From be823d37cca93bd31026d1c3a40f0cb4b36974eb Mon Sep 17 00:00:00 2001 From: lars-hagen Date: Thu, 9 Jan 2020 00:17:01 +0100 Subject: [PATCH] bind mounting admin conf and a bin to set password --- .gitignore | 1 + bin/setPassword.sh | 3 + config/litespeed/1.6.4.lh/entrypoint.sh | 1 + docker-compose.yml | 7 +- lsws/admin-conf/admin_config.conf | 28 + lsws/admin-conf/admin_config.conf0 | 28 + lsws/admin-conf/htpasswd | 1 + lsws/admin-conf/jcryption_keypair | 1 + lsws/admin-conf/php.ini | 1082 +++++++++++++++++++++++ lsws/admin-conf/webadmin.crt | 21 + lsws/admin-conf/webadmin.key | 27 + lsws/conf/httpd_config.conf | 248 ++++++ lsws/conf/httpd_config.conf.bak | 251 ++++++ lsws/conf/httpd_config.conf0 | 257 ++++++ lsws/conf/mime.properties | 162 ++++ lsws/conf/mime.properties0 | 162 ++++ lsws/conf/templates/ccl.conf | 57 ++ lsws/conf/templates/ccl.conf.bak | 57 ++ lsws/conf/templates/ccl.conf0 | 57 ++ lsws/conf/templates/rails.conf | 74 ++ lsws/conf/templates/rails.conf0 | 74 ++ lsws/conf/vhosts/Example/htgroup | 4 + lsws/conf/vhosts/Example/htpasswd | 2 + lsws/conf/vhosts/Example/vhconf.conf | 115 +++ lsws/conf/vhosts/Example/vhconf.conf0 | 115 +++ 25 files changed, 2832 insertions(+), 3 deletions(-) create mode 100755 bin/setPassword.sh create mode 100644 lsws/admin-conf/admin_config.conf create mode 100644 lsws/admin-conf/admin_config.conf0 create mode 100644 lsws/admin-conf/htpasswd create mode 100644 lsws/admin-conf/jcryption_keypair create mode 100644 lsws/admin-conf/php.ini create mode 100644 lsws/admin-conf/webadmin.crt create mode 100644 lsws/admin-conf/webadmin.key create mode 100644 lsws/conf/httpd_config.conf create mode 100644 lsws/conf/httpd_config.conf.bak create mode 100644 lsws/conf/httpd_config.conf0 create mode 100755 lsws/conf/mime.properties create mode 100755 lsws/conf/mime.properties0 create mode 100644 lsws/conf/templates/ccl.conf create mode 100644 lsws/conf/templates/ccl.conf.bak create mode 100755 lsws/conf/templates/ccl.conf0 create mode 100755 lsws/conf/templates/rails.conf create mode 100755 lsws/conf/templates/rails.conf0 create mode 100755 lsws/conf/vhosts/Example/htgroup create mode 100755 lsws/conf/vhosts/Example/htpasswd create mode 100644 lsws/conf/vhosts/Example/vhconf.conf create mode 100644 lsws/conf/vhosts/Example/vhconf.conf0 diff --git a/.gitignore b/.gitignore index 1269488..56c8a92 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ data +latest.yml diff --git a/bin/setPassword.sh b/bin/setPassword.sh new file mode 100755 index 0000000..7cc3349 --- /dev/null +++ b/bin/setPassword.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash +docker-compose exec litespeed su -s /bin/bash lsadm -c 'echo "admin:$(/usr/local/lsws/admin/fcgi-bin/admin_php* -q /usr/local/lsws/admin/misc/htpasswd.php '${1}')" > /usr/local/lsws/admin/conf/htpasswd'; + \ No newline at end of file diff --git a/config/litespeed/1.6.4.lh/entrypoint.sh b/config/litespeed/1.6.4.lh/entrypoint.sh index fa1cfc1..8cdfe03 100644 --- a/config/litespeed/1.6.4.lh/entrypoint.sh +++ b/config/litespeed/1.6.4.lh/entrypoint.sh @@ -1,5 +1,6 @@ #!/bin/bash chown 999:999 /usr/local/lsws/conf -R +chown 999:1000 /usr/local/lsws/admin/conf -R cd /var/www/vhosts/localhost/html if [ ! -f "./wp-config.php" ]; then # su -s /bin/bash www-data -c diff --git a/docker-compose.yml b/docker-compose.yml index cc5ab4e..8eec303 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,13 +16,14 @@ services: build: context: ./config/litespeed/${LITESPEED}/ args: - extensions: lsphp72 lsphp72-common lsphp72-mysql lsphp72-json - + #extensions: lsphp72 lsphp72-common lsphp72-mysql lsphp72-json + extensions: image: litespeedtech/openlitespeed-beta:travis env_file: - .env volumes: - - ./conf:/usr/local/lsws/conf + - ./lsws/conf:/usr/local/lsws/conf + - ./lsws/admin-conf:/usr/local/lsws/admin/conf - ./bin/container:/usr/local/bin - ./sites:/var/www/vhosts/ - ./logs:/usr/local/lsws/logs/ diff --git a/lsws/admin-conf/admin_config.conf b/lsws/admin-conf/admin_config.conf new file mode 100644 index 0000000..34834de --- /dev/null +++ b/lsws/admin-conf/admin_config.conf @@ -0,0 +1,28 @@ +enableCoreDump 1 +sessionTimeout 3600 + +errorlog $SERVER_ROOT/admin/logs/error.log { + useServer 0 + logLevel INFO + rollingSize 10M +} + +accessLog $SERVER_ROOT/admin/logs/access.log { + useServer 0 + rollingSize 10M + keepDays 90 + logReferer 1 + logUserAgent 1 +} + +accessControl { + allow ALL +} + +listener adminListener{ + address *:7080 + secure 1 + keyFile $SERVER_ROOT/admin/conf/webadmin.key + certFile $SERVER_ROOT/admin/conf/webadmin.crt + clientVerify 0 +} diff --git a/lsws/admin-conf/admin_config.conf0 b/lsws/admin-conf/admin_config.conf0 new file mode 100644 index 0000000..34834de --- /dev/null +++ b/lsws/admin-conf/admin_config.conf0 @@ -0,0 +1,28 @@ +enableCoreDump 1 +sessionTimeout 3600 + +errorlog $SERVER_ROOT/admin/logs/error.log { + useServer 0 + logLevel INFO + rollingSize 10M +} + +accessLog $SERVER_ROOT/admin/logs/access.log { + useServer 0 + rollingSize 10M + keepDays 90 + logReferer 1 + logUserAgent 1 +} + +accessControl { + allow ALL +} + +listener adminListener{ + address *:7080 + secure 1 + keyFile $SERVER_ROOT/admin/conf/webadmin.key + certFile $SERVER_ROOT/admin/conf/webadmin.crt + clientVerify 0 +} diff --git a/lsws/admin-conf/htpasswd b/lsws/admin-conf/htpasswd new file mode 100644 index 0000000..a4dc604 --- /dev/null +++ b/lsws/admin-conf/htpasswd @@ -0,0 +1 @@ +admin:$1$RaqgGtmd$81EhmoqpWhiJJtCDRp0FX/ diff --git a/lsws/admin-conf/jcryption_keypair b/lsws/admin-conf/jcryption_keypair new file mode 100644 index 0000000..4caea38 --- /dev/null +++ b/lsws/admin-conf/jcryption_keypair @@ -0,0 +1 @@ +a:4:{s:5:"e_hex";s:5:"10001";s:5:"n_hex";s:128:"b7bb4f3cc625b0eeac732dd8a390b85abcf8e431e5fdcceff9263fde708a5c7987cd7d688049505c0d093f04578a5c42682a42059b716379395cd70fc1607305";s:5:"d_int";s:154:"6703825019665916493952926277112537602724741832858064679940864979484386878393952384373680267948475998523919847151974076664649456074859804518970261355949869";s:5:"n_int";s:154:"9622808776613556941196156765077082963615029579254418488496494911195835531228802340733537655491185073667122493828575044373162008340396816107834354845119237";} \ No newline at end of file diff --git a/lsws/admin-conf/php.ini b/lsws/admin-conf/php.ini new file mode 100644 index 0000000..4eb7a3b --- /dev/null +++ b/lsws/admin-conf/php.ini @@ -0,0 +1,1082 @@ +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; +; This is the recommended, PHP 4-style version of the php.ini-dist file. It +; sets some non standard settings, that make PHP more efficient, more secure, +; and encourage cleaner coding. +; The price is that with these settings, PHP may be incompatible with some +; applications, and sometimes, more difficult to develop with. Using this +; file is warmly recommended for production sites. As all of the changes from +; the standard settings are thoroughly documented, you can go over each one, +; and decide whether you want to use it or not. +; +; For general information about the php.ini file, please consult the php.ini-dist +; file, included in your PHP distribution. +; +; This file is different from the php.ini-dist file in the fact that it features +; different values for several directives, in order to improve performance, while +; possibly breaking compatibility with the standard out-of-the-box behavior of +; PHP 3. Please make sure you read what's different, and modify your scripts +; accordingly, if you decide to use this file instead. +; +; - register_globals = Off [Security, Performance] +; Global variables are no longer registered for input data (POST, GET, cookies, +; environment and other server variables). Instead of using $foo, you must use +; you can use $_REQUEST["foo"] (includes any variable that arrives through the +; request, namely, POST, GET and cookie variables), or use one of the specific +; $_GET["foo"], $_POST["foo"], $_COOKIE["foo"] or $_FILES["foo"], depending +; on where the input originates. Also, you can look at the +; import_request_variables() function. +; Note that register_globals is going to be depracated (i.e., turned off by +; default) in the next version of PHP, because it often leads to security bugs. +; Read http://php.net/manual/en/security.registerglobals.php for further +; information. +; - display_errors = Off [Security] +; With this directive set to off, errors that occur during the execution of +; scripts will no longer be displayed as a part of the script output, and thus, +; will no longer be exposed to remote users. With some errors, the error message +; content may expose information about your script, web server, or database +; server that may be exploitable for hacking. Production sites should have this +; directive set to off. +; - log_errors = On [Security] +; This directive complements the above one. Any errors that occur during the +; execution of your script will be logged (typically, to your server's error log, +; but can be configured in several ways). Along with setting display_errors to off, +; this setup gives you the ability to fully understand what may have gone wrong, +; without exposing any sensitive information to remote users. +; - output_buffering = 4096 [Performance] +; Set a 4KB output buffer. Enabling output buffering typically results in less +; writes, and sometimes less packets sent on the wire, which can often lead to +; better performance. The gain this directive actually yields greatly depends +; on which Web server you're working with, and what kind of scripts you're using. +; - register_argc_argv = Off [Performance] +; Disables registration of the somewhat redundant $argv and $argc global +; variables. +; - magic_quotes_gpc = Off [Performance] +; Input data is no longer escaped with slashes so that it can be sent into +; SQL databases without further manipulation. Instead, you should use the +; function addslashes() on each input element you wish to send to a database. +; - variables_order = "GPCS" [Performance] +; The environment variables are not hashed into the $HTTP_ENV_VARS[]. To access +; environment variables, you can use getenv() instead. +; - error_reporting = E_ALL [Code Cleanliness, Security(?)] +; By default, PHP surpresses errors of type E_NOTICE. These error messages +; are emitted for non-critical errors, but that could be a symptom of a bigger +; problem. Most notably, this will cause error messages about the use +; of uninitialized variables to be displayed. +; - allow_call_time_pass_reference = Off [Code cleanliness] +; It's not possible to decide to force a variable to be passed by reference +; when calling a function. The PHP 4 style to do this is by making the +; function require the relevant argument by reference. + + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; + +; Enable the PHP scripting language engine under Apache. +engine = On + +; Allow the tags are recognized. +; NOTE: Using short tags should be avoided when developing applications or +; libraries that are meant for redistribution, or deployment on PHP +; servers which are not under your control, because short tags may not +; be supported on the target server. For portable, redistributable code, +; be sure not to use short tags. +short_open_tag = On + +; The number of significant digits displayed in floating point numbers. +precision = 14 + +; Output buffering allows you to send header lines (including cookies) even +; after you send body content, at the price of slowing PHP's output layer a +; bit. You can enable output buffering during runtime by calling the output +; buffering functions. You can also enable output buffering for all files by +; setting this directive to On. If you wish to limit the size of the buffer +; to a certain size - you can use a maximum number of bytes instead of 'On', as +; a value for this directive (e.g., output_buffering=4096). +output_buffering = Off + +; You can redirect all of the output of your scripts to a function. For +; example, if you set output_handler to "mb_output_handler", character +; encoding will be transparently converted to the specified encoding. +; Setting any output handler automatically turns on output buffering. +; Note: People who wrote portable scripts should not depend on this ini +; directive. Instead, explicitly set the output handler using ob_start(). +; Using this ini directive may cause problems unless you know what script +; is doing. +; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" +; and you cannot use both "ob_gzhandler" and "zlib.output_compression". +;output_handler = + +; Transparent output compression using the zlib library +; Valid values for this option are 'off', 'on', or a specific buffer size +; to be used for compression (default is 4KB) +; Note: Resulting chunk size may vary due to nature of compression. PHP +; outputs chunks that are few handreds bytes each as a result of compression. +; If you want larger chunk size for better performence, enable output_buffering +; also. +; Note: output_handler must be empty if this is set 'On' !!!! +; Instead you must use zlib.output_handler. +zlib.output_compression = Off + +; You cannot specify additional output handlers if zlib.output_compression +; is activated here. This setting does the same as output_handler but in +; a different order. +;zlib.output_handler = + +; Implicit flush tells PHP to tell the output layer to flush itself +; automatically after every output block. This is equivalent to calling the +; PHP function flush() after each and every call to print() or echo() and each +; and every HTML block. Turning this option on has serious performance +; implications and is generally recommended for debugging purposes only. +implicit_flush = Off + +; The unserialize callback function will called (with the undefind class' +; name as parameter), if the unserializer finds an undefined class +; which should be instanciated. +; A warning appears if the specified function is not defined, or if the +; function doesn't include/implement the missing class. +; So only set this entry, if you really want to implement such a +; callback-function. +unserialize_callback_func= + +; Whether to enable the ability to force arguments to be passed by reference +; at function call time. This method is deprecated and is likely to be +; unsupported in future versions of PHP/Zend. The encouraged method of +; specifying which arguments should be passed by reference is in the function +; declaration. You're encouraged to try and turn this option Off and make +; sure your scripts work properly with it in order to ensure they will work +; with future versions of the language (you will receive a warning each time +; you use this feature, and the argument will be passed by value instead of by +; reference). +; allow_call_time_pass_reference = Off + +; +; Safe Mode +; +safe_mode = Off + +; By default, Safe Mode does a UID compare check when +; opening files. If you want to relax this to a GID compare, +; then turn on safe_mode_gid. +safe_mode_gid = Off + +; When safe_mode is on, UID/GID checks are bypassed when +; including files from this directory and its subdirectories. +; (directory must also be in include_path or full path must +; be used when including) +safe_mode_include_dir = + +; When safe_mode is on, only executables located in the safe_mode_exec_dir +; will be allowed to be executed via the exec family of functions. +safe_mode_exec_dir = + +; Setting certain environment variables may be a potential security breach. +; This directive contains a comma-delimited list of prefixes. In Safe Mode, +; the user may only alter environment variables whose names begin with the +; prefixes supplied here. By default, users will only be able to set +; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). +; +; Note: If this directive is empty, PHP will let the user modify ANY +; environment variable! +safe_mode_allowed_env_vars = PHP_ + +; This directive contains a comma-delimited list of environment variables that +; the end user won't be able to change using putenv(). These variables will be +; protected even if safe_mode_allowed_env_vars is set to allow to change them. +safe_mode_protected_env_vars = LD_LIBRARY_PATH + +; open_basedir, if set, limits all file operations to the defined directory +; and below. This directive makes most sense if used in a per-directory +; or per-virtualhost web server configuration file. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +;open_basedir = + +; This directive allows you to disable certain functions for security reasons. +; It receives a comma-delimited list of function names. This directive is +; *NOT* affected by whether Safe Mode is turned On or Off. +disable_functions = + +; Colors for Syntax Highlighting mode. Anything that's acceptable in +; would work. +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.bg = #FFFFFF +;highlight.default = #0000BB +;highlight.html = #000000 + + +; +; Misc +; +; Decides whether PHP may expose the fact that it is installed on the server +; (e.g. by adding its signature to the Web server header). It is no security +; threat in any way, but it makes it possible to determine whether you use PHP +; on your server or not. +expose_php = On + + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; + +max_execution_time = 30 ; Maximum execution time of each script, in seconds +max_input_time = 60 ; Maximum amount of time each script may spend parsing request data +memory_limit = 32M ; Maximum amount of memory a script may consume (32MB) + + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; error_reporting is a bit-field. Or each number up to get desired error +; reporting level +; E_ALL - All errors and warnings +; E_ERROR - fatal run-time errors +; E_WARNING - run-time warnings (non-fatal errors) +; E_PARSE - compile-time parse errors +; E_NOTICE - run-time notices (these are warnings which often result +; from a bug in your code, but it's possible that it was +; intentional (e.g., using an uninitialized variable and +; relying on the fact it's automatically initialized to an +; empty string) +; E_CORE_ERROR - fatal errors that occur during PHP's initial startup +; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's +; initial startup +; E_COMPILE_ERROR - fatal compile-time errors +; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) +; E_USER_ERROR - user-generated error message +; E_USER_WARNING - user-generated warning message +; E_USER_NOTICE - user-generated notice message +; +; Examples: +; +; - Show all errors, except for notices +; +error_reporting = E_ALL & ~E_NOTICE +; +; - Show only errors +; +;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR +; +; - Show all errors +; +;error_reporting = E_ALL + +; Print out errors (as a part of the output). For production web sites, +; you're strongly encouraged to turn this feature off, and use error logging +; instead (see below). Keeping display_errors enabled on a production web site +; may reveal security information to end users, such as file paths on your Web +; server, your database schema or other information. +display_errors = Off + +; Even when display_errors is on, errors that occur during PHP's startup +; sequence are not displayed. It's strongly recommended to keep +; display_startup_errors off, except for when debugging. +display_startup_errors = Off + +; Log errors into a log file (server-specific log, stderr, or error_log (below)) +; As stated above, you're strongly advised to use error logging in place of +; error displaying on production web sites. +log_errors = On + +; Set maximum length of log_errors. In error_log information about the source is +; added. The default is 1024 and 0 allows to not apply any maximum length at all. +log_errors_max_len = 1024 + +; Do not log repeated messages. Repeated errors must occur in same file on same +; line until ignore_repeated_source is set true. +ignore_repeated_errors = Off + +; Ignore source of message when ignoring repeated messages. When this setting +; is On you will not log errors with repeated messages from different files or +; sourcelines. +ignore_repeated_source = Off + +; If this parameter is set to Off, then memory leaks will not be shown (on +; stdout or in the log). This has only effect in a debug compile, and if +; error reporting includes E_WARNING in the allowed list +report_memleaks = On + +; Store the last error/warning message in $php_errormsg (boolean). +track_errors = Off + +; Disable the inclusion of HTML tags in error messages. +;html_errors = Off + +; If html_errors is set On PHP produces clickable error messages that direct +; to a page describing the error or function causing the error in detail. +; You can download a copy of the PHP manual from http://www.php.net/docs.php +; and change docref_root to the base URL of your local copy including the +; leading '/'. You must also specify the file extension being used including +; the dot. +;docref_root = /phpmanual/ +;docref_ext = .html + +; String to output before an error message. +;error_prepend_string = "" + +; String to output after an error message. +;error_append_string = "" + +; Log errors to specified file. +;error_log = filename + +; Log errors to syslog (Event Log on NT, not valid in Windows 95). +;error_log = syslog + + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +; +; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 + +; The separator used in PHP generated URLs to separate arguments. +; Default is "&". +;arg_separator.output = "&" + +; List of separator(s) used by PHP to parse input URLs into variables. +; Default is "&". +; NOTE: Every character in this directive is considered as separator! +;arg_separator.input = ";&" + +; This directive describes the order in which PHP registers GET, POST, Cookie, +; Environment and Built-in variables (G, P, C, E & S respectively, often +; referred to as EGPCS or GPC). Registration is done from left to right, newer +; values override older values. +variables_order = "GPCS" + +; Whether or not to register the EGPCS variables as global variables. You may +; want to turn this off if you don't want to clutter your scripts' global scope +; with user data. This makes most sense when coupled with track_vars - in which +; case you can access all of the GPC variables through the $HTTP_*_VARS[], +; variables. +; +; You should do your best to write your scripts so that they do not require +; register_globals to be on; Using form variables as globals can easily lead +; to possible security problems, if the code is not very well thought of. +register_globals = Off + +; This directive tells PHP whether to declare the argv&argc variables (that +; would contain the GET information). If you don't use these variables, you +; should turn it off for increased performance. +register_argc_argv = Off + +; Maximum size of POST data that PHP will accept. +post_max_size = 8M + +; This directive is deprecated. Use variables_order instead. +gpc_order = "GPC" + +; Magic quotes +; + +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = Off + +; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. +magic_quotes_runtime = Off + +; Use Sybase-style magic quotes (escape ' with '' instead of \'). +magic_quotes_sybase = Off + +; Automatically add files before or after any PHP document. +auto_prepend_file = +auto_append_file = + +; As of 4.0b4, PHP always outputs a character encoding by default in +; the Content-type: header. To disable sending of the charset, simply +; set it to be empty. +; +; PHP's built-in default is text/html +default_mimetype = "text/html" +;default_charset = "iso-8859-1" + +; Always populate the $HTTP_RAW_POST_DATA variable. +;always_populate_raw_post_data = On + +; Allow handling of WebDAV http requests within PHP scripts (eg. +; PROPFIND, PROPPATCH, MOVE, COPY, etc..) +; If you want to get the post data of those requests, you have to +; set always_populate_raw_post_data as well. +;allow_webdav_methods = On + +;;;;;;;;;;;;;;;;;;;;;;;;; +; Paths and Directories ; +;;;;;;;;;;;;;;;;;;;;;;;;; + +; UNIX: "/path1:/path2" +;include_path = ".:/php/includes" +; +; Windows: "\path1;\path2" +;include_path = ".;c:\php\includes" + +; The root of the PHP pages, used only if nonempty. +; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root +; if you are running php as a CGI under any web server (other than IIS) +; see documentation for security issues. The alternate is to use the +; cgi.force_redirect configuration below +doc_root = + +; The directory under which PHP opens the script using /~usernamem used only +; if nonempty. +user_dir = + +; Directory in which the loadable extensions (modules) reside. +extension_dir = ./ + +; Whether or not to enable the dl() function. The dl() function does NOT work +; properly in multithreaded servers, such as IIS or Zeus, and is automatically +; disabled on them. +enable_dl = On + +; cgi.force_redirect is necessary to provide security running PHP as a CGI under +; most web servers. Left undefined, PHP turns this on by default. You can +; turn it off here AT YOUR OWN RISK +; **You CAN safely turn this off for IIS, in fact, you MUST.** +; cgi.force_redirect = 1 + +; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape +; (iPlanet) web servers, you MAY need to set an environment variable name that PHP +; will look for to know it is OK to continue execution. Setting this variable MAY +; cause security issues, KNOW WHAT YOU ARE DOING FIRST. +; cgi.redirect_status_env = ; + +; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate +; security tokens of the calling client. This allows IIS to define the +; security context that the request runs under. mod_fastcgi under Apache +; does not currently support this feature (03/17/2002) +; Set to 1 if running under IIS. Default is zero. +; fastcgi.impersonate = 1; + +; cgi.rfc2616_headers configuration option tells PHP what type of headers to +; use when sending HTTP response code. If it's set 0 PHP sends Status: header that +; is supported by Apache. When this option is set to 1 PHP will send +; RFC2616 compliant header. +; Set to 1 if running under IIS. Default is zero. +;cgi.rfc2616_headers = 0 + + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; + +; Whether to allow HTTP file uploads. +file_uploads = Off + +; Temporary directory for HTTP uploaded files (will use system default if not +; specified). +;upload_tmp_dir = + +; Maximum allowed size for uploaded files. +upload_max_filesize = 2M + + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; + +; Whether to allow the treatment of URLs (like http:// or ftp://) as files. +allow_url_fopen = On + +; Define the anonymous ftp password (your email address) +;from="john@doe.com" + +; Define the user agent for php to send +;user_agent="PHP" + +; Default timeout for socket based streams (seconds) +default_socket_timeout = 60 + +; If your scripts have to deal with files from Macintosh systems, +; or you are running on a Mac and need to deal with files from +; unix or win32 systems, setting this flag will cause PHP to +; automatically detect the EOL character in those files so that +; fgets() and file() will work regardless of the source of the file. +; auto_detect_line_endings = Off + + +;;;;;;;;;;;;;;;;;;;;;; +; Dynamic Extensions ; +;;;;;;;;;;;;;;;;;;;;;; +; +; If you wish to have an extension loaded automatically, use the following +; syntax: +; +; extension=modulename.extension +; +; For example, on Windows: +; +; extension=msql.dll +; +; ... or under UNIX: +; +; extension=msql.so +; +; Note that it should be the name of the module only; no directory information +; needs to go here. Specify the location of the extension with the +; extension_dir directive above. + + +;Windows Extensions +;Note that MySQL and ODBC support is now built in, so no dll is needed for it. +; +;extension=php_bz2.dll +;extension=php_cpdf.dll +;extension=php_crack.dll +;extension=php_curl.dll +;extension=php_db.dll +;extension=php_dba.dll +;extension=php_dbase.dll +;extension=php_dbx.dll +;extension=php_domxml.dll +;extension=php_exif.dll +;extension=php_fbsql.dll +;extension=php_fdf.dll +;extension=php_filepro.dll +;extension=php_gd.dll +;extension=php_gd2.dll +;extension=php_gettext.dll +;extension=php_hyperwave.dll +;extension=php_iconv.dll +;extension=php_ifx.dll +;extension=php_iisfunc.dll +;extension=php_imap.dll +;extension=php_interbase.dll +;extension=php_java.dll +;extension=php_ldap.dll +;extension=php_mbstring.dll +;extension=php_mcrypt.dll +;extension=php_mhash.dll +;extension=php_mime_magic.dll +;extension=php_ming.dll +;extension=php_mssql.dll +;extension=php_msql.dll +;extension=php_oci8.dll +;extension=php_openssl.dll +;extension=php_oracle.dll +;extension=php_pdf.dll +;extension=php_pgsql.dll +;extension=php_printer.dll +;extension=php_shmop.dll +;extension=php_snmp.dll +;extension=php_sockets.dll +;extension=php_sybase_ct.dll +;extension=php_w32api.dll +;extension=php_xmlrpc.dll +;extension=php_xslt.dll +;extension=php_yaz.dll +;extension=php_zip.dll + + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[Syslog] +; Whether or not to define the various syslog variables (e.g. $LOG_PID, +; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In +; runtime, you can define these variables by calling define_syslog_variables(). +define_syslog_variables = Off + +[mail function] +; For Win32 only. +SMTP = localhost + +; For Win32 only. +sendmail_from = me@localhost.com + +; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). +;sendmail_path = + +[Java] +;java.class.path = .\php_java.jar +;java.home = c:\jdk +;java.library = c:\jdk\jre\bin\hotspot\jvm.dll +;java.library.path = .\ + +[SQL] +sql.safe_mode = Off + +[ODBC] +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented + +; Allow or prevent persistent links. +odbc.allow_persistent = On + +; Check that a connection is still valid before reuse. +odbc.check_persistent = On + +; Maximum number of persistent links. -1 means no limit. +odbc.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +odbc.max_links = -1 + +; Handling of LONG fields. Returns number of bytes to variables. 0 means +; passthru. +odbc.defaultlrl = 4096 + +; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. +; See the documentation on odbc_binmode and odbc_longreadlen for an explanation +; of uodbc.defaultlrl and uodbc.defaultbinmode +odbc.defaultbinmode = 1 + +[MySQL] +; Allow or prevent persistent links. +mysql.allow_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +mysql.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +mysql.max_links = -1 + +; Default port number for mysql_connect(). If unset, mysql_connect() will use +; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the +; compile-time value defined MYSQL_PORT (in that order). Win32 will only look +; at MYSQL_PORT. +mysql.default_port = + +; Default socket name for local MySQL connects. If empty, uses the built-in +; MySQL defaults. +mysql.default_socket = + +; Default host for mysql_connect() (doesn't apply in safe mode). +mysql.default_host = + +; Default user for mysql_connect() (doesn't apply in safe mode). +mysql.default_user = + +; Default password for mysql_connect() (doesn't apply in safe mode). +; Note that this is generally a *bad* idea to store passwords in this file. +; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") +; and reveal this password! And of course, any users with read access to this +; file will be able to reveal the password as well. +mysql.default_password = + +; Maximum time (in secondes) for connect timeout. -1 means no limimt +mysql.connect_timeout = -1 + +; Trace mode. When trace_mode is active (=On), warnings for table/index scans and +; SQL-Erros will be displayed. +mysql.trace_mode = Off + +[mSQL] +; Allow or prevent persistent links. +msql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +msql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +msql.max_links = -1 + +[PostgresSQL] +; Allow or prevent persistent links. +pgsql.allow_persistent = On + +; Detect broken persistent links always with pg_pconnect(). +; Auto reset feature requires a little overheads. +pgsql.auto_reset_persistent = Off + +; Maximum number of persistent links. -1 means no limit. +pgsql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +pgsql.max_links = -1 + +; Ignore PostgreSQL backends Notice message or not. +; Notice message logging require a little overheads. +pgsql.ignore_notice = 0 + +; Log PostgreSQL backends Noitce message or not. +; Unless pgsql.ignore_notice=0, module cannot log notice message. +pgsql.log_notice = 0 + +[Sybase] +; Allow or prevent persistent links. +sybase.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybase.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybase.max_links = -1 + +;sybase.interface_file = "/usr/sybase/interfaces" + +; Minimum error severity to display. +sybase.min_error_severity = 10 + +; Minimum message severity to display. +sybase.min_message_severity = 10 + +; Compatability mode with old versions of PHP 3.0. +; If on, this will cause PHP to automatically assign types to results according +; to their Sybase type, instead of treating them all as strings. This +; compatability mode will probably not stay around forever, so try applying +; whatever necessary changes to your code, and turn it off. +sybase.compatability_mode = Off + +[Sybase-CT] +; Allow or prevent persistent links. +sybct.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +sybct.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +sybct.max_links = -1 + +; Minimum server message severity to display. +sybct.min_server_severity = 10 + +; Minimum client message severity to display. +sybct.min_client_severity = 10 + +[dbx] +; returned column names can be converted for compatibility reasons +; possible values for dbx.colnames_case are +; "unchanged" (default, if not set) +; "lowercase" +; "uppercase" +; the recommended default is either upper- or lowercase, but +; unchanged is currently set for backwards compatibility +dbx.colnames_case = "lowercase" + +[bcmath] +; Number of decimal digits for all bcmath functions. +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Informix] +; Default host for ifx_connect() (doesn't apply in safe mode). +ifx.default_host = + +; Default user for ifx_connect() (doesn't apply in safe mode). +ifx.default_user = + +; Default password for ifx_connect() (doesn't apply in safe mode). +ifx.default_password = + +; Allow or prevent persistent links. +ifx.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ifx.max_persistent = -1 + +; Maximum number of links (persistent + non-persistent). -1 means no limit. +ifx.max_links = -1 + +; If on, select statements return the contents of a text blob instead of its id. +ifx.textasvarchar = 0 + +; If on, select statements return the contents of a byte blob instead of its id. +ifx.byteasvarchar = 0 + +; Trailing blanks are stripped from fixed-length char columns. May help the +; life of Informix SE users. +ifx.charasvarchar = 0 + +; If on, the contents of text and byte blobs are dumped to a file instead of +; keeping them in memory. +ifx.blobinfile = 0 + +; NULL's are returned as empty strings, unless this is set to 1. In that case, +; NULL's are returned as string 'NULL'. +ifx.nullformat = 0 + +[Session] +; Handler used to store/retrieve data. +session.save_handler = files + +; Argument passed to save_handler. In the case of files, this is the path +; where data files are stored. Note: Windows users have to change this +; variable in order to use PHP's session functions. +session.save_path = /tmp + +; Whether to use cookies. +session.use_cookies = 1 + +; This option enables administrators to make their users invulnerable to +; attacks which involve passing session ids in URLs; defaults to 0. +; session.use_only_cookies = 1 + +; Name of the session (used as cookie name). +session.name = PHPSESSID + +; Initialize session on request startup. +session.auto_start = 0 + +; Lifetime in seconds of cookie or, if 0, until browser is restarted. +session.cookie_lifetime = 0 + +; The path for which the cookie is valid. +session.cookie_path = / + +; The domain for which the cookie is valid. +session.cookie_domain = + +; Handler used to serialize data. php is the standard serializer of PHP. +session.serialize_handler = php + +; Define the probability that the 'garbage collection' process is started +; on every session initialization. +; The probability is calculated by using gc_probability/gc_dividend, +; e.g. 1/100 means 1%. + +session.gc_probability = 1 +session.gc_dividend = 1000 + +; After this number of seconds, stored data will be seen as 'garbage' and +; cleaned up by the garbage collection process. +session.gc_maxlifetime = 1440 + +; PHP 4.2 and less have an undocumented feature/bug that allows you to +; to initialize a session variable in the global scope, albeit register_globals +; is disabled. PHP 4.3 and later will warn you, if this feature is used. +; You can disable the feature and the warning seperately. At this time, +; the warning is only displayed, if bug_compat_42 is enabled. + +session.bug_compat_42 = 0 +session.bug_compat_warn = 1 + +; Check HTTP Referer to invalidate externally stored URLs containing ids. +; HTTP_REFERER has to contain this substring for the session to be +; considered as valid. +session.referer_check = + +; How many bytes to read from the file. +session.entropy_length = 0 + +; Specified here to create the session id. +session.entropy_file = + +;session.entropy_length = 16 + +;session.entropy_file = /dev/urandom + +; Set to {nocache,private,public,} to determine HTTP caching aspects. +; or leave this empty to avoid sending anti-caching headers. +session.cache_limiter = nocache + +; Document expires after n minutes. +session.cache_expire = 180 + +; trans sid support is disabled by default. +; Use of trans sid may risk your users security. +; Use this option with caution. +; - User may send URL contains active session ID +; to other person via. email/irc/etc. +; - URL that contains active session ID may be stored +; in publically accessible computer. +; - User may access your site with the same session ID +; always using URL stored in browser's history or bookmarks. +session.use_trans_sid = 0 + +; The URL rewriter will look for URLs in a defined set of HTML tags. +; form/fieldset are special; if you include them here, the rewriter will +; add a hidden field with the info which is otherwise appended +; to URLs. If you want XHTML conformity, remove the form entry. +; Note that all valid entries require a "=", even if no value follows. +url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" + +[MSSQL] +; Allow or prevent persistent links. +mssql.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +mssql.max_persistent = -1 + +; Maximum number of links (persistent+non persistent). -1 means no limit. +mssql.max_links = -1 + +; Minimum error severity to display. +mssql.min_error_severity = 10 + +; Minimum message severity to display. +mssql.min_message_severity = 10 + +; Compatability mode with old versions of PHP 3.0. +mssql.compatability_mode = Off + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textlimit = 4096 + +; Valid range 0 - 2147483647. Default = 4096. +;mssql.textsize = 4096 + +; Limits the number of records in each batch. 0 = all records in one batch. +;mssql.batchsize = 0 + +; Use NT authentication when connecting to the server +mssql.secure_connection = Off + +; Specify max number of processes. Default = 25 +;mssql.max_procs = 25 + +[Assertion] +; Assert(expr); active by default. +;assert.active = On + +; Issue a PHP warning for each failed assertion. +;assert.warning = On + +; Don't bail out by default. +;assert.bail = Off + +; User-function to be called if an assertion fails. +;assert.callback = 0 + +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +;assert.quiet_eval = 0 + +[Ingres II] +; Allow or prevent persistent links. +ingres.allow_persistent = On + +; Maximum number of persistent links. -1 means no limit. +ingres.max_persistent = -1 + +; Maximum number of links, including persistents. -1 means no limit. +ingres.max_links = -1 + +; Default database (format: [node_id::]dbname[/srv_class]). +ingres.default_database = + +; Default user. +ingres.default_user = + +; Default password. +ingres.default_password = + +[Verisign Payflow Pro] +; Default Payflow Pro server. +pfpro.defaulthost = "test-payflow.verisign.com" + +; Default port to connect to. +pfpro.defaultport = 443 + +; Default timeout in seconds. +pfpro.defaulttimeout = 30 + +; Default proxy IP address (if required). +;pfpro.proxyaddress = + +; Default proxy port. +;pfpro.proxyport = + +; Default proxy logon. +;pfpro.proxylogon = + +; Default proxy password. +;pfpro.proxypassword = + +[Sockets] +; Use the system read() function instead of the php_read() wrapper. +sockets.use_system_read = On + +[com] +; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs +;com.typelib_file = +; allow Distributed-COM calls +;com.allow_dcom = true +; autoregister constants of a components typlib on com_load() +;com.autoregister_typelib = true +; register constants casesensitive +;com.autoregister_casesensitive = false +; show warnings on duplicate constat registrations +;com.autoregister_verbose = true + +[Printer] +;printer.default_printer = "" + +[mbstring] +; language for internal character representation. +;mbstring.language = Japanese + +; internal/script encoding. +; Some encoding cannot work as internal encoding. +; (e.g. SJIS, BIG5, ISO-2022-*) +;mbstring.internal_encoding = EUC-JP + +; http input encoding. +;mbstring.http_input = auto + +; http output encoding. mb_output_handler must be +; registered as output buffer to function +;mbstring.http_output = SJIS + +; enable automatic encoding translation accoding to +; mbstring.internal_encoding setting. Input chars are +; converted to internal encoding by setting this to On. +; Note: Do _not_ use automatic encoding translation for +; portable libs/applications. +;mbstring.encoding_translation = Off + +; automatic encoding detection order. +; auto means +;mbstring.detect_order = auto + +; substitute_character used when character cannot be converted +; one from another +;mbstring.substitute_character = none; + +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +;mbstring.func_overload = 0 + +[FrontBase] +;fbsql.allow_persistent = On +;fbsql.autocommit = On +;fbsql.default_database = +;fbsql.default_database_password = +;fbsql.default_host = +;fbsql.default_password = +;fbsql.default_user = "_SYSTEM" +;fbsql.generate_warnings = Off +;fbsql.max_connections = 128 +;fbsql.max_links = 128 +;fbsql.max_persistent = -1 +;fbsql.max_results = 128 +;fbsql.batchSize = 1000 + +[Crack] +; Modify the setting below to match the directory location of the cracklib +; dictionary files. Include the base filename, but not the file extension. +; crack.default_dictionary = "c:\php\lib\cracklib_dict" + +[exif] +; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. +; With mbstring support this will automatically be converted into the encoding +; given by corresponding encode setting. When empty mbstring.internal_encoding +; is used. For the decode settings you can distinguish between motorola and +; intel byte order. A decode setting cannot be empty. +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +; Local Variables: +; tab-width: 4 +; End: diff --git a/lsws/admin-conf/webadmin.crt b/lsws/admin-conf/webadmin.crt new file mode 100644 index 0000000..149964e --- /dev/null +++ b/lsws/admin-conf/webadmin.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDczCCAlsCFGdb2/AErEwza/LlvbsHa2N8n6NZMA0GCSqGSIb3DQEBCwUAMHYx +CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApOZXcgSmVyc2V5MRAwDgYDVQQHDAdWaXJ0 +dWFsMRswGQYDVQQKDBJMaXRlU3BlZWRDb21tdW5pdHkxEDAOBgNVBAsMB1Rlc3Rp +bmcxETAPBgNVBAMMCHdlYmFkbWluMB4XDTIwMDEwNjExMDQ0OVoXDTIyMTAwMjEx +MDQ0OVowdjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCk5ldyBKZXJzZXkxEDAOBgNV +BAcMB1ZpcnR1YWwxGzAZBgNVBAoMEkxpdGVTcGVlZENvbW11bml0eTEQMA4GA1UE +CwwHVGVzdGluZzERMA8GA1UEAwwId2ViYWRtaW4wggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQC32vTgc+Xzgj/QafxWr4N4d9qqeEXsJ9QGyIti4Ws08UTp +1R9YSNOujEZRecl5pvA8cFAhH2XCOVoBQ/IqOxzo0Vw6TnrKvnfGzHD7bqQdn1H6 +QDtSxALwh1KoQQd+iRdZGSa1DEpHHS/S5qp87X+oslYLNU4C/uSrRgmq/11fEXcd +l7z3SVp8duS+AlJ1yviB7zU0KQm3UxKSIOO0jUDqrfBDz128WjnFnrvpUyDxfsJ+ +95cvk/fPEHYNZoF390AclR9EQ1h14kIIVKd5hXClerCBV8ho1b/YI8gX4SQvcv7X +6kNL1uN9FUOW/MoFUeDLvAGw0NZNeTA9lYU4XKyJAgMBAAEwDQYJKoZIhvcNAQEL +BQADggEBAClGWPhigFsELv3IvWk/ibEdSsconD+zlp3RlPvNrOSgHc4LY29668Y7 +9hzXB/2Ghl1oY9tygZXdJf0pJmYE4UbE1xTaF3CXFtd87wQb3ygrbcOutgC4mkEn +paDNWBAD5NSUyUqFW0R4+Vcdc/n0bE41jz4CEY0hIoKOscZPeZKGIo751oJ/QZUb +omAYVLWReahiKI+cVzNKnz96k/95b9kYBJV4xsBaJg/UTOwCeWII3lylF4X8ipoP +3F2NPJFso78BdmzxL5EVTi6mBbsKZk5tPP6jv4ihNjh2ZNnzbJd+49dSNgnMUIYY +Yg2oimvaSuP8ktnG8/ItHPMEbxa1LSo= +-----END CERTIFICATE----- diff --git a/lsws/admin-conf/webadmin.key b/lsws/admin-conf/webadmin.key new file mode 100644 index 0000000..f8cc8cd --- /dev/null +++ b/lsws/admin-conf/webadmin.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAt9r04HPl84I/0Gn8Vq+DeHfaqnhF7CfUBsiLYuFrNPFE6dUf +WEjTroxGUXnJeabwPHBQIR9lwjlaAUPyKjsc6NFcOk56yr53xsxw+26kHZ9R+kA7 +UsQC8IdSqEEHfokXWRkmtQxKRx0v0uaqfO1/qLJWCzVOAv7kq0YJqv9dXxF3HZe8 +90lafHbkvgJSdcr4ge81NCkJt1MSkiDjtI1A6q3wQ89dvFo5xZ676VMg8X7CfveX +L5P3zxB2DWaBd/dAHJUfRENYdeJCCFSneYVwpXqwgVfIaNW/2CPIF+EkL3L+1+pD +S9bjfRVDlvzKBVHgy7wBsNDWTXkwPZWFOFysiQIDAQABAoIBAEz5QLiQDWAL0gfB +t8HbLaHMHCJuxGeArUZBxAmb8rRxprZ3Ye4mX2melPobkPx7pezH4ORdLs9ID6Sj ++8kugoX+0SwgG0yyvZbflRXPVqqIP1wUdEHMiqaFIVgMEcUqRDorS4dVI+vuDk2w +AQTYsi/AqkF7CbQ7XyVN51JOI5tfENG9XpdHeVZYjkvC/yCZPZxSBN4c+HnRx/1J +tkaSz/nQ5v+H7JUYd/rD7i2E0tjsrj9LE6hYnqNiCxyGiSO+2DR+ljBubm/4P/K7 +1GjK5viiCIYFCxUBE+WeemggMfh6qT/QgYhe3+B5bb9t5ia4iM99gOdTK1AmctIc +xm3OPLkCgYEA3zfpDy84X2tPeeUyLRHVpXuDF3zkg7o+U6L3Fdp8GsDxB3wSSp4x +p/6pXbUIjEoCNWnmTyv1PBICMvkzoZXkZ+gW1QFaa0GuOUMhzck9FrDv0Oib5zOF +A1fJRJexJ967VLbzzv0u8hfZ9pZ4WPhP8IZHgBetO1ans/FpYPc1wlMCgYEA0tsn +/G2s6zBWFKb6ZzpEkox2Xj3nJFnNKrl7BIFKPovO2lVJYUt0rLFB505oBeygjfDf +d91KEAbeiwvS1VZiE5HJhZdqlqwuqS7uAIPIyseLEWG1eA6rIwhwdThSOezXhSiK +gseIiRJxTS48/tNcEmtZ5J7UbIZuCTbsE2+qcjMCgYAHE+DB6H9jFyX3+Xpzz2L0 +0ku/zOf5/UfIoxwuhzT0LDX4RMjXsNhmOT7ph7nzqM0VIHx6+ivWccO8Fga7EuOh +H8zJiDdzuytpCWXi/oR/WbDg8N8wn4OSLZBmKmEloHxUHVDxuTlp17PDi9XZDFaM +i9VsjFOj1AWRQRBUUMJVnQKBgQCJjUBjkySn9MtjA578sm1DcPBTAG0GMLL/+SoA +QVuuu8PAeLy7BN9jPOtyOprvqnL+xbDyX+DN3b1V1eu/EnA+te9R//ofuslhwuSu +X0ogxtW5DBW28VLBMuMyBQDXGuNp0Y2yTPqL+QUCxXQzBKzesztcQiTvey7TQgn1 +j/YQMwKBgAi8ryLDsEVGI1EJZAylwq8vPCyDIzVU7z2TXcUwU25PatIlAUqN9P1J +xVHI266xaNqtyua3kIo0/F1WeyARBWy3CywQcnC5i67Lwj249oQ5CZKw2damEVm0 +kxx9uv7nXc2d7N+KOTA0gYfzhThFl5QK6zz+2PdD2mKcUqBXOapi +-----END RSA PRIVATE KEY----- diff --git a/lsws/conf/httpd_config.conf b/lsws/conf/httpd_config.conf new file mode 100644 index 0000000..d9174bf --- /dev/null +++ b/lsws/conf/httpd_config.conf @@ -0,0 +1,248 @@ +# +# PLAIN TEXT CONFIGURATION FILE +# +#It not set, will use host name as serverName +serverName +user nobody +group nogroup +priority 0 +inMemBufSize 60M +swappingDir /tmp/lshttpd/swap +autoFix503 1 +gracefulRestartTimeout 300 +mime conf/mime.properties +showVersionNumber 0 +adminEmails root@localhost + +errorlog logs/error.log { + logLevel DEBUG + debugLevel 0 + rollingSize 10M + enableStderrLog 1 +} + +accesslog logs/access.log { + rollingSize 10M + keepDays 30 + compressArchive 0 +} +indexFiles index.html, index.php + +expires { + enableExpires 1 + expiresByType image/*=A604800,text/css=A604800,application/x-javascript=A604800,application/javascript=A604800,font/*=A604800,application/x-font-ttf=A604800 +} + +tuning { + maxConnections 10000 + maxSSLConnections 10000 + connTimeout 300 + maxKeepAliveReq 10000 + smartKeepAlive 0 + keepAliveTimeout 5 + sndBufSize 0 + rcvBufSize 0 + maxReqURLLen 32768 + maxReqHeaderSize 65536 + maxReqBodySize 2047M + maxDynRespHeaderSize 32768 + maxDynRespSize 2047M + maxCachedFileSize 4096 + totalInMemCacheSize 20M + maxMMapFileSize 256K + totalMMapCacheSize 40M + useSendfile 1 + fileETag 28 + enableGzipCompress 1 + compressibleTypes text/*, application/x-javascript, application/xml, application/javascript, image/svg+xml,application/rss+xml + enableDynGzipCompress 1 + gzipCompressLevel 6 + gzipAutoUpdateStatic 1 + gzipStaticCompressLevel 6 + brStaticCompressLevel 6 + gzipMaxFileSize 10M + gzipMinFileSize 300 + + quicEnable 1 + quicShmDir /dev/shm +} + +fileAccessControl { + followSymbolLink 1 + checkSymbolLink 0 + requiredPermissionMask 000 + restrictedPermissionMask 000 +} + +perClientConnLimit { + staticReqPerSec 0 + dynReqPerSec 0 + outBandwidth 0 + inBandwidth 0 + softLimit 10000 + hardLimit 10000 + gracePeriod 15 + banPeriod 300 +} + +CGIRLimit { + maxCGIInstances 20 + minUID 11 + minGID 10 + priority 0 + CPUSoftLimit 10 + CPUHardLimit 50 + memSoftLimit 1460M + memHardLimit 1470M + procSoftLimit 400 + procHardLimit 450 +} + +accessDenyDir { + dir / + dir /etc/* + dir /dev/* + dir conf/* + dir admin/conf/* +} + +accessControl { + allow ALL +} + +extprocessor lsphp { + type lsapi + address uds://tmp/lshttpd/lsphp.sock + maxConns 10 + env PHP_LSAPI_CHILDREN=10 + env LSAPI_AVOID_FORK=200M + initTimeout 60 + retryTimeout 0 + persistConn 1 + respBuffer 0 + autoStart 1 + path fcgi-bin/lsphp + backlog 100 + instances 1 + priority 0 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 1400 + procHardLimit 1500 +} + +scripthandler { + add lsapi:lsphp php +} + +railsDefaults { + maxConns 1 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +wsgiDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +nodeDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +module cache { + +checkPrivateCache 1 +checkPublicCache 1 +maxCacheObjSize 10000000 +maxStaleAge 200 +qsCache 1 +reqCookieCache 1 +respCookieCache 1 +ignoreReqCacheCtrl 1 +ignoreRespCacheCtrl 0 + +enableCache 0 +expireInSeconds 3600 +enablePrivateCache 0 +privateExpireInSeconds 3600 + ls_enabled 1 +} + +virtualhost Example { + vhRoot Example/ + configFile conf/vhosts/Example/vhconf.conf + allowSymbolLink 1 + enableScript 1 + restrained 1 + setUIDMode 0 +} + +listener Default { + address *:8088 + secure 0 + map Example * +} + +listener HTTP { + address *:80 + secure 0 +} + +listener HTTPS { + address *:443 + secure 1 + keyFile /usr/local/lsws/admin/conf/webadmin.key + certFile /usr/local/lsws/admin/conf/webadmin.crt +} + +vhTemplate centralConfigLog { + templateFile conf/templates/ccl.conf + listeners Default, HTTP, HTTPS + member localhost { + vhDomain localhost + } +} + +vhTemplate EasyRailsWithSuEXEC { + templateFile conf/templates/rails.conf + listeners Default +} + +#include /usr/local/lsws/conf/sites.conf diff --git a/lsws/conf/httpd_config.conf.bak b/lsws/conf/httpd_config.conf.bak new file mode 100644 index 0000000..949488c --- /dev/null +++ b/lsws/conf/httpd_config.conf.bak @@ -0,0 +1,251 @@ +# +# PLAIN TEXT CONFIGURATION FILE +# +#It not set, will use host name as serverName +serverName +user nobody +group nogroup +priority 0 +inMemBufSize 60M +swappingDir /tmp/lshttpd/swap +autoFix503 1 +gracefulRestartTimeout 300 +mime conf/mime.properties +showVersionNumber 0 +adminEmails root@localhost + +errorlog logs/error.log { + logLevel DEBUG + debugLevel 0 + rollingSize 10M + enableStderrLog 1 +} + +accesslog logs/access.log { + rollingSize 10M + keepDays 30 + compressArchive 0 +} +indexFiles index.html, index.php + +expires { + enableExpires 1 + expiresByType image/*=A604800,text/css=A604800,application/x-javascript=A604800,application/javascript=A604800,font/*=A604800,application/x-font-ttf=A604800 +} + +tuning { + maxConnections 10000 + maxSSLConnections 10000 + connTimeout 300 + maxKeepAliveReq 10000 + smartKeepAlive 0 + keepAliveTimeout 5 + sndBufSize 0 + rcvBufSize 0 + maxReqURLLen 32768 + maxReqHeaderSize 65536 + maxReqBodySize 2047M + maxDynRespHeaderSize 32768 + maxDynRespSize 2047M + maxCachedFileSize 4096 + totalInMemCacheSize 20M + maxMMapFileSize 256K + totalMMapCacheSize 40M + useSendfile 1 + fileETag 28 + enableGzipCompress 1 + compressibleTypes text/*, application/x-javascript, application/xml, application/javascript, image/svg+xml,application/rss+xml + enableDynGzipCompress 1 + gzipCompressLevel 6 + gzipAutoUpdateStatic 1 + gzipStaticCompressLevel 6 + brStaticCompressLevel 6 + gzipMaxFileSize 10M + gzipMinFileSize 300 + + quicEnable 1 + quicShmDir /dev/shm +} + +fileAccessControl { + followSymbolLink 1 + checkSymbolLink 0 + requiredPermissionMask 000 + restrictedPermissionMask 000 +} + +perClientConnLimit { + staticReqPerSec 0 + dynReqPerSec 0 + outBandwidth 0 + inBandwidth 0 + softLimit 10000 + hardLimit 10000 + gracePeriod 15 + banPeriod 300 +} + +CGIRLimit { + maxCGIInstances 20 + minUID 11 + minGID 10 + priority 0 + CPUSoftLimit 10 + CPUHardLimit 50 + memSoftLimit 1460M + memHardLimit 1470M + procSoftLimit 400 + procHardLimit 450 +} + +accessDenyDir { + dir / + dir /etc/* + dir /dev/* + dir conf/* + dir admin/conf/* +} + +accessControl { + allow ALL +} + +extprocessor lsphp { + type lsapi + address uds://tmp/lshttpd/lsphp.sock + maxConns 10 + env PHP_LSAPI_CHILDREN=10 + env LSAPI_AVOID_FORK=200M + initTimeout 60 + retryTimeout 0 + persistConn 1 + respBuffer 0 + autoStart 1 + path fcgi-bin/lsphp + backlog 100 + instances 1 + priority 0 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 1400 + procHardLimit 1500 +} + +scripthandler { + add lsapi:lsphp php +} + +railsDefaults { + maxConns 1 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +wsgiDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +nodeDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +module cache { + +checkPrivateCache 1 +checkPublicCache 1 +maxCacheObjSize 10000000 +maxStaleAge 200 +qsCache 1 +reqCookieCache 1 +respCookieCache 1 +ignoreReqCacheCtrl 1 +ignoreRespCacheCtrl 0 + +enableCache 0 +expireInSeconds 3600 +enablePrivateCache 0 +privateExpireInSeconds 3600 + ls_enabled 1 +} + +virtualhost Example { + vhRoot Example/ + configFile conf/vhosts/Example/vhconf.conf + allowSymbolLink 1 + enableScript 1 + restrained 1 + setUIDMode 0 +} + +listener Default { + address *:8088 + secure 0 + map Example * +} + +listener HTTP { + address *:80 + secure 0 +} + +vhTemplate centralConfigLog { + templateFile conf/templates/ccl.conf + listeners Default, HTTP + note test test + + member example2.com { + vhDomain example2.com + } + + member example6.com { + vhDomain example6.com + } + + member localhost { + vhDomain localhost + } +} + +vhTemplate EasyRailsWithSuEXEC { + templateFile conf/templates/rails.conf + listeners Default +} + +#include /usr/local/lsws/conf/sites.conf diff --git a/lsws/conf/httpd_config.conf0 b/lsws/conf/httpd_config.conf0 new file mode 100644 index 0000000..5ed6fb6 --- /dev/null +++ b/lsws/conf/httpd_config.conf0 @@ -0,0 +1,257 @@ +# +# PLAIN TEXT CONFIGURATION FILE +# +#It not set, will use host name as serverName +serverName +user nobody +group nogroup +priority 0 +inMemBufSize 60M +swappingDir /tmp/lshttpd/swap +autoFix503 1 +gracefulRestartTimeout 300 +mime conf/mime.properties +showVersionNumber 0 +adminEmails root@localhost + +errorlog logs/error.log { + logLevel DEBUG + debugLevel 0 + rollingSize 10M + enableStderrLog 1 +} + +accesslog logs/access.log { + rollingSize 10M + keepDays 30 + compressArchive 0 +} +indexFiles index.html, index.php + +expires { + enableExpires 1 + expiresByType image/*=A604800,text/css=A604800,application/x-javascript=A604800,application/javascript=A604800,font/*=A604800,application/x-font-ttf=A604800 +} + +tuning { + maxConnections 10000 + maxSSLConnections 10000 + connTimeout 300 + maxKeepAliveReq 10000 + smartKeepAlive 0 + keepAliveTimeout 5 + sndBufSize 0 + rcvBufSize 0 + maxReqURLLen 32768 + maxReqHeaderSize 65536 + maxReqBodySize 2047M + maxDynRespHeaderSize 32768 + maxDynRespSize 2047M + maxCachedFileSize 4096 + totalInMemCacheSize 20M + maxMMapFileSize 256K + totalMMapCacheSize 40M + useSendfile 1 + fileETag 28 + enableGzipCompress 1 + compressibleTypes text/*, application/x-javascript, application/xml, application/javascript, image/svg+xml,application/rss+xml + enableDynGzipCompress 1 + gzipCompressLevel 6 + gzipAutoUpdateStatic 1 + gzipStaticCompressLevel 6 + brStaticCompressLevel 6 + gzipMaxFileSize 10M + gzipMinFileSize 300 + + quicEnable 1 + quicShmDir /dev/shm +} + +fileAccessControl { + followSymbolLink 1 + checkSymbolLink 0 + requiredPermissionMask 000 + restrictedPermissionMask 000 +} + +perClientConnLimit { + staticReqPerSec 0 + dynReqPerSec 0 + outBandwidth 0 + inBandwidth 0 + softLimit 10000 + hardLimit 10000 + gracePeriod 15 + banPeriod 300 +} + +CGIRLimit { + maxCGIInstances 20 + minUID 11 + minGID 10 + priority 0 + CPUSoftLimit 10 + CPUHardLimit 50 + memSoftLimit 1460M + memHardLimit 1470M + procSoftLimit 400 + procHardLimit 450 +} + +accessDenyDir { + dir / + dir /etc/* + dir /dev/* + dir conf/* + dir admin/conf/* +} + +accessControl { + allow ALL +} + +extprocessor lsphp { + type lsapi + address uds://tmp/lshttpd/lsphp.sock + maxConns 10 + env PHP_LSAPI_CHILDREN=10 + env LSAPI_AVOID_FORK=200M + initTimeout 60 + retryTimeout 0 + persistConn 1 + respBuffer 0 + autoStart 1 + path fcgi-bin/lsphp + backlog 100 + instances 1 + priority 0 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 1400 + procHardLimit 1500 +} + +scripthandler { + add lsapi:lsphp php +} + +railsDefaults { + maxConns 1 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +wsgiDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +nodeDefaults { + maxConns 5 + env LSAPI_MAX_IDLE=60 + initTimeout 60 + retryTimeout 0 + pcKeepAliveTimeout 60 + respBuffer 0 + backlog 50 + runOnStartUp 3 + extMaxIdleTime 300 + priority 3 + memSoftLimit 2047M + memHardLimit 2047M + procSoftLimit 500 + procHardLimit 600 +} + +module cache { + +checkPrivateCache 1 +checkPublicCache 1 +maxCacheObjSize 10000000 +maxStaleAge 200 +qsCache 1 +reqCookieCache 1 +respCookieCache 1 +ignoreReqCacheCtrl 1 +ignoreRespCacheCtrl 0 + +enableCache 0 +expireInSeconds 3600 +enablePrivateCache 0 +privateExpireInSeconds 3600 + ls_enabled 1 +} + +virtualhost Example { + vhRoot Example/ + configFile conf/vhosts/Example/vhconf.conf + allowSymbolLink 1 + enableScript 1 + restrained 1 + setUIDMode 0 +} + +listener Default { + address *:8088 + secure 0 + map Example * +} + +listener HTTP { + address *:80 + secure 0 +} + +vhTemplate centralConfigLog { + templateFile