One user per Caddyfile

I guess you could call it a feature request,

The idea is to have caddy replace nginx on the front.
Every new user that is created has its home directory and a http root.
Of course they’re all owned by $user:$user
Let’s say I’d like to use PHP on the back with fpm and serving through a unix socket.
The sockets would be created in /tmp/php-fpm/$user.sock and owned by the $user.
Now caddy would need to change the user in order to be able to read/write to the socket.

And that’s the whole problem I see with Caddy.

If you have 1 user for everything it’s fine. Or if you use tcp sockets.
But if you don’t there’s a problem.

Also I read that you need to run caddy as a non-root user as it doesn’t drop privileges.

nginx can have, afaik, 1 global user and group configuration.

So what I’m proposing here is:

  • Run caddy as root
  • Drop privileges on the listening sockets
  • Have a user and group option for vhosts where it switches to that uid/gid for that vhost

To be honest I’m not sure if that’s even possible, I haven’t explored it yet.

And idk how current this topic is:!topic/golang-nuts/DS5elOEl-Aw