[crux-commits] ports/contrib (3.6): lighttpd: different directory layout, etc.

crux at crux.nu crux at crux.nu
Sat Feb 6 02:07:40 UTC 2021


commit e4846512f4efa66af07b8842397c9331c8244a3c
Author: Steffen Nurpmeso <steffen at sdaoden.eu>
Date:   Sat Feb 6 03:06:46 2021 +0100

    lighttpd: different directory layout, etc.

diff --git a/lighttpd/.footprint b/lighttpd/.footprint
index def3d9d8d..e4b740b4c 100644
--- a/lighttpd/.footprint
+++ b/lighttpd/.footprint
@@ -1,90 +1,47 @@
 drwxr-xr-x	root/root	etc/
-drwxr-xr-x	root/root	etc/lighttpd/
--rw-r--r--	root/root	etc/lighttpd/cgi.conf
--rw-r--r--	root/root	etc/lighttpd/dirlisting.conf
--rw-r--r--	root/root	etc/lighttpd/fastcgi.conf
--rw-r--r--	root/root	etc/lighttpd/lighttpd.conf
--rw-r--r--	root/root	etc/lighttpd/userdir.conf
+-rw-r--r--	root/root	etc/lighttpd.conf
 drwxr-xr-x	root/root	etc/rc.d/
 -rwxr-xr-x	root/root	etc/rc.d/lighttpd
 drwxr-xr-x	root/root	usr/
 drwxr-xr-x	root/root	usr/lib/
 drwxr-xr-x	root/root	usr/lib/lighttpd/
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_access.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_access.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_accesslog.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_accesslog.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_ajp13.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_ajp13.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_alias.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_alias.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_auth.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_auth.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_authn_file.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_authn_file.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_authn_pam.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_authn_pam.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_cgi.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_cgi.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_cml.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_cml.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_deflate.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_deflate.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_dirlisting.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_dirlisting.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_evasive.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_evasive.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_evhost.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_evhost.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_expire.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_expire.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_extforward.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_extforward.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_fastcgi.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_fastcgi.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_flv_streaming.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_flv_streaming.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_indexfile.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_indexfile.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_magnet.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_magnet.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_openssl.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_openssl.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_proxy.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_proxy.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_redirect.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_redirect.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_rewrite.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_rewrite.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_rrdtool.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_rrdtool.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_scgi.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_scgi.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_secdownload.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_secdownload.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_setenv.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_setenv.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_simple_vhost.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_simple_vhost.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_sockproxy.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_sockproxy.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_ssi.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_ssi.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_staticfile.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_staticfile.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_status.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_status.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_uploadprogress.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_uploadprogress.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_userdir.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_userdir.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_usertrack.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_usertrack.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_vhostdb.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_vhostdb.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_webdav.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_webdav.so
--rwxr-xr-x	root/root	usr/lib/lighttpd/mod_wstunnel.la
 -rwxr-xr-x	root/root	usr/lib/lighttpd/mod_wstunnel.so
 drwxr-xr-x	root/root	usr/sbin/
 -rwxr-xr-x	root/root	usr/sbin/lighttpd
@@ -95,6 +52,8 @@ drwxr-xr-x	root/root	usr/share/man/man8/
 -rw-r--r--	root/root	usr/share/man/man8/lighttpd-angel.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/lighttpd.8.gz
 drwxr-xr-x	root/root	var/
+drwxr-xr-x	root/root	var/lib/
+drwxr-xr-x	root/root	var/lib/lighttpd/
 drwxr-xr-x	root/root	var/log/
 drwxr-xr-x	root/root	var/log/lighttpd/
 drwxr-xr-x	root/root	var/www/
diff --git a/lighttpd/.signature b/lighttpd/.signature
index 61cc674c8..c31b4e722 100644
--- a/lighttpd/.signature
+++ b/lighttpd/.signature
@@ -1,11 +1,7 @@
 untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF357V0/61f8BIortskpMO/gLFcxfId6vlFbg1IPsWVu+xdtDaO9r6pFz7Q1jSgwk1eYtbGAI44PQ1WxaxtnIRIgU=
-SHA256 (Pkgfile) = 1a0f9ccb668014100251da808ee3fc84f0433e4b1de0758b21a916af5f1a07ff
-SHA256 (.footprint) = 7b124b8ef5d18e01b14210013544cd57341fe010f53ac39df137962af90c20ca
+RWSagIOpLGJF3xxo5rP8auWfaRkgYr7qv5mC8cJLaojsKXMGYyhg3XlA+VD2v5v31ayBmn3v6PGkUuQMlDIN5GmLMY9hRohJtws=
+SHA256 (Pkgfile) = 54a4544658634d148b3d1483fa2d194b6fdff3dba849723cfd9f8555d472679e
+SHA256 (.footprint) = e97305350f7145b67cf1415a0b4ece4e9809cd3136f5c207d7de7b97c1a2b9bd
 SHA256 (lighttpd-1.4.59.tar.xz) = fb953db273daef08edb6e202556cae8a3d07eed6081c96bd9903db957d1084d5
-SHA256 (lighttpd.rc) = 239560128d32a8babfaa19f0baded545e7d0ae0f3ead4cb81928f6188c4d9ed8
-SHA256 (lighttpd.conf) = 484b5805549ec18675df8e219f0a9e3e4527623e04677a57dc7e605ad3678bfb
-SHA256 (cgi.conf) = c94f2e34462b82f3c33bd7db74e8d3c0c4e6454021d396e2a01a6ac7e252917b
-SHA256 (dirlisting.conf) = 3d14b80061bc570b2c27e9d1e915902c4df1d8c5307c3ea9a88cf44376d9d541
-SHA256 (fastcgi.conf) = 74b3906e82498ada1ffc02d5d2b145f502aaf191ba9189fe13c014dcc61f5f75
-SHA256 (userdir.conf) = e4b410a368c42aa45556d8987870f112bbe7539fa8e0cb5285a7b34ba43e3b92
+SHA256 (lighttpd.rc) = b1aa0eb6d097098ac65cdc36e522b47e67cb2a0ea912cfe2157d01bbfb1af08d
+SHA256 (lighttpd.conf) = f414c4d52fe8a6f29586744f511035fe289be616ceac0d86960d525f6db38e03
diff --git a/lighttpd/Pkgfile b/lighttpd/Pkgfile
index 4deb6506d..718360d4c 100644
--- a/lighttpd/Pkgfile
+++ b/lighttpd/Pkgfile
@@ -5,29 +5,29 @@
 
 name=lighttpd
 version=1.4.59
-release=1
+release=2
 source=(
   https://download.${name}.net/${name}/releases-1.4.x/${name}-${version}.tar.xz
    ${name}.rc ${name}.conf
-   cgi.conf dirlisting.conf fastcgi.conf userdir.conf
 )
 
 build() {
-    cd ${name}-${version}
+   cd ${name}-${version}
 
-    ./configure --prefix=/usr \
-       --libdir=/usr/lib/${name} \
-       --with-openssl --with-pam \
+   ./configure --prefix=/usr \
+      --libdir=/usr/lib/${name} \
+      --with-openssl --with-pam \
          --with-bzip2 --with-zlib --with-zstd \
       --with-pcre --with-lua
-    make
-    make DESTDIR=$PKG install
+   make
+   make DESTDIR="${PKG}" install
 
-    install -D -m 0755 "${SRC}"/${name}.rc "${PKG}"/etc/rc.d/${name}
-    install -d -m 0755 "${PKG}"/etc/${name}
-    install -D -m 0644 "${SRC}"/*.conf "${PKG}"/etc/${name}/
-    install -d -m 0755 "${PKG}"/var/log/${name}
-    install -d -m 0755 "${PKG}"/var/www/${name}/htdocs
+   install -d -m 0755 "${PKG}"/var/lib/${name} "${PKG}"/var/log/${name} \
+      "${PKG}"/var/www/${name}/htdocs
+   install -D -m 0755 "${SRC}"/${name}.rc "${PKG}"/etc/rc.d/${name}
+   install -D -m 0644 "${SRC}"/${name}.conf "${PKG}"/etc/
+
+   rm -f "${PKG}"/usr/lib/${name}/*.la
 }
 
