X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/c1dc2410c3f88f2a0e05110585ac12c94796a60e..10cb692dda93f97a309c7c1f3c17236f81cda23a:/config/lighttpd.conf diff --git a/config/lighttpd.conf b/config/lighttpd.conf index 7395a4b08..3befa5c87 100644 --- a/config/lighttpd.conf +++ b/config/lighttpd.conf @@ -4,8 +4,10 @@ server.modules = ( "mod_access", "mod_accesslog", + "mod_cgi", "mod_compress", "mod_evasive", + "mod_expire", "mod_fastcgi", "mod_redirect", "mod_status" @@ -17,6 +19,8 @@ server.modules = ( server.username = "www-data" server.groupname = "www-data" server.pid-file = "/var/run/lighttpd.pid" +server.max-fds = 8192 +server.reject-expect-100-with-417 = "disable" # # Setup logging @@ -27,13 +31,11 @@ server.errorlog = "/var/log/lighttpd/error.log" # # Allow munin to monitor the server's status # -$HTTP["remoteip"] == "127.0.0.1" { status.status-url = "/server-status" } - -# -# API 0.3 is long dead, so fail any attempt to access it without -# getting rails involved at all -# -$HTTP["url"] =~ "^/api/0.3/" { url.access-deny = ("") } +$HTTP["remoteip"] == "128.40.168.98" { + status.config-url = "/server-config" + status.status-url = "/server-status" + status.statistics-url = "/server-statistics" +} # # IP blocked at SteveC's request as it was trying to download the @@ -47,6 +49,14 @@ $HTTP["remoteip"] == "143.210.16.160" { url.access-deny = ("") } # #$HTTP["useragent"] == "tilesAtHome" { url.access-deny = ("") } +# +# Block JOSM revisions 1722-1727 as they have a serious bug that causes +# lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804) +# +$HTTP["useragent"] =~ "^JOSM/[0-9]+\.[0-9]+ \(172[234567] " { + url.access-deny = ("") +} + # # Limit connections to 20 per IP address # @@ -58,13 +68,22 @@ evasive.max-conns-per-ip = 20 mimetype.assign = ( ".css" => "text/css", ".gif" => "image/gif", - ".html" => "text/html", + ".html" => "text/html; charset=utf-8", + ".jpg" => "image/jpeg", ".js" => "application/x-javascript", ".png" => "image/png", ".swf" => "application/x-shockwave-flash", - ".txt" => "text/plain" + ".txt" => "text/plain", + ".xml" => "text/xml" ) +# +# Force special MIME type for crossdomain.xml files +# +$HTTP["url"] =~ "/crossdomain\.xml$" { + mimetype.assign = ( ".xml" => "text/x-cross-domain-policy" ) +} + # # Enable compression of appropriate static content # @@ -76,6 +95,17 @@ compress.filetype = ( "text/plain" ) +# +# Set expiry for static content +# +expire.url = ( + "/export/embed.html" => "access 7 days", + "/images/" => "access 10 years", + "/javascripts/" => "access 10 years", + "/openlayers/" => "access 7 days", + "/stylesheets/" => "access 10 years" +) + # # Cache compressed content # @@ -89,32 +119,156 @@ url.redirect = ( "^/wiki/(.*)$" => "http://wiki.openstreetmap.org/$1" ) +# +# Redirect everything except www.openstreetmap.org and +# api.openstreetmap.org to www.openstreetmap.org +# +$HTTP["host"] =~ "^api\." { + $HTTP["host"] != "api.openstreetmap.org" { + url.redirect = ( "^(.*)$" => "http://api.openstreetmap.org$1" ) + } +} +else $HTTP["host"] != "www.openstreetmap.org" { + url.redirect = ( "^(.*)$" => "http://www.openstreetmap.org$1" ) +} + +# +# Run anything with a .pl iextension as a CGI script +# +cgi.assign = ( ".pl" => "/usr/bin/perl" ) + # # Serve static content from the rails public area ourselves # -server.document-root = "/var/www/rails/public" +server.document-root = "/home/rails/public" # # Send everything else to the appropriate FastCGI server # -server.error-handler-404 = "/dispatch.fcgi" -$HTTP["url"] =~ "^/api/" { server.error-handler-404 = "/dispatch.api" } +$HTTP["useragent"] =~ "^tilesAtHome" { + server.error-handler-404 = "/dispatch.tah" +} +else $HTTP["url"] =~ "^/api/0\.6/(map|trackpoints|amf|amf/read|swf/trackpoints|changeset/[0-9]+/upload)$" { + server.error-handler-404 = "/dispatch.bulkapi" +} +else $HTTP["url"] =~ "^/api/0\.6/.*/(full|search)$" { + server.error-handler-404 = "/dispatch.bulkapi" +} +else $HTTP["url"] =~ "^/api/0\.6/" { + server.error-handler-404 = "/dispatch.api" +} +else $HTTP["url"] =~ "^/api/0\.[0-9]+/" { + url.access-deny = ("") +} +else $HTTP["url"] =~ "^/geocoder/(search|description)_osm_namefinder$" { + server.error-handler-404 = "/dispatch.namefinder" +} +else $HTTP["url"] =~ "^/geocoder/(search|description)_geonames$" { + server.error-handler-404 = "/dispatch.geonames" +} +else $HTTP["url"] =~ "^/" { + server.error-handler-404 = "/dispatch.web" +} # # Configure the FastCGI servers # fastcgi.server = ( - ".fcgi" => ( + ".web" => ( ( "host" => "127.0.0.1", "port" => 8000, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8001, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8002, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8003, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8004, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8005, "check-local" => "disable" ) - ), - ".api" => ( + ( "host" => "127.0.0.1", "port" => 8005, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8006, "check-local" => "disable" ), ( "host" => "127.0.0.1", "port" => 8007, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8008, "check-local" => "disable" ) + ( "host" => "127.0.0.1", "port" => 8008, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8009, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8010, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8011, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8012, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8013, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8014, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8015, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8016, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8017, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8018, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8019, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8020, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8021, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8022, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8023, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8024, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8025, "check-local" => "disable" ) + ), + ".namefinder" => ( + ( "host" => "127.0.0.1", "port" => 8026, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8027, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8028, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8029, "check-local" => "disable" ) + ), + ".geonames" => ( + ( "host" => "127.0.0.1", "port" => 8030, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8031, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8032, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" ) + ), + ".api" => ( + ( "host" => "127.0.0.1", "port" => 8030, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8031, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8032, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8034, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8035, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8036, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8037, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8038, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8039, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8040, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8041, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8042, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8043, "check-local" => "disable" ), + ( "host" => "127.0.0.1", "port" => 8044, "check-local" => "disable" ) + ), + ".bulkapi" => ( + ( "host" => "10.0.0.10", "port" => 8000, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8000, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8000, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8001, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8001, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8001, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8002, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8002, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8002, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8003, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8003, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8003, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8004, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8004, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8004, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8005, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8005, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8005, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8006, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8006, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8006, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8007, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8007, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8007, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8008, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8008, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8008, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8009, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8009, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8009, "check-local" => "disable" ), + ( "host" => "10.0.0.10", "port" => 8010, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8010, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8010, "check-local" => "disable" ), + ), + ".tah" => ( + ( "host" => "10.0.0.10", "port" => 8011, "check-local" => "disable" ), + ( "host" => "10.0.0.11", "port" => 8011, "check-local" => "disable" ), + ( "host" => "10.0.0.12", "port" => 8011, "check-local" => "disable" ) ) )