2021-01-17 16:37:47 +03:00
|
|
|
# darkhttpd
|
|
|
|
|
|
|
|
https://unix4lyfe.org/darkhttpd/
|
|
|
|
|
|
|
|
When you need a web server in a hurry.
|
|
|
|
|
|
|
|
Features:
|
2021-04-08 04:32:56 +03:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
* Simple to set up:
|
|
|
|
* Single binary, no other files, no installation needed.
|
|
|
|
* Standalone, doesn't need `inetd` or `ucspi-tcp`.
|
|
|
|
* No messing around with config files - all you have to specify is the `www` root.
|
|
|
|
* Written in C - efficient and portable.
|
|
|
|
* Small memory footprint.
|
|
|
|
* Event loop, single threaded - no fork() or pthreads.
|
|
|
|
* Generates directory listings.
|
|
|
|
* Supports HTTP GET and HEAD requests.
|
|
|
|
* Supports Range / partial content. (try streaming music files or resuming a download)
|
|
|
|
* Supports If-Modified-Since.
|
|
|
|
* Supports Keep-Alive connections.
|
|
|
|
* Supports IPv6.
|
Custom headers with the CLI option `--header` (#28)
These changes add a command-line option --header, e.g. --header 'Access-Control-Allow-Origin: *'.
Basic tests are included for this option.
When accepting the argument, a very simple sanitization is made, the string is required to contain ": ", and can’t contain a '\n' character. These checks are far from what is required to truly validate a HTTP header, but will at least detect simple mistakes and forbid the abuse of having arguments that include more than one header, or, worse, that include a body for the response (after "\r\n\r\n").
This should also close the Issue #16 and PR #27, I think, since CORS functionality can be obtained by specifying a custom header.
2022-12-06 13:46:52 +03:00
|
|
|
* Support arbitrary custom response headers.
|
2021-01-17 16:37:47 +03:00
|
|
|
* Can serve 301 redirects based on Host header.
|
|
|
|
* Uses sendfile() on FreeBSD, Solaris and Linux.
|
|
|
|
* Can use acceptfilter on FreeBSD.
|
|
|
|
* At some point worked on FreeBSD, Linux, OpenBSD, Solaris.
|
|
|
|
* ISC license.
|
|
|
|
* suckless.org says [darkhttpd sucks less](http://suckless.org/rocks/).
|
2021-04-03 10:08:52 +03:00
|
|
|
* Small Docker image (<100KB)
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
Security:
|
2021-04-08 04:32:56 +03:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
* Can log accesses, including Referer and User-Agent.
|
|
|
|
* Can chroot.
|
|
|
|
* Can drop privileges.
|
|
|
|
* Impervious to `/../` sniffing.
|
|
|
|
* Times out idle connections.
|
|
|
|
* Drops overly long requests.
|
|
|
|
|
|
|
|
Limitations:
|
2021-04-08 04:32:56 +03:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
* Only serves static content - no CGI.
