diff options
author | Alice Gaudon | 2020-07-09 14:53:59 +0200 |
---|---|---|
committer | GitHub | 2020-07-09 14:53:59 +0200 |
commit | 6894576fc1b22f4fa850875ef1c79725a1b3b897 (patch) | |
tree | 48cc13c9596fdf0370f608d9d499bf1a7f3e8d05 | |
parent | d6a801c8ca2282b118d4f66c4b301f091349b982 (diff) | |
parent | 9401e800408cde5d4fb4d8a866dd604463c5a2ac (diff) | |
download | aur-6894576fc1b22f4fa850875ef1c79725a1b3b897.tar.gz |
Merge pull request #1 from ArisuOngaku/next-rebase
Remove caddy2.install and base the rest of the package on official current `next` branch
-rw-r--r-- | .SRCINFO | 23 | ||||
-rw-r--r-- | Caddyfile | 9 | ||||
-rw-r--r-- | PKGBUILD | 55 | ||||
-rw-r--r-- | WarningCaddyfile | 1 | ||||
-rw-r--r-- | caddy-api.service | 52 | ||||
-rw-r--r-- | caddy.conf | 28 | ||||
-rw-r--r-- | caddy.service | 50 | ||||
-rw-r--r-- | caddy.sysusers | 1 | ||||
-rw-r--r-- | caddy.tmpfiles | 4 | ||||
-rw-r--r-- | caddy2.install | 18 |
10 files changed, 174 insertions, 67 deletions
@@ -1,8 +1,8 @@ pkgbase = caddy2 - pkgdesc = Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go + pkgdesc = Fast web server with automatic HTTPS pkgver = 2.1.1 - pkgrel = 1 - url = https://github.com/caddyserver/caddy + pkgrel = 2 + url = https://caddyserver.com arch = x86_64 license = Apache makedepends = go @@ -10,17 +10,24 @@ pkgbase = caddy2 depends = glibc provides = caddy backup = etc/caddy/Caddyfile + backup = etc/caddy/caddy.conf source = git+https://github.com/caddyserver/caddy#tag=v2.1.1?signed - source = caddy-a509155e3cff18af793f6af5f930a71c89e05df8-index.html::https://raw.githubusercontent.com/caddyserver/dist/a509155e3cff18af793f6af5f930a71c89e05df8/welcome/index.html + source = index-a509155e3cff18af793f6af5f930a71c89e05df8.html::https://raw.githubusercontent.com/caddyserver/dist/a509155e3cff18af793f6af5f930a71c89e05df8/welcome/index.html source = caddy.service + source = caddy-api.service source = caddy.tmpfiles - source = Caddyfile + source = caddy.sysusers + source = caddy.conf + source = WarningCaddyfile validpgpkeys = 29D0817A67156E4F25DC24782A349DD577D586A5 sha512sums = SKIP sha512sums = 2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4 - sha512sums = cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a - sha512sums = 2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061 - sha512sums = 7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5 + sha512sums = 69a619f2be6df77ac516621ad7b27dd6adde0b40cf4680c3afb25e94ac7c1cd6afb42a650d47a4fb096503dec85988af08e85a617b5290cf3a3d9b50b2e2ec46 + sha512sums = eeb352e023331a3e3d88e47cc52f8786864abeb66bccc864d2557722afd54bdfcee9781590c3cf204923c8c0fa37029ba417a6a65ccd5569f8cbc214eb3ce642 + sha512sums = 41d6b82ab99ca729d5b48d77d4557f3c5368b63847054216018547ea40e0cc302bc36668e9a57ba63e8983205febffee18eae1c306a665365a13da54010cd415 + sha512sums = a9b3e4af421a4be0193d9a452cdf6b66b8f03fbf8bce3de4454a2ee70556c156c458b12a141fefb3e15a2acbb0f3acedc09cbccbecf82aa8916b9b6d799ec066 + sha512sums = 399c177475e299bf5736dba1a9d045477072594390b73c7dd2e13e12785abe029d48e480aee98216f7a8735addd353ce4a07b56ed14364f641b138e4fca0ebcd + sha512sums = e195d235a8893d27277a88554a8786e7aec2ca6c83855e051adbdfe5463409463cd159aac2db09786270259be9280eafa0a0ed5dfd2e04d587c8136856ea4d4c pkgname = caddy2 diff --git a/Caddyfile b/Caddyfile deleted file mode 100644 index 8df7097eb565..000000000000 --- a/Caddyfile +++ /dev/null @@ -1,9 +0,0 @@ -# This is an example default caddy file that serves static files -# -# Refer to the Caddy docs for more information: -# https://caddyserver.com/docs/ - -:80 { - root * /usr/share/caddy - file_server -} @@ -7,25 +7,32 @@ _pkgname=caddy pkgver=2.1.1 _tag=v2.1.1 _distcommit='a509155e3cff18af793f6af5f930a71c89e05df8' -pkgrel=1 -pkgdesc="Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go" +pkgrel=2 +pkgdesc="Fast web server with automatic HTTPS" arch=('x86_64') -url="https://github.com/caddyserver/caddy" +url="https://caddyserver.com" license=('Apache') depends=('glibc') makedepends=('go' 'git') provides=('caddy') -backup=('etc/caddy/Caddyfile') +backup=('etc/caddy/Caddyfile' + 'etc/caddy/caddy.conf') source=("git+https://github.com/caddyserver/caddy#tag=${_tag}?signed" - "caddy-${_distcommit}-index.html::https://raw.githubusercontent.com/caddyserver/dist/${_distcommit}/welcome/index.html" - 'caddy.service' - 'caddy.tmpfiles' - 'Caddyfile') + "index-${_distcommit}.html::https://raw.githubusercontent.com/caddyserver/dist/${_distcommit}/welcome/index.html" + caddy.service + caddy-api.service + caddy.tmpfiles + caddy.sysusers + caddy.conf + WarningCaddyfile) sha512sums=('SKIP' '2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4' - 'cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a' - '2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061' - '7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5') + '69a619f2be6df77ac516621ad7b27dd6adde0b40cf4680c3afb25e94ac7c1cd6afb42a650d47a4fb096503dec85988af08e85a617b5290cf3a3d9b50b2e2ec46' + 'eeb352e023331a3e3d88e47cc52f8786864abeb66bccc864d2557722afd54bdfcee9781590c3cf204923c8c0fa37029ba417a6a65ccd5569f8cbc214eb3ce642' + '41d6b82ab99ca729d5b48d77d4557f3c5368b63847054216018547ea40e0cc302bc36668e9a57ba63e8983205febffee18eae1c306a665365a13da54010cd415' + 'a9b3e4af421a4be0193d9a452cdf6b66b8f03fbf8bce3de4454a2ee70556c156c458b12a141fefb3e15a2acbb0f3acedc09cbccbecf82aa8916b9b6d799ec066' + '399c177475e299bf5736dba1a9d045477072594390b73c7dd2e13e12785abe029d48e480aee98216f7a8735addd353ce4a07b56ed14364f641b138e4fca0ebcd' + 'e195d235a8893d27277a88554a8786e7aec2ca6c83855e051adbdfe5463409463cd159aac2db09786270259be9280eafa0a0ed5dfd2e04d587c8136856ea4d4c') validpgpkeys=( '29D0817A67156E4F25DC24782A349DD577D586A5' # Matthew Holt <mholt@users.noreply.github.com> ) @@ -36,25 +43,35 @@ pkgver() { } prepare() { - sed 's|/var/www/html|/srv/http|g' -i "${srcdir}/caddy-${_distcommit}-index.html" + sed 's|/var/www/html|/srv/http|g' -i "${srcdir}/index-${_distcommit}.html" + sed 's|/etc/caddy/Caddyfile|/etc/caddy/caddy.conf|g' -i "${srcdir}/index-${_distcommit}.html" } build() { cd "${_pkgname}/cmd/caddy/" - go build -trimpath -ldflags "-extldflags ${LDFLAGS}" -o $pkgname + export CGO_LDFLAGS="${LDFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + export GOFLAGS="-buildmode=pie -trimpath" + go build . } + check() { - cd "caddy" + cd "${_pkgname}" go test ./... } package() { - cd "caddy" - install -Dm755 "cmd/caddy/${pkgname}" "${pkgdir}/usr/bin/${_pkgname}" + cd "${_pkgname}" + install -Dm 755 cmd/caddy/caddy -t "${pkgdir}/usr/bin" install -Dm 644 "${srcdir}/caddy.service" -t "${pkgdir}/usr/lib/systemd/system" + install -Dm 644 "${srcdir}/caddy-api.service" -t "${pkgdir}/usr/lib/systemd/system" install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf" - install -Dm 644 "${srcdir}/Caddyfile" "${pkgdir}/etc/caddy/Caddyfile" - install -Dm 644 "${srcdir}/caddy-${_distcommit}-index.html" "${pkgdir}/usr/share/caddy/index.html" - install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf" + install -Dm 644 "${srcdir}/caddy.conf" "${pkgdir}/etc/caddy/caddy.conf" + install -d "${pkgdir}/etc/caddy/conf.d" + install -Dm 644 "${srcdir}/index-${_distcommit}.html" "${pkgdir}/usr/share/caddy/index.html" + install -Dm 644 "${srcdir}/WarningCaddyfile" "${pkgdir}/etc/caddy/Caddyfile" } diff --git a/WarningCaddyfile b/WarningCaddyfile new file mode 100644 index 000000000000..7539fc4a35d5 --- /dev/null +++ b/WarningCaddyfile @@ -0,0 +1 @@ +# This file was moved to caddy.conf
\ No newline at end of file diff --git a/caddy-api.service b/caddy-api.service new file mode 100644 index 000000000000..53e1e22a3cac --- /dev/null +++ b/caddy-api.service @@ -0,0 +1,52 @@ +# caddy-api.service +# +# For using Caddy with its API. +# +# This unit is "durable" in that it will automatically resume +# the last active configuration if the service is restarted. +# +# See https://caddyserver.com/docs/install for instructions. + +[Unit] +Description=Caddy API Server +Documentation=https://caddyserver.com/docs/ +After=network-online.target +Wants=network-online.target systemd-networkd-wait-online.service +StartLimitIntervalSec=14400 +StartLimitBurst=10 + +[Service] +User=caddy +Group=caddy +Environment=XDG_DATA_HOME=/var/lib +Environment=XDG_CONFIG_HOME=/var/lib +ExecStart=/usr/bin/caddy run --environ --resume + +# Do not allow the process to be restarted in a tight loop. If the +# process fails to start, something critical needs to be fixed. +Restart=on-abnormal + +# Use graceful shutdown with a reasonable timeout +KillMode=mixed +KillSignal=SIGQUIT +TimeoutStopSec=5s + +LimitNOFILE=1048576 +LimitNPROC=512 + +# Hardening options +PrivateTmp=true +PrivateDevices=true +ProtectHome=true +ProtectSystem=strict +ReadWritePaths=/var/lib/caddy /var/log/caddy +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +NoNewPrivileges=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectControlGroups=true +LockPersonality=true + +[Install] +WantedBy=multi-user.target
\ No newline at end of file diff --git a/caddy.conf b/caddy.conf new file mode 100644 index 000000000000..1aec2b840bae --- /dev/null +++ b/caddy.conf @@ -0,0 +1,28 @@ +# The Caddyfile is an easy way to configure your Caddy web server. +# +# Unless the file starts with a global options block, the first +# uncommented line is always the address of your site. +# +# To use your own domain name (with automatic HTTPS), first make +# sure your domain's A/AAAA DNS records are properly pointed to +# this machine's public IP, then replace the line below with your +# domain name. +:80 + +# Set this path to your site's directory. +root * /usr/share/caddy + +# Enable the static file server. +file_server + +# Import additional caddy config files in /etc/caddy/conf.d/ +import /etc/caddy/conf.d/* + +# Another common task is to set up a reverse proxy: +# reverse_proxy localhost:8080 + +# Or serve a PHP site through php-fpm: +# php_fastcgi localhost:9000 + +# Refer to the Caddy docs for more information: +# https://github.com/caddyserver/caddy/wiki/v2:-Documentation diff --git