Revision f7bddb24
Added by Ermal LUÇI over 12 years ago
| etc/inc/system.inc | ||
|---|---|---|
| 828 | 828 |
} |
| 829 | 829 |
|
| 830 | 830 |
if($captive_portal !== false) {
|
| 831 |
$captiveportal = ",\"mod_rewrite\""; |
|
| 831 |
$captiveportal = ",\"mod_rewrite\",\"mod_evasive\"";
|
|
| 832 | 832 |
$captive_portal_rewrite = "url.rewrite-once = ( \"(.*captiveportal.*)\" => \"$1\", \"(.*)\" => \"/index.php?zone={$captive_portal}&redirurl=$1\" )\n";
|
| 833 |
$captive_portal_module = ""; |
|
| 834 | 833 |
|
| 835 | 834 |
$maxprocperip = $config['captiveportal'][$captive_portal]['maxprocperip']; |
| 836 | 835 |
if(empty($maxprocperip)) |
| 837 |
$maxprocperip = 4;
|
|
| 836 |
$maxprocperip = 10;
|
|
| 838 | 837 |
$captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}";
|
| 839 | 838 |
|
| 840 | 839 |
$server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n";
|
| ... | ... | |
| 844 | 843 |
} else {
|
| 845 | 844 |
$captiveportal = ""; |
| 846 | 845 |
$captive_portal_rewrite = ""; |
| 847 |
$captive_portal_module = ""; |
|
| 848 | 846 |
$captive_portal_mod_evasive = ""; |
| 849 | 847 |
$server_upload_dirs = "server.upload-dirs = ( \"{$g['upload_path']}/\", \"{$g['tmp_path']}/\", \"/var/\" )\n";
|
| 850 | 848 |
$server_max_request_size = "server.max-request-size = 2097152"; |
| ... | ... | |
| 887 | 885 |
$max_procs += 4; // 6 worker processes |
| 888 | 886 |
} |
| 889 | 887 |
$bin_environment = <<<EOC |
| 890 |
"bin-environment" => ( |
|
| 891 |
"PHP_FCGI_CHILDREN" => "0", |
|
| 892 |
"PHP_FCGI_MAX_REQUESTS" => "500" |
|
| 893 |
), |
|
| 894 |
EOC; |
|
| 895 |
|
|
| 896 |
} else if ($avail > 0 and $avail < 128) {
|
|
| 897 |
$bin_environment = <<<EOC |
|
| 898 |
"bin-environment" => ( |
|
| 899 |
"PHP_FCGI_CHILDREN" => "0", |
|
| 900 |
"PHP_FCGI_MAX_REQUESTS" => "2", |
|
| 901 |
), |
|
| 902 |
|
|
| 903 |
EOC; |
|
| 904 |
} else |
|
| 905 |
$bin_environment = <<<EOC |
|
| 906 |
"bin-environment" => ( |
|
| 907 |
"PHP_FCGI_CHILDREN" => "0", |
|
| 908 |
"PHP_FCGI_MAX_REQUESTS" => "500" |
|
| 909 |
), |
|
| 910 | 888 |
EOC; |
| 889 |
} |
|
| 911 | 890 |
|
| 912 |
if($fast_cgi_enable == true) {
|
|
| 913 |
$module = "\"mod_fastcgi\", \"mod_cgi\""; |
|
| 914 |
if ($captive_portal !== false) |
|
| 915 |
$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket";
|
|
| 916 |
else |
|
| 917 |
$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi.socket";
|
|
| 918 |
$cgi_config = ""; |
|
| 919 |
$fastcgi_config = <<<EOD |
|
| 891 |
if ($captive_portal !== false) |
|
| 892 |
$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket";
|
|
| 893 |
else |
|
| 894 |
$fast_cgi_path = "{$g['tmp_path']}/php-fastcgi.socket";
|
|
| 895 |
$fastcgi_config = <<<EOD |
|
| 920 | 896 |
#### fastcgi module |
| 921 | 897 |
## read fastcgi.txt for more info |
| 922 | 898 |
fastcgi.server = ( ".php" => |
| 923 |
( "localhost" => |
|
| 924 |
( |
|
| 925 |
"socket" => "{$fast_cgi_path}",
|
|
| 926 |
"min-procs" => 0, |
|
| 927 |
"max-procs" => {$max_procs},
|
|
| 928 |
{$bin_environment}
|
|
| 929 |
"bin-path" => "/usr/local/bin/php" |
|
| 930 |
) |
|
| 899 |
( "localhost" => |
|
| 900 |
( |
|
| 901 |
"socket" => "{$fast_cgi_path}",
|
|
| 902 |
"min-procs" => 0, |
|
| 903 |
"max-procs" => {$max_procs},
|
|
| 904 |
"bin-environment" => ( |
|
| 905 |
"PHP_FCGI_CHILDREN" => "0", |
|
| 906 |
"PHP_FCGI_MAX_REQUESTS" => "500" |
|
| 907 |
), |
|
| 908 |
"bin-path" => "/usr/local/bin/php" |
|
| 931 | 909 |
) |
| 932 | 910 |
) |
| 933 |
|
|
| 934 |
#### CGI module |
|
| 935 |
cgi.assign = ( ".cgi" => "" ) |
|
| 936 |
|
|
| 937 |
EOD; |
|
| 938 |
} else {
|
|
| 939 |
$fastcgi_config = ""; |
|
| 940 |
$module = "\"mod_cgi\""; |
|
| 941 |
$cgi_config = <<<EOD |
|
| 942 |
#### CGI module |
|
| 943 |
cgi.assign = ( ".php" => "/usr/local/bin/php", |
|
| 944 |
".cgi" => "" ) |
|
| 911 |
) |
|
| 945 | 912 |
|
| 946 | 913 |
EOD; |
| 947 |
} |
|
| 948 | 914 |
|
| 949 | 915 |
$lighty_config = ""; |
| 950 | 916 |
$lighty_config .= <<<EOD |
| ... | ... | |
| 961 | 927 |
#server.use-ipv6 = "enable" |
| 962 | 928 |
|
| 963 | 929 |
## modules to load |
| 964 |
server.modules = ( |
|
| 965 |
{$captive_portal_module}
|
|
| 966 |
"mod_access", "mod_accesslog", "mod_expire", "mod_compress", "mod_redirect", |
|
| 967 |
{$module}{$captiveportal}
|
|
| 930 |
server.modules = ( "mod_access", "mod_expire", "mod_compress", "mod_redirect", |
|
| 931 |
{$captiveportal}, "mod_fastcgi"
|
|
| 968 | 932 |
) |
| 969 | 933 |
|
| 970 |
## Unused modules |
|
| 971 |
# "mod_setenv", |
|
| 972 |
# "mod_rewrite", |
|
| 973 |
# "mod_ssi", |
|
| 974 |
# "mod_usertrack", |
|
| 975 |
# "mod_expire", |
|
| 976 |
# "mod_secdownload", |
|
| 977 |
# "mod_rrdtool", |
|
| 978 |
# "mod_auth", |
|
| 979 |
# "mod_status", |
|
| 980 |
# "mod_alias", |
|
| 981 |
# "mod_proxy", |
|
| 982 |
# "mod_simple_vhost", |
|
| 983 |
# "mod_evhost", |
|
| 984 |
# "mod_userdir", |
|
| 985 |
# "mod_cgi", |
|
| 986 |
|
|
| 987 | 934 |
server.max-keep-alive-requests = 15 |
| 988 | 935 |
server.max-keep-alive-idle = 30 |
| 989 | 936 |
|
| ... | ... | |
| 996 | 943 |
server.max-write-idle = 999 |
| 997 | 944 |
|
| 998 | 945 |
## where to send error-messages to |
| 999 |
server.errorlog = "/var/log/lighttpd.error.log"
|
|
| 946 |
server.errorlog-use-syslog="enable"
|
|
| 1000 | 947 |
|
| 1001 | 948 |
# files to check for if .../ is requested |
| 1002 | 949 |
server.indexfiles = ( "index.php", "index.html", |
| ... | ... | |
| 1058 | 1005 |
# Use the "Content-Type" extended attribute to obtain mime type if possible |
| 1059 | 1006 |
#mimetypes.use-xattr = "enable" |
| 1060 | 1007 |
|
| 1061 |
#### accesslog module |
|
| 1062 |
#accesslog.filename = "/dev/null" |
|
| 1063 |
|
|
| 1064 | 1008 |
## deny access the file-extensions |
| 1065 | 1009 |
# |
| 1066 | 1010 |
# ~ is for backupfiles from vi, emacs, joe, ... |
| ... | ... | |
| 1118 | 1062 |
|
| 1119 | 1063 |
{$fastcgi_config}
|
| 1120 | 1064 |
|
| 1121 |
{$cgi_config}
|
|
| 1122 |
|
|
| 1123 | 1065 |
{$captive_portal_mod_evasive}
|
| 1124 | 1066 |
|
| 1125 | 1067 |
expire.url = ( |
Also available in: Unified diff
Simplify lighty config and tune mod_evasive as needed. Mostly a cherry-pick from RELENG_2_0 changes