Server software

Off-Topic
1

Hey,
I’m looking into setting up forgejo on a vps, to put my webkit repo onto. (and mirrors for haiku and haikuports)

What server software would be recommended? I’m currently running FreeBSD on the VPS and would prefer to keep this, but alternatively I could run alpine linux.

Mostly looking for software that has sane safe defaults, i.e TLS 1.2;1.3 and does not need that much configuration effort, i don’t like having to dig hours through config files to figure out I missed some option so it’s then again running insecurely (mostly mail server drama, ugh).

I’ve looked at cherokee webserver, but this looks to be unmaintained for quite some time. (maybe there is a fork somewhere?)

Other than that I know nginx and apache but those seem on the side of more config effort.

If extensive configuration is unavoidable it would be nice if there was an option with openbsd style sane configuration.

Regards : )

2

I haven’t used it, but what about lighttpd?
config seems pretty simple.

3

One of the emerging web servers over the last couple years is Caddy:

Highlight features

  • Single config file (Caddyfile, TOML, YAML, NGINX, etc.)
  • HTTPS-only for websites (including on localhost)
  • Certification automation
  • Extensive reverse proxy capabilities
  • Built-in file server with static directory browser
4

Personally I use lighttpd. But, running a webserver needs some administration work. If you don’t want to worry about it, you have to find a distro that did the job for you (in that case, for example in Debian you are probably better off with Apache, most web things packaged in Debian will include config files for it, which I have to étranslate" to lighttpd in the end), or you can use preconfigured Docker images.

The simpler http servers will just drive you into “no, you can’tdo that at all with this server” and your installation being suboptimal or unsecure. Also, yes, Apache may have a lot of options, but you can be sure that all projects will include a sample configuration for it. If you use some obscure thing no one cares about, you are on your own. And so, yes, maybe in absolute terms it’s simpler, but that’s not necessarily helpful.

Maybe you should also ask the Codeberg people what they support and recommend?

5

I’m fine with administrative work, just not with config files that have terrible defaults and then hit you over the head and go “haha you are stupid for not turning this on!”

One particular nasty example i had was postfix, despite some security features for my outwards going mail would simply ignore it for the incoming one, because the option was three pages down and named differently.
Perhaps web browsers are less bad in their defaults though :slight_smile:

As to forgejo recomendations it seems nginx, apache and caddy are on their list Reverse proxy | Forgejo – Beyond coding. We forge.

6

Lighttpd is really simple to configure and setup and it has most of the features I need.
I used it many years to run my Matrix servers.
For a Forgejo instance,I guess it should provide all the necessary features as well.
I also use Nginx on some bigger servers where dozens of things run on the same machine.
The configuration is really a bit tricky in my opinion,but still easy if you compare it with Apache.
Nginx has a lot more config options compared to Lighttpd,but also some more features,of which I don’t know if you’ll need them if you only want to run Forgejo - Probably not.
By the way,both Lighttpd and Nginx run on FreeBSD servers here,and it’s the best Server OS I’ve seen so far :+1: