45 lines
1.1 KiB
SYSTEMD
45 lines
1.1 KiB
SYSTEMD
|
[Unit]
|
||
|
Description=Caddy HTTP/2 web server
|
||
|
Documentation=https://caddyserver.com/docs
|
||
|
After=network-online.target
|
||
|
Wants=network-online.target
|
||
|
|
||
|
[Service]
|
||
|
Restart=on-abnormal
|
||
|
|
||
|
User=www-data
|
||
|
Group=www-data
|
||
|
Environment=CADDYPATH=/etc/ssl/caddy
|
||
|
|
||
|
PIDFile=/run/caddy.pid
|
||
|
ExecStart=/usr/local/bin/caddy -log stdout -agree -email=code@jannikbeyerstedt.de -conf=/etc/caddy/Caddyfile -root=/var/tmp
|
||
|
ExecReload=/bin/kill -USR1 $MAINPID
|
||
|
|
||
|
KillMode=mixed
|
||
|
KillSignal=SIGQUIT
|
||
|
TimeoutStopSec=5s
|
||
|
|
||
|
LimitNOFILE=8192
|
||
|
LimitNPROC=64
|
||
|
|
||
|
StartLimitInterval=600
|
||
|
;StartLimitBurst=5
|
||
|
RestartSec=60
|
||
|
PermissionsStartOnly=true
|
||
|
|
||
|
PrivateTmp=true
|
||
|
;PrivateDevices=true
|
||
|
;ProtectHome=true
|
||
|
;ProtectSystem=full
|
||
|
ReadWriteDirectories=/etc/ssl/caddy
|
||
|
|
||
|
; The following additional security directives only work with systemd v229 or later.
|
||
|
; They further restrict privileges that can be gained by caddy.
|
||
|
; Note that you may have to add capabilities required by any plugins in use.
|
||
|
;CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||
|
;AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||
|
;NoNewPrivileges=true
|
||
|
|
||
|
[Install]
|
||
|
WantedBy=multi-user.target
|