back to home

advanced: setting up lighttpd and tls

lighttpd

the built-in http server (busybox httpd) does not support tls (https) so i've opted for lighttpd instead:

$ sudo apk add lighttpd

create the /var/www/html/ directory:

sudo mkdir -p /var/www/html/

write webserver.conf in your home directory:

server.indexfiles    = ("index.html")
server.document-root = "/var/www/html/"

write a simple hello world html file:

$ sudo sh -c 'echo "<h1>hello world</h1>" > /var/www/html/index.html'

add a nftables rule to allow incoming packets on port 80, in /etc/nftables.d/99_http.nft:

inet filter input tcp dport 80 ct state new accept

then restart nftables with sudo systemctl restart nftables

write a systemd service file for the webserver in /etc/systemd/system/webserver.service:

[Unit]
Description=Simple lighttpd webserver

[Service]
ExecStart=/usr/sbin/lighttpd -D -f /home/user/webserver.conf

[Install]
WantedBy=default.target

change user to your actual username

run the following to launch your webserver and start it on boot:

$ systemctl start webserver
$ systemctl enable webserver

test out the server by curling the website from your computer:

$ curl 192.168.1.x

you should see the <h1>hello world</h1> text from above

now type the ip address in the web browser of any device connected to the same wifi network, and marvel at your own tiny local digital garden

tls

TODO

built by louis merlin under the cc by-nc-sa 4.0 license