + ( + "mode" => "responder", + "check-local" => "disable", + "socket" => "/var/run/api/rcell_api.sock" + ) + ) + ) +} + +#INCLUDE DIPSERVICE SETTINGS +include "/var/run/config/lighttpd_dipservice.conf" +include "/var/run/config/lighttpd_custom_images.conf" |