Commit f46ef21400fa104ed9a1f41f7d389ea002f5a4fc
Adding Caddy server
Rômulo Alves committed on 4/6/2017, 11:29:29 PMParent: 9463914bacee0c5f97d3a89696bf64a3fe3c2e0b
Files changed
gulpfile.js | ||
---|---|---|
@@ -14,8 +14,8 @@ | ||
14 | 14 | })) |
15 | 15 | .pipe(gulp.dest('dist/'))) |
16 | 16 | |
17 | 17 | gulp.task('copy', () => |
18 | - gulp.src('./src/favicon.png') | |
18 | + gulp.src(['./src/favicon.png', './src/Dockerfile', './src/Caddyfile', './caddy/**/*']) | |
19 | 19 | .pipe(gulp.dest('dist/'))) |
20 | 20 | |
21 | 21 | gulp.task('default', ['usemin', 'copy']) |
src/index.html | ||
---|---|---|
@@ -34,9 +34,9 @@ | ||
34 | 34 | |
35 | 35 | </a> |
36 | 36 | </li> |
37 | 37 | <li class="no-margin-right"> |
38 | - <a href="https://blog.romuloalv.es" title="blog" target="_blank"> | |
38 | + <a href="https://medium.com/@romuloalves" title="blog" target="_blank"> | |
39 | 39 | Blog |
40 | 40 | </a> |
41 | 41 | </li> |
42 | 42 | </ul> |
src/Caddyfile | ||
---|---|---|
@@ -1,0 +1,6 @@ | ||
1 | +romuloalv.es, www.romuloalv.es, romulo.pro, www.romulo.pro { | |
2 | + tls me@romuloalv.es | |
3 | + | |
4 | + gzip | |
5 | + ext .html | |
6 | +} |
src/Dockerfile | ||
---|---|---|
@@ -1,0 +1,10 @@ | ||
1 | +FROM alpine | |
2 | + | |
3 | +RUN apk --no-cache add curl | |
4 | + | |
5 | +COPY * / | |
6 | + | |
7 | +EXPOSE 80 | |
8 | +EXPOSE 443 | |
9 | + | |
10 | +CMD ["./caddy", "-conf=/Caddyfile", "-agree"] |
caddy/caddy | ||
---|---|---|
The diff is too large to show. Use a local git client to view these changes. Old file size: 0 bytes New file size: 15616331 bytes |
caddy/init/README.md | ||
---|---|---|
@@ -1,0 +1,28 @@ | ||
1 | +Init/Service Scripts | |
2 | +==================== | |
3 | + | |
4 | +This folder contains init/service scripts for using Caddy on various Linux and BSD distributions. They are created and maintained by the community. | |
5 | + | |
6 | +## Getting Help | |
7 | + | |
8 | +Different scripts have different maintainers; please consult the comments in the file and any README for assistance setting it up. Do not open an issue on the Caddy project about these scripts; instead, to ask a question or suggest a change, please contact the maintainer of the script directly. | |
9 | + | |
10 | +## Disclaimer | |
11 | + | |
12 | +The files contained herein are not officially supported by the Caddy project author and/or contributors, and as such, the files are not endorsed by the same. The Caddy project author and its contributors are not responsible for the function or malfunction of these scripts/files, or any unintended consequences to your system or website in attempting to set up Caddy. Users are expected to know how to administer their system, and these files should be considered as only a guide or suggestion for using Caddy in certain environments. | |
13 | + | |
14 | +## Guidelines | |
15 | + | |
16 | +The files distributed here should adhere to these principles where relevant (adjust accordingly for each system/platform): | |
17 | + | |
18 | +- Don't run as root. | |
19 | +- Create a no-shell default user to run it. | |
20 | +- Raise file descriptor limits. | |
21 | +- Don't restart endlessly; if Caddy fails to start, there's a reason -- fix it, don't hammer it. | |
22 | +- Allow Caddy to re-use the same, persistent folder for storage. | |
23 | +- Stay as simple and minimal as possible. | |
24 | +- Be idempotent. | |
25 | +- Use comments to explain unexpected or unusual lines/patterns. | |
26 | +- Be secure by default. | |
27 | + | |
28 | +Thank you for using Caddy! May it serve you well. |
caddy/init/freebsd/caddy | ||
---|---|---|
@@ -1,0 +1,83 @@ | ||
1 | +#!/bin/sh | |
2 | +# | |
3 | +# PROVIDE: caddy | |
4 | +# REQUIRE: networking | |
5 | +# KEYWORD: shutdown | |
6 | + | |
7 | +# | |
8 | +# Add the following lines to /etc/rc.conf to enable caddy: | |
9 | +# caddy_enable (bool): Set to "NO" by default. | |
10 | +# Set it to "YES" to enable caddy | |
11 | +# | |
12 | +# caddy_cert_email (str): Set to "" by default. | |
13 | +# Defines the SSL certificate issuer email. By providing an | |
14 | +# email address you automatically agree to letsencrypt.org's | |
15 | +# general terms and conditions | |
16 | +# | |
17 | +# caddy_bin_path (str): Set to "/usr/local/bin/caddy" by default. | |
18 | +# Provides the path to the caddy server executable | |
19 | +# | |
20 | +# caddy_cpu (str): Set to "99%" by default. | |
21 | +# Configures, how much CPU capacity caddy may gain | |
22 | +# | |
23 | +# caddy_config_path (str): Set to "/usr/local/www/Caddyfile" by default. | |
24 | +# Defines the path for the configuration file caddy will load on boot | |
25 | +# | |
26 | +# caddy_run_user (str): Set to "root" by default. | |
27 | +# Defines the user that caddy will run on | |
28 | +# | |
29 | + | |
30 | +. /etc/rc.subr | |
31 | + | |
32 | +name="caddy" | |
33 | +rcvar="${name}_enable" | |
34 | + | |
35 | +load_rc_config $name | |
36 | +: ${caddy_enable:=no} | |
37 | +: ${caddy_cert_email=""} | |
38 | +: ${caddy_bin_path="/usr/local/bin/caddy"} | |
39 | +: ${caddy_cpu="99%"} # was a bug for me that caused a crash within jails | |
40 | +: ${caddy_config_path="/usr/local/www/Caddyfile"} | |
41 | +: ${caddy_run_user="root"} | |
42 | + | |
43 | +if [ "$caddy_cert_email" = "" ] | |
44 | +then | |
45 | + echo "rc variable \$caddy_cert_email is not set. Please provide a valid SSL certificate issuer email." | |
46 | + exit 1 | |
47 | +fi | |
48 | + | |
49 | +pidfile="/var/run/caddy.pid" | |
50 | +logfile="/var/log/caddy.log" | |
51 | + | |
52 | +command="${caddy_bin_path} -log ${logfile} -cpu ${caddy_cpu} -conf ${caddy_config_path} -agree -email ${caddy_cert_email}" | |
53 | + | |
54 | +start_cmd="caddy_start" | |
55 | +status_cmd="caddy_status" | |
56 | +stop_cmd="caddy_stop" | |
57 | + | |
58 | +caddy_start() { | |
59 | + echo "Starting ${name}..." | |
60 | + /usr/sbin/daemon -u ${caddy_run_user} -c -p ${pidfile} -f ${command} | |
61 | +} | |
62 | + | |
63 | +caddy_status() { | |
64 | + if [ -f ${pidfile} ]; then | |
65 | + echo "${name} is running as $(cat $pidfile)." | |
66 | + else | |
67 | + echo "${name} is not running." | |
68 | + return 1 | |
69 | + fi | |
70 | +} | |
71 | + | |
72 | +caddy_stop() { | |
73 | + if [ ! -f ${pidfile} ]; then | |
74 | + echo "${name} is not running." | |
75 | + return 1 | |
76 | + fi | |
77 | + | |
78 | + echo -n "Stopping ${name}..." | |
79 | + kill -KILL $(cat $pidfile) 2> /dev/null && echo "stopped" | |
80 | + rm -f ${pidfile} | |
81 | +} | |
82 | + | |
83 | +run_rc_command "$1" |
caddy/init/linux-systemd/README.md | ||
---|---|---|
@@ -1,0 +1,128 @@ | ||
1 | +# systemd Service Unit for Caddy | |
2 | + | |
3 | +Please do not hesitate to ask on | |
4 | +[caddyserver/support](https://gitter.im/caddyserver/support) | |
5 | +if you have any questions. Feel free to prepend to your question | |
6 | +the username of whoever touched the file most recently, for example | |
7 | +`@wmark re systemd: …`. | |
8 | + | |
9 | +The provided file should work with systemd version 219 or later. It might work with earlier versions. | |
10 | +The easiest way to check your systemd version is to look at the version of the installed package | |
11 | +(e.g. 'sudo yum info systemd' on RedHat/Fedora systems). | |
12 | + | |
13 | +## Instructions | |
14 | + | |
15 | +We will assume the following: | |
16 | + | |
17 | +* that you want to run caddy as user `www-data` and group `www-data`, with UID and GID 33 | |
18 | +* you are working from a non-root user account that can use 'sudo' to execute commands as root | |
19 | + | |
20 | +Adjust as necessary or according to your preferences. | |
21 | + | |
22 | +First, put the caddy binary in the system wide binary directory and give it | |
23 | +appropriate ownership and permissions: | |
24 | + | |
25 | +```bash | |
26 | +sudo cp /path/to/caddy /usr/local/bin | |
27 | +sudo chown root:root /usr/local/bin/caddy | |
28 | +sudo chmod 755 /usr/local/bin/caddy | |
29 | +``` | |
30 | + | |
31 | +Give the caddy binary the ability to bind to privileged ports (e.g. 80, 443) as a non-root user: | |
32 | + | |
33 | +```bash | |
34 | +sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy | |
35 | +``` | |
36 | + | |
37 | +Set up the user, group, and directories that will be needed: | |
38 | + | |
39 | +```bash | |
40 | +sudo groupadd -g 33 www-data | |
41 | +sudo useradd \ | |
42 | + -g www-data --no-user-group \ | |
43 | + --home-dir /var/www --no-create-home \ | |
44 | + --shell /usr/sbin/nologin \ | |
45 | + --system --uid 33 www-data | |
46 | + | |
47 | +sudo mkdir /etc/caddy | |
48 | +sudo chown -R root:www-data /etc/caddy | |
49 | +sudo mkdir /etc/ssl/caddy | |
50 | +sudo chown -R www-data:root /etc/ssl/caddy | |
51 | +sudo chmod 0770 /etc/ssl/caddy | |
52 | +``` | |
53 | + | |
54 | +Place your caddy configuration file ("Caddyfile") in the proper directory | |
55 | +and give it appropriate ownership and permissions: | |
56 | + | |
57 | +```bash | |
58 | +sudo cp /path/to/Caddyfile /etc/caddy/ | |
59 | +sudo chown www-data:www-data /etc/caddy/Caddyfile | |
60 | +sudo chmod 444 /etc/caddy/Caddyfile | |
61 | +``` | |
62 | + | |
63 | +Create the home directory for the server and give it appropriate ownership | |
64 | +and permissions: | |
65 | + | |
66 | +```bash | |
67 | +sudo mkdir /var/www | |
68 | +sudo chown www-data:www-data /var/www | |
69 | +sudo chmod 555 /var/www | |
70 | +``` | |
71 | + | |
72 | +Let's assume you have the contents of your website in a directory called 'example.com'. | |
73 | +Put your website into place for it to be served by caddy: | |
74 | + | |
75 | +```bash | |
76 | +sudo cp -R example.com /var/www/ | |
77 | +sudo chown -R www-data:www-data /var/www/example.com | |
78 | +sudo chmod -R 555 /var/www/example.com | |
79 | +``` | |
80 | + | |
81 | +You'll need to explicitly configure caddy to serve the site from this location by adding | |
82 | +the following to your Caddyfile if you haven't already: | |
83 | + | |
84 | +``` | |
85 | +example.com { | |
86 | + root /var/www/example.com | |
87 | + ... | |
88 | +} | |
89 | +``` | |
90 | + | |
91 | +Install the systemd service unit configuration file, reload the systemd daemon, | |
92 | +and start caddy: | |
93 | + | |
94 | +```bash | |
95 | +sudo cp caddy.service /etc/systemd/system/ | |
96 | +sudo chown root:root /etc/systemd/system/caddy.service | |
97 | +sudo chmod 744 /etc/systemd/system/caddy.service | |
98 | +sudo systemctl daemon-reload | |
99 | +sudo systemctl start caddy.service | |
100 | +``` | |
101 | + | |
102 | +Have the caddy service start automatically on boot if you like: | |
103 | + | |
104 | +```bash | |
105 | +sudo systemctl enable caddy.service | |
106 | +``` | |
107 | + | |
108 | +If caddy doesn't seem to start properly you can view the log data to help figure out what the problem is: | |
109 | + | |
110 | +```bash | |
111 | +journalctl --boot -u caddy.service | |
112 | +``` | |
113 | + | |
114 | +Use `log stdout` and `errors stderr` in your Caddyfile to fully utilize systemd journaling. | |
115 | + | |
116 | +If your GNU/Linux distribution does not use *journald* with *systemd* then check any logfiles in `/var/log`. | |
117 | + | |
118 | +If you want to follow the latest logs from caddy you can do so like this: | |
119 | + | |
120 | +```bash | |
121 | +journalctl -f -u caddy.service | |
122 | +``` | |
123 | + | |
124 | +You can make other certificates and private key files accessible to the `www-data` user with the following command: | |
125 | + | |
126 | +```bash | |
127 | +setfacl -m user:www-data:r-- /etc/ssl/private/my.key | |
128 | +``` |
caddy/init/linux-systemd/caddy.service | ||
---|---|---|
@@ -1,0 +1,48 @@ | ||
1 | +[Unit] | |
2 | +Description=Caddy HTTP/2 web server | |
3 | +Documentation=https://caddyserver.com/docs | |
4 | +After=network-online.target | |
5 | +Wants=network-online.target systemd-networkd-wait-online.service | |
6 | + | |
7 | +[Service] | |
8 | +Restart=on-failure | |
9 | +StartLimitInterval=86400 | |
10 | +StartLimitBurst=5 | |
11 | + | |
12 | +; User and group the process will run as. | |
13 | +User=www-data | |
14 | +Group=www-data | |
15 | + | |
16 | +; Letsencrypt-issued certificates will be written to this directory. | |
17 | +Environment=CADDYPATH=/etc/ssl/caddy | |
18 | + | |
19 | +; Always set "-root" to something safe in case it gets forgotten in the Caddyfile. | |
20 | +ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp | |
21 | +ExecReload=/bin/kill -USR1 $MAINPID | |
22 | + | |
23 | +; Limit the number of file descriptors; see `man systemd.exec` for more limit settings. | |
24 | +LimitNOFILE=1048576 | |
25 | +; Unmodified caddy is not expected to use more than that. | |
26 | +LimitNPROC=64 | |
27 | + | |
28 | +; Use private /tmp and /var/tmp, which are discarded after caddy stops. | |
29 | +PrivateTmp=true | |
30 | +; Use a minimal /dev | |
31 | +PrivateDevices=true | |
32 | +; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys. | |
