Linux - LLMP - Lighttpd - 编译 / 安装

编译与安装 Lighttpd
同时加上 FastCgi (PHP) 和 WebDAV 模块

1. 编译与安装

$ su

1.1) 准备编译所需的依赖库

Ubuntu
http://jasonmun.blogspot.my/2017/01/ubuntu-lighttpd.html
CentOS
$ yum install gcc make glib2-devel gzip sqlite-devel libxml2-devel libuuid-devel
$ yum install openssl-devel pcre-devel zlib-devel bzip2-devel
Fedora
$ dnf install gcc make glib2-devel gzip sqlite-devel libxml2-devel libuuid-devel
$ dnf install openssl-devel pcre-devel zlib-devel bzip2-devel
OpenSUSE
$ zypper install gcc make glib2-devel gzip sqlite3-devel libxml2-devel libuuid-devel
$ zypper install openssl pcre-devel zlib-devel

另外, OpenSUSE 还需要..

$ cd /home/username/Downloads

openssl ( 没有这个, 以下 configure 会显示没有 openssl )
$ wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz
$ tar zxvf openssl-1.1.0c.tar.gz
$ cd openssl-1.1.0c
$ ./config --prefix=/usr
$ make && make install

bzip2 的安装, 可看以上 Ubuntu 的部分

1.2) 下载 / 编译 / 安装

$ cd /home/username/Downloads

$ wget http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.45.tar.gz
$ tar zxvf lighttpd-1.4.45.tar.gz
$ cd lighttpd-1.4.45
$ ./configure --prefix=/usr/local/lighttpd --with-openssl --enable-lfs --disable-ipv6 --with-pcre --with-zlib --with-bzip2 --with-webdav-props --with-webdav-locks --enable-fastcgi --enable-force-cgi-redirect
$ make && make install

2. 准备

$ gedit /etc/hostname

member.dlinkddns.com

$ gedit /etc/hosts

127.0.0.1 member.dlinkddns.com

$ mkdir -p /etc/lighttpd/conf.d

$ cd ..

$ cp lighttpd-1.4.45/doc/config/conf.d/*.conf /etc/lighttpd/conf.d
$ cp lighttpd-1.4.45/doc/config/lighttpd.conf /etc/lighttpd/lighttpd.conf
$ cp lighttpd-1.4.45/doc/config/modules.conf /etc/lighttpd/modules.conf

$ mkdir /var/webdav
$ chmod 777 /var/webdav

$ printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> /var/.htpasswd

Ubuntu
需要用到安装在 /usr/local/lib 里的动态库
如果要更新 Ubuntu 系统, 需要将以下这行取走
$ echo "/usr/local/lib" >> /etc/ld.so.conf.d/libc.conf
$ ldconfig

Ubuntu / OpenSUSE
$ groupadd lighttpd
$ useradd -r lighttpd

$ mkdir -p /var/cache/lighttpd/compress
$ mkdir -p /var/log/lighttpd
$ mkdir -p /var/lib/lighttpd
$ chmod 777 /var/lib/lighttpd

$ touch /var/log/lighttpd/error.log
$ chmod 666 /var/log/lighttpd/error.log

$ touch /var/log/lighttpd/access.log
$ chmod 666 /var/log/lighttpd/access.log

3. 设置

3.1) 编辑 lighttpd.conf

$ gedit /etc/lighttpd/lighttpd.conf

var.log_root    = "/var/log/lighttpd"

# OpenSUSE 用 /srv/www 
var.server_root = "/var/www"

var.state_dir   = "/var/run"
var.home_dir    = "/var/lib/lighttpd"
var.conf_dir    = "/etc/lighttpd"

var.vhosts_dir  = server_root + "/vhosts"
var.cache_dir   = "/var/cache/lighttpd"
var.socket_dir  = home_dir + "/sockets"

include "modules.conf"

server.port = 80
server.use-ipv6 = "disable"

server.bind = "member.dlinkddns.com"

server.username  = "lighttpd"
server.groupname = "lighttpd"

# OpenSUSE 用 server_root + "/htdocs" 即为 /srv/www/htdocs
# Ubuntu / CentOS / Fedora 用 server_root + "/lighttpd" 即为 /var/www/lighttpd, 我改为 /var/www/html
server.document-root = server_root + "/html"

server.pid-file = state_dir + "/lighttpd.pid"

server.errorlog  = log_root + "/error.log"

include "conf.d/access_log.conf"
include "conf.d/debug.conf"

server.event-handler = "linux-sysepoll"
server.network-backend = "sendfile"
server.max-fds = 2048
server.stat-cache-engine = "simple"
server.max-connections = 1024

index-file.names += (
  "index.xhtml", "index.html", "index.htm", "default.htm", "index.php"
)

url.access-deny  = ( "~", ".inc" )

$HTTP["url"] =~ "\.pdf$" {
       server.range-requests = "disable"
}

static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" )

include "conf.d/mime.conf"
include "conf.d/dirlisting.conf"

server.follow-symlink = "enable"
server.upload-dirs = ( "/var/tmp" )

3.2) 编辑 modules.conf

$ gedit /etc/lighttpd/modules.conf

server.modules = (
        "mod_access",
        "mod_alias",
        "mod_auth",
        "mod_dirlisting",
        #  "mod_authn_file",
        #  "mod_evasive",
        "mod_redirect",
        "mod_rewrite",
        "mod_setenv",
        #  "mod_usertrack",
)

include "conf.d/webdav.conf"
include "conf.d/compress.conf"
include "conf.d/fastcgi.conf"

3.3) 编辑 webdav.conf

$ gedit /etc/lighttpd/conf.d/webdav.conf

server.modules += ( "mod_webdav" )

$HTTP["host"] == "member.dlinkddns.com" {
       alias.url = ( "/webdav" => "/var/webdav" )
       $HTTP["url"] =~ "^/webdav($|/)" {
              server.document-root = "/var/webdav"
               dir-listing.activate = "enable"
               webdav.activate = "enable"
               webdav.is-readonly = "disable"
               webdav.sqlite-db-name = home_dir + "/webdav.db"
               auth.backend = "htpasswd"
               auth.backend.htpasswd.userfile = "/var/.htpasswd"
               auth.require = ( "" => ( "method" => "basic",
                                        "realm" => "webdav",
                                        "require" => "valid-user" ) )
       }
}

3.4) 编辑 php.ini (PHP) / www.conf (PHP-FPM) / fastcgi.conf

Ubuntu (PHP-FPM)

$ gedit /etc/php/7.0/fpm/pool.d/www.conf

listen = /run/php/php7.0-fpm.sock

listen.owner = lighttpd

listen.group = lighttpd

listen.mode = 0666

user = lighttpd
group = lighttpd

看 PHP + MySql 安装与设置部分
http://jasonmun.blogspot.my/2017/01/linux-lighttpd.html

检查 lighttpd 的设置
$ /usr/local/lighttpd/sbin/lighttpd -t -f /etc/lighttpd/lighttpd.conf

4. 启动 (手动 / 自动)

重启 PHP-FPM
Ubuntu
$ systemctl restart php7.0-fpm
其它 Linux
$ systemctl restart php-fpm

4.1) 手动

$ /usr/local/lighttpd/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf

$ ps aux | grep lighttpd

4.2) 自动

$ cd /home/username/Downloads

4.2.1) rc 版

$ gedit lighttpd-1.4.45/doc/initscripts/rc.lighttpd.redhat

LIGHTTPD_CONF_PATH="/etc/lighttpd/lighttpd.conf"
lighttpd="/usr/local/lighttpd/sbin/lighttpd"

$ cp lighttpd-1.4.45/doc/initscripts/rc.lighttpd.redhat /etc/init.d/lighttpd
$ chmod a+rx /etc/init.d/lighttpd
$ cp -p lighttpd-1.4.45/doc/initscripts/sysconfig.lighttpd /etc/sysconfig/lighttpd

$ systemctl start lighttpd
$ systemctl enable lighttpd

4.2.2) systemd 版 (建议用这个)

$ gedit lighttpd-1.4.45/doc/systemd/lighttpd.service

[Unit]
Description=Lighttpd Daemon
After=network.target

[Service]
Type=simple
ExecStartPre=/usr/local/lighttpd/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
ExecStart=/usr/local/lighttpd/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
Restart=on-failure

[Install]
WantedBy=multi-user.target

Ubuntu - $ mkdir -p /usr/lib/systemd/system

$ cp lighttpd-1.4.45/doc/systemd/lighttpd.service /usr/lib/systemd/system/lighttpd.service
$ chmod 644 /usr/lib/systemd/system/lighttpd.service

$ systemctl start lighttpd
$ systemctl enable lighttpd

5. HTTPS 设置

http://jasonmun.blogspot.my/2017/01/lets-encrypt-lighttpd-https.html

6. 防火壁 / 路由器

Ubuntu
$ systemctl start ufw

$ ufw allow 80/tcp
$ ufw allow 443/tcp

CentOS / Fedora
$ systemctl start firewalld

$ firewall-cmd --get-active-zones
$ firewall-cmd --permanent --add-service={http,https} --zone=home
$ firewall-cmd --reload
$ firewall-cmd --list-all --zone=home

OpenSUSE

YaST2 - Firewall
http://jasonmun.blogspot.my/2017/01/opensuse-firewall.html

路由器要做端口转向 (Port Forward)

7. 测试

$ gedit /var/www/html/test.php

<?php
phpinfo();
?>

https://member.dlinkddns.com/test.php
https://member.dlinkddns.com/webdav

8. 客户端 (Ubuntu 用 apt / CentOS 用 yum / Fedora 用 dnf / OpenSUSE 用 zypper)

$ yum install davfs2
$ mkdir /media/dav
$ mount -t davfs http://member.dlinkddns.com/webdav /media/dav

$ yum install cadaver
$ cadaver http://member.dlinkddns.com/webdav

BitKinex
http://www.bitkinex.com/download

WinSCP
https://winscp.net/eng/download.php