NOTE: This documentation is obsolete. We have migrated all use of static webserving and backend loadbalancing to nginx, considering that it is a part of stock OpenBSD 5.3+ installations, and nginx supplies a strict superset of thttpd and haproxy.

This document is for historical reference only.

Creating a thttpd webserver

We understand that needs of website owners are different. For some (like us), keeping it simple is key. Others enjoy a more feature rich environment. We have therefor installed two clusters of webservers on our backends. One runs apache (described here) and the other runs thttpd, described in this setup document.

There are benefits from an administration point of view to thttpd. It is generally faster, easier to deploy, and has a minimal configuration and machine footprint, and its use generally forces website owners to be stateless, that is to say easily replicatable to multiple thttpd backend webservers. This creates a much higher availability because we can tolerate any webserver failing.

Incidentally, we bind port 1080 on the thttpd server. This is okay, because it is not going to be serving traffic directly! It will be a backend to the HA Proxy servers (and they of course do listen to port 80).

A1) Using OpenBSD

1. Install needed ports (packages)

sudo su -
export PKG_PATH=`uname -r`/packages/`uname -m`/
pkg_add -vr thttpd
mkdir -p /etc/thttpd /paphosting/thttpd
chown -R paphosting:paphosting /etc/thttpd /paphosting/thttpd
echo '/var/log/thttpd.log\t\t\t644  5     250  *     Z "pkill -HUP -u paphosting -U paphosting -t - -x thttpd"' >> /etc/newsyslog.conf

2. Put haproxy in rc{.conf,}.local

sudo su -
cat << EOF >> /etc/rc.local
if [ X"${thttpd}" = X"YES" -a -x /usr/local/sbin/thttpd ]; then
        /usr/local/sbin/thttpd -C /etc/thttpd/thttpd.conf \
          -i /var/run/
        echo -n ' thttpd'
echo thttpd=\"YES\" >> /etc/rc.conf.local

A2) Using Ubuntu

1. Install needed packages

sudo su -
apt-get install thttpd
mkdir -p /etc/thttpd /paphosting/thttpd
chown -R paphosting:paphosting /etc/thttpd /paphosting/thttpd
mkdir -p /usr/local/sbin
ln -sf /usr/sbin/thttpd /usr/local/sbin/thttpd

B) Configuring papthttpd

1. Add the machine to config/thttpd.hosts

On your client, add the hostname (any hostname or IPv4 or IPv6 address to which you can connect on the ssh port:
svn update
echo ${HOSTNAME} >> config/thttpd.hosts
svn commit config/thttpd.hosts

2. Ensure you can SSH into the machine as paphosting

From your client, try to SSH as paphosting into the machine. Once you're there, you should make sure that the paphosting user can start the thttpd and run the thttpd_reload script as root:
sudo su -
cat << EOF >> /etc/sudoers
paphosting ALL = NOPASSWD: /usr/local/sbin/thttpd
paphosting ALL = NOPASSWD: /usr/local/sbin/thttpd_reload
You should now be able to run sudo /usr/local/sbin/thttpd_reload as the paphosting user to HUP the running thttpd.

3. Force a push of the thttpd sites and configs

On your client, try to do a thttpd push
scripts/ -v -n
# If this looks good, then:
scripts/ -f

4. Check to make sure it works

You can now use the machine to serve sites (by putting this machine in the haproxy backends list, assuming of course that you have verified it actually works, something like:
curl --fail -I -H "Host:" ${HOSTNAME}:1080
[ $? -eq 22 ] && echo "Oops, this failed!!"
You can also hack in /etc/hosts but please make sure to clean up the override when you're done!

EOF :)