reworked caddy script - removed cmdline support for netbind

systemd service install now uses sed to insert the repo directory into the call service script before deploying. renamed install script to fetch as to avoid confusion as it fetches the basic binary.
2020-11-27 14:42:53 -08:00 · 2020-11-27 14:42:53 -08:00 · e24be310ae
parent c9ff56881e
commit e24be310ae
9 changed files with 24 additions and 51 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,4 +7,4 @@ env/
 conf/
 user/
 build/
-user/
+/archive/
--- a/scripts/caddy
+++ b/scripts/caddy
@ -1,28 +1,16 @@
 #!/bin/bash
 SDIR=$(dirname "$(readlink -f "$0")") || exit
 DIR=$(dirname "$SDIR") || exit
+echo Caddy Reposity Root: $DIR
 source $SDIR/library
 CONF=$DIR/conf/${1:-caddy}.conf
-get-caddy-name # this sets $CADDY_BIN
+CMD=${2:-run}
+get-caddy-bin # this sets $CADDY_BIN
 BIN=$DIR/bin/$CADDY_BIN
-echo running caddy $BIN
 [ ! -f "$BIN" ] && echo binary file $BIN does not exist && exit 1
 [ ! -x "$BIN" ] && echo binary file $BIN is not executable && exit 1
 [ ! -f "$CONF" ] && echo no configuration file $CONF && exit 1
-if [ $INVOCATION_ID ]; then
-echo running under systemd service
-else
-  CAP="cap_net_bind_service+eip"
-  ISSET=$(getcap $BIN | grep $CAP )
-  echo before $ISSET
-  if [ ! "$ISSET" ]; then
-  echo binary not set for binding port 80 by non-root users, attempting to set
-  sudo setcap $CAP $BIN
-  ISSET=$(getcap $BIN | grep $CAP)
-  echo after $ISSET
-  [ ! "$ISSET" ] && echo unable to set port binding && exit 1
-fi
-fi
-echo $BIN run --config $CONF --adapter caddyfile
-set-env $DIR/env
-su -c "for f in $DIR/env/*.env; do source $f; done && $BIN run --config $CONF --adapter caddyfile" - caddy
+# source any need environment files in $DIR/env
+for f in $DIR/env/*.env; do source $f; done
+echo Running caddy binary $BIN with configuration $CONF and command $CMD as user $USER
+$BIN $CMD --config $CONF --adapter caddyfile
--- a/scripts/delete/arch
+++ b/scripts/delete/arch
@ -1,8 +0,0 @@
-#!/bin/bash
-ARCH=${1:-amd64}
-DIR=$(dirname "$(dirname "$(readlink -f "$0")")") || exit
-echo Making Link to $ARCH binary in $DIR/bin/$ARCH/caddy
-rm $DIR/caddy
-ln -s $DIR/bin/$ARCH/caddy $DIR/caddy
-sudo chown caddy:sysadmin $DIR/bin/$ARCH/caddy
-sudo chown -h caddy:sysadmin $DIR/caddy
--- a/scripts/install
+++ b/scripts/install
--- a/scripts/library
+++ b/scripts/library
@ -40,7 +40,7 @@ ARCH=${ARCHES[$(uname -m)]}
  fi
 }

-function get-caddy-name () {
+function get-caddy-bin () {
  get-OS
  get-architecture
  echo caddy binary name is $OS-$ARCH
--- a/scripts/mkuser
+++ b/scripts/mkuser
@ -16,7 +16,8 @@ sudo useradd --system \
 	--shell /bin/bash \
 	--comment "Caddy web server user" \
 	caddy
-echo 'caddy:caddy' | sudo chpasswd 
+echo 'caddy:caddy' | sudo chpasswd  # user:password
+echo "set caddy user password to \'caddy\'"
 sudo chown -R caddy:caddy $DIR/user
 echo adding current user $USER to caddy group for rw access
 sudo usermod -a -G caddy $USER
--- a/scripts/own
+++ b/scripts/own
@ -6,6 +6,5 @@ sudo chown -R caddy:caddy $DIR
 sudo chmod -R ug=rw,o=r,a+X $DIR
 sudo chmod ug+x -R $DIR/scripts
 sudo chmod ug+x -R $DIR/env
-sudo chmod ug+x -R $DIR/caddy
 sudo chmod ug+x -R $DIR/bin
 sudo chmod ug+x -R $DIR/build/bin
--- a/systemd/caddy@.service
+++ b/systemd/caddy@.service
@ -1,16 +1,6 @@
-# caddy.service
-#
-# For using Caddy with a config file.
-#
-# Make sure the ExecStart and ExecReload commands are correct
-# for your installation.
-#
-# WARNING: This service does not use the --resume flag, so if you
-# use the API to make changes, they will be overwritten by the
-# Caddyfile next time the service is restarted. If you intend to
-# use Caddy's API to configure it, add the --resume flag to the
-# `caddy run` command or use the caddy-api.service file instead.
-# use sed to get caddy directory at install
+# caddy@.service
+# For using Caddy2 and a caddyfile.
+# Using caddy repository at @d see @d/README.md

 [Unit]
 Description=Caddy
@ -21,10 +11,9 @@ After=network.target
 # base directory must be hard coded
 User=caddy
 Group=caddy
-WorkingDirectory=/opt/caddy
-ExecStart=
-
-ExecReload=/opt/caddy/scripts/caddy reload --config /opt/caddy/conf/%.conf --adapter=caddyfile
+WorkingDirectory=@d
+ExecStart=@d/scripts/caddy %i
+ExecReload=@d/scripts/caddy %i reload
 TimeoutStopSec=5s
 LimitNOFILE=1048576
 LimitNPROC=512
--- a/systemd/install
+++ b/systemd/install
@ -1,5 +1,9 @@
 #!/bin/bash
 # copies template to systemd
-DIR="$(dirname "$(readlink -f "$0")")"
-sudo rm /etc/systemd/system/caddy@.service
-sudo cp $DIR/caddy@.service /etc/systemd/system/
+SDIR=$(dirname "$(readlink -f "$0")") || exit
+DIR=$(dirname "$SDIR") || exit
+SDDIR="/etc/systemd/system"
+echo Caddy Reposity Root: $DIR
+echo "Installing Template Service file at $SDIR/caddy@.service"
+echo ---- Service file as written to $SDDIR ----
+cat $SDIR/caddy@.service | sed 's:@d:'$DIR':'g | sudo tee $SDDIR/caddy@.service