From 246e2405b8d76c46b8a49de6fd1311c936e6b852 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Thu, 30 Jan 2014 11:23:40 +0000 Subject: Reconfigure lighttpd We now run two separate httpds, one for morph-cache-server and one for git-httpd. We do this because we want to run morph-cache-server as the cache user and git-httpd as the git user --- etc/lighttpd.conf | 56 ------------------------------- etc/lighttpd/git-auth.conf | 10 ++++++ etc/lighttpd/git-httpd.conf | 67 +++++++++++++++++++++++++++++++++++++ etc/lighttpd/morph-cache-httpd.conf | 49 +++++++++++++++++++++++++++ 4 files changed, 126 insertions(+), 56 deletions(-) delete mode 100644 etc/lighttpd.conf create mode 100644 etc/lighttpd/git-auth.conf create mode 100644 etc/lighttpd/git-httpd.conf create mode 100644 etc/lighttpd/morph-cache-httpd.conf (limited to 'etc') diff --git a/etc/lighttpd.conf b/etc/lighttpd.conf deleted file mode 100644 index a69407f..0000000 --- a/etc/lighttpd.conf +++ /dev/null @@ -1,56 +0,0 @@ -server.document-root = "/var/www/htdocs" - -server.port = 80 - -server.username = "git" -server.groupname = "git" - -server.modules += ("mod_cgi", "mod_fastcgi") - -index-file.names = ("index.html") - -cgi.assign = ("cgit.cgi" => "") - -mimetype.assign = ( - ".html" => "text/html", - ".txt" => "text/plain", - ".jpg" => "image/jpeg", - ".png" => "image/png", - ".css" => "text/css" -) - - -$SERVER["socket"] == ":8080" { - server.username = "cache" - server.groupname = "cache" - fastcgi.server = ( - "" => - ( - "python-fcgi" => - ( - "socket" => "/var/run/lighttpd/morph-cache-server.socket", - "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server.conf", - "check-local" => "disable", - "max-procs" => 4, - ) - ) - ) -} - - -$SERVER["socket"] == ":8081" { - server.username = "cache" - server.groupname = "cache" - fastcgi.server = ( - "" => - ( - "python-fcgi" => - ( - "socket" => "/var/run/lighttpd/morph-cache-server-write.socket", - "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server-write.conf", - "check-local" => "disable", - "max-procs" => 1, - ) - ) - ) -} diff --git a/etc/lighttpd/git-auth.conf b/etc/lighttpd/git-auth.conf new file mode 100644 index 0000000..9b7a010 --- /dev/null +++ b/etc/lighttpd/git-auth.conf @@ -0,0 +1,10 @@ +auth.require = ( + "/" => ( + "method" => "basic", + "realm" => "Git Access", + "require" => "valid-user" + ) +) + +auth.backend = "htpasswd" +auth.backend.htpasswd.userfile = "/home/git/htpasswd" diff --git a/etc/lighttpd/git-httpd.conf b/etc/lighttpd/git-httpd.conf new file mode 100644 index 0000000..94e9c26 --- /dev/null +++ b/etc/lighttpd/git-httpd.conf @@ -0,0 +1,67 @@ +server.document-root = "/var/www/htdocs" + +server.port = 80 + +server.username = "git" +server.groupname = "git" + +server.modules = ( + "mod_access", + "mod_alias", + "mod_compress", + "mod_redirect", + "mod_cgi", + "mod_auth", + "mod_setenv", +) + +$SERVER["socket"] == ":443" { + ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem" +} + +index-file.names = ("index.html") + +cgi.assign = ("gitano-command.cgi" => "/usr/bin/lua5.1", + "gitano-smart-http.cgi" => "/usr/bin/lua5.1", + "cgit.cgi" => "" +) +cgi.execute-x-only = "enable" + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" +) + +$HTTP["url"] =~ ".*/gitano-command.cgi$" { + setenv.add-environment = ( + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["url"] =~ "^/git/.*$" { + alias.url += ( "/git" => "/var/www/htdocs/gitano-smart-http.cgi" ) + + cgi.assign = ("" => "") + setenv.add-environment = ( + "GIT_HTTP_EXPORT_ALL" => "", + "GIT_PROJECT_ROOT" => "/home/git/repos", + "HOME" => "/home/git", + "GITANO_ROOT" => "/home/git/repos" + ) +} + +$HTTP["scheme"] == "https" { + include "git-auth.conf" + + $HTTP["querystring"] =~ "service=git-receive-pack" { + include "git-auth.conf" + } + + $HTTP["url"] =~ "^/git/.*/git-receive-pack$" { + include "git-auth.conf" + } +} diff --git a/etc/lighttpd/morph-cache-httpd.conf b/etc/lighttpd/morph-cache-httpd.conf new file mode 100644 index 0000000..65b9b22 --- /dev/null +++ b/etc/lighttpd/morph-cache-httpd.conf @@ -0,0 +1,49 @@ +server.document-root = "/var/www/htdocs" + +server.port = 8080 + +server.username = "cache" +server.groupname = "cache" + +server.modules += ("mod_cgi", "mod_fastcgi") + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", + ".jpg" => "image/jpeg", + ".png" => "image/png", + ".css" => "text/css" +) + +$SERVER["socket"] == ":8080" { + server.username = "cache" + server.groupname = "cache" + fastcgi.server = ( + "" => + ( + "python-fcgi" => + ( + "socket" => "/var/run/lighttpd/morph-cache-server.socket", + "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server.conf", + "check-local" => "disable", + "max-procs" => 4, + ) + ) + ) +} + +$SERVER["socket"] == ":8081" { + server.username = "cache" + server.groupname = "cache" fastcgi.server = ( + "" => + ( + "python-fcgi" => + ( + "socket" => "/var/run/lighttpd/morph-cache-server-write.socket", + "bin-path" => "/usr/bin/morph-cache-server --config=/etc/morph-cache-server-write.conf", + "check-local" => "disable", + "max-procs" => 1, + ) + ) + ) +} -- cgit v1.2.1