第一次：为naive添加守护进程

必须用指定的一键部署naive脚本，才能创建守护进程
2023-01-12 22:41:19 +08:00 · 2023-01-12 22:41:19 +08:00 · 20298f8692
parent b95f4f85ab
commit 20298f8692
1 changed files with 28 additions and 0 deletions
--- a/caddy_daemon.sh
+++ b/caddy_daemon.sh
@ -0,0 +1,28 @@
+groupadd --system caddy && useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin --comment "Caddy web server" caddy
+
+cat > /etc/systemd/system/naiveCaddy.service <<EOF
+[Unit]
+Description=Caddy with Naive
+Documentation=https://caddyserver.com/docs/
+After=network.target network-online.target
+Requires=network-online.target
+
+[Service]
+User=caddy
+Group=caddy
+ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl daemon-reload
+systemctl enable --now naiveCaddy
+ss -tulpn | grep caddy