File server works with caddy CLI but not systemd

1. Caddy version (caddy version):

v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=

2. How I run Caddy:

a. System environment:

$ uname -a
Linux gmhafiz-portfolio 4.15.0-74-generic #84-Ubuntu SMP Thu Dec 19 08:06:28 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/lsb-release 

b. Command:

sudo systemctl start caddy

c. Service/unit/compose file:

$ cat  caddy.service
# caddy.service
# For using Caddy with a config file.
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
# See for instructions.
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.


ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile


d. My complete Caddyfile or JSON config:

root * /home/gmhafiz/
encode gzip zstd

3. The problem I’m having:

I am upgrading from caddy v1 to v2. On v1, it was working perfectly fine.

I am now trying to serve static website located on /home/gmhafiz/

When I run

sudo systemctl daemon-reload
sudo systemctl start caddy

and I try to access the website with curl, I get no response at all.

$ curl
$ curl

Accessing through the browser, I get 403 - Forbidden

4. Error messages and/or full log output:

5. What I already tried:

I have tried running the cli instead of using systemd

cd ~
caddy run --config /etc/caddy/Caddyfile  

This however, the only way that I can run the caddy that serves the static website.

I installed caddy2 using including running these:

$ sudo groupadd --system caddy                                                                                                                                                                                            
[sudo] password for gmhafiz: 
groupadd: group 'caddy' already exists
gmhafiz@gmhafiz-portfolio:~$ sudo useradd --system \                                                                                                                                                                                                 
>     --gid caddy \
>     --create-home \
>     --home-dir /var/lib/caddy \
>     --shell /usr/sbin/nologin \
>     --comment "Caddy web server" \
>     caddy
useradd: user 'caddy' already exists


$ sudo chown -R gmhafiz:caddy   

$ stat                                                                                                                                                                                                    
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: fc01h/64513d	Inode: 273451      Links: 18
Access: (0775/drwxrwxr-x)  Uid: ( 1000/ gmhafiz)   Gid: (  999/   caddy)
Access: 2021-02-21 02:00:45.713621254 +0000
Modify: 2021-02-20 13:02:24.814995549 +0000
Change: 2021-02-21 02:02:44.722249732 +0000
 Birth: -

6. Links to relevant resources:

What do you see in your logs? Run journalctl -u caddy --no-pager | less to see Caddy’s log output. You may add the debug global option at the top of your Caddyfile to see a bit more detail:


Ah, it might be that systemd is hiding all of /home for you; maybe try putting your files in /srv/ or /var/www/ or something like that.

What user were you running Caddy as with v1? Were you using systemd there as well?

My current hunch (but I’m not 100% certain on the specifics so I’m asking someone to help clarify for me), I think that if the caddy user doesn’t have x (executable) permissions on /home/gmhafiz, it hides all the contents of that directory to it. But I might be wrong.

I have moved the folder to /var/www/ and updated /etc/caddy/Caddyfile and it works!

I was running with systemd with v1 as well.

This topic was automatically closed after 30 days. New replies are no longer allowed.