diff options
| author | James Meyer <james.meyer@operamail.com> | 2013-02-19 21:10:18 (GMT) |
|---|---|---|
| committer | James Meyer <james.meyer@operamail.com> | 2013-02-19 21:10:18 (GMT) |
| commit | 2648e999d277eac5c3d331a3609bcc73fafbea71 (patch) | |
| tree | 40951fb8e7fdbe28a0baa324ae615055203f1e2e /abs/core/lighttpd | |
| parent | c759b5e0c4aa6fc37412b4dee2cf9ad993fd376d (diff) | |
| parent | 7e6f7ca174e1af67178dc5293a312a4a733eb095 (diff) | |
| download | linhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.zip linhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.tar.gz linhes_pkgbuild-2648e999d277eac5c3d331a3609bcc73fafbea71.tar.bz2 | |
Merge branch 'testing'
# By James Meyer (1091) and others
# Via James Meyer (5) and others
* testing: (1148 commits)
LinHES-config: during install don't kill off lirc. This keeps the remote active all the way to the finish
Change version numbers to 8.0 to match the release number. LinHES-conifg LinHES-system mythdb-initial runit-scripts supplemental-web
LinHES-conifig: mv_install.py for the last partition don't go all the way to the end. Gotta leave room for gpt tables.
xf86-video-ati: xorg ati driver.
LinHES-config: timezip.py add syncing up of parental lvl passwords and starting level with MBE.
LinHES-system: correct the logic for breaking out of the wmctrl loop. As written it would break out of the inner loop..but not the 60 iteration loop.
e16_theme_settings: remove slide-in prop for new windows. For whatever reason this was preventing mplayer from being positioned correctly for appletrailers.
LinHES-config, mythinstall: change case of hd_pvr and serial to all lower refs #902
zilog-firmware: firmware for TX support of the hdpvr and pvr-150 In general I can't recommend anybody using these transmitters but including the firmware just in case someone really wants to
linhes-udev-rules: added hdprv_lirc rule. All of these lirc rules are limited to exactly one device. If more then one device is present then only the last device in init will get the symlink
runit-scripts: fix logging for igdeamon, add support to remote init script so that the blaster is always the first device in the chain. added support specificly for hd_pvr
LinHES-system: add lh_system_restore and lh_system_backup. These scripts are called from the mythmenu. refs #900
iguanair: rebuild with python 2.7
LinHES-system: msg_daemon.py fix init and nasty bug related to timeout. In a nutshell timeout wouldn't work unless a msg without a timeout was called first.
linhes-udev-rules: add rules for mce,streamzap,serial lirc devices.
mythinstall: recompile for matching libs
mythtv: latest .25-fixes and change mythbackup/restore call lh_system_$op to replace mythbackup/mythrestore. mythbackup no longer works correctly with the new windowmanager
linhes-scripts: myth2mp3, myth2x264, myth2xvid: use mythutil to get cutlist
LinHES-config, supplimental-web: Fix proxy numbering for Ceton infiniTV
linhes-system: add additional stuff to the system backup and also introduced an exclude file. The exclude/include files are locate in /home/mythtv/backup_config/
...
Diffstat (limited to 'abs/core/lighttpd')
| -rw-r--r-- | abs/core/lighttpd/PKGBUILD | 14 | ||||
| -rw-r--r-- | abs/core/lighttpd/__changelog | 3 | ||||
| -rw-r--r-- | abs/core/lighttpd/auth-inc.conf | 27 | ||||
| -rw-r--r-- | abs/core/lighttpd/lighttpd.conf | 256 | ||||
| -rw-r--r-- | abs/core/lighttpd/lighttpd.logrotate.d | 1 | ||||
| -rw-r--r-- | abs/core/lighttpd/ssl-inc.conf | 4 |
6 files changed, 116 insertions, 189 deletions
diff --git a/abs/core/lighttpd/PKGBUILD b/abs/core/lighttpd/PKGBUILD index 99d9eac..a936235 100644 --- a/abs/core/lighttpd/PKGBUILD +++ b/abs/core/lighttpd/PKGBUILD @@ -3,7 +3,7 @@ pkgname=lighttpd pkgver=1.4.28 -pkgrel=4 +pkgrel=7 pkgdesc='A secure, fast, compliant and very flexible web-server' license=('custom') arch=('i686' 'x86_64') @@ -18,7 +18,7 @@ optdepends=('libxml2: mod_webdav' \ backup=(etc/lighttpd/lighttpd.conf etc/logrotate.d/lighttpd etc/lighttpd/auth-inc.conf etc/lighttpd/conf.include etc/lighttpd/html.include) options=('!libtool' 'emptydirs') source=("http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${pkgver}.tar.bz2" \ - 'lighttpd.rc.d' 'lighttpd.logrotate.d' 'lighttpd.conf' 'auth-inc.conf') + 'lighttpd.rc.d' 'lighttpd.logrotate.d' 'lighttpd.conf' 'auth-inc.conf' 'ssl-inc.conf') #install='lighttpd.install' build() { cd ${srcdir}/${pkgname}-${pkgver} @@ -55,6 +55,7 @@ package() { install -D -m644 ../lighttpd.conf ${pkgdir}/etc/lighttpd/lighttpd.conf install -D -m644 ../auth-inc.conf ${pkgdir}/etc/lighttpd/auth-inc.conf + install -D -m644 ../ssl-inc.conf ${pkgdir}/etc/lighttpd/ssl-inc.conf # set sane defaults sed -e 's|/srv/www/htdocs/|/srv/http/|' \ @@ -69,7 +70,7 @@ package() { -e 's|#ssi.extension = ( ".shtml" )|ssi.extension = ( ".shtml" )|' \ -i ${pkgdir}/etc/lighttpd/lighttpd.conf || return 1 - /bin/touch ${pkgdir}/etc/lighttpd/{conf,html}.include || return 1 + /usr/bin/touch ${pkgdir}/etc/lighttpd/{conf,html}.include || return 1 /bin/echo 'include "/etc/lighttpd/conf.include"' >> ${pkgdir}/etc/lighttpd/lighttpd.conf || return 1 /bin/echo 'include "/etc/lighttpd/html.include"' >> ${pkgdir}/etc/lighttpd/lighttpd.conf || return 1 @@ -77,6 +78,7 @@ package() { } md5sums=('586eb535d31ac299652495b058dd87c4' 'bd690eee0d9e51857448770a151023b0' - '857e174643fd7761a2f0d8431a679f6c' - '1a55e81d5501584fdf00b6fd0196f82f' - 'c6e361131000ceec085f40b310ef4a2c') + 'e17a29ebcdac82a853389c3df468c980' + '8c1b42c878461f1529433c35d691f519' + '62779511e3f1127c3cc9b94c49f99c29' + 'ef64c496602b182a551416a8ba6b3d43') diff --git a/abs/core/lighttpd/__changelog b/abs/core/lighttpd/__changelog index 375590d..3c412af 100644 --- a/abs/core/lighttpd/__changelog +++ b/abs/core/lighttpd/__changelog @@ -1,6 +1,9 @@ changed docroot to /data/srv/ modified auth to require valid user (include auth-inc.conf) +logrotate: +missingok + # by mihanson: upgraded to 1.4.26 to address http://linhes.org/flyspray/index.php?do=details&task_id=624 Added -e 's|"^/mythweb|"^/{1,2}mythweb|' \ to the sed command to work around lighttpd no longer honoring // in a url and/or to work around mythweb producing url's with a // for streaming and downloading. diff --git a/abs/core/lighttpd/auth-inc.conf b/abs/core/lighttpd/auth-inc.conf index 21c4c55..6fb1a9d 100644 --- a/abs/core/lighttpd/auth-inc.conf +++ b/abs/core/lighttpd/auth-inc.conf @@ -1,12 +1,15 @@ -auth.backend = "plain" -auth.backend.plain.userfile = "/etc/lighttpd/lighttpd.user" - - -auth.require = ( "/mythweb" => - ( - "method" => "basic", - "realm" => "MythWeb", - "require" => "valid-user" - ) - ) - +$SERVER["socket"] != ":1337" { + $HTTP["remoteip"] != "127.0.0.1" { + $HTTP["url"] !