55 lines
1.4 KiB
Bash
55 lines
1.4 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail;
|
|
|
|
source "$HL_LIB";
|
|
|
|
_assert_vars HL_HETZNER_SECRET HL_DOMAIN;
|
|
|
|
_ch_001-download_binary() {
|
|
sudo curl -L "https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddy-dns%2Fhetzner&idempotency=76765041209660" -o /usr/bin/caddy;
|
|
sudo chmod +x /usr/bin/caddy;
|
|
}
|
|
|
|
# create data folder with correct perms
|
|
_ch_002-create_user() {
|
|
sudo groupadd --system caddy;
|
|
sudo useradd --system \
|
|
--gid caddy \
|
|
--create-home \
|
|
--home-dir /var/lib/caddy \
|
|
--shell /usr/sbin/nologin \
|
|
--comment "Caddy web server" \
|
|
caddy;
|
|
}
|
|
|
|
# fill and copy default config
|
|
_ch_003-add_config() {
|
|
# create configuration directories and make sure
|
|
# only caddy and we have access to them
|
|
sudo mkdir -p /etc/caddy/conf.d;
|
|
sudo chown -R $USER:caddy /etc/caddy;
|
|
chmod g+s a-rwx /etc/caddy /etc/caddy/conf.d;
|
|
|
|
cp $(_fill Caddyfile.templ) /etc/caddy/Caddyfile;
|
|
}
|
|
|
|
_ch_004-add_default_landing_page() {
|
|
sudo mkdir -p /var/www;
|
|
sudo cp index.html /var/www;
|
|
cp landing.Caddyfile /etc/caddy/conf.d;
|
|
}
|
|
|
|
_ch_005-create_service() {
|
|
sudo cp $(_fill caddy.service.templ) /etc/systemd/system/caddy.service;
|
|
sudo systemctl daemon-reload;
|
|
sudo systemctl enable --now caddy;
|
|
}
|
|
|
|
_ch_006-allow_firewall() {
|
|
if command -v ufw &> /dev/null; then
|
|
sudo ufw allow 80;
|
|
sudo ufw allow 443;
|
|
fi;
|
|
}
|
|
|
|
_run_checkpoints;
|