1. Installation
  2. Adding LDAP authentication


Via pkgin or pkg_add for platforms with binary packages available, or via pkgsrc thus:

$ cd /usr/pkgsrc/www/lighttpd
$ make install clean clean-depends

If you don’t have PKG_RCD_SCRIPTS=yes set, manually install the provided rc.d script:

# cp /usr/pkg/share/examples/rc.d/lighttpd /etc/rc.d

And set lighttpd=YES in /etc/rc.conf. Then start the webserver with:

/etc/rc.d/lighttpd start

Check your logs if you encounter any problem.

Adding LDAP authentication

We will use OpenLdap.

First of all deploy a working ldap server, and populate it with the the users. For more information on this, read OpenLDAP Authentication on NetBSD.

Be sure to load mod_auth and include the following in your lighttpd.conf:

# ldap authentication
auth.backend               = "ldap"

auth.backend.ldap.hostname = "grimnismal.local"
auth.backend.ldap.base-dn  = "dc=grimnismal,dc=local"
auth.backend.ldap.filter   = "(uid=$)"

auth.backend.ldap.bind-dn  = "cn=Manager,dc=grimnismal,dc=local"

# passwd for bind-dn, separated for security reasons
# contains: auth.backend.ldap.bind-pw  = "your-password"
# It must NOT be world readable!
include "ldapsecret"

auth.require               = ( "/server-status" =>
                                 "method"  => "basic",
                                 "realm"   => "Admin only page",
                                 "require" => "user=replaced"
                               "/server-config" =>
                                 "method"  => "basic",    
                                 "realm"   => "Staff only page",
                                 "require" => "valid-user"