Skip to content

Instantly share code, notes, and snippets.

Last active April 19, 2016 13:02
Show Gist options
  • Save maxkoryukov/d9e9adb0cc71c3700e49f0800d91f76b to your computer and use it in GitHub Desktop.
Save maxkoryukov/d9e9adb0cc71c3700e49f0800d91f76b to your computer and use it in GitHub Desktop.
# lighttpd configuration file
# use it as a base for lighttpd 1.0.0 and above
# $Id: lighttpd.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $
############ Options you really have to take care of ####################
## modules to load
# at least mod_access and mod_accesslog should be loaded
# all other module should only be loaded if really neccesary
# - saves some time
# - saves memory
server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
# "mod_cml",
# "mod_trigger_b4_dl",
# "mod_status",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_userdir",
# "mod_ssi",
# "mod_usertrack",
# "mod_secdownload",
# "mod_rrdtool",
"mod_accesslog" )
## a static document-root, for virtual-hosting take look at the
## server.virtual-* options
server.document-root = "/var/www/xirvikflux/"
## where to send error-messages to
server.errorlog = "/var/log/lighttpd/error.log"
# files to check for if .../ is requested
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm" )
## set the event-handler (read the performance section in the manual)
# server.event-handler = "freebsd-kqueue" # needed on OS X
# mimetype mapping
mimetype.assign = (
".pdf" => "application/pdf",
".sig" => "application/pgp-signature",
".spl" => "application/futuresplash",
".class" => "application/octet-stream",
".ps" => "application/postscript",
".torrent" => "application/x-bittorrent",
".dvi" => "application/x-dvi",
".gz" => "application/x-gzip",
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".tar" => "application/x-tar",
".zip" => "application/zip",
".mp3" => "audio/mpeg",
".m3u" => "audio/x-mpegurl",
".wma" => "audio/x-ms-wma",
".wax" => "audio/x-ms-wax",
".ogg" => "application/ogg",
".wav" => "audio/x-wav",
".gif" => "image/gif",
".jar" => "application/x-java-archive",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".png" => "image/png",
".xbm" => "image/x-xbitmap",
".xpm" => "image/x-xpixmap",
".xwd" => "image/x-xwindowdump",
".css" => "text/css",
".html" => "text/html",
".htm" => "text/html",
".js" => "text/javascript",
".asc" => "text/plain",
".c" => "text/plain",
".cpp" => "text/plain",
".log" => "text/plain",
".conf" => "text/plain",
".text" => "text/plain",
".txt" => "text/plain",
".dtd" => "text/xml",
".xml" => "text/xml",
".mpeg" => "video/mpeg",
".mpg" => "video/mpeg",
".mov" => "video/quicktime",
".qt" => "video/quicktime",
".avi" => "video/x-msvideo",
".asf" => "video/x-ms-asf",
".asx" => "video/x-ms-asf",
".wmv" => "video/x-ms-wmv",
".bz2" => "application/x-bzip",
".tbz" => "application/x-bzip-compressed-tar",
".tar.bz2" => "application/x-bzip-compressed-tar",
# default mime type
"" => "application/octet-stream",
# Use the "Content-Type" extended attribute to obtain mime type if possible
#mimetype.use-xattr = "enable"
## send a different Server: header
## be nice and keep it at lighttpd
# server.tag = "lighttpd"
#### accesslog module
accesslog.filename = "/var/log/lighttpd/access.log"
## deny access the file-extensions
# ~ is for backupfiles from vi, emacs, joe, ...
# .inc is often used for code includes which should in general not be part
# of the document-root
url.access-deny = ( "~", ".inc" )
$HTTP["url"] =~ "\.pdf$" {
server.range-requests = "disable"
# which extensions should not be handle via static-file transfer
# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
######### Options that are good to be but not neccesary to be changed #######
## bind to port (default: 80)
server.port = 80
server.bind = ""
$SERVER["socket"] == "" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/certs/" = "/etc/lighttpd/certs/gd_bundle-g2-g1.crt"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
$HTTP["url"] =~ "^/public/" {
# mimetype mapping
mimetype.assign = (
"" => "application/octet-stream",
$HTTP["url"] !~ "^/public/" {
auth.backend = "htpasswd"
auth.debug = 2
auth.backend.htpasswd.userfile = "/var/users/customers.pwd"
auth.useripcheck-root = "/var/useripcheck/"
auth.god-ip-address-list = "/var/admin_acl/worldwide_group_IPs.txt"
auth.require = (
"/server-status" =>
"method" => "basic",
"realm" => "status",
"require" => "user=admin"
"/" => (
"method" => "basic",
"realm" => "Xirvik member area",
"require" => "valid-user-safe"
$HTTP["url"] =~ "^/tfx/themes/default/images/" {
expire.url = ( "" => "access 1 months" )
$HTTP["url"] =~ "^/tfx/js/" {
expire.url = ( "" => "access 1 weeks" )
$HTTP["url"] =~ "^/tfx/themes/default/css" {
expire.url = ( "" => "access 1 weeks" )
$HTTP["url"] =~ "^/tfx/themes/tf_standard_themes/" {
expire.url = ( "" => "access 1 months" )
$HTTP["url"] =~ "^/(rtorrent|wtorrent|rtgui)/.*(css|jpg|gif|js|png|ico)" {
expire.url = ( "" => "access 1 months" )
$HTTP["url"] =~ "^/downloads($|/)" {
dir-listing.activate = "enable"
$HTTP["url"] =~ "^/sabnzbd($|/)" {
proxy.server = ( "" => (
( "host" => "", "port" => 8080 )
$HTTP["url"] =~ "^/deluge($|/)" {
proxy.server = ( "" => (
( "host" => "", "port" => 8112 )
$HTTP["url"] =~ "^/pyload($|/)" {
proxy.server = ( "" => (
( "host" => "", "port" => 8113 )
$HTTP["url"] =~ "^/sickbeard($|/)" {
proxy.server = ( "" => (
( "host" => "", "port" => 8081 )
$HTTP["url"] =~ "^/couchpotato($|/)" {
proxy.server = ( "" => (
( "host" => "", "port" => 5050 )
$HTTP["url"] =~ "^/headphones($|/)" {
# $HTTP["scheme"] == "http" {
# $HTTP["host"] =~ ".*" {
# url.redirect = ( ".*" => "https://%0$0")
# }
# }
setenv.add-request-header = (
"X-Forwarded-Proto" => "https"
proxy.server = ( "" => (
( "host" => "", "port" => 8181 )
## error-handler for status 404
#server.error-handler-404 = "/error-handler.html"
#server.error-handler-404 = "/error-handler.php"
## to help the rc.scripts = "/var/run/"
## virtual directory listings
#dir-listing.activate = "enable"
## select encoding for directory listings
#dir-listing.encoding = "utf-8"
## enable debugging
#debug.log-request-header = "enable"
#debug.log-response-header = "enable"
#debug.log-request-handling = "enable"
#debug.log-file-not-found = "enable"
### only root can use these options
# chroot() to directory (default: no chroot() )
#server.chroot = "/"
## change uid to <uid> (default: don't care)
server.username = "www-data"
## change uid to <uid> (default: don't care)
server.groupname = "www-data"
#### compress module
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ("text/plain", "text/html", "text/css", "text/xml", "text/javascript")
#### fastcgi module
## read fastcgi.txt for more info
## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini
$HTTP["url"] !~ "^/downloads($|/)" {
cgi.assign = ( ".pl" => "/usr/bin/perl" )
fastcgi.server = ( ".php" =>
( "localhost" =>
"socket" => "/tmp/php-fastcgi.sock",
# "bin-path" => "/usr/local/bin/php-cgi",
# "max-procs" => 1
scgi.server = (
"/RPC2" => # RT_DIR
( "" =>
"host" => "", # Ip where rtorrent is listening
"port" => 5000, # Port specified in .rtorrent.rc
"check-local" => "disable"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment