PHP_FASTCGI, expecting argument

1. Output of caddy version:

v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=

2. How I run Caddy:

image

Like this ^

a. System environment:

Linux debian-2gb-fsn1-1 5.10.0-17-amd64 #1 SMP Debian 5.10.136-1 (2022-08-13) x86_64 GNU/Linux

b. Command:

./caddy_linux_amd64_custom start

c. Service/unit/compose file:

root@debian-2gb-fsn1-1:/etc/caddyws# ./caddy_linux_amd64_custom start
2022/09/04 00:12:47.624 INFO    using adjacent Caddyfile
run: adapting config using caddyfile: parsing caddyfile tokens for 'php_fastcgi': Caddyfile:19 - Error during parsing: Unexpected token '{', expecting argument
start: caddy process exited with error: exit status 1

d. My complete Caddy config:

vuexec.com {
    root * /var/www/vuexec.com
    log {
        output file /var/log/vuexec.com.log
    }
    tls /etc/nginx/certs/privkey.pem /etc/nginx/certs/fullchain.pem
    
    header / {
        Strict-Transport-Security "max-age=31536000"
        X-Content-Type-Options "nosniff"
        X-XSS-Protection "1; mode=block"
        Referrer-Policy "same-origin"
    }
    rewrite /ci4 /404
    rewrite /.htaccess /404
    rewrite /discord https://discord.com/invite/UfYHzzxAtZ/
    

    php_fastcgi / /run/php/php7.4-fpm.soc {
        root /var/www/vuexec.com
        index index.php index.html
        try_files $uri $uri/ /index.php?$query_string
        log /var/log/vuexec.com.log
        split .php
        env PHP_FCGI_MAX_REQUESTS 65536
        env PHP_FCGI_CHILDREN 8
        env PHP_FCGI_READ_TIMEOUT 60
        env PHP_FCGI_MAX_POST_SIZE 1024M
        env PHP_FCGI_CONNECT_TIMEOUT 30
        env PHP_FCGI_SOCKET /run/php/php7.4-fpm.sock
    }
}

3. The problem I’m having:

Trying to start the webserver with the current config above, but being given the error which is displayed below and above in 2c.

4. Error messages and/or full log output:

2022/09/04 00:12:47.624 INFO    using adjacent Caddyfile
run: adapting config using caddyfile: parsing caddyfile tokens for 'php_fastcgi': Caddyfile:19 - Error during parsing: Unexpected token '{', expecting argument
start: caddy process exited with error: exit status 1

5. What I already tried:

I have tried searching terms relating to the error response and searching for streaming php sockets, found that php7.4-fpm is successfully streaming from “/run/php/php7.4-fpm.sock”, tried altering the config for over 5 hours and just gave up and resorted to here.

6. Links to relevant resources:

Don’t use the start command if you plan to use Caddy long-term. It’s only intended for quick-and-dirty “development” workflows.

Since you’re on debian, it’s best to install Caddy with the apt repo, so you get updates automatically and you get Caddy set up as a systemd service. Make sure to turn off any other webserver which may be listening on ports 80 and 443, otherwise Caddy won’t be able to start.

You can probably remove this, Caddy has built-in TLS automation, so it will fetch its own TLS certificate from Let’s Encrypt or ZeroSSL.

Remove the /, this makes these only match on requests to exactly / and nothing else. Path matching in Caddy is exact.

You probably want redir, not rewrite here.

Did you read the docs? There’s a bunch of problems here.

  • You shouldn’t use a / matcher (as mentioned earlier), remove that.
  • You used the wrong syntax for unix sockets, see the examples in the docs.
  • log is not an option here
  • try_files does not use that syntax. You should probably just remove this though, the default behaviour is probably what you want.
  • Same with index, you don’t need that, the default does what you need.
  • root is redundant because you already have root * /var/www/vuexec.com earlier. Remove that.
  • split is also redundant, because that’s the default.
  • You’ll need to add a file_server directive, otherwise Caddy won’t serve any of your non-PHP files (CSS, JS, images, etc)
  • You probably don’t need all those env, those should probably be configured in your php-fpm config instead.

Thanks for taking the time to respond on this post, I appreciate your effort, just wanted to ask a few questions after composing a configuration file which functions but just wanted to make sure that im not doing anything wrong still

vuexec.com {
    root * /var/www/vuexec.com
    redir /ci4 /404
    redir /.htaccess /404
    redir /discord https://discord.com/invite/UfYHzzxAtZ/
    php_fastcgi unix//run/php/php7.4-fpm.sock
    encode {
        gzip 5
        br 4
        zstd
    }
    file_server {
	    precompressed  gzip br zstd
    }

    header *.js Cache-Control max-age=5184000
    header *.css Cache-Control max-age=5184000
    header *.jpg Cache-Control max-age=5184000
    header *.png Cache-Control max-age=5184000
    header *.ico Cache-Control max-age=5184000
    header *.svg Cache-Control max-age=5184000
    header *.gif Cache-Control max-age=5184000
    header *.ttf Cache-Control max-age=5184000
    header *.eot Cache-Control max-age=5184000
    header *.woff Cache-Control max-age=5184000
    header *.woff2 Cache-Control max-age=5184000

    header {
        Strict-Transport-Security "max-age=31536000"
        X-Content-Type-Options "nosniff"
        X-XSS-Protection "1; mode=block"
        Referrer-Policy "same-origin"
    }
}

This is what I have at the moment with help from yourself, i was just curious, if I install caddy via apt how would I add modules which are compiled within the executable file? I originally selected modules I wanted from Download Caddy and then used that file to run the webserver, although Im not sure how i can add plugins when i install it via apt without compiling from source and using --with to include them, reason being I already tried compiling from source with plugins but it failed every time no matter what combination of plugins i used/needed

Caddy doesn’t support on-the-fly brotli compression. You should probably remove br there.

Also, you probably don’t need to touch the levels. You can shorten this to simply:

encode gzip zstd

Do you actually have some pre-compressed files to serve?

These request matchers won’t work; for inline path matchers, they must start with /. What this will end up doing is set up a header handler that sets header replacement for a field named *.js (which doesn’t make sense), replacing the value Cache-Control with the value max-age=5184000 (which also doesn’t make sense).

The correct thing would be this:

@cacheable path *.js *.css *.jpg *.png *.ico *.svg *.gif *.ttf *.eot *.woff *.woff2
header @cacheable Cache-Control max-age=5184000

From the docs:

You can also use the sudo caddy add-package and sudo caddy upgrade commands to have Caddy upgrade itself with the plugins you want to add.

Do you actually have some pre-compressed files to serve?

Im not sure, I just thought that was a method of compressing files in the file server,
This is what im left with as of now, although “redir” doesnt seem to be making the whole directory and subdirectories private, how would this be done in caddy?

vuexec.com {
    root * /var/www/vuexec.com
    redir /ci4 /404
    redir /.htaccess /404
    redir /discord https://discord.com/invite/UfYHzzxAtZ/
    php_fastcgi unix//run/php/php7.4-fpm.sock
    encode gzip zstd
    file_server {
	    precompressed  gzip br zstd
    }
    log {
        output file /var/log/caddy/vuexec.com-access.log {
            roll_size 10mb
            roll_keep 65536
            roll_keep_for 720h
        }
    }
    @cacheable path *.js *.css *.jpg *.png *.ico *.svg *.gif *.ttf *.eot *.woff *.woff2
    header @cacheable Cache-Control max-age=5184000

    header {
        Strict-Transport-Security "max-age=31536000"
        X-Content-Type-Options "nosniff"
        X-XSS-Protection "1; mode=block"
        Referrer-Policy "same-origin"
    }
}

encode is what does that. precompressed is if you already have files like .js.gz or whatever on disk (alongside your actual .js file) for Caddy to pick up and serve already compressed without needing to compress it itself. If you don’t have those, then you shouldn’t turn on precompressed because it will do additional syscalls to check if there does exist a compressed file beside the requested one (it’s minor, but still).

Do you mean /ci4? Path matching in Caddy is exact, so /ci4 will only match requests to exactly /ci4. You’re probably looking for /ci4* to match everything under that as well.

1 Like