I guess you could call it a feature request,
The idea is to have caddy replace nginx on the front.
Every new user that is created has its home directory and a http root.
/home/$user/http
Of course they’re all owned by $user:$user
Let’s say I’d like to use PHP on the back with fpm and serving through a unix socket.
The sockets would be created in /tmp/php-fpm/$user.sock and owned by the $user.
Now caddy would need to change the user in order to be able to read/write to the socket.
And that’s the whole problem I see with Caddy.
If you have 1 user for everything it’s fine. Or if you use tcp sockets.
But if you don’t there’s a problem.
Also I read that you need to run caddy as a non-root user as it doesn’t drop privileges.
nginx can have, afaik, 1 global user and group configuration.
So what I’m proposing here is:
- Run caddy as root
- Drop privileges on the listening sockets
- Have a user and group option for vhosts where it switches to that uid/gid for that vhost
To be honest I’m not sure if that’s even possible, I haven’t explored it yet.
And idk how current this topic is:
https://groups.google.com/forum/#!topic/golang-nuts/DS5elOEl-Aw