fix: fix caddy_logs accessibility to monitoring tools

2026-02-14 05:06:18 +00:00 · 2025-07-09 19:29:40 -03:00
parent 8649d964df
commit 5a489a7584
4 changed files with 16 additions and 6 deletions
--- a/templates/caddy/full/caddy/Caddyfile
+++ b/templates/caddy/full/caddy/Caddyfile
@@ -5,12 +5,18 @@
  # Enable metrics for Prometheus
  metrics

-  # Logging
+  # Console logging for Docker logs
  log {
    level INFO
    format console
  }

+  # Access logs for CrowdSec and Promtail
+  log {
+    output file /var/log/caddy/access.log
+    format json
+  }
+
  # Allow CrowdSec globally
  crowdsec {
    api_url http://crowdsec:8080
--- a/templates/caddy/full/docker-compose.yml
+++ b/templates/caddy/full/docker-compose.yml
@@ -5,7 +5,7 @@ services:
    volumes:
      - ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
      - ./crowdsec/data:/var/lib/crowdsec/data
-      - ./caddy/logs:/var/log/caddy:ro
+      - caddy_logs:/var/log/caddy:ro
    environment:
      - COLLECTIONS=crowdsecurity/caddy crowdsecurity/whitelist-good-actors crowdsecurity/http-cve
      - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY}
@@ -27,7 +27,7 @@ services:
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile
      - ./caddy/sites-enabled:/etc/caddy/sites-enabled
      - ./caddy/coraza/coraza.conf:/etc/caddy/coraza.conf
-      - ./caddy/logs:/var/log/caddy
+      - caddy_logs:/var/log/caddy
      - caddy_data:/data
      - caddy_config:/config
    networks:
@@ -40,6 +40,8 @@ services:
 volumes:
  caddy_data:
  caddy_config:
+  caddy_logs:
+    name: caddy_logs

 networks:
  caddy_net:
--- a/templates/monitoring/docker-compose.yml
+++ b/templates/monitoring/docker-compose.yml
@@ -72,7 +72,7 @@ services:
    container_name: promtail
    volumes:
      - ./promtail/promtail.yml:/etc/promtail/config.yml
-      - ../web-server/caddy/logs:/var/log/caddy:ro
+      - caddy_logs:/caddy-logs:ro
      - /var/log:/var/log:ro
    restart: unless-stopped
    networks:
@@ -82,6 +82,8 @@ services:
 volumes:
  prometheus_data:
  loki_data:
+  caddy_logs:
+    external: true

 networks:
  monitoring_net:
--- a/templates/monitoring/promtail/promtail.yml
+++ b/templates/monitoring/promtail/promtail.yml
@@ -16,7 +16,7 @@ scrape_configs:
          - localhost
        labels:
          job: caddy
-          __path__: /var/log/caddy/access.log
+          __path__: /caddy-logs/access.log
    pipeline_stages:
      - json:
          expressions: