Configure Lighttpd Web Server To Use NFS Shared Static Files

by on June 22, 2012 · 2 comments· LAST UPDATED June 22, 2012

in lighttpd, Linux, RedHat/Fedora Linux

The Lighttpd web server is responsible for providing access to static content via the HTTP or HTTPS protocol. In this example, I'm going to install and use the Lighttpd web server and set DocumentRoot to vm05:/exports/static mounted at /var/www/static. You need to type the following commands on vm01 having an IP address only.

Configure NFS client

Use the yum command to install required NFS client packages:
# yum groupinstall "Network file system client"
# yum install nfs-utils nfs4-acl-tools
Turn on the NFSv4 client services:
# chkconfig rpcbind on
# chkconfig rpcidmapd on
# chkconfig nfslock on

/etc/idmapd.conf nfs client configuration

Edit /etc/idmapd.conf, enter:
# vi /etc/idmapd.conf
Make sure it is set as per NFS server domain name:

Domain =
Nobody-User = nobody
Nobody-Group = nobody

Save and close the file. Start all nfs client services, enter:
# /sbin/service rpcbind start
# /sbin/service rpcidmapd start
# /sbin/service nfslock start

Creating user account

I'm going to run the Lighttpd web server as apache user only. To add Linux user account, enter:
# /usr/sbin/groupadd -g 48 apache
# /usr/sbin/useradd -s /sbin/nologin -g 48 -u 48 -M -d /var/www apache
# /usr/bin/passwd -l apache

Mount file system

Type the following command:
# showmout -e vm05
Sample outputs:

Export list for v.txvip1:

Mount /exports/static nfs file system at /var/www/static, enter:
# mkdir /var/www/static
# /bin/mount -t nfs4 -orsize=32768,wsize=32768,intr,hard,proto=tcp,sync vm05:/exports/static /var/www/static/

Mount /exports/static nfs file system at /var/www/static, enter:
# mkdir /var/www/static

Mounting NFS file systems using /etc/fstab

Edit /etc/fstab, enter:
# vi /etc/fstab
Append the entry, enter:

vm05:/exports/static    /var/www/static  nfs4   orsize=32768,wsize=32768,intr,hard,proto=tcp,sync

Save and close the file. Make sure netfs service is turned on:
# chkconfig netfs on

Finally, verify that apache user can see files, enter:
# su - apache
$ ls /var/www/static/
$ exit

Please note that root user or any other user may not able to see /var/www/html due to security policy. This is default and only lighttpd user called apache must access DocumentRoot.

Install Lighttpd web server

Turn on EPEL repo and install the lighttpd web server:
# yum install lighttpd
Sample outputs:

Loaded plugins: rhnplugin
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package lighttpd.x86_64 0:1.4.28-3.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
 Package          Arch           Version               Repository    Size
 lighttpd         x86_64         1.4.28-3.el6          epel         328 k
Transaction Summary
Install       1 Package(s)
Total download size: 328 k
Installed size: 878 k
Is this ok [y/N]: y
Downloading Packages:
lighttpd-1.4.28-3.el6.x86_64.rpm                   | 328 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : lighttpd-1.4.28-3.el6.x86_64                           1/1
  lighttpd.x86_64 0:1.4.28-3.el6

Configure Lighttpd web server

Edit /etc/lighttpd/lighttpd.conf, enter:
# mv /etc/lighttpd/lighttpd.{conf,default.bak}
# vi /etc/lighttpd/lighttpd.conf

Append the following configuration:

## Static config for
server.modules              = (
server.errorlog            = "/var/log/lighttpd/error.log"
accesslog.filename         = "/var/log/lighttpd/access.log"
index-file.names            = ( "index.html", "index.htm", "default.htm" )
server.tag                 = "lighttpd" = "linux-sendfile"
## allow lan only communication ##
server.port = "80"
server.bind = ""
server.document-root = "/var/www/static" = "/var/run/"
server.username = "apache"
server.groupname = "apache"
## all static assets are cached for 30days ##
$HTTP["url"] =~ "^/" {
   expire.url = ( "" => "access 30 days" )
### Log real client ips on backend ###
### 192.168.1.{1,2} == nginx resverse proxy server ##
extforward.headers = ("X-Forwarded-For")
extforward.forwarder = (
      "" => "trust",
      "" => "trust"
## mimetype mapping
include "conf.d/mime.conf"

Save and close the file.

Configure iptables to allow access to the web server

Edit /etc/sysconfig/iptables. Add the following lines, ensuring that they appear before the final LOG and DROP lines for the INPUT chain:

## allow only access from lan ##
-A INPUT -m state --state NEW -p tcp -s --dport 80 -j ACCEPT

Save and close the file. Restart the iptables service, enter:
# /sbin/service iptables restart
# /sbin/iptables -L -v -n

Turn on Lighttpd:

Start the Lighttpd web server, enter:
# chkconfig lighttpd on
# service lighttpd start

Test it

Fire a webbrowser and type:
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 2 comments… read them below or add one }

1 Jalal Hajigholamali June 23, 2012 at 2:30 am

Thanks a lot…


2 maxim July 26, 2012 at 11:50 am

Why lighttpd instead of nginx?


Leave a Comment

Tagged as:

Previous post:

Next post: