Problem running Friendica with Caddy

1. Caddy version (caddy version):

v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=

2. How I run Caddy:

a. System environment:

Debian 11

b. Command:

systemctl start caddy.service

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=www-data
Group=www-data
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

lastfree.space {
    root * /home/storage/www/lastfree.space

    php_fastcgi 127.0.0.1:9000
    
    encode gzip

    rewrite * /index.php?q={path}&{query}

    file_server
    
    log {
        output file /var/log/caddy/lastfree.space.log
    }
}

3. The problem I’m having:

I am trying to run Friendica using Caddy. It shouldn’t be difficult, but I can’t get the site up and running. I tried to find a ready-made Caddyfile for Friendica, but only found an obsolete configuration for Caddy 1:

server_name {
	root /home/friendica/public
	log    /home/friendica/log/access.log
	errors /home/friendica/log/errors.log

	fastcgi / 127.0.0.1:2000 php {
		env PATH /bin
	}

	rewrite {
		r .*
		to /{uri} /index.php?q={path}&{query}
	}
}

I rewrote this for the Caddy 2 version, but it did nothing.
What works wrong: When you try to go to lastfree.space, it should go to lastfree.space/install and the initial installation should start. The transition happens, but the installation page is clearly distorted, no pictures are displayed. In the console - a huge number of errors.
My experience does not allow me to understand what the problem is, so please help the community. I am willing to provide all the necessary information quickly.

4. Error messages and/or full log output:

lfs_errors

5. What I already tried:

6. Links to relevant resources:

The systemd service using ProtectSystem=full makes everything in /home get hidden from Caddy.

I recommend you put your site’s files in /var/www or /srv instead.

As far as I know ProtectSystem=full makes /usr, /boot and /etc read-only. Not /home.

Can you enable debug logs and share the logs generated when testing the setup?

Oh, my bad, I misread the issue, sorry about that.

So the issue is you’re rewriting all requests to /index.php, including JS, CSS and image assets. So those fail to load with file_server.

You’ll basically have to only rewrite requests that don’t map to files that already exist on disk. To do this, you can use the file matcher.

Also, please review the docs for php_fastcgi, in particular the Expanded Form section which explains how it works:

1 Like

Yes, you were totally write. I studied the Request matchers section of docs. Now that part of config is

rewrite @not_file /index.php?q={path}&{query}

and everything works as it should!
@francislavoie @Mohammed90 thank you for your help!

2 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.