diff options
| author | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-01-30 11:23:40 +0000 |
|---|---|---|
| committer | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-02-12 17:50:28 +0000 |
| commit | 246e2405b8d76c46b8a49de6fd1311c936e6b852 (patch) | |
| tree | 09fc7966dc915170356763b52bb537109c58cf0d | |
| parent | a9a7ea2a7ecba39ff663ce79d377e4d5abdb1687 (diff) | |
| download | trove-setup-246e2405b8d76c46b8a49de6fd1311c936e6b852.tar.gz | |
Reconfigure lighttpd
We now run two separate httpds,
one for morph-cache-server and one for git-httpd.
We do this because we want to run morph-cache-server
as the cache user and git-httpd as the git user
| -rw-r--r-- | etc/lighttpd/git-auth.conf | 10 | ||||
| -rw-r--r-- | etc/lighttpd/git-httpd.conf | 67 | ||||
| -rw-r--r-- | etc/lighttpd/morph-cache-httpd.conf (renamed from etc/lighttpd.conf) | 15 |
3 files changed, 81 insertions, 11 deletions
diff --git a/etc/lighttpd/git-auth.conf b/etc/lighttpd/git-auth.conf new file mode 100644 index 0000000..9b7a010 --- /dev/null +++ b/etc/lighttpd/git-auth.conf @@ -0,0 +1,10 @@ +auth.require = ( + "/" => ( + "method" => "basic", + "realm" => "Git Access", + "require" => "valid-user" + ) +) + +auth.backend = "htpasswd" +auth.backend.htpasswd.userfile = "/home/git/htpasswd" diff --git a/etc/lighttpd/git-httpd.conf b/etc/lighttpd/git-httpd.conf new file mode 100644 index 0000000..94e9c26 --- /dev/null +++ b/etc/lighttpd/git-httpd.conf @@ -0,0 +1,67 @@ +server.document-root = "/var/www/htdocs" + +server.port = 80 + +server.username = "git" +server.groupname = "git" + +server.modules = ( + "mod_access", + "mod_alias", + "mod_compress", + "mod_redirect", + "mod_cgi", + "mod_auth", + "mod_setenv", +) + +$SERVER["socket"] == ":443" { + ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem" +} + +index-file.names = ("index.html") + +cgi.assign = ("gitano-command.cgi" => "/usr/bin/lua5.1", + "gitano-smart-http.cgi" => "/usr/bin/lua5.1", + "cgit.cgi" => "" +) +cgi.execute-x-only = "enable" + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" +) + +$HTTP["url"] =~ ".*/gitano-command.cgi$" { + setenv.add-environment = ( + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["url"] =~ "^/git/.*$" { + alias.url += ( "/git" => "/var/www/htdocs/gitano-smart-http.cgi" ) + + cgi.assign = ("" => "") + setenv.add-environment = ( + "GIT_HTTP_EXPORT_ALL" => "", + "GIT_PROJECT_ROOT" => "/home/git/repos", + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["scheme"] == "https" { + include "git-auth.conf" + + $HTTP["querystring"] =~ "service=git-receive-pack" { + include "git-auth.conf" + } + + $HTTP["url"] =~ "^/git/.*/git-receive-pack$" { + include "git-auth.conf" + } +} diff --git a/etc/lighttpd.conf b/etc/lighttpd/morph-cache-httpd.conf index a69407f..65b9b22 100644 --- a/etc/lighttpd.conf +++ b/etc/lighttpd/morph-cache-httpd.conf @@ -1,16 +1,12 @@ server.document-root = "/var/www/htdocs" -server.port = 80 +server.port = 8080 -server.username = "git" -server.groupname = "git" +server.username = "cache" +server.groupname = "cache" server.modules += ("mod_cgi", "mod_fastcgi") -index-file.names = ("index.html") - -cgi.assign = ("cgit.cgi" => "") - mimetype.assign = ( ".html" => "text/html", ".txt" => "text/plain", @@ -19,7 +15,6 @@ mimetype.assign = ( ".css" => "text/css" ) - $SERVER["socket"] == ":8080" { server.username = "cache" server.groupname = "cache" @@ -37,11 +32,9 @@ $SERVER["socket"] == ":8080" { ) } - $SERVER["socket"] == ":8081" { server.username = "cache" - server.groupname = "cache" - fastcgi.server = ( + server.groupname = "cache" fastcgi.server = ( "" => ( "python-fcgi" => |