how can you run caddy with a Caddyfile with systemd with enabled selinux on fedora?

I can manually start caddy with caddy start or /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile which is also in /usr/lib/systemd/system/caddy.service.

Caddy works just fine but I can’t start it with systemd without disabling selinux with sudo setenforce 0.

edit:

I found a tutorial on how to start caddy on centos that disables selinux, starts caddy with systemctl and then enabales selinux again. That does not sound right to me.

  • enemenemu@lemm.eeOPEnglish
    3·
    3 days ago

    I agree! Thx for asking. I don’t get a proper one.

    $ sudo systemctl start caddy 
Job for caddy.service failed because the control process exited with error code.
See "systemctl status caddy.service" and "journalctl -xeu caddy.service" for details.

    $ journalctl -xeu caddy.service 

May 18 09:28:45 username caddy[6163]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
May 18 09:28:45 username caddy[6163]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
May 18 09:28:45 username caddy[6163]: caddy.Version=v2.10.0 h1:fonubSaQKF1YANl8TXqGcn4IbIRUDdfAkpcsfI/vX5U=
May 18 09:28:45 username caddy[6163]: runtime.GOOS=linux
May 18 09:28:45 username caddy[6163]: runtime.GOARCH=amd64
May 18 09:28:45 username caddy[6163]: runtime.Compiler=gc
May 18 09:28:45 username caddy[6163]: runtime.NumCPU=4
May 18 09:28:45 username caddy[6163]: runtime.GOMAXPROCS=4
May 18 09:28:45 username caddy[6163]: runtime.Version=go1.24.2
May 18 09:28:45 username caddy[6163]: os.Getwd=/
May 18 09:28:45 username caddy[6163]: LANG=en_US.UTF-8
May 18 09:28:45 username caddy[6163]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
May 18 09:28:45 username caddy[6163]: NOTIFY_SOCKET=/run/systemd/notify
May 18 09:28:45 username caddy[6163]: USER=caddy
May 18 09:28:45 username caddy[6163]: LOGNAME=caddy
May 18 09:28:45 username caddy[6163]: HOME=/var/lib/caddy
May 18 09:28:45 username caddy[6163]: INVOCATION_ID=2fc1e0f2649a41a69ae54fe267fa0bc5
May 18 09:28:45 username caddy[6163]: JOURNAL_STREAM=9:41227
May 18 09:28:45 username caddy[6163]: SYSTEMD_EXEC_PID=6163
May 18 09:28:45 username caddy[6163]: MEMORY_PRESSURE_WATCH=/sys/fs/cgroup/system.slice/caddy.service/memory.pressure
May 18 09:28:45 username caddy[6163]: MEMORY_PRESSURE_WRITE=c29tZSAyMDAwMDAgMjAwMDAwMAA=
May 18 09:28:45 username caddy[6163]: SYSTEMD_SLEEP_FREEZE_USER_SESSIONS=0
May 18 09:28:45 username caddy[6163]: {"level":"info","ts":1747553325.945979,"msg":"maxprocs: No GOMAXPROCS change to reset"}
May 18 09:28:45 username caddy[6163]: Error: reading config from file: open /etc/caddy/Caddyfile: permission denied
May 18 09:28:45 username systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ An ExecStart= process belonging to unit caddy.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 1.
May 18 09:28:45 username systemd[1]: caddy.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ The unit caddy.service has entered the 'failed' state with result 'exit-code'.
May 18 09:28:45 username systemd[1]: Failed to start caddy.service - Caddy.
░░ Subject: A start job for unit caddy.service has failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ A start job for unit caddy.service has finished with a failure.
░░ 
░░ The job identifier is 3809 and the job result is failed.

    $ sudo systemctl status caddy                 

× caddy.service - Caddy
     Loaded: loaded (/usr/lib/systemd/system/caddy.service; enabled; preset: disabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf, 50-keep-warm.conf
     Active: failed (Result: exit-code) since Sun 2025-05-18 09:32:18 CEST; 4min 37s ago
 Invocation: b2e02d16f6614d5fb85f54a67bce414a
       Docs: https://caddyserver.com/docs/
    Process: 6930 ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile (code=exited, status=1/FAILURE)
   Main PID: 6930 (code=exited, status=1/FAILURE)
   Mem peak: 16.4M
        CPU: 66ms

May 18 09:32:18 username caddy[6930]: JOURNAL_STREAM=9:49675
May 18 09:32:18 username caddy[6930]: SYSTEMD_EXEC_PID=6930
May 18 09:32:18 username caddy[6930]: MEMORY_PRESSURE_WATCH=/sys/fs/cgroup/system.slice/caddy.service/memory.pressure
May 18 09:32:18 username caddy[6930]: MEMORY_PRESSURE_WRITE=c29tZSAyMDAwMDAgMjAwMDAwMAA=
May 18 09:32:18 username caddy[6930]: SYSTEMD_SLEEP_FREEZE_USER_SESSIONS=0
May 18 09:32:18 username caddy[6930]: {"level":"info","ts":1747553538.0326045,"msg":"maxprocs: No GOMAXPROCS change to reset"}
May 18 09:32:18 username caddy[6930]: Error: reading config from file: open /etc/caddy/Caddyfile: permission denied
May 18 09:32:18 username systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
May 18 09:32:18 username systemd[1]: caddy.service: Failed with result 'exit-code'.
May 18 09:32:18 username systemd[1]: Failed to start caddy.service - Caddy.