X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=etc%2Flighttpd%2Flighttpd.conf;h=5f20c6970a2f1c2fe78946a69b1864386ddec614;hb=a7cb0f2ff41c84defa02182cb73eff7a74e3d817;hp=f5fcf4cbbe17b1fe41f527c5e7c792c8e23750b5;hpb=19435fd9fe3f1cad25dd64b9c58b69c83490397a;p=matthijs%2Fservers%2Fdrsnuggles.git

diff --git a/etc/lighttpd/lighttpd.conf b/etc/lighttpd/lighttpd.conf
index f5fcf4c..5f20c69 100644
--- a/etc/lighttpd/lighttpd.conf
+++ b/etc/lighttpd/lighttpd.conf
@@ -11,6 +11,7 @@ var.fcgi-dir             = var.root-dir + "/var/fcgi"
 
 ## modules to load
 server.modules              = (
+            "mod_auth",
             "mod_access",
             "mod_alias",
             "mod_accesslog",
@@ -19,7 +20,7 @@ server.modules              = (
             "mod_evhost",
             "mod_cgi",
             "mod_fastcgi",
-            "mod_auth",
+            "mod_setenv",
 )
 
 # Set a default catch-all document root, which should never be used.
@@ -68,9 +69,39 @@ server.groupname           = "www-data"
 # Make mysqll frontend available in all domains
 alias.url                  += ("/mysql" => "/usr/share/phpmyadmin")
 
+
+# Make stats frontend available in all domains. We do a trick with
+# redirecting to awstats.pl and aliasing that, since modalias strips the
+# trailing / from urls before matching (so we can't alias /stats/
+# without also redirecting /statsfoo). We don't want to put this in
+# a conditional either, since that will be mutually exclusive with any
+# alias.urls in conditionals for specific vhosts.
+url.redirect += ("^/stats$" => "/stats/awstats.pl")
+url.redirect += ("^/stats/$" => "/stats/awstats.pl")
+cgi.assign += ( "/usr/lib/cgi-bin/awstats.pl" => "" )
+alias.url += ( "/stats/icon" => "/usr/share/awstats/icon" )
+alias.url += ( "/stats/awstats.pl" => "/usr/lib/cgi-bin/awstats.pl" )
+
+$SERVER["socket"] == ":443" {
+	ssl.engine = "enable" 
+	# The CA certificates (in particular, this contains the intermediate
+	# certificate used by startcom). It seems that even without this
+	# option, it already works, probably because openssl ships some
+	# certificates. But, let's put it here to be safe anyway.
+	ssl.ca-file = "/etc/lighttpd/ssl/ca/startssl-all-ca.pem"
+	# Use the mail.stdin.nl certificate as the default certificate (for
+	# non-SNI browsers and domains without their own certificate), since
+	# it is currently the only one we have anyway.
+	ssl.pemfile = "/etc/lighttpd/ssl/mail.stdin.nl.pem"
+}
+
 #### external configuration files
 ## mimetype mapping
 include_shell var.conf-dir + "/scripts/create-mime.assign.pl"
 
 ## load vhosts
 include_shell var.conf-dir + "/scripts/include-vhosts.pl"
+
+# Include autogenerated logging configuration to have a separate access log
+# file for every subdomain.
+include var.conf-dir + "/logging.conf"