makedeb
makedeb
Fast web server with automatic HTTPS
Click here to go back to the commit logs for caddy-bin.
Hash: 890b38a67ef462f9a30e663f12153e0db3fe9921
Message: v2.6.4 (bin version)
diff --git a/.SRCINFO b/.SRCINFO
index f7bb606..20667f1 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,36 +1,17 @@
-generated-by = makedeb-makepkg
-
-pkgbase = caddy
- pkgdesc = Fast web server with automatic HTTPS
- pkgver = 2.4.5
- pkgrel = 1
- url = https://caddyserver.com
- arch = x86_64
- license = Apache
- makedepends = gcc
- makedepends = libc-dev
- makedepends = golang-go>=2:1.16~1
- makedepends = git
- depends = libc-bin
- backup = etc/caddy/Caddyfile
- source = git+https://github.com/caddyserver/caddy#tag=v2.4.5?signed
- source = caddy-dist::git+https://github.com/caddyserver/dist#commit=093d76bdd6ecacd8aeb21de3aa0c35b82a0eb064
- source = caddy.service
- source = caddy-api.service
- source = caddy.tmpfiles
- source = caddy.sysusers
- source = Caddyfile
- source = use-data-dir-for-autosave.patch
- source = override-main-module-version.patch
- validpgpkeys = 29D0817A67156E4F25DC24782A349DD577D586A5
- sha512sums = SKIP
- sha512sums = SKIP
- sha512sums = b6f69b9818b1807ebd614f696f39ca2bacc58b748273d1122c2a96641093c2acf9e168ff6a2d5b2e8b2da073993b5245740d77975d4ca823ff0598675a6b7806
- sha512sums = a4d9bbcccf3c6fe9be2b7ba98214d579ecd40991c5cc520ca1d105f307b31622f1c6b5a6cd7a4e8b32ccd2a229ed70115cba9c507baa413803897b7183f9abe0
- sha512sums = 55ee8d3f8b14f9adddc7a1026addcea4f85b4bae4cd512fd4da2a5e8adaae4b6fd0f486d2e3847f75518f4710a897b4fca84e48ee15700b968bad762125c4742
- sha512sums = c893d88fec89e37da6596030c8dce7103e7e575371e8542a24d2a0741e877358d85219f2d8ade9d6aa0f515efe1156a4badd9fef5f65f553a5b0c72330c4728f
- sha512sums = 716da3f4edeb3561243aeaf5c32b01ff7a4ac810b6deba8364fb12a1f71b6a5278c34a97b289bcfdc48784679b942bf780f1f36d416a575791168c94b0d59fe0
- sha512sums = 563d6b45e91fc584fb5a27caaa382f59c140cb0a1b28b8d8faced4f7c7cad86d8671eb6ac10056f41518a842c8f606130d7e0c71df2b731d5eb0b4c868ea5d41
- sha512sums = b06369dd976cfcc9b519782c088efa5fba25db61663112fcc4e20b108d5165cbebcf63b6fe6d1e36119a55271374bac0037a4d07af412241d6a4d2b4f4efda0b
-
+generated-by = makedeb
pkgname = caddy
+pkgbase = caddy
+pkgdesc = Fast web server with automatic HTTPS
+pkgrel = 1
+pkgver = 2.6.4
+url = https://caddyserver.com
+arch = amd64
+backup = /etc/caddy/Caddyfile
+depends = libc-bin
+license = Apache
+source = https://github.com/caddyserver/caddy/releases/download/v2.6.4/caddy_2.6.4_linux_amd64.tar.gz
+source = caddy.service
+source = Caddyfile
+sha512sums = eed413b035ffacedfaf751a8431285c5d9a0a81a2a861444f4b95dd4c7508eabe2f3fcba6c5b8e6c70e30c9351dfa96ba39def47fa0879334d965dae3a869f1a
+sha512sums = 48ce631d19a40a66fdddb5779c909c21ea858e350a45c4459023a957377e2af7712b53bf8ce4f911ff5db1c7e5b3942477fea66f407ad0de1912a9bd8bd954a4
+sha512sums = 64bfcef743eadd1fc1bc49b5e8c9ec91bbb97997a5b903283f6fe54143326758210d43210fda7aef26c7fadacfedd3685c66e179cd90e75a854aca68cfaf01e6
diff --git a/.gitignore b/.gitignore
index c8fdfd4..7bf3fa6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ caddy/
caddy_*.deb
pkg/
src/
+*.tar.gz
diff --git a/Caddyfile b/Caddyfile
index e8dda50..e0cc596 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -10,31 +10,5 @@
#
# https://caddyserver.com/docs/caddyfile/concepts#addresses
-{
- # Restrict the admin interface to a local unix file socket whose directory
- # is restricted to caddy:caddy. By default the TCP socket allows arbitrary
- # modification for any process and user that has access to the local
- # interface. If admin over TCP is turned on one should make sure
- # implications are well understood.