conf/templates/ccl.conf + listeners Default, HTTP + member example4.com { + vhDomain example4.com + } + member example3.com { + vhDomain example3.com + } + note test test + + member example2.com { + vhDomain example2.com + } + + member example6.com { + vhDomain example6.com + } + + member localhost { + vhDomain localhost + } +} + +vhTemplate EasyRailsWithSuEXEC { + templateFile conf/templates/rails.conf + listeners Default +} + +#include /usr/local/lsws/conf/sites.conf diff --git a/lsws/conf/mime.properties b/lsws/conf/mime.properties new file mode 100755 index 0000000..fa55ee8 --- /dev/null +++ b/lsws/conf/mime.properties @@ -0,0 +1,162 @@ +default = application/octet-stream +3gp = video/3gpp +3g2 = video/3gpp2 +ai, eps = application/postscript +aif, aifc, aiff = audio/x-aiff +asc = text/plain +asf = video/asf +asx = video/x-ms-asf +au = audio/basic +avi = video/x-msvideo +bcpio = application/x-bcpio +bmp = image/bmp +bin = application/octet-stream +bz, bz2 = application/x-bzip +cdf = application/x-netcdf +class = application/java-vm +cpio = application/x-cpio +cpt = application/mac-compactpro +crt = application/x-x509-ca-cert +csh = application/x-csh +css = text/css +dcr,dir, dxr = application/x-director +dms = application/octet-stream +doc = application/msword +dtd = application/xml-dtd +dvi = application/x-dvi +eot = application/vnd.ms-fontobject +etx = text/x-setext +exe = application/x-executable +ez = application/andrew-inset +flv = video/x-flv +gif = image/gif +gtar = application/x-gtar +gz, gzip = application/gzip +hdf = application/x-hdf +hqx = application/mac-binhex40 +htc = text/x-component +html, htm = text/html +ice = x-conference/x-cooltalk +ico = image/x-icon +ief = image/ief +iges, igs = model/iges +iso = application/x-cd-image +java = text/plain +jar = application/java-archive +jnlp = application/x-java-jnlp-file +jpeg, jpe, jpg = image/jpeg +js = application/x-javascript +js2 = application/javascript +js3 = text/javascript +json = application/json +jsp = text/plain +kar = audio/midi +latex = application/x-latex +lha, lzh = application/octet-stream +man = application/x-troff-man +mdb = application/vnd.ms-access +me = application/x-troff-me +mesh = model/mesh +mid, midi = audio/midi +mif = application/vnd.mif +movie = video/x-sgi-movie +mov = video/quicktime +mp2, mp3, mpga = audio/mpeg +mpeg, mpe, mpg = video/mpeg +mp4 = video/mp4 +mpp = application/vnd.ms-project +ms = application/x-troff-ms +msh = model/mesh +nc = application/x-netcdf +oda = application/oda +odb = application/vnd.oasis.opendocument.database +odc = application/vnd.oasis.opendocument.chart +odf = application/vnd.oasis.opendocument.formula +odg = application/vnd.oasis.opendocument.graphics +odi = application/vnd.oasis.opendocument.image +odp = application/vnd.oasis.opendocument.presentation +ods = application/vnd.oasis.opendocument.spreadsheet +odt = application/vnd.oasis.opendocument.text +ogg = audio/ogg +otf = application/x-font-woff +pbm = image/x-portable-bitmap +pdb = chemical/x-pdb +pdf = application/pdf +pgm = image/x-portable-graymap +pgn = application/x-chess-pgn +pls = audio/x-scpls +png = image/png +pnm = image/x-portable-anymap +ppm = image/x-portable-pixmap +ppt = application/vnd.ms-powerpoint +ps = application/postscript +qt,qtvr = video/quicktime +ra = audio/x-realaudio +ram, rm = audio/x-pn-realaudio +rar = application/x-rar-compressed +ras = image/x-cmu-raster +rgb = image/x-rgb +roff, t, tr = application/x-troff +rss = application/rss+xml +rsd = application/rsd+xml +rtf = application/rtf +rtx = text/richtext +ser = application/java-serialized-object +sgml, sgm = text/sgml +sh = application/x-sh +shar = application/x-shar +shtml = application/x-httpd-shtml +silo = model/mesh +sit = application/x-stuffit +skd, skm, skp, skt = application/x-koan +smi,smil = application/smil +snd = audio/basic +spl = application/x-futuresplash +sql = text/x-sql +src = application/x-wais-source +sv4cpio = application/x-sv4cpio +sv4crc = application/x-sv4crc +svg, svgz = image/svg+xml +swf = application/x-shockwave-flash +tar = application/x-tar +tcl = application/x-tcl +tex = application/x-tex +texi, texinfo = application/x-texinfo +tgz = application/x-gtar +tiff, tif = image/tiff +tsv = text/tab-separated-values +ttf, ttc = application/x-font-ttf +txt = text/plain +ustar = application/x-ustar +vcd = application/x-cdlink +vrml = model/vrml +vxml = application/voicexml+xml +wav = audio/vnd.wave +wax = audio/x-ms-wax +wbmp = image/vnd.wap.wbmp +webp = image/webp +wma = audio/x-ms-wma +wml = text/vnd.wap.wml +wmlc = application/vnd.wap.wmlc +wmls = text/vnd.wap.wmlscript +wmlsc = application/vnd.wap.wmlscriptc +woff = application/font-woff +woff2 = font/woff2 +woff3 = font/woff +woff4 = application/font-woff2 +ttf2 = font/ttf +woff_o1 = application/x-font-woff +wtls-ca-certificate = application/vnd.wap.wtls-ca-certificate +wri = application/vnd.ms-write +wrl = model/vrml +xbm = image/x-xbitmap +xhtml, xht = application/xhtml+xml +xls = application/vnd.ms-excel +xml, xsd, xsl = application/xml +xml2 = text/xml +xslt = application/xslt+xml +xpm = image/x-xpixmap +xwd = image/x-xwindowdump +xyz = chemical/x-pdb +zip = application/zip +z = application/compress diff --git a/lsws/conf/mime.properties0 b/lsws/conf/mime.properties0 new file mode 100755 index 0000000..fa55ee8 --- /dev/null +++ b/lsws/conf/mime.properties0 @@ -0,0 +1,162 @@ +default = application/octet-stream +3gp = video/3gpp +3g2 = video/3gpp2 +ai, eps = application/postscript +aif, aifc, aiff = audio/x-aiff +asc = text/plain +asf = video/asf +asx = video/x-ms-asf +au = audio/basic +avi = video/x-msvideo +bcpio = application/x-bcpio +bmp = image/bmp +bin = application/octet-stream +bz, bz2 = application/x-bzip +cdf = application/x-netcdf +class = application/java-vm +cpio = application/x-cpio +cpt = application/mac-compactpro +crt = application/x-x509-ca-cert +csh = application/x-csh +css = text/css +dcr,dir, dxr = application/x-director +dms = application/octet-stream +doc = application/msword +dtd = application/xml-dtd +dvi = application/x-dvi +eot = application/vnd.ms-fontobject +etx = text/x-setext +exe = application/x-executable +ez = application/andrew-inset +flv = video/x-flv +gif = image/gif +gtar = application/x-gtar +gz, gzip = application/gzip +hdf = application/x-hdf +hqx = application/mac-binhex40 +htc = text/x-component +html, htm = text/html +ice = x-conference/x-cooltalk +ico = image/x-icon +ief = image/ief +iges, igs = model/iges +iso = application/x-cd-image +java = text/plain +jar = application/java-archive +jnlp = application/x-java-jnlp-file +jpeg, jpe, jpg = image/jpeg +js = application/x-javascript +js2 = application/javascript +js3 = text/javascript +json = application/json +jsp = text/plain +kar = audio/midi +latex = application/x-latex +lha, lzh = application/octet-stream +man = application/x-troff-man +mdb = application/vnd.ms-access +me = application/x-troff-me +mesh = model/mesh +mid, midi = audio/midi +mif = application/vnd.mif +movie = video/x-sgi-movie +mov = video/quicktime +mp2, mp3, mpga = audio/mpeg +mpeg, mpe, mpg = video/mpeg +mp4 = video/mp4 +mpp = application/vnd.ms-project +ms = application/x-troff-ms +msh = model/mesh +nc = application/x-netcdf +oda = application/oda +odb = application/vnd.oasis.opendocument.database +odc = application/vnd.oasis.opendocument.chart +odf = application/vnd.oasis.opendocument.formula +odg = application/vnd.oasis.opendocument.graphics +odi = application/vnd.oasis.opendocument.image +odp = application/vnd.oasis.opendocument.presentation +ods = application/vnd.oasis.opendocument.spreadsheet +odt = application/vnd.oasis.opendocument.text +ogg = audio/ogg +otf = application/x-font-woff +pbm = image/x-portable-bitmap +pdb = chemical/x-pdb +pdf = application/pdf +pgm = image/x-portable-graymap +pgn = application/x-chess-pgn +pls = audio/x-scpls +png = image/png +pnm = image/x-portable-anymap +ppm = image/x-portable-pixmap +ppt = application/vnd.ms-powerpoint +ps = application/postscript +qt,qtvr = video/quicktime +ra = audio/x-realaudio +ram, rm = audio/x-pn-realaudio +rar = application/x-rar-compressed +ras = image/x-cmu-raster +rgb = image/x-rgb +roff, t, tr = application/x-troff +rss = application/rss+xml +rsd = application/rsd+xml +rtf = application/rtf +rtx = text/richtext +ser = application/java-serialized-object +sgml, sgm = text/sgml +sh = application/x-sh +shar = application/x-shar +shtml = application/x-httpd-shtml +silo = model/mesh +sit = application/x-stuffit +skd, skm, skp, skt = application/x-koan +smi,smil = application/smil +snd = audio/basic +spl = application/x-futuresplash +sql = text/x-sql +src = application/x-wais-source +sv4cpio = application/x-sv4cpio +sv4crc = application/x-sv4crc +svg, svgz = image/svg+xml +swf = application/x-shockwave-flash +tar = application/x-tar +tcl = application/x-tcl +tex = application/x-tex +texi, texinfo = application/x-texinfo +tgz = application/x-gtar +tiff, tif = image/tiff +tsv = text/tab-separated-values +ttf, ttc = application/x-font-ttf +txt = text/plain +ustar = application/x-ustar +vcd = application/x-cdlink +vrml = model/vrml +vxml = application/voicexml+xml +wav = audio/vnd.wave +wax = audio/x-ms-wax +wbmp = image/vnd.wap.wbmp +webp = image/webp +wma = audio/x-ms-wma +wml = text/vnd.wap.wml +wmlc = application/vnd.wap.wmlc +wmls = text/vnd.wap.wmlscript +wmlsc = application/vnd.wap.wmlscriptc +woff = application/font-woff +woff2 = font/woff2 +woff3 = font/woff +woff4 = application/font-woff2 +ttf2 = font/ttf +woff_o1 = application/x-font-woff +wtls-ca-certificate = application/vnd.wap.wtls-ca-certificate +wri = application/vnd.ms-write +wrl = model/vrml +xbm = image/x-xbitmap +xhtml, xht = application/xhtml+xml +xls = application/vnd.ms-excel +xml, xsd, xsl = application/xml +xml2 = text/xml +xslt = application/xslt+xml +xpm = image/x-xpixmap +xwd = image/x-xwindowdump +xyz = chemical/x-pdb +zip = application/zip +z = application/compress diff --git a/lsws/conf/templates/ccl.conf b/lsws/conf/templates/ccl.conf new file mode 100644 index 0000000..3a32386 --- /dev/null +++ b/lsws/conf/templates/ccl.conf @@ -0,0 +1,57 @@ +vhRoot /var/www/vhosts/$VH_NAME/ +configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf +allowSymbolLink 1 +enableScript 1 +restrained 1 +setUIDMode 2 + +virtualHostConfig { + docRoot $VH_ROOT/html/ + enableGzip 1 + + errorlog { + useServer 1 + } + + accesslog $SERVER_ROOT/logs/$VH_NAME.access.log { + useServer 0 + rollingSize 100M + keepDays 30 + compressArchive 1 + } + + index { + useServer 0 + indexFiles index.html, index.php + autoIndex 0 + autoIndexURI /_autoindex/default.php + } + + expires { + enableExpires 1 + } + + accessControl { + allow * + } + + context /cgi-bin/ { + type cgi + location $VH_ROOT/cgi-bin/ + } + + context / { + location $DOC_ROOT/ + allowBrowse 1 + + rewrite { +RewriteFile .htaccess + } + } + + rewrite { + enable 0 + logLevel 0 + } +} + diff --git a/lsws/conf/templates/ccl.conf.bak b/lsws/conf/templates/ccl.conf.bak new file mode 100644 index 0000000..07d13b5 --- /dev/null +++ b/lsws/conf/templates/ccl.conf.bak @@ -0,0 +1,57 @@ +vhRoot /var/www/vhosts/$VH_NAME/ +configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf +allowSymbolLink 1 +enableScript 1 +restrained 1 +setUIDMode 0 + +virtualHostConfig { + docRoot $VH_ROOT/html/ + enableGzip 1 + + errorlog { + useServer 1 + } + + accesslog $SERVER_ROOT/logs/$VH_NAME.access.log { + useServer 0 + rollingSize 100M + keepDays 30 + compressArchive 1 + } + + index { + useServer 0 + indexFiles index.html, index.php + autoIndex 0 + autoIndexURI /_autoindex/default.php + } + + expires { + enableExpires 1 + } + + accessControl { + allow * + } + + context /cgi-bin/ { + type cgi + location $VH_ROOT/cgi-bin/ + } + + context / { + location $DOC_ROOT/ + allowBrowse 1 + + rewrite { +RewriteFile .htaccess + } + } + + rewrite { + enable 0 + logLevel 0 + } +} + diff --git a/lsws/conf/templates/ccl.conf0 b/lsws/conf/templates/ccl.conf0 new file mode 100755 index 0000000..07d13b5 --- /dev/null +++ b/lsws/conf/templates/ccl.conf0 @@ -0,0 +1,57 @@ +vhRoot /var/www/vhosts/$VH_NAME/ +configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf +allowSymbolLink 1 +enableScript 1 +restrained 1 +setUIDMode 0 + +virtualHostConfig { + docRoot $VH_ROOT/html/ + enableGzip 1 + + errorlog { + useServer 1 + } + + accesslog $SERVER_ROOT/logs/$VH_NAME.access.log { + useServer 0 + rollingSize 100M + keepDays 30 + compressArchive 1 + } + + index { + useServer 0 + indexFiles index.html, index.php + autoIndex 0 + autoIndexURI /_autoindex/default.php + } + + expires { + enableExpires 1 + } + + accessControl { + allow * + } + + context /cgi-bin/ { + type cgi + location $VH_ROOT/cgi-bin/ + } + + context / { + location $DOC_ROOT/ + allowBrowse 1 + + rewrite { +RewriteFile .htaccess + } + } + + rewrite { + enable 0 + logLevel 0 + } +} + diff --git a/lsws/conf/templates/rails.conf b/lsws/conf/templates/rails.conf new file mode 100755 index 0000000..e6a2fd3 --- /dev/null +++ b/lsws/conf/templates/rails.conf @@ -0,0 +1,74 @@ +allowSymbolLink 1 +chrootMode 0 +enableScript 1 +restrained 1 +setUIDMode 2 +vhRoot $SERVER_ROOT/$VH_NAME/ +configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf + +virtualHostConfig { + enableGzip 1 + docRoot $VH_ROOT/public/ + + accessControl { + allow * + } + + hotlinkCtrl { + suffixes gif, jpeg, jpg + allowDirectAccess 1 + onlySelf 1 + enableHotlinkCtrl 0 + } + + rewrite { + enable 0 + logLevel 0 + } + + index { + useServer 0 + autoIndex 0 + indexFiles index.html + autoIndexURI /_autoindex/default.php + } + + accessLog $SERVER_ROOT/logs/$VH_NAME.access.log{ + logHeaders 3 + compressArchive 0 + useServer 0 + keepDays 30 + rollingSize 500M + } + + errorlog { + useServer 1 + } + + context / { + railsEnv 1 + maxConns 5 + location $VH_ROOT/ + type rails + accessControl + addDefaultCharset off + rewrite { + RewriteFile .htaccess + } + } + + expires { + enableExpires 1 + } + + awstats { + workingDir $VH_ROOT/awstats + awstatsURI /awstats/ + siteDomain localhost + siteAliases 127.0.0.1 localhost + updateMode 0 + updateInterval 86400 + updateOffset 0 + securedConn 0 + } +} diff --git a/lsws/conf/templates/rails.conf0 b/lsws/conf/templates/rails.conf0 new file mode 100755 index 0000000..e6a2fd3 --- /dev/null +++ b/lsws/conf/templates/rails.conf0 @@ -0,0 +1,74 @@ +allowSymbolLink 1 +chrootMode 0 +enableScript 1 +restrained 1 +setUIDMode 2 +vhRoot $SERVER_ROOT/$VH_NAME/ +configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhconf.conf + +virtualHostConfig { + enableGzip 1 + docRoot $VH_ROOT/public/ + + accessControl { + allow * + } + + hotlinkCtrl { + suffixes gif, jpeg, jpg + allowDirectAccess 1 + onlySelf 1 + enableHotlinkCtrl 0 + } + + rewrite { + enable 0 + logLevel 0 + } + + index { + useServer 0 + autoIndex 0 + indexFiles index.html + autoIndexURI /_autoindex/default.php + } + + accessLog $SERVER_ROOT/logs/$VH_NAME.access.log{ + logHeaders 3 + compressArchive 0 + useServer 0 + keepDays 30 + rollingSize 500M + } + + errorlog { + useServer 1 + } + + context / { + railsEnv 1 + maxConns 5 + location $VH_ROOT/ + type rails + accessControl + addDefaultCharset off + rewrite { + RewriteFile .htaccess + } + } + + expires { + enableExpires 1 + } + + awstats { + workingDir $VH_ROOT/awstats + awstatsURI /awstats/ + siteDomain localhost + siteAliases 127.0.0.1 localhost + updateMode 0 + updateInterval 86400 + updateOffset 0 + securedConn 0 + } +} diff --git a/lsws/conf/vhosts/Example/htgroup b/lsws/conf/vhosts/Example/htgroup new file mode 100755 index 0000000..5f9c0c8 --- /dev/null +++ b/lsws/conf/vhosts/Example/htgroup @@ -0,0 +1,4 @@ +group1: user1,user2, user3 +group2: +user: user8, test +group3: diff --git a/lsws/conf/vhosts/Example/htpasswd b/lsws/conf/vhosts/Example/htpasswd new file mode 100755 index 0000000..2b90853 --- /dev/null +++ b/lsws/conf/vhosts/Example/htpasswd @@ -0,0 +1,2 @@ +test:kF2EDBE2Ux8sQ +user1:SQtevcsBBnBPY diff --git a/lsws/conf/vhosts/Example/vhconf.conf b/lsws/conf/vhosts/Example/vhconf.conf new file mode 100644 index 0000000..8baa338 --- /dev/null +++ b/lsws/conf/vhosts/Example/vhconf.conf @@ -0,0 +1,115 @@ +docRoot $VH_ROOT/html/ +enableGzip 1 + + +context / { + allowBrowse 1 + location $DOC_ROOT/ + rewrite { + RewriteFile .htaccess + } +} + +context /docs/{ + allowBrowse 1 + location $SERVER_ROOT/docs/ +} + +context /protected/{ + required user test + authName Protected + allowBrowse 1 + location protected/ + realm SampleProtectedArea + + accessControl { + deny + allow * + } +} + +context /blocked/{ + allowBrowse 0 +} + +context /cgi-bin/{ + allowBrowse 1 + location $VH_ROOT/cgi-bin/ + type cgi +} + +expires { + enableExpires 1 +} + +index { + autoIndexURI /_autoindex/default.php + indexFiles index.html + autoIndex 0 + useServer 0 +} + +errorPage 404{ + url /error404.html +} + +errorlog $VH_ROOT/logs/error.log{ + logLevel DEBUG + rollingSize 10M + useServer 1 +} + +accessLog $VH_ROOT/logs/access.log{ + compressArchive 0 + logReferer 1 + keepDays 30 + rollingSize 10M + logUserAgent 1 + useServer 0 +} + +awstats { + updateInterval 86400 + workingDir $VH_ROOT/awstats + updateOffset 0 + siteDomain localhost + siteAliases 127.0.0.1 localhost + updateMode 0 + awstatsURI /awstats/ +} + +rewrite { + enable 0 + logLevel 0 +} + +hotlinkCtrl { + suffixes gif, jpeg, jpg + allowedHosts + allowDirectAccess 1 + enableHotlinkCtrl 0 + onlySelf 1 +} + +accessControl { + deny + allow * +} + +realm SampleProtectedArea { + userDB { + cacheTimeout 60 + maxCacheSize 200 + location conf/vhosts/Example/htpasswd + } + + groupDB { + cacheTimeout 60 + maxCacheSize 200 + location conf/vhosts/Example/htgroup + } +} + +general { + enableContextAC 0 +} diff --git a/lsws/conf/vhosts/Example/vhconf.conf0 b/lsws/conf/vhosts/Example/vhconf.conf0 new file mode 100644 index 0000000..8baa338 --- /dev/null +++ b/lsws/conf/vhosts/Example/vhconf.conf0 @@ -0,0 +1,115 @@ +docRoot $VH_ROOT/html/ +enableGzip 1 + + +context / { + allowBrowse 1 + location $DOC_ROOT/ + rewrite { + RewriteFile .htaccess + } +} + +context /docs/{ + allowBrowse 1 + location $SERVER_ROOT/docs/ +} + +context /protected/{ + required user test + authName Protected + allowBrowse 1 + location protected/ + realm SampleProtectedArea + + accessControl { + deny + allow * + } +} + +context /blocked/{ + allowBrowse 0 +} + +context /cgi-bin/{ + allowBrowse 1 + location $VH_ROOT/cgi-bin/ + type cgi +} + +expires { + enableExpires 1 +} + +index { + autoIndexURI /_autoindex/default.php + indexFiles index.html + autoIndex 0 + useServer 0 +} + +errorPage 404{ + url /error404.html +} + +errorlog $VH_ROOT/logs/error.log{ + logLevel DEBUG + rollingSize 10M + useServer 1 +} + +accessLog $VH_ROOT/logs/access.log{ + compressArchive 0 + logReferer 1 + keepDays 30 + rollingSize 10M + logUserAgent 1 + useServer 0 +} + +awstats { + updateInterval 86400 + workingDir $VH_ROOT/awstats + updateOffset 0 + siteDomain localhost + siteAliases 127.0.0.1 localhost + updateMode 0 + awstatsURI /awstats/ +} + +rewrite { + enable 0 + logLevel 0 +} + +hotlinkCtrl { + suffixes gif, jpeg, jpg + allowedHosts + allowDirectAccess 1 + enableHotlinkCtrl 0 + onlySelf 1 +} + +accessControl { + deny + allow * +} + +realm SampleProtectedArea { + userDB { + cacheTimeout 60 + maxCacheSize 200 + location conf/vhosts/Example/htpasswd + } + + groupDB { + cacheTimeout 60 + maxCacheSize 200 + location conf/vhosts/Example/htgroup + } +} + +general { + enableContextAC 0 +}