lighttpd is a high performance web-server that can serve well as an "asset server". At Edoceo we use lighttpd to power content distribution network. When implemented we saw a large reduction in load on our primary web server and increased performance of our sites as a whole.

Installing lighttpd

Simply set the USE flags and emerge, this is what ours looks like. 

carbon # emerge -pv lighttpd
[ebuild  N    ] www-servers/lighttpd-1.4.20  USE="bzip2 -doc -fam -fastcgi \
  gdbm ipv6 -ldap -lua -memcache -minimal -mysql pcre -php -rrdtool ssl \
  -test -webdav xattr" 604 kB

Configuring SSL

We are assuming that keys have already been generated using openssl. We simply concatinate the key and certificate files as a "pem" and hand that to Lighttpd. 

~ # cd /etc/lighttpd
. # cat example.com.key example.com.crt > example.com.pem
. chmod 0400 example.com.key example.com.pem

Update the Lighttpd configuration accordingly. The ca-file directive is only necessary if the issuing certificate authority says so. 

$SERVER["socket"] == ":443" {
    ssl.engine = "enable"
    ssl.pemfile = "/etc/lighttpd/example.com.pem"
    ssl.ca-file = "/etc/lighttpd/example.com_CA.crt"
}

Configuring Logging

The configuration below will provide for access and error logging in a format that is compatible with the output in Apache virtualhosting logs. These are handy for use with awstats. 

server.modules = (
    "mod_access",
    "mod_accesslog",
)
server.errorlog      = var.logdir  + "/error.log"
# log errors to syslog instead
#   server.errorlog-use-syslog = "enable"

accesslog.format   = "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
accesslog.filename = var.logdir + "/access.log"

Configuring as CDN

When lighttpd will be functioning in a CDN it may be necessary to adjust some modules as well as add a few additional mime types.

We choose to disable almost all modules possible, here is a snip from lighttpd.conf 

server.modules = (
  "mod_access",
  "mod_status",
  "mod_simple_vhost",
  "mod_accesslog"
)

# we comment this out because everything from the CDN is static
#static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")

We also had to update the mime-types so lighttpd would return scripting language files as text. We added these lines to the mime-types.conf file distributed with lighttpd. 

".dmg"          =>      "application/x-apple-diskimage",
# return these scripts as text
".php"          =>      "text/plain",
".pl"           =>      "text/plain",
".sh"           =>      "text/plain",

See Also