mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-30 22:34:15 -05:00
53ae9b8521
The previous setting caused the service to hit a rate-limit when it was
restarted more than 5 times in 24h.
Editing the Caddyfile and restarting the service could also easily
trigger this rate limit.
One could argue that users could simply call `systemctl reset-failed
caddy` to reset the rate-limit counter, but this is counterintuitive
because most users won't know this command and are possibly unaware that
they had hit a rate-limit.
The service is now allowed to restart 10 times in 10 seconds before
hitting a rate limit.
This should be conservative enough to rate limit quickly failing
services and to allow users to edit and test their caddy configuration.
This closes #1718
Remove restart limit settings and use defaults
By default 5 restarts within 10 seconds are allowed without
encountering a restart limit hit, see `man systemd.unit` for details.
Set Restart to on-abnormal
The table in https://www.freedesktop.org/software/systemd/man/systemd.service.html#Restart=
shows the conditions for which on-abnormal would restart the service.
It will *not* restart the service in the following cases:
- a non-zero exit status, e.g. an invalid Caddyfile
- a zero exit code (or those specified in SuccessExitStatus=) and a clean signal
clean signals are SIGHUP, SIGINT, SIGTERM or SIGPIPE
3536f49e8f/src/basic/exit-status.c (L205)
The service *will be restarted* in the following cases:
- a unclean signal, e.g. SIGKILL
- on start and watchdog timeout (we don't use those systemd service
constructs explicitly)
51 lines
1.8 KiB
Desktop File
51 lines
1.8 KiB
Desktop File
[Unit]
|
|
Description=Caddy HTTP/2 web server
|
|
Documentation=https://caddyserver.com/docs
|
|
After=network-online.target
|
|
Wants=network-online.target systemd-networkd-wait-online.service
|
|
|
|
[Service]
|
|
Restart=on-abnormal
|
|
|
|
; User and group the process will run as.
|
|
User=www-data
|
|
Group=www-data
|
|
|
|
; Letsencrypt-issued certificates will be written to this directory.
|
|
Environment=CADDYPATH=/etc/ssl/caddy
|
|
|
|
; Always set "-root" to something safe in case it gets forgotten in the Caddyfile.
|
|
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
|
|
ExecReload=/bin/kill -USR1 $MAINPID
|
|
|
|
; Use graceful shutdown with a reasonable timeout
|
|
KillMode=mixed
|
|
KillSignal=SIGQUIT
|
|
TimeoutStopSec=5s
|
|
|
|
; Limit the number of file descriptors; see `man systemd.exec` for more limit settings.
|
|
LimitNOFILE=1048576
|
|
; Unmodified caddy is not expected to use more than that.
|
|
LimitNPROC=64
|
|
|
|
; Use private /tmp and /var/tmp, which are discarded after caddy stops.
|
|
PrivateTmp=true
|
|
; Use a minimal /dev
|
|
PrivateDevices=true
|
|
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
|
|
ProtectHome=true
|
|
; Make /usr, /boot, /etc and possibly some more folders read-only.
|
|
ProtectSystem=full
|
|
; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
|
|
; This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
|
|
ReadWriteDirectories=/etc/ssl/caddy
|
|
|
|
; The following additional security directives only work with systemd v229 or later.
|
|
; They further retrict privileges that can be gained by caddy. Uncomment if you like.
|
|
; Note that you may have to add capabilities required by any plugins in use.
|
|
;CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
|
;AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
;NoNewPrivileges=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|