How to return a custom response for non configured hostname:port (instead of empty 200 OK)?

alban · June 1, 2021, 1:29pm

1. Caddy version (`caddy version`):

2.3.0

2. How I run Caddy:

a. System environment:

baremetal
ubuntu 18.04
systemd

b. Command:

systemctl start caddy

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

{
    debug
    local_certs
}

a.foobar.com:43001 {
  respond "a"
}

b.foobar.com:43002 {
  respond "b"
}

3. The problem I’m having:

I would like to have a custom reponse instead of empty 200 OK for curl like that :

curl https://a.foobar.com:43002/ -v -k
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to a.foobar.com (127.0.0.1) port 43002 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: [NONE]
*  start date: Jun  1 12:10:40 2021 GMT
*  expire date: Jun  2 00:10:40 2021 GMT
*  issuer: CN=Caddy Local Authority - ECC Intermediate
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f82c800d600)
> GET / HTTP/2
> Host: a.foobar.com:43002
> User-Agent: curl/7.64.1
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 200
< server: Caddy
< content-length: 0
< date: Tue, 01 Jun 2021 13:23:38 GMT
<
* Connection #0 to host a.foobar.com left intact
* Closing connection 0

4. Error messages and/or full log output:

None, even with debug flag on

5. What I already tried:

add this at the end of caddyfile

:43001 {
  respond 404
}

but got error:

loading http app module: provision http: getting tls app: loading tls app module: tls: invalid configuration: automation policy 1 is the second policy that acts as default/catch-all, but will never be used

6. Links to relevant resources:

Found similar issues, but workaround does’nt work in my case.

github.com/caddyserver/caddy

v2: Any requested document returns always 0 bytes

opened 08:24PM - 04 Apr 20 UTC

closed 08:29PM - 04 Apr 20 UTC

wille-io

question

If I request any document (doesn't matter if it exists or not), Caddy returns 20…0 and a 0 byte document. I hope I'm doing something fundamentally wrong here. Version used is: `caddy_2.0.0-rc.1_Linux_x86_64.tar.gz` OS: Ubuntu 18.04.4 (Also tested with Fedora 31 - same result) Caddyfile: ``` { debug } :8000 log root * /home/wille/test/ ``` Directory `/home/wille/test/` contains an index.html with content (a pure text file): ``` Test123! ``` Starting caddy with `caddy run -config Caddyfile` returns: ``` 2020/04/04 20:07:11.283 INFO using provided configuration {"config_file": "Caddyfile", "config_adapter": ""} 2020/04/04 20:07:11.284 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["localhost:2019"]} 2020/04/04 20:07:11.284 INFO tls cleaned up storage units 2020/04/04 20:07:11.285 DEBUG http starting server loop {"address": "[::]:8000", "http3": false, "tls": false} 2020/04/04 20:07:11 [INFO][cache:0xc000685a40] Started certificate maintenance routine 2020/04/04 20:07:11.285 INFO autosaved config {"file": "/home/wille/.config/caddy/autosave.json"} 2020/04/04 20:07:11.285 INFO serving initial configuration ``` A simple `wget 127.0.0.1:8000` returns an empty `index.html` and caddy logs: ``` INFO http.log.access handled request {"request": {"method": "GET", "uri": "/", "proto": "HTTP/1.1", "remote_addr": "127.0.0.1:38206", "host": "127.0.0.1:8000", "headers": {"Accept": ["*/*"], "Accept-Encoding": ["identity"], "Connection": ["Keep-Alive"], "User-Agent": ["Wget/1.19.4 (linux-gnu)"]}}, "common_log": "127.0.0.1 - - [04/Apr/2020:20:07:14 +0000] \"GET / HTTP/1.1\" 0 0", "latency": 0.000007202, "size": 0, "status": 0, "resp_headers": {"Server": ["Caddy"]}} ``` Requesting a non existing file with `wget 127.0.0.1:8000/filedoesnotexist` returns exactly the same: ``` INFO http.log.access handled request {"request": {"method": "GET", "uri": "/filedoesnotexist", "proto": "HTTP/1.1", "remote_addr": "127.0.0.1:38222", "host": "127.0.0.1:8000", "headers": {"Accept-Encoding": ["identity"], "Connection": ["Keep-Alive"], "User-Agent": ["Wget/1.19.4 (linux-gnu)"], "Accept": ["*/*"]}}, "common_log": "127.0.0.1 - - [04/Apr/2020:20:15:47 +0000] \"GET /filedoesnotexist HTTP/1.1\" 0 0", "latency": 0.000010255, "size": 0, "status": 0, "resp_headers": {"Server": ["Caddy"]}} ```

matt · June 1, 2021, 5:08pm

That version of Caddy is over 6 months old; please try upgrading and see if that resolves the issue.

alban · June 1, 2021, 7:17pm

Hello,

Thanks again for replying so quickly

I just updated to v2.4.1
Same behavior, and nothing in logs

by the way, here the json config

caddy adapt --config /etc/caddy/Caddyfile | jq

{
  "logging": {
    "logs": {
      "default": {
        "level": "DEBUG"
      }
    }
  },
  "apps": {
    "http": {
      "servers": {
        "srv0": {
          "listen": [
            ":43001"
          ],
          "routes": [
            {
              "match": [
                {
                  "host": [
                    "a.foobar.com"
                  ]
                }
              ],
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "body": "a",
                          "handler": "static_response"
                        }
                      ]
                    }
                  ]
                }
              ],
              "terminal": true
            }
          ]
        },
        "srv1": {
          "listen": [
            ":43002"
          ],
          "routes": [
            {
              "match": [
                {
                  "host": [
                    "b.foobar.com"
                  ]
                }
              ],
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "body": "b",
                          "handler": "static_response"
                        }
                      ]
                    }
                  ]
                }
              ],
              "terminal": true
            }
          ]
        }
      }
    },
    "tls": {
      "automation": {
        "policies": [
          {
            "issuers": [
              {
                "module": "internal"
              }
            ]
          }
        ]
      }
    }
  }
}

matt · June 1, 2021, 9:32pm

I’m unable to reproduce the error. It works as expected.

francislavoie · June 2, 2021, 1:37am

Yep, I validated that JSON config as provided and I’m not getting an error.

$ ./caddy validate --config caddy.json
2021/06/02 01:36:46.480 INFO    using provided configuration    {"config_file": "caddy.json", "config_adapter": ""}
2021/06/02 01:36:46.481 INFO    tls.cache.maintenance   started background certificate maintenance      {"cache": "0xc0003405b0"}
2021/06/02 01:36:46.503 INFO    http    enabling automatic HTTP->HTTPS redirects        {"server_name": "srv0"}
2021/06/02 01:36:46.503 INFO    http    enabling automatic HTTP->HTTPS redirects        {"server_name": "srv1"}
2021/06/02 01:36:46.504 INFO    tls.cache.maintenance   stopped background certificate maintenance      {"cache": "0xc0003405b0"}
Valid configuration

Are you sure you’re running Caddy v2.4.1?

alban · June 2, 2021, 12:29pm