/data and /config directories + autosave.json - important to keep?

1. Caddy version (caddy version): 2.4.1

2. How I run Caddy:

a. System environment: Docker 20.10.7 on Ubuntu 18.04

b. Command:

docker-compose -f docker-compose.yml -f docker-compose.azurevm-highperf-caddy.yml up

c. Service/unit/compose file:

docker-compose.yml

version: "2"

services:
  elasticsearch:
    build:
      context: elasticsearch/
    volumes:
      - elasticsearch-data:/usr/share/elasticsearch/data
      - ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
    environment:
      node.name: elasticsearch
      cluster.initial_master_nodes: elasticsearch
      ES_CLUSTER_NAME: search-cluster
      ES_DATA_DIR: /usr/share/elasticsearch/data
    networks:
      - elk

volumes:
  elasticsearch-data:
    driver: local

networks:
  elk:
    driver: bridge

docker-compose.azurevm-highperf-caddy.yml:

version: "2"

services:
  elasticsearch:
    restart: always
    environment:
      ES_JAVA_OPTS: "-Xmx4000m -Xms4000m"

  caddy:
    image: caddy:2.4.1
    container_name: caddy
    restart: always
    volumes:
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
      - ./caddy-config:/config
      - ./caddy-data:/data
    ports:
      - 80:80
      - 443:443
    networks:
      - elk
    depends_on:
      - elasticsearch

d. My complete Caddyfile or JSON config:

{
        acme_ca https://acme.zerossl.com/v2/DV90
        email alex@skwar.me
        admin off
}

{$DOMAIN}:443

encode zstd gzip

log {
        level INFO
        output file /data/access.log {
                roll_size 10MB
                roll_keep 10
        }
}

handle_path /elasticsearch* {
        basicauth bcrypt Elasticsearch {
                import elasticsearch.auth.*
        }

        reverse_proxy http://elasticsearch:9200
}

3. The problem I’m having:

When I start the Docker containers, Caddy will create a file /config/autosave.json. Is it important to keep this file? I’ll never access the admin interface; all config changes are done in the Caddyfile.

And what about the /data directory? Do I need to make sure that the contents of this directory is saved? It contains the certificates; if the directory gets lost (because of a crash of the system or because the containers get run at a different system), Caddy would get new certificates, wouldn’t it?

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

It’s documented here: Docker Hub

Yes, they’re important to persist.

/config less-so if you only configure Caddy via the Caddyfile, but there’s no reason not to.

/data is more critical because as you said, certificates and other state are stored there. If you don’t persist them, then you risk making Caddy continually reissue certificates, possibly hitting rate limits, and generating new private keys every time, which is unnecessary.

1 Like

Thanks.
Can I somehow disable the autosave.json, when I’m using the Caddyfile? It seems that there’s a way to do so with JSON config (persist: false), but what about Caddyfile?

That config option was never exposed in the Caddyfile. It’s generally unnecessary to turn off. It’s sometimes a useful debugging tool to have.