Assuming your user is in the wheel
group already.
su - root -c "pkg install doas"
su - root -c "echo permit nopass :wheel > /usr/local/etc/doas.conf"
doas pkg install go dsbwrtsysctl
Execute the following commands in the directory where you downloaded the caddy_custom.go
file from this gist to.
export GO111MODULE=on
go mod init caddy
go get github.com/mholt/caddy@v1.0.0
go get github.com/caddyserver/dnsproviders@v0.1.4
go get github.com/epicagency/caddy-expires@v1.1.0
go build
doas cp caddy /usr/local/bin/
doas mkdir /.caddy
doas chown www-data:www /.caddy/
doas mkdir /var/www
doas chown $( id -un ):$( id -g -nr ) /var/www
doas cp Caddyfile /var/www
doas sysrc caddy_cert_email=replace_me@example.com
doas sysrc caddy_env="CLOUDFLARE_EMAIL=replace_me@example.com CLOUDFLARE_API_KEY=xxx"
doas sysrc kld_list+="mac_portacl"
doas kldload mac_portacl
doas dsbwrtsysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443
doas dsbwrtsysctl net.inet.ip.portrange.reservedhigh=0
doas service sysctl restart
doas cp caddy_init /usr/local/etc/rc.d/caddy
doas chmod 555 /usr/local/etc./rc.d/caddy
doas sysrc caddy_enable=YES
doas service caddy start
doas service caddy status