Caddy repeatedly terminating while running via upstart

I’m attempting to run Caddy as a proxy and have it setup to run with an upstart script on ubuntu 14.04 on AWS. I run the setcap on bootup to bind 80 and 443, however when the upstart config runs, it is repeatedly terminating then restarting with the lines below logging to syslog:

Jan 16 15:01:21 ip-x-x-x-x kernel: [ 1277.213855] init: caddy main process (5386) terminated with status 1 Jan 16 15:01:21 ip-x-x-x-x kernel: [ 1277.213865] init: caddy main process ended, respawning

However, when i run the command manually via command line, it runs perfectly fine and proxy’s as expected. Below is my caddy.conf file:

description "Caddy HTTP/2 web server"

start on runlevel [2345]
stop on runlevel [016]

console log

setuid www-data
setgid www-data

respawn
respawn limit 10 5

reload signal SIGUSR1

limit nofile 8192 8192

script
        exec /opt/caddy/caddy_linux_amd64 -agree -email=email@email.com -log=/var/log/syslog -conf=/etc/caddy/Caddyfile
end script

for reference, below is my Caddyfile. It is updated every 5 minutes via another process (so subdomains can be added dynamically), which then also reloads caddy (via sigusr1 call) to use to the latest configuration.

    http://subdomain.url1.com {
        redir https://subdomain.url1.com{uri}
    }
	https://subdomain.url1.com {
			tls {
    			max_certs 10
    		}
    		proxy / subdomain.url2.io {
    			header_upstream Host subdomain.url2.io
    		}
    }

Could there be something missing in my config file?

This can be closed, I was able to get this fixed. the issue was related to the Caddyfile config directory being owned by root and not www-data. The actual errors were logged to upstart, not syslog.

1 Like

You can also get rid of max_certs if you aren’t using on-demand TLS. I don’t recommend using it unless necessary, and since you know the hostnames beforehand (when Caddy is started, the way you’re doing it), you don’t need it.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.