Caddy validate unexpected end of JSON input

1. Caddy version (caddy version):

latest

2. How I run Caddy:

host vps

a. System environment:

Ubuntu 20.04

b. Command:

caddy validate

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

# GLOBAL
{
        # Global options block. Entirely optional, https is on by default
        # Optional email key for lets encrypt
        email hidden
        # Optional staging lets encrypt for testing.
        # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory

        servers {
                timeouts {
                        read_body   10s
                        read_header 10s
                        write       10s
                        idle        2m
                }
                max_header_size 16384
        }

}

# SNIPPETS

(mustheaders) {
        header {
                Strict-Transport-Security "max-age=31536000; includesubdomains; preload"
                Content-Security-Policy "default-src https: 'unsafe-inline' 'unsafe-eval'"
                X-Content-Type-Options "nosniff"
                X-Frame-Options "SAMEORIGIN"
                Referrer-Policy "same-origin"
                X-Xss-Protection "1; mode=block"
                Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'"
                Expect-CT "max-age=604800"
                -Server
        }
}
(offlinewebsite) {
        header {
                X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"
        }
        @public_networks not remote_ip hidden
        respond @public_networks "Access denied" 403
}
(onlinewebsite) {
        header {
                X-Robots-Tag "noarchive, notranslate"
        }
}

(compression) {
        encode zstd gzip
}

(caching) {
        @short_cache {
                path /
                path /author/*
                path /tag/*
                path /category/*
        }
        handle @short_cache {
                header Cache-Control "public, max-age=86400, must-revalidate"
        }
        @no_cache {
                path /sitemap*
                path /rss/
        }
        handle @no_cache {
                header Cache-Control "no-cache, no-store, must-revalidate"
        }
        header Cache-Control "public, max-age=604800, must-revalidate"
}

(security) {

        # deny all access to these folders
        @denied_folders path_regexp /(\.github|cache|bin|logs|backup.*|test.*)/.*$
        respond @denied_folders "Access denied" 403

        # deny running scripts inside core system folders
        @denied_system_scripts path_regexp /(core|content|test|system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat|yml|js)$
        respond @denied_system_scripts "Access denied" 403

        # deny running scripts inside user folder
        @denied_user_folder path_regexp /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat|yml|js)$
        respond @denied_user_folder "Access denied" 403

        # deny access to specific files in the root folder
        @denied_root_folder path_regexp /(index.php.*|wp-admin.php|wp-login.php|wp-config.php.*|xmlrpc.php|config.production.json|config.development.json|index.js|package.json|renovate.json|.*lock|mix.*|ghost.js|startup.js|\.editorconfig|\.eslintignore|\.eslintrc.json|\.gitattributes|\.gitignore|\.gitmodules|\.npmignore|Gruntfile.js|LICENSE|MigratorConfig.js|LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
        respond @denied_root_folder "Access denied" 403

        # block bad crawlers
        @badbots header User-Agent "aesop_com_spiderman, alexibot, backweb, batchftp, bigfoot, blackwidow, blowfish, botalot, buddy, builtbottough, bullseye, cheesebot, chinaclaw, cosmos, crescent, curl, custo, da, diibot, disco, dittospyder, dragonfly, drip, easydl, ebingbong, erocrawler, exabot, eyenetie, filehound, flashget, flunky, frontpage, getright, getweb, go-ahead-got-it, gotit, grabnet, grafula, harvest, hloader, hmview, httplib, humanlinks, ilsebot, infonavirobot, infotekies, intelliseek, interget, iria, jennybot, jetcar, joc, justview, jyxobot, kenjin, keyword, larbin, leechftp, lexibot, lftp, libweb, likse, linkscan, linkwalker, lnspiderguy, lwp, magnet, mag-net, markwatch, memo, miixpc, mirror, missigua, moget, nameprotect, navroad, backdoorbot, nearsite, netants, netcraft, netmechanic, netspider, nextgensearchbot, attach, nicerspro, nimblecrawler, npbot, openfind, outfoxbot, pagegrabber, papa, pavuk, pcbrowser, pockey, propowerbot, prowebwalker, psbot, pump, queryn, recorder, realdownload, reaper, reget, true_robot, repomonkey, rma, internetseer, sitesnagger, siphon, slysearch, smartdownload, snake, snapbot, snoopy, sogou, spacebison, spankbot, spanner, sqworm, superbot, superhttp, surfbot, asterias, suzuran, szukacz, takeout, teleport, telesoft, thenomad, tighttwatbot, titan, urldispatcher, turingos, turnitinbot, *vacuum*, vci, voideye, libwww-perl, widow, wisenutbot, wwwoffle, xaldon, xenu, zeus, zyborg, anonymouse, *zip*, *mail*, *enhanc*, *fetch*, *auto*, *bandit*, *clip*, *copier*, *master*, *reaper*, *sauger*, *quester*, *whack*, *picker*, *catch*, *vampire*, *hari*, *offline*, *track*, *craftbot*, *download*, *extract*, *stripper*, *sucker*, *ninja*, *clshttp*, *webspider*, *leacher*, *collector*, *grabber*, *webpictures*, *seo*, *hole*, *copyright*, *check*"
        respond @badbots "Access denied" 403
}

(proxy) {
        header_up X-Forwarded-Proto {scheme}
        header_up X-Forwarded-For {remote}
        header_up X-Real-IP {remote}
        header_down X-Powered-By "the Holy Spirit"
        header_down Server "CERN httpd"
}

(logs) {
        log {
            output file /var/log/caddy/caddy.log
        }
}

(php) {
        php_fastcgi / unix//run/php/php7.4-fpm.sock
}

# STRIP WWW PREFIX

www.example.com {
        redir * https://{http.request.host.labels.1}.{http.request.host.labels.0}{path} permanent
}


# WEBSITES

example.com {
        import mustheaders
        import offlinewebsite
        @ghost_cache {
                path /ghost/*
                path /p/*
                path /membership/*
                path /account/*
        }
        handle @ghost_cache {
                header Cache-Control "no-cache, no-store, must-revalidate"
        }
        import caching
        import security
        reverse_proxy 127.0.0.1:2551 {
                import proxy
        }

        import logs
}

3. The problem I’m having:

Caddy proxy works fine, website and SSL are ok but:
“caddy validate” command shows: validate: decoding config: unexpected end of JSON input

4. Error messages and/or full log output:

validate: decoding config: unexpected end of JSON input

5. What I already tried:

6. Links to relevant resources:

Yet again, please read the docs. Per the error message, most likely you did not pass the config, or it’s a caddyfile but it isn’t named Caddyfile so Caddy couldn’t assume it’s a Caddyfile so it assumed the default of json config, which it isn’t.

file name is Caddyfile

In that case you’re definitely not in the same directory as the Caddyfile and/or the file name isn’t exactly Caddyfile.

 ~ stat Caddyfile
16777220 8664196975 -rw-r--r-- 1 mohammed staff 0 27 "Mar  8 02:36:04 2021" "Mar  8 02:36:02 2021" "Mar  8 02:36:02 2021" "Feb 20 12:15:13 2021" 4096 8 0 Caddyfile
 ~ caddy validate
2021/03/14 15:18:53.228	INFO	using adjacent Caddyfile
2021/03/14 15:18:53.236	INFO	http	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2021/03/14 15:18:53.236	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
2021/03/14 15:18:53.237	INFO	tls.cache.maintenance	started background certificate maintenance	{"cache": "0xc000379420"}
2021/03/14 15:18:53.250	INFO	tls.cache.maintenance	stopped background certificate maintenance	{"cache": "0xc000379420"}
Valid configuration
 ~ cd projects
 ~/projects caddy validate --config ../Caddyfile                                                                                                                 python3.9.2  go1.16.1
2021/03/14 15:20:18.066	INFO	using provided configuration	{"config_file": "../Caddyfile", "config_adapter": ""}
2021/03/14 15:20:18.071	INFO	http	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2021/03/14 15:20:18.072	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
2021/03/14 15:20:18.072	INFO	tls.cache.maintenance	started background certificate maintenance	{"cache": "0xc0003b7c00"}
2021/03/14 15:20:18.083	INFO	tls.cache.maintenance	stopped background certificate maintenance	{"cache": "0xc0003b7c00"}
Valid configuration
 ~/projects
1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.