Actions
Feature #1014
closed
Configure lighttpd for use with piboxwww
Status:
Closed
Priority:
Immediate
Assignee:
Category:
Web Server
Target version:
Start date:
31 Jul 2023
Due date:
% Done:
100%
Estimated time:
Severity:
01 - Critical
Description
This is to test the suitability of switching to lighttpd (as opposed to Busybox httpd) from Monkey.
Files
Related issues
Updated by Hammel over 1 year ago
Updated by Hammel about 1 year ago
- Related to Bug #1040: Investigate alternatives to Monkey as a web server added
Updated by Hammel about 1 year ago
- File lighttpd.conf lighttpd.conf added
This is turning out to be the likely path, as I found all the information I need to get it to load the piboxwww site on a browser.
Some notes- for general configuration help: https://www.cyberciti.biz/tips/installing-and-configuring-lighttpd-webserver-howto.html
- For FastCGI setup: https://www.cyberciti.biz/tips/lighttpd-php-fastcgi-configuration.html
- Also need to do: touch /etc/lighttpd/conf.d/cgi.conf on target system
- Basic Auth setup (but not md5 pw's): https://www.cyberciti.biz/tips/lighttpd-setup-a-password-protected-directory-directories.html
- htdigest auth (md5 pw's): https://www.cyberciti.biz/tips/lighttpd-secure-digest-authentication-mod_auth.html
I've attached my conf file updates when testing on cam1.
Updated by Hammel about 1 year ago
- File modules.conf modules.conf added
- File debug.conf debug.conf added
Updated by Hammel about 1 year ago
- Status changed from New to In Progress
- % Done changed from 0 to 20
Configure htdigest authentication and make sure piboxwww is updated, if needed to point to the correct htdigest file.
I will want to remove "monkey" from the config/directories/etc. and change it to "pibox".
Updated by Hammel about 1 year ago
- Severity changed from 05 - Very Low to 01 - Critical
Updated by Hammel about 1 year ago
Configuring htdigest
- Generate pw file: htdigest -c /etc/lighttpd/.passwd 'Authorized users only' tom
- htdigest is in apache so we don't have that.
- Generate with openssl (requires adding binary to Buildroot-Target Packages-Libraries-openssl)
$ echo "password" | openssl passwd -apr1 -stdin $apr1$r8mlIRyv$B7xsBRVCUyMnCjfvkR/u./ $ echo "username:$(echo password | openssl passwd --salt r8mlIRyv -apr1 -stdin)" username:$apr1$r8mlIRyv$B7xsBRVCUyMnCjfvkR/u./ $ echo "stats:$(echo stats | openssl passwd -apr1 -stdin)" stats:$apr1$iLpPMCo9$j1zviL0K9tL6N7UtBvwcT.
- Generate with md5sum and awk
printf "%s:%s:%s\n" "$user" "$realm" "$(printf "%s" "$user:$realm:$pass" | md5sum | awk '{print $1}')"
- Enable module: server.modules += ( "mod_auth" )
- Add to lighttpd.conf
auth.backend = "htdigest" auth.backend.htdigest.userfile = "/etc/lighttpd/.passwd" auth.debug = 2
- pw protect directories
auth.require = ( "/docs/" => ( "method" => "digest", "realm" => "Authorized users only", "require" => "valid-user" ) )
Updated by Hammel about 1 year ago
- Status changed from In Progress to Closed
- % Done changed from 20 to 100
All changes tested on hardware and working.
Code committed and pushed.
Closing issue.
Actions