[matthijs/servers/drsnuggles.git] / etc / lighttpd / lighttpd.conf

# Debian lighttpd configuration file
#

# Chroot into our root-dir
#server.chroot            = "/data/www"

#var.root-dir             = ""
var.root-dir             = "/data/www"
var.conf-dir             = "/etc/lighttpd"
var.fcgi-dir             = var.root-dir + "/var/fcgi"

## modules to load
server.modules              = (
            "mod_auth",
            "mod_access",
            "mod_alias",
            "mod_accesslog",
            "mod_rewrite",
            "mod_redirect",
            "mod_evhost",
            "mod_cgi",
            "mod_fastcgi",
            "mod_setenv",
)

# Set a default catch-all document root, which should never be used.
server.document-root       = var.root-dir + "/default/htdocs"

## where to upload files to, purged daily.
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )

## where to send error-messages to
server.errorlog            = var.root-dir + "/default/logs/error.log"

## files to check for if .../ is requested
index-file.names           = ( "index.php", "index.html" )

#### accesslog module
accesslog.filename         = var.root-dir + "/default/logs/access.log"

## deny access the file-extensions
#
# ~    is for backupfiles from vi, emacs, joe, ...
# .inc is often used for code includes which should in general not be part
#      of the document-root
url.access-deny            = ( "~", ".inc" )

##
# which extensions should not be handle via static-file transfer
#
# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

## Use ipv6 only if available.
server.use-ipv6 = "disable"

## to help the rc.scripts
server.pid-file            = "/var/run/lighttpd.pid"

## virtual directory listings
dir-listing.encoding        = "utf-8"
# Disable dir-listing by default
server.dir-listing          = "disable"

# Don't run as root
server.username            = "www-data"
server.groupname           = "www-data"

# Make mysqll frontend available in all domains
alias.url                  += ("/mysql" => "/usr/share/phpmyadmin")


# Make stats frontend available in all domains. We do a trick with
# redirecting to awstats.pl and aliasing that, since modalias strips the
# trailing / from urls before matching (so we can't alias /stats/
# without also redirecting /statsfoo). We don't want to put this in
# a conditional either, since that will be mutually exclusive with any
# alias.urls in conditionals for specific vhosts.
url.redirect += ("^/stats$" => "/stats/awstats.pl")
url.redirect += ("^/stats/$" => "/stats/awstats.pl")
cgi.assign += ( "/usr/lib/cgi-bin/awstats.pl" => "" )
alias.url += ( "/stats/icon" => "/usr/share/awstats/icon" )
alias.url += ( "/stats/awstats.pl" => "/usr/lib/cgi-bin/awstats.pl" )

$SERVER["socket"] == ":443" {
        ssl.engine = "enable" 
        # The CA certificates (in particular, this contains the intermediate
        # certificate used by startcom). It seems that even without this
        # option, it already works, probably because openssl ships some
        # certificates. But, let's put it here to be safe anyway.
        ssl.ca-file = "/etc/lighttpd/ssl/ca/startssl-all-ca.pem"
        # Use the mail.stdin.nl certificate as the default certificate (for
        # non-SNI browsers and domains without their own certificate), since
        # it is currently the only one we have anyway.
        ssl.pemfile = "/etc/lighttpd/ssl/mail.stdin.nl.pem"
}

#### external configuration files
## mimetype mapping
include_shell var.conf-dir + "/scripts/create-mime.assign.pl"

## load vhosts
include_shell var.conf-dir + "/scripts/include-vhosts.pl"

# Include autogenerated logging configuration to have a separate access log
# file for every subdomain.
include var.conf-dir + "/logging.conf"