diff --git a/0001-Disable-commands-that-can-alter-the-binary.patch b/0001-Disable-commands-that-can-alter-the-binary.patch index 3b48ffb..73a53c8 100644 --- a/0001-Disable-commands-that-can-alter-the-binary.patch +++ b/0001-Disable-commands-that-can-alter-the-binary.patch @@ -1,49 +1,48 @@ -From 7bf03a1414b1ebc1a9ef573369fe8e7ee9956a33 Mon Sep 17 00:00:00 2001 +From 41711beb6776923a84c06fad76964e5932333bd7 Mon Sep 17 00:00:00 2001 From: Carl George Date: Wed, 16 Feb 2022 11:45:03 -0600 Subject: [PATCH] Disable commands that can alter the binary --- - cmd/commands.go | 48 ------------------------------------------------ - 1 file changed, 48 deletions(-) + cmd/commands.go | 45 -------------------------------------------- + cmd/commands_test.go | 8 ++++---- + 2 files changed, 4 insertions(+), 49 deletions(-) diff --git a/cmd/commands.go b/cmd/commands.go -index 1e2c40de..cc091bce 100644 +index c9ea636b..791ddf6d 100644 --- a/cmd/commands.go +++ b/cmd/commands.go -@@ -289,54 +289,6 @@ is always printed to stdout.`, - }(), +@@ -404,51 +404,6 @@ is always printed to stdout. + }, }) - RegisterCommand(Command{ - Name: "upgrade", -- Func: cmdUpgrade, - Short: "Upgrade Caddy (EXPERIMENTAL)", - Long: ` -Downloads an updated Caddy binary with the same modules/plugins at the --latest versions. EXPERIMENTAL: May be changed or removed.`, -- Flags: func() *flag.FlagSet { -- fs := flag.NewFlagSet("upgrade", flag.ExitOnError) -- fs.Bool("keep-backup", false, "Keep the backed up binary, instead of deleting it") -- return fs -- }(), +-latest versions. EXPERIMENTAL: May be changed or removed. +-`, +- CobraFunc: func(cmd *cobra.Command) { +- cmd.Flags().BoolP("keep-backup", "k", false, "Keep the backed up binary, instead of deleting it") +- cmd.RunE = WrapCommandFuncForCobra(cmdUpgrade) +- }, - }) - - RegisterCommand(Command{ - Name: "add-package", -- Func: cmdAddPackage, -- Usage: "", +- Usage: "", - Short: "Adds Caddy packages (EXPERIMENTAL)", - Long: ` -Downloads an updated Caddy binary with the specified packages (module/plugin) --added. Retains existing packages. Returns an error if the any of packages are --already included. EXPERIMENTAL: May be changed or removed. +-added, with an optional version specified (e.g., "package@version"). Retains +-existing packages. Returns an error if any of the specified packages are already +-included. EXPERIMENTAL: May be changed or removed. -`, -- Flags: func() *flag.FlagSet { -- fs := flag.NewFlagSet("add-package", flag.ExitOnError) -- fs.Bool("keep-backup", false, "Keep the backed up binary, instead of deleting it") -- return fs -- }(), +- CobraFunc: func(cmd *cobra.Command) { +- cmd.Flags().BoolP("keep-backup", "k", false, "Keep the backed up binary, instead of deleting it") +- cmd.RunE = WrapCommandFuncForCobra(cmdAddPackage) +- }, - }) - - RegisterCommand(Command{ @@ -52,20 +51,46 @@ index 1e2c40de..cc091bce 100644 - Usage: "", - Short: "Removes Caddy packages (EXPERIMENTAL)", - Long: ` --Downloads an updated Caddy binaries without the specified packages (module/plugin). --Returns an error if any of the packages are not included. +-Downloads an updated Caddy binaries without the specified packages (module/plugin). +-Returns an error if any of the packages are not included. -EXPERIMENTAL: May be changed or removed. -`, -- Flags: func() *flag.FlagSet { -- fs := flag.NewFlagSet("remove-package", flag.ExitOnError) -- fs.Bool("keep-backup", false, "Keep the backed up binary, instead of deleting it") -- return fs -- }(), +- CobraFunc: func(cmd *cobra.Command) { +- cmd.Flags().BoolP("keep-backup", "k", false, "Keep the backed up binary, instead of deleting it") +- cmd.RunE = WrapCommandFuncForCobra(cmdRemovePackage) +- }, - }) - - } + defaultFactory.Use(func(rootCmd *cobra.Command) { + manpageCommand := Command{ + Name: "manpage", +diff --git a/cmd/commands_test.go b/cmd/commands_test.go +index 085a9d78..f6d01fa3 100644 +--- a/cmd/commands_test.go ++++ b/cmd/commands_test.go +@@ -19,7 +19,7 @@ func TestCommandsAreAvailable(t *testing.T) { + // include the commands registered through calls to init in + // other packages + cmds := Commands() +- if len(cmds) != 17 { ++ if len(cmds) != 14 { + t.Errorf("expected 17 commands, got %d", len(cmds)) + } - // RegisterCommand registers the command cmd. +@@ -27,10 +27,10 @@ func TestCommandsAreAvailable(t *testing.T) { + slices.Sort(commandNames) + + expectedCommandNames := []string{ +- "adapt", "add-package", "build-info", "completion", ++ "adapt", "build-info", "completion", + "environ", "fmt", "list-modules", "manpage", +- "reload", "remove-package", "run", "start", +- "stop", "storage", "upgrade", "validate", "version", ++ "reload", "run", "start", ++ "stop", "storage", "validate", "version", + } + + if !reflect.DeepEqual(expectedCommandNames, commandNames) { -- -2.35.1 +2.50.1 diff --git a/bash-completion b/bash-completion deleted file mode 100644 index 1da7f36..0000000 --- a/bash-completion +++ /dev/null @@ -1,1210 +0,0 @@ -#!/usr/bin/env bash - -# helper method -declare -f _contains_element > /dev/null || _contains_element() { - local e match="$1" - shift - for e; do [[ "$e" == "$match" ]] && return 0; done - return 1 -} - -_caddy_completions() -{ - # get current word, words array, current word index, and previous word, ignoring ":" as a wordbreak - local cur cword words - _get_comp_words_by_ref -n ":" cur words cword prev - - # complete subcommands list - if [ "$cword" -eq "1" ] && [ "adapt build-info environ file-server fmt hash-password help list-modules reload reverse-proxy run start stop trust untrust validate version" != "" ]; then - COMPREPLY=($(compgen -W "adapt build-info environ file-server fmt hash-password help list-modules reload reverse-proxy run start stop trust untrust validate version" -- "$cur")) - __ltrim_colon_completions "$cur" - return - fi - - local subcommand="${words[1]}" - - local args used_flags used_args index - - # register completions for each subcommand - if [ "${subcommand}" == "adapt" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--pretty" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - if [ "${args[0]}" == "--validate" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--adapter" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--config" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--adapter" ]]; then - COMPREPLY=() - if command -v grep > /dev/null && command -v sed > /dev/null && command -v tr > /dev/null; then - COMPREPLY=($(compgen -W "$(caddy list-modules | grep adapters | sed s/caddy.adapters.// | tr ' -' ' ')" -- "$cur")) - fi - return - fi - if [[ "$prev" == "--config" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--pretty" "${used_flags[@]}"; then - completion+=("--pretty") - fi - if ! _contains_element "--validate" "${used_flags[@]}"; then - completion+=("--validate") - fi - if ! _contains_element "--adapter" "${used_flags[@]}"; then - completion+=("--adapter") - fi - if ! _contains_element "--config" "${used_flags[@]}"; then - completion+=("--config") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "build-info" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "environ" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "file-server" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--browse" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - if [ "${args[0]}" == "--templates" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--domain" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--listen" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--root" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--domain" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--listen" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--root" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -d -- "$cur")) - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--browse" "${used_flags[@]}"; then - completion+=("--browse") - fi - if ! _contains_element "--templates" "${used_flags[@]}"; then - completion+=("--templates") - fi - if ! _contains_element "--domain" "${used_flags[@]}"; then - completion+=("--domain") - fi - if ! _contains_element "--listen" "${used_flags[@]}"; then - completion+=("--listen") - fi - if ! _contains_element "--root" "${used_flags[@]}"; then - completion+=("--root") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "fmt" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--overwrite" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--overwrite" "${used_flags[@]}"; then - completion+=("--overwrite") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - if [[ "${#used_args[@]}" -eq "0" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - - return - fi - if [ "${subcommand}" == "hash-password" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [ "${args[0]}" == "--algorithm" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--plaintext" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--salt" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--algorithm" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--plaintext" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--salt" ]]; then - COMPREPLY=() - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--algorithm" "${used_flags[@]}"; then - completion+=("--algorithm") - fi - if ! _contains_element "--plaintext" "${used_flags[@]}"; then - completion+=("--plaintext") - fi - if ! _contains_element "--salt" "${used_flags[@]}"; then - completion+=("--salt") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "help" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - if [[ "${#used_args[@]}" -eq "0" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -W "adapt build-info environ file-server fmt hash-password help list-modules reload reverse-proxy run stop trust untrust validate" -- "$cur")) - return - fi - - return - fi - if [ "${subcommand}" == "list-modules" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--versions" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--versions" "${used_flags[@]}"; then - completion+=("--versions") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "reload" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [ "${args[0]}" == "--adapter" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--config" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--address" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--adapter" ]]; then - COMPREPLY=() - if command -v grep > /dev/null && command -v sed > /dev/null && command -v tr > /dev/null; then - COMPREPLY=($(compgen -W "$(caddy list-modules | grep adapters | sed s/caddy.adapters.// | tr ' -' ' ')" -- "$cur")) - fi - return - fi - if [[ "$prev" == "--config" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - if [[ "$prev" == "--address" ]]; then - COMPREPLY=() - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--adapter" "${used_flags[@]}"; then - completion+=("--adapter") - fi - if ! _contains_element "--config" "${used_flags[@]}"; then - completion+=("--config") - fi - if ! _contains_element "--address" "${used_flags[@]}"; then - completion+=("--address") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "reverse-proxy" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--change-host-header" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--from" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--to" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--from" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--to" ]]; then - COMPREPLY=() - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--change-host-header" "${used_flags[@]}"; then - completion+=("--change-host-header") - fi - if ! _contains_element "--from" "${used_flags[@]}"; then - completion+=("--from") - fi - if ! _contains_element "--to" "${used_flags[@]}"; then - completion+=("--to") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "run" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--environ" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - if [ "${args[0]}" == "--resume" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - if [ "${args[0]}" == "--watch" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--adapter" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--config" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--pingback" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--pidfile" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--adapter" ]]; then - COMPREPLY=() - if command -v grep > /dev/null && command -v sed > /dev/null && command -v tr > /dev/null; then - COMPREPLY=($(compgen -W "$(caddy list-modules | grep adapters | sed s/caddy.adapters.// | tr ' -' ' ')" -- "$cur")) - fi - return - fi - if [[ "$prev" == "--config" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - if [[ "$prev" == "--pingback" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--pidfile" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--environ" "${used_flags[@]}"; then - completion+=("--environ") - fi - if ! _contains_element "--resume" "${used_flags[@]}"; then - completion+=("--resume") - fi - if ! _contains_element "--watch" "${used_flags[@]}"; then - completion+=("--watch") - fi - if ! _contains_element "--adapter" "${used_flags[@]}"; then - completion+=("--adapter") - fi - if ! _contains_element "--config" "${used_flags[@]}"; then - completion+=("--config") - fi - if ! _contains_element "--pingback" "${used_flags[@]}"; then - completion+=("--pingback") - fi - if ! _contains_element "--pidfile" "${used_flags[@]}"; then - completion+=("--pidfile") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "start" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--watch" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - if [ "${args[0]}" == "--adapter" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--config" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--pidfile" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--adapter" ]]; then - COMPREPLY=() - if command -v grep > /dev/null && command -v sed > /dev/null && command -v tr > /dev/null; then - COMPREPLY=($(compgen -W "$(caddy list-modules | grep adapters | sed s/caddy.adapters.// | tr ' -' ' ')" -- "$cur")) - fi - return - fi - if [[ "$prev" == "--config" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - if [[ "$prev" == "--pidfile" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--watch" "${used_flags[@]}"; then - completion+=("--watch") - fi - if ! _contains_element "--adapter" "${used_flags[@]}"; then - completion+=("--adapter") - fi - if ! _contains_element "--config" "${used_flags[@]}"; then - completion+=("--config") - fi - if ! _contains_element "--pidfile" "${used_flags[@]}"; then - completion+=("--pidfile") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "stop" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [ "${args[0]}" == "--address" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--address" ]]; then - COMPREPLY=() - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--address" "${used_flags[@]}"; then - completion+=("--address") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "trust" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "untrust" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [ "${args[0]}" == "--ca" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--cert" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--ca" ]]; then - COMPREPLY=() - return - fi - if [[ "$prev" == "--cert" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--ca" "${used_flags[@]}"; then - completion+=("--ca") - fi - if ! _contains_element "--cert" "${used_flags[@]}"; then - completion+=("--cert") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "validate" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - if [ "${args[0]}" == "--config" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - if [ "${args[0]}" == "--adapter" ]; then - used_flags+=("${args[0]}") - args=("${args[@]:2}") - index=$((index+2)) - continue - fi - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - if [[ "$prev" == "--config" ]]; then - COMPREPLY=() - COMPREPLY=($(compgen -f -- "$cur")) - return - fi - if [[ "$prev" == "--adapter" ]]; then - COMPREPLY=() - if command -v grep > /dev/null && command -v sed > /dev/null && command -v tr > /dev/null; then - COMPREPLY=($(compgen -W "$(caddy list-modules | grep adapters | sed s/caddy.adapters.// | tr ' -' ' ')" -- "$cur")) - fi - return - fi - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - if ! _contains_element "--config" "${used_flags[@]}"; then - completion+=("--config") - fi - if ! _contains_element "--adapter" "${used_flags[@]}"; then - completion+=("--adapter") - fi - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi - if [ "${subcommand}" == "version" ]; then - local args_shift=2 - # get the list of already used flags and args, ignoring the current word - args=("${words[@]:args_shift}") # args without command and subcommand - used_flags=() - used_args=() - index=0 - - while [ "${#args[@]}" -gt 0 ]; do - if [ "${index}" -eq "$((cword-args_shift))" ]; then - # ignore current word - args=("${args[@]:1}") - index=$((index+1)) - continue - fi - - - - if [[ "${args[0]}" != "-"* ]]; then - used_args+=("${args[0]}") - fi - args=("${args[@]:1}") - index=$((index+1)) - done - - - if [[ $cur == -* ]]; then - # flags - completion=() - - if [[ $cur != --* ]]; then - true - fi - - - COMPREPLY=($(compgen -W "${completion[*]}" -- "$cur")) - return - fi - - - return - fi -} - -# register completion -complete -F _caddy_completions caddy - diff --git a/caddy-api.service b/caddy-api.service index 47e6648..255a289 100644 --- a/caddy-api.service +++ b/caddy-api.service @@ -19,11 +19,10 @@ Group=caddy ExecStart=/usr/bin/caddy run --environ --resume TimeoutStopSec=5s LimitNOFILE=1048576 -LimitNPROC=512 PrivateTmp=true ProtectHome=true ProtectSystem=full -AmbientCapabilities=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target diff --git a/caddy.service b/caddy.service index 88843db..c6b6851 100644 --- a/caddy.service +++ b/caddy.service @@ -22,11 +22,10 @@ ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile TimeoutStopSec=5s LimitNOFILE=1048576 -LimitNPROC=512 PrivateTmp=true ProtectHome=true ProtectSystem=full -AmbientCapabilities=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target diff --git a/caddy.spec b/caddy.spec index b416b09..c7e502f 100644 --- a/caddy.spec +++ b/caddy.spec @@ -1,222 +1,310 @@ -%bcond_without vendor - -%if %{without vendor} -%bcond_without check -%endif - -# https://github.com/caddyserver/caddy %global goipath github.com/caddyserver/caddy -%global basever 2.4.6 -#global prerel rc -#global prerelnum 3 -Version: %{basever}%{?prerel:~%{prerel}%{prerelnum}} -%gometa - -%global common_description %{expand: -Caddy is the web server with automatic HTTPS.} +%if %{defined el8} +%global gotest() go test -short -compiler gc -ldflags "${LDFLAGS:-}" %{?**}; +%else +%global gotestflags %{gocompilerflags} -short +%endif Name: caddy -Release: 4%{?dist} +Version: 2.10.2 +Release: %autorelease Summary: Web server with automatic HTTPS -%if %{with vendor} -# github.com/caddyserver/caddy ASL 2.0 -# github.com/Masterminds/sprig/v3 MIT -# github.com/alecthomas/chroma MIT -# github.com/aryann/difflib MIT -# github.com/caddyserver/certmagic ASL 2.0 -# github.com/dustin/go-humanize MIT -# github.com/go-chi/chi MIT -# github.com/google/cel-go ASL 2.0 -# github.com/google/uuid BSD -# github.com/klauspost/compress BSD and ASL 2.0 -# github.com/klauspost/cpuid/v2 MIT -# github.com/lucas-clemente/quic-go MIT -# github.com/mholt/acmez ASL 2.0 -# github.com/naoina/go-stringutil MIT -# github.com/naoina/toml MIT -# github.com/prometheus/client_golang ASL 2.0 -# github.com/smallstep/certificates ASL 2.0 -# github.com/smallstep/cli ASL 2.0 -# github.com/smallstep/nosql ASL 2.0 -# github.com/smallstep/truststore ASL 2.0 -# github.com/yuin/goldmark MIT -# github.com/yuin/goldmark-highlighting MIT -# go.uber.org/zap MIT -# golang.org/x/crypto BSD -# golang.org/x/net BSD -# golang.org/x/term BSD -# google.golang.org/genproto ASL 2.0 -# google.golang.org/protobuf BSD -# gopkg.in/natefinch/lumberjack.v2 MIT -# gopkg.in/yaml.v2 ASL 2.0 and MIT -License: ASL 2.0 and MIT and BSD -%else -License: ASL 2.0 -%endif URL: https://caddyserver.com -%if %{with vendor} -# git clone https://github.com/caddyserver/caddy.git caddy-%%{version} -# cd caddy-%%{version} -# git checkout v%%{version} -# go mod vendor -# cd .. -# tar --exclude .git -czf caddy-%%{version}-vendored.tar.gz caddy-%%{version} -Source0: caddy-%{version}-vendored.tar.gz -%else -Source0: %{gosource} -%endif +# main source code is Apache-2.0 +# see comments above bundled provides for a breakdown of the rest +License: Apache-2.0 AND BSD-1-Clause AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND CC0-1.0 AND ISC AND MIT AND MPL-2.0 + +Source0: https://%{goipath}/archive/v%{version}/caddy-%{version}.tar.gz +Source1: caddy-%{version}-vendor.tar.gz +Source2: create-vendor-tarball.sh # based on reference files upstream # https://github.com/caddyserver/dist -Source1: Caddyfile -Source2: caddy.service -Source3: caddy-api.service -Source4: poweredby-white.png -Source5: poweredby-black.png -Source6: bash-completion -Source7: zsh-completion +Source10: Caddyfile +Source20: caddy.service +Source21: caddy-api.service +Source22: caddy.sysusers +Source30: poweredby-white.png +Source31: poweredby-black.png # downstream only patch to disable commands that can alter the binary -Patch: 0001-Disable-commands-that-can-alter-the-binary.patch +Patch1: 0001-Disable-commands-that-can-alter-the-binary.patch -# https://github.com/caddyserver/caddy/commit/6bc87ea2ff50a962f16dfafeb125f0f947c1a885 -BuildRequires: golang >= 1.16 - -%if %{with vendor} -Provides: bundled(golang(github.com/Masterminds/sprig/v3)) -Provides: bundled(golang(github.com/alecthomas/chroma)) -Provides: bundled(golang(github.com/aryann/difflib)) -Provides: bundled(golang(github.com/caddyserver/certmagic)) -Provides: bundled(golang(github.com/dustin/go-humanize)) -Provides: bundled(golang(github.com/go-chi/chi)) -Provides: bundled(golang(github.com/google/cel-go)) -Provides: bundled(golang(github.com/google/uuid)) -Provides: bundled(golang(github.com/klauspost/compress)) -Provides: bundled(golang(github.com/klauspost/cpuid/v2)) -Provides: bundled(golang(github.com/lucas-clemente/quic-go)) -Provides: bundled(golang(github.com/mholt/acmez)) -Provides: bundled(golang(github.com/naoina/go-stringutil)) -Provides: bundled(golang(github.com/naoina/toml)) -Provides: bundled(golang(github.com/prometheus/client_golang)) -Provides: bundled(golang(github.com/smallstep/certificates)) -Provides: bundled(golang(github.com/smallstep/cli)) -Provides: bundled(golang(github.com/smallstep/nosql)) -Provides: bundled(golang(github.com/smallstep/truststore)) -Provides: bundled(golang(github.com/yuin/goldmark)) -Provides: bundled(golang(github.com/yuin/goldmark-highlighting)) -Provides: bundled(golang(go.uber.org/zap)) -Provides: bundled(golang(golang.org/x/crypto)) -Provides: bundled(golang(golang.org/x/net)) -Provides: bundled(golang(golang.org/x/term)) -Provides: bundled(golang(google.golang.org/genproto)) -Provides: bundled(golang(google.golang.org/protobuf)) -Provides: bundled(golang(gopkg.in/natefinch/lumberjack.v2)) -Provides: bundled(golang(gopkg.in/yaml.v2)) +%if %{defined el8} +ExclusiveArch: %{golang_arches} %else -BuildRequires: golang(github.com/Masterminds/sprig/v3) -BuildRequires: golang(github.com/alecthomas/chroma) -BuildRequires: golang(github.com/aryann/difflib) -BuildRequires: golang(github.com/caddyserver/certmagic) -BuildRequires: golang(github.com/dustin/go-humanize) -BuildRequires: golang(github.com/go-chi/chi) -BuildRequires: golang(github.com/google/cel-go) -BuildRequires: golang(github.com/google/uuid) -BuildRequires: golang(github.com/klauspost/compress) -BuildRequires: golang(github.com/klauspost/cpuid/v2) -BuildRequires: golang(github.com/lucas-clemente/quic-go) -BuildRequires: golang(github.com/mholt/acmez) -BuildRequires: golang(github.com/naoina/go-stringutil) -BuildRequires: golang(github.com/naoina/toml) -BuildRequires: golang(github.com/prometheus/client_golang) -BuildRequires: golang(github.com/smallstep/certificates) -BuildRequires: golang(github.com/smallstep/cli) -BuildRequires: golang(github.com/smallstep/nosql) -BuildRequires: golang(github.com/smallstep/truststore) -BuildRequires: golang(github.com/yuin/goldmark) -BuildRequires: golang(github.com/yuin/goldmark-highlighting) -BuildRequires: golang(go.uber.org/zap) -BuildRequires: golang(golang.org/x/crypto) -BuildRequires: golang(golang.org/x/net) -BuildRequires: golang(golang.org/x/term) -BuildRequires: golang(google.golang.org/genproto) -BuildRequires: golang(google.golang.org/protobuf) -BuildRequires: golang(gopkg.in/natefinch/lumberjack.v2) -BuildRequires: golang(gopkg.in/yaml.v2) +BuildRequires: go-rpm-macros +ExclusiveArch: %{golang_arches_future} %endif BuildRequires: systemd-rpm-macros %{?systemd_requires} +%{?sysusers_requires_compat} + Requires: system-logos-httpd Provides: webserver +# https://github.com/caddyserver/caddy/commit/05acc5131ed5c80acbd28ed8d907b166cd15b72c +BuildRequires: golang >= 1.25 -%description %{common_description} +# Apache-2.0: +Provides: bundled(golang(cel.dev/expr)) = 0.24.0 +Provides: bundled(golang(cloud.google.com/go/auth)) = 0.16.2 +Provides: bundled(golang(cloud.google.com/go/auth/oauth2adapt)) = 0.2.8 +Provides: bundled(golang(cloud.google.com/go/compute/metadata)) = 0.7.0 +Provides: bundled(golang(github.com/Masterminds/goutils)) = 1.1.1 +Provides: bundled(golang(github.com/caddyserver/certmagic)) = 0.24.0 +Provides: bundled(golang(github.com/coreos/go-oidc/v3)) = 3.14.1 +Provides: bundled(golang(github.com/dgraph-io/badger)) = 1.6.2 +Provides: bundled(golang(github.com/dgraph-io/badger/v2)) = 2.2007.4 +Provides: bundled(golang(github.com/go-logr/logr)) = 1.4.3 +Provides: bundled(golang(github.com/go-logr/stdr)) = 1.2.2 +Provides: bundled(golang(github.com/google/cel-go)) = 0.26.0 +Provides: bundled(golang(github.com/google/certificate-transparency-go)) = 74a5dd3 +Provides: bundled(golang(github.com/google/go-tpm)) = 0.9.5 +Provides: bundled(golang(github.com/google/go-tspi)) = 0.3.0 +Provides: bundled(golang(github.com/google/s2a-go)) = 0.1.9 +Provides: bundled(golang(github.com/googleapis/enterprise-certificate-proxy)) = 0.3.6 +Provides: bundled(golang(github.com/inconshreveable/mousetrap)) = 1.1.0 +Provides: bundled(golang(github.com/kylelemons/godebug)) = 1.1.0 +Provides: bundled(golang(github.com/pires/go-proxyproto)) = 0.8.1 +Provides: bundled(golang(github.com/prometheus/client_model)) = 0.6.2 +Provides: bundled(golang(github.com/prometheus/common)) = 0.65.0 +Provides: bundled(golang(github.com/prometheus/procfs)) = 0.16.1 +Provides: bundled(golang(github.com/smallstep/go-attestation)) = 2306d5b +Provides: bundled(golang(github.com/smallstep/linkedca)) = 0.23.0 +Provides: bundled(golang(github.com/smallstep/nosql)) = 0.7.0 +Provides: bundled(golang(github.com/smallstep/truststore)) = 0.13.0 +Provides: bundled(golang(github.com/spf13/cobra)) = 1.9.1 +Provides: bundled(golang(go.opentelemetry.io/auto/sdk)) = 1.1.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp)) = 0.61.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/propagators/autoprop)) = 0.62.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/propagators/aws)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/propagators/b3)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/propagators/jaeger)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/contrib/propagators/ot)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel/exporters/otlp/otlptrace)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel/metric)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel/sdk)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/otel/trace)) = 1.37.0 +Provides: bundled(golang(go.opentelemetry.io/proto/otlp)) = 1.7.0 +Provides: bundled(golang(go.uber.org/mock)) = 0.5.2 +Provides: bundled(golang(google.golang.org/genproto/googleapis/api)) = 513f239 +Provides: bundled(golang(google.golang.org/genproto/googleapis/rpc)) = 513f239 +Provides: bundled(golang(google.golang.org/grpc)) = 1.73.0 +Provides: bundled(golang(google.golang.org/grpc/cmd/protoc-gen-go-grpc)) = 1.5.1 + +# BSD-2-Clause: +Provides: bundled(golang(github.com/pkg/errors)) = 0.9.1 +Provides: bundled(golang(github.com/russross/blackfriday/v2)) = 2.1.0 + +# BSD-3-Clause: +Provides: bundled(golang(dario.cat/mergo)) = 1.0.1 +Provides: bundled(golang(github.com/antlr4-go/antlr/v4)) = 4.13.0 +Provides: bundled(golang(github.com/cloudflare/circl)) = 1.6.1 +Provides: bundled(golang(github.com/golang/protobuf)) = 1.5.4 +Provides: bundled(golang(github.com/golang/snappy)) = 0.0.4 +Provides: bundled(golang(github.com/google/uuid)) = 1.6.0 +Provides: bundled(golang(github.com/grpc-ecosystem/grpc-gateway/v2)) = 2.27.1 +Provides: bundled(golang(github.com/manifoldco/promptui)) = 0.9.0 +Provides: bundled(golang(github.com/miekg/dns)) = 1.1.63 +Provides: bundled(golang(github.com/munnerz/goautoneg)) = a7dc8b6 +Provides: bundled(golang(github.com/pbnjay/memory)) = 7b4eea6 +Provides: bundled(golang(github.com/pmezard/go-difflib)) = 1.0.0 +Provides: bundled(golang(github.com/spf13/pflag)) = 1.0.7 +Provides: bundled(golang(github.com/tailscale/tscert)) = d3f8340 +Provides: bundled(golang(golang.org/x/crypto)) = 0.40.0 +Provides: bundled(golang(golang.org/x/crypto/x509roots/fallback)) = 49bf5b8 +Provides: bundled(golang(golang.org/x/exp)) = 7e4ce0a +Provides: bundled(golang(golang.org/x/mod)) = 0.25.0 +Provides: bundled(golang(golang.org/x/net)) = 0.42.0 +Provides: bundled(golang(golang.org/x/oauth2)) = 0.30.0 +Provides: bundled(golang(golang.org/x/sync)) = 0.16.0 +Provides: bundled(golang(golang.org/x/sys)) = 0.34.0 +Provides: bundled(golang(golang.org/x/term)) = 0.33.0 +Provides: bundled(golang(golang.org/x/text)) = 0.27.0 +Provides: bundled(golang(golang.org/x/time)) = 0.12.0 +Provides: bundled(golang(golang.org/x/tools)) = 0.34.0 +Provides: bundled(golang(google.golang.org/api)) = 0.240.0 +Provides: bundled(golang(google.golang.org/protobuf)) = 1.36.6 + +# CC0-1.0: +Provides: bundled(golang(github.com/zeebo/blake3)) = 0.2.4 + +# ISC: +Provides: bundled(golang(github.com/davecgh/go-spew)) = 1.1.1 + +# MIT: +Provides: bundled(golang(github.com/BurntSushi/toml)) = 1.5.0 +Provides: bundled(golang(github.com/KimMachineGun/automemlimit)) = 0.7.4 +Provides: bundled(golang(github.com/Masterminds/semver/v3)) = 3.3.0 +Provides: bundled(golang(github.com/Masterminds/sprig/v3)) = 3.3.0 +Provides: bundled(golang(github.com/Microsoft/go-winio)) = 0.6.0 +Provides: bundled(golang(github.com/alecthomas/chroma/v2)) = 2.20.0 +Provides: bundled(golang(github.com/aryann/difflib)) = ff5ff6d +Provides: bundled(golang(github.com/beorn7/perks)) = 1.0.1 +Provides: bundled(golang(github.com/caddyserver/zerossl)) = 0.1.3 +Provides: bundled(golang(github.com/ccoveille/go-safecast)) = 1.6.1 +Provides: bundled(golang(github.com/cenkalti/backoff/v5)) = 5.0.2 +Provides: bundled(golang(github.com/cespare/xxhash)) = 1.1.0 +Provides: bundled(golang(github.com/cespare/xxhash/v2)) = 2.3.0 +Provides: bundled(golang(github.com/chzyer/readline)) = 1.5.1 +Provides: bundled(golang(github.com/cpuguy83/go-md2man/v2)) = 2.0.7 +Provides: bundled(golang(github.com/dgryski/go-farm)) = a6ae236 +Provides: bundled(golang(github.com/dlclark/regexp2)) = 1.11.5 +Provides: bundled(golang(github.com/dustin/go-humanize)) = 1.0.1 +Provides: bundled(golang(github.com/felixge/httpsnoop)) = 1.0.4 +Provides: bundled(golang(github.com/francoispqt/gojay)) = 1.2.13 +Provides: bundled(golang(github.com/fxamacker/cbor/v2)) = 2.8.0 +Provides: bundled(golang(github.com/go-chi/chi/v5)) = 5.2.2 +Provides: bundled(golang(github.com/huandu/xstrings)) = 1.5.0 +Provides: bundled(golang(github.com/jackc/pgpassfile)) = 1.0.0 +Provides: bundled(golang(github.com/jackc/pgservicefile)) = 091c0ba +Provides: bundled(golang(github.com/jackc/pgx/v5)) = 5.6.0 +Provides: bundled(golang(github.com/jackc/puddle/v2)) = 2.2.1 +Provides: bundled(golang(github.com/klauspost/cpuid/v2)) = 2.3.0 +Provides: bundled(golang(github.com/libdns/libdns)) = 1.1.0 +Provides: bundled(golang(github.com/mattn/go-colorable)) = 0.1.13 +Provides: bundled(golang(github.com/mattn/go-isatty)) = 0.0.20 +Provides: bundled(golang(github.com/mgutz/ansi)) = d51e80e +Provides: bundled(golang(github.com/mitchellh/copystructure)) = 1.2.0 +Provides: bundled(golang(github.com/mitchellh/go-ps)) = 1.0.0 +Provides: bundled(golang(github.com/mitchellh/reflectwalk)) = 1.0.2 +Provides: bundled(golang(github.com/quic-go/qpack)) = 0.5.1 +Provides: bundled(golang(github.com/quic-go/quic-go)) = 0.54.0 +Provides: bundled(golang(github.com/rs/xid)) = 1.6.0 +Provides: bundled(golang(github.com/shopspring/decimal)) = 1.4.0 +Provides: bundled(golang(github.com/shurcooL/sanitized_anchor_name)) = 1.0.0 +Provides: bundled(golang(github.com/sirupsen/logrus)) = 1.9.3 +Provides: bundled(golang(github.com/slackhq/nebula)) = 1.9.5 +Provides: bundled(golang(github.com/smallstep/pkcs7)) = 0.2.1 +Provides: bundled(golang(github.com/spf13/cast)) = 1.7.0 +Provides: bundled(golang(github.com/stoewer/go-strcase)) = 1.2.0 +Provides: bundled(golang(github.com/stretchr/testify)) = 1.10.0 +Provides: bundled(golang(github.com/urfave/cli)) = 1.22.17 +Provides: bundled(golang(github.com/x448/float16)) = 0.8.4 +Provides: bundled(golang(github.com/yuin/goldmark)) = 1.7.13 +Provides: bundled(golang(github.com/yuin/goldmark-highlighting/v2)) = 37449ab +Provides: bundled(golang(go.etcd.io/bbolt)) = 1.3.10 +Provides: bundled(golang(go.uber.org/automaxprocs)) = 1.6.0 +Provides: bundled(golang(go.uber.org/multierr)) = 1.11.0 +Provides: bundled(golang(go.uber.org/zap)) = 1.27.0 +Provides: bundled(golang(go.uber.org/zap/exp)) = 0.3.0 +Provides: bundled(golang(gopkg.in/natefinch/lumberjack.v2)) = 2.2.1 + +# MPL-2.0: +Provides: bundled(golang(github.com/go-sql-driver/mysql)) = 1.8.1 + +# Apache-2.0 AND BSD-2-Clause: +Provides: bundled(golang(go.step.sm/crypto)) = 0.67.0 +Provides: bundled(golang(github.com/smallstep/cli-utils)) = 0.12.1 + +# Apache-2.0 AND BSD-3-Clause: +Provides: bundled(golang(github.com/go-jose/go-jose/v3)) = 3.0.4 +Provides: bundled(golang(github.com/go-jose/go-jose/v4)) = 4.0.5 +Provides: bundled(golang(github.com/googleapis/gax-go/v2)) = 2.14.2 +Provides: bundled(golang(github.com/mholt/acmez/v3)) = 3.1.2 +Provides: bundled(golang(github.com/smallstep/certificates)) = 0.28.4 + +# Apache-2.0 AND MIT: +Provides: bundled(golang(github.com/dgraph-io/ristretto)) = 0.2.0 +Provides: bundled(golang(gopkg.in/yaml.v3)) = 3.0.1 + +# BSD-1-Clause AND BSD-3-Clause: +Provides: bundled(golang(filippo.io/edwards25519)) = 1.1.0 + +# BSD-2-Clause-Views AND BSD-3-Clause: +Provides: bundled(golang(howett.net/plist)) = 1.0.0 + +# BSD-3-Clause AND MIT: +Provides: bundled(golang(github.com/smallstep/scep)) = 8cf1ca4 + +# CC0-1.0 AND MIT: +Provides: bundled(golang(github.com/AndreasBriese/bbloom)) = 46b345b + +# Apache-2.0 AND BSD-3-Clause AND MIT: +Provides: bundled(golang(github.com/klauspost/compress)) = 1.18.0 +Provides: bundled(golang(github.com/prometheus/client_golang)) = 1.23.0 -%if %{without vendor} -%gopkg -%endif +%description +Caddy is an extensible server platform that uses TLS by default. %prep -%goprep %{?with_vendor:-k} -%autopatch -p 1 - -sed -e '/mod.Version/ s/unknown/%{version}-%{release}/' -i caddy.go +%autosetup -p 1 -a 1 +mkdir -p src/$(dirname %{goipath}) +ln -s $PWD src/%{goipath} %build -%gobuild -o %{gobuilddir}/bin/caddy %{goipath}/cmd/caddy +%if %{defined el8} +export GO111MODULE=off +%endif +export GOPATH=$PWD +export LDFLAGS="-X %{goipath}.CustomVersion=v%{version}" +%gobuild -o bin/caddy %{goipath}/cmd/caddy %install -%if %{without vendor} -%gopkginstall -%endif - # command -install -D -p -m 0755 %{gobuilddir}/bin/caddy %{buildroot}%{_bindir}/caddy +install -D -p -m 0755 -t %{buildroot}%{_bindir} bin/caddy + +# man pages +./bin/caddy manpage --directory %{buildroot}%{_mandir}/man8 # config -install -D -p -m 0644 %{S:1} %{buildroot}%{_sysconfdir}/caddy/Caddyfile +install -D -p -m 0644 -t %{buildroot}%{_sysconfdir}/caddy %{S:10} install -d -m 0755 %{buildroot}%{_sysconfdir}/caddy/Caddyfile.d # systemd units -install -D -p -m 0644 %{S:2} %{buildroot}%{_unitdir}/caddy.service -install -D -p -m 0644 %{S:3} %{buildroot}%{_unitdir}/caddy-api.service +install -D -p -m 0644 -t %{buildroot}%{_unitdir} %{S:20} %{S:21} + +# sysusers +install -D -p -m 0644 %{S:22} %{buildroot}%{_sysusersdir}/caddy.conf # data directory install -d -m 0750 %{buildroot}%{_sharedstatedir}/caddy # welcome page %if %{defined fedora} -install -D -p -m 0644 %{S:4} %{buildroot}%{_datadir}/caddy/poweredby.png +install -D -p -m 0644 %{S:30} %{buildroot}%{_datadir}/caddy/poweredby.png +ln -s ../fedora-testpage/index.html %{buildroot}%{_datadir}/caddy/index.html %else -install -D -p -m 0644 %{S:5} %{buildroot}%{_datadir}/caddy/poweredby.png -%endif +install -D -p -m 0644 %{S:31} %{buildroot}%{_datadir}/caddy/poweredby.png ln -s ../testpage/index.html %{buildroot}%{_datadir}/caddy/index.html +%endif install -d -m 0755 %{buildroot}%{_datadir}/caddy/icons ln -s ../../pixmaps/poweredby.png %{buildroot}%{_datadir}/caddy/icons/poweredby.png - -# shell completion -install -D -p -m 0644 %{S:6} %{buildroot}%{_datadir}/bash-completion/completions/caddy -install -D -p -m 0644 %{S:7} %{buildroot}%{_datadir}/zsh/site-functions/_caddy - - -%if %{with check} -%check -%gocheck +%if %{defined rhel} && 0%{?rhel} >= 9 +ln -s ../pixmaps/system-noindex-logo.png %{buildroot}%{_datadir}/caddy/system_noindex_logo.png %endif +# shell completions +install -d -m 0755 %{buildroot}%{bash_completions_dir} +./bin/caddy completion bash > %{buildroot}%{bash_completions_dir}/caddy +install -d -m 0755 %{buildroot}%{zsh_completions_dir} +./bin/caddy completion zsh > %{buildroot}%{zsh_completions_dir}/_caddy +install -d -m 0755 %{buildroot}%{fish_completions_dir} +./bin/caddy completion fish > %{buildroot}%{fish_completions_dir}/caddy.fish + + +%check +# ensure that the version was embedded correctly +[[ "$(./bin/caddy version)" == "v%{version}" ]] || exit 1 + +# run the upstream tests +export GOPATH=$PWD +cd src/%{goipath} +%gotest ./... + %pre -getent group caddy &> /dev/null || \ -groupadd -r caddy &> /dev/null -getent passwd caddy &> /dev/null || \ -useradd -r -g caddy -d %{_sharedstatedir}/caddy -s /sbin/nologin -c 'Caddy web server' caddy &> /dev/null -exit 0 +%sysusers_create_compat %{S:22} %post @@ -274,231 +362,26 @@ fi %license LICENSE %doc README.md AUTHORS %{_bindir}/caddy +%{_mandir}/man8/caddy*.8* %{_datadir}/caddy %{_unitdir}/caddy.service %{_unitdir}/caddy-api.service +%{_sysusersdir}/caddy.conf %dir %{_sysconfdir}/caddy %config(noreplace) %{_sysconfdir}/caddy/Caddyfile %dir %{_sysconfdir}/caddy/Caddyfile.d %attr(0750,caddy,caddy) %dir %{_sharedstatedir}/caddy -# filesystem owns all the parent directories here -%{_datadir}/bash-completion/completions/caddy -# own parent directories in case zsh is not installed +%if %{defined el8} +# this is normally owned by filesystem %dir %{_datadir}/zsh %dir %{_datadir}/zsh/site-functions -%{_datadir}/zsh/site-functions/_caddy - - -%if %{without vendor} -%gopkgfiles +%dir %{_datadir}/fish +%dir %{_datadir}/fish/vendor_completions.d %endif +%{bash_completions_dir}/caddy +%{zsh_completions_dir}/_caddy +%{fish_completions_dir}/caddy.fish %changelog -* Tue Jul 19 2022 Maxwell G - 2.4.6-4 -- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in - golang - -* Fri Jun 17 2022 Robert-André Mauchin - 2.4.6-3 -- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, - CVE-2022-29526, CVE-2022-30629 - -* Fri Feb 25 2022 Carl George - 2.4.6-2 -- Update welcome page symlink and image to work on both Fedora and EPEL - -* Wed Feb 16 2022 Carl George - 2.4.6-1 -- Latest upstream rhbz#1984163 - -* Wed Jan 19 2022 Fedora Release Engineering - 2.3.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Wed Jul 21 2021 Fedora Release Engineering - 2.3.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Wed Mar 03 2021 Carl George - 2.3.0-1 -- Latest upstream -- Fix vendored license handling -- Switch to white logo rhbz#1934864 - -* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 2.2.1-3 -- Rebuilt for updated systemd-rpm-macros - See https://pagure.io/fesco/issue/2583. - -* Tue Jan 26 2021 Fedora Release Engineering - 2.2.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Fri Oct 30 2020 Carl George - 2.2.1-1 -- Latest upstream - -* Sat Sep 26 2020 Carl George - 2.2.0-1 -- Latest upstream - -* Sat Sep 19 2020 Carl George - 2.2.0~rc3-1 -- Latest upstream - -* Fri Aug 14 2020 Carl George - 2.1.1-2 -- Add bash and zsh completion support - -* Sun Aug 09 2020 Carl George - 2.1.1-1 -- Update to Caddy v2 -- Remove all v1 plugins -- Use vendored dependencies -- Remove devel subpackage -- Rename config file per upstream request -- Use webserver test page from system-logos-httpd - -* Sat Aug 01 2020 Fedora Release Engineering - 1.0.4-3 -- Second attempt - Rebuilt for - https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Mon Jul 27 2020 Fedora Release Engineering - 1.0.4-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue Jul 07 20:56:10 CEST 2020 Robert-André Mauchin - 1.0.4-1 -- Update to 1.0.4 (#1803691) - -* Mon Feb 17 2020 Elliott Sales de Andrade - 1.0.3-3 -- Rebuilt for GHSA-jf24-p9p9-4rjh - -* Tue Jan 28 2020 Fedora Release Engineering - 1.0.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Sat Sep 07 2019 Carl George - 1.0.3-1 -- Latest upstream -- Remove bundled lego and plugins -- Remove dyn, gandi, namecheap, and rfc2136 dns providers -- Add patch0 to fix `-version` flag -- Add patch1 to adjust blackfriday import path -- Add devel subpackages -- Run test suite - -* Wed Jul 24 2019 Fedora Release Engineering - 0.11.4-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Thu May 09 2019 Carl George - 0.11.4-2 -- Switch unit file from ProtectSystem strict to full rhbz#1706651 - -* Wed Mar 06 2019 Carl George - 0.11.4-1 -- Latest upstream -- Update bundled dnsproviders to 0.1.3 -- Update bundled lego to 2.2.0 -- Enable googlecloud, route53, and azure dns providers on epel7 -- Allow custom http port with default config file rhbz#1685446 - -* Thu Jan 31 2019 Fedora Release Engineering - 0.11.1-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Wed Nov 14 2018 Carl George - 0.11.1-2 -- Buildrequires at least golang 1.10 - -* Tue Nov 13 2018 Carl George - 0.11.1-1 -- Latest upstream -- Update bundled geoip - -* Fri Oct 19 2018 Carl George - 0.11.0-3 -- Enable httpd_can_network_connect selinux boolean to connect to ACME endpoint rhbz#1641158 -- Define UDP 80/443 as selinux http_port_t for QUIC rhbz#1608548 -- Define TCP 5033 as selinux http_port_t for HTTP challenge rhbz#1641160 - -* Thu Jul 12 2018 Fedora Release Engineering - 0.11.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Sat May 12 2018 Carl George - 0.11.0-1 -- Latest upstream - -* Sat Apr 21 2018 Carl George - 0.10.14-1 -- Latest upstream -- Overhaul %%prep to extract everything with %%setup -- Edit lego providers to require acmev2 instead of acme -- Add provides for specific providers from %%import_path_dnsproviders and %%import_path_lego -- Add azure dns provider on f28+ - -* Fri Apr 20 2018 Carl George - 0.10.11-6 -- Enable geoip plugin on EL7 -- Only provide bundled geoip/realip/dnsproviders/lego when the respective plugin is enabled - -* Wed Apr 18 2018 Carl George - 0.10.11-5 -- Add geoip plugin - -* Tue Apr 17 2018 Carl George - 0.10.11-4 -- Correct ExclusiveArch fallback - -* Mon Apr 16 2018 Carl George - 0.10.11-3 -- Enable s390x -- Disable googlecloud and route53 dns providers on EL7 due to dependency issues - -* Fri Mar 30 2018 Carl George - 0.10.11-2 -- Add googlecloud dns provider -- Add route53 dns provider -- Set minimum golang version to 1.9 -- Set selinux labels in scriptlets - -* Sat Feb 24 2018 Carl George - 0.10.11-1 -- Latest upstream - -* Sat Feb 24 2018 Carl George - 0.10.10-4 -- Change ProtectSystem from strict to full in unit file on RHEL - -* Wed Feb 07 2018 Fedora Release Engineering - 0.10.10-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Thu Jan 11 2018 Carl George - 0.10.10-2 -- Add powerdns provider - -* Mon Oct 09 2017 Carl George - 0.10.10-1 -- Latest upstream - -* Mon Oct 02 2017 Carl George - 0.10.9-6 -- Add provides for bundled libraries - -* Mon Oct 02 2017 Carl George - 0.10.9-5 -- Enable rfc2136 dns provider -- List plugins in description - -* Mon Sep 18 2017 Carl George - 0.10.9-4 -- Exclude s390x - -* Sun Sep 17 2017 Carl George - 0.10.9-3 -- Add realip plugin -- Add conditionals for plugins - -* Sat Sep 16 2017 Carl George - 0.10.9-2 -- Add sources for caddyserver/dnsproviders and xenolf/lego -- Disable all dns providers that require additional libraries (dnsimple, dnspod, googlecloud, linode, ovh, route53, vultr) -- Rewrite default index.html - -* Tue Sep 12 2017 Carl George - 0.10.9-1 -- Latest upstream -- Add config validation to unit file -- Disable exoscale dns provider https://github.com/xenolf/lego/issues/429 - -* Fri Sep 08 2017 Carl George - 0.10.8-1 -- Latest upstream -- Build with %%gobuild macro -- Move config subdirectory from /etc/caddy/caddy.conf.d to /etc/caddy/conf.d - -* Tue Aug 29 2017 Carl George - 0.10.7-1 -- Latest upstream - -* Fri Aug 25 2017 Carl George - 0.10.6-2 -- Use SIQQUIT to stop service -- Increase the process limit from 64 to 512 -- Only `go get` in caddy/caddymain - -* Fri Aug 11 2017 Carl George - 0.10.6-1 -- Latest upstream -- Add webserver virtual provides -- Drop tmpfiles and just own /var/lib/caddy directly -- Remove PrivateDevices setting from unit file, it prevents selinux process transitions -- Disable rfc2136 dns provider https://github.com/caddyserver/dnsproviders/issues/11 - -* Sat Jun 03 2017 Carl George - 0.10.3-2 -- Rename Envfile to envfile -- Rename Caddyfile to caddy.conf -- Include additional configs from caddy.conf.d directory - -* Fri May 19 2017 Carl George - 0.10.3-1 -- Latest upstream - -* Mon May 15 2017 Carl George - 0.10.2-1 -- Initial package +%autochangelog diff --git a/caddy.sysusers b/caddy.sysusers new file mode 100644 index 0000000..3e98c73 --- /dev/null +++ b/caddy.sysusers @@ -0,0 +1 @@ +u caddy - "Caddy web server" /var/lib/caddy /usr/sbin/nologin diff --git a/changelog b/changelog new file mode 100644 index 0000000..8e10c3e --- /dev/null +++ b/changelog @@ -0,0 +1,285 @@ +* Wed Jan 22 2025 Carl George - 2.9.1-3 +- Run tests with -short flag like upstream to avoid test failures +- Resolves FTBFS rhbz#2339573 rhbz#2339954 + +* Thu Jan 16 2025 Fedora Release Engineering - 2.9.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Jan 08 2025 Carl George - 2.9.1-1 +- Update to version 2.9.1 rhbz#2336409 + +* Wed Jan 01 2025 Carl George - 2.9.0-1 +- Update to version 2.9.0 rhbz#2316289 + +* Wed Jul 17 2024 Fedora Release Engineering - 2.8.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jul 05 2024 Carl George - 2.8.4-1 +- Update to version 2.8.4 rhbz#2278549 +- Resolves CVE-2023-49295 rhbz#2257829 +- Resolves CVE-2024-27304 rhbz#2268278 +- Resolves CVE-2024-27289 rhbz#2268468 +- Resolves CVE-2024-28180 rhbz#2268877 +- Resolves CVE-2024-22189 rhbz#2273517 +- Remove LimitNPROC from systemd unit files + +* Sun Feb 11 2024 Maxwell G - 2.7.6-2 +- Rebuild for golang 1.22.0 + +* Fri Feb 09 2024 Carl George - 2.7.6-1 +- Update to version 2.7.6 rhbz#2253698 +- Includes fix for CVE-2023-45142 rhbz#2246587 + +* Tue Jan 23 2024 Fedora Release Engineering - 2.7.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 2.7.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Oct 30 2023 Carl George - 2.7.5-1 +- Update to version 2.7.5 +- Update poweredby logos +- Add symlink for system_noindex_logo.png on EL9 +- Symlink directly to fedora-testpage directory on Fedora + +* Thu Aug 17 2023 Carl George - 2.7.4-1 +- Update to version 2.7.4, resolves rhbz#2232696 +- Fix CVE-2023-3978, resolves rhbz#2229582 + +* Tue Aug 08 2023 Carl George - 2.7.3-1 +- Update to version 2.7.3, resolves rhbz#2229638 + +* Thu Aug 03 2023 Carl George - 2.7.2-1 +- Update to version 2.7.2, resolves rhbz#2228776 + +* Thu Jul 27 2023 Carl George - 2.7.0~beta2-1 +- Update to version 2.7.0~beta2, resolves rhbz#2225732 rhbz#2124366 +- Resolves CVE-2022-41717 rhbz#2164315 +- Resolves CVE-2022-41723 rhbz#2178412 +- Add man pages +- Use generated shell completion files instead of static ones +- Add fish shell completions +- Switch to systemd sysusers + +* Wed Jul 19 2023 Fedora Release Engineering - 2.5.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jan 24 2023 Carl George - 2.5.2-3 +- Rebuild for CVE-2022-41717 in golang + +* Wed Jan 18 2023 Fedora Release Engineering - 2.5.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Aug 09 2022 Carl George - 2.5.2-1 +- Latest upstream, resolves rhbz#2062499 rhbz#2113136 + +* Wed Jul 20 2022 Fedora Release Engineering - 2.4.6-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jul 19 2022 Maxwell G - 2.4.6-4 +- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in + golang + +* Fri Jun 17 2022 Robert-André Mauchin - 2.4.6-3 +- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, + CVE-2022-29526, CVE-2022-30629 + +* Fri Feb 25 2022 Carl George - 2.4.6-2 +- Update welcome page symlink and image to work on both Fedora and EPEL + +* Wed Feb 16 2022 Carl George - 2.4.6-1 +- Latest upstream rhbz#1984163 + +* Wed Jan 19 2022 Fedora Release Engineering - 2.3.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jul 21 2021 Fedora Release Engineering - 2.3.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Mar 03 2021 Carl George - 2.3.0-1 +- Latest upstream +- Fix vendored license handling +- Switch to white logo rhbz#1934864 + +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 2.2.1-3 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + +* Tue Jan 26 2021 Fedora Release Engineering - 2.2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Oct 30 2020 Carl George - 2.2.1-1 +- Latest upstream + +* Sat Sep 26 2020 Carl George - 2.2.0-1 +- Latest upstream + +* Sat Sep 19 2020 Carl George - 2.2.0~rc3-1 +- Latest upstream + +* Fri Aug 14 2020 Carl George - 2.1.1-2 +- Add bash and zsh completion support + +* Sun Aug 09 2020 Carl George - 2.1.1-1 +- Update to Caddy v2 +- Remove all v1 plugins +- Use vendored dependencies +- Remove devel subpackage +- Rename config file per upstream request +- Use webserver test page from system-logos-httpd + +* Sat Aug 01 2020 Fedora Release Engineering - 1.0.4-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 27 2020 Fedora Release Engineering - 1.0.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 07 20:56:10 CEST 2020 Robert-André Mauchin - 1.0.4-1 +- Update to 1.0.4 (#1803691) + +* Mon Feb 17 2020 Elliott Sales de Andrade - 1.0.3-3 +- Rebuilt for GHSA-jf24-p9p9-4rjh + +* Tue Jan 28 2020 Fedora Release Engineering - 1.0.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sat Sep 07 2019 Carl George - 1.0.3-1 +- Latest upstream +- Remove bundled lego and plugins +- Remove dyn, gandi, namecheap, and rfc2136 dns providers +- Add patch0 to fix `-version` flag +- Add patch1 to adjust blackfriday import path +- Add devel subpackages +- Run test suite + +* Wed Jul 24 2019 Fedora Release Engineering - 0.11.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu May 09 2019 Carl George - 0.11.4-2 +- Switch unit file from ProtectSystem strict to full rhbz#1706651 + +* Wed Mar 06 2019 Carl George - 0.11.4-1 +- Latest upstream +- Update bundled dnsproviders to 0.1.3 +- Update bundled lego to 2.2.0 +- Enable googlecloud, route53, and azure dns providers on epel7 +- Allow custom http port with default config file rhbz#1685446 + +* Thu Jan 31 2019 Fedora Release Engineering - 0.11.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Wed Nov 14 2018 Carl George - 0.11.1-2 +- Buildrequires at least golang 1.10 + +* Tue Nov 13 2018 Carl George - 0.11.1-1 +- Latest upstream +- Update bundled geoip + +* Fri Oct 19 2018 Carl George - 0.11.0-3 +- Enable httpd_can_network_connect selinux boolean to connect to ACME endpoint rhbz#1641158 +- Define UDP 80/443 as selinux http_port_t for QUIC rhbz#1608548 +- Define TCP 5033 as selinux http_port_t for HTTP challenge rhbz#1641160 + +* Thu Jul 12 2018 Fedora Release Engineering - 0.11.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Sat May 12 2018 Carl George - 0.11.0-1 +- Latest upstream + +* Sat Apr 21 2018 Carl George - 0.10.14-1 +- Latest upstream +- Overhaul %%prep to extract everything with %%setup +- Edit lego providers to require acmev2 instead of acme +- Add provides for specific providers from %%import_path_dnsproviders and %%import_path_lego +- Add azure dns provider on f28+ + +* Fri Apr 20 2018 Carl George - 0.10.11-6 +- Enable geoip plugin on EL7 +- Only provide bundled geoip/realip/dnsproviders/lego when the respective plugin is enabled + +* Wed Apr 18 2018 Carl George - 0.10.11-5 +- Add geoip plugin + +* Tue Apr 17 2018 Carl George - 0.10.11-4 +- Correct ExclusiveArch fallback + +* Mon Apr 16 2018 Carl George - 0.10.11-3 +- Enable s390x +- Disable googlecloud and route53 dns providers on EL7 due to dependency issues + +* Fri Mar 30 2018 Carl George - 0.10.11-2 +- Add googlecloud dns provider +- Add route53 dns provider +- Set minimum golang version to 1.9 +- Set selinux labels in scriptlets + +* Sat Feb 24 2018 Carl George - 0.10.11-1 +- Latest upstream + +* Sat Feb 24 2018 Carl George - 0.10.10-4 +- Change ProtectSystem from strict to full in unit file on RHEL + +* Wed Feb 07 2018 Fedora Release Engineering - 0.10.10-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jan 11 2018 Carl George - 0.10.10-2 +- Add powerdns provider + +* Mon Oct 09 2017 Carl George - 0.10.10-1 +- Latest upstream + +* Mon Oct 02 2017 Carl George - 0.10.9-6 +- Add provides for bundled libraries + +* Mon Oct 02 2017 Carl George - 0.10.9-5 +- Enable rfc2136 dns provider +- List plugins in description + +* Mon Sep 18 2017 Carl George - 0.10.9-4 +- Exclude s390x + +* Sun Sep 17 2017 Carl George - 0.10.9-3 +- Add realip plugin +- Add conditionals for plugins + +* Sat Sep 16 2017 Carl George - 0.10.9-2 +- Add sources for caddyserver/dnsproviders and xenolf/lego +- Disable all dns providers that require additional libraries (dnsimple, dnspod, googlecloud, linode, ovh, route53, vultr) +- Rewrite default index.html + +* Tue Sep 12 2017 Carl George - 0.10.9-1 +- Latest upstream +- Add config validation to unit file +- Disable exoscale dns provider https://github.com/xenolf/lego/issues/429 + +* Fri Sep 08 2017 Carl George - 0.10.8-1 +- Latest upstream +- Build with %%gobuild macro +- Move config subdirectory from /etc/caddy/caddy.conf.d to /etc/caddy/conf.d + +* Tue Aug 29 2017 Carl George - 0.10.7-1 +- Latest upstream + +* Fri Aug 25 2017 Carl George - 0.10.6-2 +- Use SIQQUIT to stop service +- Increase the process limit from 64 to 512 +- Only `go get` in caddy/caddymain + +* Fri Aug 11 2017 Carl George - 0.10.6-1 +- Latest upstream +- Add webserver virtual provides +- Drop tmpfiles and just own /var/lib/caddy directly +- Remove PrivateDevices setting from unit file, it prevents selinux process transitions +- Disable rfc2136 dns provider https://github.com/caddyserver/dnsproviders/issues/11 + +* Sat Jun 03 2017 Carl George - 0.10.3-2 +- Rename Envfile to envfile +- Rename Caddyfile to caddy.conf +- Include additional configs from caddy.conf.d directory + +* Fri May 19 2017 Carl George - 0.10.3-1 +- Latest upstream + +* Mon May 15 2017 Carl George - 0.10.2-1 +- Initial package diff --git a/create-vendor-tarball.sh b/create-vendor-tarball.sh new file mode 100755 index 0000000..87bace1 --- /dev/null +++ b/create-vendor-tarball.sh @@ -0,0 +1,40 @@ +#!/usr/bin/bash + +tag=$1 + +if [[ -z $tag ]]; then + echo "This script requires the tag as an argument." + exit 1 +fi + +set -euo pipefail + +PKG="caddy" +REPO="https://github.com/caddyserver/$PKG" + +# transform tag into version +case $tag in + *beta*) + # v2.0.0-beta.1 -> 2.0.0~beta1 + temp=${tag#v} + version=${temp/-beta./~beta} + ;; + *rc*) + # v2.0.0-rc.1 -> 2.0.0~rc1 + temp=${tag#v} + version=${temp/-rc./~rc} + ;; + *) + # v2.0.0 -> 2.0.0 + version=${tag#v} + ;; +esac + +echo "Using tag: $tag" +echo "Using version: $version" + +git -c advice.detachedHead=false clone --branch $tag --depth 1 $REPO.git $PKG-$version +pushd $PKG-$version +GOPROXY='https://proxy.golang.org,direct' go mod vendor +popd +tar -C $PKG-$version -czf $PKG-$version-vendor.tar.gz vendor diff --git a/poweredby-black.png b/poweredby-black.png index eb8e284..f0df626 100644 Binary files a/poweredby-black.png and b/poweredby-black.png differ diff --git a/poweredby-white.png b/poweredby-white.png index 8131407..a2098ab 100644 Binary files a/poweredby-white.png and b/poweredby-white.png differ diff --git a/sources b/sources index be5b56a..83d8cbc 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ -SHA512 (caddy-2.4.6-vendored.tar.gz) = d2a3d98f831f153dc408c6793331e16649fd0e543e4be8ec0cf8b4d3918d1e11f6e57a9459bb3ac2d7c3345e036252f7666c4b7535ced5d7b6f3f52162e850ea +SHA512 (caddy-2.10.2.tar.gz) = 986b11e26cdaa4fbe554cf7b6bb333404fc33190945ef995122518a3fe2fe582a4cf4d2a8ab463e045857650e9deb88123f8d86a93dbdc465635755b00356205 +SHA512 (caddy-2.10.2-vendor.tar.gz) = 8b4b63f5b8ba4b29ec01da55820214f4c63a1c545756815e26d73bdcc3b3ac5aada863ef32ab6db898b90a9501c0ed6e03ed44e53612cdb8d872ab89480d466d diff --git a/zsh-completion b/zsh-completion deleted file mode 100644 index 66f50b7..0000000 --- a/zsh-completion +++ /dev/null @@ -1,166 +0,0 @@ -#compdef caddy - -function _caddy { - local _line - - _arguments -C \ - "1: :(adapt build-info environ file-server fmt hash-password help list-modules reload reverse-proxy run start stop trust untrust validate version)" \ - "*::arg:->args" - - case $line[1] in - adapt) - __caddy_adapt - ;; - build-info) - __caddy_build-info - ;; - environ) - __caddy_environ - ;; - file-server) - __caddy_file-server - ;; - fmt) - __caddy_fmt - ;; - hash-password) - __caddy_hash-password - ;; - help) - __caddy_help - ;; - list-modules) - __caddy_list-modules - ;; - reload) - __caddy_reload - ;; - reverse-proxy) - __caddy_reverse-proxy - ;; - run) - __caddy_run - ;; - start) - __caddy_start - ;; - stop) - __caddy_stop - ;; - trust) - __caddy_trust - ;; - untrust) - __caddy_untrust - ;; - validate) - __caddy_validate - ;; - version) - __caddy_version - ;; - esac -} - -function __caddy_adapt { - _arguments \ - "--pretty: :" \ - "--validate: :" \ - "--adapter: :_files" \ - "--config: :_files" \ - -} -function __caddy_build-info { - -} -function __caddy_environ { - -} -function __caddy_file-server { - _arguments \ - "--browse: :" \ - "--templates: :" \ - "--domain: :_files" \ - "--listen: :_files" \ - "--root: :_dirs" \ - -} -function __caddy_fmt { - _arguments \ - "--overwrite: :" \ - -} -function __caddy_hash-password { - _arguments \ - "--algorithm: :_files" \ - "--plaintext: :_files" \ - "--salt: :_files" \ - -} -function __caddy_help { - -} -function __caddy_list-modules { - _arguments \ - "--versions: :" \ - -} -function __caddy_reload { - _arguments \ - "--adapter: :_files" \ - "--config: :_files" \ - "--address: :_files" \ - -} -function __caddy_reverse-proxy { - _arguments \ - "--change-host-header: :" \ - "--from: :_files" \ - "--to: :_files" \ - -} -function __caddy_run { - _arguments \ - "--environ: :" \ - "--resume: :" \ - "--watch: :" \ - "--adapter: :_files" \ - "--config: :_files" \ - "--pingback: :_files" \ - "--pidfile: :_files" \ - -} -function __caddy_start { - _arguments \ - "--watch: :" \ - "--adapter: :_files" \ - "--config: :_files" \ - "--pidfile: :_files" \ - -} -function __caddy_stop { - _arguments \ - "--address: :_files" \ - -} -function __caddy_trust { - -} -function __caddy_untrust { - _arguments \ - "--ca: :_files" \ - "--cert: :_files" \ - -} -function __caddy_validate { - _arguments \ - "--config: :_files" \ - "--adapter: :_files" \ - -} -function __caddy_version { - -} - -_caddy -