Configure Lighttpd Web Server To Use NFS Shared Static Files

The Lighttpd web server is responsible for providing access to static content via the HTTP or HTTPS protocol. In this example, I’m going to install and use the Lighttpd web server and set DocumentRoot to vm05:/exports/static mounted at /var/www/static. You need to type the following commands on vm01 having an IP address only.

Configure NFS client

Use the yum command to install required NFS client packages:
# yum groupinstall "Network file system client"
# yum install nfs-utils nfs4-acl-tools
Turn on the NFSv4 client services:
# chkconfig rpcbind on
# chkconfig rpcidmapd on
# chkconfig nfslock on

/etc/idmapd.conf nfs client configuration

Edit /etc/idmapd.conf, enter:
# vi /etc/idmapd.conf
Make sure it is set as per NFS server domain name:

Domain =
Nobody-User = nobody
Nobody-Group = nobody

Save and close the file. Start all nfs client services, enter:
# /sbin/service rpcbind start
# /sbin/service rpcidmapd start
# /sbin/service nfslock start

Creating user account

I’m going to run the Lighttpd web server as apache user only. To add Linux user account, enter:
# /usr/sbin/groupadd -g 48 apache
# /usr/sbin/useradd -s /sbin/nologin -g 48 -u 48 -M -d /var/www apache
# /usr/bin/passwd -l apache

Mount file system

Type the following command:
# showmout -e vm05
Sample outputs:

Export list for v.txvip1:

Mount /exports/static nfs file system at /var/www/static, enter:
# mkdir /var/www/static
# /bin/mount -t nfs4 -orsize=32768,wsize=32768,intr,hard,proto=tcp,sync vm05:/exports/static /var/www/static/

Mount /exports/static nfs file system at /var/www/static, enter:
# mkdir /var/www/static

Mounting NFS file systems using /etc/fstab

Edit /etc/fstab, enter:
# vi /etc/fstab
Append the entry, enter:

vm05:/exports/static    /var/www/static  nfs4   orsize=32768,wsize=32768,intr,hard,proto=tcp,sync

Save and close the file. Make sure netfs service is turned on:
# chkconfig netfs on

Finally, verify that apache user can see files, enter:
# su - apache
$ ls /var/www/static/
$ exit

Please note that root user or any other user may not able to see /var/www/html due to security policy. This is default and only lighttpd user called apache must access DocumentRoot.

Install Lighttpd web server

Turn on EPEL repo and install the lighttpd web server:
# yum install lighttpd
Sample outputs:

Loaded plugins: rhnplugin
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package lighttpd.x86_64 0:1.4.28-3.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

 Package          Arch           Version               Repository    Size
 lighttpd         x86_64         1.4.28-3.el6          epel         328 k

Transaction Summary
Install       1 Package(s)

Total download size: 328 k
Installed size: 878 k
Is this ok [y/N]: y
Downloading Packages:
lighttpd-1.4.28-3.el6.x86_64.rpm                   | 328 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : lighttpd-1.4.28-3.el6.x86_64                           1/1

  lighttpd.x86_64 0:1.4.28-3.el6


Configure Lighttpd web server

Edit /etc/lighttpd/lighttpd.conf, enter:
# mv /etc/lighttpd/lighttpd.{conf,default.bak}
# vi /etc/lighttpd/lighttpd.conf

Append the following configuration:

## Static config for
server.modules              = (
server.errorlog            = "/var/log/lighttpd/error.log"
accesslog.filename         = "/var/log/lighttpd/access.log"
index-file.names            = ( "index.html", "index.htm", "default.htm" )
server.tag                 = "lighttpd" = "linux-sendfile"
## allow lan only communication ##
server.port = "80"
server.bind = ""
server.document-root = "/var/www/static" = "/var/run/"
server.username = "apache"
server.groupname = "apache"
## all static assets are cached for 30days ##
$HTTP["url"] =~ "^/" {
   expire.url = ( "" => "access 30 days" )
### Log real client ips on backend ###
### 192.168.1.{1,2} == nginx resverse proxy server ##
extforward.headers = ("X-Forwarded-For")
extforward.forwarder = (
      "" => "trust",
      "" => "trust"
## mimetype mapping
include "conf.d/mime.conf"

Save and close the file.

Configure iptables to allow access to the web server

Edit /etc/sysconfig/iptables. Add the following lines, ensuring that they appear before the final LOG and DROP lines for the INPUT chain:

## allow only access from lan ##
-A INPUT -m state --state NEW -p tcp -s --dport 80 -j ACCEPT

Save and close the file. Restart the iptables service, enter:
# /sbin/service iptables restart
# /sbin/iptables -L -v -n

Turn on Lighttpd:

Start the Lighttpd web server, enter:
# chkconfig lighttpd on
# service lighttpd start

Test it

Fire a webbrowser and type:

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 2 comments so far... add one
CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • Jalal Hajigholamali Jun 23, 2012 @ 2:30

    Thanks a lot…

  • maxim Jul 26, 2012 @ 11:50

    Why lighttpd instead of nginx?

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum