1: **Contents**
2:
3: [[!toc]]
4:
5: ## Prelude
6:
7: How to deploy a high performance webserver using NetBSD and Lighttpd.
8:
9: ## Installation
10:
11: We will install it from pkgsrc because we need some fetures which are not enabled in the binary.
12:
13: First of all, let's use gamin as the default file alteration monitor instead of fam:
14:
15: # FAM_DEFAULT=gamin
16:
17:
18: Of course you can stick with fam if you'd like.
19:
20: After that we will enable fam support in lighty:
21:
22: # echo PKG_OPTIONS.lighttpd=fam >> /etc/mk.conf
23:
24:
25: Now the good old magic words:
26:
27: # cd /usr/pkgsrc/www/lighttpd/
28: # make install clean clean-depends
29:
30:
31: Install the rc.d files if you dont do that automaticaly:
32:
33: # cp /usr/pkg/share/examples/rc.d/lighttpd /etc/rc.d/
34:
35:
36: ## The lighttpd user
37:
38: By default there is no user created for lighttpd, thus you will have to create one:
39:
40: # groupadd lighttpd
41: # useradd -s /sbin/nologin -g lighttpd lighttpd
42:
43:
44: ## Configuration
45:
46: Set the docroot whereever you want:
47:
48: server.document-root = "/srv/lighttpd/htdocs"
49:
50:
51: Set the default location for logs:
52:
53: server.errorlog = "/var/log/lighttpd/error.log"
54: accesslog.filename = "/var/log/lighttpd/access.log"
55:
56:
57: You need to create the directory /var/log/lighttpd with proper permissions:
58:
59: # install -d -o lighttpd -g lighttpd /var/log/lighttpd
60:
61:
62: Let's use the user we have created for lighttpd:
63:
64: server.username = "lighttpd"
65: server.groupname = "lighttpd"
66:
67:
68: Enable kqueue:
69:
70: server.event-handler = "kqueue"
71:
72:
73: Enable fam:
74:
75: server.stat-cache-engine = "fam"
76:
77:
78: ## Testing the setup
79:
80: You can start the webserver with:
81:
82: /etc/rc.d/lighttpd start
83:
84:
85: Check your logs if you encounter any problem.
86:
87: ## Setting up authentication
88:
89: ### Directory server
90:
91: We will use OpenLdap.
92:
93: First of all deploy a working ldap server, and populate it with the the users. For more information on this, read [[tutorials/openldap_authentication_on_netbsd|OpenLDAP Authentication on NetBSD]].
94:
95: Be sure to load mod_auth and include the following in your lighttpd.conf file:
96:
97:
98: # ldap authentication
99: auth.backend = "ldap"
100:
101: auth.backend.ldap.hostname = "grimnismal.local"
102: auth.backend.ldap.base-dn = "dc=grimnismal,dc=local"
103: auth.backend.ldap.filter = "(uid=$)"
104:
105: auth.backend.ldap.bind-dn = "cn=Manager,dc=grimnismal,dc=local"
106:
107: # passwd for bind-dn, separated for security reasons
108: # contains: auth.backend.ldap.bind-pw = "your-password"
109: # It must NOT be word readable!
110: #
111: include "ldapsecret"
112:
113: auth.require = ( "/server-status" =>
114: (
115: "method" => "basic",
116: "realm" => "Admin only page",
117: "require" => "user=replaced"
118: ),
119: "/server-config" =>
120: (
121: "method" => "basic",
122: "realm" => "Staff only page",
123: "require" => "valid-user"
124: )
125: )
126:
127:
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb
![[BACK]](/icons/back.gif){kind=icon}
Return to lighttpd_on_netbsd.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc