uhttpd: rename certificate defaults section

[openwrt/openwrt.git] / package / network / services / uhttpd / files / uhttpd.config

diff --git a/package/network/services/uhttpd/files/uhttpd.config b/package/network/services/uhttpd/files/uhttpd.config
index b33411e970da1309e4b8bb25b7b15ec4c45c4825..fab516051433821e2837e57da90eba8f29a7ad4d 100644 (file)
--- a/package/network/services/uhttpd/files/uhttpd.config
+++ b/package/network/services/uhttpd/files/uhttpd.config
@@ -3,11 +3,14 @@ config uhttpd main
 
        # HTTP listen addresses, multiple allowed
        list listen_http        0.0.0.0:80
-#      list listen_http        [::]:80
+       list listen_http        [::]:80
 
        # HTTPS listen addresses, multiple allowed
        list listen_https       0.0.0.0:443
-#      list listen_https       [::]:443
+       list listen_https       [::]:443
+
+       # Redirect HTTP requests to HTTPS if possible
+       option redirect_https   1
 
        # Server document root
        option home             /www
@@ -23,6 +26,12 @@ config uhttpd main
        # below the limit again.
        option max_requests 3
 
+       # Maximum number of concurrent connections.
+       # If this number is exceeded, further TCP connection
+       # attempts are queued until the number of active
+       # connections drops below the limit again.
+       option max_connections 100
+
        # Certificate and private key for HTTPS.
        # If no listen_https addresses are given,
        # the key options are ignored.
@@ -45,6 +54,10 @@ config uhttpd main
 #      option lua_prefix       /luci
 #      option lua_handler      /usr/lib/lua/luci/sgi/uhttpd.lua
 
+       # Specify the ubus-rpc prefix and socket path.
+#      option ubus_prefix      /ubus
+#      option ubus_socket      /var/run/ubus.sock
+
        # CGI/Lua timeout, if the called script does not
        # write data within the given amount of seconds,
        # the server will terminate the request with
@@ -57,6 +70,11 @@ config uhttpd main
        # request process.
        option network_timeout  30
 
+       # HTTP Keep-Alive, specifies the timeout for persistent
+       # HTTP/1.1 connections. Setting this to 0 will disable
+       # persistent HTTP connections.
+       option http_keepalive   20
+
        # TCP Keep-Alive, send periodic keep-alive probes
        # over established connections to detect dead peers.
        # The value is given in seconds to specify the
@@ -65,25 +83,40 @@ config uhttpd main
        option tcp_keepalive    1
 
        # Basic auth realm, defaults to local hostname
-#      option realm    OpenWrt
+#      option realm    Lede
 
        # Configuration file in busybox httpd format
 #      option config   /etc/httpd.conf
 
+       # Do not follow symlinks that point outside of the
+       # home directory.
+#      option no_symlinks      0
+
+       # Do not produce directory listings but send 403
+       # instead if a client requests an url pointing to
+       # a directory without any index file.
+#      option no_dirlists      0
+
+       # Do not authenticate any ubus-rpc requests against
+       # the ubus session/access procedure.
+       # This is dangerous and should be always left off
+       # except for development and debug purposes!
+#      option no_ubusauth      0
+
 
-# Certificate defaults for px5g key generator
-config cert px5g
+# Defaults for automatic certificate and key generation
+config cert defaults
 
        # Validity time
        option days             730
 
        # RSA key size
-       option bits             1024
+       option bits             2048
 
        # Location
-       option country          DE
-       option state            Berlin
-       option location         Berlin
+       option country          ZZ
+       option state            Somewhere
+       option location         Unknown
 
        # Common name
-       option commonname       OpenWrt
+       option commonname       '%D'