|
|
|
|
|
|
|
|
## How to build darkhttpd
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2006-12-14 13:13:55 +03:00
|
|
|
Simply run make:
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
```
|
|
|
|
make
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2022-10-02 03:56:40 +03:00
|
|
|
If `cc` is not on your `PATH` as an alias to your C compiler, you may need to specify it. For example,
|
|
|
|
|
|
|
|
```
|
|
|
|
CC=gcc make
|
|
|
|
```
|
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
## How to run darkhttpd
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2013-06-10 12:59:55 +04:00
|
|
|
Serve /var/www/htdocs on the default port (80 if running as root, else 8080):
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs
|
|
|
|
```
|
|
|
|
|
|
|
|
Serve `~/public_html` on port 8081:
|
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd ~/public_html --port 8081
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Only bind to one IP address (useful on multi-homed systems):
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd ~/public_html --addr 192.168.0.1
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Serve at most 4 simultaneous connections:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd ~/public_html --maxconn 4
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Log accesses to a file:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd ~/public_html --log access.log
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2006-07-21 11:17:04 +04:00
|
|
|
Chroot for extra security (you need root privs for chroot):
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --chroot
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Use default.htm instead of index.html:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --index default.htm
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Add mimetypes - in this case, serve .dat files as text/plain:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
$ cat extramime
|
|
|
|
text/plain dat
|
|
|
|
$ ./darkhttpd /var/www/htdocs --mimetypes extramime
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Drop privileges:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --uid www --gid www
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
|
|
|
Use acceptfilter (FreeBSD only):
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
kldload accf_http
|
|
|
|
./darkhttpd /var/www/htdocs --accf
|
|
|
|
```
|
2003-11-30 16:22:04 +03:00
|
|
|
|
2006-07-21 13:24:47 +04:00
|
|
|
Run in the background and create a pidfile:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --pidfile /var/run/httpd.pid --daemon
|
|
|
|
```
|
2006-07-21 13:24:47 +04:00
|
|
|
|
2013-04-20 14:05:27 +04:00
|
|
|
Web forward (301) requests for some hosts:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --forward example.com http://www.example.com \
|
|
|
|
--forward secure.example.com https://www.example.com/secure
|
|
|
|
```
|
2013-04-20 14:05:27 +04:00
|
|
|
|
2014-03-14 15:36:37 +04:00
|
|
|
Web forward (301) requests for all hosts:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --forward example.com http://www.example.com \
|
|
|
|
--forward-all http://catchall.example.com
|
|
|
|
```
|
2014-03-14 15:36:37 +04:00
|
|
|
|
Custom headers with the CLI option `--header` (#28)
These changes add a command-line option --header, e.g. --header 'Access-Control-Allow-Origin: *'.
Basic tests are included for this option.
When accepting the argument, a very simple sanitization is made, the string is required to contain ": ", and can’t contain a '\n' character. These checks are far from what is required to truly validate a HTTP header, but will at least detect simple mistakes and forbid the abuse of having arguments that include more than one header, or, worse, that include a body for the response (after "\r\n\r\n").
This should also close the Issue #16 and PR #27, I think, since CORS functionality can be obtained by specifying a custom header.
2022-12-06 13:46:52 +03:00
|
|
|
Arbitrary custom response headers (in this case, allow all cross-origin
|
|
|
|
requests):
|
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd /var/www/htdocs --header 'Access-Control-Allow-Origin: *'
|
|
|
|
```
|
|
|
|
|
2003-12-13 17:09:05 +03:00
|
|
|
Commandline options can be combined:
|
2021-01-17 16:37:47 +03:00
|
|
|
|
|
|
|
```
|
|
|
|
./darkhttpd ~/public_html --port 8080 --addr 127.0.0.1
|
|
|
|
```
|
2006-12-14 13:13:55 +03:00
|
|
|
|
|
|
|
To see a full list of commandline options,
|
|
|
|
run darkhttpd without any arguments:
|
2014-03-14 15:36:37 +04:00
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
```
|
|
|
|
./darkhttpd
|
|
|
|
```
|
|
|
|
|
2021-04-03 10:08:52 +03:00
|
|
|
## How to run darkhttpd in Docker
|
|
|
|
|
|
|
|
First, build the image.
|
|
|
|
```
|
|
|
|
docker build -t darkhttpd .
|
|
|
|
```
|
|
|
|
Then run using volumes for the served files and port mapping for access.
|
|
|
|
|
|
|
|
For example, the following would serve files from the current user's dev/mywebsite directory on http://localhost:8080/
|
|
|
|
```
|
|
|
|
docker run -p 8080:80 -v ~/dev/mywebsite:/var/www/htdocs:ro darkhttpd
|
|
|
|
```
|
|
|
|
|
2021-01-17 16:37:47 +03:00
|
|
|
Enjoy.
|