 # s-sh-mode
diff --git a/lighttpd/cgi.conf b/lighttpd/cgi.conf
deleted file mode 100644
index ac956099a..000000000
--- a/lighttpd/cgi.conf
+++ /dev/null
@@ -1,60 +0,0 @@
-#######################################################################
-##
-##  CGI modules
-## --------------- 
-##
-## See https://redmine.lighttpd.net/projects/lighttpd/wiki/docs_modcgi
-##
-server.modules += ( "mod_cgi" )
-
-##
-## Plain old CGI handling
-##
-## For PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini.
-##
-cgi.assign                 = ( ".pl"  => "/usr/bin/perl",
-                               ".cgi" => "/usr/bin/perl",
-                               ".rb"  => "/usr/bin/ruby",
-                               ".erb" => "/usr/bin/eruby",
-                               ".py"  => "/usr/bin/python" )
-
-##
-## to get the old cgi-bin behavior of apache
-##
-## Note: make sure that mod_alias is loaded if you uncomment the
-##       next line. (see modules.conf)
-##
-#alias.url += ( "/cgi-bin" => server_root + "/cgi-bin" )
-#$HTTP["url"] =~ "^/cgi-bin" {
-#   cgi.assign = ( "" => "" )
-#}
-
-##
-## require execute permission (+x) on files for CGI scripts
-## default: disable
-##
-#cgi.execute-x-only = "enable"
-
-##
-## process X-Sendfile (if present) from CGI response
-## https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModFastCGI#X-Sendfile
-## default: disable
-##
-#cgi.x-sendfile = "enable"
-#cgi.x-sendfile-docroot = ( "/srv/www/html", "/srv/www/static" )
-
-##
-## Local Redirect Response optimization
-## https://www.ietf.org/rfc/rfc3875 6.2.2 Local Redirect Response optimization
-## default: disable
-##
-#cgi.local-redir = "enable"
-
-##
-## permit Upgrade, e.g. Upgrade: websocket
-## default: disable
-##
-#cgi.upgrade = "enable"
-
-##
-#######################################################################
diff --git a/lighttpd/dirlisting.conf b/lighttpd/dirlisting.conf
deleted file mode 100644
index 982121d7f..000000000
--- a/lighttpd/dirlisting.conf
+++ /dev/null
@@ -1,95 +0,0 @@
-#######################################################################
-##
-##  Dirlisting Module 
-## ------------------- 
-##
-## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModDirlisting
-##
-
-##
-## Enabled Directory listing
-## default: disable
-#dir-listing.activate      = "enable"
-
-##
-## Hide dot files from the listing?
-## By default they are hidden (not listed).
-## default: enable
-#dir-listing.hide-dotfiles = "enable"
-
-##
-## list of regular expressions. Files that match any of the specified
-## regular expressions will be excluded from directory listings.
-##
-dir-listing.exclude       = ( "~$" )
-
-##
-## set a encoding for the generated directory listing
-##
-## If you file-system is not using ASCII you have to set the encoding of
-## the filenames as they are put into the HTML listing AS IS (with XML
-## encoding)
-##
-dir-listing.encoding = "UTF-8"
-
-##
-## local URL to optional CSS stylesheet for the directory listing
-##
-#dir-listing.external-css  = "/dirindex.css"
-
-##
-## local URL to optional js script to include,
-## e.g. for client side directory list sorting
-##
-#dir-listing.external-js = "/dirindex.js"
-
-##
-## Include HEADER.txt files above the directory listing. 
-## default: disable
-##
-#dir-listing.show-header = "enable"
-##
-## You can disable showing the HEADER.txt in the listing. 
-## default: disable (shows file in listing)
-##
-#dir-listing.hide-header-file = "enable"
-##
-## HTML-encode HEADER.txt
-## (disable to include files as-is, e.g. if files contain valid HTML)
-## default: enable
-##
-#dir-listing.encode-header = "disable"
-
-##
-## Include README.txt files above the directory listing. 
-## default: disable
-##
-#dir-listing.show-readme = "enable"
-##
-## You can disable showing the README.txt in the listing. 
-## default: disable (shows file in listing)
-##
-#dir-listing.hide-readme-file = "enable"
-##
-## HTML-encode README.txt
-## (disable to include files as-is, e.g. if files contain valid HTML)
-## default: enable
-##
-#dir-listing.encode-readme = "disable"
-
-##
-## displays a string in the footer of a listing page
-## default: value of server.tag directive
-##   "<PACKAGE_NAME>/<PACKAGE_VERSION>" e.g. "lighttpd/1.4.56"
-##
-#dir-listing.set-footer = " "
-
-##
-## Use lighttpd-provided page tags <body> and <html>
-## (disable if HEADER.txt and README.txt provide those tags)
-## default: enable
-##
-#dir-listing.auto-layout = "disable"
-
-##
-#######################################################################
diff --git a/lighttpd/fastcgi.conf b/lighttpd/fastcgi.conf
deleted file mode 100644
index 0760af06f..000000000
--- a/lighttpd/fastcgi.conf
+++ /dev/null
@@ -1,132 +0,0 @@
-#######################################################################
-##
-##  FastCGI Module 
-## --------------- 
-##
-## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModFastCGI
-##
-server.modules += ( "mod_fastcgi" )
-
-##
-## PHP Example
-## For PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini.
-##
-## The number of php processes you will get can be easily calculated:
-##
-## num-procs = max-procs * ( 1 + PHP_FCGI_CHILDREN )
-##
-## for the php-num-procs example it means you will get 17*5 = 85 php
-## processes. you always should need this high number for your very
-## busy sites. And if you have a lot of RAM. :)
-##
-#fastcgi.server = ( ".php" =>
-#                   ( "php-local" =>
-#                     (
-#                       "socket" => socket_dir + "/php-fastcgi-1.socket",
-#                       "bin-path" => server_root + "/cgi-bin/php5",
-#                       "max-procs" => 1,
-#                       "broken-scriptfilename" => "enable",
-#                     ),
-#                     "php-tcp" =>
-#                     (
-#                       "host" => "127.0.0.1",
-#                       "port" => 9999,
-#                       "check-local" => "disable",
-#                       "broken-scriptfilename" => "enable",
-#                     ),
-#                     "php-num-procs" =>
-#                     (
-#                       "socket" => socket_dir + "/php-fastcgi-2.socket",
-#                       "bin-path" => server_root + "/cgi-bin/php5",
-#                       "bin-environment" => (
-#                         "PHP_FCGI_CHILDREN" => "16",
-#                         "PHP_FCGI_MAX_REQUESTS" => "10000",
-#                       ),
-#                       "max-procs" => 5,
-#                       "broken-scriptfilename" => "enable",
-#                     ),
-#                   ),
-#                 )
-
-##
-## Ruby on Rails Example
-##
-## Normally you only run one Rails application on one vhost.
-##
-#$HTTP["host"] == "rails1.example.com" {
-#  server.document-root  = server_root + "/rails/someapp/public"
-#  server.error-handler-404 = "/dispatch.fcgi"
-#  fastcgi.server = ( ".fcgi" =>
-#    ("someapp" =>
-#      ( "socket" => socket_dir + "/someapp-fcgi.socket",
-#        "bin-path" => server_root + "/rails/someapp/public/dispatch.fcgi",
-#        "bin-environment" => (
-#              "RAILS_ENV" => "production",
-#              "TMP" => home_dir + "/rails/someapp",
-#        ),
-#      )
-#    )
-#  )
-#}
-
-##
-## Another example with multiple rails applications on one vhost.
-##
-## https://blog.lighttpd.net/articles/2005/11/23/lighttpd-1-4-8-and-multiple-rails-apps
-##
-#$HTTP["host"] == "rails2.example.com" {
-#  $HTTP["url"] =~ "^/someapp1" {
-#    server.document-root  = server_root + "/rails/someapp1/public"
-#    server.error-handler-404 = "/dispatch.fcgi"
-#    fastcgi.server = ( ".fcgi" =>
-#      ("someapp1" =>
-#        ( "socket" => socket_dir + "/someapp1-fcgi.socket",
-#          "bin-path" => server_root + "/rails/someapp1/public/dispatch.fcgi",
-#          "bin-environment" => (
-#                "RAILS_ENV" => "production",
-#                "TMP" => home_dir + "/rails/someapp1",
-#          ),
-#          "strip-request-uri" => "/someapp1/"
-#        )
-#      )
-#    )
-#  }
-#
-#  $HTTP["url"] =~ "^/someapp2" {
-#    server.document-root  = server_root + "/rails/someapp2/public"
-#    server.error-handler-404 = "/dispatch.fcgi"
-#    fastcgi.server = ( ".fcgi" =>
-#      ("someapp2" =>
-#        ( "socket" => socket_dir + "/someapp2-fcgi.socket",
-#          "bin-path" => server_root + "/rails/someapp2/public/dispatch.fcgi",
-#          "bin-environment" => (
-#                "RAILS_ENV" => "production",
-#                "TMP" => home_dir + "/rails/someapp2",
-#          ),
-#          "strip-request-uri" => "/someapp2/"
-#        )
-#      )
-#    )
-#  }
-#}
-
-## chrooted webserver + external PHP
-##
-## $ spawn-fcgi -f /usr/bin/php-cgi -p 2000 -a 127.0.0.1 -C 8
-##
-## webserver chrooted to /srv/www/
-## php running outside the chroot
-#
-#fastcgi.server = ( 
-#  ".php" => (( 
-#    "host" => "127.0.0.1",
-#    "port" => "2000",
-#    "docroot" => "/srv/www/servers/www.example.org/htdocs/"
-#  )))
-#
-#server.chroot = "/srv/www"
-#server.document-root = "/servers/wwww.example.org/htdocs/"
-#
-
-##
-#######################################################################
diff --git a/lighttpd/lighttpd.conf b/lighttpd/lighttpd.conf
index fa94eaf8b..cb25bcd71 100644
--- a/lighttpd/lighttpd.conf
+++ b/lighttpd/lighttpd.conf
@@ -1,51 +1,56 @@
-###############################################################################
-# Default lighttpd.conf for Gentoo.
-# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/lighttpd.conf,v 1.3 2005/09/01 14:22:35 ka0ttic Exp $
-###############################################################################
+#@ /etc/lighttpd.conf
 
-# {{{ variables
 var.basedir  = "/var/www/lighttpd"
 var.logdir   = "/var/log/lighttpd"
 var.statedir = "/var/lib/lighttpd"
-# }}}
 
-# {{{ modules
-# At the very least, mod_access and mod_accesslog should be enabled.
-# All other modules should only be loaded if necessary.
+#server.name = "www.NAME.DOMAIN"
+#server.use-ipv6 = "disable"
+server.max-read-idle = "10"
+server.max-write-idle = "21"
+server.max-keep-alive-idle = "10"
+server.max-connections = "120"
+#server.kbytes-per-second = 9000
+server.username = "lighttpd"
+server.groupname = "lighttpd"
+server.document-root = var.basedir + "/htdocs"
+server.pid-file = "/var/run/lighttpd.pid"
+#server.breakagelog = "/tmp/cgibreak" # var.logdir  + "/error.log"
+# log errors to syslog instead
+#server.errorlog-use-syslog = "enable"
+#debug.log-request-handling = "enable"
+server.errorlog = var.logdir  + "/error.log"
+server.indexfiles = ("index.html") # "index.php", "index.htm"...)
+# server.tag = "lighttpd" # how server announces itself
+server.follow-symlink = "enable"
+server.event-handler = "linux-sysepoll"
+# Enable HTTP/2
+server.feature-flags += (
+   "server.h2proto" => "enable",
+   "server.h2c" => "enable"
+)
+# chroot to directory (defaults to no chroot)
+# server.chroot = "/"
+# bind to port (defaults to 80)
+# server.port = 81
+# bind to name (defaults to all interfaces)
+# server.bind = "grisu.home.kneschke.de"
+
+#connection.kbytes-per-second = 5000
+
 # NOTE: the order of modules is important.
 server.modules = (
-#    "mod_rewrite",
-#    "mod_redirect",
-#    "mod_alias",
-    "mod_access",
-#    "mod_cml",
-#    "mod_trigger_b4_dl",
-#    "mod_auth",
-#    "mod_status",
-#    "mod_setenv",
-#    "mod_proxy",
-#    "mod_simple_vhost",
-#    "mod_evhost",
-#    "mod_userdir",
-#    "mod_compress",
-#    "mod_ssi",
-#    "mod_usertrack",
-#    "mod_expire",
-#    "mod_secdownload",
-#    "mod_rrdtool",
-#    "mod_webdav",
-    "mod_accesslog"
+   "mod_openssl",
+   "mod_redirect",
+   "mod_rewrite",
+   "mod_alias",
+   "mod_access",
+   "mod_cgi",
+   "mod_setenv",
+   "mod_deflate",
+   "mod_expire",
+   "mod_accesslog"
 )
-# }}}
-
-# {{{ includes
-# uncomment for cgi support
-#   include "mod_cgi.conf"
-# uncomment for php/fastcgi support
-#   include "mod_fastcgi.conf"
-# uncomment for php/fastcgi fpm support
-#   include "mod_fastcgi_fpm.conf"
-# }}}
 
 mimetype.assign = ( # {{{
 	".tar.bz2" => "application/x-gtar-compressed",
@@ -318,12 +323,6 @@ mimetype.assign = ( # {{{
 	".s1n" => "image/vnd.sealed.png",
 	".spn" => "image/vnd.sealed.png",
 	".spng" => "image/vnd.sealed.png",
-	".s1g" => "image/vnd.sealedmedia.softseal.gif",
-	".sgi" => "image/vnd.sealedmedia.softseal.gif",
-	".sgif" => "image/vnd.sealedmedia.softseal.gif",
-	".s1j" => "image/vnd.sealedmedia.softseal.jpg",
-	".sjp" => "image/vnd.sealedmedia.softseal.jpg",
-	".sjpg" => "image/vnd.sealedmedia.softseal.jpg",
 	".tap" => "image/vnd.tencent.tap",
 	".vtf" => "image/vnd.valve.source.texture",
 	".wbmp" => "image/vnd.wap.wbmp",
@@ -441,281 +440,190 @@ mimetype.assign = ( # {{{
 )
 # }}}
 
-# {{{ server settings
-server.username      = "lighttpd"
-server.groupname     = "lighttpd"
-
-server.document-root = var.basedir + "/htdocs"
-server.pid-file      = "/var/run/lighttpd.pid"
-
-server.errorlog      = var.logdir  + "/error.log"
-# log errors to syslog instead
-#   server.errorlog-use-syslog = "enable"
-#server.errorlog-use-syslog = "enable"
-# daemon by default
-#server.syslog-facility = "ftp"
-
-server.indexfiles    = ("index.php", "index.html",
-						"index.htm", "default.htm")
-
-# server.tag           = "lighttpd"
-
-server.follow-symlink = "enable"
-
-# event handler (defaults to "poll")
-# see performance.txt
-# 
-# for >= linux-2.4
-#   server.event-handler = "linux-rtsig"
-# for >= linux-2.6
-#   server.event-handler = "linux-sysepoll"
-server.event-handler = "linux-sysepoll"
-# for FreeBSD
-#   server.event-handler = "freebsd-kqueue"
-
-# chroot to directory (defaults to no chroot)
-# server.chroot      = "/"
-
-# bind to port (defaults to 80)
-# server.port          = 81
-
-# bind to name (defaults to all interfaces)
-# server.bind          = "grisu.home.kneschke.de"
-
-# error-handler for status 404
-# server.error-handler-404 = "/error-handler.html"
-# server.error-handler-404 = "/error-handler.php"
-
-# Format: <errorfile-prefix><status-code>.html
-# -> ..../status-404.html for 'File not found'
-# server.errorfile-prefix    = var.basedir + "/error/status-"
-
-# FAM support for caching stat() calls
-# requires that lighttpd be built with USE=fam
-#   server.stat-cache-engine = "fam"
-# }}}
-
-# {{{ mod_staticfile
-
 # which extensions should not be handled via static-file transfer
 # (extensions that are usually handled by mod_cgi, mod_fastcgi, etc).
-static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")
-# }}}
+static-file.exclude-extensions = (".cgi")
 
-# {{{ mod_accesslog
-accesslog.filename   = var.logdir + "/access.log"
+accesslog.filename = var.logdir + "/access.log"
 #accesslog.use-syslog = "enable"
-# }}}
-
-# {{{ mod_dirlisting
-# enable directory listings
-#   dir-listing.activate      = "enable"
-#
-# don't list hidden files/directories
-#   dir-listing.hide-dotfiles = "enable"
-#
-# use a different css for directory listings
-#   dir-listing.external-css  = "/path/to/dir-listing.css"
-#
-# list of regular expressions.  files that match any of the
-# specified regular expressions will be excluded from directory
-# listings.
-#   dir-listing.exclude = ("^\.", "~$")
-# }}}
-
-# {{{ mod_access
-# see access.txt
-
-url.access-deny = ("~", ".inc")
-# }}}
-
-# {{{ mod_userdir
-# see userdir.txt
-#
-# userdir.path = "public_html"
-# userdir.exclude-user = ("root")
-# }}}
-
-# {{{ mod_ssi
-# see ssi.txt
-#
-# ssi.extension = (".shtml")
-# }}}
-
-# {{{ mod_ssl
-# see ssl.txt
-#
-# ssl.engine    = "enable"
-# ssl.pemfile   = "server.pem"
-# }}}
-
-# {{{ mod_status
-# see status.txt
-#
-# status.status-url  = "/server-status"
-# status.config-url  = "/server-config"
-# }}}
+accesslog.format = "%t %V:%p <%s> %h I=%I O=%O T=%T : \"%r\""
 
-# {{{ mod_simple_vhost
-# see simple-vhost.txt
-#
-#  If you want name-based virtual hosting add the next three settings and load
-#  mod_simple_vhost
-#
-# document-root =
-#   virtual-server-root + virtual-server-default-host + virtual-server-docroot
-# or
-#   virtual-server-root + http-host + virtual-server-docroot
-#
-# simple-vhost.server-root   = "/home/weigon/wwwroot/servers/"
-# simple-vhost.default-host  = "grisu.home.kneschke.de"
-# simple-vhost.document-root = "/pages/"
-# }}}
+# CGI stderr etc.
+cgi.x-sendfile = "enable"
 
-# {{{ mod_compress
-# see compress.txt
-#
-# compress.cache-dir   = var.statedir + "/cache/compress"
-# compress.filetype    = ("text/plain", "text/html")
-# }}}
+deflate.cache-dir = var.statedir + "/deflate"
+deflate.mimetypes = ("text/", "application/x-tar")
+deflate.allowed-encodings = ("gzip", "zstd")
 
