Lighttpd Quickstart
by Netanel
Lighttpd is a tiny web server that's suitable to use on embedded systems and other setups where you want an extremely lightweight and speedy web server.
This will server as a short introduction to Lighttpd.
Installing lighttpd on Centos 8
We'll start by installing the Extra Packages for Enterprise Linux community repository.
dnf install epel-release
And follow up with an installation of lighttpd.
dnf install lighttpd
Next, we'll enable and start the lighttpd daemon.
systemctl enable lighttpdsystemctl start lighttpd
Issue a curl to make sure the service is working correctly.
curl localhost
If you successfully pulled a webpage, congratulations - lighttpd is installed and working.
Now let's dig in the configuration file, open /etc/lighttpd/lighttpd.conf with your favorite text editor and let's go over the config.
at the top you should see some default locations.
var.log_root = "/var/log/lighttpd" # This is where logs will govar.server_root = "/var/www" # This is where we'll put our html files var.state_dir = "/run/lighttpd" # this is where lighttpd will run var.home_dir = "/var/lib/lighttpd" # This is the home folder for lighttpd var.conf_dir = "/etc/lighttpd" # this is where we store configuration
Afterwards you'll see chroot config, we'll skip that. Next let's go over the basic configuration section.
######################################################################### ## Basic Configuration ## --------------------- ## server.port = 80 ## ## bind to a specific IP ## #server.bind = "localhost" ## ## Run as a different username/groupname. ## This requires root permissions during startup. ## server.username = "lighttpd" server.groupname = "lighttpd" ## ## Document root ## server.document-root = server_root + "/lighttpd" ## ## store a pid file ## server.pid-file = state_dir + "/lighttpd.pid"
Note the server port, the server bind, and the username and groupname.
Here is the logging section.
######################################################################### ## Logging Options ## ------------------ ## ## all logging options can be overwritten per vhost. ## ## Path to the error log file ## server.errorlog = log_root + "/error.log" ## ## Access log config ## include "conf.d/access_log.conf" ## ## The debug options are moved into their own file. ## see conf.d/debug.conf for various options for request debugging. ## include "conf.d/debug.conf"
So as you can see, since our log root is /var/log/lighttpd, errors will go to /var/log/lighttpd/error.log.
We'll skip most of the sections and go all the way down to SSL configuration.
######################################################################### ## SSL Support ## ------------- ## ## To enable SSL for the whole server you have to provide a valid ## certificate and have to enable the SSL engine.:: ## ## ssl.engine = "enable" ## ssl.pemfile = "/path/to/server.pem" ## ## $SERVER["socket"] == "10.0.0.1:443" { ## ssl.engine = "enable" ## ssl.pemfile = "/etc/ssl/private/www.example.com.pem" ## ## # Check your cipher list with: openssl ciphers -v '...' ## # (use single quotes as your shell won't like ! in double quotes) ## #ssl.cipher-list = "PROFILE=SYSTEM" ## ## # (recommended to accept only TLSv1.2 and TLSv1.3) ## #ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2, TLSv1.3") ## ## server.name = "www.example.com" ## ## server.document-root = "/srv/www/vhosts/example.com/www/" ## } ## ## If you have a .crt and a .key file, specify both ssl.pemfile and ssl.privkey, ## or cat them together into a single PEM file: ## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \ ## > /etc/ssl/private/lighttpd.pem ## #ssl.pemfile = "/etc/ssl/private/lighttpd.pem" # # or # #ssl.privkey = "/etc/ssl/private/privkey.pem" #ssl.pemfile = "/etc/ssl/private/cert.pem" ## ## optionally pass the CA certificate here. ## ## #ssl.ca-file = "" ## ## and the CRL revocation list here. ## ## #ssl.ca-crl-file = "" ## #######################################################################
And below this section is the final one, where we include extra configuration files.
######################################################################### ## custom includes like vhosts. ## #include "conf.d/config.conf" #include "/etc/lighttpd/vhosts.d/*.conf" ## #######################################################################
Now that we took a look at the configuration, all we have to do is put some html files in the right location and test.
sudo echo 'Hello World!
/ > /var/www/lighttpd/index.html && chown lighttpd:lighttpd /var/www/lighttpd/index.html
curl localhost
You should now see the hello world message, success!