Merge pull request #1 from ArisuOngaku/next-rebase

Remove caddy2.install and base the rest of the package on official current `next` branch

10 files changed, 174 insertions, 67 deletions

diff --git a/.SRCINFO b/.SRCINFO
index d1577aca4aad..e3ac7294d37c 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,8 +1,8 @@
 pkgbase = caddy2
-	pkgdesc = Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go
+	pkgdesc = Fast web server with automatic HTTPS
 	pkgver = 2.1.1
-	pkgrel = 1
-	url = https://github.com/caddyserver/caddy
+	pkgrel = 2
+	url = https://caddyserver.com
 	arch = x86_64
 	license = Apache
 	makedepends = go
@@ -10,17 +10,24 @@ pkgbase = caddy2
 	depends = glibc
 	provides = caddy
 	backup = etc/caddy/Caddyfile
+	backup = etc/caddy/caddy.conf
 	source = git+https://github.com/caddyserver/caddy#tag=v2.1.1?signed
-	source = caddy-a509155e3cff18af793f6af5f930a71c89e05df8-index.html::https://raw.githubusercontent.com/caddyserver/dist/a509155e3cff18af793f6af5f930a71c89e05df8/welcome/index.html
+	source = index-a509155e3cff18af793f6af5f930a71c89e05df8.html::https://raw.githubusercontent.com/caddyserver/dist/a509155e3cff18af793f6af5f930a71c89e05df8/welcome/index.html
 	source = caddy.service
+	source = caddy-api.service
 	source = caddy.tmpfiles
-	source = Caddyfile
+	source = caddy.sysusers
+	source = caddy.conf
+	source = WarningCaddyfile
 	validpgpkeys = 29D0817A67156E4F25DC24782A349DD577D586A5
 	sha512sums = SKIP
 	sha512sums = 2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4
-	sha512sums = cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a
-	sha512sums = 2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061
-	sha512sums = 7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5
+	sha512sums = 69a619f2be6df77ac516621ad7b27dd6adde0b40cf4680c3afb25e94ac7c1cd6afb42a650d47a4fb096503dec85988af08e85a617b5290cf3a3d9b50b2e2ec46
+	sha512sums = eeb352e023331a3e3d88e47cc52f8786864abeb66bccc864d2557722afd54bdfcee9781590c3cf204923c8c0fa37029ba417a6a65ccd5569f8cbc214eb3ce642
+	sha512sums = 41d6b82ab99ca729d5b48d77d4557f3c5368b63847054216018547ea40e0cc302bc36668e9a57ba63e8983205febffee18eae1c306a665365a13da54010cd415
+	sha512sums = a9b3e4af421a4be0193d9a452cdf6b66b8f03fbf8bce3de4454a2ee70556c156c458b12a141fefb3e15a2acbb0f3acedc09cbccbecf82aa8916b9b6d799ec066
+	sha512sums = 399c177475e299bf5736dba1a9d045477072594390b73c7dd2e13e12785abe029d48e480aee98216f7a8735addd353ce4a07b56ed14364f641b138e4fca0ebcd
+	sha512sums = e195d235a8893d27277a88554a8786e7aec2ca6c83855e051adbdfe5463409463cd159aac2db09786270259be9280eafa0a0ed5dfd2e04d587c8136856ea4d4c
 
