Browse Source

[doc] improve sample configs

master
Glenn Strauss 1 month ago
parent
commit
be82f3d2e1
  1. 89
      doc/config/lighttpd.conf

89
doc/config/lighttpd.conf

@ -11,7 +11,7 @@
## Some Variable definition which will make chrooting easier.
##
## if you add a variable here. Add the corresponding variable in the
## chroot example aswell.
## chroot example as well.
##
var.log_root = "/var/log/lighttpd"
var.server_root = "/srv/www"
@ -172,18 +172,18 @@ include conf_dir + "/conf.d/debug.conf"
## --------------------
##
## corresponding documentation:
## https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_Performance
## https://wiki.lighttpd.net/Docs_Performance
##
## set the event-handler (read the performance section in the manual)
##
## The recommended server.event-handler is chosen for each OS, if available.
## The recommended server.event-handler is chosen by default for each OS.
##
## epoll (recommended on Linux)
## kqueue (recommended on *BSD and MacOS X)
## solaris-devpoll (recommended on Solaris)
## solaris-eventports (recommended on Solaris)
## poll (recommended if none of above are available)
## select (not recommended)
## libev (not recommended)
## select (*not* recommended)
## libev (*not* recommended)
##
#server.event-handler = "linux-sysepoll"
@ -192,10 +192,7 @@ include conf_dir + "/conf.d/debug.conf"
## and write(). Every modern OS provides its own syscall to help network
## servers transfer files as fast as possible
##
## sendfile - is recommended for small files.
## writev - is recommended for sending many large files
##
server.network-backend = "sendfile"
#server.network-backend = "sendfile"
##
## As lighttpd is a single-threaded server, its main resource limit is
@ -209,9 +206,9 @@ server.network-backend = "sendfile"
## server.username/server.groupname.
##
## By default lighttpd would not change the operation system default.
## But setting it to 2048 is a better default for busy servers.
## But setting it to 16384 is a better default for busy servers.
##
server.max-fds = 2048
server.max-fds = 16384
##
## listen-backlog is the size of the listen() backlog queue requested when
@ -248,17 +245,17 @@ server.max-fds = 2048
## lighttpd can utilize FAM/Gamin to cache stat call.
##
## possible values are:
## disable, simple or fam.
## disable, simple, inotify, kqueue, or fam.
##
server.stat-cache-engine = "simple"
#server.stat-cache-engine = "simple"
##
## Fine tuning for the request handling
##
## max-connections == max-fds/2 (maybe /3)
## means the other file handles are used for fastcgi/files
## max-connections == max-fds/3)
## (other file handles are used for fastcgi/files)
##
server.max-connections = 1024
#server.max-connections = 1024
##
## How many seconds to keep a keep-alive connection open,
@ -418,60 +415,38 @@ include conf_dir + "/conf.d/dirlisting.conf"
##
#######################################################################
#######################################################################
##
## SSL Support
## -------------
##
## https://wiki.lighttpd.net/Docs_SSL
#
## To enable SSL for the whole server you have to provide a valid
## certificate and have to enable the SSL engine.::
##
## server.modules += ( "mod_openssl" )
## ssl.engine = "enable"
## ssl.pemfile = "/path/to/server.pem"
##
## $SERVER["socket"] == "10.0.0.1:443" {
## ssl.engine = "enable"
## ssl.pemfile = "/etc/ssl/private/www.example.com.pem"
## ssl.privkey = "/path/to/privkey.pem"
## ssl.pemfile = "/path/to/fullchain.pem"
## # ssl.pemfile should contain the sorted certificate chain, including
## # intermediate certificates, as provided by the certificate issuer.
## # If both privkey and cert are in same file, specify only ssl.pemfile.
##
## # Check your cipher list with: openssl ciphers -v '...'
## # (use single quotes as your shell won't like ! in double quotes)
## #ssl.cipher-list = "HIGH" # default
## # Check your cipher list with: openssl ciphers -v '...'
## # (use single quotes with: openssl ciphers -v '...'
## # as your shell won't like ! in double quotes)
## #ssl.cipher-list = "HIGH" # default
##
## # (recommended to accept only TLSv1.2 and TLSv1.3)
## #ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.2")
## # (recommended to accept only TLSv1.2 and TLSv1.3)
## #ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1.2") # default
##
## server.name = "www.example.com"
##
## server.document-root = "/srv/www/vhosts/example.com/www/"
## $SERVER["socket"] == "*:443" {
## ssl.engine = "enable"
## }
## $SERVER["socket"] == "[::]:443" {
## ssl.engine = "enable"
## }
##
## If you have a .crt and a .key file, specify both ssl.pemfile and ssl.privkey,
## or cat them together into a single PEM file:
## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \
## > /etc/ssl/private/lighttpd.pem
##
#ssl.pemfile = "/etc/ssl/private/lighttpd.pem"
#
# or
#
#ssl.privkey = "/etc/ssl/private/privkey.pem"
#ssl.pemfile = "/etc/ssl/private/cert.pem"
##
## optionally pass the CA certificate here.
##
##
#ssl.ca-file = ""
##
## and the CRL revocation list here.
##
##
#ssl.ca-crl-file = ""
##
#######################################################################

Loading…
Cancel
Save