Skip to content

Instantly share code, notes, and snippets.

@kennwhite
Last active June 21, 2021 07:32
Show Gist options
  • Save kennwhite/bcb9e7a5726a74102cc8cae57003e9f4 to your computer and use it in GitHub Desktop.
Save kennwhite/bcb9e7a5726a74102cc8cae57003e9f4 to your computer and use it in GitHub Desktop.
Run caddy server as unprivileged user, includes Hugo option
#!/bin/bash
# *As root*
cd ~
killall caddy
rm -rf ~/caddy
mkdir caddy && cd caddy
curl -SL 'https://caddyserver.com/download/build?os=linux&arch=amd64&features=hugo' > caddy.tgz
tar xzf caddy.tgz
ulimit -n 4096
userdel -rf caddy
useradd -m -s /sbin/nologin caddy
chown root:root ./caddy
chmod 755 ./caddy
rm -f /usr/local/bin/caddy
cp -p ./caddy /usr/local/bin/caddy
# Must be reapplied if this file is moved or altered (you're welcome)
setcap cap_net_bind_service=+ep /usr/local/bin/caddy
ls -lh /usr/local/bin
# Note admin login is: hugoadmin/retoast-teamwork
echo -e "localdev:80\nroot /home/caddy\nbasicauth /admin hugoadmin retoast-teamwork\nhugo" > /home/caddy/Caddyfile
echo 'Hello world' > /home/caddy/index.html
chown caddy:caddy /home/caddy/*
rm -f /root/caddy/caddy.log
# To run in foreground
# cd /home/caddy && sudo -u caddy /usr/local/bin/caddy |& tee -a /root/caddy/caddy.log
# To run in background:
( cd /home/caddy && sudo -u caddy /usr/local/bin/caddy > /root/caddy/caddy.log 2>&1 & )
sleep 3
ps -ef | grep caddy | grep -v grep
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment