[pkg-lighttpd] Bug#355868: lighttpd: Provide start script and
configuration for SSL
Marcello Nuccio
marcello.nuccio at gmail.com
Wed Mar 8 12:31:29 UTC 2006
Package: lighttpd
Version: 1.4.8-2
Severity: wishlist
To use HTTP and HTTPS on the same server, you need 2 instances o
lighttpd. It would be nice to have start script and cofiguration in the
default debian package. I use the following:
(note /usr/sbin/lighttpd-ssl is a link to /usr/sbin/lighttpd)
------ /etc/init.d/lighttpd-ssl ------
#!/bin/sh
### BEGIN INIT INFO
# Provides: lighttpd-ssl
# Required-Start: networking
# Required-Stop: networking
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start the lighttpd web server with SSL support.
### END INIT INFO
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/lighttpd-ssl
NAME=lighttpd-ssl
DESC="web server"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
DAEMON_OPTS="-f /etc/lighttpd/lighttpd-ssl.conf"
test -x $DAEMON || exit 0
set -e
.. /lib/lsb/init-functions
case "$1" in
start)
log_daemon_msg "Starting $DESC" $NAME
if ! start-stop-daemon --start --quiet \
--pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS ; then
log_end_msg 1
exit 1
else
log_end_msg 0
fi
;;
stop)
log_daemon_msg "Stopping $DESC" $NAME
if start-stop-daemon --quiet --stop --pidfile $PIDFILE --exec $DAEMON; then
rm -f $PIDFILE
log_end_msg 0
else
log_end_msg 1
exit 1
fi
;;
reload)
log_daemon_msg "Reloading $NAME configuration files" $NAME
start-stop-daemon --stop --signal 2 --quiet --pidfile $PIDFILE --exec $DAEMON
sleep 5
$0 start
log_end_msg 0
;;
restart|force-reload)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
exit 1
;;
esac
exit 0
---------------------------------------
--- /etc/lighttpd/lighttpd-ssl.conf ---
# lighttpd configuration file
#
# use a it as base for lighttpd 1.0.0 and above
#
# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $
############ Options you really have to take care of ####################
## modules to load
# at least mod_access and mod_accesslog should be loaded
# all other module should only be loaded if really neccesary
# - saves some time
# - saves memory
server.modules = (
"mod_rewrite",
# "mod_redirect",
"mod_access",
# "mod_auth",
# "mod_status",
"mod_fastcgi",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_cgi",
# "mod_compress",
# "mod_ssi",
# "mod_usertrack",
# "mod_rrdtool",
"mod_accesslog",
)
## a static document-root, for virtual-hosting take look at the
## server.virtual-* options
#server.document-root = "/var/www/"
## where to send error-messages to
#server.errorlog = "/var/log/lighttpd/error-ssl.log"
# files to check for if .../ is requested
server.indexfiles = ( "index.php", "index.html",
"index.htm", "default.htm" )
# mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
# Use the "Content-Type" extended attribute to obtain mime type if possible
# mimetype.use-xattr = "enable"
#### accesslog module
#accesslog.filename = "/var/log/lighttpd/access-ssl.log"
## deny access the file-extensions
#
# ~ is for backupfiles from vi, emacs, joe, ...
# .inc is often used for code includes which should in general not be part
# of the document-root
url.access-deny = ( "~", ".inc" )
######### Options that are good to be but not neccesary to be changed #######
## bind to port (default: 80)
#server.port = 81
## bind to localhost (default: all interfaces)
#server.bind = "localhost"
## error-handler for status 404
#server.error-handler-404 = "/error-handler.html"
#server.error-handler-404 = "/error-handler.php"
## to help the rc.scripts
server.pid-file = "/var/run/lighttpd-ssl.pid"
###### virtual hosts
##
## If you want name-based virtual hosting add the next three settings and load
## mod_simple_vhost
##
## document-root =
## virtual-server-root + virtual-server-default-host + virtual-server-docroot or
## virtual-server-root + http-host + virtual-server-docroot
##
#simple-vhost.server-root = "/home/weigon/wwwroot/servers/"
#simple-vhost.default-host = "grisu.home.kneschke.de"
#simple-vhost.document-root = "/pages/"
##
## Format: <errorfile-prefix><status>.html
## -> ..../status-404.html for 'File not found'
#server.errorfile-prefix = "/var/www/"
## virtual directory listings
#server.dir-listing = "enable"
## send unhandled HTTP-header headers to error-log
#debug.dump-unknown-headers = "enable"
### only root can use these options
#
# chroot() to directory (default: no chroot() )
#server.chroot = "/"
## change uid to <uid> (default: don't care)
server.username = "www-data"
## change uid to <uid> (default: don't care)
server.groupname = "www-data"
#### compress module
#compress.cache-dir = "/var/tmp/lighttpd/cache/compress/"
#compress.filetype = ("text/plain", "text/html")
#### fastcgi module
## read fastcgi.txt for more info
#fastcgi.server = ( ".php" =>
# ( "localhost" =>
# (
# "bin-path" => "/usr/bin/php4-cgi"
# )
# )
# )
#### CGI module
#cgi.assign = ( ".pl" => "/usr/bin/perl",
# ".cgi" => "",
# ".php" => "/usr/bin/php4-cgi",
# )
#### SSL engine
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/server.pem"
#### status module
# status.status-url = "/server-status"
# status.config-url = "/server-config"
#### auth module
## read authentification.txt for more info
# auth.backend = "plain"
# auth.backend.plain.userfile = "lighttpd.user"
# auth.backend.plain.groupfile = "lighttpd.group"
# auth.backend.ldap.hostname = "localhost"
# auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
# auth.backend.ldap.filter = "(uid=$)"
# auth.require = ( "/server-status" =>
# (
# "method" => "digest",
# "realm" => "download archiv",
# "require" => "group=www|user=jan|host=192.168.2.10"
# ),
# "/server-info" =>
# (
# "method" => "digest",
# "realm" => "download archiv",
# "require" => "group=www|user=jan|host=192.168.2.10"
# )
# )
#### url handling modules (rewrite, redirect, access)
# url.rewrite = ( "^/$" => "/server-status" )
# url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" )
#
# define a pattern for the host url finding
# %% => % sign
# %0 => domain name + tld
# %1 => tld
# %2 => domain name without tld
# %3 => subdomain 1 name
# %4 => subdomain 2 name
#
# evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/"
#### expire module
# expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes")
#### ssi
# ssi.extension = ( ".shtml" )
#### rrdtool
# rrdtool.binary = "/usr/bin/rrdtool"
# rrdtool.db-name = "/var/www/lighttpd.rrd"
---------------------------------------
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing'), (498, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15.5
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages lighttpd depends on:
ii libbz2-1.0 1.0.3-2 high-quality block-sorting file co
ii libc6 2.3.5-13 GNU C Library: Shared libraries an
ii libldap2 2.1.30-12 OpenLDAP libraries
ii libpcre3 6.4-1.1 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8a-7 SSL shared libraries
ii lsb-base 3.0-15 Linux Standard Base 3.0 init scrip
ii mime-support 3.35-1 MIME files 'mime.types' & 'mailcap
ii zlib1g 1:1.2.3-9 compression library - runtime
Versions of packages lighttpd recommends:
pn php4-cgi <none> (no description available)
pn php5-cgi <none> (no description available)
-- no debconf information
More information about the pkg-lighttpd-maintainers
mailing list