Lighttpd (简体中文)
Lighttpd是 一个安全,快速,标准,且非常灵活的网页服务器,并对高性能环境做了最佳化。相较于其他网页服务器它占用的存储器很少,注重CPU负载量。它的进阶功能集 (FastCGI的,CGI的,权威性,输出压缩,网址重写等等)让Lighttpd成为每个试图拜托负载瓶颈的服务器的完美网页服务器软件。
Contents
安装
Lighttpd可以从[extra]仓库获得:
# pacman -S lighttpd
设置
基本设置
lighttpd配置文件: /etc/lighttpd/lighttpd.conf。它预设会产生一个可用的测试页面。
想要检查 lighttpd.conf 中的bug,可以使用以下命令 - 快速查找错误配置:
$ lighttpd -t -f /etc/lighttpd/lighttpd.conf
预设配置文件会把这里 /srv/http/ 指定为提供服务的文件目录。
测试安装结果:
# chmod 755 /srv/http/index.html # echo 'TestMe!' >> /srv/http/index.html
启动服务:
# systemctl start lighttpd
然后就可以使用浏览器打开网址 localhost ,你应该能见到测试页面。
开机自动启动:
# systemctl enable lighttpd
示例配置文件在 /usr/share/doc/lighttpd/。
FastCGI
Install fcgi
# pacman -S fcgi
Now you have lighttpd with fcgi support. If it was that what you wanted you are all set. People that want Ruby on Rails and/or PHP should continue. Template:Box Note
The following needs adding to the config file, /etc/lighttpd/conf.d/fastcgi.conf
server.modules += ( "mod_fastcgi" ) #server.indexfiles += ( "dispatch.fcgi" ) #this is deprecated index-file.names += ( "dispatch.fcgi" ) #dispatch.fcgi if rails specified
server.error-handler-404 = "/dispatch.fcgi" #too
fastcgi.server = (
".fcgi" => (
"localhost" => (
"socket" => "/run/lighttpd/rails-fastcgi.sock",
"bin-path" => "/path/to/rails/application/public/dispatch.fcgi"
)
)
)
Then in /etc/lighttpd/lighttpd.conf:
include "conf.d/fastcgi.conf"
For PHP or Ruby on Rails see the next sections.
PHP
Install php and required modules (see also PHP and LAMP):
# pacman -S php php-cgi
Check that php-cgi is working php-cgi --version
PHP 5.3.1 with Suhosin-Patch (cgi-fcgi) (built: Nov 23 2009 21:12:29) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2009 Zend Technologies
If you get a similar output then php is installed correctly.
cgi.fix_pathinfo=1 open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/another/path:/second/path
And that the files are world readable,
# chmod -R 755
In /etc/lighttpd/conf.d/fastcgi.conf add:
server.modules += ( "mod_fastcgi" ) #server.indexfiles += ( "index.php" ) #this is deprecated index-file.names += ( "index.php" )
fastcgi.server = (
".php" => (
"localhost" => (
"bin-path" => "/usr/bin/php-cgi",
"socket" => "/run/lighttpd/php-fastcgi.sock",
"max-procs" => 4, # default value
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "1", # default value
),
"broken-scriptfilename" => "enable"
))
)
Then in /etc/lighttpd/lighttpd.conf:
include "conf.d/fastcgi.conf"
Using php-fpm
There is no adaptive spawning anymore in recent lighttpd releases. For dynamic management of PHP processes, you can use php-fpm.
# pacman -S php-fpm # rc.d start php-fpm
In /etc/lighttpd/conf.d/fastcgi.conf add:
server.modules += ( "mod_fastcgi" )
index-file.names += ( "index.php" )
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/run/php-fpm/php-fpm.sock",
"broken-scriptfilename" => "enable"
))
)
eAccelerator
Install eacceleratorAUR from the AUR.
Add own config file for eaccelerator:
/etc/php/conf.d/eaccelerator-own.ini
zlib.output_compression = On cgi.fix_pathinfo=1 eaccelerator.cache_dir="/home/phpuser/eaccelerator/cache"
Try a php page
Create the following php page, name it index.php, and place a copy in both /srv/http/ and /srv/http-ssl/html/
<?php phpinfo(); ?>
Try navigating with a web browser to both the http and https address of your server. You should see the phpinfo page.
