Use lighttpd to have an all-in-one container

This commit is contained in:
nemunaire 2024-02-14 09:52:30 +01:00
parent b061ba4368
commit 5156451e0f
2 changed files with 316 additions and 5 deletions

View File

@ -2,12 +2,14 @@ FROM alpine:3.12
RUN adduser -S -s /sbin/nologin -h /var/www/localhost/htdocs -u 80 www-data && \
apk add --no-cache \
fcgiwrap \
lighttpd \
nagios \
nagios-web \
&& \
addgroup www-data nagios
addgroup lighttpd nagios
EXPOSE 8080
USER www-data
CMD ["/usr/bin/fcgiwrap", "-s", "tcp:0.0.0.0:8080", "-f"]
COPY lighttpd.conf /etc/lighttpd/lighttpd.conf
EXPOSE 80
USER lighttpd
CMD ["/usr/sbin/lighttpd", "-f", "/etc/lighttpd/lighttpd.conf", "-D"]

309
lighttpd.conf Normal file
View File

@ -0,0 +1,309 @@
###############################################################################
# Default lighttpd.conf for Gentoo.
# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/lighttpd.conf,v 1.3 2005/09/01 14:22:35 ka0ttic Exp $
###############################################################################
# {{{ variables
var.basedir = "/var/www/localhost"
#var.logdir = "/var/log/lighttpd"
var.statedir = "/var/lib/lighttpd"
# }}}
# {{{ modules
# At the very least, mod_access and mod_accesslog should be enabled.
# All other modules should only be loaded if necessary.
# NOTE: the order of modules is important.
server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
"mod_access",
# "mod_auth",
# "mod_status",
# "mod_setenv",
# "mod_proxy",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_userdir",
# "mod_deflate",
# "mod_ssi",
# "mod_expire",
# "mod_rrdtool",
# "mod_webdav",
"mod_accesslog"
)
# }}}
# {{{ includes
include "mime-types.conf"
# uncomment for cgi support
include "mod_cgi.conf"
# uncomment for php/fastcgi support
# include "mod_fastcgi.conf"
# uncomment for php/fastcgi fpm support
# include "mod_fastcgi_fpm.conf"
# }}}
# {{{ server settings
server.username = "lighttpd"
server.groupname = "lighttpd"
server.document-root = var.basedir + "/htdocs"
server.pid-file = "/run/lighttpd.pid"
server.errorlog = var.logdir + "/error.log"
# log errors to syslog instead
# server.errorlog-use-syslog = "enable"
index-file.names = ("index.php", "index.html", "index.htm", "default.htm")
# server.tag = "lighttpd"
# event handler (defaults to OS-specific event framework)
# see performance.txt
#
# for >= linux-2.6
# server.event-handler = "linux-sysepoll"
# for FreeBSD
# server.event-handler = "freebsd-kqueue"
# chroot to directory (defaults to no chroot)
# server.chroot = "/"
# bind to port (defaults to 80)
# server.port = 81
# bind to name (defaults to all interfaces)
# server.bind = "grisu.home.kneschke.de"
# error-handler for status 404
# server.error-handler-404 = "/error-handler.html"
# server.error-handler-404 = "/error-handler.php"
# Format: <errorfile-prefix><status-code>.html
# -> ..../status-404.html for 'File not found'
# server.errorfile-prefix = var.basedir + "/error/status-"
# support for caching stat() calls (default "simple")
# for Linux
# server.stat-cache-engine = "inotify"
# for FreeBSD
# server.stat-cache-engine = "kqueue"
# }}}
# {{{ mod_staticfile
# which extensions should not be handled via static-file transfer
# (extensions that are usually handled by mod_cgi, mod_fastcgi, etc).
static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")
# }}}
# {{{ mod_accesslog
accesslog.filename = var.logdir + "/access.log"
# }}}
# {{{ mod_dirlisting
# enable directory listings
# dir-listing.activate = "enable"
#
# don't list hidden files/directories
# dir-listing.hide-dotfiles = "enable"
#
# use a different css for directory listings
# dir-listing.external-css = "/path/to/dir-listing.css"
#
# list of regular expressions. files that match any of the
# specified regular expressions will be excluded from directory
# listings.
# dir-listing.exclude = ("^\.", "~$")
# }}}
# {{{ mod_access
# see access.txt
url.access-deny = ("~", ".inc")
# }}}
# {{{ mod_userdir
# see userdir.txt
#
# userdir.path = "public_html"
# userdir.exclude-user = ("root")
# }}}
# {{{ mod_ssi
# see ssi.txt
#
# ssi.extension = (".shtml")
# }}}
# {{{ mod_ssl
# see ssl.txt
#
# ssl.engine = "enable"
# ssl.pemfile = "server.pem"
# }}}
# {{{ mod_status
# see status.txt
#
# status.status-url = "/server-status"
# status.config-url = "/server-config"
# }}}
# {{{ mod_simple_vhost
# see simple-vhost.txt
#
# If you want name-based virtual hosting add the next three settings and load
# mod_simple_vhost
#
# document-root =
# virtual-server-root + virtual-server-default-host + virtual-server-docroot
# or
# virtual-server-root + http-host + virtual-server-docroot
#
# simple-vhost.server-root = "/home/weigon/wwwroot/servers/"
# simple-vhost.default-host = "grisu.home.kneschke.de"
# simple-vhost.document-root = "/pages/"
# }}}
# {{{ mod_deflate
# see compress.txt
#
# deflate.cache-dir = var.statedir + "/cache/compress"
# deflate.mimetypes = ("text/plain", "text/html")
# }}}
# {{{ mod_proxy
# see proxy.txt
#
# proxy.server = ( ".php" =>
# ( "localhost" =>
# (
# "host" => "192.168.0.101",
# "port" => 80
# )
# )
# )
# }}}
# {{{ mod_auth
# see authentication.txt
#
# auth.backend = "plain"
# auth.backend.plain.userfile = "lighttpd.user"
# auth.backend.plain.groupfile = "lighttpd.group"
# auth.backend.ldap.hostname = "localhost"
# auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
# auth.backend.ldap.filter = "(uid=$)"
# auth.require = ( "/server-status" =>
# (
# "method" => "digest",
# "realm" => "download archiv",
# "require" => "user=jan"
# ),
# "/server-info" =>
# (
# "method" => "digest",
# "realm" => "download archiv",
# "require" => "valid-user"
# )
# )
# }}}
# {{{ mod_rewrite
# see rewrite.txt
#
# url.rewrite = (
# "^/$" => "/server-status"
# )
# }}}
# {{{ mod_redirect
# see redirect.txt
#
# url.redirect = (
# "^/wishlist/(.+)" => "http://www.123.org/$1"
# )
# }}}
# {{{ mod_evhost
# define a pattern for the host url finding
# %% => % sign
# %0 => domain name + tld
# %1 => tld
# %2 => domain name without tld
# %3 => subdomain 1 name
# %4 => subdomain 2 name
#
# evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/"
# }}}
# {{{ mod_expire
# expire.url = (
# "/buggy/" => "access 2 hours",
# "/asdhas/" => "access plus 1 seconds 2 minutes"
# )
# }}}
# {{{ mod_rrdtool
# see rrdtool.txt
#
# rrdtool.binary = "/usr/bin/rrdtool"
# rrdtool.db-name = var.statedir + "/lighttpd.rrd"
# }}}
# {{{ mod_setenv
# see setenv.txt
#
# setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" )
# setenv.add-response-header = ( "X-Secret-Message" => "42" )
# }}}
# {{{ mod_webdav
# see webdav.txt
#
# $HTTP["url"] =~ "^/dav($|/)" {
# webdav.activate = "enable"
# webdav.is-readonly = "enable"
# }
# }}}
# {{{ extra rules
#
# set Content-Encoding and reset Content-Type for browsers that
# support decompressing on-thy-fly (requires mod_setenv)
# $HTTP["url"] =~ "\.gz$" {
# setenv.add-response-header = ("Content-Encoding" => "x-gzip")
# mimetype.assign = (".gz" => "text/plain")
# }
# $HTTP["url"] =~ "\.bz2$" {
# setenv.add-response-header = ("Content-Encoding" => "x-bzip2")
# mimetype.assign = (".bz2" => "text/plain")
# }
#
# }}}
# {{{ debug
# debug.log-request-header = "enable"
# debug.log-response-header = "enable"
# debug.log-request-handling = "enable"
# debug.log-file-not-found = "enable"
# }}}
# Nagios
alias.url = (
"/cgi-bin/nagios" => "/usr/lib/nagios/cgi-bin",
"/nagios/cgi-bin" => "/usr/lib/nagios/cgi-bin",
"/nagios" => "/usr/share/nagios/htdocs",
"/pnp4nagios" => "/usr/share/nagios/htdocs"
)
$HTTP["url"] =~ "^/nagios/cgi-bin" {
cgi.assign = ( "" => "" )
}
# vim: set ft=conf foldmethod=marker et :