Production Web server: Lighttpd
lighttpd is a simple, standards-compliant, secure, and flexible web server.
Lighttpd Installation
Production environment only will handle need packages.. so no doc or manages allowed:
apk add lighttpd gamin mkdir -p /var/www/localhost/htdocs sed -i -r 's#\#.*server.port.*=.*#server.port = 80#g' /etc/lighttpd/lighttpd.conf sed -i -r 's#.*server.stat-cache-engine.*=.*# server.stat-cache-engine = "fam"#g' /etc/lighttpd/lighttpd.conf sed -i -r 's#\#.*server.event-handler = "linux-sysepoll".*#server.event-handler = "linux-sysepoll"#g' /etc/lighttpd/lighttpd.conf rc-update add lighttpd default rc-service lighttpd restart
Lighttpd Configuration
Due to the minimalism of alpine linux, unfortunately the lighttpd packaging is the worst ever seen, its configuration file makes it impossible to configure with only single line commands so the commands for quick configuration with cares of overriting are very delicated.
Status special page
- Taking care of the status web server:* those special pages are just minimal info of the running web server, are need to view from outside in a case of emergency, do not take the wrong approach of hide behind a filtered ip or filtered network, you must have access in all time in all the web to see problems. The creation of the directory in the htdocs main root web files are just to remember you so then can avoid hiring a staff that becomes indispensable, thus allowing to save costs in knowledge theft by technical staff.
- Enable the mod_status at the config files
- change path in the config file
- restart the service
mkdir -p /var/www/localhost/htdocs/stats sed -i -r 's#\#.*mod_status.*,.*# "mod_status",#g' /etc/lighttpd/lighttpd.conf sed -i -r 's#.*status.status-url.*=.*#status.status-url = "/stats/server-status"#g' /etc/lighttpd/lighttpd.conf sed -i -r 's#.*status.config-url.*=.*#status.config-url = "/stats/server-config"#g' /etc/lighttpd/lighttpd.conf rc-service lighttpd restart
CGI bin directory support
By default packages assing a directory under localhost main domain, other linux uses a global cgi directory and aliasing.. the most profesional way, but think about it, this per domain configuration allows isolation:
- enable the mod_alias at the config file, due need of a specific path for cgi files into security
- create the directory due packager dont make any reference to that neither in the lighttpd-doc
- enable the config cgi file
mkdir -p /var/www/localhost/cgi-bin sed -i -r 's#\#.*mod_alias.*,.*# "mod_alias",#g' /etc/lighttpd/lighttpd.conf sed -i -r 's#.*include "mod_cgi.conf".*# include "mod_cgi.conf"#g' /etc/lighttpd/lighttpd.conf rc-service lighttpd restart
After that, all the files under the /var/www/localhost/cgi-bin
directory will be showed as http://localhost/cgi-bin/ path
Plus this config file enables that all .cgi files are perl procesed.. that's wrong, but at the moment that are very specific, each development must document how to deploy property and only enables cgi in specific way.