-# {{{ mod_proxy
-# see proxy.txt
-#
-# proxy.server               = ( ".php" =>
-#                               ( "localhost" =>
-#                                 (
-#                                   "host" => "192.168.0.101",
-#                                   "port" => 80
-#                                 )
-#                               )
-#                             )
-# }}}
-
-# {{{ mod_auth
-# see authentication.txt
-#
-# auth.backend               = "plain"
-# auth.backend.plain.userfile = "lighttpd.user"
-# auth.backend.plain.groupfile = "lighttpd.group"
-
-# auth.backend.ldap.hostname = "localhost"
-# auth.backend.ldap.base-dn  = "dc=my-domain,dc=com"
-# auth.backend.ldap.filter   = "(uid=$)"
-
-# auth.require               = ( "/server-status" =>
-#                               (
-#                                 "method"  => "digest",
-#                                 "realm"   => "download archiv",
-#                                 "require" => "user=jan"
-#                               ),
-#                               "/server-info" =>
-#                               (
-#                                 "method"  => "digest",
-#                                 "realm"   => "download archiv",
-#                                 "require" => "valid-user"
-#                               )
-#                             )
-# }}}
-
-# {{{ mod_rewrite
-# see rewrite.txt
-#
+url.access-deny = (".php", ".inc")
+# Do not give access to /server-status page do non-local addresses 
+#$HTTP["remoteip"] !~ "10\..*|192\.168\..*|127\..*" {
+#  url.access-deny = ("/server-status")
+#}
 # url.rewrite = (
-#	"^/$"		=>		"/server-status"
-# )
-# }}}
-
-# {{{ mod_redirect
-# see redirect.txt
-#
-# url.redirect = (
-#	"^/wishlist/(.+)"		=>		"http://www.123.org/$1"
+#  "^/$"    =>    "/server-status"
 # )
-# }}}
 
