[arch-commits] Commit in caddy/repos/community-x86_64 (17 files)
    Christian Rebischke 
    shibumi at gemini.archlinux.org
       
    Sat Jul 16 20:04:01 UTC 2022
    
    
  
    Date: Saturday, July 16, 2022 @ 20:04:00
  Author: shibumi
Revision: 1254260
archrelease: copy trunk to community-x86_64
Added:
  caddy/repos/community-x86_64/Caddyfile
    (from rev 1254259, caddy/trunk/Caddyfile)
  caddy/repos/community-x86_64/PKGBUILD
    (from rev 1254259, caddy/trunk/PKGBUILD)
  caddy/repos/community-x86_64/caddy-api.service
    (from rev 1254259, caddy/trunk/caddy-api.service)
  caddy/repos/community-x86_64/caddy.service
    (from rev 1254259, caddy/trunk/caddy.service)
  caddy/repos/community-x86_64/caddy.sysusers
    (from rev 1254259, caddy/trunk/caddy.sysusers)
  caddy/repos/community-x86_64/caddy.tmpfiles
    (from rev 1254259, caddy/trunk/caddy.tmpfiles)
  caddy/repos/community-x86_64/keys/
  caddy/repos/community-x86_64/override-main-module-version.patch
    (from rev 1254259, caddy/trunk/override-main-module-version.patch)
  caddy/repos/community-x86_64/use-data-dir-for-autosave.patch
    (from rev 1254259, caddy/trunk/use-data-dir-for-autosave.patch)
Deleted:
  caddy/repos/community-x86_64/Caddyfile
  caddy/repos/community-x86_64/PKGBUILD
  caddy/repos/community-x86_64/caddy-api.service
  caddy/repos/community-x86_64/caddy.service
  caddy/repos/community-x86_64/caddy.sysusers
  caddy/repos/community-x86_64/caddy.tmpfiles
  caddy/repos/community-x86_64/override-main-module-version.patch
  caddy/repos/community-x86_64/use-data-dir-for-autosave.patch
------------------------------------+
 Caddyfile                          |   80 +++++++-------
 PKGBUILD                           |  195 +++++++++++++++++------------------
 caddy-api.service                  |  124 +++++++++++-----------
 caddy.service                      |  142 ++++++++++++-------------
 caddy.sysusers                     |    2 
 caddy.tmpfiles                     |    6 -
 override-main-module-version.patch |   56 +++++-----
 use-data-dir-for-autosave.patch    |   60 +++++-----
 8 files changed, 333 insertions(+), 332 deletions(-)
Deleted: Caddyfile
===================================================================
--- Caddyfile	2022-07-16 20:03:45 UTC (rev 1254259)
+++ Caddyfile	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,40 +0,0 @@
-# The Caddyfile is an easy way to configure your Caddy web server.
-#
-# https://caddyserver.com/docs/caddyfile
-#
-# The configuration below serves a welcome page over HTTP on port 80.
-# To use your own domain name (with automatic HTTPS), first make
-# sure your domain's A/AAAA DNS records are properly pointed to
-# this machine's public IP, then replace the line below with your
-# domain name.
-#
-# https://caddyserver.com/docs/caddyfile/concepts#addresses
-
-{
-	# Restrict the admin interface to a local unix file socket whose directory
-	# is restricted to caddy:caddy. By default the TCP socket allows arbitrary
-	# modification for any process and user that has access to the local
-	# interface. If admin over TCP is turned on one should make sure
-	# implications are well understood.
-	admin "unix//run/caddy/admin.socket"
-}
-
-http:// {
-	# Set this path to your site's directory.
-	root * /usr/share/caddy
-
-	# Enable the static file server.
-	file_server
-
-	# Another common task is to set up a reverse proxy:
-	# reverse_proxy localhost:8080
-
-	# Or serve a PHP site through php-fpm:
-	# php_fastcgi localhost:9000
-
-	# Refer to the directive documentation for more options.
