1. The problem I’m having:
I want to use fail2ban. Some of my apps behind Caddy are not logging the x-forwarded-for header so it’s simply impossible to ban anyone. That’s why I want to log access with Caddy. But I only want to log 4xx 5xx response codes
I’m trying to figure that out for like 3hours by now. There are too many things that I’ve tried to list them all. But basically I’ve tried to setup a response matcher like @err 4xx 5xx and then somehow create a conditional log directive. I got “it working” with log @err { .. } but that @err block got completely ignored and literally everything was logged
2. Error messages and/or full log output:
I dont have any errors. I'm trying to figure out how to configure Caddy properly
3. Caddy version:
4. How I installed and ran Caddy:
Custom Dockerfile
FROM caddy:builder AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddyserver/transform-encoder
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
Compose.yml
caddy2:
build:
context: ./configs/caddy
dockerfile: Dockerfile
container_name: caddy2
hostname: caddy2
restart: unless-stopped
ports:
- "0.0.0.0:8080:80"
volumes:
- ./Caddyfile2:/etc/caddy/Caddyfile:ro
- ./caddy2logs:/var/log/caddy/
a. System environment:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.3 LTS
Release: 24.04
Codename: noble
$ docker -v
Docker version 28.3.3, build 980b856
b. Command:
--with github.com/caddy-dns/cloudflare
--with github.com/caddyserver/transform-encoder
c. Service/unit/compose file:
d. My complete Caddy config:
http://192.168.1.196 {
reverse_proxy some_app:1234 {
header_up X-Forwarded-Host {host}
header_up X-Forwarded-Proto https
}
}