Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
91 lines (57 sloc) 2.31 KB

Using OpenBSD httpd as proxy

Starting from version 5.7 OpenBSD includes a minimal (truly minimal) web server with FastCGI support

(http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/httpd.8?query=httpd&sec=8)

The first step to enable it is writing its configuration file `/etc/httpd.conf`

server "default" {
    listen on 0.0.0.0 port 80

    fastcgi socket ":3031"
}

then enable and start it with the `rcctl` tool:

rcctl enable httpd
rcctl start httpd

this minimal configuration will spawn a chrooted webserver on port 80, running as user 'www' and forwarding every request to the address 127.0.0.1:3031 using the FastCGI protocol.

Now you only need to spawn uWSGI on the FastCGI address:

[uwsgi]
fastcgi-socket = 127.0.0.1:3031
; a simple python app (eventually remember to load the python plugin)
wsgi-file = app.py

you can obviously use uWSGI as a full-featured CGI server (well, effectively it has way more features than every cgi server out there :P), just remember to force the modifier1 to the '9' one:

[uwsgi]
fastcgi-socket = 127.0.0.1:3031
fastcgi-modifier1 = 9
; a simple cgi-bin directory (eventually remember to load the cgi plugin)
cgi = /var/www/cgi-bin

now you can place your cgi scripts in /var/www/cgi-bin (remember to give them the executable permission)

You can use UNIX domain sockets too, just remember the httpd servers runs chrooted in /var/www so you have to bind uWSGI sockets in a dir under it:

[uwsgi]
fastcgi-socket = /var/www/run/uwsgi.socket
fastcgi-modifier1 = 9
; a simple cgi-bin directory
cgi = /var/www/cgi-bin
server "default" {
    listen on 0.0.0.0 port 80

    fastcgi socket "/run/uwsgi.socket"
}

If you want to forward only specific paths to uWSGI, you can use a location directive:

server "default" {
    listen on 0.0.0.0 port 80

    location "/foo/*" {
        fastcgi socket ":3031"
    }

    location "/cgi-bin/*" {
        fastcgi socket ":3032"
    }
}

Notes

Currently (may 2015) httpd can connect only to tcp fastcgi sockets bound on address 127.0.0.1 and to unix domain sockets