friendica_2021-01/mods/sample-Lighttpd.config

142 lines
4.8 KiB
Plaintext

Below is a sample config for Lighttpd that
seems to work well on Debian Squeeze, with "lighttpd/1.4.28 (ssl)"
The idea is: if someone enters the bare URL for my site, 'example.com',
they get redirected to https://example.com/index.html, which is simply a
page with two links on it: https://wordpress.example.com and
https://friendica.example.com.
If someone enters https://example.com, they get redirected to
https://wordpress.example.com/main/, which is the 'main' blog in a Word
Press 'network install' of the 'subdirectory' variety.
I thought it might be nice to offer people who join my Friendica
instance their own blogs, if they like.
One can obtain free, signed, single subdomain SSL certificates from
StartCom CA, which upon checking I noticed was already installed in both
Firefox and Google Chromium. Info at http://cert.startcom.org/ . So I
got one for each site, and have Lighty use the appropriate cert based on
the requested URL.
Enjoy!
On Debian Jessie with lighttpd 1.4.35-4 there was a problem encountered
between curl (which is used by Friendica in the background) and lighttp.
This problem caused requests being served with an error code of 417 in
the logs and no delivery of postings from the contacts.
One can solve the issue by adding
server.reject-expect-100-with-417 = "disable"
to the lighttpd configuratiion file (e.g. in the beginning with the
other 'server.xxx' settings.
---------------( config starts )-----------------
debug.log-request-handling = "disable"
debug.log-condition-handling = "disable"
server.modules = (
"mod_access",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_fastcgi",
"mod_rewrite"
)
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
# enable SSL
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
ssl.ca-file = "/etc/lighttpd/ssl/ca.pem"
# fix for problem between curl and lighttpd
server.reject-expect-100-with-417 = "disable"
# Send everybody to landing page:
$SERVER["socket"] == ":80" {
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
# This next redirect doesn't appear to ever execute in Firefox
# (sometimes, anyway -- caching issue?), but it does seem to
# reliably in Google's Chromium browser. If I change it here
# and restart Lighty, Firefox still goes to the URL in the
# last 'else' below. Or something.
Sometimes.
server.document-root = "/var/www"
url.redirect = (".*" => "https://example.com")
}
}
}
else $SERVER["socket"] == ":443" {
$HTTP["scheme"] == "https" {
$HTTP["host"] == "wordpress.example.com" {
server.document-root = "/var/www/wordpress"
ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
# include "wpmu-rewrites.conf"
url.rewrite-if-not-file = (
"^/(.*/)?files/$" => "/index.php",
"^/(.*/)?files/(.*)" => "/wp-includes/ms-files.php?file=$2",
"^(/wp-admin/.*)" => "$1",
"^/([_0-9a-zA-Z-]+/)?(wp-.*)" => "/$2",
"^/([_0-9a-zA-Z-]+/)?(.*\.php)" => "/$2",
"^/(.*)/?$" => "/index.php/$1"
)
}
else $HTTP["host"] == "friendica.example.com" {
server.document-root = "/var/www/friendica"
ssl.pemfile = "/etc/lighttpd/ssl/friendica.pem"
# Got the following 'Drupal Clean URL'after Mike suggested trying
# something along those lines, from http://drupal.org/node/1414950
url.rewrite-if-not-file = (
"^\/([^\?]*)\?(.*)$" => "/index.php?pagename=$1&$2",
"^\/(.*)$" => "/index.php?pagename=$1"
)
$HOST["url"] =~ "^/bin/" {
url.access.deny ( "" )
}
}
else $HTTP["host"] !~ "(friendica.example.com|wordpress.example.com)" {
server.document-root = "/var/www/wordpress"
ssl.pemfile = "/etc/lighttpd/ssl/wordpress.pem"
url.redirect = (".*" => "https://wordpress.example.com/main/")
}
}
}
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm",
"index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
include_shell "/usr/share/lighttpd/use-ipv6.pl"
dir-listing.encoding = "utf-8"
server.dir-listing = "disable"
#compress.cache-dir = "/var/cache/lighttpd/compress/"
#compress.filetype = ( "application/x-javascript", "text/css", "text/html", "text/p\lain" )
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
---------------( config ends )-----------------