1. Output of caddy version
:
Latest
2. How I run Caddy:
Docker image (latest)
a. System environment:
Docker (latest)
Portainer (latest)
b. Command:
no command... just run Stack!
c. Service/unit/compose file:
version: "4.0"
#
# 2022-12-01
# caddy
#
services:
olric:
container_name: olric
hostname: olric
image: olricio/olricd:latest
restart: always
stdin_open: true
tty: true
networks:
- proxy
ports:
- "3320:3320"
expose:
- "3320"
environment:
TZ: "Europe/Paris"
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /opt/docker/standard/ssl/:/ssl/:ro
- /opt/docker/standard/notification:/notify:ro
caddy:
container_name: caddy
hostname: caddy
image: zogg/caddy:latest
restart: always
stdin_open: true
tty: true
depends_on:
- olric
networks:
- proxy
ports:
- "80:80"
- "443:443"
expose:
- "80"
- "443"
environment:
TZ: "Europe/Paris"
CF_API_EMAIL: [...]
CF_DNS_API_TOKEN: "[...]"
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /opt/docker/standard/ssl/:/ssl/:ro
- /opt/docker/standard/notification:/notify:ro
- /opt/docker/standard/caddy/config/Caddyfile:/etc/caddy/Caddyfile
- /opt/docker/standard/caddy/config/entries:/etc/caddy/entries
- /opt/docker/standard/caddy/config/json:/config
- /opt/docker/standard/caddy/work:/data
networks:
proxy:
external: true
d. My complete Caddy config:
# 2022-12-01
(logs) {
debug
log {
level debug
#level error
}
}
(badger) {
badger {
configuration {
Dir "/caches/badger/"
ValueDir "/caches/badger/"
ValueLogFileSize 1073741824
MemTableSize 4194304
ValueThreshold 1
BypassLockGuard true
}
}
}
(olric) {
olric {
url olric:3320
configuration {
Dir "/caches/olric/"
EntryIdxMode 1
RWMode 0
SegmentSize 1024
NodeNum 42
SyncEnable true
StartFileLoadingMode 1
}
}
}
(souin) {
log_level debug
allowed_http_verbs GET POST
api {
prometheus
souin
}
#cdn {
# api_key {env.CF_DNS_API_TOKEN}
# dynamic
# email {env.CF_API_EMAIL}
# hostname zogg.fr
# provider cloudflare
# strategy soft
#}
headers Content-Type Authorization
ttl 300s
timeout {
backend 60s
cache 300ms
}
#import badger
import olric
default_cache_control "public, max-age=86400, s-maxage=86400, max-stale=3600, stale-while-revalidate=86400, stale-if-error=86400"
}
(cache) {
order cache before rewrite
cache {
import souin
}
}
{
import logs
import cache
http_port 80
https_port 443
email {env.CF_API_EMAIL}
servers :443 {
protocols h1 h2 h3
listener_wrappers {
http_redirect
tls
}
}
servers :80 {
protocols h1 h2 h3
}
}
# Cloudflare
(trustedproxies) {
trusted_proxies 10.0.0.0/8 172.16.0.0/16 192.168.0.0/16 fc00::/7 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22
}
(cloudflare) {
tls {
dns cloudflare {env.CF_DNS_API_TOKEN}
resolvers 1.1.1.1 1.0.0.1
}
header {
header_up Host {upstream_hostport}
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
header_up X-Forwarded-Proto {scheme}
header_up X-Forwarded-For {remote}
header_up X-Real-IP {remote}
}
}
(proxy) {
import trustedproxies
#header_up Host {upstream_hostport}
header_up Host {host}
header_up X-Forwarded-Host {remote}
header_up X-Forwarded-Proto {scheme}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
#header_up X-Forwarded-For {remote}
header_up Cache-Control "public, max-age=86400, s-maxage=86400, max-stale=3600, stale-while-revalidate=86400, stale-if-error=86400"
header_down Cache-Control "public, max-age=86400, s-maxage=86400, max-stale=3600, stale-while-revalidate=86400, stale-if-error=86400"
header_up X-Powered-By "Zogg"
header_up Server "Caddy"
}
# Global headers
(headersGlobal) {
Server "Caddy"
X-Powered-By "Zogg"
X-Server "Caddy"
}
# Security headers
(headersSecurity) {
# Keep referrer data off of HTTP connections
Referrer-Policy "strict-origin-when-cross-origin"
# Enable HSTS
Strict-Transport-Security "max-age=63072000, includeSubDomains, preload"
X-Permitted-Cross-Domain-Policies: "none"
# Disable clients from sniffing the media type
X-Content-Type-Options "nosniff"
# Clickjacking protection
X-Frame-Options "SAMEORIGIN"
# Disable XSS protection
X-XSS-Protection 0
# Permissions
Permissions-Policy "vibrate=(self), geolocation=(self), midi=(self), notifications=(self), push=(self), microphone=(self), camera=(self), magnetometer=(self), gyroscope=(self), fullscreen=(self), payment=(self)"
# CSP
Content-Security-Policy "default-src 'self' *.zogg.fr data: wss: blob: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zogg.fr data: blob: https:; img-src 'self' data: blob: *.zogg.Fr https:;style-src 'self' 'unsafe-inline' *.zogg.fr https:; connect-src 'self' wss: *.zogg.fr https:; frame-src 'self' https:; frame-ancestors 'self' *.zogg.fr"
}
(headersRobots) {
# Robots
X-Robots-Tag "none,noarchive,nosnippet,notranslate,noimageindex"
}
(headersCaching) {
# Caching
Cache-Control "public, max-age=86400, s-maxage=86400, max-stale=3600, stale-while-revalidate=86400, stale-if-error=86400"
header_up Cache-Control "public, max-age=86400, s-maxage=86400, max-stale=3600, stale-while-revalidate=86400, stale-if-error=86400"
}
(headersHTTP3) {
# HTTP/3
Alt-Svc "h3=":443"; ma=86400, h3-29=":443"; ma=86400"
}
(headers) {
header {
import headersGlobal
import headersRobots
import headersCaching
import headersSecurity
}
}
(pterodadctyl) {
import cloudflare
header {
import headersGlobal
import headersRobots
import headersCaching
Sec-Fetch-Site "cross-site"
X-Forwarded-Proto "https"
Access-Control-Allow-Headers "*, Authorization"
}
}
(common) {
import cloudflare
import headers
}
import /etc/caddy/entries
/etc/caddy/entries :
# 2022-12-01
error.zogg.fr {
import common
cache
reverse_proxy [ip]:[port] {
import proxy
}
}
3. The problem I’m having:
Hello
I’m new to Caddy as I switched from Traefik to Caddy yesterday…
What I use:
- Caddy (home made Docker image with cloudflare-dns & Souin Caddy plugin)
- Olric (as cache backend for Souin)
Almost is done except I can’t cache some content.
The files I use are:
- docker_compose.yml
- Caddyfile
- entries (here is only a sample ^^)
Url to test: https://error.zogg.fr/
I always get a cache-status of: Souin; fwd=uri-miss
I don’t understand why I can’t get a hit
4. Error messages and/or full log output:
Souin; fwd=uri-miss
5. What I already tried:
Most of my switch is ok, except this caching problem…
I don’t know if I setup the reverse_proxy correctly.
6. Links to relevant resources:
Url to test: https://error.zogg.fr/