madcat-os/madcat-caddy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
main
madcat-caddy/debian/postinst
T
BT-7274 3f911ab7a6 fix: handle masked/missing caddy.service during package transition 
Fixes the postinst failure when replacing stock caddy on hosts where
caddy.service was masked. The unit file could be missing after dpkg
removes the old caddy package, causing systemctl enable to fail.

Changes:
- postinst: unmask caddy.service before enable, recreate unit file
  from embedded copy if missing after unmasking, stop caddy-api.service
  with guard
- preinst (new): stop caddy.service and caddy-api.service with || true
  guards before install/upgrade
- Makefile: include preinst in deb build

Handles three scenarios:
1. Fresh install (no prior caddy)
2. Upgrade from stock caddy with masked service
3. Upgrade from previous madcat-caddy

Closes #1
2026-06-12 21:24:11 +02:00

82 lines
2.3 KiB
Bash
Raw Permalink Blame History

#!/bin/sh
# postinst for madcat-caddy
#
# Handles:
# - Fresh install (no prior caddy)
# - Upgrade from stock caddy with masked service
# - Upgrade from previous madcat-caddy
set -e
UNIT_PATH="/usr/lib/systemd/system/caddy.service"
# Create caddy user/group if they don't exist
if ! getent group caddy >/dev/null 2>&1; then
groupadd --system caddy
fi
if ! getent passwd caddy >/dev/null 2>&1; then
useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin caddy
fi
# Create config and data directories
mkdir -p /etc/caddy
mkdir -p /var/lib/caddy/.config/caddy
mkdir -p /var/lib/caddy/.local/share/caddy
chown -R caddy:caddy /var/lib/caddy
# Stop caddy-api.service if it exists (leftover from stock caddy)
if [ -d /run/systemd/system ]; then
systemctl stop caddy-api.service 2>/dev/null || true
fi
# Handle systemd service setup
if [ -d /run/systemd/system ]; then
# If the unit file is missing (removed during package transition) or is a
# dangling symlink (masked unit pointing to /dev/null), recreate it.
if [ ! -f "$UNIT_PATH" ] || [ -L "$UNIT_PATH" ]; then
# Unmask first — removes the /dev/null symlink if masked
systemctl unmask caddy.service 2>/dev/null || true
# If still missing after unmask, recreate from our embedded copy
if [ ! -f "$UNIT_PATH" ]; then
mkdir -p "$(dirname "$UNIT_PATH")"
cat > "$UNIT_PATH" << 'UNIT'
[Unit]
Description=Caddy web server (madcat-caddy)
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
UNIT
fi
fi
# Reload systemd to pick up the unit file (new or recreated)
systemctl daemon-reload
# Unmask again after reload in case it was masked in systemd's state
systemctl unmask caddy.service 2>/dev/null || true
# Enable and start
systemctl enable caddy.service
systemctl start caddy.service || true
fi
Reference in New Issue View Git Blame Copy Permalink