Upgrading to v2

Caddy v1 to v2:

What is the most efficient way to translate this?

especially the “wildcard rewrite” part and the logging in combined format for goaccess.

I’ve waited too long to upgrade to v2 because i always couldn’t get my config to play along (I’ve read the manual and upgrade guides but I guess im too dumb)- that is why im asking here as a last resort.

I would greatly apreciate any help or advice :slight_smile:

Thanks in advance!
Conor

My complete Caddyfile:

I have already compiled v2 with tls.dns.

wc.conf:

  tls {
    dns cloudflare
    wildcard
    protocols tls1.2 tls1.3
    key_type p384
    curves X25519 p521 p384 p256
  }
  log / /var/log/caddy/access.log "{combined}" {
    ipmask 255.255.255.0 ffff:ffff:ffff:ffff::
  }
  errors /var/log/caddy/error.log
  header / {
    -Server
    Strict-Transport-Security "max-age=31536000;"
    X-XSS-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "SAMEORIGIN"
  }
  ext .html .htm .json
  timeouts {
    read   10s
    header 10s
    idle   5m
  }

cert.conf

  tls {
    dns cloudflare
    protocols tls1.2 tls1.3
    key_type p384
    curves X25519 p521 p384 p256
  }
  log / /var/log/caddy/access.log "{combined}" {
    ipmask 255.255.255.0 ffff:ffff:ffff:ffff::
  }
  errors /var/log/caddy/error.log
  header / {
    -Server
    Strict-Transport-Security "max-age=31536000;"
    X-XSS-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "SAMEORIGIN"
  }
  ext .html .htm .json
  timeouts {
    read   10s
    header 10s
    idle   5m
  }

caddyfile:

www.conor-burns.com {
  import wc.conf
  redir https://conor-burns.com{uri}
}
conor-burns.com {
  import cert.conf
  root /srv/http/conor-burns.com/root
}
projects.conor-burns.com {
  import wc.conf
  root /srv/http/conor-burns.com/sub/projects
  browse
}
files.conor-burns.com {
  import wc.conf
  root /srv/http/conor-burns.com/sub/files
  browse
}
*.conor-burns.com {
  import cert.conf
  root /srv/http/conor-burns.com/sub
  rewrite {
    to /{label1}{uri}
  }
  fastcgi / 127.0.0.1:9876 php
}
blog.conor-burns.com {
  log / /var/log/caddy/blog-burns.log "{combined}" {
    ipmask 255.255.255.0 ffff:ffff:ffff:ffff::
  }
  import wc.conf
  root /srv/http/conor-burns.com/sub/blog
  proxy /ghost localhost:10105 {
    transparent
  }
}
blog.conor-burns.com/content/images {
  import wc.conf
  root /opt/ghost/blog/images
}
blog.conor-burns.com/stats {
  import wc.conf
  root /srv/http/stats/blog
  proxy /ws localhost:7894 {
    websocket
  }
}
max.hil.conor-burns.com {
  log / /var/log/caddy/blog-max.log "{combined}" {
    ipmask 255.255.255.0 ffff:ffff:ffff:ffff::
  }
  import wc.conf
  proxy / localhost:10103 {
    transparent
  }
}
max.hil.conor-burns.com/stats {
  import cert.conf
  root /srv/http/stats/max
  proxy /ws localhost:7892 {
    websocket
  }
}
docker.conor-burns.com {
  import wc.conf
  proxy / localhost:9000 {
    transparent
  }
}
dash.conor-burns.com {
  import wc.conf
  proxy / localhost:19999 {
    transparent
  }
}
meh.conor-burns.com {
  import wc.conf
  proxy / https://meh.myfritz.net {
    transparent
  }
}
paste.conor-burns.com {
  import wc.conf
  proxy / localhost:7373 {
    transparent
  }
}
media.conor-burns.com {
  import wc.conf
  proxy / localhost:8096 {
    transparent
  }
}
stats.conor-burns.com {
  import wc.conf
  root /srv/http/stats/stats
  proxy /ws localhost:7890 {
    websocket
  }
}

What would be the appropriate replacement for {label1}?

You can use {http.request.host.labels.*}:

Request host labels (0-based from right); e.g. for foo.example.com: 0=com, 1=example, 2=foo

As described here: Modules - Caddy Documentation

1 Like

Damn - didn’t see that one :C
Thanks you! Will try and report back

OK the labeling works great, but I’m trying to set up the DNS challenge…
Is it possible to only use it for specific domains / configs? And where is the challenges block put in the JSON config?

And is it possible to configure IP masking with “log”?

Yep, definitely, see here: JSON Config Structure - Caddy Documentation

Create an automation policy for the subjects that you want to apply to it. A policy with no list of subjects is a “catch-all” policy; otherwise it will use the policy that matches your domain name.

The challenge config goes in the issuer property on an automation policy. You’ll want the acme issuer: https://caddyserver.com/docs/json/apps/tls/automation/policies/issuer/acme/

Absolutely, see log filters: JSON Config Structure - Caddy Documentation (one of them is ip_mask).

1 Like

My god :open_mouth:
Caddy 2 is hella advanced

3 Likes

I’m a bit confused by the wrap field JSON Config Structure - Caddy Documentation

	"logging": {
		"logs": {
			"log0": {
				"writer": {
					"filename": "/var/log/caddy/access.log",
					"output": "file",
					"roll": false
				},
				"encoder": {
					"format": "filter",
					"wrap": "filter",
					"fields": {
						"filter": "ip_mask",
						"ipv4_cidr": "255.255.255.0",
						"ipv6_cidr": "ffff:ffff:ffff:ffff::"
					}
				},
				"include": [
					"http.log.access.log0"
				]
			}
		}
	},

The filter encoder is just a wrapper over another encoder. As you can see from the docs you linked to, it takes another encoder. You wouldn’t wrap another filter (your link goes to a triply-nested filter encoder :exclamation:), you’d wrap something like json or console or whichever format you want your logs printed in.

Better links:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.