 pkgname = caddy2
 
diff --git a/Caddyfile b/Caddyfile
deleted file mode 100644
index 8df7097eb565..000000000000
--- a/Caddyfile
+++ /dev/null
@@ -1,9 +0,0 @@
-# This is an example default caddy file that serves static files
-#
-# Refer to the Caddy docs for more information:
-# https://caddyserver.com/docs/
-
-:80 {
-	root * /usr/share/caddy
-	file_server
-}
diff --git a/PKGBUILD b/PKGBUILD
index f0dc960a40bb..d32657ff2f1a 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -7,25 +7,32 @@ _pkgname=caddy
 pkgver=2.1.1
 _tag=v2.1.1
 _distcommit='a509155e3cff18af793f6af5f930a71c89e05df8'
-pkgrel=1
-pkgdesc="Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go"
+pkgrel=2
+pkgdesc="Fast web server with automatic HTTPS"
 arch=('x86_64')
-url="https://github.com/caddyserver/caddy"
+url="https://caddyserver.com"
 license=('Apache')
 depends=('glibc')
 makedepends=('go' 'git')
 provides=('caddy')
-backup=('etc/caddy/Caddyfile')
+backup=('etc/caddy/Caddyfile'
+        'etc/caddy/caddy.conf')
 source=("git+https://github.com/caddyserver/caddy#tag=${_tag}?signed"
-        "caddy-${_distcommit}-index.html::https://raw.githubusercontent.com/caddyserver/dist/${_distcommit}/welcome/index.html"
-        'caddy.service'
-        'caddy.tmpfiles'
-        'Caddyfile')
+        "index-${_distcommit}.html::https://raw.githubusercontent.com/caddyserver/dist/${_distcommit}/welcome/index.html"
+        caddy.service
+        caddy-api.service
+        caddy.tmpfiles
+        caddy.sysusers
+        caddy.conf
+        WarningCaddyfile)
 sha512sums=('SKIP'
             '2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4'
-            'cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a'
-            '2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061'
-            '7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5')
+            '69a619f2be6df77ac516621ad7b27dd6adde0b40cf4680c3afb25e94ac7c1cd6afb42a650d47a4fb096503dec85988af08e85a617b5290cf3a3d9b50b2e2ec46'
+            'eeb352e023331a3e3d88e47cc52f8786864abeb66bccc864d2557722afd54bdfcee9781590c3cf204923c8c0fa37029ba417a6a65ccd5569f8cbc214eb3ce642'
+            '41d6b82ab99ca729d5b48d77d4557f3c5368b63847054216018547ea40e0cc302bc36668e9a57ba63e8983205febffee18eae1c306a665365a13da54010cd415'
+            'a9b3e4af421a4be0193d9a452cdf6b66b8f03fbf8bce3de4454a2ee70556c156c458b12a141fefb3e15a2acbb0f3acedc09cbccbecf82aa8916b9b6d799ec066'
+            '399c177475e299bf5736dba1a9d045477072594390b73c7dd2e13e12785abe029d48e480aee98216f7a8735addd353ce4a07b56ed14364f641b138e4fca0ebcd'
+            'e195d235a8893d27277a88554a8786e7aec2ca6c83855e051adbdfe5463409463cd159aac2db09786270259be9280eafa0a0ed5dfd2e04d587c8136856ea4d4c')
 validpgpkeys=(
   '29D0817A67156E4F25DC24782A349DD577D586A5' # Matthew Holt <mholt@users.noreply.github.com>
 )
@@ -36,25 +43,35 @@ pkgver() {
 }
 
 prepare() {
-  sed 's|/var/www/html|/srv/http|g' -i "${srcdir}/caddy-${_distcommit}-index.html"
+  sed 's|/var/www/html|/srv/http|g' -i "${srcdir}/index-${_distcommit}.html"
+  sed 's|/etc/caddy/Caddyfile|/etc/caddy/caddy.conf|g' -i "${srcdir}/index-${_distcommit}.html"
 }
 
 build() {
   cd "${_pkgname}/cmd/caddy/"
-  go build -trimpath -ldflags "-extldflags ${LDFLAGS}" -o $pkgname
+  export CGO_LDFLAGS="${LDFLAGS}"
+  export CGO_CPPFLAGS="${CPPFLAGS}"
+  export CGO_CFLAGS="${CFLAGS}"
+  export CGO_CXXFLAGS="${CXXFLAGS}"
+  export GOFLAGS="-buildmode=pie -trimpath"
+  go build .
 }
 
+
 check() {
-  cd "caddy"
+  cd "${_pkgname}"
   go test ./...
 }
 
 package() {
-  cd "caddy"
-  install -Dm755 "cmd/caddy/${pkgname}" "${pkgdir}/usr/bin/${_pkgname}"
+  cd "${_pkgname}"
+  install -Dm 755 cmd/caddy/caddy -t "${pkgdir}/usr/bin"
   install -Dm 644 "${srcdir}/caddy.service" -t "${pkgdir}/usr/lib/systemd/system"
+  install -Dm 644 "${srcdir}/caddy-api.service" -t "${pkgdir}/usr/lib/systemd/system"
   install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf"
-  install -Dm 644 "${srcdir}/Caddyfile" "${pkgdir}/etc/caddy/Caddyfile"
-  install -Dm 644 "${srcdir}/caddy-${_distcommit}-index.html" "${pkgdir}/usr/share/caddy/index.html"
-  install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+  install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf"
+  install -Dm 644 "${srcdir}/caddy.conf" "${pkgdir}/etc/caddy/caddy.conf"
+  install -d "${pkgdir}/etc/caddy/conf.d"
+  install -Dm 644 "${srcdir}/index-${_distcommit}.html" "${pkgdir}/usr/share/caddy/index.html"
+  install -Dm 644 "${srcdir}/WarningCaddyfile" "${pkgdir}/etc/caddy/Caddyfile"
 }
diff --git a/WarningCaddyfile b/WarningCaddyfile
new file mode 100644
index 000000000000..7539fc4a35d5
--- /dev/null
+++ b/WarningCaddyfile
@@ -0,0 +1 @@
+# This file was moved to caddy.conf
\ No newline at end of file
diff --git a/caddy-api.service b/caddy-api.service
new file mode 100644
index 000000000000..53e1e22a3cac
--- /dev/null
+++ b/caddy-api.service
@@ -0,0 +1,52 @@
+# caddy-api.service
+#
+# For using Caddy with its API.
+#
+# This unit is "durable" in that it will automatically resume
+# the last active configuration if the service is restarted.
+#
+# See https://caddyserver.com/docs/install for instructions.
+
+[Unit]
+Description=Caddy API Server
+Documentation=https://caddyserver.com/docs/
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+StartLimitIntervalSec=14400
+StartLimitBurst=10
+
+[Service]
+User=caddy
+Group=caddy
+Environment=XDG_DATA_HOME=/var/lib
+Environment=XDG_CONFIG_HOME=/var/lib
+ExecStart=/usr/bin/caddy run --environ --resume
+
+# Do not allow the process to be restarted in a tight loop. If the
+# process fails to start, something critical needs to be fixed.
+Restart=on-abnormal
+
+# Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
+TimeoutStopSec=5s
+
+LimitNOFILE=1048576
+LimitNPROC=512
+
+# Hardening options
+PrivateTmp=true
+PrivateDevices=true
+ProtectHome=true
+ProtectSystem=strict
+ReadWritePaths=/var/lib/caddy /var/log/caddy
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectControlGroups=true
+LockPersonality=true
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/caddy.conf b/caddy.conf
new file mode 100644
index 000000000000..1aec2b840bae
--- /dev/null
+++ b/caddy.conf
@@ -0,0 +1,28 @@
+# The Caddyfile is an easy way to configure your Caddy web server.
+#
+# Unless the file starts with a global options block, the first
+# uncommented line is always the address of your site.
+#
+# To use your own domain name (with automatic HTTPS), first make
+# sure your domain's A/AAAA DNS records are properly pointed to
+# this machine's public IP, then replace the line below with your
+# domain name.
+:80
+
+# Set this path to your site's directory.
+root * /usr/share/caddy
+
+# Enable the static file server.
+file_server
+
+# Import additional caddy config files in /etc/caddy/conf.d/
+import /etc/caddy/conf.d/*
+
+# Another common task is to set up a reverse proxy:
+# reverse_proxy localhost:8080
+
+# Or serve a PHP site through php-fpm:
+# php_fastcgi localhost:9000
+
+# Refer to the Caddy docs for more information:
+# https://github.com/caddyserver/caddy/wiki/v2:-Documentation
diff --git a/caddy.service b/caddy.service
index 0e3800c31e0c..70c7ee075de9 100644
--- a/caddy.service
+++ b/caddy.service
@@ -1,26 +1,54 @@
+# caddy.service
+#
+# For using Caddy with a config file.
+#
+# Make sure the ExecStart and ExecReload commands are correct
+# for your installation.
+#
+# See https://caddyserver.com/docs/install for instructions.
+#
+# WARNING: This service does not use the --resume flag, so if you
+# use the API to make changes, they will be overwritten by the
+# Caddyfile next time the service is restarted. If you intend to
+# use Caddy's API to configure it, add the --resume flag to the
+# `caddy run` command or use the caddy-api.service file instead.
+
 [Unit]
-Description=Caddy Web Server
+Description=Caddy webserver
 Documentation=https://caddyserver.com/docs/
-After=network.target
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+StartLimitIntervalSec=14400
+StartLimitBurst=10
 
