#!/bin/sh # caddy-deploy.sh — Post-deploy hook for Witryna + Caddy integration # # Generates a Caddyfile snippet for the deployed site and reloads Caddy. # Supports wildcard hosting domains and custom primary domains with redirects. # # Env vars from Witryna (automatic): # WITRYNA_SITE — site name # WITRYNA_PUBLIC_DIR — stable "current" symlink path (document root) # WITRYNA_BUILD_STATUS — build outcome: "success" or "failed" # # Env vars from [sites.env] in witryna.toml: # BASE_DOMAIN — wildcard hosting domain (e.g. mywitrynahost.com) # PRIMARY_DOMAIN — (optional) custom primary domain # REDIRECT_DOMAINS — (optional) comma-separated additional redirect domains # CADDY_SITES_DIR — (optional) where to write configs (default: /etc/caddy/sites.d) # # Behavior matrix: # BASE_DOMAIN set, PRIMARY_DOMAIN not set: # Serving: {site}.{base} # Redirects: (none) # # BASE_DOMAIN set, PRIMARY_DOMAIN set: # Serving: PRIMARY_DOMAIN # Redirects: {site}.{base} + REDIRECT_DOMAINS → PRIMARY_DOMAIN # # BASE_DOMAIN not set, PRIMARY_DOMAIN set: # Serving: PRIMARY_DOMAIN # Redirects: REDIRECT_DOMAINS → PRIMARY_DOMAIN # # Neither set: error # # Usage in witryna.toml: # post_deploy = ["/etc/witryna/hooks/caddy-deploy.sh"] # [sites.env] # BASE_DOMAIN = "mywitrynahost.com" # PRIMARY_DOMAIN = "blog.example.com" set -eu # Only configure Caddy on successful builds if [ "${WITRYNA_BUILD_STATUS:-}" = "failed" ]; then echo "Build failed — skipping Caddy configuration" exit 0 fi SITES_DIR="${CADDY_SITES_DIR:-/etc/caddy/sites.d}" CADDY_CONFIG="${CADDY_CONFIG:-/etc/caddy/Caddyfile}" # Validate required env vars if [ -z "${WITRYNA_SITE:-}" ]; then echo "ERROR: WITRYNA_SITE is not set" >&2 exit 1 fi if [ -z "${WITRYNA_PUBLIC_DIR:-}" ]; then echo "ERROR: WITRYNA_PUBLIC_DIR is not set" >&2 exit 1 fi # Determine serving domain and redirect domains auto_domain="" if [ -n "${BASE_DOMAIN:-}" ]; then auto_domain="${WITRYNA_SITE}.${BASE_DOMAIN}" fi serving_domain="" redirect_domains="" if [ -n "${PRIMARY_DOMAIN:-}" ]; then serving_domain="$PRIMARY_DOMAIN" # Auto-domain redirects to primary (if base is set) if [ -n "$auto_domain" ]; then redirect_domains="$auto_domain" fi # Append user-specified redirect domains if [ -n "${REDIRECT_DOMAINS:-}" ]; then if [ -n "$redirect_domains" ]; then redirect_domains="${redirect_domains}, ${REDIRECT_DOMAINS}" else redirect_domains="$REDIRECT_DOMAINS" fi fi elif [ -n "$auto_domain" ]; then serving_domain="$auto_domain" # No primary → REDIRECT_DOMAINS still apply as redirects to auto_domain if [ -n "${REDIRECT_DOMAINS:-}" ]; then redirect_domains="$REDIRECT_DOMAINS" fi else echo "ERROR: at least one of BASE_DOMAIN or PRIMARY_DOMAIN must be set" >&2 exit 1 fi # Ensure sites directory exists mkdir -p "$SITES_DIR" # Generate Caddyfile snippet config_file="${SITES_DIR}/${WITRYNA_SITE}.caddy" { echo "# Managed by witryna caddy-deploy.sh — do not edit" echo "${serving_domain} {" echo " root * ${WITRYNA_PUBLIC_DIR}" echo " file_server" echo " encode gzip" echo " header {" echo " X-Frame-Options \"DENY\"" echo " X-Content-Type-Options \"nosniff\"" echo " Referrer-Policy \"strict-origin-when-cross-origin\"" echo " -Server" echo " }" echo "}" if [ -n "$redirect_domains" ]; then echo "" echo "${redirect_domains} {" echo " redir https://${serving_domain}{uri} permanent" echo "}" fi } > "$config_file" echo "Wrote Caddy config: $config_file" # Reload Caddy caddy reload --config "$CADDY_CONFIG" echo "Caddy reloaded"