49 lines
1.3 KiB
Bash
49 lines
1.3 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail;
|
|
|
|
source "$HL_LIB";
|
|
|
|
_assert_vars HL_HETZNER_SECRET HL_DOMAIN;
|
|
|
|
_ch_001-download_binary() {
|
|
sudo curl -L "https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddy-dns%2Fhetzner&idempotency=76765041209660" -o /usr/bin/caddy;
|
|
sudo chmod +x /usr/bin/caddy;
|
|
}
|
|
|
|
# fill and copy config
|
|
_ch_002-add_config() {
|
|
sudo mkdir -p /etc/caddy/conf.d;
|
|
sudo cp $(_fill Caddyfile.templ) /etc/caddy/Caddyfile;
|
|
sudo chmod a+rx /etc/caddy;
|
|
sudo chgrp $USER /etc/caddy/Caddyfile;
|
|
sudo chmod a+r,g+w /etc/caddy/Caddyfile;
|
|
sudo chgrp $USER /etc/caddy/conf.d;
|
|
sudo chmod a+rx,g+w /etc/caddy/conf.d;
|
|
}
|
|
|
|
# create data folder with correct perms
|
|
_ch_003-create_user() {
|
|
sudo groupadd --system caddy;
|
|
sudo useradd --system \
|
|
--gid caddy \
|
|
--create-home \
|
|
--home-dir /var/lib/caddy \
|
|
--shell /usr/sbin/nologin \
|
|
--comment "Caddy web server" \
|
|
caddy;
|
|
}
|
|
|
|
_ch_004-create_service() {
|
|
sudo cp caddy.service /etc/systemd/system/caddy.service;
|
|
sudo systemctl daemon-reload;
|
|
sudo systemctl enable --now caddy;
|
|
}
|
|
|
|
_ch_005-allow_firewall() {
|
|
if command -v ufw &> /dev/null; then
|
|
sudo ufw allow 80;
|
|
sudo ufw allow 443;
|
|
fi;
|
|
}
|
|
|
|
_run_checkpoints;
|