Do you know that NetBSD has a simple web server pre-installed called Bozotic? It is very simple, so simple that it can be configured with just a single command line, and quite useful to serve file lists or static web pages. Like this blog.
Supposing that you has a valid domain certificate, be using let’s encrypt of something else, who creating and validating is beyond the scope of this tutorial, all that needs to be done is:
/usr/libexec/httpd -b -H -X -Z /home/quack/certs/domain_cert.crt /home/quack/certs/private.key -z ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 /var/www
And that’s it.
To stop if, just kill the service:
Domain# pgrep httpd
19546
Domain# kill 19546
To start on boot, edit /etc/rc.conf with that below:
httpd=YES
httpd_flags="-b -H -X -Z /home/quack/certs/domain_cert.crt /home/quack/certs/private.key -z ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
The /var/www folder is included by the initialization script itself.
Now you are ready to use your mini server as a simple file mirror or to serve static web pages (just taking out the “-X” from the options above). For really simple applications, it’s more convenient than Apache or NGIX.