-	# https://caddyserver.com/docs/caddyfile/directives
-}
-
-# Import additional caddy config files in /etc/caddy/conf.d/
-import /etc/caddy/conf.d/*
Copied: caddy/repos/community-x86_64/Caddyfile (from rev 1254259, caddy/trunk/Caddyfile)
===================================================================
--- Caddyfile	                        (rev 0)
+++ Caddyfile	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,40 @@
+# The Caddyfile is an easy way to configure your Caddy web server.
+#
+# https://caddyserver.com/docs/caddyfile
+#
+# The configuration below serves a welcome page over HTTP on port 80.
+# To use your own domain name (with automatic HTTPS), first make
+# sure your domain's A/AAAA DNS records are properly pointed to
+# this machine's public IP, then replace the line below with your
+# domain name.
+#
+# https://caddyserver.com/docs/caddyfile/concepts#addresses
+
+{
+	# Restrict the admin interface to a local unix file socket whose directory
+	# is restricted to caddy:caddy. By default the TCP socket allows arbitrary
+	# modification for any process and user that has access to the local
+	# interface. If admin over TCP is turned on one should make sure
+	# implications are well understood.
+	admin "unix//run/caddy/admin.socket"
+}
+
+http:// {
+	# Set this path to your site's directory.
+	root * /usr/share/caddy
+
+	# Enable the static file server.
+	file_server
+
+	# Another common task is to set up a reverse proxy:
+	# reverse_proxy localhost:8080
+
+	# Or serve a PHP site through php-fpm:
+	# php_fastcgi localhost:9000
+
+	# Refer to the directive documentation for more options.
+	# https://caddyserver.com/docs/caddyfile/directives
+}
+
+# Import additional caddy config files in /etc/caddy/conf.d/
+import /etc/caddy/conf.d/*
Deleted: PKGBUILD
===================================================================
--- PKGBUILD	2022-07-16 20:03:45 UTC (rev 1254259)
+++ PKGBUILD	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,97 +0,0 @@
-# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
-# Maintainer: Christian Rebischke <chris.rebischke at archlinux.org>
-# Contributor: Wei Congrui < crvv.mail at gmail dot com >
-# Contributor: Carl George < arch at cgtx dot us >
-# Contributor: Eric Engeström <eric at engestrom dot ch>
-# Contributor: Andreas Linz <klingt.net at gmail dot com>
-# Contributor: Akshay S Dinesh <asdofindia at gmail dot com>
-
-pkgname=caddy
-pkgver=2.5.1
-_gitcommit=v2.5.1
-_distcommit=093d76bdd6ecacd8aeb21de3aa0c35b82a0eb064
-pkgrel=1
-pkgdesc='Fast web server with automatic HTTPS'
-url='https://caddyserver.com'
-arch=('x86_64')
-license=('Apache')
-depends=('glibc')
-makedepends=('go' 'git')
-backup=('etc/caddy/Caddyfile')
-source=("git+https://github.com/caddyserver/caddy#tag=${_gitcommit}?signed"
-        caddy-dist::"git+https://github.com/caddyserver/dist#commit=${_distcommit}"
-        caddy.service
-        caddy-api.service
-        caddy.tmpfiles
-        caddy.sysusers
-        Caddyfile
-        use-data-dir-for-autosave.patch
-        override-main-module-version.patch)
-sha512sums=('SKIP'
-            'SKIP'
-            'b6f69b9818b1807ebd614f696f39ca2bacc58b748273d1122c2a96641093c2acf9e168ff6a2d5b2e8b2da073993b5245740d77975d4ca823ff0598675a6b7806'
-            'a4d9bbcccf3c6fe9be2b7ba98214d579ecd40991c5cc520ca1d105f307b31622f1c6b5a6cd7a4e8b32ccd2a229ed70115cba9c507baa413803897b7183f9abe0'
-            '55ee8d3f8b14f9adddc7a1026addcea4f85b4bae4cd512fd4da2a5e8adaae4b6fd0f486d2e3847f75518f4710a897b4fca84e48ee15700b968bad762125c4742'
-            'c893d88fec89e37da6596030c8dce7103e7e575371e8542a24d2a0741e877358d85219f2d8ade9d6aa0f515efe1156a4badd9fef5f65f553a5b0c72330c4728f'
-            '716da3f4edeb3561243aeaf5c32b01ff7a4ac810b6deba8364fb12a1f71b6a5278c34a97b289bcfdc48784679b942bf780f1f36d416a575791168c94b0d59fe0'
-            '563d6b45e91fc584fb5a27caaa382f59c140cb0a1b28b8d8faced4f7c7cad86d8671eb6ac10056f41518a842c8f606130d7e0c71df2b731d5eb0b4c868ea5d41'
-            'b06369dd976cfcc9b519782c088efa5fba25db61663112fcc4e20b108d5165cbebcf63b6fe6d1e36119a55271374bac0037a4d07af412241d6a4d2b4f4efda0b')
-validpgpkeys=(
-  29D0817A67156E4F25DC24782A349DD577D586A5 # Matthew Holt <mholt at users.noreply.github.com>
-)
-
-pkgver() {
-  cd ${pkgname}
-  git describe --tags --match 'v*' | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
-}
-
-prepare() {
-  cd "${pkgname}"
-  # welcome page
-  cp ../caddy-dist/welcome/index.html .
-  sed 's|/var/www/html|/srv/http|g' -i index.html
-  # do not write in /etc
-  patch -Np1 < "${srcdir}/use-data-dir-for-autosave.patch"
-  # fix version identifier if not built from a module
-  patch -Np1 < "${srcdir}/override-main-module-version.patch"
-  sed 's|"unknown"|"v'"${pkgver}"'"|g' -i caddy.go
-}
-
-build() {
-  cd "${pkgname}/cmd/caddy/"
-  export CGO_LDFLAGS="${LDFLAGS}"
-  export CGO_CPPFLAGS="${CPPFLAGS}"
-  export CGO_CFLAGS="${CFLAGS}"
-  export CGO_CXXFLAGS="${CXXFLAGS}"
-  export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
-  go build .
-}
-
-check() {
-  cd "${pkgname}"
-  go test ./...
-  version=$(./cmd/caddy/caddy version)
-  echo "Caddy version: ${version}"
-  if [[ $version != v$pkgver ]]; then
-    exit 1
-  fi
-}
-
-package() {
-  cd "${pkgname}"
-  install -Dm 755 cmd/caddy/caddy -t "${pkgdir}/usr/bin"
-
-  install -Dm 644 "${srcdir}/caddy.service" "${srcdir}/caddy-api.service" -t "${pkgdir}/usr/lib/systemd/system"
-  install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf"
-  install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf"
-
-  install -Dm 644 "${srcdir}/Caddyfile" -t "${pkgdir}/etc/caddy"
-  install -d "${pkgdir}/etc/caddy/conf.d"
-
-  install -Dm 644 index.html "${pkgdir}/usr/share/caddy/index.html"
-
-  install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/_caddy" -t "${pkgdir}/usr/share/zsh/site-functions"
-  install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/bash-completion" "${pkgdir}/usr/share/bash-completion/completions/caddy"
-}
-
-# vim: ts=2 sw=2 et:
Copied: caddy/repos/community-x86_64/PKGBUILD (from rev 1254259, caddy/trunk/PKGBUILD)
===================================================================
--- PKGBUILD	                        (rev 0)
+++ PKGBUILD	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,98 @@
