However, this errors out /w Wrong argument count or unexpected line ending after ‘/api/*’
It looks like this should work as that is a direct example at Request matchers (Caddyfile) — Caddy Documentation but I am sure I am misunderstanding how not works for this. Since /api/ is a subfolder of / I can’t define what I want to have basicauth, I need to define what I do not want.
I also tried without path as the first method worked without path, and that didn’t help.
Matchers are a generalized concept. Anywhere you see [<matcher>] in the docs, the things allowed are either * for “match anything”, something starting with / for a path matcher, or starting with @ for a named matcher:
Yes of course, as I said, because the parser only allows for *, something starting with /, or something starting with @. It’s well documented in the syntax doc I linked above.
You can also shorten it like this, using the single-line named matcher syntax:
@NoAccess not path /api*
basicauth @noAccess {
...
}