{ "version": "https://jsonfeed.org/version/1.1", "user_comment": "This feed allows you to read the posts from this site in any feed reader that supports the JSON Feed format. To add this feed to your reader, copy the following URL -- https://matoken.org/blog/tag/lighttpd/feed/json/ -- and add it your reader.", "home_page_url": "https://matoken.org/blog/tag/lighttpd/", "feed_url": "https://matoken.org/blog/tag/lighttpd/feed/json/", "language": "ja", "title": "Lighttpd – matoken's blog", "description": "Is there no plan B?", "icon": "https://matoken.org/blog/wp-content/uploads/2025/03/cropped-1865f695c4eecc844385acef2f078255036adccd42c254580ea3844543ab56d9.jpeg", "items": [ { "id": "http://matoken.org/blog/?p=3707", "url": "https://matoken.org/blog/2022/07/10/enable-lighttpd-access-logs/", "title": "Lighttpd\u306e\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u3092\u6709\u52b9\u306b", "content_html": "
\n

Lighttpd\u3067\u3069\u306eURL\u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066\u3082HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3060\u3051\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u307e\u3057\u305f\uff0e

\n
\n
\n\n
\n
\n

\u30ed\u30b0\u3092\u78ba\u8a8d\u3057\u3088\u3046\u3068\u3059\u308b\u3068\uff0c /var/log/lighttpd/ \u3092\u898b\u308b\u3068 error.log \u306f\u3042\u308b\u3051\u3069 access.log \u304c\u3042\u308a\u307e\u305b\u3093\uff0e

\n
\n

\n
\n

/etc/lighttpd/conf-available/ \u4ee5\u4e0b\u3092\u898b\u308b\u3068\uff0c 10-accesslog.conf \u3068\u3044\u3046\u305d\u308c\u3089\u3057\u3044\u3082\u306e\u304c\uff0e

\n
\n
\n
/etc/lighttpd/conf-available/10-accesslog.conf
\n
\n
server.modules += ( \"mod_accesslog\" )\n\naccesslog.filename = \"/var/log/lighttpd/access.log\"
\n
\n
\n
\n

\u3053\u308c\u3092\u6709\u52b9\u306b\u3057\u3066\u307f\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo lighttpd-enable-mod accesslog\n$ sudo systemctl lighttpd restart\n$ sudo tail -f /var/log/lighttpd/access.log\n  :
\n
\n
\n
\n

\u3046\u307e\u304f\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u3082\u4fdd\u5b58\u3055\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f :)

\n
\n
\n
\u74b0\u5883
\n
\n
$ dpkg-query -W lighttpd\nlighttpd        1.4.59-1+deb11u1\n$ lsb_release -dr\nDescription:    Raspbian GNU/Linux 11 (bullseye)\nRelease:        11\n$ arch\narmv7l\n$ cat /proc/device-tree/model && echo\nRaspberry Pi 3 Model B Rev 1.2
\n
\n
\n", "content_text": "Lighttpd\u3067\u3069\u306eURL\u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066\u3082HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3060\u3051\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u307e\u3057\u305f\uff0e\n\n\n\nLighttpd\u3067\u5168\u30da\u30fc\u30b8503\u3092\u8fd4\u3059 \u2013 matoken\u2019s meme\n\n\n\n\u30ed\u30b0\u3092\u78ba\u8a8d\u3057\u3088\u3046\u3068\u3059\u308b\u3068\uff0c /var/log/lighttpd/ \u3092\u898b\u308b\u3068 error.log \u306f\u3042\u308b\u3051\u3069 access.log \u304c\u3042\u308a\u307e\u305b\u3093\uff0e\n\n\n\n/etc/lighttpd/conf-available/ \u4ee5\u4e0b\u3092\u898b\u308b\u3068\uff0c 10-accesslog.conf \u3068\u3044\u3046\u305d\u308c\u3089\u3057\u3044\u3082\u306e\u304c\uff0e\n\n\n/etc/lighttpd/conf-available/10-accesslog.conf\n\nserver.modules += ( \"mod_accesslog\" )\n\naccesslog.filename = \"/var/log/lighttpd/access.log\"\n\n\n\n\u3053\u308c\u3092\u6709\u52b9\u306b\u3057\u3066\u307f\u307e\u3059\uff0e\n\n\n\n$ sudo lighttpd-enable-mod accesslog\n$ sudo systemctl lighttpd restart\n$ sudo tail -f /var/log/lighttpd/access.log\n :\n\n\n\n\u3046\u307e\u304f\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\u3082\u4fdd\u5b58\u3055\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f :)\n\n\n\u74b0\u5883\n\n$ dpkg-query -W lighttpd\nlighttpd 1.4.59-1+deb11u1\n$ lsb_release -dr\nDescription: Raspbian GNU/Linux 11 (bullseye)\nRelease: 11\n$ arch\narmv7l\n$ cat /proc/device-tree/model && echo\nRaspberry Pi 3 Model B Rev 1.2", "date_published": "2022-07-10T23:41:20+09:00", "date_modified": "2022-07-10T23:41:22+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "Lighttpd", "bullseye", "Linux", "Raspberry Pi OS" ] }, { "id": "http://matoken.org/blog/?p=3683", "url": "https://matoken.org/blog/2022/06/28/lighttpd-returns-all-pages-503/", "title": "Lighttpd\u3067\u5168\u30da\u30fc\u30b8503\u3092\u8fd4\u3059", "content_html": "
\n
\n
\n

\u5148\u65e5\u81ea\u5b85\u30b5\u30fc\u30d0\u304c\u8d77\u52d5\u3057\u306a\u304f\u306a\u3063\u3066\u3057\u307e\u3044\u307e\u3057\u305f\uff0e10\u5e74\u4ee5\u4e0a\u307b\u307c\u8d77\u52d5\u3057\u3063\u3071\u306a\u3057\u3067\u3057\u305f\u3057\u3057\u3087\u3046\u304c\u306a\u3044\u304b\u306a\u3068\u3044\u3046\u611f\u3058\u3082\uff0e\u3053\u306e\u7aef\u672b\u306fNAS\u3084Unbound\uff0capt-cacher-ng\u306a\u3069\u81ea\u5b85\u5411\u3051\u306e\u30b5\u30fc\u30d3\u30b9\u306e\u4ed6\u306b\u3082\u5916\u90e8\u5411\u3051\u306eWebServer\u3068\u3057\u3066\u3082\u52d5\u4f5c\u3055\u305b\u3066\u3044\u307e\u3057\u305f\uff0e
\n\u3059\u3050\u306b\u5fa9\u65e7\u3059\u308b\u306e\u306f\u96e3\u3057\u305d\u3046\u306a\u306e\u3067\u3068\u308a\u3042\u3048\u305a\u30b7\u30f3\u30b0\u30eb\u30dc\u30fc\u30c9\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u3067WebServer\u3092\u8d77\u52d5\u3057\u3066HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9\u306e503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u3066\u307f\u307e\u3057\u305f\uff0e

\n
\n

\n
\n
\n
\u5229\u7528\u3057\u305f\u30b7\u30f3\u30b0\u30eb\u30dc\u30fc\u30c9\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf
\n
Raspberry Pi 3 model B (SoC arm v7 4core / Memory 1GB / OS Raspberry Pi OS bullseye armhf)
\n
\u8a2d\u5b9a\u3057\u305f\u3044\u3053\u3068
\n
2\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u306ehttp/https\u3078\u306e\u30a2\u30af\u30bb\u30b9\u306bHTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3057\u305f\u3044
\n
\n
\n
\n
\n
\n

\u524d\u6e96\u5099

\n
\n
\n

\u3059\u3067\u306b micro-httpd \u304c\u52d5\u4f5c\u3057\u3066\u3044\u307e\u3059\uff0e\u3053\u306e\u30a2\u30d7\u30ea\u3067\u3084\u308a\u305f\u3044\u3053\u3068\u304c\u3067\u304d\u308b\u306e\u304b\u3088\u304f\u308f\u304b\u3089\u306a\u3044\u306e\u3067\u3053\u308c\u306f\u505c\u6b62\u3057\u3066Lighttpd\u306b\u5909\u66f4\u3057\u307e\u3059\uff0e

\n
\n
\n
micro-httpd\u306e\u505c\u6b62\u3068\u81ea\u52d5\u8d77\u52d5\u7121\u52b9\u5316
\n
\n
$ sudo systemctl stop micro-httpd\n$ sudo systemctl disable micro-httpd
\n
\n
\n
\n\n\n\n\n\n\n\n
\n
Note
\n
\n\u3082\u3046\u4f7f\u308f\u306a\u3044\u306e\u3067\u3042\u308c\u3070 apt purge micro-httpd \u3067\u3044\u3044\u3068\u601d\u3044\u307e\u3059\uff0e
\n
\n
\n
\n
\n

Lighttpd\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb

\n
\n
\n

Raspberry Pi OS\u30d1\u30c3\u30b1\u30fc\u30b8\u306eLighttpd\u3092\u5c0e\u5165\u3057\u307e\u3059\uff0e

\n
\n
\n
Lighttpd\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb
\n
\n
$ sudo apt install lighttpd
\n
\n
\n
\n

SSL\u8a3c\u660e\u66f8\u306e\u5165\u624b

\n
\n

\u8a8d\u8a3c\u5c40\u306b\u306f\u4ee5\u524d\u3082\u5229\u7528\u3057\u3066\u3044\u305fLet\u2019s Encrypt\u3092\u5229\u7528\u3057\u307e\u3059\uff0e

\n
\n\n
\n

\u5c02\u7528\u306e\u8a3c\u660e\u66f8\u7ba1\u7406\u30c4\u30fc\u30eb\u306ecertbot\u3092\u5c0e\u5165\u3057\u307e\u3059\uff0e\u3053\u308c\u3082\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30c3\u30b1\u30fc\u30b8\u304b\u3089\u5c0e\u5165\u3057\u307e\u3059\uff0e

\n
\n\n
\n
\n
$ sudo apt install certbot
\n
\n
\n
\n

\u65e9\u901f\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo certbot certonly -d sub1.example.org (1)\nSaving debug log to /var/log/letsencrypt/letsencrypt.log\nHow would you like to authenticate with the ACME CA?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n1: Spin up a temporary webserver (standalone)\n2: Place files in webroot directory (webroot)\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nSelect the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 (2)\nPlugins selected: Authenticator webroot, Installer None\nRequesting a certificate for sub1.example.com\nPerforming the following challenges:\nhttp-01 challenge for sub1.example.org\nInput the webroot for sub1.example.org: (Enter 'c' to cancel): /var/www/html (3)\n  :
\n
\n
\n
\n
    \n
  1. sub1.example.org \u3068\u3044\u3046\u30c9\u30e1\u30a4\u30f3\u306e\u8a3c\u660e\u66f8\u3092\u53d6\u5f97
  2. \n
  3. \u8a8d\u8a3c\u306bLighttpd\u306ehttpd\u3092\u5229\u7528
  4. \n
  5. Lighttpd\u306e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8\u3092\u6307\u5b9a
  6. \n
\n
\n
\n

\u540c\u69d8\u306b\u3082\u3046\u4e00\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u3082\u8a2d\u5b9a\u3057\u307e\u3059\uff0e

\n
\n
\n
\n

Lighttpd\u306ehttps\u8a2d\u5b9a

\n
\n

lighttpd-enable-mod \u30b3\u30de\u30f3\u30c9\u3067Lighttpd\u306essl\u30e2\u30b8\u30e5\u30fc\u30eb\u3068rewrite\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo lighttpd-enable-mod rewrite ssl
\n
\n
\n
\n\n\n\n\n\n\n\n
\n
Note
\n
\nlighttpd-enable-mod \u306f\u5f15\u6570\u7121\u3057\u3067\u5b9f\u884c\u3059\u308b\u3068\u5bfe\u8a71\u5f62\u5f0f\u306b\u306a\u308a\u307e\u3059\uff0e\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u7121\u52b9\u306b\u3059\u308b\u5834\u5408\u306f lighttpd-disable-mod \u30b3\u30de\u30f3\u30c9\u304c\u5229\u7528\u3067\u304d\u307e\u3059\uff0e
\n
\n
\n
\n

Lighttpd\u3067\u306ehttps\u306e\u8a2d\u5b9a

\n
\n

Lighttpd\u3067https\u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u307e\u3059\uff0e

\n
\n
\n

lighttpd/conf-enabled/10-ssl.conf \u3092\u7de8\u96c6\u3057\u307e\u3059\uff0e

\n
\n
\n

ssl.pemfile \u306e\u884c\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u66f8\u304d\u63db\u3048\u3066Let\u2019s Encrypt\u306e\u8a3c\u660e\u66f8\u3092\u4f7f\u3046\u3088\u3046\u306b\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
ssl.pemfile = \"/etc/letsencrypt/live/sub1.example.org/fullchain.pem\"\nssl.privkey = \"/etc/letsencrypt/live/sub1.example.org/privkey.pem\"
\n
\n
\n
\n

\u305d\u306e\u4e0b\u306b2\u3064\u76ee\u306e\u306e\u30c9\u30e1\u30a4\u30f3\u3092\u8a2d\u5b9a\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$HTTP[\"host\"] =~ \"sub2.example.org\"{\n        ssl.pemfile = \"/etc/letsencrypt/live/sub2.example.org/fullchain.pem\"\n        ssl.privkey = \"/etc/letsencrypt/live/sub2.example.org/privkey.pem\"\n}
\n
\n
\n
\n

Lighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo systemctl lighttpd restart\n$ w3m https://sub1.example.org/\n$ w3m https://sub2.example.org/
\n
\n
\n
\n
\n
\n
\n

HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3059\u308b

\n
\n
\n

HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059\u3060\u3051\u306ecgi script\u3092\u4f5c\u6210\u3057\u3066\u3044\u3064\u3082\u305d\u308c\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u307e\u3059\uff0e

\n
\n
\n

cgi\u3092\u6709\u52b9\u306b

\n
\n

lighttpd-enable-mod \u30b3\u30de\u30f3\u30c9\u3067Lighttpd\u306ecgi\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo lighttpd-enable-mod cgi
\n
\n
\n
\n

/etc/lighttpd/conf-enabled/10-cgi.conf \u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u4fee\u6b63\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ grep -v ^# lighttpd/conf-enabled/10-cgi.conf | uniq\n\nserver.modules += ( \"mod_cgi\" )\n\ncgi.assign      = (\n        \".cgi\" => \"/usr/bin/perl\",\n)
\n
\n
\n
\n

Lighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo systemctl lighttpd restart\n$ echo \"#!/usr/bin/perl\nprint 'Content-Type: text/plain\\n\\nhello world.'\" > /var/www/html/hello.cgi\n$ sudo chown www-data.www-data /var/www/html/hello.cgi\n$ sudo chmod 700 /var/www/html/hello.cgi\n$ w3m https://sub1.example.org/hello.cgi\n$ sudo rm /var/www/html/hello.cgi
\n
\n
\n
\n
\n

503\u3092\u8fd4\u3059cgi\u3092\u7528\u610f

\n
\n

HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059 /var/www/html/503.cgi \u3092\u7528\u610f\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
#!/usr/bin/perl\n\nuse strict;\nuse warnings;\n\nprint \"Status: 503 Service Unavailable\\n\";\nprint \"Content-Type: text/html\\n\\n\";\nprint <<END_OF_HTML;\n<!DOCTYPE html>\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"\" xml:lang=\"\">\n<head>\n  <meta charset=\"utf-8\" />\n  <meta name=\"generator\" content=\"pandoc\" />\n  <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=yes\" />\n  <title>home.matoken.org</title>\n  <style>\n    code{white-space: pre-wrap;}\n    span.smallcaps{font-variant: small-caps;}\n    span.underline{text-decoration: underline;}\n    div.column{display: inline-block; vertical-align: top; width: 50%;}\n    div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}\n    ul.task-list{list-style: none;}\n  </style>\n</head>\n<body>\n<p>Server is down.</p>\n</body>\n</html>\nEND_OF_HTML
\n
\n
\n
\n

