How to activation logging? (error.log / access.log)

[sowinski]

Hi,

this is my current caddy docker-compose file.

services:
  caddy:
    image: lucaslorentz/caddy-docker-proxy:2.8.10-alpine
    ports:
      - 80:80
      - 443:443
    environment:
      - CADDY_INGRESS_NETWORKS=caddy
    networks:
      - caddy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - caddy_data:/data
    restart: unless-stopped

networks:
  caddy:
    external: true

volumes:
  caddy_data: {}

In your readme file, i can not find anything about logging.

How can I have a access.log and error.log with logrotation and so on?

[francislavoie]

Use the log directive. Read the Caddy docs, CDP is just a mapping of labels to Caddyfile.

[sowinski]

So I need to use labels in my application docker compose file and not in the "main" docker compose of caddy?

[francislavoie]

It depends. For global options, you'd put it on your Caddy service. For site directives, you put them on your app service.

The point is that the ones on your app services only get applied when that container is running.

[sowinski]

Okay, so if I want a global error.log and acces.log for all services I would do this also with labels in my main caddy docker compose file?

[francislavoie]

You always need at least log (with no options) in each site to enable access logs (by default to stdout, i.e. the default logger), then you can configure global options to configure a logger that handles the logs as you want.

[sowinski]

I just can't get it to work.

Can you give us an example of what a docker-compose should look like to create a global access.log?

services:
  caddy:
    image: lucaslorentz/caddy-docker-proxy:2.8.10-alpine
    ports:
      - 80:80
      - 443:443
    environment:
      - CADDY_INGRESS_NETWORKS=caddy
    networks:
      - caddy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - caddy_data:/data
    restart: unless-stopped

networks:
  caddy:
    external: true

volumes:
  caddy_data: {}

[sowinski]

I think I undestand know what you mean.

Would be nice if you could confirm that this is the correct way to activate the "access.log" in my service.

    labels:
      caddy: "www.example.com"
      caddy.log:
      caddy.reverse_proxy: "{{upstreams 8000}}"

I just set caddy.log: without any "parameter"

[francislavoie]

Yep, that enables access logs for that site :+1:

[arminus]

You always need at least log (with no options) in each site to enable access logs (by default to stdout, i.e. the default logger), then you can configure global options to configure a logger that handles the logs as you want.

I can't get this to work - my objective is to accumulate all containers access logs into a single log file for crowdsec processing.

So according to the above, I have a site container to which I've added

      caddy.log:
      caddy.log.level: info

and my caddy container sets

      caddy.log.output: "file /var/log/access.log"
      caddy.log.level: info

This is how I interpret the statement above. However, this causes the access logs of my site container to be logged on stdout of the caddy container instead of /var/log/access.log - which is kind of not surprising, since the caddy json which gets built for my caddy container has this section:

  "logging": {
    "logs": {
      "default": {
        "exclude": [
          "http.log.access.log0"
        ],
        "level": "info",
        "writer": {
          "filename": "/var/log/access.log",
          "output": "file"
        }
      },
      "log0": {
        "include": [
          "http.log.access.log0"
        ],
        "level": "info"
      }
    }
  }

So how do I redirect log0 to /var/log/access.log, or how do I prevent that exclude ["http.log.access.log0"] to be generated in the first place? Setting caddy.log.exclude: "" doesn't change a thing

[francislavoie]

Just don't set the level. The default is info anyway. Since you customized it in some way, it's no longer using the default logger.