502 Error - New Caddy2 + Php dev environment

1. Caddy version (2):

2. How I run Caddy:

a. System environment:

Ubuntu 20.04 Desktop (Dev environment)

b. Command:

#Start
barco@Creativ:~/Desktop$ ./caddy start
#Change config
barco@Creativ:~/Desktop$ ./caddy fmt
barco@Creativ:~/Desktop$ ./caddy adapt
barco@Creativ:~/Desktop$ ./caddy reload
# Stop (When I've had enough ;-)
barco@Creativ:~/Desktop$ ./caddy stop

c. Service/unit/compose file:

Not using Docker / Kubernetes with Caddy right now.

d. My complete Caddyfile or JSON config:

:2024 {
	root * /home/barco/dev/web/public
	encode gzip
	php_fastcgi unix//var/run/php/php8.0-fpm.sock
	file_server
}

3. The problem I’m having:

Trying to load this site but seem to be having permissions errors. I’ve added my user to www-data group to satisfy php-fpm.

barco@Creativ:~/Desktop$ curl -v http://localhost:2024/
*   Trying 127.0.0.1:2024...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 2024 (#0)
> GET / HTTP/1.1
> Host: localhost:2024
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 502 Bad Gateway
< Server: Caddy
< Date: Tue, 21 Jun 2022 06:58:19 GMT
< Content-Length: 0
< 
* Connection #0 to host localhost left intact

4. Error messages and/or full log output:

I had surprising difficulty adding debug mode into my config. I followed this guide Global options (Caddyfile) — Caddy Documentation but after fmt adapt complains the caddyFile is not formatted. I tried various ways including mirroring the tabbed indents in a code editor before running adapt.

Here’s the Caddy output when running Curl

barco@Creativ:~/Desktop$ 2022/06/21 06:58:19.105	ERROR	http.log.error	dialing backend: dial unix /var/run/php/php8.0-fpm.sock: connect: permission denied	{"request": {"remote_ip": "127.0.0.1", "remote_port": "51160", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:2024", "uri": "/", "headers": {"User-Agent": ["curl/7.68.0"], "Accept": ["*/*"]}}, "duration": 0.000332176, "status": 502, "err_id": "6bpb9x8f0", "err_trace": "reverseproxy.statusError (reverseproxy.go:1196)"}
2022/06/21 07:06:35.246	ERROR	http.log.error	dialing backend: dial unix /var/run/php/php8.0-fpm.sock: connect: permission denied	{"request": {"remote_ip": "127.0.0.1", "remote_port": "51162", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:2024", "uri": "/", "headers": {"Sec-Fetch-User": ["?1"], "Sec-Gpc": ["1"], "User-Agent": ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"], "Cookie": [], "Sec-Fetch-Dest": ["document"], "Sec-Fetch-Site": ["none"], "Dnt": ["1"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Upgrade-Insecure-Requests": ["1"], "Connection": ["keep-alive"], "Sec-Fetch-Mode": ["navigate"]}}, "duration": 0.000694203, "status": 502, "err_id": "0e41ch882", "err_trace": "reverseproxy.statusError (reverseproxy.go:1196)"}

5. What I already tried:

I’ve searched the Forum and tried the suggestions from [Caddy V2] + PHP 7.2

sudo usermod -a -G www-data barco

Uncommented in /etc/php/8.0/fpm/pool.d/www.conf

listen.mode = 0660

It still feels like a permissions error to me. But I’m unsure how to satisfy the required permissions in this case.

6. Links to relevant resources:

1 Like

I strongly recommend running Caddy as a systemd service, and not as your own user.

If you install with the apt repo as per the instructions in Install — Caddy Documentation, the systemd service will be set up for your out of the box.

Then follow these steps to configure and run it:

Also, taking this path, make sure to move your site/code to /srv or /var/www/html, i.e. somewhere not inside of /home, and make sure the files are accessible by the www-data user.

2 Likes

@francislavoie Thanks for the suggestion I’ve installed it this way.

As for the paths my initial paths are in a Dev environment which is why all the files are owned by my user. Bumped into a use case where I needed a SSL environment for local dev and thought it’s a good time to try Caddy self signed rather than roll one with OpenSSL.

I’ve not quite won the permissions war just yet in the dev environment but will toy a bit more and revert back. In the early days of dev I used Apache with a symlinked Dev directory (a bit rough on the setup and tear down). These days I run NPM / PHP from the Dev directory along with Git.

Once I’m more familiar with Caddy I’m keen to roll it out to production servers. Been using Apache / Ngnix / LiteSpeed + Haproxy in the past. Caddy’s ease of configuration is a breath of fresh air. Especially since it’s easy to script as well.

1 Like