- admin "unix//run/caddy/admin.socket"
-}
-
-http:// {
- # Set this path to your site's directory.
- root * /usr/share/caddy
-
- # Enable the static file server.
- file_server
-
- # Another common task is to set up a reverse proxy:
- # reverse_proxy localhost:8080
-
- # Or serve a PHP site through php-fpm:
- # php_fastcgi localhost:9000
-
- # Refer to the directive documentation for more options.
- # https://caddyserver.com/docs/caddyfile/directives
-}
-
# Import additional caddy config files in /etc/caddy/conf.d/
import /etc/caddy/conf.d/*
diff --git a/PKGBUILD b/PKGBUILD
index e1caee0..54b476b 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,91 +1,27 @@
-# Maintainer: Roland Vet <vet.roland@gmail.com>
+# Maintainer: Jonathan Apodaca <jrapodaca@gmail.com>
-pkgname=caddy
-pkgver=2.4.5
-_gitcommit=v2.4.5
-_distcommit=093d76bdd6ecacd8aeb21de3aa0c35b82a0eb064
+pkgname=caddy-bin
+pkgver=2.6.4
pkgrel=1
pkgdesc='Fast web server with automatic HTTPS'
url='https://caddyserver.com'
-arch=('x86_64')
+arch=('amd64')
license=('Apache')
depends=('libc-bin')
-makedepends=('gcc' 'libc-dev' 'golang-go>=2:1.16~1' 'git')
-backup=('etc/caddy/Caddyfile')
-source=("git+https://github.com/caddyserver/caddy#tag=${_gitcommit}?signed"
- caddy-dist::"git+https://github.com/caddyserver/dist#commit=${_distcommit}"
- caddy.service
- caddy-api.service
- caddy.tmpfiles
- caddy.sysusers
- Caddyfile
- use-data-dir-for-autosave.patch
- override-main-module-version.patch)
-sha512sums=('SKIP'
- 'SKIP'
- 'b6f69b9818b1807ebd614f696f39ca2bacc58b748273d1122c2a96641093c2acf9e168ff6a2d5b2e8b2da073993b5245740d77975d4ca823ff0598675a6b7806'
- 'a4d9bbcccf3c6fe9be2b7ba98214d579ecd40991c5cc520ca1d105f307b31622f1c6b5a6cd7a4e8b32ccd2a229ed70115cba9c507baa413803897b7183f9abe0'
- '55ee8d3f8b14f9adddc7a1026addcea4f85b4bae4cd512fd4da2a5e8adaae4b6fd0f486d2e3847f75518f4710a897b4fca84e48ee15700b968bad762125c4742'
- 'c893d88fec89e37da6596030c8dce7103e7e575371e8542a24d2a0741e877358d85219f2d8ade9d6aa0f515efe1156a4badd9fef5f65f553a5b0c72330c4728f'
- '716da3f4edeb3561243aeaf5c32b01ff7a4ac810b6deba8364fb12a1f71b6a5278c34a97b289bcfdc48784679b942bf780f1f36d416a575791168c94b0d59fe0'
- '563d6b45e91fc584fb5a27caaa382f59c140cb0a1b28b8d8faced4f7c7cad86d8671eb6ac10056f41518a842c8f606130d7e0c71df2b731d5eb0b4c868ea5d41'
- 'b06369dd976cfcc9b519782c088efa5fba25db61663112fcc4e20b108d5165cbebcf63b6fe6d1e36119a55271374bac0037a4d07af412241d6a4d2b4f4efda0b')
-validpgpkeys=(
- 29D0817A67156E4F25DC24782A349DD577D586A5 # Matthew Holt <mholt@users.noreply.github.com>
-)
-
-pkgver() {
- cd ${pkgname}
- git describe --tags --match 'v*' | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
-}
-
-prepare() {
- cd "${pkgname}"
- # welcome page
- cp ../caddy-dist/welcome/index.html .
