Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

caddytls: Allow disabling storage cleaning, avoids writing two files #6593

Merged
merged 1 commit into from
Nov 5, 2024
Merged

caddytls: Allow disabling storage cleaning, avoids writing two files #6593

merged 1 commit into from
Nov 5, 2024

Conversation

francislavoie
Copy link
Member

@francislavoie francislavoie commented Sep 27, 2024
edited
Loading

Some users want to run Caddy in a totally read-only mode, but currently storage cleaning implicitly creates two files instance.uuid and last_clean.json which are undesirable in that situation. We can simply skip starting the storage cleaning goroutine via a config option.

I noticed storage_check off wasn't configurable in the Caddyfile, so I added that too, while I was at it.

@francislavoie francislavoie added the feature ⚙️ New feature or request label Sep 27, 2024
@mholt
Copy link
Member

mholt commented Oct 1, 2024

Thanks for working on this! A couple questions/thoughts:

  • What is the harm of trying to write these two files?
  • Maybe we should just have a read_only mode in the global options (if it is actually needed). I don't know if I love this granularity since you need to turn several knobs for one thing.

@francislavoie
Copy link
Member Author

francislavoie commented Oct 1, 2024
edited
Loading

Forgot to link the related forum thread https://caddy.community/t/disabling-file-storage/25772, those 2 files get written which is undesirable in a setup with the goal of being read-only.

The way I see it, doesn't hurt to have this option, solves an edgecase for someone. Very simple implementation.

Maybe we should just have a read_only mode in the global options (if it is actually needed). I don't know if I love this granularity since you need to turn several knobs for one thing.

I dunno, an option that does too much is not better.

@jleedev
Copy link

jleedev commented Oct 21, 2024

I often want to use read-only mode when I'm running an ephemeral Caddy instance purely for testing, e.g. to verify a server's behavior behind a reverse proxy. Something trivial like caddy respond hello should not be complaining about "unable to get instance ID; storage clean stamps will be incomplete" and "could not clean default/global storage", and moreover this does not give me confidence that I can run the program purely as an isolated, single-use shell tool (which, to be clear, Caddy does not claim to be; compare this to how it wants to install a local certificate authority).

If the main (only?) use of the "storage" module relates to certificate maintence, it should be reasonable to avoid running this when TLS is disabled. If I run caddy file-server without giving a --domain flag, it should have no reason to be writing these.

@mholt mholt added this to the v2.9.0-beta.3 milestone Nov 5, 2024
@mholt mholt merged commit 5c8dc34 into master Nov 5, 2024
33 checks passed
@mholt mholt deleted the storage-clean-off branch November 5, 2024 17:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholt mholt mholt approved these changes

Assignees
No one assigned
Labels
feature ⚙️ New feature or request
Projects
None yet
Milestone
v2.9.0-beta.3
Development

Successfully merging this pull request may close these issues.
3 participants
@francislavoie @mholt @jleedev