feat(library): Introduce Caddy 2.7

Introduce Caddy bincompat run. Build Caddy as static PIE using a
Dockerfile, inspired by Caddy's own Docker setup. Use `xcaddy` to build.
The build uses binary compatibility mode (i.e. the `base` image).

Create a build of the `base` (ELF Loader) and embedded the Caddy files
as an initial ramdisk.

`Kraftfile` is templated in `Kraftfile.template` to be able to provide
the path to the initrd file.

Add:

* `Kraftfile.template`: template build for the `base` (ELF Loader)
* `Dockerfile`: base Caddy filesystem
* `Makefile`: use to build the Caddy initial ramdisk
* `data/Caddyfile`: Caddy configuration file
* `hosts`: `/etc/hosts` file required for Caddy

Signed-off-by: Razvan Deaconescu <[email protected]>

library/caddy/2.7/.gitignore

@@ -0,0 +1,3 @@
+/Kraftfile
+/rootfs/
+/rootfs.cpio

library/caddy/2.7/Dockerfile

@@ -0,0 +1,34 @@
+FROM --platform=linux/x86_64 golang:1.21.4-bookworm AS build
+
+# Inspired from: https://github.com/caddyserver/caddy-docker/blob/master/2.7/builder/Dockerfile
+
+RUN set -xe; apt-get update ; \
+	apt-get install -y --no-install-recommends \
+	ca-certificates \
+	git \
+	libcap2-bin \
+	;
+
+ENV XCADDY_VERSION v0.3.5
+# Configures xcaddy to build with this version of Caddy
+ENV CADDY_VERSION v2.7.5
+# Configures xcaddy to not clean up post-build (unnecessary in a container)
+ENV XCADDY_SKIP_CLEANUP 1
+# Sets capabilities for output caddy binary to be able to bind to privileged ports
+ENV XCADDY_SETCAP 1
+
+RUN set -xe; \
+	wget -O /tmp/xcaddy.tar.gz "https://github.com/caddyserver/xcaddy/releases/download/v0.3.5/xcaddy_0.3.5_linux_amd64.tar.gz"; \
+	tar x -z -f /tmp/xcaddy.tar.gz -C /usr/bin xcaddy; \
+	rm -f /tmp/xcaddy.tar.gz; \
+	chmod +x /usr/bin/xcaddy;
+
+ENV CGO_ENABLED=1
+ENV XCADDY_GO_BUILD_FLAGS "-buildmode=pie -ldflags '-linkmode external -extldflags -static-pie'"
+
+RUN /usr/bin/xcaddy build
+
+FROM scratch
+
+COPY --from=build /go/caddy /usr/local/bin/caddy
+COPY data/Caddyfile /data/Caddyfile

library/caddy/2.7/Kraftfile.template

@@ -0,0 +1,73 @@
+spec: v0.6
+
+template:
+  source: https://github.com/unikraft/app-elfloader.git
+  version: stable
+
+unikraft:
+  source: https://github.com/unikraft/unikraft
+  version: testing
+  kconfig:
+    CONFIG_APPELFLOADER_VFSEXEC_EXECBIT: 'n'
+    CONFIG_HAVE_PAGING_DIRECTMAP: 'y'
+    CONFIG_HAVE_PAGING: 'y'
+    CONFIG_KVM_DEBUG_VGA_CONSOLE: 'n'
+    CONFIG_KVM_KERNEL_VGA_CONSOLE: 'n'
+    CONFIG_LIBDEVFS_AUTOMOUNT: 'y'
+    CONFIG_LIBDEVFS_DEV_NULL: 'y'
+    CONFIG_LIBDEVFS_DEV_STDOUT: 'y'
+    CONFIG_LIBDEVFS_DEV_ZERO: 'y'
+    CONFIG_LIBDEVFS: 'y'
+    CONFIG_LIBISRLIB: 'y'
+    CONFIG_LIBPOSIX_ENVIRON_ENVP0: "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+    CONFIG_LIBPOSIX_ENVIRON_ENVP1: "HOME=/"
+    CONFIG_LIBPOSIX_ENVIRON: 'y'
+    CONFIG_LIBPOSIX_EVENT: 'y'
+    CONFIG_LIBPOSIX_FUTEX: 'y'
+    CONFIG_LIBPOSIX_MMAP: 'y'
+    CONFIG_LIBPOSIX_PROCESS_CLONE: 'y'
+    CONFIG_LIBPOSIX_SYSINFO: 'y'
+    CONFIG_LIBPOSIX_TIME: 'y'
+    CONFIG_LIBPOSIX_USER_GID: 0
+    CONFIG_LIBPOSIX_USER_GROUPNAME: "root"
+    CONFIG_LIBPOSIX_USER_UID: 0
+    CONFIG_LIBPOSIX_USER_USERNAME: "root"
+    CONFIG_LIBPOSIX_USER: 'y'
+    CONFIG_LIBRAMFS: 'y'
+    CONFIG_LIBSYSCALL_SHIM_HANDLER_ULTLS: 'y'
+    CONFIG_LIBSYSCALL_SHIM_HANDLER: 'y'
+    CONFIG_LIBSYSCALL_SHIM_LEGACY_VERBOSE: 'y'
+    CONFIG_LIBSYSCALL_SHIM: 'y'
+    CONFIG_LIBUKALLOCPOOL: 'y'
+    CONFIG_LIBUKBLKDEV_SYNC_IO_BLOCKED_WAITING: 'y'
+    CONFIG_LIBUKBLKDEV: 'y'
+    CONFIG_LIBUKBOOT_BANNER_MINIMAL: 'y'
+    CONFIG_LIBUKBOOT_HEAP_BASE: '0x400000000'
+    CONFIG_LIBUKCPIO: 'y'
+    CONFIG_LIBUKDEBUG_CRASH_SCREEN: 'n'
+    CONFIG_LIBUKDEBUG_ENABLE_ASSERT: 'n'
+    CONFIG_LIBUKDEBUG_PRINT_TIME: 'n'
+    CONFIG_LIBUKFALLOC: 'y'
+    CONFIG_LIBUKMPI: 'n'
+    CONFIG_LIBUKSIGNAL: 'y'
+    CONFIG_LIBUKVMEM_DEFAULT_BASE: '0x0000001000000000'
+    CONFIG_LIBUKVMEM_DEMAND_PAGE_IN_SIZE: 12
+    CONFIG_LIBUKVMEM_PAGEFAULT_HANDLER_PRIO: 4
+    CONFIG_LIBUKVMEM: 'y'
+    CONFIG_LIBVFSCORE_AUTOMOUNT_ROOTFS: 'y'
+    CONFIG_LIBVFSCORE_FSTAB: 'y'
+    CONFIG_LIBVFSCORE_ROOTFS_EINITRD: 'y'
+    CONFIG_LIBVFSCORE_ROOTFS_EINITRD_PATH: "__EINITRD_PATH__"
+    CONFIG_OPTIMIZE_DEADELIM: 'y'
+    CONFIG_OPTIMIZE_LTO: 'y'
+    CONFIG_PAGING: 'y'
+    CONFIG_UKPLAT_KSP_SIZE: 32768
+    CONFIG_UKPLAT_MEMREGION_MAX_COUNT: 64
+
+libraries:
+  lwip: stable
+  libelf: stable
+
+targets:
+- fc/x86_64
+- qemu/x86_64

library/caddy/2.7/Makefile

@@ -0,0 +1,37 @@
+IMAGE_NAME = unikraft-caddy
+CONTAINER_NAME = $(IMAGE_NAME)
+CMD = /usr/local/bin/caddy run --config /data/Caddyfile
+EXTRA_OPTS = -p 2015:2015
+
+build:
+	docker build -f Dockerfile -t $(IMAGE_NAME) .
+
+run_anon: build
+	docker run --rm --interactive --tty $(EXTRA_OPTS) $(IMAGE_NAME) $(CMD)
+
+create: build
+	-docker container inspect $(CONTAINER_NAME) > /dev/null 2>&1 || docker create --name $(CONTAINER_NAME) --tty $(EXTRA_OPTS) $(IMAGE_NAME) $(CMD)
+
+run: create
+	-test "$(shell docker container inspect -f '{{.State.Running}}' $(CONTAINER_NAME) 2> /dev/null)" = "false" || docker exec --interactive --tty $(CONTAINER_NAME) $(CMD) && docker start --interactive $(CONTAINER_NAME)
+
+stop:
+	-test "$(shell docker container inspect -f '{{.State.Running}}' $(CONTAINER_NAME) 2> /dev/null)" = "true" && docker stop $(CONTAINER_NAME)
+
+clean: stop
+	-docker container inspect $(CONTAINER_NAME) > /dev/null 2>&1 && docker rm $(CONTAINER_NAME)
+
+export: clean create cleanfs
+	mkdir rootfs
+	docker export $(CONTAINER_NAME) | tar -x -C rootfs
+	cp hosts rootfs/etc/hosts
+
+initrd: export
+	rm -f rootfs.cpio
+	cd rootfs ; find -depth -print | tac | bsdcpio -o --format newc > ../rootfs.cpio
+	sed 's|__EINITRD_PATH__|'$$PWD/rootfs.cpio'|' < Kraftfile.template > Kraftfile
+
+cleanfs:
+	-test -d rootfs && rm -fr rootfs
+
+.PHONY: build build run_anon create run stop clean export cleanfs

library/caddy/2.7/data/Caddyfile

@@ -0,0 +1,3 @@
+:2015
+
+respond "Hello, world!"

library/caddy/2.7/hosts

@@ -0,0 +1,2 @@
+127.0.0.1	localhost
+::1     ip6-localhost ip6-loopback