-server.modules = ( "mod_rewrite", "mod_alias", "mod_access", "mod_proxy_core", "mod_proxy_backend_fastcgi", "mod_redirect", "mod_accesslog" )
+server.modules = ( "mod_rewrite", "mod_alias", "mod_access", "mod_auth", "mod_proxy_core", "mod_proxy_backend_fastcgi", "mod_redirect", "mod_magnet", "mod_accesslog" )
server.errorlog = "/var/log/lighttpd/error_log"
$HTTP["useragent"] !~ "^check_http" {
accesslog.filename = "/var/log/lighttpd/access_log"
url.rewrite-once += ( "^/main/do/([^\?]+)(\??.*)" => "/main/$1.php$2" )
url.rewrite-once += ( "^/dev/do/([^\?]+)(\??.*)" => "/dev/$1.php$2" )
url.redirect = ( "^/phpMyAdmin(.*)" => "http://scripts.mit.edu/~sql/phpMyAdmin$1" )
+
ssl.verifyclient.username = "SSL_CLIENT_S_DN_emailAddress"
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
ssl.verifyclient.activate = "enable"
ssl.verifyclient.enforce = "disable"
ssl.verifyclient.depth = 2
+
+ $HTTP["url"] =~ "^/api(/|$)" {
+ $HTTP["useragent"] =~ "AppleWebKit" {
+ url.access-deny = ("")
+ }
+ auth.backend = "gssapi"
+ auth.backend.gssapi.principal = "HTTP/sql.mit.edu"
+ auth.backend.gssapi.keytab = "/etc/lighttpd/krb5.keytab"
+ auth.require = ( "/" => ( "method" => "gssapi", "realm" => "ATHENA.MIT.EDU", "require" => "valid-user"))
+ magnet.attract-raw-url-to = ( "/srv/www/api.lua" )
+ }
}
+
mimetype.assign = (
".gz" => "application/x-gzip",
".tar.gz" => "application/x-tgz",