Check eaccelerator caching:
# ls -l /home/phpuser/eaccelerator/cache
If the above command outputs the following:
-rw------- 1 phpuser phpuser 456 2005-05-05 14:53 eaccelerator-277.58081 -rw------- 1 phpuser phpuser 452 2005-05-05 14:53 eaccelerator-277.88081
Then eaccelerator is happily caching your php scripts to help speed things up.
Ruby on Rails
Install and configure FastCGI. (See #FastCGI above.)
Install ruby from [extra] and ruby-fcgiAUR from AUR.
Follow instructions on RubyOnRails.
Python FastCGI
Install flup
# pacman -S python2-flup
Configure:
fastcgi.server = (
".py" =>
(
"python-fcgi" =>
(
"socket" => "/run/lighttpd/fastcgi.python.socket",
"bin-path" => "test.py",
"check-local" => "disable",
"max-procs" => 1,
)
)
)
SSL
Generate an SSL Cert, e.g. like that:
# mkdir /etc/lighttpd/certs # openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/lighttpd/certs/www.example.com.pem -out /etc/lighttpd/certs/www.example.com.pem # chmod 600 /etc/lighttpd/certs/www.example.com.pem
Edit /etc/lighttpd/lighttpd.conf.
To make lighttpd SSL-only (you probably need to set the server port to 443 as well)
ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/certs/www.example.com.pem"
To enable SSL in addition to normal HTTP
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/certs/www.example.com.pem"
}
If you want to serve different sites, you can change the document root inside the socket conditional:
$SERVER["socket"] == ":443" {
server.document-root = "/srv/ssl" # use your ssl directory here
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/certs/www.example.com.pem" # use the path where you created your pem file
}
or as alternative you can use the scheme conditional to distinguish between secure and normal requests.
$HTTP["scheme"] == "https" {
server.document-root = "/srv/ssl" # use your ssl directory here
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/certs/www.example.com.pem" # use the path where you created your pem file
}
Note that you cannot use the scheme conditional around ssl.engine above, since lighttpd needs to know on what port to enable SSL.
Server Name Indication
To use SNI with lighttpd, simply put additional ssl.pemfile configuration directives inside host conditionals. It seems a default ssl.pemfile is still required, though.
$HTTP["host"] == "www.example.org" {
ssl.pemfile = "/etc/lighttpd/certs/www.example.org.pem"
}
$HTTP["host"] == "mail.example.org" {
ssl.pemfile = "/etc/lighttpd/certs/mail.example.org.pem"
}
Redirect HTTP requests to HTTPS
You should add "mod_redirect" in server.modules array in /etc/lighttpd/lighttpd.conf:
server.modules = (
...
"mod_redirect",
...
)
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "example.org" {
url.redirect = ( "^/(.*)" => "https://example.org/$1" )
server.name = "example.org"
}
}
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/server.pem"
server.document-root = "..."
}
To redirect all hosts to their secure equivalents use the following in place of the socket 80 configuration above:
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ "(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
}
To redirect all hosts for part of the site (e.g. secure or phpmyadmin):
$SERVER["socket"] == ":80" {
$HTTP["url"] =~ "^/secure" {
url.redirect = ( "^/(.*)" => "https://example.com/$1" )
}
}
疑难解答
关于Lighttpd下载.php文件的情况
若Lighttpd仅仅是下载.php文件而不是去“初始化”它们,那么你可能没把下面的一些设置写入你的配置文件里/etc/lighttpd/lighttpd.conf。
server.modules = (
"mod_fastcgi",
)
fastcgi.server = ( ".php" => ((
"bin-path" => "/usr/bin/php-cgi", #depends where your php-cgi has been installed. Default here.
"socket" => "/tmp/php.socket",
"max-procs" => 2,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "16",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable"
)))
CCS样式列表无法正确显示
Lighttpd的默认设置是没有包括CSS的媒体类型的,所以标准的浏览器把text/CSS误以为text/html而混淆彼此,最终什么都没有正确的显示出来。要解决这个问题需要在CSS中增加一条说明。
mimetype.assign = ( ".html" => "text/html", ".txt" => "text/plain", ".jpg" => "image/jpeg", ".png" => "image/png", ".css" => "text/css" )
换行不是必须的,仅仅为了可读性。