univnautes-old/virtualenv/etc/lighttpd-pffedportal.conf

## FreeBSD!
server.event-handler	= "freebsd-kqueue"
server.network-backend	= "writev"

server.pid-file		= "/var/run/lighty-CaptivePortal-SSL.pid"
## where to send error-messages to
server.errorlog-use-syslog = "enable"

## modules to load
server.modules		= (
				"mod_access", 
				"mod_accesslog", 
				"mod_fastcgi",
				"mod_rewrite",
				"mod_proxy",
				"mod_evasive",
			)

# optimizations from http://redmine.lighttpd.net/projects/1/wiki/Docs_Performance
#
# keep alive
server.max-keep-alive-requests = 5
server.max-keep-alive-idle = 2
server.max-read-idle = 10
server.max-write-idle = 120
# max connections (global)
server.max-fds = 8192
# max connection by IP
evasive.max-conns-per-ip = 30
evasive.silent = "enable"
# limit request size (security)
server.max-request-size = 512

##
## config
##

# /static and /map files
server.document-root = "/usr/local/univnautes/www/"

## virtual directory listings
server.dir-listing = "disable"

# from the pfSense (ipfw redirect)
server.port = 8000
$SERVER["socket"] == ":8000" {
	ssl.engine = "disable"
	# send the request to pffedportal base.views.redirect()
        # (note : we can't directly redirect because lighttpd sends
        # 301 = permanent redirection)
	url.rewrite-once = ( 
		"^(.*)$" => "/pffedportal.fcgi/redirect"
	)
	# FIXME : how to activate FCGI only for this URL ?
	fastcgi.server = (
		"/pffedportal.fcgi" => ((
				"socket" => "/tmp/pffedportal.sock",
				"check-local" => "disable",
		))
	)
}

$SERVER["socket"] == ":443" {
	ssl.engine  = "enable"
	ssl.pemfile = "/var/etc/cert-portal.pem"
	ssl.ca-file = "/var/etc/ca-portal.pem"

	url.rewrite-if-not-file = (
                "^/map/(.*)$" => "/proxymap/$1",
	)
	url.rewrite-once = (
		"^/*$" => "/pffedportal.fcgi/",
		"^/(login|logout|sso|authsaml2|mail|admin|licences|conditions)(.*)$" => "/pffedportal.fcgi/$1$2",
	)
	fastcgi.server = (
		"/pffedportal.fcgi" => ((
					"socket" => "/tmp/pffedportal.sock",
					"check-local" => "disable",
		))
	)
        # proxy to maps
        proxy.server = (
                "/proxymap/" => ((
					"host" => "94.23.231.86",
                ))
        )

	# for /static files
	mimetype.use-xattr = "disable"
	mimetype.assign = (
		".pdf"          =>      "application/pdf",
		".sig"          =>      "application/pgp-signature",
		".spl"          =>      "application/futuresplash",
		".class"        =>      "application/octet-stream",
		".ps"           =>      "application/postscript",
		".torrent"      =>      "application/x-bittorrent",
		".dvi"          =>      "application/x-dvi",
		".gz"           =>      "application/x-gzip",
		".pac"          =>      "application/x-ns-proxy-autoconfig",
		".swf"          =>      "application/x-shockwave-flash",
		".tar.gz"       =>      "application/x-tgz",
		".tgz"          =>      "application/x-tgz",
		".tar"          =>      "application/x-tar",
		".zip"          =>      "application/zip",
		".mp3"          =>      "audio/mpeg",
		".m3u"          =>      "audio/x-mpegurl",
		".wma"          =>      "audio/x-ms-wma",
		".wax"          =>      "audio/x-ms-wax",
		".ogg"          =>      "application/ogg",
		".wav"          =>      "audio/x-wav",
		".gif"          =>      "image/gif",
		".jpg"          =>      "image/jpeg",
		".jpeg"         =>      "image/jpeg",
		".png"          =>      "image/png",
		".xbm"          =>      "image/x-xbitmap",
		".xpm"          =>      "image/x-xpixmap",
		".xwd"          =>      "image/x-xwindowdump",
		".css"          =>      "text/css",
		".html"         =>      "text/html",
		".htm"          =>      "text/html",
		".js"           =>      "text/javascript",
		".asc"          =>      "text/plain",
		".c"            =>      "text/plain",
		".cpp"          =>      "text/plain",
		".log"          =>      "text/plain",
		".conf"         =>      "text/plain",
		".text"         =>      "text/plain",
		".txt"          =>      "text/plain",
		".spec"         =>      "text/plain",
		".dtd"          =>      "text/xml",
		".xml"          =>      "text/xml",
		".mpeg"         =>      "video/mpeg",
		".mpg"          =>      "video/mpeg",
		".mov"          =>      "video/quicktime",
		".qt"           =>      "video/quicktime",
		".avi"          =>      "video/x-msvideo",
		".asf"          =>      "video/x-ms-asf",
		".asx"          =>      "video/x-ms-asf",
		".wmv"          =>      "video/x-ms-wmv",
		".bz2"          =>      "application/x-bzip",
		".tbz"          =>      "application/x-bzip-compressed-tar",
		".tar.bz2"      =>      "application/x-bzip-compressed-tar",
		".odt"          =>      "application/vnd.oasis.opendocument.text",
		".ods"          =>      "application/vnd.oasis.opendocument.spreadsheet",
		".odp"          =>      "application/vnd.oasis.opendocument.presentation",
		".odg"          =>      "application/vnd.oasis.opendocument.graphics",
		".odc"          =>      "application/vnd.oasis.opendocument.chart",
		".odf"          =>      "application/vnd.oasis.opendocument.formula",
		".odi"          =>      "application/vnd.oasis.opendocument.image",
		".odm"          =>      "application/vnd.oasis.opendocument.text-master",
		".ott"          =>      "application/vnd.oasis.opendocument.text-template",
		".ots"          =>      "application/vnd.oasis.opendocument.spreadsheet-template",
		".otp"          =>      "application/vnd.oasis.opendocument.presentation-template",
		".otg"          =>      "application/vnd.oasis.opendocument.graphics-template",
		".otc"          =>      "application/vnd.oasis.opendocument.chart-template",
		".otf"          =>      "application/vnd.oasis.opendocument.formula-template",
		".oti"          =>      "application/vnd.oasis.opendocument.image-template",
		".oth"          =>      "application/vnd.oasis.opendocument.text-web",
		# make the default mime type application/octet-stream
		""              =>      "application/octet-stream",
	)
}