"Officializing" getcaddy.com

So we have this: https://getcaddy.com

It works pretty well, for the most part. Perhaps we should make mention of it on the Caddy download page. Kind of like this PR (which I haven’t forgotten about, just want to make sure it’s ready for mainstream use, if we want to do that).

Is this useful? If so, we should have some more people vet it for problems, try it out, etc. (I’m currently fixing a known issue with using it in Termux on Android.)

And a quick question: is an install path of /usr/bin OK? (Right now it’s /usr/local/bin but Termux doesn’t have that…)

3 Likes

/usr/bin is fine with me.
I’ve used it a few times on Ubuntu 16.04 and it’s worked well.

1 Like

I love getcaddy, it’s a one stop solution that has worked great for me on my ARM devices and my Mac without having to add a PPA or anything. I don’t mean It shouldn’t be in repositories but I love how straightforward this is. But now, since it’s a script, maybe having the option to choose the path and even add more apps like Hugo and some analytics would be nice but is not a necessity at all.

First up @matt, getcaddy needs a separate repository. There are quite a few bash geeks floating around that can make the script uber modular(I can give it a shot too :wink: ) but more importantly, we need to preserve the simplicity of the script, i.e. if a user doesn’t want any customisation regarding install location or plugins, he shouldn’t have to jump through loops for it.

You can download Caddy with plugins using that script, if that’s what you meant.

Great point, and it will get one!

I’m not interested in making big changes to the script at this point unless really necessary. Just the minimal required logic to install Caddy on the most common platforms where it would be useful.

I have two comments:

  1. /usr/bin will be locked down in OS X 10.11.* and beyond due to System Integrity Protection, so you will need to provide another installation path there.

  2. Also, personally I dislike unpackaged stuff ending up in /usr/bin on my linux distributions … I would rather like a proper package repository for Debian/Ubuntu for example, but I guess that is beyond the convenience getcaddy.com is poised to provide.

I’ve always been fearful of using any curl | bash scripts. Especially after reading this one: https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/

Would really recommend enforcing the user to download the script using curl, ask them to check it over, and then running it with bash.

Fair enough; although I think the risk is quite low in reality. (And is approximately equal to getting a tampered yum or apt installation that downloads malicious code, for example.) The connection is HTTPS, and if you don’t trust the Caddy infrastructure you should be compiling it yourself. But I can make a note in the comment that the paranoid among us should download first, then inspect, then execute.[quote=“oliof, post:6, topic:72, full:true”]
I have two comments:

/usr/bin will be locked down in OS X 10.11.* and beyond due to System Integrity Protection, so you will need to provide another installation path there.
Also, personally I dislike unpackaged stuff ending up in /usr/bin on my linux distributions … I would rather like a proper package repository for Debian/Ubuntu for example, but I guess that is beyond the convenience getcaddy.com is poised to provide.
[/quote]

Hmm, so maybe I should try for /usr/local/bin if it exists, otherwise go for /usr/bin.

A couple of problems I can see.

Firstly, using bash and not sh. The BSDs and OSX have the latter but not necessarily the former. The script looks like it doesn't contain any bashisms and should run using vanilla bourne shell.

IIRC, on Linux, if you call /bin/sh it actually calls /bin/bash but in a sh compatible mode. Or at least it did ~15 years ago!

As already mentioned about OSX but also true of FreeBSD, non-system user binaries get chucked in /usr/local/bin and any root stuff in /usr/local/sbin

OS X comes with bash.

But this is a good idea, I will give it a try.

The script does not work with sh. It seems that bash is required.

Done! GitHub - caddyserver/getcaddy.com: Automated installer script for Caddy with plugins

1 Like

If you don’t mind me asking, what’s the Caddy file for getcaddy.com ?

...

getcaddy.com {
	root /<folders>/www/getcaddy.com
}

And the index.txt ?

What about it? Here’s the whole file: getcaddy.com/index.txt at master · caddyserver/getcaddy.com · GitHub

Oh, does Caddy take any file that has index before the . and use that as the index file ?

It does for these: https://github.com/mholt/caddy/blob/a0e6eb3ba950e94eb0d061c0c7697d3f8005f975/middleware/fileserver.go#L172-L181

“index.html”,
“index.htm”,
“index.txt”,
“default.html”,
“default.htm”,
“default.txt”,

Ahh, alright. Thanks!

Sorry for the confusion.

Matt writes:

The script does not work with sh. It seems that bash is required.
I made a few changes and got it to work with FreeBSD's /bin/sh.

$EUID is a bashism, I think. $(id -u) is POSIX. I also changed the bang line,
of course.

FreeBSD has fetch(1) in the base system to grab files via http(s), so I’ve added
that along with wget and curl.

I don’t know if anybody is working on a FreeBSD port of Caddy? If not, I’ll
happily give it a go.

Have you got checksums for the different tarballs the script fetches? I was
going to add a function to the script to check them aswell as the script
itself (when it’s finished). FreeBSD recommends and uses sha256; I’ll have to
find out what other platforms ship with.

BTW, I’m not keen on the idea of fetching the script and piping it straight
into a shell…call me paranoid :wink:

Where are these changes? I’d be happy to incorporate them as long as they don’t break anything we’ve already got.

You mean this one on the Download page? :wink:

Building Caddy for FreeBSD is easy: GOOS=freebsd go build.

This is complicated because the build server produces a dynamic build every time. I bet few people would check even if we implemented this cleverly with headers or something.

That’s fine. :slight_smile: Just for you:

$ curl https://getcaddy.com > install_caddy.bash
$ cat install_caddy.bash
$ chmod +x install_caddy.bash && ./install_caddy.bash