144 lines
4.0 KiB
Plaintext
144 lines
4.0 KiB
Plaintext
# Server configuration
|
|
config uhttpd main
|
|
|
|
# HTTP listen addresses, multiple allowed
|
|
list listen_http 0.0.0.0:80
|
|
list listen_http [::]:80
|
|
|
|
# HTTPS listen addresses, multiple allowed
|
|
list listen_https 0.0.0.0:443
|
|
list listen_https [::]:443
|
|
|
|
# Redirect HTTP requests to HTTPS if possible
|
|
option redirect_https 1
|
|
|
|
# Server document root
|
|
option home /www
|
|
|
|
# Reject requests from RFC1918 IP addresses
|
|
# directed to the servers public IP(s).
|
|
# This is a DNS rebinding countermeasure.
|
|
option rfc1918_filter 1
|
|
|
|
# Maximum number of concurrent requests.
|
|
# If this number is exceeded, further requests are
|
|
# queued until the number of running requests drops
|
|
# below the limit again.
|
|
option max_requests 3
|
|
|
|
# Maximum number of concurrent connections.
|
|
# If this number is exceeded, further TCP connection
|
|
# attempts are queued until the number of active
|
|
# connections drops below the limit again.
|
|
option max_connections 100
|
|
|
|
# Certificate and private key for HTTPS.
|
|
# If no listen_https addresses are given,
|
|
# the key options are ignored.
|
|
option cert /etc/uhttpd.crt
|
|
option key /etc/uhttpd.key
|
|
|
|
# CGI url prefix, will be searched in docroot.
|
|
# Default is /cgi-bin
|
|
option cgi_prefix /cgi-bin
|
|
|
|
# List of extension->interpreter mappings.
|
|
# Files with an associated interpreter can
|
|
# be called outside of the CGI prefix and do
|
|
# not need to be executable.
|
|
# list interpreter ".php=/usr/bin/php-cgi"
|
|
# list interpreter ".cgi=/usr/bin/perl"
|
|
|
|
# List of prefix->Lua handler mappings.
|
|
# Any request to an URL beneath the prefix
|
|
# will be dispatched to the associated Lua
|
|
# handler script. Lua support is disabled when
|
|
# no handler mappings are specified. Lua prefix
|
|
# matches have precedence over the CGI prefix.
|
|
list lua_prefix "/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"
|
|
|
|
# Specify the ubus-rpc prefix and socket path.
|
|
# option ubus_prefix /ubus
|
|
# option ubus_socket /var/run/ubus.sock
|
|
|
|
# CGI/Lua timeout, if the called script does not
|
|
# write data within the given amount of seconds,
|
|
# the server will terminate the request with
|
|
# 504 Gateway Timeout response.
|
|
option script_timeout 60
|
|
|
|
# Network timeout, if the current connection is
|
|
# blocked for the specified amount of seconds,
|
|
# the server will terminate the associated
|
|
# request process.
|
|
option network_timeout 30
|
|
|
|
# HTTP Keep-Alive, specifies the timeout for persistent
|
|
# HTTP/1.1 connections. Setting this to 0 will disable
|
|
# persistent HTTP connections.
|
|
option http_keepalive 20
|
|
|
|
# TCP Keep-Alive, send periodic keep-alive probes
|
|
# over established connections to detect dead peers.
|
|
# The value is given in seconds to specify the
|
|
# interval between subsequent probes.
|
|
# Setting this to 0 will disable TCP keep-alive.
|
|
option tcp_keepalive 1
|
|
|
|
# Basic auth realm, defaults to local hostname
|
|
# option realm OpenWrt
|
|
|
|
# Configuration file in busybox httpd format
|
|
# option config /etc/httpd.conf
|
|
|
|
# Do not follow symlinks that point outside of the
|
|
# home directory.
|
|
# option no_symlinks 0
|
|
|
|
# Do not produce directory listings but send 403
|
|
# instead if a client requests an url pointing to
|
|
# a directory without any index file.
|
|
# option no_dirlists 0
|
|
|
|
# Do not authenticate any ubus-rpc requests against
|
|
# the ubus session/access procedure.
|
|
# This is dangerous and should be always left off
|
|
# except for development and debug purposes!
|
|
# option no_ubusauth 0
|
|
|
|
# For this instance of uhttpd use the listed httpauth
|
|
# sections to require Basic auth to the specified
|
|
# resources.
|
|
# list httpauth prefix_user
|
|
|
|
|
|
# Defaults for automatic certificate and key generation
|
|
config cert defaults
|
|
|
|
# Validity time
|
|
option days 730
|
|
|
|
# key type: rsa or ec
|
|
option key_type rsa
|
|
|
|
# RSA key size
|
|
option bits 2048
|
|
|
|
# EC curve name
|
|
# Curve names vary between mbedtls/px5g and openssl
|
|
# P-256 or P-384 are guaranteed to work
|
|
option ec_curve P-256
|
|
|
|
# Location
|
|
option country ZZ
|
|
option state Somewhere
|
|
option location Unknown
|
|
|
|
# Common name
|
|
option commonname '%D'
|
|
|
|
# config httpauth prefix_user
|
|
# option prefix /protected/url/path
|
|
# option username user
|
|
# option password 'plaintext_or_md5_or_$p$user_for_system_user'
|