Website is offline - maintenance page - exclude myself

Kened33r · January 15, 2022, 12:04pm

1. Caddy version (`caddy version`):

newest

2. How I run Caddy:

VPS

a. System environment:

Ubuntu 20.4 LTS

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

# GLOBAL
{
        # Global options block. Entirely optional, https is on by default
        # Optional email key for lets encrypt
        # Optional staging lets encrypt for testing.
        # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory

        servers {
                timeouts {
                        read_body 10s
                        read_header 10s
                        write 10s
                        idle 2m
                }
                max_header_size 16384
        }
}

# SNIPPETS

(mustheaders) {
        header {
                Strict-Transport-Security "max-age=31536000; includesubdomains; preload"
                X-Content-Type-Options "nosniff"
                X-Frame-Options "SAMEORIGIN"
                Referrer-Policy "same-origin"
                X-Xss-Protection "1; mode=block"
                Feature-Policy "accelerometer 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; sync-xhr 'none'; usb 'none'"
                Expect-CT "max-age=604800"
                -Server
        }
}

(onlinewebsite) {
        @offline expression `"{args.0}" == "no"`
        handle @offline {
                header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"
                header Cache-Control "no-cache, no-store, must-revalidate"
                @public_networks not remote_ip 11.111.11.11 #EXAMPLE MY IP
                rewrite @public_networks index.html
                root * /home/maintenance.site
                file_server
        }
        header X-Robots-Tag "noarchive, notranslate"
}

(compression) {
        encode zstd gzip
}

(caching) {
        @static {
                file
                path *.css *.js *.ico *.gif *.jpg *.jpeg *.png *.svg *.woff
        }
        handle @static {
                header ?Cache-Control "public, max-age=5184000, must-revalidate"
        }
        handle {
                header ?Cache-Control "no-cache, no-store, must-revalidate"
        }
}

(robots) {
        header /robots.txt {
                User-agent:*
                Allow: /

                User-agent: *
                Disallow: /*.php$
                Disallow: /*.inc$
                Disallow: /*.zip$
                Disallow: /*.pdf$

                Sitemap: https://{http.request.host.labels.1}.{http.request.host.labels.0}/sitemap.xml
        }
        respond /robots.txt 200
}


(proxy) {
        header_up X-Forwarded-For {remote}
        header_up X-Real-IP {remote}
        header_down X-Powered-By "the Holy Spirit"
        header_down Server "CERN httpd"
}

(logs) {
        log {
                output file /var/log/caddy/caddy.log
        }
}

(php) {
        php_fastcgi / unix//run/php/php7.4-fpm.sock
}



# WEBSITES

website.com {
        import mustheaders
        import caching
        import onlinewebsite yes
        respond /healthcheck 200
        reverse_proxy 127.0.0.1:2050 {
                import proxy
        }

        import logs
}

3. The problem I’m having:

Please check the “onlinewebsite” snippet. I use it to make my website offline for maintenance. I wanted to redirect users to maintenance page except me. However “not remote_ip” doesn’t work and I also see the maintenance page.

How to exclude myself from the maintenance rewrite?

4. Error messages and/or full log output:

no errors

5. What I already tried:

no clue what to do next

6. Links to relevant resources:

francislavoie · January 16, 2022, 1:07am

Which version, exactly? “Newest” is not specific, and may not be true. Please run the caddy version command to find the version.

Remove this line. Caddy already sends this header to upstreams by default, correctly.

I think you want to use the remote_ip matcher with your offline matcher rather than inside of that handle.

Check your logs to make sure your actual IP address is seen by Caddy in the remote_addr field. Maybe some TCP layer proxy in front of Caddy is causing the IP address to get changed.

Kened33r · January 18, 2022, 9:23pm

Who can show the proper code?

francislavoie · January 19, 2022, 12:41am

What did you try?

Kened33r · January 21, 2022, 5:59pm

the snippet as mentioned above

(onlinewebsite) {
        @offline expression `"{args.0}" == "no"`
        handle @offline {
                header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"
                header Cache-Control "no-cache, no-store, must-revalidate"
                @public_networks not remote_ip 11.111.11.11 #EXAMPLE MY IP
                rewrite @public_networks index.html
                root * /home/maintenance.site
                file_server
        }
        header X-Robots-Tag "noarchive, notranslate"
}

francislavoie · January 21, 2022, 7:34pm

But you didn’t try to change your config as I suggested.

Try that.

Kened33r · January 24, 2022, 4:54pm

Do you mean I should get rid of “handle” word and leave everything else?

Mohammed90 · January 25, 2022, 8:28am

No. Your config does not make sense and won’t work. Analyze it first to understand why is your config not working as you expect. Let’s first remove the noise:

(onlinewebsite) {
        @offline expression `"{args.0}" == "no"`
        handle @offline {
                header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"
                header Cache-Control "no-cache, no-store, must-revalidate"
                @public_networks not remote_ip 11.111.11.11 #EXAMPLE MY IP
                rewrite @public_networks index.html
                root * /home/maintenance.site
                file_server
        }
        header X-Robots-Tag "noarchive, notranslate"
}
website.com {
        import onlinewebsite yes
}

Now let’s include the snippet in-line instead of being a snippet (replacing args in the process):

website.com {
        @offline expression `"yes" == "no"`
        handle @offline {
                header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex"
                header Cache-Control "no-cache, no-store, must-revalidate"
                @public_networks not remote_ip 11.111.11.11 #EXAMPLE MY IP
                rewrite @public_networks index.html
                root * /home/maintenance.site
                file_server
        }
        header X-Robots-Tag "noarchive, notranslate"
}

Will the content if handle ever be applied? What is the actual condition you want to match for the directives to be applied?

Kened33r · January 25, 2022, 10:42pm

website.com {
        import onlinewebsite yes
}

“yes” means I import onlinewebsite snippet with "header X-Robots-Tag “noarchive, notranslate” only.
if I there is “import onlinewebsite no”, it should load different - maintenance site. And it does. It works almost fine, however it doesn’t ignore my IP, so I have no access to the site too via browser.

Again, I want to make my IP ignored, so I can see the main website instead of maintenance.site.

system · February 14, 2022, 12:05pm

This topic was automatically closed after 30 days. New replies are no longer allowed.