Errors using {$ENVIRONMENT_VARIABLE}s in Caddyfile

pacharanero · October 9, 2023, 6:49pm

Hi, I’m fairly new to the Caddy community - congratulations on having a Discourse forum though!

I’m trying to deploy a Django web app using Caddy as the front end web server for its SSL/HTTPS abilities. The app is intended to run the same in local development, on the development server, and in staging and live environments, these of course all have different URLs so I’m attempting to use environment variables in a .env file in order to pass in the URL to serve.

1. The problem I’m having:

The Caddyfile doesn’t appear to be being parsed properly when using the {$ENVIRONMENT_VARIABLE} style of env var replacement. When I had hard-coded values in the Caddyfile it worked fine.

{
    email {$LETSENCRYPT_EMAIL_ADDRESS}
    acme_ca {$LETSENCRYPT_ENDPOINT:https://acme-v02.api.letsencrypt.org/directory}
}

{$SITE_DOMAIN} {
    reverse_proxy http://django:8000
}

{$SITE_DOMAIN}/flower {
    reverse_proxy http://flower:8888
}

The global section adds an email for LetsEncrypt, I am aiming for this to be not committed to the source code, hence using env var.

The Acme CA URL is also not hardcoded since I want to be able to use the LE staging endpoint in certain development environments so I don’t get rate-limited. I’m using what I hope is the correct syntax for setting a ‘default’ value of the Acme endpoint.

For some reason the {$SITE_DOMAIN} replacement IS working and does seem to correctly obtain the environment variables and obtain a cert.

2. Error messages and/or full log output:

rcpch-audit-engine-caddy-1         | Error: adapting config using caddyfile: parsing caddyfile tokens for 'acme_ca': /etc/caddy/Caddyfile:3 - Error during parsing: Wrong argument count or unexpected line ending after 'acme_ca', import chain: ['']

I’m not using the import_chain directive so I’m confused as to what the error means. I wonder if it’s something not parsing correctly, perhaps if I have used incorrect syntax. But I’ve consulted the docs and all examples I can find online.

If I remove the acme_ca directive, the same error occurs, just in relation to the line above.

3. Caddy version:

v2.7.4

4. How I installed and ran Caddy:

Caddy is installed from the official Docker Hub image, as part of the Docker Compose setup

a. System environment:

Caddy is running in its own official image Docker container, within a Docker Compose setup. The Docker host is Ubuntu although that should not matter.

b. Command:

Caddy is being run by the docker compose up command. Here is the relevant section of the docker-compose.yml:

services:

  # Caddy reverse proxy - web-facing SSL server
  caddy:
    depends_on:
      - django
    env_file:
      - envs/local-dev.env
    image: caddy
    ports:
      - "80:80"
      - "443:443"
    restart: always
    volumes:
      - caddy_data:/data/
      - caddy_data:/config/
      - ./Caddyfile:/etc/caddy/Caddyfile

francislavoie · October 10, 2023, 5:22am

Hmm… Might have to do with the default value for that var containing a : as well. Interesting, I’ll do some testing shortly.

francislavoie · October 10, 2023, 6:13am

Hmm, I’m not able to replicate the issue. Can you give an example .env file that exhibits this problem?

pacharanero · October 10, 2023, 8:57am

Hi @francislavoie and thanks for the reply. Here is the .env file segment relevant to Caddy:

# CADDY (WEB SERVER & HTTPS)
SITE_DOMAIN="e12.localhost"
LETSENCRYPT_EMAIL_ADDRESS="incubator@example.ac.uk"
LETSENCRYPT_ENDPOINT="https://acme-staging-v02.api.letsencrypt.org/directory" # Optionally set to Letsncrypt staging endpoint for testing (https://acme-staging-v02.api.letsencrypt.org/directory) - default is set in Caddyfile to the live endpoint

francislavoie · October 11, 2023, 5:26am

This works perfectly for me

Full example:

$ tree -a
.
├── Caddyfile
├── compose.yml
├── .env

compose.yml:

services:
  caddy:
    env_file:
      - .env
    image: caddy
    ports:
      - "8881:80"
      - "8882:443"
    restart: always
    volumes:
      - caddy_data:/data/
      - caddy_data:/config/
      - ./Caddyfile:/etc/caddy/Caddyfile

volumes:
  caddy_data:
  caddy_config:

Caddyfile:

{
	email {$LETSENCRYPT_EMAIL_ADDRESS}
	acme_ca {$LETSENCRYPT_ENDPOINT:https://acme-v02.api.letsencrypt.org/directory}
}

{$SITE_DOMAIN} {
	reverse_proxy http://django:8000
}

{$SITE_DOMAIN}/flower {
	reverse_proxy http://flower:8888
}

.env:

# CADDY (WEB SERVER & HTTPS)
SITE_DOMAIN="e12.localhost"
LETSENCRYPT_EMAIL_ADDRESS="incubator@example.ac.uk"
LETSENCRYPT_ENDPOINT="https://acme-staging-v02.api.letsencrypt.org/directory" # Optionally set to Letsncrypt staging endpoint for testing (https://acme-staging-v02.api.letsencrypt.org/directory) - default is set in Caddyfile to the live endpoint

Running it with docker compose up -d, checking the logs with docker compose logs and it shows it’s running just fine, no startup error.

Also I can run docker compose exec caddy caddy environ to confirm the environment variables are there and seen by Caddy.

So… I’m at a loss. I don’t know what’s failing for you, I can’t replicate it.

pacharanero · October 11, 2023, 7:26am

Thank you for trying to replicate @francislavoie - weirdly it has now started working for me and appears to be working fine… I don’t know what the issue could have been, it was as if somehow the parsing of the Caddyfile was picking up some formatting error leading to it misinterpreting the content of the env var as an empty string?

Anyway, I am not having the issue now, all seems to work, including the default setting for the config value, which contained a : character - it works fine.

system · November 10, 2023, 7:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.