diff options
author | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-01-30 11:23:40 +0000 |
---|---|---|
committer | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-02-12 17:50:28 +0000 |
commit | 246e2405b8d76c46b8a49de6fd1311c936e6b852 (patch) | |
tree | 09fc7966dc915170356763b52bb537109c58cf0d /etc/lighttpd | |
parent | a9a7ea2a7ecba39ff663ce79d377e4d5abdb1687 (diff) | |
download | trove-setup-246e2405b8d76c46b8a49de6fd1311c936e6b852.tar.gz |
Reconfigure lighttpd
We now run two separate httpds,
one for morph-cache-server and one for git-httpd.
We do this because we want to run morph-cache-server
as the cache user and git-httpd as the git user
Diffstat (limited to 'etc/lighttpd')
-rw-r--r-- | etc/lighttpd/git-auth.conf | 10 | ||||
-rw-r--r-- | etc/lighttpd/git-httpd.conf | 67 | ||||
-rw-r--r-- | etc/lighttpd/morph-cache-httpd.conf | 49 |
3 files changed, 126 insertions, 0 deletions
diff --git a/etc/lighttpd/git-auth.conf b/etc/lighttpd/git-auth.conf new file mode 100644 index 0000000..9b7a010 --- /dev/null +++ b/etc/lighttpd/git-auth.conf @@ -0,0 +1,10 @@ +auth.require = ( + "/" => ( + "method" => "basic", + "realm" => "Git Access", + "require" => "valid-user" + ) +) + +auth.backend = "htpasswd" +auth.backend.htpasswd.userfile = "/home/git/htpasswd" diff --git a/etc/lighttpd/git-httpd.conf b/etc/lighttpd/git-httpd.conf new file mode 100644 index 0000000..94e9c26 --- /dev/null +++ b/etc/lighttpd/git-httpd.conf @@ -0,0 +1,67 @@ +server.document-root = "/var/www/htdocs" + +server.port = 80 + +server.username = "git" +server.groupname = "git" + +server.modules = ( + "mod_access", + "mod_alias", + "mod_compress", + "mod_redirect", + "mod_cgi", + "mod_auth", + "mod_setenv", +) + +$SERVER["socket"] == ":443" { + ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem" +} + +index-file.names = ("index.html") + +cgi.assign = ("gitano-command.cgi" => "/usr/bin/lua5.1", + "gitano-smart-http.cgi" => "/usr/bin/lua5.1", + "cgit.cgi" => "" +) +cgi.execute-x-only = "enable" + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" +) + +$HTTP["url"] =~ ".*/gitano-command.cgi$" { + setenv.add-environment = ( + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["url"] =~ "^/git/.*$" { + alias.url += ( "/git" => "/var/www/htdocs/gitano-smart-http.cgi" ) + + cgi.assign = ("" => "") + setenv.add-environment = ( + "GIT_HTTP_EXPORT_ALL" => "", + "GIT_PROJECT_ROOT" => "/home/git/repos", + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["scheme"] == "https" { + include "git-auth.conf" + + $HTTP["querystring"] =~ "service=git-receive-pack" { + include "git-auth.conf" + } + + $HTTP["url"] =~ "^/git/.*/git-receive-pack$" { + include "git-auth.conf" + } +} diff --git a/etc/lighttpd/morph-cache-httpd.conf b/etc/lighttpd/morph-cache-httpd.conf new file mode 100644 index 0000000..65b9b22 --- /dev/null +++ b/etc/lighttpd/morph-cache-httpd.conf @@ -0,0 +1,49 @@ +server.document-root = "/var/www/htdocs" + +server.port = 8080 + +server.username = "cache" +server.groupname = "cache" + +server.modules += ("mod_cgi", "mod_fastcgi") + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" +) + +$SERVER["socket"] == ":8080" { + server.username = "cache" + server.groupname = "cache" + fastcgi.server = ( + "" => + ( + "python-fcgi" => + ( + "socket" => "/var/run/lighttpd/morph-cache-server.socket", + "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server.conf", + "check-local" => "disable", + "max-procs" => 4, + ) + ) + ) +} + +$SERVER["socket"] == ":8081" { + server.username = "cache" + server.groupname = "cache" fastcgi.server = ( + "" => + ( + "python-fcgi" => + ( + "socket" => "/var/run/lighttpd/morph-cache-server-write.socket", + "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server-write.conf", + "check-local" => "disable", + "max-procs" => 1, + ) + ) + ) +} |