From 63cc9ef33fb8333f422bbc34998f7acf6d5f59c4 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Tue, 13 Sep 2022 00:10:32 -0400
Subject: [PATCH] Modernize lighttpd.conf

---
 lighttpd.conf | 175 +++++++++++++++++++++-----------------------------
 1 file changed, 74 insertions(+), 101 deletions(-)

diff --git a/lighttpd.conf b/lighttpd.conf
index 6777605..4848edb 100644
--- a/lighttpd.conf
+++ b/lighttpd.conf
@@ -1,7 +1,7 @@
 # Lighttpd Server Configs | MIT License
 # https://github.com/h5bp/server-configs-lighttpd
 
-# http://redmine.lighttpd.net/projects/lighttpd/wiki
+# https://wiki.lighttpd.net/
 
 # Run as an unprivileged user
 server.username = "www"
@@ -14,33 +14,19 @@ server.pid-file = "/var/run/lighttpd/lighttpd.pid"
 # mod_simple_vhost module.
 server.document-root = "/var/www/sites/go/here/"
 
-# Avoid revealing the server name and version number
-server.tag = ""
-
-# Disable directory listing
-server.dir-listing = "disable"
+# Avoid revealing the server version number
+server.tag = "lighttpd"
 
 # Modules to load
-# at least mod_access and mod_accesslog should be loaded
-# mod_expire should go above mod_compress (and mod_fcgi if you use it)
-# otherwise expire headers will not be applied to compressed documents.
 server.modules = (
     "mod_access",
-    "mod_accesslog",
-    "mod_redirect",
+    "mod_indexfile",
+    "mod_staticfile",
     "mod_expire",
-    "mod_compress",
-    "mod_setenv"
+    "mod_deflate",
+    "mod_accesslog",
 )
 
-# Sent Response Headers
-# opt-in to the future - remove meta tag from page
-setenv.add-response-header = ( "X-UA-Compatible" => "IE=edge" )
-
-# File uploads
-# Make sure this folder exists and is writable to server.username
-server.upload-dirs = ( "/tmp/lighttpd/uploads" )
-
 # Where to send error-messages to
 server.errorlog = "/var/log/lighttpd/error.log"
 
@@ -49,8 +35,9 @@ accesslog.filename = "/var/log/lighttpd/access.log"
 
 # Compression
 # Make sure this folder exists and is writable to server.username
-compress.cache-dir = "/tmp/lighttpd/compress/"
-compress.filetype = (
+deflate.cache-dir = "/tmp/lighttpd/compress/"
+deflate.mimetypes = (
+    "text/",
     "application/atom+xml",
     "application/javascript",
     "application/json",
@@ -72,17 +59,6 @@ compress.filetype = (
     "image/svg+xml",
     "image/vnd.microsoft.icon",
     "image/x-icon",
-    "text/cache-manifest",
-    "text/css",
-    "text/html",
-    "text/javascript",
-    "text/plain",
-    "text/vcard",
-    "text/vnd.rim.location.xloc",
-    "text/vtt",
-    "text/x-component",
-    "text/x-cross-domain-policy",
-    "text/xml",
 )
 
 # Files to check for if .../ is requested
@@ -91,9 +67,6 @@ index-file.names = (
 	"index.htm",
 )
 
-# Set the event-handler (read the performance section in the manual)
-# server.event-handler = "freebsd-kqueue" # needed on OS X
-
 
 # Serve resources with the proper media types (f.k.a. MIME types).
 # https://www.iana.org/assignments/media-types/media-types.xhtml
@@ -116,9 +89,9 @@ mimetype.assign = (
   # JavaScript
 
     # Normalize to standard type.
-    # https://tools.ietf.org/html/rfc4329#section-7.2
+    # https://www.rfc-editor.org/rfc/rfc9239
 
-    ".js"            =>  "application/javascript",
+    ".js"            =>  "text/javascript",
 
 
   # Manifest files
@@ -239,75 +212,75 @@ mimetype.assign = (
 # Block access to backup and source files.
 url.access-deny = ( "~", ".inc" )
 
-$HTTP["url"] =~ "\.pdf$" {
-    server.range-requests = "disable"
-}
-
 # Extensions that should not be handle via static-file transfer.
 # .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 
 # Bind to all IPs, or change to a specific IP.
-server.bind = "0.0.0.0"
+#server.bind = "0.0.0.0"
+
 
 # Expires headers (for better cache control)
 # The following expires headers are set pretty far in the future. If you don't
 # control versioning with filename-based cache busting, consider lowering the
 # cache time for resources like CSS and JS to something like 1 week.
-
-# CSS
-$HTTP["url"] =~ ".css" {
-    expire.url = ( "" => "access plus 1 years" )
-}
-
-# Data interchange
-$HTTP["url"] =~ ".(json|xml)" {
-    expire.url = ( "" => "access plus 0 seconds" )
-}
-
-# Favicon
-$HTTP["url"] =~ ".ico" {
-    expire.url = ( "" => "access plus 7 days" )
-}
-
-# HTML components (HTCs)
-$HTTP["url"] =~ ".htc" {
-    expire.url = ( "" => "access plus 1 months" )
-}
-
-# HTML
-$HTTP["url"] =~ ".html" {
-    expire.url = ( "" => "access plus 0 seconds" )
-}
-
-# JavaScript
-$HTTP["url"] =~ ".js" {
-    expire.url = ( "" => "access plus 1 years" )
-}
-
-# Manifest files
-$HTTP["url"] =~ ".(appcache|manifest|webapp)" {
-    expire.url = ( "" => "access plus 0 seconds" )
-}
-
-$HTTP["url"] =~ ".webmanifest" {
-    expire.url = ( "" => "access plus 1 week" )
-}
-
-# Media
-$HTTP["url"] =~ ".(gif|jpg|jpeg|png|m4a|f4a|f4b|oga|ogg|webm)" {
-    expire.url = ( "" => "access plus 1 months" )
-}
-
-# Web feeds
-$HTTP["url"] =~ ".(atom|rss)" {
-    expire.url = ( "" => "access plus 1 hours" )
-}
-
-# Web fonts
-$HTTP["url"] =~ ".(eot|otf|svg|svgz|ttf|ttc|woff)" {
-    expire.url = ( "" => "access plus 1 months" )
-}
-
-# Default
-expire.url = ( "" => "access plus 1 months" )
+expire.mimetypes = (
+    ## HTML
+    "text/html"                => "access plus 0 seconds",
+
+    ## Data interchange
+    "application/json"         => "access plus 0 seconds",
+    "application/ld+json"      => "access plus 0 seconds",
+    "application/geo+json"     => "access plus 0 seconds",
+    "application/schema+json"  => "access plus 0 seconds",
+    "application/xml"          => "access plus 0 seconds",
+    "text/calendar"            => "access plus 0 seconds",
+    "text/markdown"            => "access plus 0 seconds",
+    "text/xml"                 => "access plus 0 seconds",
+
+    ## Manifest files (.webapp .appcache .webmanifest)
+    "application/x-web-app-manifest+json"
+                               => "access plus 0 seconds",
+    "text/cache-manifest"      => "access plus 0 seconds",
+    "application/manifest+json" # .webmanifest
+                               => "access plus 1 week",
+
+    ## Web feeds
+    "application/atom+xml"     => "access plus 1 hour",
+    "application/rdf+xml"      => "access plus 1 hour",
+    "application/rss+xml"      => "access plus 1 hour",
+
+    ## Favicon (.ico)
+    "image/x-icon"             => "access plus 1 week",
+
+    ## Javascript
+    #"text/javascript"          => "access plus 1 month",
+
+    ## CSS (.css)
+    #"text/css"                 => "access plus 1 month",
+
+    ## Media
+    #"audio/"                   => "access plus 1 month",
+    #"image/"                   => "access plus 1 month",
+    #"video/"                   => "access plus 1 month",
+
+    ## WebAssembly
+    #"application/wasm"         => "access plus 1 month",
+
+    ## HTML components (HTCs)
+    #"text/x-component"         => "access plus 1 month",
+
+    ## Web fonts
+    #"font/"                    => "access plus 1 month",
+    #"application/x-font-ttf"   => "access plus 1 month",
+    #"application/x-font-woff"  => "access plus 1 month",
+    #"application/font-woff"    => "access plus 1 month",
+    #"application/vnd.ms-fontobject"
+    #                           => "access plus 1 month",
+
+    ## binary or unspecified
+    "application/octet-stream" => "access plus 0 seconds",
+
+    ## Default
+    ""                         => "access plus 1 month"
+)