33 | +ProtectHome=true | |
34 | +; Make /usr, /boot, /etc and possibly some more folders read-only. | |
35 | +ProtectSystem=full | |
36 | +; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there. | |
37 | +; This merely retains r/w access rights, it does not add any new. Must still be writable on the host! | |
38 | +ReadWriteDirectories=/etc/ssl/caddy | |
39 | + | |
40 | +; The following additional security directives only work with systemd v229 or later. | |
41 | +; They further retrict privileges that can be gained by caddy. Uncomment if you like. | |
42 | +; Note that you may have to add capabilities required by any plugins in use. | |
43 | +;CapabilityBoundingSet=CAP_NET_BIND_SERVICE | |
44 | +;AmbientCapabilities=CAP_NET_BIND_SERVICE | |
45 | +;NoNewPrivileges=true | |
46 | + | |
47 | +[Install] | |
48 | +WantedBy=multi-user.target |
caddy/init/linux-sysvinit/README.md | ||
---|---|---|
@@ -1,0 +1,11 @@ | ||
1 | +SysVinit conf for Caddy | |
2 | +======================= | |
3 | + | |
4 | +Usage | |
5 | +----- | |
6 | + | |
7 | +* Download the appropriate Caddy binary in `/usr/local/bin/caddy` or use `curl https://getcaddy.com | bash`. | |
8 | +* Save the SysVinit config file in `/etc/init.d/caddy`. | |
9 | +* Ensure that the folder `/etc/caddy` exists and that the subfolder `ssl` is owned by `www-data`. | |
10 | +* Create a Caddyfile in `/etc/caddy/Caddyfile` | |
11 | +* Now you can use `service caddy start|stop|restart|reload|status` as `root`. |
caddy/init/linux-sysvinit/caddy | ||
---|---|---|
@@ -1,0 +1,93 @@ | ||
1 | +#!/bin/sh | |
2 | +### BEGIN INIT INFO | |
3 | +# Provides: caddy | |
4 | +# Required-Start: $local_fs $network $named $time $syslog | |
5 | +# Required-Stop: $local_fs $network $named $time $syslog | |
6 | +# Default-Start: 2 3 4 5 | |
7 | +# Default-Stop: 0 1 6 | |
8 | +# Short-Description: starts the caddy web server | |
9 | +# Description: starts caddy using start-stop-daemon | |
10 | +### END INIT INFO | |
11 | + | |
12 | +# Original Author: Frédéric Galusik (fredg) | |
13 | +# Maintainer: Daniel van Dorp (djvdorp) | |
14 | + | |
15 | +DESC="the caddy web server" | |
16 | +NAME=caddy | |
17 | +DAEMON=$(which caddy) | |
18 | + | |
19 | +DAEMONUSER=www-data | |
20 | +PIDFILE=/var/run/$NAME.pid | |
21 | +LOGFILE=/var/log/$NAME.log | |
22 | +CONFIGFILE=/etc/caddy/Caddyfile | |
23 | +DAEMONOPTS="-agree=true -pidfile=$PIDFILE -log=$LOGFILE -conf=$CONFIGFILE" | |
24 | + | |
25 | +USERBIND="setcap cap_net_bind_service=+ep" | |
26 | +STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}" | |
27 | + | |
28 | +test -x $DAEMON || exit 0 | |
29 | + | |
30 | +# Set the CADDYPATH; Let's Encrypt certificates will be written to this directory. | |
31 | +export CADDYPATH=/etc/caddy/ssl | |
32 | + | |
33 | +# Set the ulimits | |
34 | +ulimit -n 8192 | |
35 | + | |
36 | + | |
37 | +start() { | |
38 | + $USERBIND $DAEMON | |
39 | + start-stop-daemon --start --quiet --make-pidfile --pidfile $PIDFILE \ | |
40 | + --background --chuid $DAEMONUSER --oknodo --exec $DAEMON -- $DAEMONOPTS | |
41 | +} | |
42 | + | |
43 | +stop() { | |
44 | + start-stop-daemon --stop --quiet --pidfile $PIDFILE --retry=$STOP_SCHEDULE \ | |
45 | + --name $NAME --oknodo | |
46 | + rm -f $PIDFILE | |
47 | +} | |
48 | + | |
49 | +reload() { | |
50 | + start-stop-daemon --stop --quiet --signal USR1 --pidfile $PIDFILE \ | |
51 | + --name $NAME | |
52 | +} | |
53 | + | |
54 | +status() { | |
55 | + if [ -f $PIDFILE ]; then | |
56 | + if kill -0 $(cat "$PIDFILE"); then | |
57 | + echo "$NAME is running" | |
58 | + else | |
59 | + echo "$NAME process is dead, but pidfile exists" | |
60 | + fi | |
61 | + else | |
62 | + echo "$NAME is not running" | |
63 | + fi | |
64 | +} | |
65 | + | |
66 | +case "$1" in | |
67 | + start) | |
68 | + echo "Starting $NAME" | |
69 | + start | |
70 | + ;; | |
71 | + stop) | |
72 | + echo "Stopping $NAME" | |
73 | + stop | |
74 | + ;; | |
75 | + restart) | |
76 | + echo "Restarting $NAME" | |
77 | + stop | |
78 | + start | |
79 | + ;; | |
80 | + reload) | |
81 | + echo "Reloading $NAME configuration" | |
82 | + reload | |
83 | + ;; | |
84 | + status) | |
85 | + status | |
86 | + ;; | |
87 | + *) | |
88 | + echo "Usage: $0 {start|stop|restart|reload|status}" | |
89 | + exit 2 | |
90 | + ;; | |
91 | +esac | |
92 | + | |
93 | +exit 0 |
caddy/init/linux-upstart/README.md | ||
---|---|---|
@@ -1,0 +1,14 @@ | ||
1 | +Upstart conf for Caddy | |
2 | +===================== | |
3 | + | |
4 | +Usage | |
5 | +----- | |
6 | + | |
7 | +Usage in this blogpost: [Running Caddy Server as a service with Upstart](https://denbeke.be/blog/servers/running-caddy-server-as-a-service/). | |
8 | +Short recap: | |
9 | + | |
10 | +* Download Caddy in `/usr/local/bin/caddy` and execute `sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddy`. | |
11 | +* Save the appropriate upstart config file in `/etc/init/caddy.conf`. | |
12 | +* Ensure that the folder `/etc/caddy` exists and that the subfolder .caddy is owned by `www-data`. | |
13 | +* Create a Caddyfile in `/etc/caddy/Caddyfile`. | |
14 | +* Now you can use `sudo service caddy start|stop|restart`. |
caddy/init/linux-upstart/caddy.conf | ||
---|---|---|
@@ -1,0 +1,25 @@ | ||
1 | +description "Caddy HTTP/2 web server" | |
2 | + | |
3 | +start on runlevel [2345] | |
4 | +stop on runlevel [016] | |
5 | + | |
6 | +console log | |
7 | + | |
8 | +setuid www-data | |
9 | +setgid www-data | |
10 | + | |
11 | +respawn | |
12 | +respawn limit 10 5 | |
13 | + | |
14 | +reload signal SIGUSR1 | |
15 | + | |
16 | +# Let's Encrypt certificates will be written to this directory. | |
17 | +env CADDYPATH=/etc/caddy | |
18 | + | |
19 | +limit nofile 1048576 1048576 | |
20 | + | |
21 | +script | |
22 | + cd /etc/caddy | |
23 | + rootdir="$(mktemp -d -t "caddy-run.XXXXXX")" | |
24 | + exec /usr/local/bin/caddy -agree -log=stdout -conf=/etc/caddy/Caddyfile -root=$rootdir | |
25 | +end script |
caddy/init/linux-upstart/caddy.conf.centos-6 | ||
---|---|---|
@@ -1,0 +1,28 @@ | ||
1 | +description "Caddy HTTP/2 web server" | |
2 | + | |
3 | +start on runlevel [2345] | |
4 | +stop on runlevel [016] | |
5 | + | |
6 | +# centos 6 upstart version does not support console | |
7 | +console log | |
8 | + | |
9 | +# centos 6 upstart version does not support setuid/setgid | |
10 | +setuid www-data | |
11 | +setgid www-data | |
12 | + | |
13 | +respawn | |
14 | +respawn limit 10 5 | |
15 | + | |
16 | +# centos 6 upstart version does not support reload | |
