I have used Caddy for a while now on FreeBSD. But though it lacks a working init script, I decided to write one on my own. Here’s the result, description below:
Init script
UPDATE 2016/03/20: My FreeBSD init script has made it into the official Caddy repository: https://github.com/mholt/caddy/blob/master/dist/init/freebsd/caddy.
Please take notice, that Caddy currently only runs as root user because it does not support privilege de-escalation yet,
so you might wanna jail your webserver.
#!/bin/sh
#
# PROVIDE: caddy
# REQUIRE: networking
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable caddy:
# caddy_enable (bool): Set to "NO" by default.
# Set it to "YES" to enable caddy
#
# caddy_cert_email (str): Set to "" by default.
# Defines the SSL certificate issuer email. By providing an
# email address you automatically agree to letsencrypt.org's
# general terms and conditions
#
# caddy_bin_path (str): Set to "/usr/local/bin/caddy" by default.
# Provides the path to the caddy server executable
#
# caddy_cpu (str): Set to "99%" by default.
# Configures, how much CPU capacity caddy may gain
#
# caddy_config_path (str): Set to "/usr/local/www/Caddyfile" by default.
# Defines the path for the configuration file caddy will load on boot
#
# caddy_run_user (str): Set to "root" by default.
# Defines the user that caddy will run on
#
. /etc/rc.subr
name="caddy"
rcvar="${name}_enable"
load_rc_config $name
: ${caddy_enable:=no}
: ${caddy_cert_email=""}
: ${caddy_bin_path="/usr/local/bin/caddy"}
: ${caddy_cpu="99%"} # was a bug for me that caused a crash within jails
: ${caddy_config_path="/usr/local/www/Caddyfile"}
: ${caddy_run_user="root"}
if [ "$caddy_cert_email" = "" ]
then
echo "rc variable \$caddy_cert_email is not set. Please provide a valid SSL certificate issuer email."
exit 1
fi
pidfile="/var/run/caddy.pid"
logfile="/var/log/caddy.log"
command="${caddy_bin_path} -log ${logfile} -cpu ${caddy_cpu} -conf ${caddy_config_path} -agree -email ${caddy_cert_email}"
start_cmd="caddy_start"
status_cmd="caddy_status"
stop_cmd="caddy_stop"
caddy_start() {
echo "Starting ${name}..."
/usr/sbin/daemon -u ${caddy_run_user} -c -p ${pidfile} -f ${command}
}
caddy_status() {
if [ -f ${pidfile} ]; then
echo "${name} is running as $(cat $pidfile)."
else
echo "${name} is not running."
return 1
fi
}
caddy_stop() {
if [ ! -f ${pidfile} ]; then
echo "${name} is not running."
return 1
fi
echo -n "Stopping ${name}..."
kill -KILL $(cat $pidfile) 2> /dev/null && echo "stopped"
rm -f ${pidfile}
}
run_rc_command "$1"Configuration
It exposes multiple configuration variables, which may be set in /etc/rc.conf:
caddy_enable: As usual, must be set toYESin order for Caddy to start at boot timecaddy_cert_email: HTTPS certificate issuer email address (letsencrypt.org) - the init script automatically sets-agreeso be sure you agree the terms of usage. This information is mandatory.caddy_bin_path: The path to thecaddybinary. Defaults to/usr/local/bin/caddycaddy_cpu: Amount of CPU that Caddy might use. Default is100%but I reset it to99%because otherwise Caddy regularly killed my webserver jailcaddy_config_path: Path to theCaddyfile, defaults to/usr/local/www/Caddyfile
Logfile
The following files are created:
/var/log/caddy.log: Caddy log file/var/run/caddy.pid: Caddy pid file
The init script uses / as the working directory, so certificates go to /.caddy.
Installation
Do the following things as root:
- Download Caddy from http://caddyserver.com/ and copy the binary to
/usr/local/bin/caddy chmod +xit- Copy the init script from above to
/usr/local/etc/rc.d/caddyandchmod +xit - run
sysrc caddy_enable=YES - run
sysrc cadddy_cert_email='youremailaddress' - Place a
Caddyfilein/usr/local/www/(docs: https://caddyserver.com/docs/caddyfile) - run
service caddy start