**Contents**

[[!toc]]

## Installation

Via `pkgin` or `pkg_add` for platforms with binary packages available, or via pkgsrc thus:

    $ cd /usr/pkgsrc/www/lighttpd
    $ make install clean clean-depends


If you don’t have `PKG_RCD_SCRIPTS=yes` set, manually install the provided rc.d script:

    # cp /usr/pkg/share/examples/rc.d/lighttpd /etc/rc.d

And set `lighttpd=YES` in `/etc/rc.conf`. Then start the webserver with:

    /etc/rc.d/lighttpd start

Check your logs if you encounter any problem.


## Adding LDAP authentication

We will use OpenLdap.

First of all deploy a working ldap server, and populate it with the the users. For more information on this, read [[OpenLDAP Authentication on NetBSD|tutorials/openldap_authentication_on_netbsd]].

Be sure to load `mod_auth` and include the following in your `lighttpd.conf`:

    # ldap authentication
    auth.backend               = "ldap"
    
    auth.backend.ldap.hostname = "grimnismal.local"
    auth.backend.ldap.base-dn  = "dc=grimnismal,dc=local"
    auth.backend.ldap.filter   = "(uid=$)"
    
    auth.backend.ldap.bind-dn  = "cn=Manager,dc=grimnismal,dc=local"
    
    # passwd for bind-dn, separated for security reasons
    # contains: auth.backend.ldap.bind-pw  = "your-password"
    # It must NOT be world readable!
    #
    include "ldapsecret"
    
    auth.require               = ( "/server-status" =>
                                   (
                                     "method"  => "basic",
                                     "realm"   => "Admin only page",
                                     "require" => "user=replaced"
                                   ),
                                   "/server-config" =>
                                   (
                                     "method"  => "basic",    
                                     "realm"   => "Staff only page",
                                     "require" => "valid-user"
                                   )
                                 )