Add basic caddy setup.

diff --git a/bookworm/etc/server/caddy/Caddyfile b/bookworm/etc/server/caddy/Caddyfile
new file mode 100644 (file)
index 0000000..471c5a5
--- /dev/null
+++ b/bookworm/etc/server/caddy/Caddyfile
@@ -0,0 +1,4 @@
+:80 {
+    root * /usr/share/caddy
+    file_server
+}

diff --git a/bookworm/etc/server/nftables.conf b/bookworm/etc/server/nftables.conf
index 73193ebbfb0783d3fe81ad91501b23f025809566..96dad3ed432716ec3af93174c3c4b09a65c84e8a 100755 (executable)
--- a/bookworm/etc/server/nftables.conf
+++ b/bookworm/etc/server/nftables.conf
@@ -20,6 +20,12 @@ table inet filter {
         tcp dport 22 \
             accept \
             comment "accept SSH on default port";
+        tcp dport 80 \
+            accept \
+            comment "accept HTTP on default port";
+        tcp dport 443 \
+            accept \
+            comment "accept HTTPS on default port";
         ip protocol icmp \
             icmp type echo-request \
             accept \

diff --git a/bookworm/scripts/setup_catgirl.sh b/bookworm/scripts/setup_catgirl.sh
index 177a755aea43a02f9304f9e2e3ec8252ee59c01d..b21178801bbd4feb9bf4920eb2684a5e697a3dfe 100755 (executable)
--- a/bookworm/scripts/setup_catgirl.sh
+++ b/bookworm/scripts/setup_catgirl.sh
@@ -54,7 +54,14 @@ echo '\nEnabling the firewall.'
 systemctl enable nftables.service
 systemctl start nftables.service
 
-echo '\nSet up catgirl.'
+echo '\nSetting up catgirl.'
 sed -i "s/REPLACE_WITH_SASL_PASSWORD/${SASL_PASSWORD}/g" "${PATH_USER_HOME}/.config/catgirl/libera"
 systemctl enable catgirl.service
 systemctl start catgirl.service
+
+echo '\nSetting up caddy.'
+apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
+apt update
+apt install caddy