Go back

Httpd : the most simple and fast way to setup an http server with OpenBSD. (in a few minutes ....)

April 2026

Sources :
 https://man.openbsd.org/httpd
 https://www.openbsd.org

I need a http server to host some web site at home for testing and development. Apache is a really nice web server but the configuration file can be really long. Nginx is really nice to, but httpd is natively available in OpenBSD, no need to install any packages or other depandances, no script, no ansible, just enable and start.

Only one config file and a few line to get a functionnal web server ! Really nice, less than 5 minutes.

We need OpenBSD, and that's all, httpd is directly availbable in OpenBSD.

Nothing everything is already there. Httpd is available by default.

under directory /etc as root (with doas) create a simple file named httpd.conf and add this 6 lines

Configuration file exemple :
 server "home.ho" {
  root "/htdocs/dj"
  log access "home-access"
  log error "home-error"
  listen on * port 80
}
This config create a web server listening on port 80.

Under directory /var/www/htdocs/ add a new directory for the html files
something like home.

/var/www/htdocs/home

Add a simple index.html

Enable httpd with rcctl command : rcctl enable httpd

before starting httpd just run a check to be sure the httpd.conf file is correct, with this command :

 websrv# httpd -n
 configuration OK

start http with this command :
 rcctl start httpd

with a web browser check you index.html page.

 NOTE : Make sure to add an domain name entry and a reverse for your local dns resolver or cache dns.
 something this (this is syntax for unbound) :
 local-data: "home.ho. IN A xxx.xxx.xxx.xxx"
 local-data-ptr: "xxx.xxx.xxx.xxx home.ho"

You can easily adapt this to use a ssl certificate with let'sencrypt. This required a valid domain name for your server, firewall configuration to forward http request to your httpd server or you can use a self signed certificate.

The configuration for httpd as just a few more directive and lines. All http request are redirected to https

Something like this :  server "yourdomainname.ca" {
 listen on * port 80
 root "/htdocs/yourdomainname"
 log access "yourdomainname-access"
 log error "yourdomainname-error"
 location "/.well-known/acme-challenge/*" {
  root "/acme"
  request strip 2
 }
 location * {
  block return 301 "https://$HTTP_HOST$REQUEST_URI"
 }
 }
 server "yourdomainname.ca" {
 listen on * tls port 443
 root "/htdocs/yourdomainname"
 log access "yourdomainname-access"
 log error "yourdomainname-error"
 tls {
 certificate "/etc/ssl/yourdomainname.ca.fullchain.pem"
 key "/etc/ssl/private/yourdomainname.ca.key"
 }
 location "/.well-known/acme-challenge/*" {
  root "/acme"
  request strip 2
 }
 }

You can easily build a small Ansible playbook to build all of this and store your httpd config files
in your local git. You can easily automated the update of the ssl certificate with acme-client
and /etc/daily

But the point here is to get an http server ready in a few minutes with an existing OpenBSD server, no git no ansible playbook, no need to add any packages.