How do I tell Caddy v2 to launch the
cgit CGI script with a specific UID/GID (iso root)?
I couldn’t find this in the docs, a pointer or short answer would be very much appreciated.
YOU MUST USE THIS TEMPLATE TO GET HELP.
Latest Caddy, 64-bit Linux. Please don’t insist on “filling out a questionnaire”.
Sorry, but we require the information in the template to help.
It’s unclear what version exactly you’re using (saying “latest” isn’t good enough). We need to see what your existing config looks like.
Caddy doesn’t run CGI scripts itself, it only supports proxying to a
Thanks for replying. I now realise that “latest” was not only vague, but in fact wrong: I’m running Caddy v2.30 a.t.m. - here is the config snippet I’m currently using:
cgi * /var/www/git.jeelabs.org/cgit.cgi
As I understand it, this is not fastcgi. I couldn’t figure out from the docs how to use
php_fastcgi for this case. I have to admit that my grasp of Caddy has gone down since the move to v2 (I’m not a sys admin nor a web developer, sorry).
The above works, but the cache files created by
cgit are owned by root, which is a bit worrying, as this implies that it must be running at a far too high privilege level.
So you’re using this plugin then?
You should ask on that GitHub issues board for help (to get the attention of that plugin’s developer).
Ok, thanks, I will. Looks like abandonware though …
Maybe, or maybe it works well enough for who is using it so far. It is licensed open source, so you’re (or anyone is) welcome to fork it and maintain it.
The template is there for a reason.
How do you start Caddy? (a question in template)
If you’re starting Caddy as root then all its plugin will also be root.
You could have started Caddy with user
git), consult systemd manual if you’re using it.
Exactly. The template is there both to save time for us, and for you. Otherwise we waste time asking the questions that would have been answered anyways by you just filling it out. Please help us help you.
Ok, fair enough. I’ll fill in the submit form in future posts.
Yes, I’m starting as root (easier to serve on http/https ports that way).
My workaround for now is to setuid/setgid the cgit exe.
Not perfect, but it works.
This topic was automatically closed after 30 days. New replies are no longer allowed.