updating readme

giskard
David Kebler 2020-06-30 08:01:17 -07:00
parent 5b4b2c6387
commit 410fac6cbb
2 changed files with 88 additions and 43 deletions

View File

@ -1,54 +1,45 @@
Official service files for systemd Caddy Web Server
================================== =====
This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments. Clone this repo to /opt/caddy
`git clone https://git.kebler.net/kebler.net/caddy.git /opt/caddy`
## Install
run these scripts
`/opt/caddy/scripts/mkuser && /opt/caddy/scripts/own`
Set the architecture binary (either amd64 or arm64)
`/opt/caddy/scripts/arch <amd64|arch64>`
Reveal the aws credentials
open terminal on giskard in mounted caddy directory.
Run
`git secret reveal`
it will ask for passphrase. See entry in keepass `kebler.net repo secret keys`
if can't mount the directory then will have to move a copy of the keyring in `~/.gnupg` to remote machine
## conf
To make a new conf file to edit
`/opt/caddy/scripts/newconf`
**⚠️ Always review your service file before using it! Change anything that you need to customize.**
## Instructions
See our website for [installation instructions](https://caddyserver.com/docs/install).
## Prerequisites
Running Caddy as a systemd service requires the following:
Group named `caddy`:
```bash
$ groupadd --system caddy
``` ```
User named `caddy` with a writeable home folder: ```
```bash
$ useradd --system \
--gid caddy \
--create-home \
--home-dir /var/lib/caddy \
--shell /usr/sbin/nologin \
--comment "Caddy web server" \
caddy
```
## Choosing a service file
- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file).
- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API.
The two files are identical except for the ExecStart and ExecReload commands.
## Important
Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you.
Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter.
**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.**
Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration.
However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead.

54
caddy-service.md Normal file
View File

@ -0,0 +1,54 @@
Official service files for systemd
==================================
This folder contains the officially-maintained systemd files that should be used as a basis for your own deployments.
**⚠️ Always review your service file before using it! Change anything that you need to customize.**
## Instructions
See our website for [installation instructions](https://caddyserver.com/docs/install).
## Prerequisites
Running Caddy as a systemd service requires the following:
Group named `caddy`:
```bash
$ groupadd --system caddy
```
User named `caddy` with a writeable home folder:
```bash
$ useradd --system \
--gid caddy \
--create-home \
--home-dir /var/lib/caddy \
--shell /usr/sbin/nologin \
--comment "Caddy web server" \
caddy
```
## Choosing a service file
- **`caddy.service`** - Use this one if you configure Caddy with a file (for example, the Caddyfile, or a .json file).
- **`caddy-api.service`** - Use this one if you configure Caddy solely through its API.
The two files are identical except for the ExecStart and ExecReload commands.
## Important
Caddy receives all configuration through its [admin API](https://caddyserver.com/docs/api), even when the [command line interface (CLI)](https://caddyserver.com/docs/command-line) is used, which simply wraps up the API calls for you.
Most users will use either config files and the CLI [mutually exclusively](https://caddyserver.com/docs/getting-started#api-vs-config-files) with the API because it is simpler to have only one source of truth. However, you may wish to provide Caddy an initial "bootstrapping" configuration with a config file, and use the API thereafter.
**⚠️ If you provide an initial config file with the `--config` flag and then update the config using the API, you risk losing your changes if the service is restarted unless you have the `--resume` flag in your ExecStart command.**
Without the `--resume` flag, the `--config` flag will overwrite any last-known configuration.
However, it is totally safe and normal to use both the `--config` and `--resume` options together if you need to use both a config file and the API. Just be aware that if you update your config file and want to apply those changes, _stopping and starting the server is the wrong way to do this_. Restarting the service is orthogonal to config changes; this is a unique safety feature that guarantees durability and prevents data loss. If the config file has the latest changes, you should use the reload command instead.