- sed 's|/var/www/html|/srv/http|g' -i index.html
- # do not write in /etc
- patch -Np1 < "${srcdir}/use-data-dir-for-autosave.patch"
- # fix version identifier if not built from a module
- patch -Np1 < "${srcdir}/override-main-module-version.patch"
- sed 's|"unknown"|"v'"${pkgver}"'"|g' -i caddy.go
-}
-
-build() {
- cd "${pkgname}/cmd/caddy/"
- export CGO_LDFLAGS="${LDFLAGS}"
- export CGO_CPPFLAGS="${CPPFLAGS}"
- export CGO_CFLAGS="${CFLAGS}"
- export CGO_CXXFLAGS="${CXXFLAGS}"
- export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
- go build .
-}
+backup=('/etc/caddy/Caddyfile')
-check() {
- cd "${pkgname}"
- go test ./...
- version=$(./cmd/caddy/caddy version)
- echo "Caddy version: ${version}"
- if [[ $version != v$pkgver ]]; then
- exit 1
- fi
-}
+source=("https://github.com/caddyserver/caddy/releases/download/v${pkgver}/caddy_${pkgver}_linux_amd64.tar.gz"
+ caddy.service
+ Caddyfile)
+sha512sums=('eed413b035ffacedfaf751a8431285c5d9a0a81a2a861444f4b95dd4c7508eabe2f3fcba6c5b8e6c70e30c9351dfa96ba39def47fa0879334d965dae3a869f1a'
+ '48ce631d19a40a66fdddb5779c909c21ea858e350a45c4459023a957377e2af7712b53bf8ce4f911ff5db1c7e5b3942477fea66f407ad0de1912a9bd8bd954a4'
+ '64bfcef743eadd1fc1bc49b5e8c9ec91bbb97997a5b903283f6fe54143326758210d43210fda7aef26c7fadacfedd3685c66e179cd90e75a854aca68cfaf01e6')
+extensions=()
package() {
- cd "${pkgname}"
- install -Dm 755 cmd/caddy/caddy -t "${pkgdir}/usr/bin"
-
- install -Dm 644 "${srcdir}/caddy.service" "${srcdir}/caddy-api.service" -t "${pkgdir}/usr/lib/systemd/system"
- install -Dm 644 "${srcdir}/caddy.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/caddy.conf"
- install -Dm 644 "${srcdir}/caddy.sysusers" "${pkgdir}/usr/lib/sysusers.d/caddy.conf"
-
- install -Dm 644 "${srcdir}/Caddyfile" -t "${pkgdir}/etc/caddy"
- install -d "${pkgdir}/etc/caddy/conf.d"
-
- install -Dm 644 index.html "${pkgdir}/usr/share/caddy/index.html"
-
- install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/_caddy" -t "${pkgdir}/usr/share/zsh/site-functions"
- install -Dm 644 "${srcdir}/caddy-dist/scripts/completions/bash-completion" "${pkgdir}/usr/share/bash-completion/completions/caddy"
+ install -Dm755 "${srcdir}/caddy" "${pkgdir}/usr/bin/caddy"
+ install -Dm644 "${srcdir}/Caddyfile" "${pkgdir}/etc/caddy/Caddyfile"
+ install -Dm644 "${srcdir}/caddy.service" "${pkgdir}/usr/lib/systemd/system/caddy.service"
}
# vim: ts=2 sw=2 et:
diff --git a/caddy.service b/caddy.service
index 96259b4..80f0492 100644
--- a/caddy.service
+++ b/caddy.service
@@ -22,8 +22,6 @@ StartLimitIntervalSec=14400
StartLimitBurst=10
[Service]
-User=caddy
-Group=caddy
Environment=XDG_DATA_HOME=/var/lib
Environment=XDG_CONFIG_HOME=/etc
ExecStartPre=/usr/bin/caddy validate --config /etc/caddy/Caddyfile
@@ -38,34 +36,5 @@ Restart=on-abnormal
# Use graceful shutdown with a reasonable timeout
TimeoutStopSec=5s
-LimitNOFILE=1048576
-LimitNPROC=512
-
-# Hardening options
-AmbientCapabilities=CAP_NET_BIND_SERVICE
-CapabilityBoundingSet=CAP_NET_BIND_SERVICE
-DevicePolicy=closed
-LockPersonality=true
-MemoryAccounting=true
-MemoryDenyWriteExecute=true
-NoNewPrivileges=true
-PrivateDevices=true
-PrivateTmp=true
-ProcSubset=pid
-ProtectClock=true
-ProtectControlGroups=true
-ProtectHome=true
-ProtectHostname=true
-ProtectKernelLogs=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectProc=invisible
-ProtectSystem=strict
-RemoveIPC=true
-ReadWritePaths=/var/lib/caddy /var/log/caddy /run/caddy
-RestrictNamespaces=true
-RestrictRealtime=true
-RestrictSUIDSGID=true
-
[Install]
WantedBy=multi-user.target
diff --git a/caddy.sysusers b/caddy.sysusers
deleted file mode 100644
index 6fb5633..0000000
--- a/caddy.sysusers
+++ /dev/null
@@ -1 +0,0 @@
-u caddy - "caddy daemon" /var/lib/caddy
diff --git a/caddy.tmpfiles b/caddy.tmpfiles
deleted file mode 100644
index 25f170f..0000000
--- a/caddy.tmpfiles
+++ /dev/null
@@ -1,3 +0,0 @@
-d /var/lib/caddy 0750 caddy caddy
-d /var/log/caddy 0750 caddy caddy
-d /run/caddy 0750 caddy caddy
diff --git a/override-main-module-version.patch b/override-main-module-version.patch
deleted file mode 100644
index d64eea2..0000000
--- a/override-main-module-version.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 56eacff9fa3a84b19ac9b8bb7072d9b7d96755e7 Mon Sep 17 00:00:00 2001
-From: anthraxx <levente@leventepolyak.net>
-Date: Sat, 13 Feb 2021 04:56:30 +0100
-Subject: [PATCH] override main module version which we can be filled with the
- correct version
-
-Go BuildInfo only works if we build from a module, however we simply
-want to build in tree. Therefor override the main module version with
-something that we can dynamically replace.
----
- caddy.go | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/caddy.go b/caddy.go
-index 70135ffb..04d95716 100644
---- a/caddy.go
-+++ b/caddy.go
-@@ -679,6 +679,7 @@ func goModule(mod *debug.Module) *debug.Module {
- mod.Version = "unknown"
- bi, ok := debug.ReadBuildInfo()
- if ok {
-+ bi.Main.Version = "unknown"
- mod.Path = bi.Main.Path
- // The recommended way to build Caddy involves
- // creating a separate main module, which
---
-2.30.0
-
diff --git a/use-data-dir-for-autosave.patch b/use-data-dir-for-autosave.patch
deleted file mode 100644
index 5958167..0000000
--- a/use-data-dir-for-autosave.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From e3a60a8058d2c75c9bc47f550351d0008aefb314 Mon Sep 17 00:00:00 2001
-From: anthraxx <levente@leventepolyak.net>
-Date: Fri, 12 Feb 2021 19:23:50 +0100
-Subject: [PATCH] storage: use data dir for autosave.json as /etc is write
- protected
-
-This is more a state file instead of a custom file as caddy also
-persists this. We do not want to have any files in /etc being mapped
-writable, not even the /etc/caddy directory, hence move the persisted
-autosave.json state to the actual application data directory.
----
- storage.go | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/storage.go b/storage.go
-index 62f9b1c6..5babea79 100644
---- a/storage.go
-+++ b/storage.go
-@@ -154,7 +154,7 @@ func AppDataDir() string {
- }
-
- // ConfigAutosavePath is the default path to which the last config will be persisted.
--var ConfigAutosavePath = filepath.Join(AppConfigDir(), "autosave.json")
-+var ConfigAutosavePath = filepath.Join(AppDataDir(), "autosave.json")
-
- // DefaultStorage is Caddy's default storage module.
- var DefaultStorage = &certmagic.FileStorage{Path: AppDataDir()}
---
-2.30.0
-