Can't setup PHP with Caddy on Arch Linux

(Giuseppe) #1

Hello everyone, unfortunately your documentation is not helpful and I can’t get working PHP with Caddy on my local machine. OS is Arch Linux and I installed caddy from here:

PHP pages work with standalone PHP, but I can’t use SSL in this way, so I though to use Caddy since Apache is a little bit tricky to configure with SSL.

This is my configuration:

tls /home/giuseppe/Sito/Hierarchy/cert/cert.crt /home/giuseppe/Sito/Hierarchy/cert/cert.key
root /home/giuseppe/Sito/Hierarchy/
log /tmp/caddyaccess.log
errors /tmp/caddyerror.log
fastcgi /home/giuseppe/Sito/Hierarchy/ /run/php-fpm/php-fpm.sock {
    ext     .php
    split   .php
    index   index.php

Caddyfile is in /home/giuseppe/Sito/Hierarchy/
Why did I use full path after fastcgi? Because without it I can’t see index.php located in the directory cited above. https://localhost:8000/ and https://localhost:8000/index.php show “404 not found”.
Only if I specify the full path after fastcgi, I can reach the page at https://localhost:8000/index.php, but the PHP code is not parsed, therefore PHP is not working.

php-fpm package is installed and I started it before running caddy. I gave caddy command in /home/giuseppe/Sito/Hierarchy/ directory.

/run/php-fpm/php-fpm.sock is the socket file for php-fpm.
caddyaccess.log is

::1 - - [13/Mar/2018:12:21:28 +0100] "GET / HTTP/2.0" 404 14
::1 - - [13/Mar/2018:12:21:33 +0100] "GET /index.php HTTP/2.0" 200 4164

caddyerror.log is empty.

What can I do to get PHP working with caddy? Thanks.

(Matthew Fay) #2

Before we look into troubleshooting, I want to address this first:

I think you may not have a full understanding what’s happening when you specify the full path. From the documentation:

path is the base path to match before the request will be forwarded.

So, by setting the FastCGI path to the absolute file path, you’re effectively turning off FastCGI forwarding for any request that doesn’t start with /home/giuseppe/Sito/Hierarchy/.

This explains why, when set this way, a request for /index.php returns the file unprocessed - the request is being handled by Caddy’s static file server and the file is simply being sent as-is.

Essentially, you’re looking in the wrong ballpark for the solution to this problem. My strong suggestion is to revert back to the simpler fastcgi / /run/php-fpm/php-fpm.sock php (using the php preset here does the exact same as setting ext, split, and index manually).

Now, regarding the 404s… On a hunch, I’d wager that Caddy isn’t actually the culprit here, since PHP-FPM will return 404s for files it can’t access. I’d be looking into permissions (Which user runs Caddy? Which user runs PHP-FPM? Can the files have read-access available to both?).

(Giuseppe) #3

First of all, I resolved this problem uninstalling caddy and php-fpm, using php built in web server and getting SSL with stunnel. Now I get https on localhost.

Anyway, as I already said, I tried to set the option you mentioned, but I can’t even see the html page. The only way I can see something is with the configuration I posted in the open post, but php code is still not parsed.

I tried everything, both running caddy from root or my user. php-fpm listen to the socket with http user, buy I also tried to set my user, the result is the same.
http user could not have access to my files, but my user can.

(Matthew Fay) #4

To clarify, the configuration you posted, for a request to /index.php, is identical to not having fastcgi in your Caddyfile at all. You can remove it and see for yourself, it will have the same behaviour (you’ll get the raw index.php).

Caddy can already read the file - it does so when you disable FastCGI for /index.php and Caddy serves it unprocessed.

You need to either change PHP-FPM to run as another user that already has read permissions, or you need to change the files so they are readable by your http user.

(Giuseppe) #5

Caddy configuration changed as you said and php-fpm listening with my user. php-fpm has to be started as root, can’t be started as normal user, but listening socket wil run as http (or with a custom user, I set it as my user). Nothing changed.

I don’t know what to do. Never mind, I will use stunnel.

(Matthew Fay) #6

A 502 from Caddy indicates a separate problem to 404s, but if stunnel works, it works.

Feel free to come back and continue this thread if you decide to work out the issue with Caddy/PHP.

(Idan Loo) #7
  env SCRIPT_FILENAME /home/giuseppe/Sito/Hierarchy{path}