commit 8724db3eb64ccdba0374807464a168f94992b1e9 Author: Bram Prieshof Date: Mon Jun 27 19:20:05 2022 +0200 Intial commit diff --git a/Install_LDS.sh b/Install_LDS.sh new file mode 100644 index 0000000..f5c5527 --- /dev/null +++ b/Install_LDS.sh @@ -0,0 +1,125 @@ +#!/bin/sh + +#OS Detect +case $(grep -e "^ID=*" "/etc/os-release" |sed 's/ID=//g') in + *"alpine"*) + dist=alp;; + *"ubuntu"* | *"debian"* ) + dist=deb;; + *) + "This distro is not (yet) supported" + exit;; +esac + +#Git-repo +repo=https://git.bprieshof.nl/Tools/LDS-Base +branch=main +LDSIDREPO=https://git.bprieshof.nl/Tools/LDS-ImageDownloader.git + +pkgs="ca-certificates dnsmasq lighttpd" + +##Set if using LDS-ImageDownloader +while true; do + read -r -n 1 -p"Install LDS-ImageDownloader? [y/n]: " REPLY1 + echo "" + case $REPLY1 in + [yY]) LDSID=true + while true; do + read -r -n 1 -p"Download Installers? [y/n]: " REPLY2 + echo "" + case $REPLY2 in + [yY]) LDSIDdwni=true + break;; + [nN])LDSIDdwni=false + break;; + *) echo "invalid input" + esac + done + while true; do + read -r -n 1 -p"Download Tools? [y/n]: " REPLY3 + echo "" + case $REPLY3 in + [yY]) LDSIDdwnt=true + break;; + [nN]) LDSIDdwnt=false + break;; + *) echo "invalid input" + esac + done + pkgs="$pkgs zstd cpio git" + case $dist in + alp) + pkgs="$pkgs bash cdrkit" + break;; + deb ) + pkgs="$pkgs genisoimage wget unzip" + break;; + esac + break;; + [nN]) LDSID=false + break;; + *) echo "invalid input" + esac +done + + +## install packages +case $dist in + alp) + pkgs="$pkgs grep" + apk update + apk add $pkgs + rc-update add lighttpd + rc-update add dnsmasq;; + deb ) + apt update + apt install -y $pkgs + systemctl enable lighttpd dnsmasq;; +esac + +wget -O /tmp/LDS.tar.gz "$repo"/archive/"$branch".tar.gz +tar –xzf /tmp/LDS.tar.gz –C /tmp + +#Configure (re)start services +mkdir -p /opt/LDS/tftp /opt/LDS/www +mv /tmp/LDS-Base/iPXE /opt/LDS/tftp +mv /tmp/LDS-Base/UpdateIP.sh /opt/LDS +mv /tmp/LDS-Base/dnsmasq.conf /etc/dnsmasq.conf +mv /tmp/LDS-Base/lighttpd.conf /etc/lighttpd/lighttpd.conf + +#Set dnsmasq ip range +echo "" +echo "" +ip a + +read -p "Please enter the name of the network inteface: " netIF +sed -i "/NetIF=/c\NetIF=$netIF" /opt/LDS/UpdateIP.sh +ipa=$(ip -4 addr show $netIF | grep -m 1 -oP '(?<=inet\s)\d+(\.\d+){3}' | grep -E -o "([0-9]{1,3}[\.]){2}[0-9]{1,3}" |head -1 ) +ipa="$ipa"".0" +sed -i '/dhcp-range/c\dhcp-range='"$ipa"',proxy' /etc/dnsmasq.conf +## install packages +case $dist in + alp) + service lighttpd stop + service dnsmasq stop + service lighttpd start + service dnsmasq start;; + deb ) + systemctl stop lighttpd dnsmasq + systemctl start lighttpd dnsmasq;; +esac + +#Install LDS-ImageDownloader +if $LDSID; then + #git clone $LDSIDREPO /opt/LDS/ImageDownloader + cd /opt/LDS/ImageDownloader/ + ln -s /opt/LDS/ImageDownloader/LinuxInstallers-LID.ipxe /opt/LDS/tftp/iPXE/LinuxInstallers-LID.ipxe + sed -i '/set LDSIMenu/c\set LDSIMenu LinuxInstallers-LID.ipxe' /opt/LDS/tftp/iPXE/LDS.ipxe + if $LDSIDdwnt; then + sed -i -e 's/#item CloneZilla/item CloneZilla/g' -e 's/#item GParted/item GParted/g' -e 's/#item SystemRescueCD/item SystemRescueCD/g' /opt/LDS/tftp/iPXE/LDS.ipxe + $SHELL Download-AllTools.sh + fi + if $LDSIDdwni; then + $SHELL Download-AllInstallers.sh + fi +fi diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..c59ed3c --- /dev/null +++ b/Readme.md @@ -0,0 +1,25 @@ +# Linux depoyment server (LDS) + +## Features +* Uses proxy-DHCP,so no further DHCP config is needed +* Works with (legacy) boot pxe +* Works with (non secure boot) EFI systems +* Works with raspberry pi's +* chain to Windows deployment server (WDS) +* Use installer images from the Web or the in-build http server when using the LDS-ImageDownloader project +* Can be installed on Alpine, Debian or Ubuntu Linux + +## Installation +Start the installation script using one of the following commands + +Using curl +``` +$SHELL <(curl -s https://git.bprieshof.nl/brammp/LDS-Base/raw/branch/main/Install_LDS.sh) +``` + +Using wget +``` +$SHELL <(wget -q -O- https://git.bprieshof.nl/brammp/LDS-Base/raw/branch/main/Install_LDS.sh) +``` + +when asked for the network interface make sure to enter it without using backspaces diff --git a/UpdateIP.sh b/UpdateIP.sh new file mode 100644 index 0000000..456a9a9 --- /dev/null +++ b/UpdateIP.sh @@ -0,0 +1,7 @@ +#Used for updating the ip subnet in DNSMasq +NetIF= +sleep 20 +ipa=$(ip -4 addr show $NetIF | grep -m 1 -oP '(?<=inet\s)\d+(\.\d+){3}' | grep -E -o "([0-9]{1,3}[\.]){2}[0-9]{1,3}" |head -1 ) +ipa="$ipa"".0" +sed -i '/dhcp-range/c\dhcp-range='"$ipa"',proxy' /etc/dnsmasq.conf +service dnsmasq restart diff --git a/dnsmasq.conf b/dnsmasq.conf new file mode 100644 index 0000000..928f288 --- /dev/null +++ b/dnsmasq.conf @@ -0,0 +1,32 @@ +port=0 + +log-dhcp +dhcp-range=192.168.1.0,proxy + +#Set WDS tag when selected from iPXE menu +dhcp-userclass=set:wds,wds +#Set ENH tag when iPXE requests boot script +dhcp-userclass=set:ENH,iPXE + +#Load iPXE script when loaded +pxe-service=tag:ENH,tag:!wds,BC_EFI, Load iPXE, /iPXE/boot.ipxe +pxe-service=tag:ENH,tag:!wds,X86-64_EFI, Load iPXE, /iPXE/boot.ipxe +pxe-service=tag:ENH,tag:!wds,X86PC, Load iPXE, /iPXE/boot.ipxe + +#Boot WDS when selected from ipxe +pxe-service=tag:!ENH,tag:wds,BC_EFI, "Load WDS", boot\x64\wdsmgfw.efi, 192.168.1.101 +pxe-service=tag:!ENH,tag:wds,X86-64_EFI, "Load WDS", boot\x64\wdsmgfw.efi, 192.168.1.101 +pxe-service=tag:!ENH,tag:wds,X86PC, "Load WDS", boot\x86\wdsnbp.com, 192.168.1.101 + +#Load ipxe if not loaded +pxe-service=tag:!ENH,tag:!wds,X86PC, "Load iPXE", /iPXE/undionly.kpxe +pxe-service=tag:!ENH,tag:!wds,BC_EFI, "Load iPXE", /iPXE/ipxe.efi +pxe-service=tag:!ENH,tag:!wds,X86-64_EFI, "Load iPXE", /iPXE/ipxe.efi + +#Enable tftp and set its root folder +enable-tftp +tftp-root=/opt/LDS/tftp + +#Use for telling Raspberry Pi's they can boot form this server (can be disabled if not using Pi's since is causes a delayed start for normal PXE) +pxe-prompt="Booting PXE Client", 1 +pxe-service=0,"Raspberry Pi Boot" diff --git a/iPXE/LDS.ipxe b/iPXE/LDS.ipxe new file mode 100644 index 0000000..d1b65f2 --- /dev/null +++ b/iPXE/LDS.ipxe @@ -0,0 +1,114 @@ +#!ipxe + +#Vars +#Linux Installer menu selector +#Use "LinuxInstallers-LID.ipxe" for stored boot images (using LDS-UpdateBootImages) +#Or Use "LinuxInstallers.ipxe" for online boot images +set LDSIMenu LinuxInstallers.ipxe + +###################### MAIN MENU #################################### + +:start +menu Linux Depolyment server - Main +item MenuLinuxTools Tools --> +item MenuLinuxInstallers Installers --> +#item MenuLinuxCustomInstallers Custom Installers --> + + +choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel +set menu-timeout 0 +goto ${selected} + +:cancel +echo You cancelled the menu, dropping you to a shell + +:shell +echo Type 'exit' to get the back to the menu +shell +set menu-timeout 0 +set submenu-timeout 0 +goto startinitrd + +:failed +echo Booting failed, dropping to shell +goto shell + + +#Linux Installer menu +:MenuLinuxInstallers +chain ${LDSIMenu} +boot + +###################### Linux Custom Installer menu #################################### +:MenuLinuxCustomInstallers +menu Linux menu Linux Depolyment server - Custom installers +item CustomInstallPlaceHolder Place Holder + +item +item start Back to the main menu <-- +choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel +set menu-timeout 0 +goto ${selected} + +:CustomInstallPlaceHolder + kernel + initrd + boot + +###################### Linux Tool menu #################################### +:MenuLinuxTools +menu Linux Depolyment server - Tools +#item CloneZilla CloneZilla +#item GParted GParted +#item SystemRescueCD SystemRescueCD x64 +#item PartedMagic32 Parted Magic x86 +#item PartedMagic64 Parted Magic x64 +#item AcronisTrueImage32 Acronis True Image x86 +#item AcronisTrueImage64 Acronis True Image x64 + +item +item start Back to the main menu <-- +choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel +set menu-timeout 0 +goto ${selected} + +:CloneZilla + kernel http://${next-server}/Tools/CloneZilla/vmlinuz initrd=initrd.img boot=live username=user union=overlay config components noswap edd=on nomodeset nodmraid locales= keyboard-layouts= ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no net.ifnames=0 nosplash noprompt fetch=http://${next-server}/Tools/CloneZilla/filesystem.squashfs + initrd http://${next-server}/Tools/CloneZilla/initrd.img + boot + +:GParted + kernel http://${next-server}/Tools/Gparted/vmlinuz initrd=initrd.img boot=live config components union=overlay username=user noswap noeject fetch=http://${next-server}/Tools/Gparted/filesystem.squashfs + initrd http://${next-server}/Tools/Gparted/initrd.img + boot + +:PartedMagic64 + kernel http://${next-server}/Tools/PartedMagic/bzImage64 initrd=initrd.img initrd=PMAGIC_2013_08_01.SQFS.cgz edd=off load_ramdisk=1 prompt_ramdisk=0 rw loglevel=9 max_loop=256 + initrd http://${next-server}/Tools/PartedMagic/initrd.img + initrd http://${next-server}/Tools/PartedMagic/PMAGIC_2013_08_01.SQFS.cgz + boot + +:PartedMagic32 + kernel http://${next-server}/Tools/PartedMagic/bzImage initrd=initrd.img initrd=PMAGIC_2013_08_01.SQFS.cgz edd=off load_ramdisk=1 prompt_ramdisk=0 rw loglevel=9 max_loop=256 + initrd http://${next-server}/Tools/PartedMagic/initrd.img + initrd http://${next-server}/Tools/PartedMagic/PMAGIC_2013_08_01.SQFS.cgz + boot + +:AcronisTrueImage64 + kernel http://${next-server}/Tools/AcronisTrueImage/dat10.dat force_modules=usbhid quiet + initrd http://${next-server}/Tools/AcronisTrueImage/dat11.dat + initrd http://${next-server}/Tools/AcronisTrueImage/dat12.dat + boot + +:AcronisTrueImage32 + kernel http://${next-server}/Tools/AcronisTrueImage/dat2.dat force_modules=usbhid quiet + initrd http://${next-server}/Tools/AcronisTrueImage/dat3.dat + initrd http://${next-server}/Tools/AcronisTrueImage/dat4.dat + boot + +:SystemRescueCD + kernel http://${next-server}/Tools/SystemRescueCD/vmlinuz archisobasedir=Tools/SystemRescueCD ip=dhcp archiso_http_srv=http://${next-server}/ + initrd http://${next-server}/Tools/SystemRescueCD/intel_ucode.img + initrd http://${next-server}/Tools/SystemRescueCD/amd_ucode.img + initrd http://${next-server}/Tools/SystemRescueCD/sysresccd.img + boot diff --git a/iPXE/LinuxInstallers.ipxe b/iPXE/LinuxInstallers.ipxe new file mode 100644 index 0000000..c12869c --- /dev/null +++ b/iPXE/LinuxInstallers.ipxe @@ -0,0 +1,102 @@ +#!ipxe + +#Vars +set DebianVer bullseye +set CentosStreamVer 9-stream +set AlmalVer 9 +set RockyVer 8 +set FedoraVer 36 +set AlpineVer latest-stable + +#LDS Linux install menu using external images + +:start +menu Linux Depolyment server - Installers +#Variable items + +item Debian Install Debian ${DebianVer} x64 +item CentosStream Install CentOS ${CentosStreamVer} x64 +item AlmaLinux Install Alma ${AlmalVer} x64 +item RockyLinux Install Rocky ${RockyVer} x64 +item OpenSuseLeap Install OpenSuse Leap x64 +item Fedora Install Fedora ${FedoraVer} x64 +item Alpine Install Alpine ${AlpineVer} x64 + +#Legacy static items +#item Debian10 Install Debian 10 x64 +#item Ubuntu1804 Install Ubuntu 18.04 x64 +#item Ubuntu2004 Install Ubuntu 20.04 x64 +#item Centos7 Install CentOS 7 x64 +#item Centos8Stream Install CentOS 8-Stream x64 + +item +item --key x LDSMain Back to the main menu <-- +choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel +set menu-timeout 0 +goto ${selected} + +#Load LDS Main menu +:LDSMain +chain LDS.ipxe +boot + +:Debian + kernel http://ftp.nl.debian.org/debian/dists/${DebianVer}/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux initrd=initrd.gz + initrd http://ftp.nl.debian.org/debian/dists/${DebianVer}/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz + boot + +:CentosStream + kernel http://mirror.stream.centos.org/${CentosStreamVer}/BaseOS/x86_64/os/images/pxeboot/vmlinuz initrd=initrd.img inst.stage2=http://mirror.stream.centos.org/${CentosStreamVer}/BaseOS/x86_64/os/ devfs=nomount ip=dhcp + initrd http://mirror.stream.centos.org/${CentosStreamVer}/BaseOS/x86_64/os/images/pxeboot/initrd.img + boot + +:AlmaLinux + kernel http://repo.almalinux.org/almalinux/${AlmalVer}/BaseOS/x86_64/os/images/pxeboot/vmlinuz initrd=initrd.img inst.stage2=http://repo.almalinux.org/almalinux/${AlmalVer}/BaseOS/x86_64/os/ devfs=nomount ip=dhcp + initrd http://repo.almalinux.org/almalinux/${AlmalVer}/BaseOS/x86_64/os/images/pxeboot/initrd.img + boot + +:RockyLinux + kernel http://download.rockylinux.org/pub/rocky/${RockyVer}/BaseOS/x86_64/os/images/pxeboot/vmlinuz initrd=initrd.img inst.stage2=http://download.rockylinux.org/pub/rocky/${RockyVer}/BaseOS/x86_64/os/ devfs=nomount ip=dhcp + initrd http://download.rockylinux.org/pub/rocky/${RockyVer}/BaseOS/x86_64/os/images/pxeboot/initrd.img + boot + +:OpenSuseLeap + kernel http://download.opensuse.org/distribution/openSUSE-stable/repo/oss/boot/x86_64/loader/linux