Caddy v2 - update and warning

[guunter 41]

4 minutes ago, Q-Droid said:

All relevant ports need to be open, active and reachable for domain validation, right? Unless it's using a different challenge method out of the box. 

You don't necessarily need to port forward it. You can use reverse proxy with like pihole for dns. So for example you can reach your internal sites that have an IP by a domain name, sonarr.domain.com and that can only be accessed locally. You'd of course need to run 2 reverse proxies for external and internal facing websites.

[Q-Droid 881]

The certificate issuer needs to validate the domain. This is an external process and not related to LAN or WAN name resolution from within the network. 

 

Edited August 9, 2024 by Q-Droid

[guunter 41]

5 minutes ago, Q-Droid said:

The certificate issuer needs to validate the domain. This is an external process and not related to LAN or WAN name resolution from within the network. 

 

Yes that's correct. If anything it could be a windows firewall issue? I haven't installed caddyv2 on windows so I don't know if you have to allow it or not. Everyone should just use linux

[PeteGul 28]

HI

I have rally tried to make caddy save my a log, so I can check if there is something, when something happens. But I can't get it to work at all.

I've tried to add the "log" code in top and in the bottom. But it wont start.

My original caddyfile: It works as it should

{
    email xxxx@gmail.com
}

xxx.xxx.net {
	encode gzip
    reverse_proxy http://192.168.0.2:8096
}

And the I try this:

{
    email pettnett@gmail.com
}

xxx.xxx.net {
	encode gzip
    reverse_proxy http://192.168.0.2:8096
}
log {
            output file c:\caddy\logs\log.log {
                roll true               # Rotate logs, enabled by default
                roll_size_mb 5          # Set max size 5 MB
                roll_gzip true          # Whether to compress rolled files
                roll_local_time true    # Use localhost time
                roll_keep 2             # Keep at most 2 log files
                roll_keep_days 7        # Keep log files for 7 days
            }

Error I'll get is: Error: adapting config using caddyfile: Caddyfile:9: parsed 'log' as a site address, but it is a known directive; directives must appear in a site block.

Tried to set "log" in to (), but did not help. Tried to read me up, but this is kinda not my skill   So this log setup is from this thread. 

[pwhodges 1855]

Logs are per site, so put the log directive inside the site block.  More generally, except for the global block at the top, all directives go inside a site block.

Simplest: just move the "}" after the reverse_proxy directive down to the end.

Paul

[Q-Droid 881]

You can define a snippet for logging then reuse it by referencing from each site. I haven't found a way to include the global Caddy log, it still needs its own settings in the global block.

Define it:

(logging) {
        log {
                output file /config/log/{args[0]}.log {
                        roll_uncompressed
                        roll_local_time
                        roll_keep_for 7d
                        roll_size 10MiB
                }
                format console {
                        time_format wall_milli
                        duration_format string
                        level_format upper
                }
        }
}

Using it:

#emby
emby.mysite.net {
        reverse_proxy 192.xx.xx.xx:8096
        header {
            blah
            blah
            blah
        }
        import logging emby
}

 

[PeteGul 28]

4 hours ago, pwhodges said:

Logs are per site, so put the log directive inside the site block.  More generally, except for the global block at the top, all directives go inside a site block.

Simplest: just move the "}" after the reverse_proxy directive down to the end.

Paul

Thanks, that was it. 

But had to remove "local time" for it to work

[yocker 283]

Sorry if it has been mentioned before.

Any benefit to using gzip with Caddy for Emby? Seems to me to just be a waste of CPU time for something like Emby but i kept being asking why i haven't enabled it by some friends of mine.

[Q-Droid 881]

1 hour ago, yocker said:

Sorry if it has been mentioned before.

Any benefit to using gzip with Caddy for Emby? Seems to me to just be a waste of CPU time for something like Emby but i kept being asking why i haven't enabled it by some friends of mine.

I think the general consensus is that the amount of compressible data sent by Emby is a tiny fraction of the total so the overall gain is miniscule.

 

[yocker 283]

6 hours ago, Q-Droid said:

I think the general consensus is that the amount of compressible data sent by Emby is a tiny fraction of the total so the overall gain is miniscule.

 

Thanks, that was my thinking too but wanted to know for sure.