caddy icon indicating copy to clipboard operation
caddy copied to clipboard

Published 20 hours ago verified publisher icon caddyserver

[BUG?] Access logs for sub-domains are not written after Apr 26 update

Open jedi-admin opened this issue 2 years ago • 3 comments

Caddy version:

v2.5.1 h1:bAWwslD1jNeCzDa+jDCNwb8M3UJ2tPa8UZFFzPVmGKs=

running as: systemctl start caddy on Ubuntu 20.04.4 LTS

Caddy file:

(logging) {
	log {
		format json {
			message_key msg
			level_key level
			time_key ts
			name_key name
			time_format wall_milli
		}
		output file /var/log/caddy/{args.0}.access.log {
			roll_size 10mb
			roll_keep 20
			roll_keep_for 30d
		}
		level INFO
	}
}

*.domain.com {
	redir https://domain.com{uri}
}

domain.com {
	import logging domain.com
	respond "ok" 200
}

sub1.domain.com {
	import logging sub1.domain.com
	respond "ok" 200
}

sub2.domain.com {
	import logging sub2.domain.com
	respond "ok" 200
}

Expected behavior:

in the folder /var/log/caddy we should see the following files when each sub-domain is accessed:

  • domain.com.access.log
  • sub1.domain.com.access.log
  • sub2.domain.com.access.log

Issue

  • Currently there is only one log file created for the root domain; access logs for sub-domains are not created

Tried already:

  • replace import logging sub1.domain.com with: 
            log {
            output file /var/log/caddy/sub1.domain.com
    }
  • replacing . with _ in the domain name, e.g. import logging sub1_domain_com
  • permissions to access /var/log/caddy are correct

Notes:

prior Apr 26 everything was working fine.

jedi-admin avatar Jun 30 '22 04:06 jedi-admin

Isn't that the expected behaviour? You catch all subdomain requests in the first block without logging. After the redirect only domain.com would receive requests and therefore yield log entries.

bt90 avatar Jun 30 '22 17:06 bt90

Adapting the config to JSON, the issue becomes obvious:

					"logs": {
						"logger_names": {
							"domain.com": "log0",
							"sub1.domain.com": "log1",
							"sub2.domain.com": "log2"
						},
						"skip_hosts": [
							"*.domain.com"
						]
					}

The skip_hosts is preventing the sub1.domain.com loggers from working, I think. We might need to flip this so if there's an explicitly configured logger, wildcard skips should not skip those.

I think this behaviour changed in https://github.com/caddyserver/caddy/pull/4606 which is where skip_hosts started honoring wildcard domains.

francislavoie avatar Jun 30 '22 17:06 francislavoie

Just wanted to chime in and say that the current behaviour definitely is not intuitive with how the rest of Caddy works. From the docs:

If a request matches multiple site blocks, the site block with the most specific matching address is chosen. Requests don't cascade into to other site blocks.

In my case I have two blocks: www.domain.com and *.domain.com.

  • www.domain.com has logging enabled
  • *.domain.com reverse proxies to www.domain.com

Because of that setup (and this issue) requests directly to www.domain.com were not being logged.

Flipping the logic like @francislavoie mentioned above would be ideal 👍

owenconti avatar Jul 23 '22 05:07 owenconti

FYI I opened #5102 the other day which should solve this issue. Please feel free to try it out and confirm!

francislavoie avatar Oct 02 '22 21:10 francislavoie