updating readme
parent
5b4b2c6387
commit
410fac6cbb
75
README.md
75
README.md
|
@ -1,54 +1,45 @@
|
||||||
Official service files for systemd
|
Caddy Web Server
|
||||||
==================================
|
=====
|
||||||
|
|
||||||
This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments.
|
Clone this repo to /opt/caddy
|
||||||
|
|
||||||
|
`git clone https://git.kebler.net/kebler.net/caddy.git /opt/caddy`
|
||||||
|
|
||||||
|
## Install
|
||||||
|
|
||||||
|
run these scripts
|
||||||
|
|
||||||
|
`/opt/caddy/scripts/mkuser && /opt/caddy/scripts/own`
|
||||||
|
|
||||||
|
Set the architecture binary (either amd64 or arm64)
|
||||||
|
|
||||||
|
`/opt/caddy/scripts/arch <amd64|arch64>`
|
||||||
|
|
||||||
|
Reveal the aws credentials
|
||||||
|
|
||||||
|
open terminal on giskard in mounted caddy directory.
|
||||||
|
|
||||||
|
Run
|
||||||
|
|
||||||
|
`git secret reveal`
|
||||||
|
|
||||||
|
it will ask for passphrase. See entry in keepass `kebler.net repo secret keys`
|
||||||
|
|
||||||
|
if can't mount the directory then will have to move a copy of the keyring in `~/.gnupg` to remote machine
|
||||||
|
|
||||||
|
## conf
|
||||||
|
|
||||||
|
To make a new conf file to edit
|
||||||
|
|
||||||
|
`/opt/caddy/scripts/newconf`
|
||||||
|
|
||||||
**⚠️ Always review your service file before using it! Change anything that you need to customize.**
|
|
||||||
|
|
||||||
## Instructions
|
|
||||||
|
|
||||||
See our website for [installation instructions](https://caddyserver.com/docs/install).
|
|
||||||
|
|
||||||
|
|
||||||
## Prerequisites
|
|
||||||
|
|
||||||
Running Caddy as a systemd service requires the following:
|
|
||||||
|
|
||||||
|
|
||||||
Group named `caddy`:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ groupadd --system caddy
|
|
||||||
```
|
```
|
||||||
|
|
||||||
User named `caddy` with a writeable home folder:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
$ useradd --system \
|
|
||||||
--gid caddy \
|
|
||||||
--create-home \
|
|
||||||
--home-dir /var/lib/caddy \
|
|
||||||
--shell /usr/sbin/nologin \
|
|
||||||
--comment "Caddy web server" \
|
|
||||||
caddy
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
## Choosing a service file
|
|
||||||
|
|
||||||
- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file).
|
|
||||||
- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API.
|
|
||||||
|
|
||||||
The two files are identical except for the ExecStart and ExecReload commands.
|
|
||||||
|
|
||||||
## Important
|
|
||||||
|
|
||||||
Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you.
|
|
||||||
|
|
||||||
Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter.
|
|
||||||
|
|
||||||
**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.**
|
|
||||||
|
|
||||||
Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration.
|
|
||||||
|
|
||||||
However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead.
|
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
Official service files for systemd
|
||||||
|
==================================
|
||||||
|
|
||||||
|
This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments.
|
||||||
|
|
||||||
|
**⚠️ Always review your service file before using it! Change anything that you need to customize.**
|
||||||
|
|
||||||
|
## Instructions
|
||||||
|
|
||||||
|
See our website for [installation instructions](https://caddyserver.com/docs/install).
|
||||||
|
|
||||||
|
|
||||||
|
## Prerequisites
|
||||||
|
|
||||||
|
Running Caddy as a systemd service requires the following:
|
||||||
|
|
||||||
|
|
||||||
|
Group named `caddy`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ groupadd --system caddy
|
||||||
|
```
|
||||||
|
|
||||||
|
User named `caddy` with a writeable home folder:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ useradd --system \
|
||||||
|
--gid caddy \
|
||||||
|
--create-home \
|
||||||
|
--home-dir /var/lib/caddy \
|
||||||
|
--shell /usr/sbin/nologin \
|
||||||
|
--comment "Caddy web server" \
|
||||||
|
caddy
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Choosing a service file
|
||||||
|
|
||||||
|
- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file).
|
||||||
|
- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API.
|
||||||
|
|
||||||
|
The two files are identical except for the ExecStart and ExecReload commands.
|
||||||
|
|
||||||
|
## Important
|
||||||
|
|
||||||
|
Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you.
|
||||||
|
|
||||||
|
Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter.
|
||||||
|
|
||||||
|
**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.**
|
||||||
|
|
||||||
|
Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration.
|
||||||
|
|
||||||
|
However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead.
|
Loading…
Reference in New Issue