philpep's blog - tag lighttpd philpep's blog - tag lighttpd rss http://blog.philpep.org fr Thu, 28 Jan 2010 00:45:29 GMT Pblog Lancer lighttpd dans un environnement propre http://blog.philpep.org/post/Lancer-lighttpd-dans-un-environnement-propre http://blog.philpep.org/post/Lancer-lighttpd-dans-un-environnement-propre Thu, 28 Jan 2010 00:45:29 GMT <p>Cela fait quelque temps que je vois mes <a href="http://fr.wikipedia.org/wiki/Common_Gateway_Interface">scripts cgi</a> sous <a href="http://www.lighttpd.net/">lighttpd</a> hériter de l'environnement root (vous savez, les <code>export</code> et autres <code>setenv</code> dans votre <code>~/.$SHELLrc</code>). Et si vous êtes un peu parano comme moi ou que vous avez des données sensibles dans votre environnement il peut s'avérer utile de les cacher du script cgi.</p> <p>Pour cela j'ai modifié mon <code>/usr/local/etc/rc.d/lighttpd</code>, du coup j'en ai même fait <a href="http://www.freebsd.org/cgi/query-pr.cgi?pr=143302">un bug report</a> chez FreeBSD histoire que tout le monde en profite. Il permet même de spécifier certaines des variables d'environnement que l'on veut conserver (comme PATH qui est souvent utilisé dans les script cgi).</p> <p>Avec un peu de chance (et beaucoup de temps :&gt;) il le prendrons et vous l'aurez bientôt dans vos ports. Sinon faite le vous même à partir <a href="http://www.philpep.org/pub/lighttpd_rc.patch">du patch</a> :</p> <div class="codehilite"><pre>cd /root fetch http://www.philpep.org/pub/lighttpd_rc.patch cd /usr/local/etc/rc.d/ patch -p0 &lt; /root/lighttpd_rc.patch </pre></div> <p>L'inconvénient c'est qu'il faut le refaire à chaque mise à jours de lighttpd.</p> Gitweb fastcgi lighttpd et FreeBSD http://blog.philpep.org/post/Gitweb-fastcgi-lighttpd-et-FreeBSD http://blog.philpep.org/post/Gitweb-fastcgi-lighttpd-et-FreeBSD Thu, 10 Sep 2009 22:04:31 GMT <p>Vu la galère pour mettre en place un gitweb sous lighttpd en fastcgi, voici un petit mémo pour moi et j'èspère qu'il servira à d'autres. (J'explique sous FreeBSD mais ça peut être transposé facilement sur d'autres OS)</p> <p>Donc, d'abord mettre en place git et lighttpd :</p> <div class="codehilite"><pre>make -C /usr/ports/devel/git install clean make -C /usr/ports/www/lighttpd install clean <span class="nb">echo </span><span class="nv">lighttpd_enable</span><span class="o">=</span><span class="se">\&quot;</span>YES<span class="se">\&quot;</span> &gt;&gt; /etc/rc.conf </pre></div> <p>Ensuite j'ai utilisé un script de la doc lighttpd.</p> <div class="codehilite"><pre>fetch http://philpep.org/pub/perl-cgi mv perl-cgi /usr/local/bin </pre></div> <p>Ce script utilise deux modules Perl qu'il faut installer, le premier (CGI::Fast) est dans les ports FreeBSD, mais je n'ai pas trouvé le second (Embed::Persistent) donc je l'ai installé "à la mano"</p> <div class="codehilite"><pre>make -C /usr/ports/www/p5-FastCGI install clean fetch http://search.cpan.org/CPAN/authors/id/D/DO/DOUGM/ExtUtils-Embed-1.14.tar.gz tar xvzf ExtUtils-Embed-1.14.tar.gz <span class="nb">cd </span>ExtUtils-Embed-1.14 perl Makefile.PL make make install </pre></div> <p>Ensuite la conf lighttpd : (je met tout dans /usr/local/www)</p> <div class="codehilite"><pre>cp /usr/local/share/examples/git/gitweb/gitweb* /usr/local/www cp /usr/local/share/examples/git/gitweb/*.png /usr/local/www </pre></div> <p>Et ceci dans /usr/local/etc/lighttpd.conf</p> <div class="codehilite"><pre><span class="c1"># /usr/local/etc/lighttpd.conf</span> <span class="k">server.port</span> <span class="o">=</span> <span class="m">80</span> <span class="k">server.bind</span> <span class="o">=</span> <span class="s2">&quot;10.0.0.3&quot;</span> <span class="k">server.username</span> <span class="o">=</span> <span class="s2">&quot;www&quot;</span> <span class="k">server.groupname</span> <span class="o">=</span> <span class="s2">&quot;www&quot;</span> <span class="k">server.document-root</span> <span class="o">=</span> <span class="s2">&quot;/usr/local/www/&quot;</span> <span class="k">server.event-handler</span> <span class="o">=</span> <span class="s2">&quot;freebsd-kqueue&quot;</span> <span class="k">server.pid-file</span> <span class="o">=</span> <span class="s2">&quot;/var/run/lighttpd.pid&quot;</span> <span class="k">index-file.names</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;gitweb.cgi&quot;</span> <span class="p">)</span> <span class="k">server.errorlog</span> <span class="o">=</span> <span class="s2">&quot;/var/log/error_log&quot;</span> <span class="k">server.modules</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;mod_setenv&quot;</span><span class="p">,</span> <span class="s2">&quot;mod_fastcgi&quot;</span><span class="p">,</span> <span class="s2">&quot;mod_rewrite&quot;</span><span class="p">,</span> <span class="p">)</span> <span class="k">fastcgi.server</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;.cgi&quot;</span> <span class="o">=&gt;</span> <span class="p">((</span> <span class="s2">&quot;socket&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;/tmp/application.fcgi.socket&quot;</span><span class="p">,</span> <span class="s2">&quot;bin-path&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;/usr/local/bin/perl-cgi&quot;</span><span class="p">,</span> <span class="p">))</span> <span class="p">)</span> <span class="k">setenv.add-environment</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;GITWEB_CONFIG&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;/home/git/gitweb.conf&quot;</span><span class="p">,</span> <span class="p">)</span> <span class="c1"># Le petit rewrite qui fait bien</span> <span class="k">url.rewrite-once</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;^/([a-zA-Z]+.git)(.*)$&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;/gitweb.cgi/$1$2&quot;</span> <span class="p">)</span> <span class="k">mimetype.assign</span> <span class="o">=</span> <span class="p">(</span> <span class="s2">&quot;.png&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;image/png&quot;</span><span class="p">,</span> <span class="s2">&quot;.css&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;text/css&quot;</span><span class="p">,</span> <span class="c1"># default mime type</span> <span class="s2">&quot;&quot;</span> <span class="o">=&gt;</span> <span class="s2">&quot;application/octet-stream&quot;</span><span class="p">,</span> <span class="p">)</span> </pre></div> <p>Et voilà, un petit</p> <div class="codehilite"><pre><span class="sr">/usr/</span><span class="nb">local</span><span class="sr">/etc/</span><span class="n">rc</span><span class="o">.</span><span class="n">d</span><span class="o">/</span><span class="n">lighttpd</span> <span class="n">start</span> </pre></div>