Lighttpd reverse proxy: Difference between revisions

From diaspora* project wiki
(Added missing file types, else 404.)
(+ood notice)
 
Line 1: Line 1:
{{Out of date}}{{Note|1=Please check if this page is still up to date and if it's still useful. [[Special:WhatLinksHere/Lighttpd reverse proxy|'''No page''' in the wiki links this page]] so if the content is out-dated or not needed anymore, the page can be deleted without further notice. --[[User:Waithamai|waithamai]] <sup>[[User talk:Waithamai|talk]]</sup> 08:00, 17 August 2017 (UTC)}}
This describes a example configuration to use lighttpd as a proxy for the thin webserver and to serve the static content.
This describes a example configuration to use lighttpd as a proxy for the thin webserver and to serve the static content.


Line 37: Line 39:
<pre>server.reject-expect-100-with-417 = &quot;disable&quot; </pre>
<pre>server.reject-expect-100-with-417 = &quot;disable&quot; </pre>


[[Category:Github transfer done]]
[[Category:Installation]]
[[Category:Installation]]
[[Category:Podmin]]
[[Category:Podmin]]
[[Category:Technical]]
[[Category:Technical]]

Latest revision as of 08:01, 17 August 2017

Out of dateOut of date:This page's accuracy may be compromised due to out-of-date information. Please help improve the page by updating it. There may be additional information on the talk page.
NoteNote:Please check if this page is still up to date and if it's still useful. No page in the wiki links this page so if the content is out-dated or not needed anymore, the page can be deleted without further notice. --waithamai talk 08:00, 17 August 2017 (UTC)

This describes a example configuration to use lighttpd as a proxy for the thin webserver and to serve the static content.

mod_proxy has to be enabled using lighttpd-enable-mod proxy on the command line.

Proxy and Static Files

At the end of your lighttpd.conf append this section.

$HTTP["host"] =~ "(^|\.)pod\.url\.com$" {
        server.document-root = "/path/to/diaspora/public/"
        url.rewrite  = ("^/$" => "/users/sign_in" )

        $HTTP["url"] !~ "\.(js|css|gif|jpg|png|ico|txt|swf|html|htm|svg|ttf|woff|gz)$" {
             proxy.server = (""    => (( "host" => "127.0.0.1", "port" => 3000)))
        }

        # Bypass proxy for sidekiq assets
        $HTTP["url"] =~ "^/sidekiq" {
                proxy.server = (""    => (( "host" => "127.0.0.1", "port" => 3000)))
        }
}

The first line filters all requests to your pod URL. So only requests to your pod are processed. In the second line replace the path to your diaspora public directory. The third line is optional and redirects first time visitors to the sign in page.

The inner section filters out all requests that do not hit static files and forwards them to the thin app server.

Secure Connections

To always use https add the following code within the previews block. mod_redirect has to be enabled.

$SERVER["socket"]== ":80" {  # 
    url.redirect = ("^/(.*)" => "https://pod.url.com/$1")
}

Curl Expect Header

There is a problem with curl. Curl adds an Expect header to its HTTP POST requests. lighttpd rejects these requests by default. To ignore the requests add the following line.

server.reject-expect-100-with-417 = "disable"