Description
Overview
I POST-ed to the admin config endpoint to try and configure TLS, and that caused a repeated panic-crash loop in caddy.
Version 2.10.0
This is the repeated panic:
goroutine 12783 [running]:
net/http.(*conn).serve.func1()
net/http/server.go:1947 +0xbe
panic({0x17973a0?, 0x2bab020?})
runtime/panic.go:792 +0x132
github.com/caddyserver/caddy/v2/modules/metrics.(*AdminMetrics).serveHTTP(...)
github.com/caddyserver/caddy/v2@v2.10.0/modules/metrics/adminmetrics.go:65
github.com/caddyserver/caddy/v2.AdminHandlerFunc.ServeHTTP(0x419474?, {0x1ed0e70?, 0xc000914030?}, 0x1ccbb90?)
github.com/caddyserver/caddy/v2@v2.10.0/admin.go:1288 +0x29
github.com/caddyserver/caddy/v2.(*AdminConfig).newAdminHandler.(*AdminConfig).newAdminHandler.func2.func6({0x1ed0e70, 0xc000914030}, 0xc000430140)
github.com/caddyserver/caddy/v2@v2.10.0/admin.go:242 +0x7b
net/http.HandlerFunc.ServeHTTP(0x1ed11d0?, {0x1ed0e70?, 0xc000914030?}, 0xc000640000?)
net/http/server.go:2294 +0x29
github.com/caddyserver/caddy/v2.(*AdminConfig).newAdminHandler.func1.instrumentHandlerCounter.1({0x1ed11d0?, 0xc00041a1c0?}, 0xc000430140)
github.com/caddyserver/caddy/v2@v2.10.0/metrics.go:56 +0x6f
net/http.HandlerFunc.ServeHTTP(0xc00099e000?, {0x1ed11d0?, 0xc00041a1c0?}, 0x726b7f?)
net/http/server.go:2294 +0x29
net/http.(*ServeMux).ServeHTTP(0xc00099e000?, {0x1ed11d0, 0xc00041a1c0}, 0xc000430140)
net/http/server.go:2822 +0x1c4
github.com/caddyserver/caddy/v2.adminHandler.serveHTTP({0xc00099e000, 0x0, 0x1, {0xc00046b020, 0x3, 0x3}, 0x0}, {0x1ed11d0, 0xc00041a1c0}, 0xc000430140)
github.com/caddyserver/caddy/v2@v2.10.0/admin.go:829 +0x53f
github.com/caddyserver/caddy/v2.adminHandler.ServeHTTP({0xc00099e000, 0x0, 0x1, {0xc00046b020, 0x3, 0x3}, 0x0}, {0x1ed11d0, 0xc00041a1c0}, 0xc000430140)
github.com/caddyserver/caddy/v2@v2.10.0/admin.go:781 +0x7e9
net/http.serverHandler.ServeHTTP({0xc00016a180?}, {0x1ed11d0?, 0xc00041a1c0?}, 0x1?)
net/http/server.go:3301 +0x8e
net/http.(*conn).serve(0xc00088a000, {0x1ed44f8, 0xc00015acc0})
net/http/server.go:2102 +0x625
created by net/http.(*Server).Serve in goroutine 12787
net/http/server.go:3454 +0x485"}
Background
I was attempting to update the TLS config and set an automatic issuer, so I was writing to the URL /config/apps/tls/automation/policies.
{
"subjects": [
"myservice.internal"
],
"issuers": [
{
"module": "internal"
}
]
}
However, that was not working; I received the error invalid traversal path at: config/apps/tls/automation caddy.
I found this thread: #3501, with the following comment:
In your case, just do POST /config/ with the whole body (sans servers) and then it should be easy to add a server after that.
I thought I might be hitting that issue, so I POST-ed an empty configuration at /config:
{
"apps": {
"http": {},
"tls": {
"automation": {}
}
}
}
I then attempting to post my TLS config again, at the previous endpoint /config/apps/tls/automation/policies. This resulted in the panic-crash loop.
The entire interaction was automated, so I have recreated the request bodies for this report- I didn't record the exact requests in the log output.
The only seemingly relevant line from the caddy log (before the panic) is:
{"level":"error","ts":1750121211.771274,"logger":"admin.api","msg":"request error","error":"loading new config: loading tls app module: decoding module config: tls: json: cannot unmarshal object into Go struct field AutomationConfig.automation.policies of type []*caddytls.AutomationPolicy","status_code":500}