Caddyfile environment variables not working

1. The problem I’m having:

I can’t use environment variables as documented here:

2. Error messages and/or full log output:

If I use it with validation eg. $MY_VAR, caddy will not start as it can’t evaluate the variable.

using {env.MY_VAR} also not working correctly, caddy starts but env variable is not substituted.

$CF_TOKEN:

Unit caddy.service failed to start

{env.CF_TOKEN}:

Certs are simply not updating as cloudflare returns several error messages, mainly "invalid request header"

3. Caddy version:

4. How I installed and ran Caddy:

apt install

a. System environment:

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS"

c. Service/unit/compose file:

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

{
        acme_dns cloudflare REDACTED_API
        servers {
                import /var/opt/caddy/cloudflare-proxies
        }
        email me@tld.org
        log default {
                output file /var/log/caddy/runtime.log {
                        roll_size 500mb
                        roll_keep 3
                        roll_keep_for 720h
                }
                format json
                level INFO
                exclude http.log.access
        }
        log access {
                output file /var/log/caddy/access.log {
                        roll_size 1gb
                        roll_keep 5
                        roll_keep_for 2160h
                }
                format json
                level DEBUG
                include http.log.access http.handlers.reverse_proxy
        }
}

:2019 {
        metrics
}

net.tld.org {
        reverse_proxy localhost:8000
}

port.marinero.hu {
        reverse_proxy localhost:9000 {
                transport http {
                        dial_timeout 60s
                        read_timeout 60m
                        write_timeout 120s
                        keepalive 10m
                }
        }
}

mail.tld.org {
        redir https://webmail.tld.org:2096
}

d.e.tld.org {
        reverse_proxy localhost:8885
}

my.tld.org {
        reverse_proxy localhost:8085
}

a.b.c.tld.org {
        reverse_proxy localhost:7777
}

*.sss.tld.org, sso.tld.org {
        tls {
                dns cloudflare {env.CF_TOKEN}
        }
        @users host users.tld.org
        handle @users {
            reverse_proxy localhost:5000
        }
        reverse_proxy localhost:8998
}

See Keep Caddy Running — Caddy Documentation, it explains how to set environment variables via systemd config overrides.

Thank you, this worked!
However, this means if caddy is ran by systemd, you can’t simply set env variables for example through /etc/environment?

See systemd - Env vars in /etc/environment not globally visible? - Unix & Linux Stack Exchange

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.