1. Caddy version (caddy version
):
devel
2. How I run Caddy:
I run caddy via caddy start
in my directory containing the Caddyfile, in my case located in /etc/caddy/. I utilize Caddy for a media server, primarily for HTTPS encryption. Despite the request to provide things like domain names, they will, beyond a reasonable doubt be irrelevant here, and along with my high goals and expectations for security, they will be excluded from all logs, config files, etc. and replaced will filler text marked in italics(**)
a. System environment:
Manjaro Linux(Arch-based), utilizes systemd, installed via the AUR on the caddy2 package
b. Command:
caddy start
c. Service/unit/compose file:
# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.
[Unit]
Description=Caddy webserver
Documentation=https://caddyserver.com/docs/
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
StartLimitIntervalSec=14400
StartLimitBurst=10
[Service]
User=caddy
Group=caddy
Environment=XDG_DATA_HOME=/var/lib
Environment=XDG_CONFIG_HOME=/etc
ExecStart=/usr/bin/caddy run --adapter caddyfile --environ --config /etc/caddy/caddy.conf
ExecReload=/usr/bin/caddy reload --adapter caddyfile --config /etc/caddy/caddy.conf
# Do not allow the process to be restarted in a tight loop. If the
# process fails to start, something critical needs to be fixed.
Restart=on-abnormal
# Use graceful shutdown with a reasonable timeout
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
# Hardening options
PrivateTmp=true
PrivateDevices=true
ProtectHome=true
ProtectSystem=strict
ReadWritePaths=/var/lib/caddy /var/log/caddy
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
LockPersonality=true
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile(chosen to list) or JSON config:
{
email *email@email.com*
}
# This file was moved to caddy.conf
*my.domain.com* {
encode gzip
log {
output file /etc/caddy/logs/jellyfin_access.log {
roll true # Rotate logs, enabled by default
roll_size_mb 5 # Set max size 5 MB
roll_gzip true # Whether to compress rolled files
roll_local_time true # Use localhost time
roll_keep 2 # Keep at most 2 log files
roll_keep_days 7 # Keep log files for 7 days
}
}
redir /jellfin /jellyfin/
reverse_proxy /jellyfin/* 127.0.0.1:*myport*
}
# Edit 05/06/20 Remove Empty Brackets, Change logging format, and added Email portion. Commented out email portion for now
# Edit 05/07/20 Removed Email portion. Adding an optional part in the guide for it.
# Proof /u/NoFeedback4007 is original author. :)
3. The problem I’m having:
I can’t get redirects to work. As per the above example, trying to connect via “my.domain.com/jellyin” doesn’t redirect to “my.domain.com/jellyfin/”, and thus unless I type in the former I can’t connect.
4. Error messages and/or full log output:
N/A
5. What I already tried:
Not trying to be lazy, but not sure what else to try. Everything else, including stuff like manually typing in the former link works, just not redirects.
6. Links to relevant resources:
N/A