Error during parsing: File to import not found: snippetname

Kened33r · February 5, 2021, 2:27pm

1. Caddy version (`caddy version`):

:latest

2. How I run Caddy:

docker-compose

a. System environment:

Ubuntu

b. Command:

sudo docker-compose up

c. Service/unit/compose file:

version: "3.8"

services:
caddy:
container_name: caddy
image: caddy:latest
restart: always
environment:
- PUID=1000
- PGID=1000
- GHOST=domain.com
security_opt:
- no-new-privileges:true
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
- ./caddy/caddy_data:/data
- ./caddy/caddy_config:/config
ports:
- “80:80”
- “443:443”

paste full file contents here

d. My complete Caddyfile or JSON config:

    # GLOBAL
{
    # Global options block. Entirely optional, https is on by default
    # Optional email key for lets encrypt
    email email@com
    # Optional staging lets encrypt for testing. Comment out for production.
    acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
}

# SECURITY CONFIG

respond /forbidden "Access denied" 403 {
        close
}

# deny all access to these folders
@denied_folders {
    path_regexp /(.github|cache|bin|logs|backups|tests|content|core)/.*$
}
rewrite @denied_folders /forbidden

# deny running scripts inside core system folders
@denied_system_scripts {
    path_regexp /(core|content|test|system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat|yml|js)$
}
rewrite @denied_system_scripts /forbidden

# deny running scripts inside user folder
@denied_user_folder {
    path_regexp /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat|yml|js)$
}
rewrite @denied_user_folder /forbidden

# deny access to specific files in the root folder
@denied_root_folder {
    path_regexp /(config.production.json|config.development.json|index.js|package.json|renovate.json|yarn.lock|.editorconfig|.eslintignore|.eslintrc.json|.gitattributes|.gitignore|.gitmodules|.npmignore|Gruntfile.js|LICENSE|MigratorConfig.js|LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
}
rewrite @denied_root_folder /forbidden

# block bad crawlers
@badbots {
        header User-Agent "*watch*,*explorer*,*pock*,*link*,*vacuum*,*anonym*,*mag-net*,*searchbot*,*seek*,*tool*,*robot*,*szukacz*,*snoop*,*power*,*takeout*,*teleport*,*superbot*,*scan*,*track*,*offline*,*nextgen*,*keyword*,*backweb*,*bandit*,*easydl*,*zip*,*email*,*enhancer*,*ftp*,*fetch*,*auto*,*clip*,*copier*,*master*,*reaper*,*sauger*,*quester*,*whack*,*craftbot*,*download*,*extract*,*stripper*,*sucker*,*ninja*,*clshttp*,*spider*,*leacher*,*collector*,*grabber*,*webpictures*,*file*,*intel*,*loader*,*nameprotect*,*mirror*,*magnet*"
}
rewrite @badbots /forbidden

# Global rewrite
try_files {path} {path}/ /index.*

# SNIPPETS

(mustheaders) {
        header {
                Strict-Transport-Security "max-age=31536000; includesubdomains; preload"
                Content-Security-Policy "default-src https: 'unsafe-inline' 'unsafe-eval'"
                X-Content-Type-Options "nosniff"
                Cache-Control "public, max-age=604800, must-revalidate"
                X-Frame-Options "SAMEORIGIN"
                Referrer-Policy "strict-origin-when-cross-origin"
                X-Xss-Protection "1; mode=block"
                Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'"
                Expect-CT "max-age=604800"
                -Server
        }
}
(offlinewebsite) {
        header {
                X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"

        }
}
(onlinewebsite) {
        header {
                X-Robots-Tag "noarchive, notranslate"
        }
}

(proxy) {
        header_up X-Forwarded-Proto {scheme}
        header_up X-Forwarded-For {remote}
        header_up X-Real-IP {remote}
        header_down X-Powered-By "the Holy Spirit"
        header_down Server "CERN httpd"
}
(compression) {
        encode zstd gzip
}

# STRIP WWW PREFIX

www.{$GHOST} {
        redir * https://{http.request.host.labels.1}.{http.request.host.labels.0}{path} permanent
}

# WEBSITES

{$GHOST} {
        import mustheaders
        import offlinewebsite
        reverse_proxy 10.0.0.6:2366 {
                import proxy
        }

        log {
        output file /var/log/caddy/caddy.log
        format single_field common_log
        }
}

3. The problem I’m having:

caddy thinks the “mustheaders” is a file not the snippet.

4. Error messages and/or full log output:

{“level”:“info”,“ts”:1612532800.0255752,“msg”:“using provided configuration”,“config_file”:"/etc/caddy/Caddyfile",“config_adapter”:“caddyfile”}
caddy | run: adapting config using caddyfile: /etc/caddy/Caddyfile:97 - Error during parsing: File to import not found: mustheaders

francislavoie · February 5, 2021, 4:43pm

Your Caddyfile isn’t structured correctly.

Globals go first, then you should define your snippets, then your sites.

You cannot have directives outside of a site block, they must go inside a site block.

You also cannot have matcher definitions outside of site blocks, they must go inside one. You can use snippets to reuse them for multiple sites.

Kened33r · February 5, 2021, 4:54pm

Should I grab the “# Security Config” section into snippet and then import it to the site alongside import offlinewebsite? Tried it. Still error exists.
problem solved as try_files was in the wrong place as well.

system · March 7, 2021, 2:27pm

This topic was automatically closed after 30 days. New replies are no longer allowed.