File:  [NetBSD Developer Wiki] / wikisrc / tutorials / lighttpd_on_netbsd.mdwn
Revision 1.4: download - view: text, annotated - select for diffs
Mon Nov 30 18:54:47 2020 UTC (10 months, 2 weeks ago) by schmonz
Branches: MAIN
CVS tags: HEAD
Remove funky whitespace (NFCI)

    1: **Contents**
    2: 
    3: [[!toc]]
    4: 
    5: ## Prelude
    6: 
    7: How to deploy a high performance webserver using NetBSD and Lighttpd.
    8: 
    9: ## Installation
   10: 
   11: Via `pkgin` or `pkg_add` for platforms with binary packages available, or via pkgsrc thus:
   12: 
   13:     $ cd /usr/pkgsrc/www/lighttpd
   14:     $ make install clean clean-depends
   15: 
   16: 
   17: If you don’t have `PKG_RCD_SCRIPTS=yes` set, manually install the provided rc.d script:
   18: 
   19:     # cp /usr/pkg/share/examples/rc.d/lighttpd /etc/rc.d
   20: 
   21: And set `lighttpd=YES` in `/etc/rc.conf`.
   22: 
   23: 
   24: ## Configuration
   25: 
   26: Enable kqueue:
   27: 
   28:     server.event-handler        = "kqueue"
   29:     server.stat-cache-engine    = "kqueue"
   30: 
   31: 
   32: ## Testing the setup
   33: 
   34: You can start the webserver with:
   35: 
   36:     /etc/rc.d/lighttpd start
   37: 
   38: Check your logs if you encounter any problem.
   39: 
   40: ## Setting up authentication
   41: 
   42: ### Directory server
   43: 
   44: We will use OpenLdap.
   45: 
   46: First of all deploy a working ldap server, and populate it with the the users. For more information on this, read [[OpenLDAP Authentication on NetBSD|tutorials/openldap_authentication_on_netbsd]].
   47: 
   48: Be sure to load mod_auth and include the following in your lighttpd.conf file:
   49: 
   50:     # ldap authentication
   51:     auth.backend               = "ldap"
   52:     
   53:     auth.backend.ldap.hostname = "grimnismal.local"
   54:     auth.backend.ldap.base-dn  = "dc=grimnismal,dc=local"
   55:     auth.backend.ldap.filter   = "(uid=$)"
   56:     
   57:     auth.backend.ldap.bind-dn  = "cn=Manager,dc=grimnismal,dc=local"
   58:     
   59:     # passwd for bind-dn, separated for security reasons
   60:     # contains: auth.backend.ldap.bind-pw  = "your-password"
   61:     # It must NOT be world readable!
   62:     #
   63:     include "ldapsecret"
   64:     
   65:     auth.require               = ( "/server-status" =>
   66:                                    (
   67:                                      "method"  => "basic",
   68:                                      "realm"   => "Admin only page",
   69:                                      "require" => "user=replaced"
   70:                                    ),
   71:                                    "/server-config" =>
   72:                                    (
   73:                                      "method"  => "basic",    
   74:                                      "realm"   => "Staff only page",
   75:                                      "require" => "valid-user"
   76:                                    )
   77:                                  )

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb