Lighttpd

This page is a translated version of the page Lighttpd and the translation is 44% complete.

Other languages:

English
русский
中文（中国大陆）‎
日本語

Resources

Home

Wikipedia

lighttpd is a fast and lightweight web server.

安装

USE 标记

USE flags for www-servers/lighttpd Lightweight high-performance web server

`brotli`	Enable output compression via app-arch/brotli (recommended)
`dbi`	Enable dev-db/libdbi (database-independent abstraction layer) support
`gnutls`	Build module for TLS via net-libs/gnutls
`kerberos`	Add kerberos support
`ldap`	Add LDAP support (Lightweight Directory Access Protocol)
`lua`	Enable Lua scripting support
`maxminddb`	Add support for geolocation using dev-libs/libmaxminddb
`mbedtls`	Build module for TLS via net-libs/mbedtls
`mmap`	Use mmap when sendfile is not available
`mysql`	Add mySQL Database support
`nettle`	Use dev-libs/nettle as crypto backend
`nss`	Build module for TLS via Mozilla's Network Security Services
`pcre`	Add support for Perl Compatible Regular Expressions
`php`	Include support for the PHP language
`postgres`	Add support for the postgresql database
`rrdtool`	Enable rrdtool support via mod_rrdtool
`sasl`	Add support for the Simple Authentication and Security Layer
`selinux`	!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
`sqlite`	Add support for sqlite - embedded sql database
`ssl`	Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
`test`	Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
`unwind`	Add support for call stack unwinding and function name resolution
`verify-sig`	Verify upstream signatures on distfiles
`webdav`	Enable webdav properties
`xattr`	Add support for extended attributes (filesystem-stored metadata)
`zlib`	Enable output compression via gzip or deflate algorithms from sys-libs/zlib
`zstd`	Enable output compression via Zstandard (app-arch/zstd) algorithm

Data provided by the Gentoo Package Database · Last update: 2024-04-29 13:38 More information about USE flags

Emerge

安装 www-servers/lighttpd：

root #emerge --ask www-servers/lighttpd

配置

The lighttpd configuration is handled by /etc/lighttpd/lighttpd.conf. The first example shows a single-site access, with SSL and no dynamic capabilities (such as PHP).

文件 /etc/lighttpd/lighttpd.confExample 1

$SERVER["socket"] == "192.0.2.10:443" {
  server.name = "www.genfic.com"
  server.document-root = "/var/www/www.genfic.com/"
  server.errorlog = "/var/log/lighttpd/http_error.log"
  accesslog.filename = "/var/log/lighttpd/http_access.log"
  ## SSL Configuration
  ssl.engine = "enable"
  ssl.pemfile = "/etc/ssl/lighttpd-ssl.pem"
  ssl.ca-file = "/etc/ssl/certs/ca-certificate.crt"
  # SSL options
  ssl.use-sslv2 = "disable"
  ssl.cipher-list = "TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH"
}

To enable additional functionalities configure needed modules in /etc/lighttpd/lighttpd.conf. For instance, to enable PHP using the FastCGI processor:

文件 /etc/lighttpd/lighttpd.confExample 2 - Enabling PHP support

...
include "mod_fastcgi.conf"
...

IP access lists

This third example shows how to allow access to a particular site /server-status only to certain IP addresses. To allow using service status on the 198.51.100.1 and 127.0.0.1 addresses, set the following lines in the lighttpd.conf file:

文件 /etc/lighttpd/lighttpd.confExample 3 - Enabling and configuring an IP access lists for /server-status page

# enable access module
server.modules = {
  ...
  "mod_access",
}
...
# enable server-status page globally
status.status-url  = "/server-status"

...
# restrict access to server-status to listed IP hosts
$HTTP["remoteip"] !~ "198.51.100.1|127.0.0.1" {
      url.access-deny = ( "/server-status" )
}

Start up

In order for the lighttpd service to start automatically it must be properly added to the init handler program. Gentoo has two main init handler programs: OpenRC and systemd.

OpenRC

With OpenRC use the rc-update command:

root #rc-update add lighttpd default

systemd

With systemd use the systemctl command:

root #systemctl enable lighttpd.service

故障排除

Verifying /etc/lighttpd/lighttpd.conf configuration file with lighttpd-angel, it will return the exit code 0, if everything is configured properly:

root #lighttpd-angel -t -f /etc/lighttpd/lighttpd.conf

Syntax OK
lighttpd-angel.c.140: child (pid=32491) exited normally with exitcode: 0

If the configuration file has errors, it will print it to stdout, like in the example below:

root #lighttpd-angel -t -f /etc/lighttpd/lighttpd.conf

2012-09-02 12:52:08: (plugin.c.131) Cannot load plugin mod_fastcgi more than once, please fix your config
2012-09-02 12:52:08: (network.c.379) can't bind to port: 192.168.0.1 80 Address already in use 
lighttpd-angel.c.140: child (pid=32139) exited normally with exitcode: 255

另请参阅

Apache — 一个高效的可扩展的web 服务器。它是当前因特网上使用最为普遍的 web 服务器之一。
Nginx — 一个稳定、轻量、高性能的 web 服务器以及反向代理服务器。

External resources

https://redmine.lighttpd.net/projects/lighttpd/wiki - The Lighttpd wiki.