Disable access while keep using caddyfiles

Hey guys,
just a quick question that i wasn’t able to solve myself.
I use Caddy 2 with a regular Caddyfile to proxy a few websites and services. Everything works great.

I just would like to disable the access logs because it really spams the Docker logs (Caddy is running in a Docker container).
How can i do this? I’ve already read that it’s not possible in the Caddyfile itself but instead has to be done in some kind of a JSON config.

I found this documentation here: https://caddyserver.com/docs/json/logging/
Exclude “http.log.access” seems legit, but how does my JSON needs to be structured and how do i add it to caddy (if possible on startup)?
Thanks in advance :slight_smile:

Access logs are not enabled by default. So if you don’t want them, just don’t enable them.

Yeah i’ve also read something like that, but where are the logs in my docker logs coming from then?
I can’t remember that i’ve enabled them somewhere explicitly… :pleading_face:

You didn’t fill out the help thread template, so it’s hard to know what to suggest. What version of Caddy are you running? What’s your full Caddyfile? What are you seeing in your logs?

I’m sorry that i didn’t respond for such a long time.
I didn’t see the help form for some reason, but here you go:

1. Caddy version (caddy version):

v2.1.1

2. How I run Caddy:

a. System environment:

Docker Container

b. Command:

I guess this must be the default caddy one, at least portainer tells me so

caddy run --config /etc/caddy/Caddyfile --adapter caddyfile

c. Service/unit/compose file:

I’m not using docker compose for Caddy but maybe the output of docker inspect is sufficient too? If not tell me please

{
    "AppArmorProfile": "docker-default",
    "Args": [
        "run",
        "--config",
        "/etc/caddy/Caddyfile",
        "--adapter",
        "caddyfile"
    ],
    "Config": {
        "AttachStderr": false,
        "AttachStdin": false,
        "AttachStdout": false,
        "Cmd": [
            "caddy",
            "run",
            "--config",
            "/etc/caddy/Caddyfile",
            "--adapter",
            "caddyfile"
        ],
        "Domainname": "",
        "Entrypoint": null,
        "Env": [
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
            "CADDY_DIST_COMMIT=80870b227ded910971ecace4a0c136bf0ef46342",
            "CADDY_VERSION=v2.1.1",
            "XDG_CONFIG_HOME=/config",
            "XDG_DATA_HOME=/data"
        ],
        "ExposedPorts": {
            "2019/tcp": {},
            "443/tcp": {},
            "80/tcp": {}
        },
        "Hostname": "c323a69d3f0e",
        "Image": "caddy:latest",
        "Labels": {
            "org.opencontainers.image.description": "a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go",
            "org.opencontainers.image.documentation": "https://caddyserver.com/docs",
            "org.opencontainers.image.licenses": "Apache-2.0",
            "org.opencontainers.image.source": "https://github.com/caddyserver/caddy-docker",
            "org.opencontainers.image.title": "Caddy",
            "org.opencontainers.image.url": "https://caddyserver.com",
            "org.opencontainers.image.vendor": "Light Code Labs",
            "org.opencontainers.image.version": "v2.1.1"
        },
        "OnBuild": null,
        "OpenStdin": false,
        "StdinOnce": false,
        "Tty": false,
        "User": "",
        "Volumes": {
            "/config": {},
            "/data": {},
            "/etc/caddy/Caddyfile": {},
            "/var/www/html/snipeit": {}
        },
        "WorkingDir": "/srv"
    },
    "Created": "2020-08-25T21:30:59.320913485Z",
    "Driver": "overlay2",
    "ExecIDs": null,
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/1ee3e4d638e017dd1f813f7fcf4b50efd0ee143e8dfd1b30ad48a2ecdf1058ec-init/diff:/var/lib/docker/overlay2/9b5c8a314b0a660a8b1e8bb53f1648b5f18959f9c0b3a5d51df3b335ce4b8315/diff:/var/lib/docker/overlay2/8d6d616d5c0c92493ea3c712e19ae960b51e399a86eca4d28257b5aa1a9d05ed/diff:/var/lib/docker/overlay2/9609bf1a944080c8dc228d432c604c1ff398ceab82b10e068eed6e19dfcc0493/diff:/var/lib/docker/overlay2/795f09abb1502bc3951d54bc9eacc4ce5b2f0f60b009943dc0a107f9c0673f58/diff:/var/lib/docker/overlay2/5209d370e2327ad2ec53ffb8461ba3a456d3ec6300c24cf04d427000300ec4fd/diff",
            "MergedDir": "/var/lib/docker/overlay2/1ee3e4d638e017dd1f813f7fcf4b50efd0ee143e8dfd1b30ad48a2ecdf1058ec/merged",
            "UpperDir": "/var/lib/docker/overlay2/1ee3e4d638e017dd1f813f7fcf4b50efd0ee143e8dfd1b30ad48a2ecdf1058ec/diff",
            "WorkDir": "/var/lib/docker/overlay2/1ee3e4d638e017dd1f813f7fcf4b50efd0ee143e8dfd1b30ad48a2ecdf1058ec/work"
        },
        "Name": "overlay2"
    },
    "HostConfig": {
        "AutoRemove": false,
        "Binds": [
            "/nfs/freenas/caddy/caddy2-data:/data",
            "/nfs/freenas/caddy/Caddyfile2:/etc/caddy/Caddyfile",
            "7531cc5d494b6dbb7b86fec8fe3f21c3142d5def3e45caefb363bec2856fd6ac:/config",
            "3cc455552b6fa62b087d0fb9986ffbb79f727ec9d3ec3e9a822add48850a8acb:/var/www/html/snipeit"
        ],
        "BlkioDeviceReadBps": null,
        "BlkioDeviceReadIOps": null,
        "BlkioDeviceWriteBps": null,
        "BlkioDeviceWriteIOps": null,
        "BlkioWeight": 0,
        "BlkioWeightDevice": null,
        "CapAdd": [
            "AUDIT_WRITE",
            "CHOWN",
            "DAC_OVERRIDE",
            "FOWNER",
            "FSETID",
            "KILL",
            "MKNOD",
            "NET_BIND_SERVICE",
            "NET_RAW",
            "SETFCAP",
            "SETGID",
            "SETPCAP",
            "SETUID",
            "SYS_CHROOT"
        ],
        "CapDrop": [
            "AUDIT_CONTROL",
            "BLOCK_SUSPEND",
            "DAC_READ_SEARCH",
            "IPC_LOCK",
            "IPC_OWNER",
            "LEASE",
            "LINUX_IMMUTABLE",
            "MAC_ADMIN",
            "MAC_OVERRIDE",
            "NET_ADMIN",
            "NET_BROADCAST",
            "SYSLOG",
            "SYS_ADMIN",
            "SYS_BOOT",
            "SYS_MODULE",
            "SYS_NICE",
            "SYS_PACCT",
            "SYS_PTRACE",
            "SYS_RAWIO",
            "SYS_RESOURCE",
            "SYS_TIME",
            "SYS_TTY_CONFIG",
            "WAKE_ALARM"
        ],
        "Capabilities": null,
        "Cgroup": "",
        "CgroupParent": "",
        "ConsoleSize": [
            0,
            0
        ],
        "ContainerIDFile": "",
        "CpuCount": 0,
        "CpuPercent": 0,
        "CpuPeriod": 0,
        "CpuQuota": 0,
        "CpuRealtimePeriod": 0,
        "CpuRealtimeRuntime": 0,
        "CpuShares": 0,
        "CpusetCpus": "",
        "CpusetMems": "",
        "DeviceCgroupRules": null,
        "DeviceRequests": null,
        "Devices": [],
        "Dns": [],
        "DnsOptions": [],
        "DnsSearch": [],
        "ExtraHosts": [],
        "GroupAdd": null,
        "IOMaximumBandwidth": 0,
        "IOMaximumIOps": 0,
        "IpcMode": "private",
        "Isolation": "",
        "KernelMemory": 0,
        "KernelMemoryTCP": 0,
        "Links": null,
        "LogConfig": {
            "Config": {},
            "Type": "json-file"
        },
        "MaskedPaths": [
            "/proc/asound",
            "/proc/acpi",
            "/proc/kcore",
            "/proc/keys",
            "/proc/latency_stats",
            "/proc/timer_list",
            "/proc/timer_stats",
            "/proc/sched_debug",
            "/proc/scsi",
            "/sys/firmware"
        ],
        "Memory": 0,
        "MemoryReservation": 0,
        "MemorySwap": 0,
        "MemorySwappiness": null,
        "NanoCpus": 0,
        "NetworkMode": "bridge",
        "OomKillDisable": false,
        "OomScoreAdj": 0,
        "PidMode": "",
        "PidsLimit": null,
        "PortBindings": {
            "443/tcp": [
                {
                    "HostIp": "",
                    "HostPort": "443"
                }
            ],
            "80/tcp": [
                {
                    "HostIp": "",
                    "HostPort": "80"
                }
            ]
        },
        "Privileged": false,
        "PublishAllPorts": false,
        "ReadonlyPaths": [
            "/proc/bus",
            "/proc/fs",
            "/proc/irq",
            "/proc/sys",
            "/proc/sysrq-trigger"
        ],
        "ReadonlyRootfs": false,
        "RestartPolicy": {
            "MaximumRetryCount": 0,
            "Name": "unless-stopped"
        },
        "Runtime": "runc",
        "SecurityOpt": null,
        "ShmSize": 67108864,
        "UTSMode": "",
        "Ulimits": null,
        "UsernsMode": "",
        "VolumeDriver": "",
        "VolumesFrom": null
    },
    "HostnamePath": "/var/lib/docker/containers/38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7/hostname",
    "HostsPath": "/var/lib/docker/containers/38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7/hosts",
    "Id": "38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7",
    "Image": "sha256:90a12b5c957bab94f57aadfd9e655d414ab69443495f22ef430152181ab0aede",
    "LogPath": "/var/lib/docker/containers/38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7/38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7-json.log",
    "MountLabel": "",
    "Mounts": [
        {
            "Destination": "/config",
            "Driver": "local",
            "Mode": "z",
            "Name": "7531cc5d494b6dbb7b86fec8fe3f21c3142d5def3e45caefb363bec2856fd6ac",
            "Propagation": "",
            "RW": true,
            "Source": "/var/lib/docker/volumes/7531cc5d494b6dbb7b86fec8fe3f21c3142d5def3e45caefb363bec2856fd6ac/_data",
            "Type": "volume"
        },
        {
            "Destination": "/data",
            "Mode": "",
            "Propagation": "rprivate",
            "RW": true,
            "Source": "/nfs/freenas/caddy/caddy2-data",
            "Type": "bind"
        },
        {
            "Destination": "/etc/caddy/Caddyfile",
            "Mode": "",
            "Propagation": "rprivate",
            "RW": true,
            "Source": "/nfs/freenas/caddy/Caddyfile2",
            "Type": "bind"
        },
        {
            "Destination": "/var/www/html/snipeit",
            "Driver": "local",
            "Mode": "z",
            "Name": "3cc455552b6fa62b087d0fb9986ffbb79f727ec9d3ec3e9a822add48850a8acb",
            "Propagation": "",
            "RW": true,
            "Source": "/var/lib/docker/volumes/3cc455552b6fa62b087d0fb9986ffbb79f727ec9d3ec3e9a822add48850a8acb/_data",
            "Type": "volume"
        }
    ],
    "Name": "/Caddy2",
    "NetworkSettings": {
        "Bridge": "",
        "EndpointID": "d2a5e5d1560d038347ba142709188207d471e9f1b8278294f9f3b6305424c7b4",
        "Gateway": "172.17.0.1",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "HairpinMode": false,
        "IPAddress": "172.17.0.2",
        "IPPrefixLen": 16,
        "IPv6Gateway": "",
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "MacAddress": "02:42:ac:11:00:02",
        "Networks": {
            "bridge": {
                "Aliases": null,
                "DriverOpts": null,
                "EndpointID": "d2a5e5d1560d038347ba142709188207d471e9f1b8278294f9f3b6305424c7b4",
                "Gateway": "172.17.0.1",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAMConfig": {},
                "IPAddress": "172.17.0.2",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "Links": null,
                "MacAddress": "02:42:ac:11:00:02",
                "NetworkID": "3a38b2a7308414580138aa27d46867b05848fc2859a30fd27f08bb406bf76218"
            }
        },
        "Ports": {
            "2019/tcp": null,
            "443/tcp": [
                {
                    "HostIp": "0.0.0.0",
                    "HostPort": "443"
                }
            ],
            "80/tcp": [
                {
                    "HostIp": "0.0.0.0",
                    "HostPort": "80"
                }
            ]
        },
        "SandboxID": "e80ab1756886b7ba6a53932a7ba465360ee12f22a77016bc0b236d97c9cf746d",
        "SandboxKey": "/var/run/docker/netns/e80ab1756886",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null
    },
    "Path": "caddy",
    "Platform": "linux",
    "Portainer": {
        "ResourceControl": {
            "Id": 138,
            "ResourceId": "38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7",
            "SubResourceIds": [],
            "Type": 1,
            "UserAccesses": [],
            "TeamAccesses": [],
            "Public": false,
            "AdministratorsOnly": true,
            "System": false
        }
    },
    "ProcessLabel": "",
    "ResolvConfPath": "/var/lib/docker/containers/38707399927c241155cf28a3798d35ce8efee09fd7b77f1b94122e31def55ac7/resolv.conf",
    "RestartCount": 0,
    "State": {
        "Dead": false,
        "Error": "",
        "ExitCode": 0,
        "FinishedAt": "2020-09-17T21:40:21.697638829Z",
        "OOMKilled": false,
        "Paused": false,
        "Pid": 3004,
        "Restarting": false,
        "Running": true,
        "StartedAt": "2020-09-17T23:40:59.697598695Z",
        "Status": "running"
    }
}

d. My complete Caddyfile or JSON config:

blackhole:80, pi.hole:80, 0.0.0.0:80 {
  root /var/www/html/pihole
  #log /var/log/caddy/blackhole.log

  rewrite {
    ext js
    to index.js
  }

  proxy / localhost:1180 {
    transparent
  }
}

nextcloud.xxx {
header / Strict-Transport-Security "max-age=31536000;"
proxy / 192.168.0.81:8080 {
   transparent
}

proxy /sites 192.168.0.81:8080/index.php/apps/cms_pico/pico_proxy/ {
    without /sites/
    transparent
}
}

bitwarden.xxx {
proxy / 192.168.0.81:8090 {
   transparent
}
}

rocketchat.xxx {
proxy / 192.168.0.81:3000 {
	transparent
	websocket
	}
}

onlyoffice.xxx {
proxy / 192.168.0.81:8082 {
   transparent
   websocket
}
#ipfilter / {
#   rule allow
#   ip 192.168.0.0/24
#}
}

3. The problem I’m having:

I guess i’ve described that enough in my first post.

4. Error messages and/or full log output:

The logs look something like this:


{"level":"info","ts":1600513475.509498,"logger":"http.log.access","msg":"handled request","request":{"method":"PROPFIND","uri":"/remote.php/caldav/calendars/.../","proto":"HTTP/1.1","remote_addr":"","host":"","headers":{"Accept-Language":["de-de, de;q=0.9"],"Content-Length":["113"],"Connection":["close"],"Cache-Control":["no-cache"],"Pragma":["no-cache"],"Content-Type":["application/xml; charset=\"utf-8\""],"Accept-Encoding":["gzip, deflate"],"User-Agent":["Evolution/3.36.4"],"Depth":["0"],"Authorization":["Basic =="]},"tls":{"resumed":true,"version":772,"ciphersuite":4865,"proto":"","proto_mutual":true,"server_name":""}},"common_log":"84.118.97.244 - - [19/Sep/2020:11:04:35 +0000] \"PROPFIND /remote.php/caldav/calendars/-wi/ HTTP/1.1\" 207 409","duration":0.222507821,"size":409,"status":207,"resp_headers":{"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Set-Cookie":["oc_sessionPassphrase=; path=/; secure; HttpOnly; SameSite=Lax","__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax","__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict","ocl6bii3x45t=; path=/; secure; HttpOnly; SameSite=Lax"],"Referrer-Policy":["no-referrer"],"Dav":["1, 3, extended-mkcol, calendar-access, calendar-proxy, access-control, calendarserver-principal-property-search, calendar-auto-schedule, calendar-availability"],"X-Permitted-Cross-Domain-Policies":["none"],"Content-Type":["application/xml; charset=utf-8"],"X-Xss-Protection":["1; mode=block"],"X-Robots-Tag":["none"],"Cache-Control":["no-store, no-cache, must-revalidate"],"X-Content-Type-Options":["nosniff"],"Vary":["Brief,Prefer"],"X-Download-Options":["noopen"],"Content-Security-Policy":["default-src 'none';"],"Date":["Sat, 19 Sep 2020 11:04:35 GMT"],"X-Frame-Options":["SAMEORIGIN"],"Server":["Caddy","nginx/1.17.9"],"Strict-Transport-Security":["max-age=31536000;"],"Pragma":["no-cache"]}}


{"level":"info","ts":1600513475.5156312,"logger":"http.log.access","msg":"handled request","request":{"method":"PROPFIND","uri":"/remote.php/caldav/calendars/.../","proto":"HTTP/1.1","remote_addr":"","host":"","headers":{"User-Agent":["Evolution/3.36.4"],"Accept-Encoding":["gzip, deflate"],"Accept-Language":["de-de, de;q=0.9"],"Content-Length":["113"],"Connection":["close"],"Cache-Control":["no-cache"],"Pragma":["no-cache"],"Depth":["0"],"Content-Type":["application/xml; charset=\"utf-8\""],"Authorization":["Basic =="]},"tls":{"resumed":true,"version":772,"ciphersuite":4865,"proto":"","proto_mutual":true,"server_name":""}},"common_log":"84.118.97.244 - - [19/Sep/2020:11:04:35 +0000] \"PROPFIND /remote.php/caldav/calendars/ HTTP/1.1\" 207 408","duration":0.229743941,"size":408,"status":207,"resp_headers":{"X-Permitted-Cross-Domain-Policies":["none"],"X-Frame-Options":["SAMEORIGIN"],"Set-Cookie":["oc_sessionPassphrase=; path=/; secure; HttpOnly; SameSite=Lax","__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax","__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict","=; path=/; secure; HttpOnly; SameSite=Lax"],"X-Robots-Tag":["none"],"Vary":["Brief,Prefer"],"Server":["Caddy","nginx/1.17.9"],"Strict-Transport-Security":["max-age=31536000;"],"Content-Security-Policy":["default-src 'none';"],"Dav":["1, 3, extended-mkcol, calendar-access, calendar-proxy, access-control, calendarserver-principal-property-search, calendar-auto-schedule, calendar-availability"],"Referrer-Policy":["no-referrer"],"X-Download-Options":["noopen"],"X-Xss-Protection":["1; mode=block"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Date":["Sat, 19 Sep 2020 11:04:35 GMT"],"Content-Type":["application/xml; charset=utf-8"],"Cache-Control":["no-store, no-cache, must-revalidate"],"Pragma":["no-cache"],"X-Content-Type-Options":["nosniff"]}}

I would just like to disbale those info logs, because they really spam my output and I can’t see the relevant errors anymore.

5. What I already tried:

6. Links to relevant resources:

Are you sure you posted the right config? That config is for Caddy v1.

v2 is a complete rewrite, and has significantly different directives and slightly different syntax.

Oh yes i’m sorry, I had two files in the folder and picked the old one by accident
Here is the new Caddyfile:

nc.xxx {
	header Strict-Transport-Security max-age=31536000;

	# picocms route
	route /sites* {
		uri strip_prefix /sites
		rewrite * /index.php/apps/cms_pico/pico_proxy/{uri}
		reverse_proxy 192.168.0.81:8080
	}
	
	# default route
	route {
		reverse_proxy 192.168.0.81:8080
	}
}

pw.xxx {
	log {
		output file /nfs/freenas/caddy/logfile
		level INFO
	}

	header / {
       # Enable HTTP Strict Transport Security (HSTS)
       Strict-Transport-Security "max-age=31536000;"
       # Enable cross-site filter (XSS) and tell browser to block detected attacks
       X-XSS-Protection "1; mode=block"
       # Disallow the site to be rendered within a frame (clickjacking protection)
       X-Frame-Options "DENY"
       # Prevent search engines from indexing (optional)
       X-Robots-Tag "none"
       # Server name removing
       -Server
	}

	# The negotiation endpoint is also proxied to Rocket
	reverse_proxy /notifications/hub/negotiate 192.168.0.81:8090

	# Notifications redirected to the websockets server
	reverse_proxy /notifications/hub 192.168.0.81:3012
	
	reverse_proxy 192.168.0.81:8090 {
		header_up X-Real-IP {remote_host}
	}
}

chat.xxx {
	reverse_proxy 192.168.0.81:3000 {
	}
}

onlyoffice.xxx {
	reverse_proxy 192.168.0.81:8082 {
	}
}

snipeit.*** {
	encode gzip zstd
	root * /var/www/html/snipeit/public
	php_fastcgi 192.168.0.81:9001 
	file_server
}

You have access logs enabled right here

This shouldn’t log to stdout though, as per this commit from in April:

Are you saying that you see access logs when you do docker logs? That doesn’t make sense to me :thinking: