New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Systemctl doesn't work well #78
Comments
Would be easier to help if you could post your entire caddy.service file (should be in If you do not have the CADDYPATH set in the systemd unit then caddy will try and use
|
I am having the same issue, and I suspect the git module is to blame, when trying to pull from a private repository. A minimal Caddy file reproducer snippet for me seems to be:
Note that the www-data user created by this playbook does not have a $HOME set (nor does one exist on disk). |
I meant to add, but pressed enter too fast: The role is cloned from master and is not customised in any way. The machine is a vanilla install of Ubuntu 18.04. Cloning from a public repo (over HTTPS) works for me:
|
Workaround, setting:
in the playbook allows me to deploy on 18.04 using the latest version of the role. |
Interesting @chrisglass after making that change do you see any files being created on disk in the home directory? I know you said that the
If I have time I'll try and reproduce this but thanks for your work on the issue so far. |
I seems the only thing that is being written in /home/caddy between an unsucessful service start and a successful service start is the With home protection (service fails): https://gist.github.com/chrisglass/10977648ae32fcd430c8cf0f2c854882 |
Ah good work, that makes sense then. I don't really see any way around that. Seems like the only way to change the known_hosts path is using an SSH config option & I don't see that as something this role should be getting involved in (especially given that it's only an issue if you are using the git middleware with SSH). Perhaps a documentation change to point out that |
In the context of this ansible role, I think it makes little sense to have protectHome set to true at all. I understand the decision in caddy (upstream) case where you can't guarantee what the home(s) will look like in the system, but here we know that $HOME is safe since we create the user in the first place. Besides, normal UNIX permissions are still enforced, and the So, I would either:
|
I think you're right & I would support disabling that option for the reasons you explained. @lbischof would you mind adding your thoughts when you have the time? |
Hi all, when i run for the first time Caddy installed with this role the service never started, this happens on Ubuntu 16.04, this is because Caddy tries to access on many directories under the home at least when the configs are changed, for example in have to comment this line:
I don't know why but I have to change this after I modify caddy config file... any suggestion? because the
ProtectHome
make sense.The text was updated successfully, but these errors were encountered: