diff options
author | Star_caorui | 2022-05-31 08:49:59 +0800 |
---|---|---|
committer | Star_caorui | 2022-05-31 08:49:59 +0800 |
commit | 403c5dc1000d662bb637dc24933dc2d2217c1726 (patch) | |
tree | 9359a4163ea8dc5d9214dfcde208e52e72687296 | |
download | aur-403c5dc1000d662bb637dc24933dc2d2217c1726.tar.gz |
Fist Upload
-rw-r--r-- | .SRCINFO | 23 | ||||
-rw-r--r-- | Caddyfile | 1 | ||||
-rw-r--r-- | Caddyfile-example | 16 | ||||
-rw-r--r-- | PKGBUILD | 43 | ||||
-rw-r--r-- | caddy.service | 60 | ||||
-rw-r--r-- | caddy.sysusers | 1 | ||||
-rw-r--r-- | caddy.tmpfiles | 1 |
7 files changed, 145 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..ce2e2319c7bb --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,23 @@ +pkgbase = caddy-dnspod + pkgdesc = Caddy web server + pkgver = 2.5.1 + pkgrel = 1 + url = https://github.com/caddyserver/caddy + arch = any + license = Apache-2.0 + makedepends = go + makedepends = xcaddy + provides = caddy + conflicts = caddy + source = Caddyfile + source = caddy.service + source = caddy.sysusers + source = caddy.tmpfiles + source = Caddyfile-example + sha256sums = 9bca9b879484cd1e6c7191c83e077ba9c851c2c10c998333219179bfb0fb93f7 + sha256sums = dbaedf6929f5292d9ec32d2bcb4990cb3747b58940b385d26564e1abb5dd89ab + sha256sums = a9294eeba17a8fd57cf11cef21e2eb3719a016646eeac0764a0d9f9f380a40ef + sha256sums = c3119c98b285c4bf10c0581fba09b87df3999e0e5a335d94f074eae454a99e70 + sha256sums = 03a264ad5660a6a569a5559c342bee777e50499c0d386b1add4fab03acf8b8d3 + +pkgname = caddy-dnspod diff --git a/Caddyfile b/Caddyfile new file mode 100644 index 000000000000..fc2144456cd1 --- /dev/null +++ b/Caddyfile @@ -0,0 +1 @@ +import /etc/caddy/conf.d/* diff --git a/Caddyfile-example b/Caddyfile-example new file mode 100644 index 000000000000..0bda87c7f7cb --- /dev/null +++ b/Caddyfile-example @@ -0,0 +1,16 @@ +# For the "reverse-proxy with auto TLS certificate", add entries as follows. +# Don't forget to set `DNSPOD_TOKEN`, e.g., in /var/lib/caddy/envfile +# +# example.com { +# reverse_proxy localhost:8080 +# tls { +# dns dnspod {env.DNSPOD_TOKEN} +# } +# } +# +# example.net { +# reverse_proxy localhost:8800 +# tls { +# dns dnspod {env.DNSPOD_TOKEN} +# } +# } diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..b77653aee692 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,43 @@ +# Maintainer: Star_caorui <Star_caorui@hotmail.com> +pkgname=caddy-dnspod +pkgver=2.5.1 +pkgrel=1 +pkgdesc="Caddy web server" +arch=('any') +url="https://github.com/caddyserver/caddy" +license=('Apache-2.0') +makedepends=('go' 'xcaddy') +provides=("caddy") +conflicts=("caddy") +source=( + "Caddyfile" + "caddy.service" + "caddy.sysusers" + "caddy.tmpfiles" + "Caddyfile-example" +) +sha256sums=('9bca9b879484cd1e6c7191c83e077ba9c851c2c10c998333219179bfb0fb93f7' + 'dbaedf6929f5292d9ec32d2bcb4990cb3747b58940b385d26564e1abb5dd89ab' + 'a9294eeba17a8fd57cf11cef21e2eb3719a016646eeac0764a0d9f9f380a40ef' + 'c3119c98b285c4bf10c0581fba09b87df3999e0e5a335d94f074eae454a99e70' + '03a264ad5660a6a569a5559c342bee777e50499c0d386b1add4fab03acf8b8d3') + +build() { + xcaddy build v${pkgver} --with github.com/caddy-dns/dnspod +} + +package() { + # Install the executables + install -d "$pkgdir"/usr/bin/ + install -m 755 caddy "$pkgdir"/usr/bin/ + + # Basic configuration with example + install -Dm 644 "${srcdir}/Caddyfile" "${pkgdir}/etc/caddy/Caddyfile" + install -d "${pkgdir}/etc/caddy/conf.d" + install -Dm 644 "${srcdir}/Caddyfile-example" -t "${pkgdir}/etc/caddy/conf.d" + + # Systemd service setup + install -Dm 644 "${srcdir}/caddy.service" -t "${pkgdir}/usr/lib/systemd/system" + install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf" + install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf" +} diff --git a/caddy.service b/caddy.service new file mode 100644 index 000000000000..5742eccac0f3 --- /dev/null +++ b/caddy.service @@ -0,0 +1,60 @@ +[Unit] +Description=Caddy webserver +Documentation=https://caddyserver.com/docs/ +After=network-online.target +Wants=network-online.target systemd-networkd-wait-online.service +StartLimitIntervalSec=14400 +StartLimitBurst=10 + +[Service] +User=caddy +Group=caddy + +# environment: store secrets here such as API tokens +EnvironmentFile=-/var/lib/caddy/envfile +# data directory: uses $XDG_DATA_HOME/caddy +# TLS certificates and other assets are stored here +Environment=XDG_DATA_HOME=/var/lib +# config directory: uses $XDG_CONFIG_HOME/caddy +Environment=XDG_CONFIG_HOME=/etc + +# do not print --environ here, as it may contain API tokens!! +ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile +ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile + +# Do not allow the process to be restarted in a tight loop. +Restart=on-abnormal + +# Use graceful shutdown with a reasonable timeout +KillMode=mixed +KillSignal=SIGQUIT +TimeoutStopSec=5s + +# Sufficient resource limits +LimitNOFILE=1048576 +LimitNPROC=512 + +# Grants binding to port 443... +AmbientCapabilities=CAP_NET_BIND_SERVICE +# ...and limits potentially inherited capabilities to this +CapabilityBoundingSet=CAP_NET_BIND_SERVICE + +# Hardening options +LockPersonality=true +NoNewPrivileges=true + +PrivateTmp=true +PrivateDevices=true + +ProtectControlGroups=true +ProtectHome=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectSystem=strict + +ReadWritePaths=/var/lib/caddy +ReadOnlyPaths=/etc/caddy +ReadOnlyPaths=-/var/lib/caddy/envfile + +[Install] +WantedBy=multi-user.target diff --git a/caddy.sysusers b/caddy.sysusers new file mode 100644 index 000000000000..6fb563371e7e --- /dev/null +++ b/caddy.sysusers @@ -0,0 +1 @@ +u caddy - "caddy daemon" /var/lib/caddy diff --git a/caddy.tmpfiles b/caddy.tmpfiles new file mode 100644 index 000000000000..c340b73cb649 --- /dev/null +++ b/caddy.tmpfiles @@ -0,0 +1 @@ +d /var/lib/caddy 0750 caddy caddy |