Problem with Unix socket. Onion service and lighttpd

Hi All,

i am having a problem with setting up Onion service using Unix socket with lighttpd.

My ‘torrc’ file:

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 unix:/tmp/test.sock

My lighttpd.conf:

server.modules = (
	"mod_indexfile",
	"mod_access",
	"mod_alias",
 	"mod_redirect",
)

server.document-root        = "/var/www/html"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80
server.bind                 = "/tmp/test.sock"

# features
#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
server.feature-flags       += ("server.h2proto" => "enable")
server.feature-flags       += ("server.h2c"     => "enable")
server.feature-flags       += ("server.graceful-shutdown-timeout" => 5)
#server.feature-flags       += ("server.graceful-restart-bg" => "enable")

# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
#  if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
  "header-strict"           => "enable",# default
  "host-strict"             => "enable",# default
  "host-normalize"          => "enable",# default
  "url-normalize-unreserved"=> "enable",# recommended highly
  "url-normalize-required"  => "enable",# recommended
  "url-ctrls-reject"        => "enable",# recommended
  "url-path-2f-decode"      => "enable",# recommended highly (unless breaks app)
 #"url-path-2f-reject"      => "enable",
  "url-path-dotseg-remove"  => "enable",# recommended highly (unless breaks app)
 #"url-path-dotseg-reject"  => "enable",
 #"url-query-20-plus"       => "enable",# consistency in query string
)

index-file.names            = ( "index.php", "index.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"

#server.compat-module-load   = "disable"
server.modules += (
	"mod_dirlisting",
	"mod_staticfile",
)

I am using Raspberry Pi 4B. Raspberry Pi OS bullseye 64 bit, up to date. The problem is that page cannot be displayed however it work fine when I revert both configs to TCP 80.

What I am doing wrong? Obviously I am missing something. How can I start troubleshooting?

hello, are you still having problems? or have you managed to fix it?

If the configuring via socket doesn’t worked then try to first bind to a localhost port 127.0.0.1. You may find much more documentation on this.

For a basic troubleshooting try to run the lighttpd in a configuration test mode:

lighttpd -t -f /etc/lighttpd/lighttpd.conf

It should say “Syntax OK”

Check logs in /var/log/lighttpd/error.log.

Check some documentation:

• FrequentlyAskedQuestions - Lighttpd - lighty labs
• lighttpd - ArchWiki