1. 03 Jun, 2016 4 commits
  2. 02 Jun, 2016 2 commits
  3. 29 May, 2016 2 commits
  4. 27 May, 2016 2 commits
  5. 25 May, 2016 1 commit
  6. 24 May, 2016 2 commits
  7. 21 May, 2016 1 commit
  8. 20 May, 2016 1 commit
  9. 15 May, 2016 1 commit
  10. 14 May, 2016 2 commits
  11. 12 May, 2016 3 commits
    • W. Mark Kubacki's avatar
      Merge pull request #817 from mholt/systemd-service-file · e516aebc
      W. Mark Kubacki authored
      Provides some more guidelines to operators on how to avoid running Caddy as root.
      
      Introduces an user www-data, which really is a placeholder. Such an user with the same UID/GID combination is created on the most popular Linux distribution. I trust any operator can spot the difference to his/her distro and adjust the unit file.
      
      User nobody is not used here to avoid two easy pitfalls: Such an user should not be able to access private keys (for TLS), and should not write private keys (we would do that with Letsencrypt).
      e516aebc
    • W-Mark Kubacki's avatar
      systemd: Run caddy with even less privileges and more confined · da8ae9e5
      W-Mark Kubacki authored
      The exemplary unit file for systemd is intentionally redundant at times, for
      example dropping privileges which an unprivileged user "www-data" did not have
      in the first place: To aid as fallback in case the file gets copied and an
      operator setting UID to 0 (which reportedly happened in the past).
      da8ae9e5
    • W-Mark Kubacki's avatar
      systemd, README: Edit for clarity · d377c79a
      W-Mark Kubacki authored
      d377c79a
  12. 07 May, 2016 4 commits
  13. 05 May, 2016 3 commits
  14. 04 May, 2016 1 commit
  15. 03 May, 2016 1 commit
  16. 01 May, 2016 6 commits
  17. 30 Apr, 2016 4 commits