web-dev-qa-db-ja.com

CentOS 7 + Lighttpd、Webサーバーは機能していませんが実行中

新しいCENOS7にlighttpdをインストールしました。

IPにアクセスしようとすると、最終的にサイトにアクセスできないと表示されるよりも読み込まれます(ERR_CONNECTION_TIMED_OUT)。

実行するときsystemctl status lighttpd -l、サービスが稼働しているようです。

何か案が?

[root@myvps ~]# systemctl status lighttpd -l
● lighttpd.service - Lightning Fast Webserver With Light System Requirements
   Loaded: loaded (/usr/lib/systemd/system/lighttpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-02-11 09:50:53 CET; 19min ago
 Main PID: 7559 (lighttpd)
   CGroup: /system.slice/lighttpd.service
           └─7559 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf

Feb 11 09:50:53 myvps.mydomain.net systemd[1]: Stopped Lightning Fast Webserver With Light System Requirements.
Feb 11 09:50:53 myvps.mydomain.net systemd[1]: Started Lightning Fast Webserver With Light System Requirements.
Feb 11 09:50:53 myvps.mydomain.net lighttpd[7559]: 2020-02-11 09:50:53: (network.c.162) warning: please use server.use-ipv6 only for hostnames, not without server.bind / empty address; your config will break if the kernel default for IPV6_V6ONLY changes
Feb 11 09:50:53 myvps.mydomain.net lighttpd[7559]: 2020-02-11 09:50:53: (server.c.1437) can't have more connections than fds/2:  1024 1024
[root@myvps ~]#

.confファイル:

#######################################################################
##
## /etc/lighttpd/lighttpd.conf
##
## check /etc/lighttpd/conf.d/*.conf for the configuration of modules.
##
#######################################################################

#######################################################################
##
## Some Variable definition which will make chrooting easier.
##
## if you add a variable here. Add the corresponding variable in the
## chroot example aswell.
##
var.log_root    = "/var/log/lighttpd"
var.server_root = "/var/www"
var.state_dir   = "/var/run"
var.home_dir    = "/var/lib/lighttpd"
var.conf_dir    = "/etc/lighttpd"

## 
## run the server chrooted.
## 
## This requires root permissions during startup.
##
## If you run Chrooted set the the variables to directories relative to
## the chroot dir.
##
## example chroot configuration:
## 
#var.log_root    = "/logs"
#var.server_root = "/"
#var.state_dir   = "/run"
#var.home_dir    = "/lib/lighttpd"
#var.vhosts_dir  = "/vhosts"
#var.conf_dir    = "/etc"
#
#server.chroot   = "/srv/www"

##
## Some additional variables to make the configuration easier
##

##
## Base directory for all virtual hosts
##
## used in:
## conf.d/evhost.conf
## conf.d/simple_vhost.conf
## vhosts.d/vhosts.template
##
var.vhosts_dir  = server_root + "/vhosts"

##
## Cache for mod_compress
##
## used in:
## conf.d/compress.conf
##
var.cache_dir   = "/var/cache/lighttpd"

##
## Base directory for sockets.
##
## used in:
## conf.d/fastcgi.conf
## conf.d/scgi.conf
##
var.socket_dir  = state_dir + "/sockets"

##
#######################################################################

#######################################################################
##
## Load the modules.
include "modules.conf"

##
#######################################################################

#######################################################################
##
##  Basic Configuration
## ---------------------
##
server.port = 80

##
## Use IPv6?
##
server.use-ipv6 = "enable"

##
## bind to a specific IP
##
#server.bind = "localhost"

##
## Run as a different username/groupname.
## This requires root permissions during startup. 
##
server.username  = "lighttpd"
server.groupname = "lighttpd"

##
## Enable lighttpd to serve requests on sockets received from systemd
## https://www.freedesktop.org/software/systemd/man/systemd.socket.html
##
#server.systemd-socket-activation = "enable"

## 
## enable core files.
##
#server.core-files = "disable"

##
## Document root
##
server.document-root = server_root + "/lighttpd"

##
## The value for the "Server:" response field.
##
## It would be Nice to keep it at "lighttpd".
##
#server.tag = "lighttpd"

##
## store a pid file
##
server.pid-file = state_dir + "/lighttpd.pid"

##
#######################################################################

#######################################################################
##
##  Logging Options
## ------------------
##
## all logging options can be overwritten per vhost.
##
## Path to the error log file
##
server.errorlog             = log_root + "/error.log"

##
## If you want to log to syslog you have to unset the 
## server.errorlog setting and uncomment the next line.
##
#server.errorlog-use-syslog = "enable"

##
## Access log config
## 
include "conf.d/access_log.conf"

##
## The debug options are moved into their own file.
## see conf.d/debug.conf for various options for request debugging.
##
include "conf.d/debug.conf"

##
#######################################################################

#######################################################################
##
##  Tuning/Performance
## --------------------
##
## corresponding documentation:
## https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_Performance
##
## set the event-handler (read the performance section in the manual)
##
## possible options on linux are:
##
## select
## poll
## linux-sysepoll
##
## linux-sysepoll is recommended on kernel 2.6.
##
server.event-handler = "linux-sysepoll"

##
## The basic network interface for all platforms at the syscalls read()
## and write(). Every modern OS provides its own syscall to help network
## servers transfer files as fast as possible 
##
## sendfile       - is recommended for small files.
## writev         - is recommended for sending many large files
##
server.network-backend = "sendfile"

##
## As lighttpd is a single-threaded server, its main resource limit is
## the number of file descriptors, which is set to 1024 by default (on
## most systems).
##
## If you are running a high-traffic site you might want to increase this
## limit by setting server.max-fds.
##
## Changing this setting requires root permissions on startup. see
## server.username/server.groupname.
##
## By default lighttpd would not change the operation system default.
## But setting it to 2048 is a better default for busy servers.
##
## With SELinux enabled, this is denied by default and needs to be allowed
## by running the following once : setsebool -P httpd_setrlimit on  
#server.max-fds = 2048

##
## listen-backlog is the size of the listen() backlog queue requested when
## the lighttpd server ask the kernel to listen() on the provided network
## address.  Clients attempting to connect() to the server enter the listen()
## backlog queue and wait for the lighttpd server to accept() the connection.
##
## The out-of-box default on many operating systems is 128 and is identified
## as SOMAXCONN.  This can be tuned on many operating systems.  (On Linux,
## cat /proc/sys/net/core/somaxconn)  Requesting a size larger than operating
## system limit will be silently reduced to the limit by the operating system.
##
## When there are too many connection attempts waiting for the server to
## accept() new connections, the listen backlog queue fills and the kernel
## rejects additional connection attempts.  This can be useful as an
## indication to an upstream load balancer that the server is busy, and
## possibly overloaded.  In that case, configure a smaller limit for
## server.listen-backlog.  On the other hand, configure a larger limit to be
## able to handle bursts of new connections, but only do so up to an amount
## that the server can keep up with responding in a reasonable amount of
## time.  Otherwise, clients may abandon the connection attempts and the
## server will waste resources servicing abandoned connections.
##
## It is best to leave this setting at its default unless you have modelled
## your traffic and tested that changing this benefits your traffic patterns.
##
## Default: 1024
##
#server.listen-backlog = 128

##
## Stat() call caching.
##
## lighttpd can utilize FAM/Gamin to cache stat call.
##
## possible values are:
## disable, simple or fam.
##
server.stat-cache-engine = "simple"

##
## Fine tuning for the request handling
##
## max-connections == max-fds/2 (maybe /3)
## means the other file handles are used for fastcgi/files
##
server.max-connections = 1024

##
## How many seconds to keep a keep-alive connection open,
## until we consider it idle. 
##
## Default: 5
##
#server.max-keep-alive-idle = 5

##
## How many keep-alive requests until closing the connection.
##
## Default: 16
##
#server.max-keep-alive-requests = 16

##
## Maximum size of a request in kilobytes.
## By default it is unlimited (0).
##
## Uploads to your server cant be larger than this value.
##
#server.max-request-size = 0

##
## Time to read from a socket before we consider it idle.
##
## Default: 60
##
#server.max-read-idle = 60

##
## Time to write to a socket before we consider it idle.
##
## Default: 360
##
#server.max-write-idle = 360

##
##  Traffic Shaping 
## -----------------
##
## see /usr/share/doc/lighttpd/traffic-shaping.txt
##
## Values are in kilobyte per second.
##
## Keep in mind that a limit below 32kB/s might actually limit the
## traffic to 32kB/s. This is caused by the size of the TCP send
## buffer. 
##
## per server:
##
#server.kbytes-per-second = 128