-# {{{ mod_evhost
-# define a pattern for the host url finding
-# %% => % sign
-# %0 => domain name + tld
-# %1 => tld
-# %2 => domain name without tld
-# %3 => subdomain 1 name
-# %4 => subdomain 2 name
+ssl.disable-client-renegotiation = "enable"
+#$SERVER["socket"] == ":443" {
+#   ssl.engine = "enable"
+#   ssl.pemfile = "/etc/letsencrypt/config/certs/HOST.DOM/key_and_cert.pem"
+#   ssl.ca-file = "/etc/letsencrypt/config/certs/HOST.DOM/fullchain.pem"
+#   ssl.dh-file = "/etc/letsencrypt/config/certs/HOST.DOM/dhparam2048.pem"
+#   ssl.use-sslv2 = "disable"
+#   # Need something for older OpenSSL (MacOS Lion, 2014!)
+#   ssl.use-sslv3 = "disable"
+#   ssl.cipher-list = "TLSv1.3:TLSv1.2:!aNULL:!eNULL:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-SHA:@STRENGTH"
+#   ssl.honor-cipher-order = "enable"
 #
-# evhost.path-pattern        = "/home/storage/dev/www/%3/htdocs/"
-# }}}
-
-# {{{ mod_expire
-# expire.url = (
-#	"/buggy/"		=>		"access 2 hours",
-#	"/asdhas/"		=>		"access plus 1 seconds 2 minutes"
-# )
-# }}}
-
-# {{{ mod_rrdtool
-# see rrdtool.txt
-#
-# rrdtool.binary  = "/usr/bin/rrdtool"
-# rrdtool.db-name = var.statedir + "/lighttpd.rrd"
-# }}}
-
-# {{{ mod_setenv
-# see setenv.txt
-#
-# setenv.add-request-header  = ( "TRAV_ENV" => "mysql://user@host/db" )
-# setenv.add-response-header = ( "X-Secret-Message" => "42" )
-# }}}
-
-# {{{ mod_trigger_b4_dl
-# see trigger_b4_dl.txt
-#
-# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
-# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
-# trigger-before-download.trigger-url = "^/trigger/"
-# trigger-before-download.download-url = "^/download/"
-# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
-# trigger-before-download.trigger-timeout = 10
-# }}}
-
-# {{{ mod_cml
-# see cml.txt
-#
-# don't forget to add index.cml to server.indexfiles
-# cml.extension               = ".cml"
-# cml.memcache-hosts          = ( "127.0.0.1:11211" )
-# }}} 
-
-# {{{ mod_webdav
-# see webdav.txt
-#
-# $HTTP["url"] =~ "^/dav($|/)" {
-#     webdav.activate = "enable"
-#     webdav.is-readonly = "enable"
-# }
-# }}}
-
-# {{{ extra rules
-#
-# set Content-Encoding and reset Content-Type for browsers that
-# support decompressing on-thy-fly (requires mod_setenv)
-# $HTTP["url"] =~ "\.gz$" {
-#     setenv.add-response-header = ("Content-Encoding" => "x-gzip")
-#     mimetype.assign = (".gz" => "text/plain")
-# }
-
-# $HTTP["url"] =~ "\.bz2$" {
-#     setenv.add-response-header = ("Content-Encoding" => "x-bzip2")
-#     mimetype.assign = (".bz2" => "text/plain")
-# }
-#
-# }}}
-
-# {{{ debug
-# debug.log-request-header   = "enable"
-# debug.log-response-header  = "enable"
-# debug.log-request-handling = "enable"
-# debug.log-file-not-found   = "enable"
-# }}}
-
-# vim: set ft=conf foldmethod=marker et :
+#   # ServerNameIndication during negotiation: enable like
+#   #$HTTP["HOST"] == "www.HOST.DOM" {
+#   #  ssl.pemfile =
+#   #}
+#}
+
+#$SERVER["socket"] == ":80" {
+#   # Get rid of a bug/problem: one can access bla.html/BLA
+#   $HTTP["url"] =~ ".+\.html\/.*" {
+#      url.redirect = ("^/?(.*)$" => "http://www.HOST.DOM/")
+#   }
+#   $HTTP["url"] =~ "^/\.well-known/acme-challenge" {
+#      url.access-deny = ("config")
+#      alias.url = ("/.well-known/acme-challenge" => "/etc/letsencrypt")
+#   }
+#}
+#$SERVER["socket"] == ":443" {
+#   # Get rid of a bug/problem: one can access bla.html/BLA
+#   $HTTP["url"] =~ ".+\.html\/.*" {
+#      url.redirect = ("^/?(.*)$" => "https://www.HOST.DOM/")
+#   }
+#}
+
+#$HTTP["host"] =~ "^download\.HOST\.DOM" {
+#   url.rewrite-once = (
+#      "^(/.well-known/.+)" => "$1",
+#      "^/?(style\.css|favicon\.ico)$" => "/$1",
+#      "^/?(.*)$" => "/downloads/$1"
+#   )
+#   $HTTP["url"] =~ "^/downloads(.*)?$" {
+#      alias.url = ("/downloads" => var.basedir + "/downloads")
+#      dir-listing.activate = "enable"
+#      dir-listing.external-css = "/style.css"
+#   }
+#}
+
+# Serve git.HOST.DOM/scm for git access /browse for gitweb browsing.
+# Note that all the gitweb static/ files must reside in htdocs with this config
+# and all git repositories must be in /var/git to which server needs access
+# /etc/gitweb-common.conf:
+  ##read_config_file("gitweb_config.perl");
+  #our $projectroot = $ENV{'GITWEB_PROJECTROOT'} || "/pub/git";
+  #our $project_maxdepth = 1;
+  #our $export_ok = 'git-daemon-export-ok';
+  #our $strict_export = 1;
+  #our @stylesheets = ("gitweb.css");
+  #our $logo = 'git-logo.png';
+  #our $favicon = 'git-favicon.png';
+  #our $javascript = 'gitweb.js';
+  ##our $home_link = '/code.html';
+  #our @extra_breadcrumbs = ( [ 'Hacking' => 'code.html' ] );
+  #our $projects_list_description_width = 66;
+  #our $prevent_xss = 1;
+  #our $maxload = 5;
+  #our $omit_owner = 1;
+  #our $default_text_plain_charset = "utf8";
+  #our @git_base_url_list = ( 'https://git.HOST.DOM/scm',
+  #        'http://git.HOST.DOM/scm' );
+  #$feature{avatar}{default} = [0];
+  #$feature{blame}{default} = [0];
+  #$feature{grep}{default} = [0];
+  #$feature{highlight}{default} = [0];
+  #$feature{pickaxe}{default} = [0];
+  #$feature{remote_heads}{default} = [0];
+  #$feature{show-sizes}{default} = [0];
+  #$feature{snapshot}{default} = ['none']; #['txz', 'tgz'];
+  ##$known_snapshot_formats{'tgz'}{'compressor'} = ['gzip','-6'];
+  ##$known_snapshot_formats{'txz'}{'compressor'} = ['xz']
+  #$feature{search}{default} = [1];
+  #$feature{timed}{default} = [1];
+  #$feature{extra-branch-refs}{default} = ['stable','release'];
+#$HTTP["host"] =~ "^git\.HOST\.DOM" {
+#   url.rewrite-once = ("^/?$" => "/browse")
+#   $HTTP["url"] =~ "^/browse(/.*)?$" {
+#      accesslog.format = "%V:%p <%s> %h I=%I O=%O T=%T GW"
+#      alias.url = ("/browse" => "/usr/share/gitweb/gitweb.cgi")
+#      cgi.assign = ("" => "")
+#      connection.kbytes-per-second = 32
+#      expire.url = ("" => "access plus 0 seconds")
+#      server.max-keep-alive-requests = 3
+#      setenv.add-environment = (
+#         "PERL5OPT" => "-C",
+#         "GITWEB_PROJECTROOT" => "/var/git"
+#      )
+#      # Funny people try to access /browse via git, redirect them
+#      url.redirect = (
+#         "^.*/([^/]+\.git/objects/.*)" => "https://git.HOST.DOM/scm/$1",
+#         "^.*/([^/]+\.git/info/refs\?service.*)" =>
+#               "https://git.HOST.DOM/scm/$1"
+#      )
+#   }
+#   $HTTP["url"] =~ "^/scm" {
+#      alias.url = ("/scm" => "/usr/libexec/git-core/git-http-backend")
+#      cgi.assign = ("" => "")
+#      server.max-keep-alive-requests = 1
+#      setenv.add-environment = (
+#         "GIT_PROJECT_ROOT" => "/var/git",
+#         "GIT_HTTP_EXPORT_ALL" => ""
+#      )
+#   }
+#}
+
+# Mailing-lists
+#$HTTP["host"] =~ "^lists\.HOST\.DOM" {
+#   url.rewrite-once = (
+#      "^(/.well-known/.+)" => "$1",
+#      "^/$" => "/mailman/listinfo.cgi"
+#      #"^/([^/.]+)$" => "/mailman/$1.cgi",
+#   )
+#   $HTTP["url"] =~ "^/mailman" {
+#      alias.url = ("/mailman/" => "/var/mailman/cgi-bin/")
+#      cgi.assign = (".sh" => "/bin/sh", "" => "")
+#      expire.url = ("" => "access plus 0 seconds")
+#      server.max-keep-alive-requests = 1
+#   }
+#   $HTTP["url"] =~ "^/pipermail" {
+#      alias.url = ("/pipermail/" => "/var/mailman/archives/public/")
+#      server.max-keep-alive-requests = 3
+#   }
+#   $HTTP["url"] =~ "^/icons" {
+#      alias.url = ("/icons/" => "/var/mailman/icons/")
+#      expire.url = ("" => "access plus 23 hours")
+#   }
+#}
+
+#$HTTP["host"] =~ "^(www\.)?HOST\.DOM" {
+#   url.rewrite-once = ("^/downloads/?(.*)?$" => "/downloads/$1")
+#   $HTTP["url"] =~ "^/downloads(.*)?$" {
+#      alias.url = ("/downloads" => var.basedir + "/downloads")
+#      dir-listing.activate = "enable"
+#      dir-listing.external-css = "/style.css"
+#   }
+#   $HTTP["url"] =~ "^/browse(/.*)?$" {
+#      url.redirect = ("^/?(.*)$" => "https://git.HOST.DOM/$1")
+#   }
+#   $HTTP["url"] =~ "^/ftp" {
+#      url.redirect = ("^/ftp(/.*)?$" => "https://ftp.HOST.DOM$1")
+#   }
+#   $HTTP["url"] =~ "^/lists" {
+#      url.redirect = ("^/lists(/.*)?$" => "https://lists.HOST.DOM$1")
+#   }
+#   $HTTP["url"] =~ "^/scm" {
+#      url.redirect = ("^/?(.*)$" => "https://git.HOST.DOM/$1")
+#   }
+#}
+
+$HTTP["url"] =~ "\.(css|gif|html|jpg|js|png)$" {
+   expire.url = ("" => "access plus 23 hours")
+}
+
+# s-it-mode
diff --git a/lighttpd/lighttpd.rc b/lighttpd/lighttpd.rc
index f6d1db915..e86d6cdc5 100755
--- a/lighttpd/lighttpd.rc
+++ b/lighttpd/lighttpd.rc
@@ -1,37 +1,36 @@
 #!/bin/sh
-#
-# /etc/rc.d/lighttpd: start/stop lighttpd daemon
-#
+#@ /etc/rc.d/lighttpd: start/stop lighttpd daemon
 
 SSD=/sbin/start-stop-daemon
 PROG=/usr/sbin/lighttpd
 PID=/var/run/lighttpd.pid
-OPTS="-f /etc/lighttpd/lighttpd.conf"
+OPTS='-f /etc/lighttpd.conf'
 
 case ${1} in
 start)
-        ${SSD} --start --pidfile ${PID} --exec ${PROG} -- ${OPTS}
-        ;;
+   ${SSD} --start --pidfile ${PID} --exec ${PROG} -- ${OPTS}
+   ;;
 stop)
-        ${SSD} --stop --remove-pidfile --retry 10 --pidfile ${PID}
-        ;;
+   ${SSD} --stop --remove-pidfile --retry 10 --pidfile ${PID}
+   ;;
 restart)
-        ${0} stop
-        ${0} start
-        ;;
+   ${0} stop
+   ${0} start
+   ;;
 status)
-        ${SSD} --status --pidfile ${PID}
-	e=${?}
-        case ${e} in
-        0) echo "${PROG} is running with pid $(cat ${PID})" ;;
-        1) echo "${PROG} is not running but the pid file ${PID} exists" ;;
-        3) echo "${PROG} is not running" ;;
-        4) echo "Unable to determine the program status" ;;
-        esac
-        ;;
+   ${SSD} --status --pidfile ${PID}
+   e=${?}
+   case ${e} in
+   0) echo "${PROG} is running with pid $(cat ${PID})";;
+   1) echo "${PROG} is not running but the pid file ${PID} exists";;
+   3) echo "${PROG} is not running";;
+   4) echo "Unable to determine the program status";;
+   esac
+   exit ${e}
+   ;;
 *)
-        echo "usage: ${0} [start|stop|restart|status]"
-        ;;
+   echo "usage: ${0} [start|stop|restart|status]"
+   ;;
 esac
 
-# End of file
+# s-sh-mode
diff --git a/lighttpd/post-install b/lighttpd/post-install
index 4c24fd915..2d62a2957 100644
--- a/lighttpd/post-install
+++ b/lighttpd/post-install
@@ -7,5 +7,4 @@ if [ -z "`getent passwd named`" ]; then
 	passwd -l lighttpd
 fi
 
-chown root:lighttpd /var/log/lighttpd
-chmod 0775 /var/log/lighttpd
+chown lighttpd:wheel /var/log/lighttpd /var/lib/lighttpd
diff --git a/lighttpd/userdir.conf b/lighttpd/userdir.conf
deleted file mode 100644
index 5d4bf6ee6..000000000
--- a/lighttpd/userdir.conf
+++ /dev/null
@@ -1,36 +0,0 @@
-#######################################################################
-##
-##  Userdir Module 
-## ----------------
-##
-## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModUserDir
-##
-server.modules += ( "mod_userdir" )
-
-##
-## usually it should be set to "public_html" to take ~/public_html/ as
-## the document root
-## Default: empty (document root is the home directory)
-##
-userdir.path = "public_html"
-
-##
-## If set, don't check /etc/passwd for homedir
-## Default: empty
-#userdir.basepath = server_root + "/users/"
-
-##
-## list of usernames which may not use this feature
-## Default: empty (all users may use it)
-##
-#userdir.exclude-user = ( "root", "postmaster" )
-
-##
-## if set, only users from this list may use the feature
-## Default: empty (all users may use it) 
-##
-#userdir.include-user = ("user1", "user2")
-
-##
-#######################################################################
-


More information about the crux-commits mailing list