 [Service]
-User=http
-Group=http
-ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --resume --environ
-ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
-ExecStop=/usr/bin/caddy stop
+User=caddy
+Group=caddy
+Environment=XDG_DATA_HOME=/var/lib
+Environment=XDG_CONFIG_HOME=/etc
+ExecStart=/usr/bin/caddy run --adapter caddyfile --environ --config /etc/caddy/caddy.conf
+ExecReload=/usr/bin/caddy reload --adapter caddyfile --config /etc/caddy/caddy.conf
+
+# Do not allow the process to be restarted in a tight loop. If the
+# process fails to start, something critical needs to be fixed.
+Restart=on-abnormal
+
+# Use graceful shutdown with a reasonable timeout
+KillMode=mixed
+KillSignal=SIGQUIT
 TimeoutStopSec=5s
+
 LimitNOFILE=1048576
 LimitNPROC=512
 
 # Hardening options
 PrivateTmp=true
-ProtectSystem=strict
 PrivateDevices=true
 ProtectHome=true
-ReadWritePaths=/var/lib/caddy /var/log/caddy /srv/http
-AmbientCapabilities=CAP_NET_BIND_SERVICE
+ProtectSystem=strict
+ReadWritePaths=/var/lib/caddy /var/log/caddy
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
 NoNewPrivileges=true
 ProtectKernelTunables=true
 ProtectKernelModules=true
@@ -28,4 +56,4 @@ ProtectControlGroups=true
 LockPersonality=true
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/caddy.sysusers b/caddy.sysusers
new file mode 100644
index 000000000000..6a38c6928534
--- /dev/null
+++ b/caddy.sysusers
@@ -0,0 +1 @@
+u caddy - "caddy daemon" /var/lib/caddy
\ No newline at end of file
diff --git a/caddy.tmpfiles b/caddy.tmpfiles
index b425ffa652e1..b0b7d2fbdaee 100644
--- a/caddy.tmpfiles
+++ b/caddy.tmpfiles
@@ -1,2 +1,2 @@
-d /var/lib/caddy 0750 http http
-d /var/log/caddy 0750 http http
\ No newline at end of file
+d /var/lib/caddy 0750 caddy caddy
+d /var/log/caddy 0750 caddy caddy
\ No newline at end of file
diff --git a/caddy2.install b/caddy2.install
deleted file mode 100644
index 537c3c909184..000000000000
--- a/caddy2.install
+++ /dev/null
@@ -1,18 +0,0 @@
-post_install() {
-        systemctl --quiet daemon-reload
-        systemctl --quiet preset caddy.service
-}
-
-post_upgrade() {
-        systemctl --quiet daemon-reload
-        systemd-tmpfiles --create caddy.service
-        systemctl --quiet try-restart caddy.service
-}
-
-pre_remove() {
-        systemctl --quiet --no-reload disable --now caddy.service
-}
-
-post_remove() {
-        systemctl --quiet daemon-reload
-}