X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=etc%2Flighttpd%2Flighttpd.conf;h=4da053e111b8e03dd287baf5175501fe375ba6c4;hb=1bb86de52bd77e037e082d6c633fc659d43b473d;hp=c6d07b336c5716b2c6c6d81e19159ca5bb35e0b9;hpb=0f32993712d2ef203b84958062ea04802069ba39;p=matthijs%2Fservers%2Fdrsnuggles.git diff --git a/etc/lighttpd/lighttpd.conf b/etc/lighttpd/lighttpd.conf index c6d07b3..4da053e 100644 --- a/etc/lighttpd/lighttpd.conf +++ b/etc/lighttpd/lighttpd.conf @@ -11,6 +11,7 @@ var.fcgi-dir = var.root-dir + "/var/fcgi" ## modules to load server.modules = ( + "mod_auth", "mod_access", "mod_alias", "mod_accesslog", @@ -19,7 +20,7 @@ server.modules = ( "mod_evhost", "mod_cgi", "mod_fastcgi", - "mod_auth", + "mod_setenv", ) # Set a default catch-all document root, which should never be used. @@ -65,7 +66,21 @@ server.dir-listing = "disable" server.username = "www-data" server.groupname = "www-data" -alias.url = ("/mysql" => "/usr/share/phpmyadmin") +# Make mysqll frontend available in all domains +alias.url += ("/mysql" => "/usr/share/phpmyadmin") + +$SERVER["socket"] == ":443" { + ssl.engine = "enable" + # The CA certificates (in particular, this contains the intermediate + # certificate used by startcom). It seems that even without this + # option, it already works, probably because openssl ships some + # certificates. But, let's put it here to be safe anyway. + ssl.ca-file = "/etc/lighttpd/ssl/ca/startssl-all-ca.pem" + # Use the mail.stdin.nl certificate as the default certificate (for + # non-SNI browsers and domains without their own certificate), since + # it is currently the only one we have anyway. + ssl.pemfile = "/etc/lighttpd/ssl/mail.stdin.nl.pem" +} #### external configuration files ## mimetype mapping @@ -73,3 +88,7 @@ include_shell var.conf-dir + "/scripts/create-mime.assign.pl" ## load vhosts include_shell var.conf-dir + "/scripts/include-vhosts.pl" + +# Include autogenerated logging configuration to have a separate access log +# file for every subdomain. +include var.conf-dir + "/logging.conf"