2019-10-06 20:55:56 +00:00
|
|
|
[Unit]
|
|
|
|
|
Description=Caddy HTTP/2 web server
|
|
|
|
|
Documentation=https://caddyserver.com/docs
|
|
|
|
|
After=network-online.target
|
|
|
|
|
Wants=network-online.target
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
|
Restart=on-abnormal
|
|
|
|
|
|
|
|
|
|
User=www-data
|
|
|
|
|
Group=www-data
|
|
|
|
|
Environment=CADDYPATH=/etc/ssl/caddy
|
|
|
|
|
|
|
|
|
|
PIDFile=/run/caddy.pid
|
2019-11-12 20:06:04 +00:00
|
|
|
ExecStart=/usr/local/bin/caddy -log stdout -agree -email={{ caddy_email }} -conf=/etc/caddy/Caddyfile -root=/var/tmp
|
2019-10-06 20:55:56 +00:00
|
|
|
ExecReload=/bin/kill -USR1 $MAINPID
|
|
|
|
|
|
|
|
|
|
KillMode=mixed
|
|
|
|
|
KillSignal=SIGQUIT
|
|
|
|
|
TimeoutStopSec=5s
|
|
|
|
|
|
|
|
|
|
LimitNOFILE=8192
|
|
|
|
|
LimitNPROC=64
|
|
|
|
|
|
|
|
|
|
StartLimitInterval=600
|
|
|
|
|
;StartLimitBurst=5
|
|
|
|
|
RestartSec=60
|
|
|
|
|
PermissionsStartOnly=true
|
|
|
|
|
|
|
|
|
|
PrivateTmp=true
|
|
|
|
|
;PrivateDevices=true
|
|
|
|
|
;ProtectHome=true
|
|
|
|
|
;ProtectSystem=full
|
|
|
|
|
ReadWriteDirectories=/etc/ssl/caddy
|
|
|
|
|
|
|
|
|
|
; The following additional security directives only work with systemd v229 or later.
|
|
|
|
|
; They further restrict privileges that can be gained by caddy.
|
|
|
|
|
; Note that you may have to add capabilities required by any plugins in use.
|
|
|
|
|
;CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
|
|
|
|
;AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
|
|
|
;NoNewPrivileges=true
|
|
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
|
WantedBy=multi-user.target
|
