Update to caddy2

2020-05-19 21:26:04 +02:00 · 2020-05-19 21:26:04 +02:00 · 2008bd12ae
commit 2008bd12ae
parent 7a35f631f2
6 changed files with 28 additions and 51 deletions
--- a/templates/caddy.service.j2
+++ b/templates/caddy.service.j2
@ -8,8 +8,8 @@ After=network.target
 WorkingDirectory={{ caddy_home }}
 User=caddy
 LimitNOFILE=8192
-ExecStart=/usr/bin/caddy -agree=true -email={{ caddy_email }} -conf=/etc/caddy/Caddyfile
-ExecReload=/bin/kill -USR1 $MAINPID
+ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
 Restart=on-failure
 StartLimitInterval=600
 TimeoutStopSec=5s
--- a/templates/http.caddy.j2
+++ b/templates/http.caddy.j2
@ -1,43 +1,28 @@
-{% if test_https %}
 {{ test_url }} {
-{% else %}
-http://{{ test_url }}
-{% endif %}

-    {% if test_https %}
-    header / {
-        # Enable HTTP Strict Transport Security (HSTS) to force clients to always
-        # connect via HTTPS (do not use if only testing)
-        Strict-Transport-Security "max-age=31536000;"
-        # Enable cross-site filter (XSS) and tell browser to block detected attacks
-        X-XSS-Protection "1; mode=block"
-        # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
-        X-Content-Type-Options "nosniff"
-        # Disallow the site to be rendered within a frame (clickjacking protection)
-        X-Frame-Options "DENY"
-    }
+    {% if test_acme %}
+header / {
+    # Enable HTTP Strict Transport Security (HSTS) to force clients to always
+    # connect via HTTPS (do not use if only testing)
+    Strict-Transport-Security "max-age=31536000;"
+    # Enable cross-site filter (XSS) and tell browser to block detected attacks
+    X-XSS-Protection "1; mode=block"
+    # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
+    X-Content-Type-Options "nosniff"
+    # Disallow the site to be rendered within a frame (clickjacking protection)
+    X-Frame-Options "DENY"
+}
    {% else %}
-    tls off
+tls internal
    {% endif %}

-    log {{ caddy_logs }}/{{ test_name }}/access.log {
-        rotate_size  100
-        rotate_age   30
-        rotate_keep  10
+    log  {
+        output file {{ caddy_logs }}/{{ test_name }}/vhost.log
    }

-    errors {{ caddy_logs }}/{{ test_name }}/errors.log {
-        rotate_size  100
-        rotate_age   30
-        rotate_keep  10
-    }
-
-    root {{ test_code }}/
-
-    gzip {
-        ext .jpg
-        level 9
-    }
+    root * {{ test_code }}
+    file_server
+    encode zstd gzip

 }