General troubleshooting questions (Caddyfile)

1. Caddy version (caddy version):

v2.3.0

2. How I run Caddy:

a. System environment:

Debian 4.19.37-5

apt info systemd
Package: systemd
Version: 241-7~deb10u6

b. Command:

I use command “systemctl start caddy”

systemctl start caddy
caddy file-server --domain mydomain.testcorp.ovh

d. My complete Caddyfile or JSON config:

mydomain.testcorp.ovh {
    encode gzip
    root * /var/www/mydomain.testcorp.ovh/
    file_server
	log {
			output file /var/log/caddy/mydomain.testcorp.ovh.log {
					roll_size 10MiB
					roll_keep 10
					}
        }
   header / {
      # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
      Strict-Transport-Security max-age=15768000
      # Prevent IE and Chrome from incorrectly detecting non-scripts as scripts
      X-Content-Type-Options nosniff
      # Block site from being framed
      X-Frame-Options DENY
      # Block pages from loading when they detect reflected XSS attacks
      X-XSS-Protection "1; mode=block"
   }

}

3. The problem I’m having:

I have 3 questions :

  1. In the documentation, it says to run command “caddy file-server --domain mydomain.testcorp.ovh” to have HTTPS enabled. I was expecting this command to go in the background instead of “beeing stuck” in front of the terminal. Is it normal?
    Source : HTTPS quick-start — Caddy Documentation

  2. It seems like there is 0 logs about what is going on.
    I’ve written directive “output file /var/log/caddy/mydomain.testcorp.ovh.log” but it provides 0 logs.
    Is it normal?

  3. The directive for changing the root path is not working. As I have 0 logs I don’t know what is happening. Curl and browsers are having 404, I’ve tried multiples scenarios (w/o path, w/ path index.html).
    Source : root (Caddyfile directive) — Caddy Documentation

4. Error messages and/or full log output:

My problem is that I have 0 logs.

Please upgrade to v2.4.5! You’re using a pretty old version at this point.

If you’re using the systemd service, then you shouldn’t be using the caddy file-server command. Those will be in conflict.

You’re using a path matcher of / here, which will only match requests to exactly / and nothing else. Path matching is exact in Caddy v2. To make those headers get sent on all requests, remove the /.

That command is just one example of a way to run Caddy. You shouldn’t also run it if you’re running Caddy another way.

The caddy file-server command is only meant to quickly run a one-off file server, like for quickly testing a static site you’re developing locally. For long-term use, it’s not ideal, and using the systemd service is much better.

Please read these docs which explain how to use Caddy when run as a service, including how to see your logs:

With the log directive, that only outputs access logs, and not the rest of Caddy’s logs (startup, errors, cert maintenance, etc)

I don’t think the problem is with the directive. Does the caddy user (which the service runs as) have permissions to read the files from /var/www/mydomain.testcorp.ovh? Make sure the file permissions are correctly set.

Hello,
Thank you for your feedback.

I’ve upgraded Caddy to version v2.4.5.

After double checking the command "caddy file-server --domain mydomain.testcorp.ovh was indeed adding confusion with CaddyFile.
I don’t use it anymore and it works better.

One more question: HTTPS is still not working.

IPV6 is disabled.
I’ve tried different possibilities for the host section (mydomain is actually another domain which is resolvable) :
:80 {
mydomain.testcorp.ovh {

All generate the same error :

run: adapting config using caddyfile: subject does not qualify for certificate:

How is this possible?!

What’s your full Caddyfile?

Please use code formatting with ``` on the lines before and after you config, so it preserves whitespace/tabbing.

Hello,

For a reason I don’t know, it seems like the problem is solved now.
I’m unable to reproduce the issue…

For history purpose below the full Caddyfile :

mydomain.testcorp.ovh {
        encode gzip
        root * /var/www/mydomain.testcorp.ovh/
        file_server browse
        templates
        log {
                output file /var/log/caddy/mydomain.testcorp.ovh.log {
                        roll_size 10MiB
                        roll_keep 10
                }
        }
        header {
                # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
                Strict-Transport-Security max-age=15768000
				
                # Prevent IE and Chrome from incorrectly detecting non-scripts as scripts
                X-Content-Type-Options nosniff
				
                # Block site from being framed
                X-Frame-Options DENY
				
                # Block pages from loading when they detect reflected XSS attacks
                X-XSS-Protection "1; mode=block"
        }
}

Thank you Francis !

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.