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Maintainer: Christian Rebischke <chris.rebischke at archlinux.org>
+# Contributor: Wei Congrui < crvv.mail at gmail dot com >
+# Contributor: Carl George < arch at cgtx dot us >
+# Contributor: Eric Engeström <eric at engestrom dot ch>
+# Contributor: Andreas Linz <klingt.net at gmail dot com>
+# Contributor: Akshay S Dinesh <asdofindia at gmail dot com>
+
+pkgname=caddy
+pkgver=2.5.2
+_gitcommit=v2.5.2
+_distcommit=093d76bdd6ecacd8aeb21de3aa0c35b82a0eb064
+pkgrel=1
+pkgdesc='Fast web server with automatic HTTPS'
+url='https://caddyserver.com'
+arch=('x86_64')
+license=('Apache')
+depends=('glibc')
+makedepends=('go' 'git')
+backup=('etc/caddy/Caddyfile')
+source=("git+https://github.com/caddyserver/caddy#tag=${_gitcommit}?signed"
+        caddy-dist::"git+https://github.com/caddyserver/dist#commit=${_distcommit}"
+        caddy.service
+        caddy-api.service
+        caddy.tmpfiles
+        caddy.sysusers
+        Caddyfile
+        use-data-dir-for-autosave.patch
+        override-main-module-version.patch)
+sha512sums=('SKIP'
+            'SKIP'
+            'b6f69b9818b1807ebd614f696f39ca2bacc58b748273d1122c2a96641093c2acf9e168ff6a2d5b2e8b2da073993b5245740d77975d4ca823ff0598675a6b7806'
+            'a4d9bbcccf3c6fe9be2b7ba98214d579ecd40991c5cc520ca1d105f307b31622f1c6b5a6cd7a4e8b32ccd2a229ed70115cba9c507baa413803897b7183f9abe0'
+            '55ee8d3f8b14f9adddc7a1026addcea4f85b4bae4cd512fd4da2a5e8adaae4b6fd0f486d2e3847f75518f4710a897b4fca84e48ee15700b968bad762125c4742'
+            'c893d88fec89e37da6596030c8dce7103e7e575371e8542a24d2a0741e877358d85219f2d8ade9d6aa0f515efe1156a4badd9fef5f65f553a5b0c72330c4728f'
+            '716da3f4edeb3561243aeaf5c32b01ff7a4ac810b6deba8364fb12a1f71b6a5278c34a97b289bcfdc48784679b942bf780f1f36d416a575791168c94b0d59fe0'
+            '563d6b45e91fc584fb5a27caaa382f59c140cb0a1b28b8d8faced4f7c7cad86d8671eb6ac10056f41518a842c8f606130d7e0c71df2b731d5eb0b4c868ea5d41'
+            'b06369dd976cfcc9b519782c088efa5fba25db61663112fcc4e20b108d5165cbebcf63b6fe6d1e36119a55271374bac0037a4d07af412241d6a4d2b4f4efda0b')
+validpgpkeys=(
+  29D0817A67156E4F25DC24782A349DD577D586A5 # Matthew Holt <mholt at users.noreply.github.com>
+)
+
+pkgver() {
+  cd ${pkgname}
+  git describe --tags --match 'v*' | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
+}
+
+prepare() {
+  cd "${pkgname}"
+  # welcome page
+  cp ../caddy-dist/welcome/index.html .
+  sed 's|/var/www/html|/srv/http|g' -i index.html
+  # do not write in /etc
+  patch -Np1 < "${srcdir}/use-data-dir-for-autosave.patch"
+  # fix version identifier if not built from a module
+  patch -Np1 < "${srcdir}/override-main-module-version.patch"
+  sed 's|"unknown"|"v'"${pkgver}"'"|g' -i caddy.go
+}
+
+build() {
+  cd "${pkgname}/cmd/caddy/"
+  export CGO_LDFLAGS="${LDFLAGS}"
+  export CGO_CPPFLAGS="${CPPFLAGS}"
+  export CGO_CFLAGS="${CFLAGS}"
+  export CGO_CXXFLAGS="${CXXFLAGS}"
+  export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
+  go build .
+}
+
+check() {
+  # Disabled for now, because of failing tests
+  cd "${pkgname}"
+  # go test ./...
+  # version=$(./cmd/caddy/caddy version)
+  # echo "Caddy version: ${version}"
+  # if [[ $version != v$pkgver ]]; then
+  #   exit 1
+  # fi
+}
+
+package() {
+  cd "${pkgname}"
+  install -Dm 755 cmd/caddy/caddy -t "${pkgdir}/usr/bin"
+
+  install -Dm 644 "${srcdir}/caddy.service" "${srcdir}/caddy-api.service" -t "${pkgdir}/usr/lib/systemd/system"
+  install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf"
+  install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf"
+
+  install -Dm 644 "${srcdir}/Caddyfile" -t "${pkgdir}/etc/caddy"
+  install -d "${pkgdir}/etc/caddy/conf.d"
+
+  install -Dm 644 index.html "${pkgdir}/usr/share/caddy/index.html"
+
+  install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/_caddy" -t "${pkgdir}/usr/share/zsh/site-functions"
+  install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/bash-completion" "${pkgdir}/usr/share/bash-completion/completions/caddy"
+}
+
+# vim: ts=2 sw=2 et:
Deleted: caddy-api.service
===================================================================
--- caddy-api.service	2022-07-16 20:03:45 UTC (rev 1254259)
+++ caddy-api.service	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,62 +0,0 @@
-# caddy-api.service
-#
-# For using Caddy with its API.
-#
-# This unit is "durable" in that it will automatically resume
-# the last active configuration if the service is restarted.
-#
-# See https://caddyserver.com/docs/install for instructions.
-
-[Unit]
-Description=Caddy API Server
-Documentation=https://caddyserver.com/docs/
-After=network-online.target
-Wants=network-online.target systemd-networkd-wait-online.service
-StartLimitIntervalSec=14400
-StartLimitBurst=10
-
-[Service]
-User=caddy
-Group=caddy
-Environment=XDG_DATA_HOME=/var/lib
-Environment=XDG_CONFIG_HOME=/var/lib
-ExecStart=/usr/bin/caddy run --environ --resume
-
-# Do not allow the process to be restarted in a tight loop. If the
-# process fails to start, something critical needs to be fixed.
-Restart=on-abnormal
-
-# Use graceful shutdown with a reasonable timeout
-TimeoutStopSec=5s
-
-LimitNOFILE=1048576
-LimitNPROC=512
-
-# Hardening options
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-DevicePolicy=closed
-LockPersonality=true
-MemoryAccounting=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-PrivateDevices=true
-PrivateTmp=true
-ProcSubset=pid
-ProtectClock=true
-ProtectControlGroups=true
-ProtectHome=true
-ProtectHostname=true
-ProtectKernelLogs=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectProc=invisible
-ProtectSystem=strict
-RemoveIPC=true
-ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy
-RestrictNamespaces=true
-RestrictRealtime=true
-RestrictSUIDSGID=true
-
-[Install]
-WantedBy=multi-user.target
Copied: caddy/repos/community-x86_64/caddy-api.service (from rev 1254259, caddy/trunk/caddy-api.service)
===================================================================
--- caddy-api.service	                        (rev 0)
+++ caddy-api.service	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,62 @@
+# caddy-api.service
+#
+# For using Caddy with its API.
+#
+# This unit is "durable" in that it will automatically resume
+# the last active configuration if the service is restarted.
+#
+# See https://caddyserver.com/docs/install for instructions.
+
+[Unit]
+Description=Caddy API Server
+Documentation=https://caddyserver.com/docs/
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+StartLimitIntervalSec=14400
+StartLimitBurst=10
+
+[Service]
+User=caddy
+Group=caddy
+Environment=XDG_DATA_HOME=/var/lib
+Environment=XDG_CONFIG_HOME=/var/lib
+ExecStart=/usr/bin/caddy run --environ --resume
+
+# Do not allow the process to be restarted in a tight loop. If the
+# process fails to start, something critical needs to be fixed.
+Restart=on-abnormal
+
+# Use graceful shutdown with a reasonable timeout
+TimeoutStopSec=5s
+
+LimitNOFILE=1048576
+LimitNPROC=512
+
+# Hardening options
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+DevicePolicy=closed
+LockPersonality=true
+MemoryAccounting=true
+MemoryDenyWriteExecute=true
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateTmp=true
+ProcSubset=pid
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectProc=invisible
+ProtectSystem=strict
+RemoveIPC=true
+ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+
+[Install]
+WantedBy=multi-user.target
Deleted: caddy.service
===================================================================
--- caddy.service	2022-07-16 20:03:45 UTC (rev 1254259)
+++ caddy.service	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,71 +0,0 @@
-# caddy.service
-#
-# For using Caddy with a config file.
-#
-# Make sure the ExecStart and ExecReload commands are correct
-# for your installation.
-#
-# See https://caddyserver.com/docs/install for instructions.
-#
-# WARNING: This service does not use the --resume flag, so if you
-# use the API to make changes, they will be overwritten by the
-# Caddyfile next time the service is restarted. If you intend to
-# use Caddy's API to configure it, add the --resume flag to the
-# `caddy run` command or use the caddy-api.service file instead.
-
-[Unit]
-Description=Caddy web server
-Documentation=https://caddyserver.com/docs/
-After=network-online.target
-Wants=network-online.target systemd-networkd-wait-online.service
-StartLimitIntervalSec=14400
-StartLimitBurst=10
-
-[Service]
-User=caddy
-Group=caddy
-Environment=XDG_DATA_HOME=/var/lib
-Environment=XDG_CONFIG_HOME=/etc
-ExecStartPre=/usr/bin/caddy validate --config /etc/caddy/Caddyfile
-ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
-ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
-ExecStopPost=/usr/bin/rm -f /run/caddy/admin.socket
-
-# Do not allow the process to be restarted in a tight loop. If the
-# process fails to start, something critical needs to be fixed.
-Restart=on-abnormal
-
-# Use graceful shutdown with a reasonable timeout
-TimeoutStopSec=5s
-
-LimitNOFILE=1048576
-LimitNPROC=512
-
-# Hardening options
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-DevicePolicy=closed
-LockPersonality=true
-MemoryAccounting=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-PrivateDevices=true
-PrivateTmp=true
-ProcSubset=pid
-ProtectClock=true
-ProtectControlGroups=true
-ProtectHome=true
-ProtectHostname=true
-ProtectKernelLogs=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectProc=invisible
-ProtectSystem=strict
-RemoveIPC=true
-ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy
-RestrictNamespaces=true
-RestrictRealtime=true
-RestrictSUIDSGID=true
-
-[Install]
-WantedBy=multi-user.target
Copied: caddy/repos/community-x86_64/caddy.service (from rev 1254259, caddy/trunk/caddy.service)
===================================================================
--- caddy.service	                        (rev 0)
+++ caddy.service	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,71 @@
+# caddy.service
+#
+# For using Caddy with a config file.
+#
+# Make sure the ExecStart and ExecReload commands are correct
+# for your installation.
+#
+# See https://caddyserver.com/docs/install for instructions.
+#
+# WARNING: This service does not use the --resume flag, so if you
+# use the API to make changes, they will be overwritten by the
+# Caddyfile next time the service is restarted. If you intend to
+# use Caddy's API to configure it, add the --resume flag to the
+# `caddy run` command or use the caddy-api.service file instead.
+
+[Unit]
+Description=Caddy web server
+Documentation=https://caddyserver.com/docs/
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+StartLimitIntervalSec=14400
+StartLimitBurst=10
+
+[Service]
+User=caddy
+Group=caddy
+Environment=XDG_DATA_HOME=/var/lib
+Environment=XDG_CONFIG_HOME=/etc
+ExecStartPre=/usr/bin/caddy validate --config /etc/caddy/Caddyfile
+ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
+ExecStopPost=/usr/bin/rm -f /run/caddy/admin.socket
+
+# Do not allow the process to be restarted in a tight loop. If the
+# process fails to start, something critical needs to be fixed.
+Restart=on-abnormal
+
+# Use graceful shutdown with a reasonable timeout
+TimeoutStopSec=5s
+
+LimitNOFILE=1048576
+LimitNPROC=512
+
+# Hardening options
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+DevicePolicy=closed
+LockPersonality=true
+MemoryAccounting=true
+MemoryDenyWriteExecute=true
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateTmp=true
+ProcSubset=pid
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectProc=invisible
+ProtectSystem=strict
+RemoveIPC=true
+ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+
+[Install]
+WantedBy=multi-user.target
Deleted: caddy.sysusers
===================================================================
--- caddy.sysusers	2022-07-16 20:03:45 UTC (rev 1254259)
+++ caddy.sysusers	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1 +0,0 @@
-u caddy - "caddy daemon" /var/lib/caddy
Copied: caddy/repos/community-x86_64/caddy.sysusers (from rev 1254259, caddy/trunk/caddy.sysusers)
===================================================================
--- caddy.sysusers	                        (rev 0)
+++ caddy.sysusers	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1 @@
+u caddy - "caddy daemon" /var/lib/caddy
Deleted: caddy.tmpfiles
===================================================================
--- caddy.tmpfiles	2022-07-16 20:03:45 UTC (rev 1254259)
+++ caddy.tmpfiles	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,3 +0,0 @@
-d /var/lib/caddy 0750 caddy caddy
-d /var/log/caddy 0750 caddy caddy
-d /run/caddy 0750 caddy caddy
Copied: caddy/repos/community-x86_64/caddy.tmpfiles (from rev 1254259, caddy/trunk/caddy.tmpfiles)
===================================================================
--- caddy.tmpfiles	                        (rev 0)
+++ caddy.tmpfiles	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,3 @@
+d /var/lib/caddy 0750 caddy caddy
+d /var/log/caddy 0750 caddy caddy
+d /run/caddy 0750 caddy caddy
Deleted: override-main-module-version.patch
===================================================================
--- override-main-module-version.patch	2022-07-16 20:03:45 UTC (rev 1254259)
+++ override-main-module-version.patch	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,28 +0,0 @@
-From 56eacff9fa3a84b19ac9b8bb7072d9b7d96755e7 Mon Sep 17 00:00:00 2001
-From: anthraxx <levente at leventepolyak.net>
-Date: Sat, 13 Feb 2021 04:56:30 +0100
-Subject: [PATCH] override main module version which we can be filled with the
- correct version
-
-Go BuildInfo only works if we build from a module, however we simply
-want to build in tree. Therefor override the main module version with
-something that we can dynamically replace.
----
- caddy.go | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/caddy.go b/caddy.go
-index 70135ffb..04d95716 100644
---- a/caddy.go
-+++ b/caddy.go
-@@ -679,6 +679,7 @@ func goModule(mod *debug.Module) *debug.Module {
- 	mod.Version = "unknown"
- 	bi, ok := debug.ReadBuildInfo()
- 	if ok {
-+		bi.Main.Version = "unknown"
- 		mod.Path = bi.Main.Path
- 		// The recommended way to build Caddy involves
- 		// creating a separate main module, which
--- 
-2.30.0
-
Copied: caddy/repos/community-x86_64/override-main-module-version.patch (from rev 1254259, caddy/trunk/override-main-module-version.patch)
===================================================================
--- override-main-module-version.patch	                        (rev 0)
+++ override-main-module-version.patch	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,28 @@
+From 56eacff9fa3a84b19ac9b8bb7072d9b7d96755e7 Mon Sep 17 00:00:00 2001
+From: anthraxx <levente at leventepolyak.net>
+Date: Sat, 13 Feb 2021 04:56:30 +0100
+Subject: [PATCH] override main module version which we can be filled with the
+ correct version
+
+Go BuildInfo only works if we build from a module, however we simply
+want to build in tree. Therefor override the main module version with
+something that we can dynamically replace.
+---
+ caddy.go | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/caddy.go b/caddy.go
+index 70135ffb..04d95716 100644
+--- a/caddy.go
++++ b/caddy.go
+@@ -679,6 +679,7 @@ func goModule(mod *debug.Module) *debug.Module {
+ 	mod.Version = "unknown"
+ 	bi, ok := debug.ReadBuildInfo()
+ 	if ok {
++		bi.Main.Version = "unknown"
+ 		mod.Path = bi.Main.Path
+ 		// The recommended way to build Caddy involves
+ 		// creating a separate main module, which
+-- 
+2.30.0
+
Deleted: use-data-dir-for-autosave.patch
===================================================================
--- use-data-dir-for-autosave.patch	2022-07-16 20:03:45 UTC (rev 1254259)
+++ use-data-dir-for-autosave.patch	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -1,30 +0,0 @@
-From e3a60a8058d2c75c9bc47f550351d0008aefb314 Mon Sep 17 00:00:00 2001
-From: anthraxx <levente at leventepolyak.net>
-Date: Fri, 12 Feb 2021 19:23:50 +0100
-Subject: [PATCH] storage: use data dir for autosave.json as /etc is write
- protected
-
-This is more a state file instead of a custom file as caddy also
-persists this. We do not want to have any files in /etc being mapped
-writable, not even the /etc/caddy directory, hence move the persisted
-autosave.json state to the actual application data directory.
----
- storage.go | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/storage.go b/storage.go
-index 62f9b1c6..5babea79 100644
---- a/storage.go
-+++ b/storage.go
-@@ -154,7 +154,7 @@ func AppDataDir() string {
- }
- 
- // ConfigAutosavePath is the default path to which the last config will be persisted.
--var ConfigAutosavePath = filepath.Join(AppConfigDir(), "autosave.json")
-+var ConfigAutosavePath = filepath.Join(AppDataDir(), "autosave.json")
- 
- // DefaultStorage is Caddy's default storage module.
- var DefaultStorage = &certmagic.FileStorage{Path: AppDataDir()}
--- 
-2.30.0
-
Copied: caddy/repos/community-x86_64/use-data-dir-for-autosave.patch (from rev 1254259, caddy/trunk/use-data-dir-for-autosave.patch)
===================================================================
--- use-data-dir-for-autosave.patch	                        (rev 0)
+++ use-data-dir-for-autosave.patch	2022-07-16 20:04:00 UTC (rev 1254260)
@@ -0,0 +1,30 @@
+From e3a60a8058d2c75c9bc47f550351d0008aefb314 Mon Sep 17 00:00:00 2001
+From: anthraxx <levente at leventepolyak.net>
+Date: Fri, 12 Feb 2021 19:23:50 +0100
+Subject: [PATCH] storage: use data dir for autosave.json as /etc is write
+ protected
+
+This is more a state file instead of a custom file as caddy also
+persists this. We do not want to have any files in /etc being mapped
+writable, not even the /etc/caddy directory, hence move the persisted
+autosave.json state to the actual application data directory.
+---
+ storage.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/storage.go b/storage.go
+index 62f9b1c6..5babea79 100644
+--- a/storage.go
++++ b/storage.go
+@@ -154,7 +154,7 @@ func AppDataDir() string {
+ }
+ 
+ // ConfigAutosavePath is the default path to which the last config will be persisted.
+-var ConfigAutosavePath = filepath.Join(AppConfigDir(), "autosave.json")
++var ConfigAutosavePath = filepath.Join(AppDataDir(), "autosave.json")
+ 
+ // DefaultStorage is Caddy's default storage module.
+ var DefaultStorage = &certmagic.FileStorage{Path: AppDataDir()}
+-- 
+2.30.0
+
    
    
More information about the arch-commits
mailing list