1. My Caddy version (caddy -version):
1.0.3 (php-no-stats)
2. How I run Caddy:
a. System environment:
docker-compose on alpine in a VM
b. Command:
docker-compose up
c. Service/unit/compose file:
caddy:
image: abiosoft/caddy:php-no-stats
restart: always
volumes:
- ./Caddyfile:/etc/Caddyfile:ro
- caddycerts:/root/.caddy
ports:
- 80:80 # needed for Let's Encrypt
- 443:443
environment:
ACME_AGREE: "true" # agree to Let's Encrypt Subscriber Agreement
DOMAIN: "censored" # CHANGE THIS! Used for Auto Let's Encrypt SSL
EMAIL: "censored" # CHANGE THIS! Optional, provided to Let's Encrypt
networks:
- nextcloud
volumes:
caddycerts:
networks:
nextcloud:
version: '3'
volumes:
nextcloud:
db:
services:
nextcloud_mariadb:
image: mariadb
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
restart: always
volumes:
- /home/user/nextcloud/db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD='censored'
- MYSQL_PASSWORD='censored'
- MYSQL_DATABASE=nextcloud
- MYSQL_USER=nextcloud
nextcloud:
image: nextcloud:fpm-alpine
links:
- nextcloud_mariadb
volumes:
- /home/user/mnt/VM-Data/nextcloud:/var/www/html
restart: always
ports:
- 9000:9000
networks:
- nextcloud
d. My complete Caddyfile:
nextcloud.domain.tld {
root /var/www/nextcloud
log /var/log/nextcloud_access.log
errors /var/log/nextcloud_errors.log
fastcgi / 127.0.0.1:9000 php {
env PATH /bin
env modHeadersAvailable true
env front_controller_active true
connect_timeout 60s
read_timeout 3600s
send_timeout 300s
}
header / {
Strict-Transport-Security "max-age=15768000;"
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
X-Robots-Tag "none"
X-Download-Options "noopen"
X-Permitted-Cross-Domain-Policies "none"
Referrer-Policy "no-referrer"
}
header /core/fonts {
Cache-Control "max-age=604800"
}
# checks for images
rewrite {
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map
r ^/index.php/.*$
to /{1} /index.php?{query}
}
rewrite {
r ^/\.well-known/host-meta$
to /public.php?service=host-meta&{query}
}
rewrite {
r ^/\.well-known/host-meta\.json$
to /public.php?service=host-meta-json&{query}
}
rewrite {
r ^/\.well-known/webfinger$
to /public.php?service=webfinger&{query}
}
rewrite {
r ^/index.php/.*$
to /index.php?{query}
}
rewrite / {
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf
r ^/(.*)$
to /{1} /index.php{uri}
}
rewrite / {
if {path} not /core/img/favicon.ico
if {path} not /core/img/manifest.json
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
if {path} not_starts_with /cron.php
if {path} not_starts_with /core/ajax/update.php
if {path} not_starts_with /status.php
if {path} not_starts_with /ocs/v1.php
if {path} not_starts_with /ocs/v2.php
if {path} not /robots.txt
if {path} not_starts_with /updater/
if {path} not_starts_with /ocs-provider/
if {path} not_starts_with /ocm-provider/
if {path} not_starts_with /.well-known/
to /index.php{uri}
}
# client support (e.g. os x calendar / contacts)
redir /.well-known/carddav /remote.php/carddav 301
redir /.well-known/caldav /remote.php/caldav 301
# remove trailing / as it causes errors with php-fpm
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
to /remote.php/{1}
}
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
to /remote.php/{1}/{2}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
to /public.php/{1}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
to /public.php/{1}/{2}
}
# .htaccess / data / config / ... shouldn't be accessible from outside
status 404 {
/.htaccess
/data
/config
/db_structure
/.xml
/README
/3rdparty
/lib
/templates
/occ
/console.php
}
}
3. The problem I’m having:
Im not quite sure how to configure Caddy to serve Nextcloud with FastCGI when both are running inside docker containers.
How do I specify the root path? The Nextcloud root is in a docker volume for the nextcloud container which is on my filesystem under /home/user/mnt/vm-data/nextcloud. Do I need to add that volume to caddy? Whats the best/easiest way to do this?
I just figured out that if I change 127.0.0.1:9000 to nextcloud:9000 that I get a File not Found instead of a 502. And also I see the nextcloud container in my docker log. So I guess this is fine now
4. Error messages and/or full log output:
caddy_1 | 2020/01/20 23:05:50 [WARNING] Root path does not exist: /var/www/nextcloud
nextcloud_mariadb_1 | 2020-01-20 23:05:48+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 1:10.4.11+maria~bionic started.
nextcloud_mariadb_1 | 2020-01-20 23:05:49+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
caddy_1 | Activating privacy features... 2020/01/20 23:05:50 [INFO][cache:0xc000176730] Started certificate maintenance routine
nextcloud_mariadb_1 | 2020-01-20 23:05:49+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 1:10.4.11+maria~bionic started.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] mysqld (mysqld 10.4.11-MariaDB-1:10.4.11+maria~bionic) starting as process 1 ...
caddy_1 | done.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Warning] You need to use --log-bin to make --binlog-format work.
caddy_1 |
caddy_1 | Serving HTTPS on port 443
caddy_1 | https://nextcloud.domain.tld
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Using Linux native AIO
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Uses event mutexes
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Number of pools: 1
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Using SSE2 crc32 instructions
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Initializing buffer pool, total size = 256M, instances = 1, chunk size = 128M
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Completed initialization of buffer pool
caddy_1 | 2020/01/20 23:05:50 [INFO] Serving https://nextcloud.domain.tld
caddy_1 |
caddy_1 | Serving HTTP on port 80
caddy_1 | http://bitwarden.besendorf.org
caddy_1 | http://nextcloud.domain.tld
caddy_1 |
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Creating shared tablespace for temporary tables
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Waiting for purge to start
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: 10.4.11 started; log sequence number 19998611; transaction id 14836
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
caddy_1 | 2020/01/20 23:05:50 [INFO] Serving http://nextcloud.domain.tls
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] Plugin 'FEEDBACK' is disabled.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] Server socket created on IP: '::'.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Warning] 'proxies_priv' entry '@% root@c42501ff1811' ignored in --skip-name-resolve mode.
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] Reading of all Master_info entries succeeded
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] Added new Master_info '' to hash table
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] mysqld: ready for connections.
nextcloud_mariadb_1 | Version: '10.4.11-MariaDB-1:10.4.11+maria~bionic' socket: '/var/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
nextcloud_mariadb_1 | 2020-01-20 23:05:50 0 [Note] InnoDB: Buffer pool(s) load completed at 200120 23:05:50
nextcloud_1 | [20-Jan-2020 23:05:51] NOTICE: fpm is running, pid 1
nextcloud_1 | [20-Jan-2020 23:05:51] NOTICE: ready to handle connections
nextcloud_1 | 172.30.0.2 - 20/Jan/2020:23:06:01 +0000 "GET /index.php" 404
nextcloud_1 | 172.30.0.2 - 20/Jan/2020:23:06:02 +0000 "GET /index.php" 404
5. What I already tried:
I tried adding the nextcloud volume also to the caddy container into /var/www/nextcloud. Now there is no Warning in the docker log about root not being found but I still get an File not Found if I try to access the site.