pi-hole/advanced/lighttpd.conf.debian

86 lines
3.4 KiB
Plaintext
Raw Normal View History

2016-01-30 21:12:40 +01:00
# Pi-hole: A black hole for Internet advertisements
2017-02-22 18:55:20 +01:00
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
2016-01-30 21:12:40 +01:00
#
2017-02-22 18:55:20 +01:00
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: #
# /etc/lighttpd/external.conf #
###############################################################################
2015-06-07 06:27:43 +02:00
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
2015-06-07 06:27:43 +02:00
"mod_expire",
"mod_compress",
"mod_redirect",
2016-05-02 01:46:15 +02:00
"mod_setenv",
"mod_rewrite"
2015-06-07 06:27:43 +02:00
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
2015-06-07 06:27:43 +02:00
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
2015-06-07 06:27:43 +02:00
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
2015-06-07 06:27:43 +02:00
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
2015-06-07 06:27:43 +02:00
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
2015-06-07 06:27:43 +02:00
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
mimetype.assign = ( ".png" => "image/png",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".html" => "text/html",
".css" => "text/css; charset=utf-8",
".js" => "application/javascript; charset=utf-8",
".json" => "application/json",
".txt" => "text/plain",
".svg" => "image/svg+xml" )
2015-06-07 06:27:43 +02:00
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"
# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
# Create a response header for debugging using curl -I
2016-05-03 17:58:13 +02:00
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
$HTTP["url"] =~ ".ttf$" {
# Allow Block Page access to local fonts
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
2017-02-21 20:36:59 +01:00
}
2018-10-26 20:12:11 +02:00
}
2017-02-21 20:36:59 +01:00
2018-10-26 20:12:11 +02:00
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
2018-10-26 20:12:11 +02:00
include_shell "cat external.conf 2>/dev/null"