I’m mostly a Windows person, but I decided to have a go at getting Caddy running on a Raspberry Pi. I followed this guide: How to Setup a Raspberry Pi Caddy Web Server - Pi My Life Up
If I ran Caddy manually from the command line, everything works fine. However, when I try to run it as a service I get this error:
caddy.service - Caddy HTTP/2 web server
Loaded: loaded (/etc/systemd/system/caddy.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2018-02-06 03:11:05 UTC; 19s ago
Docs: Welcome — Caddy Documentation
Main PID: 5375 (code=exited, status=217/USER)
Feb 06 03:11:05 raspberrypi systemd: Started Caddy HTTP/2 web server.
Feb 06 03:11:05 raspberrypi systemd: caddy.service: Main process exited, code=exited, status=217/USER
Feb 06 03:11:05 raspberrypi systemd: caddy.service: Unit entered failed state.
Feb 06 03:11:05 raspberrypi systemd: caddy.service: Failed with result ‘exit-code’.
This is what my service definition file looks like:
Description=Caddy HTTP/2 web server
; User and group the process will run as.
; Letsencrypt-issued certificates will be written to this directory.
; Always set “-root” to something safe in case it gets forgotten in the Caddyfile.
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID
; Use graceful shutdown with a reasonable timeout
; Limit the number of file descriptors; see
man systemd.execfor more limit settings.
; Unmodified caddy is not expected to use more than that.
; Use private /tmp and /var/tmp, which are discarded after caddy stops.
; Use a minimal /dev (May bring additional security if switched to ‘true’, but it may not work on Raspberry Pi’s or other devices, so it has been disabled in this dist.)
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
; Make /usr, /boot, /etc and possibly some more folders read-only.
; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
; This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
; The following additional security directives only work with systemd v229 or later.
; They further restrict privileges that can be gained by caddy. Uncomment if you like.
; Note that you may have to add capabilities required by any plugins in use.
Any idea what’s going wrong?