diff options
author | Alice Gaudon | 2020-05-15 22:51:17 +0200 |
---|---|---|
committer | Alice Gaudon | 2020-05-15 22:51:17 +0200 |
commit | 3ea2ecd045445fbea770e5e129cd9b74535dcacf (patch) | |
tree | 9c2fb8fc49bd0ff98f762ced0adabbfdae425be1 | |
parent | 1b9ca6d7254bfff460dd6db05ab5511f1a6967d7 (diff) | |
download | aur-3ea2ecd045445fbea770e5e129cd9b74535dcacf.tar.gz |
Make package closer to official package, provide caddy instead of caddy2 and move default Caddyfile in /etc/caddy (was /etc/caddy2)
-rw-r--r-- | .SRCINFO | 27 | ||||
-rw-r--r-- | Caddyfile | 15 | ||||
-rw-r--r-- | PKGBUILD | 69 | ||||
-rw-r--r-- | WarningCaddyfile | 1 | ||||
-rw-r--r-- | caddy.service | 25 | ||||
-rw-r--r-- | caddy.tmpfiles | 2 |
6 files changed, 95 insertions, 44 deletions
@@ -1,18 +1,29 @@ pkgbase = caddy2 - pkgdesc = Fast, cross-platform HTTP/2 web server with automatic HTTPS + pkgdesc = Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go pkgver = 2.0.0 - pkgrel = 1 + pkgrel = 2 url = https://github.com/caddyserver/caddy arch = x86_64 license = Apache makedepends = go - conflicts = caddy - source = caddy2-2.0.0.tar.gz::https://github.com/caddyserver/caddy/archive/v2.0.0.tar.gz - source = Caddyfile + makedepends = git + depends = glibc + provides = caddy + backup = etc/caddy/Caddyfile + backup = etc/caddy2/Caddyfile + source = git+https://github.com/caddyserver/caddy#tag=v2.0.0?signed + source = caddy-a509155e3cff18af793f6af5f930a71c89e05df8-index.html::https://raw.githubusercontent.com/caddyserver/dist/a509155e3cff18af793f6af5f930a71c89e05df8/welcome/index.html source = caddy.service - sha256sums = 620e2a58ff904ae8bb9543cd5000d5806ba720f275dd6f4774cdc2abba0a746f - sha256sums = adf24a575a20ae9f503fac2348f7cfd26256f167992a1938f1a53a6d77b9b1f4 - sha256sums = c3eb327ba564b167e508b2bfa76ef459cacef09fb2e67a7f09944cb8f92e3207 + source = caddy.tmpfiles + source = Caddyfile + source = WarningCaddyfile + validpgpkeys = 29D0817A67156E4F25DC24782A349DD577D586A5 + sha512sums = SKIP + sha512sums = 2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4 + sha512sums = cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a + sha512sums = 2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061 + sha512sums = 7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5 + sha512sums = f130d00b269b919a2a8c533834b62c87462501b33a7a4e585c433535767494a525900732de93c5cd4151bdb68bc6d97a909c6364c312bfa5340b9de6110ec45d pkgname = caddy2 diff --git a/Caddyfile b/Caddyfile index d8b303be5292..8df7097eb565 100644 --- a/Caddyfile +++ b/Caddyfile @@ -1,8 +1,9 @@ -{ - storage file_system { - root /var/lib/caddy2 - } -} - -# config goes below +# This is an example default caddy file that serves static files +# +# Refer to the Caddy docs for more information: +# https://caddyserver.com/docs/ +:80 { + root * /usr/share/caddy + file_server +} @@ -3,34 +3,61 @@ # Contributor: Poscat <poscat at mail dot poscat dot moe> pkgname=caddy2 +_pkgname=caddy pkgver=2.0.0 -pkgrel=1 -pkgdesc='Fast, cross-platform HTTP/2 web server with automatic HTTPS' +_tag=v2.0.0 +_distcommit='a509155e3cff18af793f6af5f930a71c89e05df8' +pkgrel=2 +pkgdesc="Powerful, enterprise-ready, open source web server with automatic HTTPS written in Go" arch=('x86_64') +url="https://github.com/caddyserver/caddy" license=('Apache') -url='https://github.com/caddyserver/caddy' -depends=() -conflicts=('caddy') -makedepends=('go') -source=("$pkgname-$pkgver.tar.gz::https://github.com/caddyserver/caddy/archive/v${pkgver}.tar.gz" - "Caddyfile" - "caddy.service") +depends=('glibc') +makedepends=('go' 'git') +provides=('caddy') +backup=('etc/caddy/Caddyfile' 'etc/caddy2/Caddyfile') +source=("git+https://github.com/caddyserver/caddy#tag=${_tag}?signed" + "caddy-${_distcommit}-index.html::https://raw.githubusercontent.com/caddyserver/dist/${_distcommit}/welcome/index.html" + 'caddy.service' + 'caddy.tmpfiles' + 'Caddyfile' + 'WarningCaddyfile') +sha512sums=('SKIP' + '2abccd41f770daebf61285dc017249f20c707877ea3c870f4a2375bbbd2bf481a8652d1fd3c7afd7d6b5c54838e9d8474a33e2c9790ef67dcf9d79c4e52953b4' + 'cbda05e4472ac07455dd0a384dec2e7d2b1fbae356d6aa0f08e3de6d4fad06b51bee0352565861d57f3af5f83a39b84e14c9456eabf5f1ea940c4c06986c620a' + '2c45974647859a6fa9096aeb9ec0a32270adc863b90932133886eadd87d94a9f59713e185b86e8c8f01c8e11742cabac2cc3abadeef9ebd2534ac2acb9b20061' + '7599f0b0af3b0380d90d805a5b4b9ab8d377727f4a1f6d59d1d30cd4c767aa45b9bbde56dafc88936640fb375fed265ed0489a5039e2c9f5aafd53bd692031e5' + 'f130d00b269b919a2a8c533834b62c87462501b33a7a4e585c433535767494a525900732de93c5cd4151bdb68bc6d97a909c6364c312bfa5340b9de6110ec45d') +validpgpkeys=( + '29D0817A67156E4F25DC24782A349DD577D586A5' # Matthew Holt <mholt@users.noreply.github.com> +) -sha256sums=('620e2a58ff904ae8bb9543cd5000d5806ba720f275dd6f4774cdc2abba0a746f' - 'adf24a575a20ae9f503fac2348f7cfd26256f167992a1938f1a53a6d77b9b1f4' - 'c3eb327ba564b167e508b2bfa76ef459cacef09fb2e67a7f09944cb8f92e3207') +pkgver() { + cd ${_pkgname} + git describe --tags --match 'v*' | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' +} + +prepare() { + sed 's|/var/www/html|/srv/http|g' -i "${srcdir}/caddy-${_distcommit}-index.html" +} build() { - cd ${srcdir}/caddy-${pkgver} - export GOPATH="$srcdir" - go build -v -o caddy cmd/caddy/main.go + cd "${_pkgname}/cmd/caddy/" + go build -trimpath -ldflags "-extldflags ${LDFLAGS}" -o $pkgname } -package() { - mkdir -p "$pkgdir/var/lib/caddy2" - install -D -m 0644 Caddyfile "$pkgdir/etc/caddy2/Caddyfile" - install -D -m 0644 caddy.service "$pkgdir/usr/lib/systemd/system/caddy.service" - cd ${srcdir}/caddy-${pkgver} - install -D -m 0755 caddy "$pkgdir/usr/bin/caddy" +check() { + cd "caddy" + go test ./... } +package() { + cd "caddy" + install -Dm755 "cmd/caddy/${pkgname}" "${pkgdir}/usr/bin/${_pkgname}" + install -Dm 644 "${srcdir}/caddy.service" -t "${pkgdir}/usr/lib/systemd/system" + install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf" + install -Dm 644 "${srcdir}/Caddyfile" "${pkgdir}/etc/caddy/Caddyfile" + install -Dm 644 "${srcdir}/WarningCaddyfile" "${pkgdir}/etc/caddy2/Caddyfile" + install -Dm 644 "${srcdir}/caddy-${_distcommit}-index.html" "${pkgdir}/usr/share/caddy/index.html" + install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} diff --git a/WarningCaddyfile b/WarningCaddyfile new file mode 100644 index 000000000000..0b4a5c433cd4 --- /dev/null +++ b/WarningCaddyfile @@ -0,0 +1 @@ +# This file was moved to /etc/caddy/Caddyfile diff --git a/caddy.service b/caddy.service index 74bff04f37ad..0e3800c31e0c 100644 --- a/caddy.service +++ b/caddy.service @@ -1,22 +1,31 @@ [Unit] -Description=Caddy 2 HTTP/2 web server -After=network-online.target +Description=Caddy Web Server +Documentation=https://caddyserver.com/docs/ +After=network.target [Service] User=http Group=http -ExecStart=/usr/bin/caddy run --config /etc/caddy2/Caddyfile --adapter caddyfile -ExecReload=/usr/bin/caddy reload --config /etc/caddy2/Caddyfile --adapter caddyfile +ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --resume --environ +ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile ExecStop=/usr/bin/caddy stop +TimeoutStopSec=5s LimitNOFILE=1048576 -LimitNPROC=64 +LimitNPROC=512 + +# Hardening options PrivateTmp=true +ProtectSystem=strict PrivateDevices=true ProtectHome=true -ProtectSystem=strict -ReadWritePaths=/var/lib/caddy2 +ReadWritePaths=/var/lib/caddy /var/log/caddy /srv/http AmbientCapabilities=CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +NoNewPrivileges=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectControlGroups=true +LockPersonality=true [Install] WantedBy=multi-user.target - diff --git a/caddy.tmpfiles b/caddy.tmpfiles new file mode 100644 index 000000000000..b425ffa652e1 --- /dev/null +++ b/caddy.tmpfiles @@ -0,0 +1,2 @@ +d /var/lib/caddy 0750 http http +d /var/log/caddy 0750 http http
\ No newline at end of file |