Dobry den,
Potreboval bych poradit s konfiguraci webserveru
lighttpd aby mi spravne pracoval
Baikal pro synchronizaci CalDav/CardDav vedle bezici instalace DNS serveru
Pi-hole.
Pi-hole jsem nainstaloval na aktualnim Armbianu Bullseye pomoci utility
armbain-config. Baikal jsem instaloval podle
oficialnich instrukci . Ty bohuzel neobsahuji informace pro konfiguraci
lighttpd, jen pro apache a nginx. Nastaveni jsem proto provadel podle
tohoto navodu. Prestoze se mi dari pristup na webove rozhrani Baikalu a synchronizace kalendare funguje, nedari se mi pripojeni synchronizace kontaktu na Macbooku a proto si myslim ze
lighttpd neni spravne nakonfigurovany. Mac pry potrebuje nastavena pravidla
url.redirectBaikal je umisteny pod
/var/www/html vedle souboru weboveho rozhrani Pi-hole:
$ tree -L 2 -pug /var/www
/var/www
└── [drwxrwxr-x www-data www-data] html
├── [drwxr-xr-x root root ] admin
├── [drwxr-xr-x root root ] baikal
├── [-rw-r--r-- root root ] index.lighttpd.orig
└── [drwxr-xr-x root root ] pihole
$ tree -L 1 -pug /var/www/html/baikal/
/var/www/html/baikal/
├── [drwxr-xr-x www-data www-data] config
├── [drwxr-xr-x root root ] Core
├── [drwxr-xr-x root root ] html
├── [-rw-r--r-- root root ] LICENSE
├── [-rw-r--r-- root root ] README.md
├── [drwxr-xr-x www-data www-data] Specific
└── [drwxr-xr-x root root ] vendor
Na webove rozhrani Baikalu se muzu dostat v prolizeci prez
http://pi-hole/baikal/html/ (
pi-hole je hostname serveru) resp.
http://pi-hole/baikal/html/admin/ Take prez ip serveru:
http://192.168.178.4/baikal/html/ V administraci Pi-hole mam pod Local DNS - DNS Records nasledujici zaznam:
Domain: baikal | ip: 192.168.178.4V
/etc/lighttpd/lighttpd.conf je puvodni konfigurace weboveho rozhrani Pi-hole. ktera by se nemela menit:
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE: #
# /etc/lighttpd/external.conf #
###############################################################################
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
mimetype.assign = (
".ico" => "image/x-icon",
".jpeg" => "image/jpeg",
".jpg" => "image/jpeg",
".png" => "image/png",
".svg" => "image/svg+xml",
".css" => "text/css; charset=utf-8",
".html" => "text/html; charset=utf-8",
".js" => "text/javascript; charset=utf-8",
".json" => "application/json; charset=utf-8",
".map" => "application/json; charset=utf-8",
".txt" => "text/plain; charset=utf-8",
".eot" => "application/vnd.ms-fontobject",
".otf" => "font/otf",
".ttc" => "font/collection",
".ttf" => "font/ttf",
".woff" => "font/woff",
".woff2" => "font/woff2"
)
# Add user chosen options held in external file
# This uses include_shell instead of an include wildcard for compatibility
include_shell "cat external.conf 2>/dev/null"
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
# Prevent Lighttpd from enabling Let's Encrypt SSL for every blocked domain
#include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"\n' 2>/dev/null"
# If the URL starts with /admin, it is the Web interface
$HTTP["url"] =~ "^/admin/" {
# Create a response header for debugging using curl -I
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
}
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
# allow teleporter and API qr code iframe on settings page
$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" {
setenv.add-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
}
}
# Default expire header
expire.url = ( "" => "access plus 0 seconds" )
Konfigurace pro Baikal je v souboru
/etc/lighttpd/external.conf$HTTP["host"] == "baikal" {
server.modules = (
"mod_access",
"mod_redirect",
"mod_rewrite"
)
server.document-root = "/blabla/var/www/html/baikal/html"
server.errorlog = "/var/log/lighttpd/error.log"
server.username = "www-data"
server.groupname = "www-data"
server.port = 8843
server.follow-symlink = "enable"
index-file.names = ("index.php")
$HTTP["url"] =~ "/(\.ht|Core|Specific|config)/" {
url.access-deny = ("")
}
url.redirect = (
"^/.well-known/caldav" => "/dav.php",
"^/.well-known/carddav" => "/dav.php"
)
}
Vzhledem k problemum se synchronizaci kalendare (Mac hlasi ze nemuze overit prihlasovaci jemno/heslo) mam pocit ze nastaveni
url.redirect je bud spatne, nebo ta konfigurace v /etc/lighttpd/external.conf nefunguje jak ma
1 Odpovědí
1824 Zhlédnutí