a/caddy.service b/caddy.service index 0e3800c31e0c..70c7ee075de9 100644 --- a/caddy.service +++ b/caddy.service @@ -1,26 +1,54 @@ +# caddy.service +# +# For using Caddy with a config file. +# +# Make sure the ExecStart and ExecReload commands are correct +# for your installation. +# +# See https://caddyserver.com/docs/install for instructions. +# +# WARNING: This service does not use the --resume flag, so if you +# use the API to make changes, they will be overwritten by the +# Caddyfile next time the service is restarted. If you intend to +# use Caddy's API to configure it, add the --resume flag to the +# `caddy run` command or use the caddy-api.service file instead. + [Unit] -Description=Caddy Web Server +Description=Caddy webserver Documentation=https://caddyserver.com/docs/ -After=network.target +After=network-online.target +Wants=network-online.target systemd-networkd-wait-online.service +StartLimitIntervalSec=14400 +StartLimitBurst=10 [Service] -User=http -Group=http -ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --resume --environ -ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile -ExecStop=/usr/bin/caddy stop +User=caddy +Group=caddy +Environment=XDG_DATA_HOME=/var/lib +Environment=XDG_CONFIG_HOME=/etc +ExecStart=/usr/bin/caddy run --adapter caddyfile --environ --config /etc/caddy/caddy.conf +ExecReload=/usr/bin/caddy reload --adapter caddyfile --config /etc/caddy/caddy.conf + +# Do not allow the process to be restarted in a tight loop. If the +# process fails to start, something critical needs to be fixed. +Restart=on-abnormal + +# Use graceful shutdown with a reasonable timeout +KillMode=mixed +KillSignal=SIGQUIT TimeoutStopSec=5s + LimitNOFILE=1048576 LimitNPROC=512 # Hardening options PrivateTmp=true -ProtectSystem=strict PrivateDevices=true ProtectHome=true -ReadWritePaths=/var/lib/caddy /var/log/caddy /srv/http -AmbientCapabilities=CAP_NET_BIND_SERVICE +ProtectSystem=strict +ReadWritePaths=/var/lib/caddy /var/log/caddy CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE NoNewPrivileges=true ProtectKernelTunables=true ProtectKernelModules=true @@ -28,4 +56,4 @@ ProtectControlGroups=true LockPersonality=true [Install] -WantedBy=multi-user.target +WantedBy=multi-user.target
\ No newline at end of file diff --git a/caddy.sysusers b/caddy.sysusers new file mode 100644 index 000000000000..6a38c6928534 --- /dev/null +++ b/caddy.sysusers @@ -0,0 +1 @@ +u caddy - "caddy daemon" /var/lib/caddy
\ No newline at end of file diff --git a/caddy.tmpfiles b/caddy.tmpfiles index b425ffa652e1..b0b7d2fbdaee 100644 --- a/caddy.tmpfiles +++ b/caddy.tmpfiles @@ -1,2 +1,2 @@ -d /var/lib/caddy 0750 http http -d /var/log/caddy 0750 http http
\ No newline at end of file +d /var/lib/caddy 0750 caddy caddy +d /var/log/caddy 0750 caddy caddy
\ No newline at end of file diff --git a/caddy2.install b/caddy2.install deleted file mode 100644 index 537c3c909184..000000000000 --- a/caddy2.install +++ /dev/null @@ -1,18 +0,0 @@ -post_install() { - systemctl --quiet daemon-reload - systemctl --quiet preset caddy.service -} - -post_upgrade() { - systemctl --quiet daemon-reload - systemd-tmpfiles --create caddy.service - systemctl --quiet try-restart caddy.service -} - -pre_remove() { - systemctl --quiet --no-reload disable --now caddy.service -} - -post_remove() { - systemctl --quiet daemon-reload -} |