The web server is a simple process that is launched from xinetd. For each incoming connection on port 80, xinetd kicks off a copy of the program /usr/local/bin/althttpd. The source code for this program is at /usr/local/src/althttpd.c. The program was compiled like this:
sudo gcc -Os -o /usr/local/bin/althttpd althttpd.c
The web-server is run as root, but before doing anything else, it immediately places itself in a chroot jail at /home/www and drops root privileges; becoming user "www".
If the incoming request is against "core.tcl.tk" then the content to be serveed is found in /home/www/core_tcl_tk.website. The algorithm is that special characters in the hostname are converted into "_" and ".website" is appended. If another domain "a.b.c" is made to point to the same IP address, its content will be found in "a_b_c.website". If the appropriate *.website subdirectory cannot be found, then "default.website" is used. The "default.website" is currently a symbolic link pointing to "core_tcl_tk.website".
Content files with execute permission are run as CGI. Content files without execute permission are returned as static content. The mimetype of static content is based on its suffix.
When developing CGI scripts, remember that everything is running in chroot jail at /home/www. Hence, to run /home/www/usr/bin/fossil you would actually specify /usr/bin/fossil. There are no shared libraries installed in the chroot jail so any binaries you create there must be statically linked.
Fossil repositories are kept in the /home/www/fossil directory. CGI scripts refer to those repositories as necessary.
Web server logs accumulate in /http/www/logs/http.log. This log should be rotated manually when it reaches a gigabyte or so in size.