diff --git a/README.md b/README.md index b46bb93..e80e228 100644 --- a/README.md +++ b/README.md @@ -1,54 +1,45 @@ -Official service files for systemd -================================== +Caddy Web Server +===== -This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments. +Clone this repo to /opt/caddy + +`git clone https://git.kebler.net/kebler.net/caddy.git /opt/caddy` + +## Install + +run these scripts + +`/opt/caddy/scripts/mkuser && /opt/caddy/scripts/own` + +Set the architecture binary (either amd64 or arm64) + +`/opt/caddy/scripts/arch ` + +Reveal the aws credentials + +open terminal on giskard in mounted caddy directory. + +Run + +`git secret reveal` + +it will ask for passphrase. See entry in keepass `kebler.net repo secret keys` + +if can't mount the directory then will have to move a copy of the keyring in `~/.gnupg` to remote machine + +## conf + +To make a new conf file to edit + +`/opt/caddy/scripts/newconf` -**⚠️ Always review your service file before using it! Change anything that you need to customize.** -## Instructions -See our website for [installation instructions](https://caddyserver.com/docs/install). -## Prerequisites - -Running Caddy as a systemd service requires the following: -Group named `caddy`: -```bash -$ groupadd --system caddy ``` -User named `caddy` with a writeable home folder: - -```bash -$ useradd --system \ - --gid caddy \ - --create-home \ - --home-dir /var/lib/caddy \ - --shell /usr/sbin/nologin \ - --comment "Caddy web server" \ - caddy -``` - - -## Choosing a service file - -- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file). -- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API. - -The two files are identical except for the ExecStart and ExecReload commands. - -## Important - -Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you. - -Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter. - -**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.** - -Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration. - -However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead. +``` \ No newline at end of file diff --git a/caddy-service.md b/caddy-service.md new file mode 100644 index 0000000..b46bb93 --- /dev/null +++ b/caddy-service.md @@ -0,0 +1,54 @@ +Official service files for systemd +================================== + +This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments. + +**⚠️ Always review your service file before using it! Change anything that you need to customize.** + +## Instructions + +See our website for [installation instructions](https://caddyserver.com/docs/install). + + +## Prerequisites + +Running Caddy as a systemd service requires the following: + + +Group named `caddy`: + +```bash +$ groupadd --system caddy +``` + +User named `caddy` with a writeable home folder: + +```bash +$ useradd --system \ + --gid caddy \ + --create-home \ + --home-dir /var/lib/caddy \ + --shell /usr/sbin/nologin \ + --comment "Caddy web server" \ + caddy +``` + + +## Choosing a service file + +- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file). +- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API. + +The two files are identical except for the ExecStart and ExecReload commands. + +## Important + +Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you. + +Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter. + +**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.** + +Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration. + +However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead.