/var/lib/containers/volumes/pihole/etc-lighttpd/external.conf (1)

From RaySoft
# ------------------------------------------------------------------------------
# external.conf
# =============
#
# Project   Replace Docker by Podman (Pi-hole)
# Scope     Linux
# Copyright (C) 2024 by RaySoft, Zurich, Switzerland
# License   GNU General Public License (GPL) 2.0
#           https://www.gnu.org/licenses/gpl2.txt
#
# ------------------------------------------------------------------------------

# Load the OpenSSL module
server.modules += ("mod_openssl")

$HTTP["host"] == "arsenic.raysoft.loc" {
  # Ensure the Pi-hole Block Page knows that this is not a blocked domain
  setenv.add-environment = ("fqdn" => "true")

  # Enable the SSL engine with a cert, only for this specific host
  $SERVER["socket"] == ":443" {
    ssl.engine = "enable"
    ssl.pemfile = "/etc/lighttpd/cert/cert.pem"
    ssl.ca-file =  "/etc/lighttpd/cert/rootchain.pem"
    ssl.openssl.ssl-conf-cmd = (
      "MinProtocol" => "TLSv1.2",
      "CipherString" => "EECDH+AESGCM:AES256+EECDH:CHACHA20",
      "Options" => "-ServerPreference",
    )
  }

  # Redirect HTTP to HTTPS
  $HTTP["scheme"] == "http" {
    url.redirect = ("" => "https://${url.authority}${url.path}${qsa}")
  }
}

Usage

See Pi-hole Howto

Retrieved from "https://www.raysoft.ch/w/index.php?title=/var/lib/containers/volumes/pihole/etc-lighttpd/external.conf_(1)&oldid=44227"