1. Caddy version (caddy version
): 2.1.1
2. How I run Caddy:
Caddy is running inside docker with PHP 7.4 FPM side by side.
a. System environment:
- Docker (Base image PHP 7.4 FPM alpine. Installation of Caddy is based on the original Docker Caddy image)
- Supervisor.d
b. Command:
Supervisor.d command to start the caddy process:
caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
c. Service/unit/compose file:
supervisord.conf
[supervisord]
nodaemon=true
[program:caddy]
command=caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
[program:php-fpm]
command=php-fpm
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
d. My complete Caddyfile or JSON config:
example.myhiddendomain.com {
root * /site/public
try_files {path} /index.php?{query}
encode zstd gzip
php_fastcgi unix//run/php-fpm.sock
file_server
@exceptstripe not path /stripe/webhook /stripe/payment/*
basicauth @exceptstripe {
# hash = password
user JDJhJDEwJFgzR3EyVXRyMFRENmRCQmFTYUl2Yk9IQmtzVDI5VjZuMm1FLmVhck5MRlA1NWFObzJtYzll
}
header {
Strict-Transport-Security max-age=30758400;
Referrer-Policy same-origin
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-XSS-Protection "1; mode=block"
}
# Access logging in the combined format
log {
output file /var/log/access.log {
roll_size 50MiB
roll_keep 14
roll_keep_for 336h # 14 days
}
format json
}
log {
output stdout
format single_field common_log
}
}
3. The problem I’m having:
The except directive @exceptstripe
is not being applied to routes like https://example.myhiddendomain.com/stripe/webhook
and https://example.myhiddendomain.com/stripe/payment/foo
.
All routes are secured via basic auth, so I’m not able to make an exception for the above uri’s.
The routes may not have not be secured with the Basicauth directive as the Stripe server needs to talk to the server.
4. Error messages and/or full log output:
There are no error messages. The error is that the Basicauth
dialog is prompted.
5. What I already tried:
I already tried the longer syntax which didn’t work as well.
Like:
...
@exceptstripe {
not {
path /stripe/webhook /stripe/payment/*
}
}
...
I did’t try the expression syntax because I suppose there is some problem with my understanding of how the not directive is working.
I would gladly appreciate any feedback or hints.
Thanks!