How to configure Access-Logs in v2

1. Caddy version (2.1.1):

2. How I run Caddy:

installed via apt-repository, using the predefined systemd-units:
systemctl start caddy

a. System environment:

Debian Buster, systemd

b. Command:

sudo systemctl restart caddy

d. My complete Caddyfile or JSON config:

This Caddyfile is creating access-logs in syslog (via stdout), not in /tmp/access.log
Caddyfile

{
  debug
  admin off
  auto_https off
  
}
:80 {
  redir https://www.example.com permanent
  log {
    output file /tmp/access.log {
      roll_size 1gb
      roll_keep 5
      roll_keep_for 720h
    }
  }
}
{
  "admin": {
    "disabled": true
  },
  "apps": {
    "http": {
      "servers": {
        "srv0": {
          "automatic_https": {
            "disable": true
          },
          "listen": [
            ":80"
          ],
          "logs": {
            "default_logger_name": "log0"
          },
          "routes": [
            {
              "handle": [
                {
                  "handler": "static_response",
                  "headers": {
                    "Location": [
                      "https://www.example.com"
                    ]
                  },
                  "status_code": 301
                }
              ]
            }
          ]
        }
      }
    }
  },
  "logging": {
    "logs": {
      "default": {
        "level": "DEBUG"
      },
      "log0": {
        "include": [
          "http.log.access.log0"
        ],
        "level": "DEBUG",
        "writer": {
          "filename": "/tmp/access.log",
          "output": "file",
          "roll_keep": 5,
          "roll_keep_days": 30,
          "roll_size_mb": 954
        }
      }
    }
  }
}

3. The problem I’m having:

What I generally wanted to achieve:

Have only one global log-configuration: access-log to some file (here: /tmp/access.log)

I’m following the documentation on log (Caddyfile directive) — Caddy Documentation

What I got so far: access-log via stdout / syslog if I configure the logging-setting in every host I configure (I don’t want to do this).

4. Error messages and/or full log output:

Caddy startup-log:

No issues. No “permission denied” error

Jul  2 07:49:53 caddy-1 systemd[1]: Started Caddy.
Jul  2 07:49:53 caddy-1 caddy[13217]: caddy.HomeDir=/var/lib/caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.GOOS=linux
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.GOARCH=amd64
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.Compiler=gc
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.NumCPU=1
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.GOMAXPROCS=1
Jul  2 07:49:53 caddy-1 caddy[13217]: runtime.Version=go1.14.4
Jul  2 07:49:53 caddy-1 caddy[13217]: os.Getwd=/
Jul  2 07:49:53 caddy-1 caddy[13217]: LANG=C.UTF-8
Jul  2 07:49:53 caddy-1 caddy[13217]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Jul  2 07:49:53 caddy-1 caddy[13217]: HOME=/var/lib/caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: LOGNAME=caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: USER=caddy
Jul  2 07:49:53 caddy-1 caddy[13217]: INVOCATION_ID=0e9c3809e9754b40b85d315a8758e868
Jul  2 07:49:53 caddy-1 caddy[13217]: JOURNAL_STREAM=9:262976
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"info","ts":1593676193.5500364,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"warn","ts":1593676193.5514178,"logger":"admin","msg":"admin endpoint disabled"}
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"info","ts":1593676193.5523567,"logger":"tls","msg":"cleaned up storage units"}
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"debug","ts":1593676193.5575342,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"info","ts":1593676193.5579033,"msg":"autosaved config","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Jul  2 07:49:53 caddy-1 caddy[13217]: {"level":"info","ts":1593676193.5580695,"msg":"serving initial configuration"}

5. What I already tried:

I already tried to enter log {} into the global configuration in Caddyfile, but this only creates errors like:

{
  debug
  admin off
  auto_https off

  log {}
}
:80 {
  redir https://www.example.com permanent
  }
}

But this only creates errors like:

Jul  2 07:56:28 caddy-1 caddy[13238]: run: adapting config using caddyfile: /etc/caddy/Caddyfile:6: unrecognized global option: log
Jul  2 07:56:28 caddy-1 systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE

6. Links to relevant resources:

Logging with the Caddyfile is per site, that’s just how it’s implemented. There might be a global option for logging added in the future, but it doesn’t exist just yet.

To smooth things over, you can use snippets to reuse common pieces of config. In your case you could have a snippet with just the logging stuff, then in each site block, do something like import logging to pull that in.

When you enable access logging, they’ll always go to stdout regardless, but if the file isn’t being written to, it must be a system misconfiguration - the caddy user might not have write access to /tmp or something like that. I don’t think Caddy complains if it can’t write to a log file, unfortunately.

2 Likes

Hi @francislavoie,

thank you for the answer. I think the documentation of log is lacking this explanation of scope.
Thank you for pointing this out.

I chose /tmp/caddy on purpose to prevent issues with permissions.
But even with creating the log-destination manually, with correct chown/chmod there’s still no output inside, everything goes to stdout.

I’m not sure if this is maybe a bug in documentation or in caddy or on some special things inside the Debian package.

Thank you very much at least for pointing out that log is not configurable globally!
This solves my main issue.

This topic was automatically closed after 30 days. New replies are no longer allowed.