Currently, the Nest CLI uses a janky system of updating a Caddyfile config and reloading the system caddy service every time a user adds or removes a domain. This doesn't work too well, and it would be much better for it to use the Caddy admin API.
The main question is how to properly secure the API so that users can only do the actions that they are allowed to do. The simplest way would be to keep the sudo scripts that the Nest CLI currently uses and change it to send a request using curl instead of writing to the file.
cskartikey
commented
1 month ago
Currently, the Nest CLI uses a janky system of updating a Caddyfile config and reloading the system caddy service every time a user adds or removes a domain. This doesn't work too well, and it would be much better for it to use the Caddy admin API.
The main question is how to properly secure the API so that users can only do the actions that they are allowed to do. The simplest way would be to keep the sudo scripts that the Nest CLI currently uses and change it to send a request using curl instead of writing to the file.