\u6a29\u9650\u3092\u8a2d\u5b9a\u3057\u3066\u52d5\u4f5c\u78ba\u8a8d\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo chown www-data.www-data /var/www/html/503.cgi\n$ sudo chmod 700 /var/www/html/503.cgi\n$ w3m -dump_head https://sub1.example.org/503.cgi | grep ^HTTP\nHTTP/1.0 503 Service Unavailable\n$ w3m https://sub1.example.org/503.cgi
\n
\n
\n
\n
\n

Lighttpd\u3067\u3059\u3079\u3066\u306e\u30a2\u30af\u30bb\u30b9\u306b503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3059\u308b

\n
\n

/etc/lighttpd/lighttpd.conf \u30d5\u30a1\u30a4\u30eb\u306b\u4ee5\u4e0b\u3092\u8ffd\u8a18\u3057\u307e\u3059\uff0e\u3053\u308c\u3067\u3059\u3079\u3066\u306eURL\u304c503.cgi\u306b\u306a\u308b\u306f\u305a\u3067\u3059\uff0e

\n
\n
\n
\n
$HTTP[\"url\"] != \"/503.cgi$\" {\n   url.rewrite = ( \"\" => \"/503.cgi\" )\n}
\n
\n
\n
\n

Lighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e

\n
\n
\n
\n
$ sudo systemctl lighttpd restart\n$ w3m https://sub1.example.org/hoge\n$ w3m https://sub2.example.org/fuga\n$ w3m http://sub1.example.org/hoge\n$ w3m http://sub2.example.org/fuga
\n
\n
\n
\n
\u74b0\u5883
\n
\n
$ dpkg-query -W lighttpd certbot w3m perl\ncertbot 1.12.0-2\nlighttpd        1.4.59-1+deb11u1\nperl    5.32.1-4+deb11u2\nw3m     0.5.3+git20210102-6\n$ lsb_release -dr\nDescription:    Raspbian GNU/Linux 11 (bullseye)\nRelease:        11\n$ cat /proc/device-tree/model && echo\nRaspberry Pi 3 Model B Rev 1.2
\n
\n
\n
\n
\n
\n", "content_text": "\u5148\u65e5\u81ea\u5b85\u30b5\u30fc\u30d0\u304c\u8d77\u52d5\u3057\u306a\u304f\u306a\u3063\u3066\u3057\u307e\u3044\u307e\u3057\u305f\uff0e10\u5e74\u4ee5\u4e0a\u307b\u307c\u8d77\u52d5\u3057\u3063\u3071\u306a\u3057\u3067\u3057\u305f\u3057\u3057\u3087\u3046\u304c\u306a\u3044\u304b\u306a\u3068\u3044\u3046\u611f\u3058\u3082\uff0e\u3053\u306e\u7aef\u672b\u306fNAS\u3084Unbound\uff0capt-cacher-ng\u306a\u3069\u81ea\u5b85\u5411\u3051\u306e\u30b5\u30fc\u30d3\u30b9\u306e\u4ed6\u306b\u3082\u5916\u90e8\u5411\u3051\u306eWebServer\u3068\u3057\u3066\u3082\u52d5\u4f5c\u3055\u305b\u3066\u3044\u307e\u3057\u305f\uff0e\n\u3059\u3050\u306b\u5fa9\u65e7\u3059\u308b\u306e\u306f\u96e3\u3057\u305d\u3046\u306a\u306e\u3067\u3068\u308a\u3042\u3048\u305a\u30b7\u30f3\u30b0\u30eb\u30dc\u30fc\u30c9\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u3067WebServer\u3092\u8d77\u52d5\u3057\u3066HTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9\u306e503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u3066\u307f\u307e\u3057\u305f\uff0e\n\n\n\n\n\u5229\u7528\u3057\u305f\u30b7\u30f3\u30b0\u30eb\u30dc\u30fc\u30c9\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\nRaspberry Pi 3 model B (SoC arm v7 4core / Memory 1GB / OS Raspberry Pi OS bullseye armhf)\n\u8a2d\u5b9a\u3057\u305f\u3044\u3053\u3068\n2\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u306ehttp/https\u3078\u306e\u30a2\u30af\u30bb\u30b9\u306bHTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3057\u305f\u3044\n\n\n\n\n\n\u524d\u6e96\u5099\n\n\n\u3059\u3067\u306b micro-httpd \u304c\u52d5\u4f5c\u3057\u3066\u3044\u307e\u3059\uff0e\u3053\u306e\u30a2\u30d7\u30ea\u3067\u3084\u308a\u305f\u3044\u3053\u3068\u304c\u3067\u304d\u308b\u306e\u304b\u3088\u304f\u308f\u304b\u3089\u306a\u3044\u306e\u3067\u3053\u308c\u306f\u505c\u6b62\u3057\u3066Lighttpd\u306b\u5909\u66f4\u3057\u307e\u3059\uff0e\n\n\nmicro-httpd\u306e\u505c\u6b62\u3068\u81ea\u52d5\u8d77\u52d5\u7121\u52b9\u5316\n\n$ sudo systemctl stop micro-httpd\n$ sudo systemctl disable micro-httpd\n\n\n\n\n\n\n\nNote\n\n\n\u3082\u3046\u4f7f\u308f\u306a\u3044\u306e\u3067\u3042\u308c\u3070 apt purge micro-httpd \u3067\u3044\u3044\u3068\u601d\u3044\u307e\u3059\uff0e\n\n\n\n\n\n\n\nLighttpd\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\n\n\nRaspberry Pi OS\u30d1\u30c3\u30b1\u30fc\u30b8\u306eLighttpd\u3092\u5c0e\u5165\u3057\u307e\u3059\uff0e\n\n\nLighttpd\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\n\n$ sudo apt install lighttpd\n\n\n\nSSL\u8a3c\u660e\u66f8\u306e\u5165\u624b\n\n\u8a8d\u8a3c\u5c40\u306b\u306f\u4ee5\u524d\u3082\u5229\u7528\u3057\u3066\u3044\u305fLet\u2019s Encrypt\u3092\u5229\u7528\u3057\u307e\u3059\uff0e\n\n\n\nLet\u2019s Encrypt – \u30d5\u30ea\u30fc\u306a SSL/TLS \u8a3c\u660e\u66f8\n\n\n\n\u5c02\u7528\u306e\u8a3c\u660e\u66f8\u7ba1\u7406\u30c4\u30fc\u30eb\u306ecertbot\u3092\u5c0e\u5165\u3057\u307e\u3059\uff0e\u3053\u308c\u3082\u30c7\u30a3\u30b9\u30c8\u30ea\u30d3\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30c3\u30b1\u30fc\u30b8\u304b\u3089\u5c0e\u5165\u3057\u307e\u3059\uff0e\n\n\n\nCertbot | Certbot\n\n\n\n\n$ sudo apt install certbot\n\n\n\n\u65e9\u901f\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo certbot certonly -d sub1.example.org (1)\nSaving debug log to /var/log/letsencrypt/letsencrypt.log\nHow would you like to authenticate with the ACME CA?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n1: Spin up a temporary webserver (standalone)\n2: Place files in webroot directory (webroot)\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nSelect the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 (2)\nPlugins selected: Authenticator webroot, Installer None\nRequesting a certificate for sub1.example.com\nPerforming the following challenges:\nhttp-01 challenge for sub1.example.org\nInput the webroot for sub1.example.org: (Enter 'c' to cancel): /var/www/html (3)\n :\n\n\n\n\nsub1.example.org \u3068\u3044\u3046\u30c9\u30e1\u30a4\u30f3\u306e\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\n\u8a8d\u8a3c\u306bLighttpd\u306ehttpd\u3092\u5229\u7528\nLighttpd\u306e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u30eb\u30fc\u30c8\u3092\u6307\u5b9a\n\n\n\n\u540c\u69d8\u306b\u3082\u3046\u4e00\u3064\u306e\u30c9\u30e1\u30a4\u30f3\u3082\u8a2d\u5b9a\u3057\u307e\u3059\uff0e\n\n\n\nLighttpd\u306ehttps\u8a2d\u5b9a\n\nlighttpd-enable-mod \u30b3\u30de\u30f3\u30c9\u3067Lighttpd\u306essl\u30e2\u30b8\u30e5\u30fc\u30eb\u3068rewrite\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo lighttpd-enable-mod rewrite ssl\n\n\n\n\n\n\n\nNote\n\n\nlighttpd-enable-mod \u306f\u5f15\u6570\u7121\u3057\u3067\u5b9f\u884c\u3059\u308b\u3068\u5bfe\u8a71\u5f62\u5f0f\u306b\u306a\u308a\u307e\u3059\uff0e\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u7121\u52b9\u306b\u3059\u308b\u5834\u5408\u306f lighttpd-disable-mod \u30b3\u30de\u30f3\u30c9\u304c\u5229\u7528\u3067\u304d\u307e\u3059\uff0e\n\n\n\n\n\n\nLighttpd\u3067\u306ehttps\u306e\u8a2d\u5b9a\n\nLighttpd\u3067https\u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u307e\u3059\uff0e\n\n\nlighttpd/conf-enabled/10-ssl.conf \u3092\u7de8\u96c6\u3057\u307e\u3059\uff0e\n\n\nssl.pemfile \u306e\u884c\u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u66f8\u304d\u63db\u3048\u3066Let\u2019s Encrypt\u306e\u8a3c\u660e\u66f8\u3092\u4f7f\u3046\u3088\u3046\u306b\u3057\u307e\u3059\uff0e\n\n\n\nssl.pemfile = \"/etc/letsencrypt/live/sub1.example.org/fullchain.pem\"\nssl.privkey = \"/etc/letsencrypt/live/sub1.example.org/privkey.pem\"\n\n\n\n\u305d\u306e\u4e0b\u306b2\u3064\u76ee\u306e\u306e\u30c9\u30e1\u30a4\u30f3\u3092\u8a2d\u5b9a\u3057\u307e\u3059\uff0e\n\n\n\n$HTTP[\"host\"] =~ \"sub2.example.org\"{\n ssl.pemfile = \"/etc/letsencrypt/live/sub2.example.org/fullchain.pem\"\n ssl.privkey = \"/etc/letsencrypt/live/sub2.example.org/privkey.pem\"\n}\n\n\n\nLighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo systemctl lighttpd restart\n$ w3m https://sub1.example.org/\n$ w3m https://sub2.example.org/\n\n\n\n\n\n\nHTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3059\u308b\n\n\nHTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059\u3060\u3051\u306ecgi script\u3092\u4f5c\u6210\u3057\u3066\u3044\u3064\u3082\u305d\u308c\u3092\u8fd4\u3059\u3088\u3046\u306b\u3057\u307e\u3059\uff0e\n\n\ncgi\u3092\u6709\u52b9\u306b\n\nlighttpd-enable-mod \u30b3\u30de\u30f3\u30c9\u3067Lighttpd\u306ecgi\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u6709\u52b9\u306b\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo lighttpd-enable-mod cgi\n\n\n\n/etc/lighttpd/conf-enabled/10-cgi.conf \u3092\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u4fee\u6b63\u3057\u307e\u3059\uff0e\n\n\n\n$ grep -v ^# lighttpd/conf-enabled/10-cgi.conf | uniq\n\nserver.modules += ( \"mod_cgi\" )\n\ncgi.assign = (\n \".cgi\" => \"/usr/bin/perl\",\n)\n\n\n\nLighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo systemctl lighttpd restart\n$ echo \"#!/usr/bin/perl\nprint 'Content-Type: text/plain\\n\\nhello world.'\" > /var/www/html/hello.cgi\n$ sudo chown www-data.www-data /var/www/html/hello.cgi\n$ sudo chmod 700 /var/www/html/hello.cgi\n$ w3m https://sub1.example.org/hello.cgi\n$ sudo rm /var/www/html/hello.cgi\n\n\n\n\n503\u3092\u8fd4\u3059cgi\u3092\u7528\u610f\n\nHTTP\u30b9\u30c6\u30fc\u30bf\u30b9\u30b3\u30fc\u30c9503\u3092\u8fd4\u3059 /var/www/html/503.cgi \u3092\u7528\u610f\u3057\u307e\u3059\uff0e\n\n\n\n#!/usr/bin/perl\n\nuse strict;\nuse warnings;\n\nprint \"Status: 503 Service Unavailable\\n\";\nprint \"Content-Type: text/html\\n\\n\";\nprint <<END_OF_HTML;\n<!DOCTYPE html>\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"\" xml:lang=\"\">\n<head>\n <meta charset=\"utf-8\" />\n <meta name=\"generator\" content=\"pandoc\" />\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=yes\" />\n <title>home.matoken.org</title>\n <style>\n code{white-space: pre-wrap;}\n span.smallcaps{font-variant: small-caps;}\n span.underline{text-decoration: underline;}\n div.column{display: inline-block; vertical-align: top; width: 50%;}\n div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}\n ul.task-list{list-style: none;}\n </style>\n</head>\n<body>\n<p>Server is down.</p>\n</body>\n</html>\nEND_OF_HTML\n\n\n\n\u6a29\u9650\u3092\u8a2d\u5b9a\u3057\u3066\u52d5\u4f5c\u78ba\u8a8d\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo chown www-data.www-data /var/www/html/503.cgi\n$ sudo chmod 700 /var/www/html/503.cgi\n$ w3m -dump_head https://sub1.example.org/503.cgi | grep ^HTTP\nHTTP/1.0 503 Service Unavailable\n$ w3m https://sub1.example.org/503.cgi\n\n\n\n\nLighttpd\u3067\u3059\u3079\u3066\u306e\u30a2\u30af\u30bb\u30b9\u306b503\u3092\u8fd4\u3059\u3088\u3046\u306b\u3059\u308b\n\n/etc/lighttpd/lighttpd.conf \u30d5\u30a1\u30a4\u30eb\u306b\u4ee5\u4e0b\u3092\u8ffd\u8a18\u3057\u307e\u3059\uff0e\u3053\u308c\u3067\u3059\u3079\u3066\u306eURL\u304c503.cgi\u306b\u306a\u308b\u306f\u305a\u3067\u3059\uff0e\n\n\n\n$HTTP[\"url\"] != \"/503.cgi$\" {\n url.rewrite = ( \"\" => \"/503.cgi\" )\n}\n\n\n\nLighttpd\u3092\u518d\u8aad\u8fbc\u3057\u3066\u52d5\u4f5c\u3092\u78ba\u8a8d\u3057\u307e\u3059\uff0e\n\n\n\n$ sudo systemctl lighttpd restart\n$ w3m https://sub1.example.org/hoge\n$ w3m https://sub2.example.org/fuga\n$ w3m http://sub1.example.org/hoge\n$ w3m http://sub2.example.org/fuga\n\n\n\n\u74b0\u5883\n\n$ dpkg-query -W lighttpd certbot w3m perl\ncertbot 1.12.0-2\nlighttpd 1.4.59-1+deb11u1\nperl 5.32.1-4+deb11u2\nw3m 0.5.3+git20210102-6\n$ lsb_release -dr\nDescription: Raspbian GNU/Linux 11 (bullseye)\nRelease: 11\n$ cat /proc/device-tree/model && echo\nRaspberry Pi 3 Model B Rev 1.2", "date_published": "2022-06-28T00:15:56+09:00", "date_modified": "2022-07-10T22:35:19+09:00", "authors": [ { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" } ], "author": { "name": "matoken", "url": "https://matoken.org/blog/author/matoken/", "avatar": "https://secure.gravatar.com/avatar/38f5f3b575c5eb45cda6aa659bca119ac7a5e16b46565e869d0030e3bd66981d?s=512&d=mm&r=g" }, "tags": [ "cgi", "https", "Lighttpd", "bullseye", "Linux", "Raspberry Pi OS" ] } ] }