~ "^/failed_func.hosts"{ + auth.backend = "plain" + auth.backend.plain.userfile = "/etc/lighttpd/lighttpd.user" + auth.require = ( "" => + ( + "method" => "basic", + "realm" => "LinHES Central Server", + "require" => "valid-user" + ) + ) + } + } +} diff --git a/abs/core/lighttpd/lighttpd.conf b/abs/core/lighttpd/lighttpd.conf index 9851727..3fff75c 100644 --- a/abs/core/lighttpd/lighttpd.conf +++ b/abs/core/lighttpd/lighttpd.conf @@ -12,28 +12,28 @@ # - saves some time # - saves memory server.modules = ( - "mod_rewrite", + "mod_rewrite", # "mod_redirect", - "mod_alias", - "mod_access", + "mod_alias", + "mod_access", # "mod_cml", # "mod_trigger_b4_dl", - "mod_auth", - "mod_status", - "mod_setenv", - "mod_fastcgi", - "mod_proxy", + "mod_auth", + "mod_status", + "mod_setenv", + "mod_fastcgi", + "mod_proxy", # "mod_simple_vhost", # "mod_evhost", # "mod_userdir", - "mod_cgi", + "mod_cgi", # "mod_compress", # "mod_ssi", # "mod_usertrack", # "mod_expire", # "mod_secdownload", # "mod_rrdtool", - "mod_accesslog" ) + "mod_accesslog" ) ## a static document-root, for virtual-hosting take look at the ## server.virtual-* options @@ -58,62 +58,63 @@ index-file.names = ( "index.php", "index.html", # mimetype mapping mimetype.assign = ( - ".pdf" => "application/pdf", - ".sig" => "application/pgp-signature", - ".spl" => "application/futuresplash", - ".class" => "application/octet-stream", - ".ps" => "application/postscript", - ".torrent" => "application/x-bittorrent", - ".dvi" => "application/x-dvi", - ".gz" => "application/x-gzip", - ".pac" => "application/x-ns-proxy-autoconfig", - ".swf" => "application/x-shockwave-flash", - ".tar.gz" => "application/x-tgz", - ".tgz" => "application/x-tgz", - ".tar" => "application/x-tar", - ".zip" => "application/zip", - ".mp3" => "audio/mpeg", - ".m3u" => "audio/x-mpegurl", - ".wma" => "audio/x-ms-wma", - ".wax" => "audio/x-ms-wax", - ".ogg" => "application/ogg", - ".wav" => "audio/x-wav", - ".gif" => "image/gif", - ".jar" => "application/x-java-archive", - ".jpg" => "image/jpeg", - ".jpeg" => "image/jpeg", - ".png" => "image/png", - ".xbm" => "image/x-xbitmap", - ".xpm" => "image/x-xpixmap", - ".xwd" => "image/x-xwindowdump", - ".css" => "text/css", - ".html" => "text/html", - ".htm" => "text/html", - ".js" => "text/javascript", - ".asc" => "text/plain", - ".c" => "text/plain", - ".cpp" => "text/plain", - ".log" => "text/plain", - ".conf" => "text/plain", - ".text" => "text/plain", - ".txt" => "text/plain", - ".dtd" => "text/xml", - ".xml" => "text/xml", - ".mpeg" => "video/mpeg", - ".mpg" => "video/mpeg", - ".mp4" => "video/quicktime", - ".mov" => "video/quicktime", - ".qt" => "video/quicktime", - ".avi" => "video/x-msvideo", - ".asf" => "video/x-ms-asf", - ".asx" => "video/x-ms-asf", - ".wmv" => "video/x-ms-wmv", - ".bz2" => "application/x-bzip", - ".tbz" => "application/x-bzip-compressed-tar", - ".tar.bz2" => "application/x-bzip-compressed-tar", - # default mime type - "" => "application/octet-stream", - ) +".pdf" => "application/pdf", +".sig" => "application/pgp-signature", +".spl" => "application/futuresplash", +".class" => "application/octet-stream", +".ps" => "application/postscript", +".torrent" => "application/x-bittorrent", +".dvi" => "application/x-dvi", +".gz" => "application/x-gzip", +".pac" => "application/x-ns-proxy-autoconfig", +".swf" => "application/x-shockwave-flash", +".tar.gz" => "application/x-tgz", +".tgz" => "application/x-tgz", +".tar" => "application/x-tar", +".zip" => "application/zip", +".mp3" => "audio/mpeg", +".m3u" => "audio/x-mpegurl", +".wma" => "audio/x-ms-wma", +".wax" => "audio/x-ms-wax", +".ogg" => "application/ogg", +".wav" => "audio/x-wav", +".gif" => "image/gif", +".jar" => "application/x-java-archive", +".jpg" => "image/jpeg", +".jpeg" => "image/jpeg", +".png" => "image/png", +".xbm" => "image/x-xbitmap", +".xpm" => "image/x-xpixmap", +".xwd" => "image/x-xwindowdump", +".css" => "text/css", +".html" => "text/html", +".shtml" => "text/html", +".htm" => "text/html", +".js" => "text/javascript", +".asc" => "text/plain", +".c" => "text/plain", +".cpp" => "text/plain", +".log" => "text/plain", +".conf" => "text/plain", +".text" => "text/plain", +".txt" => "text/plain", +".dtd" => "text/xml", +".xml" => "text/xml", +".mpeg" => "video/mpeg", +".mpg" => "video/mpeg", +".mp4" => "video/quicktime", +".mov" => "video/quicktime", +".qt" => "video/quicktime", +".avi" => "video/x-msvideo", +".asf" => "video/x-ms-asf", +".asx" => "video/x-ms-asf", +".wmv" => "video/x-ms-wmv", +".bz2" => "application/x-bzip", +".tbz" => "application/x-bzip-compressed-tar", +".tar.bz2" => "application/x-bzip-compressed-tar", +# default mime type +"" => "application/octet-stream", +) # Use the "Content-Type" extended attribute to obtain mime type if possible #mimetype.use-xattr = "enable" @@ -132,8 +133,9 @@ mimetype.assign = ( url.access-deny = ( "~", ".inc" ) $HTTP["url"] =~ "\.pdf$" { - server.range-requests = "disable" + server.range-requests = "disable" } +ssi.extension = ( ".shtml" ) ## # which extensions should not be handle via static-file transfer @@ -151,7 +153,6 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) ## error-handler for status 404 server.error-handler-404 = "/404.html" -#server.error-handler-404 = "/error-handler.php" ## to help the rc.scripts server.pid-file = "/var/run/lighttpd/lighttpd.pid" @@ -218,7 +219,7 @@ server.groupname = "http" #### fastcgi module ## read fastcgi.txt for more info ## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini - fastcgi.server = ( +fastcgi.server = ( ".php" => (( "bin-path" => "/usr/bin/php-cgi", "socket" => "/var/run/lighttpd/mythtv-php-fcgi.socket", @@ -232,118 +233,31 @@ server.groupname = "http" )) ) - setenv.add-environment = ( - "db_server" => "localhost", - "db_name" => "mythconverg", - "db_login" => "mythtv", - "db_password" => "mythtv" -) + setenv.add-environment = ( + "db_server" => "localhost", + "db_name" => "mythconverg", + "db_login" => "mythtv", + "db_password" => "mythtv" +) #### CGI module -cgi.assign = ( ".pl" => "/usr/bin/perl", - ".cgi" => "/usr/bin/perl", - ".sh" => "/bin/bash", - ".py" => "/usr/bin/python") - - url.rewrite-once = ( - "^/mythweb/(css|data|images|js|themes|skins|[a-z_]+\.(php|pl)).*" => "$0", - "^/mythweb/(pl(/.*)?)$" => "/mythweb/mythweb.pl/$1", - "^/mythweb/(.+)$" => "/mythweb/mythweb.php/$1", - "^/mythweb/(.*)$" => "/mythweb/mythweb.php" - ) - - - -#### SSL engine -#ssl.engine = "enable" -#ssl.pemfile = "/etc/ssl/private/lighttpd.pem" - -#### status module -#status.status-url = "/server-status" -#status.config-url = "/server-config" - -#### auth module -## read authentication.txt for more info -#auth.backend = "plain" -#auth.backend.plain.userfile = "lighttpd.user" -#auth.backend.plain.groupfile = "lighttpd.group" - -#auth.backend.ldap.hostname = "localhost" -#auth.backend.ldap.base-dn = "dc=my-domain,dc=com" -#auth.backend.ldap.filter = "(uid=$)" - -#auth.require = ( "/mythweb => -# ( -# "method" => "plain", -# "realm" => "download archiv", -# "require" => "valid-user" -# ) -# "/server-config" => -# ( -# "method" => "digest", -# "realm" => "download archiv", -# "require" => "valid-user" -# ) -# ) +cgi.assign = ( ".pl" => "/usr/bin/perl", + ".cgi" => "/usr/bin/perl", + ".sh" => "/bin/bash", + ".py" => "/usr/bin/python2") +alias.url = ( "/unicorn" => "/data/srv/httpd/supercorn" ) +alias.url += ( "/cgi-bin" => "/data/srv/httpd/cgi-bin/") +$HTTP["url"] =~ "^/cgi-bin" { + cgi.assign = ( "" => "" ) + } #### url handling modules (rewrite, redirect, access) #url.rewrite = ( "^/$" => "/server-status" ) #url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" ) -#### both rewrite/redirect support back reference to regex conditional using %n -#$HTTP["host"] =~ "^www\.(.*)" { -# url.redirect = ( "^/(.*)" => "http://%1/$1" ) -#} - -# -# define a pattern for the host url finding -# %% => % sign -# %0 => domain name + tld -# %1 => tld -# %2 => domain name without tld -# %3 => subdomain 1 name -# %4 => subdomain 2 name -# -#evhost.path-pattern = "/srv/http/vhosts/%3/htdocs/" - -#### expire module -#expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes") - -#### ssi -#ssi.extension = ( ".shtml" ) - -#### rrdtool -#rrdtool.binary = "/usr/bin/rrdtool" -#rrdtool.db-name = "/var/lib/lighttpd/lighttpd.rrd" #### setenv #setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" ) #setenv.add-response-header = ( "X-Secret-Message" => "42" ) -## for mod_trigger_b4_dl -# trigger-before-download.gdbm-filename = "/var/lib/lighttpd/trigger.db" -# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) -# trigger-before-download.trigger-url = "^/trigger/" -# trigger-before-download.download-url = "^/download/" -# trigger-before-download.deny-url = "http://127.0.0.1/index.html" -# trigger-before-download.trigger-timeout = 10 - -## for mod_cml -## don't forget to add index.cml to server.indexfiles -# cml.extension = ".cml" -# cml.memcache-hosts = ( "127.0.0.1:11211" ) - -#### variable usage: -## variable name without "." is auto prefixed by "var." and becomes "var.bar" -#bar = 1 -#var.mystring = "foo" - -## integer add -#bar += 1 -## string concat, with integer cast as string, result: "www.foo1.com" -#server.name = "www." + mystring + var.bar + ".com" -## array merge -#index-file.names = (foo + ".php") + index-file.names -#index-file.names += (foo + ".php") - #### include #include "/etc/lighttpd/auth-inc.conf" ## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf" diff --git a/abs/core/lighttpd/lighttpd.logrotate.d b/abs/core/lighttpd/lighttpd.logrotate.d index 15cacc9..71c5191 100644 --- a/abs/core/lighttpd/lighttpd.logrotate.d +++ b/abs/core/lighttpd/lighttpd.logrotate.d @@ -1,4 +1,5 @@ /var/log/lighttpd/*log { + missingok postrotate /bin/kill -HUP `cat /var/run/lighttpd/lighttpd.pid 2>/dev/null` 2> /dev/null || true endscript diff --git a/abs/core/lighttpd/ssl-inc.conf b/abs/core/lighttpd/ssl-inc.conf new file mode 100644 index 0000000..d545336 --- /dev/null +++ b/abs/core/lighttpd/ssl-inc.conf @@ -0,0 +1,4 @@ +$SERVER["socket"] == ":443" { + ssl.engine = "enable" + ssl.pemfile = "/etc/lighttpd/linhes.pem" + } |