17 | +reload signal SIGUSR1 | |
18 | + | |
19 | +# Let's Encrypt certificates will be written to this directory. | |
20 | +env CADDYPATH=/etc/caddy | |
21 | + | |
22 | +limit nofile 1048576 1048576 | |
23 | + | |
24 | +script | |
25 | + cd /etc/caddy | |
26 | + rootdir="$(mktemp -d -t "caddy-run.XXXXXX")" | |
27 | + exec /usr/local/bin/caddy -agree -log=stdout -conf=/etc/caddy/Caddyfile -root=$rootdir | |
28 | +end script |
caddy/init/linux-upstart/caddy.conf.ubuntu-12.04 | ||
---|---|---|
@@ -1,0 +1,26 @@ | ||
1 | +description "Caddy HTTP/2 web server" | |
2 | + | |
3 | +start on runlevel [2345] | |
4 | +stop on runlevel [016] | |
5 | + | |
6 | +console log | |
7 | + | |
8 | +setuid www-data | |
9 | +setgid www-data | |
10 | + | |
11 | +respawn | |
12 | +respawn limit 10 5 | |
13 | + | |
14 | +# 12.04 upstart version does not support reload | |
15 | +#reload signal SIGUSR1 | |
16 | + | |
17 | +# Let's Encrypt certificates will be written to this directory. | |
18 | +env CADDYPATH=/etc/caddy | |
19 | + | |
20 | +limit nofile 1048576 1048576 | |
21 | + | |
22 | +script | |
23 | + cd /etc/caddy | |
24 | + rootdir="$(mktemp -d -t "caddy-run.XXXXXX")" | |
25 | + exec /usr/local/bin/caddy -agree -log=stdout -conf=/etc/caddy/Caddyfile -root=$rootdir | |
26 | +end script |
caddy/init/mac-launchd/README.md | ||
---|---|---|
@@ -1,0 +1,12 @@ | ||
1 | +launchd service for macOS | |
2 | +========================= | |
3 | + | |
4 | +This is a sample file for a *launchd* service on Mac. | |
5 | +Edit the paths and email in the plist file to match your info. | |
6 | + | |
7 | +Start and Stop the Caddy launchd service using the following commands: | |
8 | + | |
9 | + $ launchctl load ~/Library/LaunchAgents/com.caddyserver.web.plist | |
10 | + $ launchctl unload ~/Library/LaunchAgents/com.caddyserver.web.plist | |
11 | + | |
12 | +More information can be found in this blogpost: [Running Caddy as a service on macOS X server](https://denbeke.be/blog/software/running-caddy-as-a-service-on-macos-os-x-server/) |
caddy/init/mac-launchd/com.caddyserver.web.plist | ||
---|---|---|
@@ -1,0 +1,31 @@ | ||
1 | +"1.0" encoding="UTF-8" xml version= | |
2 | + | |
3 | +<plist version="1.0"> | |
4 | + <dict> | |
5 | + <key>Label</key> | |
6 | + <string>com.caddyserver.web</string> | |
7 | + <key>EnvironmentVariables</key> | |
8 | + <dict> | |
9 | + <key>HOME</key> | |
10 | + <string>/Users/mathias</string> | |
11 | + </dict> | |
12 | + <key>ProgramArguments</key> | |
13 | + <array> | |
14 | + <string>sh</string> | |
15 | + <string>-c</string> | |
16 | + <string>ulimit -n 8192; cd /Users/mathias/Sites; ./caddy -agree -email my_email@domain.com -conf=/Users/mathias/Sites/Caddyfile</string> | |
17 | + </array> | |
18 | + <key>UserName</key> | |
19 | + <string>www</string> | |
20 | + <key>RunAtLoad</key> | |
21 | + <true/> | |
22 | + <key>KeepAlive</key> | |
23 | + <true/> | |
24 | + <key>WorkingDirectory</key> | |
25 | + <string>/Users/mathias/Sites</string> | |
26 | + <key>StandardOutPath</key> | |
27 | + <string>/Users/mathias/Sites/caddy.log</string> | |
28 | + <key>StandardErrorPath</key> | |
29 | + <string>/Users/mathias/Sites/caddy_error.log</string> | |
30 | + </dict> | |
31 | +</plist> |
Built with git-ssb-web