164 lines
5.8 KiB
Plaintext
164 lines
5.8 KiB
Plaintext
## FreeBSD!
|
|
server.event-handler = "freebsd-kqueue"
|
|
server.network-backend = "writev"
|
|
|
|
server.pid-file = "/var/run/lighty-CaptivePortal-SSL.pid"
|
|
## where to send error-messages to
|
|
server.errorlog-use-syslog = "enable"
|
|
|
|
## modules to load
|
|
server.modules = (
|
|
"mod_access",
|
|
"mod_accesslog",
|
|
"mod_fastcgi",
|
|
"mod_rewrite",
|
|
"mod_proxy",
|
|
"mod_evasive",
|
|
)
|
|
|
|
# optimizations from http://redmine.lighttpd.net/projects/1/wiki/Docs_Performance
|
|
#
|
|
# keep alive
|
|
server.max-keep-alive-requests = 5
|
|
server.max-keep-alive-idle = 2
|
|
server.max-read-idle = 10
|
|
server.max-write-idle = 120
|
|
# max connections (global)
|
|
server.max-fds = 8192
|
|
# max connection by IP
|
|
evasive.max-conns-per-ip = 30
|
|
evasive.silent = "enable"
|
|
# limit request size (security)
|
|
server.max-request-size = 512
|
|
|
|
##
|
|
## config
|
|
##
|
|
|
|
# /static and /map files
|
|
server.document-root = "/usr/local/univnautes/www/"
|
|
|
|
## virtual directory listings
|
|
server.dir-listing = "disable"
|
|
|
|
# from the pfSense (ipfw redirect)
|
|
server.port = 8000
|
|
$SERVER["socket"] == ":8000" {
|
|
ssl.engine = "disable"
|
|
# send the request to pffedportal base.views.redirect()
|
|
# (note : we can't directly redirect because lighttpd sends
|
|
# 301 = permanent redirection)
|
|
url.rewrite-once = (
|
|
"^(.*)$" => "/pffedportal.fcgi/redirect"
|
|
)
|
|
# FIXME : how to activate FCGI only for this URL ?
|
|
fastcgi.server = (
|
|
"/pffedportal.fcgi" => ((
|
|
"socket" => "/tmp/pffedportal.sock",
|
|
"check-local" => "disable",
|
|
))
|
|
)
|
|
}
|
|
|
|
$SERVER["socket"] == ":443" {
|
|
ssl.engine = "enable"
|
|
ssl.pemfile = "/var/etc/cert-portal.pem"
|
|
ssl.ca-file = "/var/etc/ca-portal.pem"
|
|
|
|
url.rewrite-if-not-file = (
|
|
"^/map/(.*)$" => "/proxymap/$1",
|
|
)
|
|
url.rewrite-once = (
|
|
"^/*$" => "/pffedportal.fcgi/",
|
|
"^/(login|logout|sso|authsaml2|mail|admin|licences|conditions)(.*)$" => "/pffedportal.fcgi/$1$2",
|
|
)
|
|
fastcgi.server = (
|
|
"/pffedportal.fcgi" => ((
|
|
"socket" => "/tmp/pffedportal.sock",
|
|
"check-local" => "disable",
|
|
))
|
|
)
|
|
# proxy to maps
|
|
proxy.server = (
|
|
"/proxymap/" => ((
|
|
"host" => "94.23.231.86",
|
|
))
|
|
)
|
|
|
|
# for /static files
|
|
mimetype.use-xattr = "disable"
|
|
mimetype.assign = (
|
|
".pdf" => "application/pdf",
|
|
".sig" => "application/pgp-signature",
|
|
".spl" => "application/futuresplash",
|
|
".class" => "application/octet-stream",
|
|
".ps" => "application/postscript",
|
|
".torrent" => "application/x-bittorrent",
|
|
".dvi" => "application/x-dvi",
|
|
".gz" => "application/x-gzip",
|
|
".pac" => "application/x-ns-proxy-autoconfig",
|
|
".swf" => "application/x-shockwave-flash",
|
|
".tar.gz" => "application/x-tgz",
|
|
".tgz" => "application/x-tgz",
|
|
".tar" => "application/x-tar",
|
|
".zip" => "application/zip",
|
|
".mp3" => "audio/mpeg",
|
|
".m3u" => "audio/x-mpegurl",
|
|
".wma" => "audio/x-ms-wma",
|
|
".wax" => "audio/x-ms-wax",
|
|
".ogg" => "application/ogg",
|
|
".wav" => "audio/x-wav",
|
|
".gif" => "image/gif",
|
|
".jpg" => "image/jpeg",
|
|
".jpeg" => "image/jpeg",
|
|
".png" => "image/png",
|
|
".xbm" => "image/x-xbitmap",
|
|
".xpm" => "image/x-xpixmap",
|
|
".xwd" => "image/x-xwindowdump",
|
|
".css" => "text/css",
|
|
".html" => "text/html",
|
|
".htm" => "text/html",
|
|
".js" => "text/javascript",
|
|
".asc" => "text/plain",
|
|
".c" => "text/plain",
|
|
".cpp" => "text/plain",
|
|
".log" => "text/plain",
|
|
".conf" => "text/plain",
|
|
".text" => "text/plain",
|
|
".txt" => "text/plain",
|
|
".spec" => "text/plain",
|
|
".dtd" => "text/xml",
|
|
".xml" => "text/xml",
|
|
".mpeg" => "video/mpeg",
|
|
".mpg" => "video/mpeg",
|
|
".mov" => "video/quicktime",
|
|
".qt" => "video/quicktime",
|
|
".avi" => "video/x-msvideo",
|
|
".asf" => "video/x-ms-asf",
|
|
".asx" => "video/x-ms-asf",
|
|
".wmv" => "video/x-ms-wmv",
|
|
".bz2" => "application/x-bzip",
|
|
".tbz" => "application/x-bzip-compressed-tar",
|
|
".tar.bz2" => "application/x-bzip-compressed-tar",
|
|
".odt" => "application/vnd.oasis.opendocument.text",
|
|
".ods" => "application/vnd.oasis.opendocument.spreadsheet",
|
|
".odp" => "application/vnd.oasis.opendocument.presentation",
|
|
".odg" => "application/vnd.oasis.opendocument.graphics",
|
|
".odc" => "application/vnd.oasis.opendocument.chart",
|
|
".odf" => "application/vnd.oasis.opendocument.formula",
|
|
".odi" => "application/vnd.oasis.opendocument.image",
|
|
".odm" => "application/vnd.oasis.opendocument.text-master",
|
|
".ott" => "application/vnd.oasis.opendocument.text-template",
|
|
".ots" => "application/vnd.oasis.opendocument.spreadsheet-template",
|
|
".otp" => "application/vnd.oasis.opendocument.presentation-template",
|
|
".otg" => "application/vnd.oasis.opendocument.graphics-template",
|
|
".otc" => "application/vnd.oasis.opendocument.chart-template",
|
|
".otf" => "application/vnd.oasis.opendocument.formula-template",
|
|
".oti" => "application/vnd.oasis.opendocument.image-template",
|
|
".oth" => "application/vnd.oasis.opendocument.text-web",
|
|
# make the default mime type application/octet-stream
|
|
"" => "application/octet-stream",
|
|
)
|
|
}
|
|
|