##
## per connection:
##
#connection.kbytes-per-second = 32

##
#######################################################################

#######################################################################
##
##  Filename/File handling
## ------------------------

##
## files to check for if .../ is requested
## index-file.names            = ( "index.php", "index.rb", "index.html",
##                                 "index.htm", "default.htm" )
##
index-file.names += (
  "index.xhtml", "index.html", "index.htm", "default.htm", "index.php"
)

##
## deny access the file-extensions
##
## ~    is for backupfiles from vi, emacs, joe, ...
## .inc is often used for code includes which should in general not be part
##      of the document-root
url.access-deny             = ( "~", ".inc" )

##
## disable range requests for pdf files
## workaround for a bug in the Acrobat Reader plugin.
##
$HTTP["url"] =~ "\.pdf$" {
  server.range-requests = "disable"
}

##
## url handling modules (rewrite, redirect)
##
#url.rewrite                = ( "^/$"             => "/server-status" )
#url.redirect               = ( "^/wishlist/(.+)" => "http://www.example.com/$1" )

##
## both rewrite/redirect support back reference to regex conditional using %n
##
#$HTTP["Host"] =~ "^www\.(.*)" {
#  url.redirect            = ( "^/(.*)" => "http://%1/$1" )
#}

##
## which extensions should not be handle via static-file transfer
##
## .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi
##
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" )

##
## error-handler for all status 400-599
##
#server.error-handler       = "/error-handler.html"
#server.error-handler       = "/error-handler.php"

##
## error-handler for status 404
##
#server.error-handler-404   = "/error-handler.html"
#server.error-handler-404   = "/error-handler.php"

##
## Format: <errorfile-prefix><status-code>.html
## -> ..../status-404.html for 'File not found'
##
#server.errorfile-prefix    = "/srv/www/htdocs/errors/status-"

##
## mimetype mapping
##
include "conf.d/mime.conf"

##
## directory listing configuration
##
include "conf.d/dirlisting.conf"

##
## Should lighttpd follow symlinks?
## 
server.follow-symlink = "enable"

##
## force all filenames to be lowercase?
##
#server.force-lowercase-filenames = "disable"

##
## defaults to /var/tmp as we assume it is a local harddisk
##
server.upload-dirs = ( "/var/tmp" )

##
#######################################################################


#######################################################################
##
##  SSL Support
## ------------- 
##
## To enable SSL for the whole server you have to provide a valid
## certificate and have to enable the SSL engine.::
##
##   ssl.engine = "enable"
##   ssl.pemfile = "/path/to/server.pem"
##
##   $SERVER["socket"] == "10.0.0.1:443" {
##     ssl.engine                  = "enable"
##     ssl.pemfile                 = "/etc/ssl/private/www.example.com.pem"
##
##     # Check your cipher list with: openssl ciphers -v '...'
##     # (use single quotes as your Shell won't like ! in double quotes)
##     #ssl.cipher-list             = "PROFILE=SYSTEM"   # default
##
##     # (recommended to accept only TLSv1.2 and TLSv1.3)
##     #ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2, TLSv1.3")
##
##     server.name                 = "www.example.com"
##
##     server.document-root        = "/srv/www/vhosts/example.com/www/"
##   }
##

## If you have a .crt and a .key file, specify both ssl.pemfile and ssl.privkey,
## or cat them together into a single PEM file:
## $ cat /etc/ssl/private/lighttpd.key /etc/ssl/certs/lighttpd.crt \
##   > /etc/ssl/private/lighttpd.pem
##
#ssl.pemfile = "/etc/ssl/private/lighttpd.pem"
#
# or
#
#ssl.privkey = "/etc/ssl/private/privkey.pem"
#ssl.pemfile = "/etc/ssl/private/cert.pem"

##
## optionally pass the CA certificate here.
##
##
#ssl.ca-file = ""

##
## and the CRL revocation list here.
##
##
#ssl.ca-crl-file = ""

##
#######################################################################

#######################################################################
##
## custom includes like vhosts.
##
#include "conf.d/config.conf"
#include "/etc/lighttpd/vhosts.d/*.conf"
##
#######################################################################
2
TheUnreal

実行することで解決

firewall-cmd --permanent --add-service=http
success
[root@myvps~]# firewall-cmd --reload
success

ウェブ上のどこかで見つけました。

1
TheUnreal