examples/hooks/caddy-deploy.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

#!/bin/sh
# caddy-deploy.sh — Post-deploy hook for Witryna + Caddy integration
#
# Generates a Caddyfile snippet for the deployed site and reloads Caddy.
# Supports wildcard hosting domains and custom primary domains with redirects.
#
# Env vars from Witryna (automatic):
#   WITRYNA_SITE       — site name
#   WITRYNA_PUBLIC_DIR — stable "current" symlink path (document root)
#
# Env vars from [sites.env] in witryna.toml:
#   BASE_DOMAIN      — wildcard hosting domain (e.g. mywitrynahost.com)
#   PRIMARY_DOMAIN   — (optional) custom primary domain
#   REDIRECT_DOMAINS — (optional) comma-separated additional redirect domains
#   CADDY_SITES_DIR  — (optional) where to write configs (default: /etc/caddy/sites.d)
#
# Behavior matrix:
#   BASE_DOMAIN set, PRIMARY_DOMAIN not set:
#     Serving: {site}.{base}
#     Redirects: (none)
#
#   BASE_DOMAIN set, PRIMARY_DOMAIN set:
#     Serving: PRIMARY_DOMAIN
#     Redirects: {site}.{base} + REDIRECT_DOMAINS → PRIMARY_DOMAIN
#
#   BASE_DOMAIN not set, PRIMARY_DOMAIN set:
#     Serving: PRIMARY_DOMAIN
#     Redirects: REDIRECT_DOMAINS → PRIMARY_DOMAIN
#
#   Neither set: error
#
# Usage in witryna.toml:
#   post_deploy = ["/etc/witryna/hooks/caddy-deploy.sh"]
#   [sites.env]
#   BASE_DOMAIN = "mywitrynahost.com"
#   PRIMARY_DOMAIN = "blog.example.com"

set -eu

SITES_DIR="${CADDY_SITES_DIR:-/etc/caddy/sites.d}"
CADDY_CONFIG="${CADDY_CONFIG:-/etc/caddy/Caddyfile}"

# Validate required env vars
if [ -z "${WITRYNA_SITE:-}" ]; then
    echo "ERROR: WITRYNA_SITE is not set" >&2
    exit 1
fi
if [ -z "${WITRYNA_PUBLIC_DIR:-}" ]; then
    echo "ERROR: WITRYNA_PUBLIC_DIR is not set" >&2
    exit 1
fi

# Determine serving domain and redirect domains
auto_domain=""
if [ -n "${BASE_DOMAIN:-}" ]; then
    auto_domain="${WITRYNA_SITE}.${BASE_DOMAIN}"
fi

serving_domain=""
redirect_domains=""

if [ -n "${PRIMARY_DOMAIN:-}" ]; then
    serving_domain="$PRIMARY_DOMAIN"
    # Auto-domain redirects to primary (if base is set)
    if [ -n "$auto_domain" ]; then
        redirect_domains="$auto_domain"
    fi
    # Append user-specified redirect domains
    if [ -n "${REDIRECT_DOMAINS:-}" ]; then
        if [ -n "$redirect_domains" ]; then
            redirect_domains="${redirect_domains}, ${REDIRECT_DOMAINS}"
        else
            redirect_domains="$REDIRECT_DOMAINS"
        fi
    fi
elif [ -n "$auto_domain" ]; then
    serving_domain="$auto_domain"
    # No primary → REDIRECT_DOMAINS still apply as redirects to auto_domain
    if [ -n "${REDIRECT_DOMAINS:-}" ]; then
        redirect_domains="$REDIRECT_DOMAINS"
    fi
else
    echo "ERROR: at least one of BASE_DOMAIN or PRIMARY_DOMAIN must be set" >&2
    exit 1
fi

# Ensure sites directory exists
mkdir -p "$SITES_DIR"

# Generate Caddyfile snippet
config_file="${SITES_DIR}/${WITRYNA_SITE}.caddy"
{
    echo "# Managed by witryna caddy-deploy.sh — do not edit"
    echo "${serving_domain} {"
    echo "    root * ${WITRYNA_PUBLIC_DIR}"
    echo "    file_server"
    echo "    encode gzip"
    echo "    header {"
    echo "        X-Frame-Options \"DENY\""
    echo "        X-Content-Type-Options \"nosniff\""
    echo "        Referrer-Policy \"strict-origin-when-cross-origin\""
    echo "        -Server"
    echo "    }"
    echo "}"

    if [ -n "$redirect_domains" ]; then
        echo ""
        echo "${redirect_domains} {"
        echo "    redir https://${serving_domain}{uri} permanent"
        echo "}"
    fi
} > "$config_file"

echo "Wrote Caddy config: $config_file"

# Reload Caddy
caddy reload --config "$CADDY_CONFIG"
echo "Caddy reloaded"