initrd=initrd showopts install=http://download.opensuse.org/distribution/openSUSE-stable/repo/oss/ + initrd http://download.opensuse.org/distribution/openSUSE-stable/repo/oss/boot/x86_64/loader/initrd + boot + +:Fedora + kernel http://download.fedoraproject.org/pub/fedora/linux/releases/${FedoraVer}/Everything/x86_64/os/images/pxeboot/vmlinuz initrd=initrd.img inst.stage2=https://download.fedoraproject.org/pub/fedora/linux/releases/${FedoraVer}/Everything/x86_64/os/ devfs=nomount ip=dhcp + initrd http://download.fedoraproject.org/pub/fedora/linux/releases/${FedoraVer}/Everything/x86_64/os/images/pxeboot/initrd.img + boot + +:Alpine + kernel http://dl-4.alpinelinux.org/alpine/${AlpineVer}/releases/x86_64/netboot/vmlinuz-lts modules=loop,squashfs quiet alpine_repo=http://dl-4.alpinelinux.org/alpine/${AlpineVer}/main modloop=http://dl-4.alpinelinux.org/alpine/${AlpineVer}/releases/x86_64/netboot/modloop-lts initrd=initramfs-lts + initrd http://dl-4.alpinelinux.org/alpine/${AlpineVer}/releases/x86_64/netboot/initramfs-lts + boot + + #Legacy static items +:Debian10 + kernel http://ftp.nl.debian.org/debian/dists/buster/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux initrd=initrd.gz + initrd http://ftp.nl.debian.org/debian/dists/buster/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz + boot + +:Ubuntu1804 + kernel http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux initrd=initrd.gz + initrd http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/initrd.gz + boot + +:Ubuntu2004 + kernel http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/linux initrd=initrd.gz + initrd http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/installer-amd64/current/legacy-images/netboot/ubuntu-installer/amd64/initrd.gz + boot + +:Centos7 + kernel http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/vmlinuz initrd=initrd.img method=http://mirror.centos.org/centos/7/os/x86_64/ devfs=nomount ip=dhcp + initrd http://mirror.centos.org/centos/7/os/x86_64/images/pxeboot/initrd.img + boot + +:Centos8Stream + kernel http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/images/pxeboot/vmlinuz initrd=initrd.img method=http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/ devfs=nomount ip=dhcp + initrd http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/images/pxeboot/initrd.img + boot diff --git a/iPXE/boot.ipxe b/iPXE/boot.ipxe new file mode 100644 index 0000000..43ec11f --- /dev/null +++ b/iPXE/boot.ipxe @@ -0,0 +1,54 @@ +#!ipxe + +# Some menu defaults +set menu-timeout 50000 +set submenu-timeout ${menu-timeout} +isset ${menu-default} || set menu-default exit + +:start +menu iPXE boot menu for +item --gap -- ------------------------- Boot server selector ------------------------------ +item --key l LDS Boot to LDS +item --key W WDS Boot to WDS +item --gap -- ------------------------- Advanced options ------------------------------- +item shell Drop to iPXE shell +item poweroff Shutdown computer +item reboot Reboot computer +item +item --key x exit Exit iPXE and continue BIOS boot +choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel +set menu-timeout 0 +goto ${selected} + +:cancel +echo You cancelled the menu, dropping you to a shell + +:shell +echo Type 'exit' to get the back to the menu +shell +set menu-timeout 0 +set submenu-timeout 0 +goto start + +:failed +echo Booting failed, dropping to shell +goto shell + +:poweroff +poweroff + +:reboot +reboot + +:exit +exit + +#Load LDS +:LDS +chain LDS.ipxe +boot + +#Set DHCP user class to "wds" and start networkboot +:WDS +set user-class wds +autoboot || goto failed diff --git a/iPXE/ipxe.efi b/iPXE/ipxe.efi new file mode 100644 index 0000000..687faa9 Binary files /dev/null and b/iPXE/ipxe.efi differ diff --git a/iPXE/undionly.kpxe b/iPXE/undionly.kpxe new file mode 100644 index 0000000..02733d9 Binary files /dev/null and b/iPXE/undionly.kpxe differ diff --git a/lighttpd.conf b/lighttpd.conf new file mode 100644 index 0000000..9dae1ee --- /dev/null +++ b/lighttpd.conf @@ -0,0 +1,84 @@ +#Basic lighttpd server with directory listing +server.modules = ( + "mod_access", + "mod_accesslog", + "mod_dirlisting" +) + +# {{{ mime types +mimetype.assign = ( + ".svg" => "image/svg+xml", + ".svgz" => "image/svg+xml", + ".pdf" => "application/pdf", + ".sig" => "application/pgp-signature", + ".spl" => "application/futuresplash", + ".class" => "application/octet-stream", + ".ps" => "application/postscript", + ".torrent" => "application/x-bittorrent", + ".dvi" => "application/x-dvi", + ".gz" => "application/x-gzip", + ".pac" => "application/x-ns-proxy-autoconfig", + ".swf" => "application/x-shockwave-flash", + ".tar.gz" => "application/x-tgz", + ".tgz" => "application/x-tgz", + ".tar" => "application/x-tar", + ".zip" => "application/zip", + ".dmg" => "application/x-apple-diskimage", + ".mp3" => "audio/mpeg", + ".m3u" => "audio/x-mpegurl", + ".wma" => "audio/x-ms-wma", + ".wax" => "audio/x-ms-wax", + ".ogg" => "application/ogg", + ".wav" => "audio/x-wav", + ".gif" => "image/gif", + ".jpg" => "image/jpeg", + ".jpeg" => "image/jpeg", + ".png" => "image/png", + ".xbm" => "image/x-xbitmap", + ".xpm" => "image/x-xpixmap", + ".xwd" => "image/x-xwindowdump", + ".css" => "text/css", + ".html" => "text/html", + ".htm" => "text/html", + ".js" => "text/javascript", + ".asc" => "text/plain", + ".c" => "text/plain", + ".h" => "text/plain", + ".cc" => "text/plain", + ".cpp" => "text/plain", + ".hh" => "text/plain", + ".hpp" => "text/plain", + ".conf" => "text/plain", + ".log" => "text/plain", + ".text" => "text/plain", + ".txt" => "text/plain", + ".diff" => "text/plain", + ".patch" => "text/plain", + ".ebuild" => "text/plain", + ".eclass" => "text/plain", + ".rtf" => "application/rtf", + ".bmp" => "image/bmp", + ".tif" => "image/tiff", + ".tiff" => "image/tiff", + ".ico" => "image/x-icon", + ".dtd" => "text/xml", + ".xml" => "text/xml", + ".mpeg" => "video/mpeg", + ".mpg" => "video/mpeg", + ".mov" => "video/quicktime", + ".qt" => "video/quicktime", + ".avi" => "video/x-msvideo", + ".asf" => "video/x-ms-asf", + ".asx" => "video/x-ms-asf", + ".wmv" => "video/x-ms-wmv", + ".bz2" => "application/x-bzip", + ".tbz" => "application/x-bzip-compressed-tar", + ".tar.bz2" => "application/x-bzip-compressed-tar" + ) +# }}} + +server.document-root = "/opt/LDS/www" +server.pid-file = "/run/lighttpd.pid" +server.follow-symlink = "enable" +url.access-deny = ("~", ".inc") +dir-listing.activate = "enable"