diff --git a/Makefile b/Makefile index 9f1b47e..42b5d1d 100644 --- a/Makefile +++ b/Makefile @@ -49,10 +49,11 @@ deb: $(BUILD_DIR)/caddy sed 's/{{VERSION}}/$(VERSION)-$(REVISION)/g; s/{{ARCH}}/$(ARCH)/g' debian/control > $(STAGING_DIR)/DEBIAN/control @# Scripts + cp debian/preinst $(STAGING_DIR)/DEBIAN/ cp debian/postinst $(STAGING_DIR)/DEBIAN/ cp debian/prerm $(STAGING_DIR)/DEBIAN/ cp debian/postrm $(STAGING_DIR)/DEBIAN/ - chmod 755 $(STAGING_DIR)/DEBIAN/postinst $(STAGING_DIR)/DEBIAN/prerm $(STAGING_DIR)/DEBIAN/postrm + chmod 755 $(STAGING_DIR)/DEBIAN/preinst $(STAGING_DIR)/DEBIAN/postinst $(STAGING_DIR)/DEBIAN/prerm $(STAGING_DIR)/DEBIAN/postrm @# Conffiles cp debian/conffiles $(STAGING_DIR)/DEBIAN/ diff --git a/debian/postinst b/debian/postinst index 737a12f..067cd50 100644 --- a/debian/postinst +++ b/debian/postinst @@ -1,6 +1,15 @@ #!/bin/sh +# postinst for madcat-caddy +# +# Handles: +# - Fresh install (no prior caddy) +# - Upgrade from stock caddy with masked service +# - Upgrade from previous madcat-caddy + set -e +UNIT_PATH="/usr/lib/systemd/system/caddy.service" + # Create caddy user/group if they don't exist if ! getent group caddy >/dev/null 2>&1; then groupadd --system caddy @@ -16,9 +25,57 @@ mkdir -p /var/lib/caddy/.config/caddy mkdir -p /var/lib/caddy/.local/share/caddy chown -R caddy:caddy /var/lib/caddy -# Enable and start the service +# Stop caddy-api.service if it exists (leftover from stock caddy) if [ -d /run/systemd/system ]; then + systemctl stop caddy-api.service 2>/dev/null || true +fi + +# Handle systemd service setup +if [ -d /run/systemd/system ]; then + # If the unit file is missing (removed during package transition) or is a + # dangling symlink (masked unit pointing to /dev/null), recreate it. + if [ ! -f "$UNIT_PATH" ] || [ -L "$UNIT_PATH" ]; then + # Unmask first — removes the /dev/null symlink if masked + systemctl unmask caddy.service 2>/dev/null || true + + # If still missing after unmask, recreate from our embedded copy + if [ ! -f "$UNIT_PATH" ]; then + mkdir -p "$(dirname "$UNIT_PATH")" + cat > "$UNIT_PATH" << 'UNIT' +[Unit] +Description=Caddy web server (madcat-caddy) +Documentation=https://caddyserver.com/docs/ +After=network.target network-online.target +Requires=network-online.target + +[Service] +Type=notify +User=caddy +Group=caddy +ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile +ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force +TimeoutStopSec=5s +LimitNOFILE=1048576 +LimitNPROC=512 +PrivateTmp=true +ProtectSystem=full +AmbientCapabilities=CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +NoNewPrivileges=true + +[Install] +WantedBy=multi-user.target +UNIT + fi + fi + + # Reload systemd to pick up the unit file (new or recreated) systemctl daemon-reload + + # Unmask again after reload in case it was masked in systemd's state + systemctl unmask caddy.service 2>/dev/null || true + + # Enable and start systemctl enable caddy.service systemctl start caddy.service || true fi diff --git a/debian/preinst b/debian/preinst new file mode 100644 index 0000000..95d2b51 --- /dev/null +++ b/debian/preinst @@ -0,0 +1,14 @@ +#!/bin/sh +# preinst for madcat-caddy +# +# Stop existing caddy services before install/upgrade. +# Guards against failures when services don't exist (e.g., caddy-api.service +# from stock caddy may not be present on all systems). + +set -e + +if [ -d /run/systemd/system ]; then + # Stop stock caddy services — both may not exist, so guard with || true + systemctl stop caddy.service 2>/dev/null || true + systemctl stop caddy-api.service 2>/dev/null || true +fi