diff options
Diffstat (limited to 'community/althttpd/althttpd.confd')
-rw-r--r-- | community/althttpd/althttpd.confd | 69 |
1 files changed, 56 insertions, 13 deletions
diff --git a/community/althttpd/althttpd.confd b/community/althttpd/althttpd.confd index 154f98c8888..639f224017d 100644 --- a/community/althttpd/althttpd.confd +++ b/community/althttpd/althttpd.confd @@ -1,15 +1,17 @@ #** Command-line Options: #** #** --root DIR Defines the directory that contains the various -#** $HOST.website subdirectories, each containing web content +#** $HOST.website subdirectories, each containing web content #** for a single virtual host. If launched as root and if #** "--user USER" also appears on the command-line and if #** "--jail 0" is omitted, then the process runs in a chroot #** jail rooted at this directory and under the userid USER. #** This option is required for xinetd launch but defaults -#** to "." for a stand-alone web server. +#** to "." for a stand-alone web server. DIR should always +#** be an absolute path, else child processes might misbehave. #** -#** --port N Run in standalone mode listening on TCP port N +#** --port N Run in standalone mode listening on TCP port N, or from +#** --port N1..N2 the first available TCP port in the range from N1 to N2. #** #** --user USER Define the user under which the process should run if #** originally launched as root. This process will refuse to @@ -23,15 +25,44 @@ #** FILE name is expanded using strftime() if it contains #** at least one '%' and is not too long. #** -#** --https Indicates that input is coming over SSL and is being -#** decoded upstream, perhaps by stunnel. (This program -#** only understands plaintext.) +#** --ipshun DIR If the remote IP address is also the name of a file +#** in DIR that has size N bytes and where either N is zero +#** or the m-time of the file is less than N time-units ago +#** then that IP address is being shunned and no requests +#** are processed. The time-unit is a compile-time option +#** (BANISH_TIME) that defaults to 300 seconds. If this +#** happens, the client gets a 503 Service Unavailable +#** reply. Furthermore, althttpd will create ip-shunning +#** files following a 404 Not Found error if the request +#** URI is an obvious hack attempt. The ip-shunning file +#** will also be created if a CGI returns status code 418. +#** +#** --https BOOLEAN Indicates that input is coming over SSL and is being +#** decoded upstream, perhaps by stunnel. This option +#** does *not* activate built-in TLS support. Use --cert +#** for that. +#** +#** --page NAME Come up in stand-alone mode, and then try to launch a +#** web-browser pointing to the NAME document after the +#** listening socket has been created. This option +#** implies --loopback and "--port 8080..8100". +#** +#** --popup Launch a stand-alone web server to use for testing. +#** This option implies "--port 8080..8100". This option +#** is similar to "--page NAME" except that it does not +#** try to launch a web-browser and does not force the +#** connection into --loopback mode. Use this when +#** running a test web-server on a remote host via ssh. +#** +#** --loopback Only accept loop-back TCP connections (connections +#** originating from the same host). This is the +#** default if --root is omitted. #** #** --family ipv4 Only accept input from IPV4 or IPV6, respectively. #** --family ipv6 These options are only meaningful if althttpd is run #** as a stand-alone server. #** -#** --jail BOOLEAN Indicates whether or not to form a chroot jail if +#** --jail BOOLEAN Indicates whether or not to form a chroot jail if #** initially run as root. The default is true, so the only #** useful variant of this option is "--jail 0" which prevents #** the formation of the chroot jail. @@ -40,12 +71,24 @@ #** 120 seconds. #** #** --max-cpu SEC Maximum number of seconds of CPU time allowed per -#** HTTP connection. Default 30. 0 means no limit. +#** HTTP connection. Default 30 (build option: +#** -DMAX_CPU=integer). 0 means no limit. +#** +#** --debug BOOLEAN Disables input timeouts. This is useful for debugging +#** when inputs are being typed in manually. +#** +#** --enable-sab Add new lines to the HTTP reply header that are +#** prerequisites for SharedArrayBuffer. These are the lines: +#** Cross-Origin-Embedder-Policy: require-corp +#** Cross-Origin-Opener-Policy: same-origin +#** +#** +#** Additional command-line options available when compiling with ENABLE_TLS: +#** +#** --cert FILE The TLS certificate, the "fullchain.pem" file #** -#** --debug Disables input timeouts. This is useful for debugging -#** when inputs is being typed in manually. +#** --pkey FILE The TLS private key, the "privkey.pem" file. May be +#** omitted if the --cert file is the concatenation of +#** the fullchain.pem and the privkey.pem. #** -#** Command-line options can take either one or two initial "-" characters. -#** So "--debug" and "-debug" mean the same thing, for example. - ALTHTTPD_OPTS="" |