curl-install script?

[Merith-TK]

Requesting an script that can be used to automatically detect and download the basic static binary for the target system and report the system specs.

My OpenWRT router reports "mips" when I uname -m but further inspection it is mipsle and I want to be able to try to replace its web server with caddy as its easier to manager

[mholt]

Oh! We used to have this once upon a time (before Caddy 2: getcaddy.com) but it's no longer a thing because mostly we got complaints that it wasn't a "sound" distribution mechanism (I disagreed, but I also didn't want to fight them).

[Merith-TK]

I mean... why not both? the current method from the website is rather... painful and with literally no way to automate it so that if caddy2 updates at all, you cant automatically update it unless you are using an package manager or docker...

[francislavoie]

It can be automated. You can specify a version number in the URL, or omit it to get the latest.

You could also automate downloading the build you need from the GitHub releases tab. That's also predictable. It's how we automate building the Docker images, they're taken from the GitHub release.

Either way, I recommend building on your own infrastructure (CI or w/e) with xcaddy. The purpose of the website is mainly for manual one-off downloads, and we can't guarantee uptime.

An install script wouldn't really do anything you can't already do yourself otherwise.

And the whole curl https://some-url | bash pattern is guaranteed to generate complaints from security-minded users. We'll get criticism for providing a risky installation method (i.e. what if someone hijacks or intercepts the domain or gains access to the server hosting the script, then they can remotely execute code on the system of anyone who's using this method). So I'm strongly against providing something like that.

[mholt]

you cant automatically update it unless you are using an package manager or docker...

Did you know we have a caddy upgrade command?

In practice, most installations of Caddy don't have permission to upgrade themselves. Usually they can't modify the binaries in the PATH without privilege escalation.

Another reason we took away an official, scriptable endpoint is because the build server was automated into oblivion by scripts building crazy configurations that didn't seem practical; not sure how to explain it but even with a build cache our build server frequently got overwhelmed. Too many people were relying on that endpoint for their production environments and that made me nervous without SLAs. So I wanted to pull the plug on it.

I'm happy to set up something like this for sponsors -- just want to make sure it'll be supported sufficiently so it can be relied upon, since the costs to our project are real we need to make sure they're covered.

[mholt]

I'll close this, but I want to make it clear that we're happy to build something like this if a sponsor needs this. We can work with you to deliver what you want!