rss logo

Configurer le partage multi-dossiers avec un serveur web Lighttpd sous GNU/Linux

Lighttpd logo

J'ai précédemment décris comment installer et mettre en place un partage de fichiers via HTTP avec le service Lighttpd. Pour accéder à l'article complet, voir ici. Récemment, j'ai été confronté à la nécessité de partager deux dossiers distincts avec une authentification individuelle pour chaque dossier. Dans cet article, je décrirai comment y parvenir, car comme nous le verrons, ce n'est pas si facile.

Installation de Lighttpd

  • Installer lighttpd :
root@host:~# apt-get install lighttpd
  • Créer les répertoires upload :
root@host:~# mkdir /var/www/upload1 root@host:~# mkdir /var/www/upload2
  • Changer récursivement le propriétaire des dossiers :
root@host:~# chown -R www-data:www-data /var/www/upload1 root@host:~# chown -R www-data:www-data /var/www/upload2
  • Définir les fichiers d'authentification :
root@host:~# echo "user1:PASSWORD1" > /etc/lighttpd/upload1-plain.user root@host:~# echo "user2:PASSWORD2" > /etc/lighttpd/upload2-plain.user

Éditer le fichier de configuration

  • Éditer /etc/lighttpd/lighttpd.conf:
server.modules = ( "mod_indexfile", "mod_access", "mod_alias", "mod_redirect", "mod_auth", "mod_authn_file" ) auth.backend = "plain" #UPLOAD1 (http://X.X.X.X/) $HTTP["url"] =~ "^/$" { auth.backend.plain.userfile = "/etc/lighttpd/upload1-plain.user" auth.require = ( "" => ( "method" => "basic", "realm" => "Auth", "require" => "valid-user" ) ) } #UPLOAD2 (http://X.X.X.X/upload2) $HTTP["url"] =~ "^/upload2($|/)" { auth.backend.plain.userfile = "/etc/lighttpd/upload2-plain.user" server.dir-listing = "enable" alias.url = ( "/upload2" => "/var/www/upload2/" ) auth.require = ( "" => ( "method" => "basic", "realm" => "Auth", "require" => "valid-user" ) ) } #UPLOAD1 (DEFAULT) server.document-root = "/var/www/upload1/" server.dir-listing = "enable" dir-listing.encoding = "utf-8" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/run/lighttpd.pid" server.username = "www-data" server.groupname = "www-data" server.port = 80 # features #https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails server.feature-flags += ("server.h2proto" => "enable") server.feature-flags += ("server.h2c" => "enable") server.feature-flags += ("server.graceful-shutdown-timeout" => 5) #server.feature-flags += ("server.graceful-restart-bg" => "enable") # strict parsing and normalization of URL for consistency and security # https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails # (might need to explicitly set "url-path-2f-decode" = "disable" # if a specific application is encoding URLs inside url-path) server.http-parseopts = ( "header-strict" => "enable",# default "host-strict" => "enable",# default "host-normalize" => "enable",# default "url-normalize-unreserved"=> "enable",# recommended highly "url-normalize-required" => "enable",# recommended "url-ctrls-reject" => "enable",# recommended "url-path-2f-decode" => "enable",# recommended highly (unless breaks app) #"url-path-2f-reject" => "enable", "url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app) #"url-path-dotseg-reject" => "enable", #"url-query-20-plus" => "enable",# consistency in query string ) index-file.names = ( "index.php", "index.html" ) url.access-deny = ( "~", ".inc" ) static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) # default listening port for IPv6 falls back to the IPv4 port include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.conf.pl" include "/etc/lighttpd/conf-enabled/*.conf" #server.compat-module-load = "disable" server.modules += ( "mod_dirlisting", "mod_staticfile", )
  • Redémarrer le service lighttpd :
root@host:~# systemctl restart lighttpd.service
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :

contact mail address