The previous setting caused the service to hit a rate-limit when it was
restarted more than 5 times in 24h.
Editing the Caddyfile and restarting the service could also easily
trigger this rate limit.
One could argue that users could simply call `systemctl reset-failed
caddy` to reset the rate-limit counter, but this is counterintuitive
because most users won't know this command and are possibly unaware that
they had hit a rate-limit.
The service is now allowed to restart 10 times in 10 seconds before
hitting a rate limit.
This should be conservative enough to rate limit quickly failing
services and to allow users to edit and test their caddy configuration.
This closes#1718
Remove restart limit settings and use defaults
By default 5 restarts within 10 seconds are allowed without
encountering a restart limit hit, see `man systemd.unit` for details.
Set Restart to on-abnormal
The table in https://www.freedesktop.org/software/systemd/man/systemd.service.html#Restart=
shows the conditions for which on-abnormal would restart the service.
It will *not* restart the service in the following cases:
- a non-zero exit status, e.g. an invalid Caddyfile
- a zero exit code (or those specified in SuccessExitStatus=) and a clean signal
clean signals are SIGHUP, SIGINT, SIGTERM or SIGPIPE
3536f49e8f/src/basic/exit-status.c (L205)
The service *will be restarted* in the following cases:
- a unclean signal, e.g. SIGKILL
- on start and watchdog timeout (we don't use those systemd service
constructs explicitly)
* INIT-systemd use CADDYPATH instatt of HOME
* INIT-upstart use CADDYPATH instatt of HOME
* INIT-upstart use CADDYPATH instatt of HOME
* INIT-upstart use CADDYPATH instatt of HOME
* Remove unnecessary config options from systemd service so it will work with earlier versions of systemd. Simplify the systemd service instructions and make them more complete.
* Minor systemd README improvements.
* Add back some of the optional systemd 229 stuff but commented out for compat.
* A bunch of updates to the README for linux systemd.
The exemplary unit file for systemd is intentionally redundant at times, for
example dropping privileges which an unprivileged user "www-data" did not have
in the first place: To aid as fallback in case the file gets copied and an
operator setting UID to 0 (which reportedly happened in the past).
Unlike network.target the network-online.target guarantees that the network
devices are online.
If you bind to 0.0.0.0, [::], [::1], and/or 127.0.0.1 only that is enough to
proceed. But in case a particular IP is needed, like ${COREOS_PUBLIC_IPV4},
we require any IP assignments to have completed before Caddy's start. That
is achieved by depending on systemd-networkd-wait-online.service (which is
scheduled before network-online.target, then, automatically).
Add systemd service file for caddy
Add some README with basic setup instructions
Explain how to view the service configuration
Add a note about permissions
Add a comment about run user and group
service->service unit
A systemd service can consist of different units. A unit configuration
file has the `.service` file ending which is a bit confusing, so please
be considerate if I'm confusing `service` and `unit` in the README
Fix typos/reword
Add contact information
