Skip to content

Instantly share code, notes, and snippets.

@pgporada

pgporada/caddy.sh

Forked from totoCZ/caddy.sh
Created December 11, 2017 04:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save pgporada/121123456f1df66f6135c528fe131bfe to your computer and use it in GitHub Desktop.
Save pgporada/121123456f1df66f6135c528fe131bfe to your computer and use it in GitHub Desktop.
Download ZIP
caddy for SELinux
Raw
caddy.sh
setcap cap_net_bind_service=+ep /usr/local/bin/caddy
nano /etc/systemd/system/caddy.service
semanage fcontext -a -t httpd_exec_t /usr/local/bin/caddy
restorecon /usr/local/bin/caddy
chown www-data:www-data /etc/ssl/caddy/
semanage fcontext -a -t httpd_sys_rw_content_t /etc/ssl/caddy
restorecon /etc/ssl/caddy
chown www-data:www-data /var/log/caddy/
semanage fcontext -a -t httpd_log_t "/var/log/caddy(/.*)?"
chcon system_u:object_r:httpd_log_t:s0 /var/log/caddy
semanage port -a -t http_port_t -p tcp 5033
setsebool -P httpd_can_network_connect 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment