1. The problem I’m having:
Hi all, and thanks in advance for any suggestions/help you can offer.
I’m trying to run photoprismpi which comes with caddy pre-installed, and having issues getting things set up properly.
- I can connect fine via local network and photoprism works okay
- I can connect fine via http and photoprism works okay
- When I run caddy, I don’t seem to get any errors - UNTIL I try to connect
- I’m getting an error related to “aborting with incomplete response” and not able to load anything
- My DNS is configured through Cloudflare with Cloudflare’s DNS obfuscating features disabled - my public IP is exposed directly.
2. Error messages and/or full log output:
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5529103,"logger":"events","msg":"event","name":"tls_get_certificate","id":"ffdb461b-28ca-4be2-a141-d67485b64954","origin":"tls","data":{"client_hello":{"CipherSuites":[47802,4865,4866,4867,49195,49199,49196,49200,52393,52392,49171,49172,156,157,47,53],"ServerName":"photos.jemgaming.co.uk","SupportedCurves":[43690,29,23,24],"SupportedPoints":"AA==","SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537],"SupportedProtos":["h2","http/1.1"],"SupportedVersions":[6682,772,771],"RemoteAddr":{"IP":"86.172.178.154","Port":60159,"Zone":""},"LocalAddr":{"IP":"192.168.68.90","Port":443,"Zone":""}}}}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5535808,"logger":"tls.handshake","msg":"choosing certificate","identifier":"photos.jemgaming.co.uk","num_choices":1}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5536587,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"photos.jemgaming.co.uk","subjects":["photos.jemgaming.co.uk"],"managed":true,"issuer_key":"acme-v02.api.letsencrypt.org-directory","hash":"1629ba3bbc1dff764db442e0a62c976f4d38f5ff593f33a24275dbb6002badb3"}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5537088,"logger":"tls.handshake","msg":"matched certificate in cache","remote_ip":"86.172.178.154","remote_port":"60159","subjects":["photos.jemgaming.co.uk"],"managed":true,"expiration":1720895711,"hash":"1629ba3bbc1dff764db442e0a62c976f4d38f5ff593f33a24275dbb6002badb3"}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5709314,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:443","total_upstreams":1}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"debug","ts":1713125769.5726206,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:443","duration":0.001474353,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Fetch-Site":["cross-site"],"X-Forwarded-For":["86.172.178.154"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Host":["photos.jemgaming.co.uk"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"headers":{},"status":400}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"error","ts":1713125769.5735304,"logger":"http.handlers.reverse_proxy","msg":"reading from backend","error":"read tcp 127.0.0.1:59152->127.0.0.1:443: read: connection reset by peer"}
Apr 14 20:16:09 photoprismpi caddy[6859]: {"level":"error","ts":1713125769.5737624,"logger":"http.handlers.reverse_proxy","msg":"aborting with incomplete response","upstream":"127.0.0.1:443","duration":0.001474353,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Fetch-Site":["cross-site"],"X-Forwarded-For":["86.172.178.154"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Host":["photos.jemgaming.co.uk"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"error":"reading: read tcp 127.0.0.1:59152->127.0.0.1:443: read: connection reset by peer"}
Apr 14 20:17:17 photoprismpi caddy[6859]: {"level":"debug","ts":1713125837.4073222,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:443","total_upstreams":1}
Apr 14 20:17:17 photoprismpi caddy[6859]: {"level":"debug","ts":1713125837.4097202,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:443","duration":0.002034643,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["cross-site"],"Accept-Encoding":["gzip, deflate, br, zstd"],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"X-Forwarded-For":["86.172.178.154"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Dest":["document"],"X-Forwarded-Host":["photos.jemgaming.co.uk"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"headers":{},"status":400}
Apr 14 20:17:17 photoprismpi caddy[6859]: {"level":"error","ts":1713125837.4108896,"logger":"http.handlers.reverse_proxy","msg":"reading from backend","error":"read tcp 127.0.0.1:59890->127.0.0.1:443: read: connection reset by peer"}
Apr 14 20:17:17 photoprismpi caddy[6859]: {"level":"error","ts":1713125837.411224,"logger":"http.handlers.reverse_proxy","msg":"aborting with incomplete response","upstream":"127.0.0.1:443","duration":0.002034643,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["cross-site"],"Accept-Encoding":["gzip, deflate, br, zstd"],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"X-Forwarded-For":["86.172.178.154"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Dest":["document"],"X-Forwarded-Host":["photos.jemgaming.co.uk"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"error":"reading: read tcp 127.0.0.1:59890->127.0.0.1:443: read: connection reset by peer"}
Apr 14 20:17:19 photoprismpi caddy[6859]: {"level":"debug","ts":1713125839.460916,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:443","total_upstreams":1}
Apr 14 20:17:19 photoprismpi caddy[6859]: {"level":"debug","ts":1713125839.463186,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:443","duration":0.001911145,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-Proto":["https"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Fetch-Dest":["document"],"X-Forwarded-For":["86.172.178.154"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-User":["?1"],"X-Forwarded-Host":["photos.jemgaming.co.uk"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Site":["cross-site"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"headers":{},"status":400}
Apr 14 20:17:19 photoprismpi caddy[6859]: {"level":"error","ts":1713125839.4643373,"logger":"http.handlers.reverse_proxy","msg":"reading from backend","error":"read tcp 127.0.0.1:59900->127.0.0.1:443: read: connection reset by peer"}
Apr 14 20:17:19 photoprismpi caddy[6859]: {"level":"error","ts":1713125839.4644992,"logger":"http.handlers.reverse_proxy","msg":"aborting with incomplete response","upstream":"127.0.0.1:443","duration":0.001911145,"request":{"remote_ip":"86.172.178.154","remote_port":"60159","client_ip":"86.172.178.154","proto":"HTTP/2.0","method":"GET","host":"photos.jemgaming.co.uk","uri":"/library/login","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-Proto":["https"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0"],"Sec-Fetch-Dest":["document"],"X-Forwarded-For":["86.172.178.154"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Microsoft Edge\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-User":["?1"],"X-Forwarded-Host":["photos.jemgaming.co.uk"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Site":["cross-site"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"photos.jemgaming.co.uk"}},"error":"reading: read tcp 127.0.0.1:59900->127.0.0.1:443: read: connection reset by peer"}
3. Caddy version:
v2.7.6
4. How I installed and ran Caddy:
a. System environment:
- Installed as part of photoprismpi: SD Card Image - PhotoPrism
b. Command:
- Ran via
sudo caddy start
,sudo caddy run
andsudo systemctl start caddy
at different times with the same outcome.
c. Service/unit/compose file:
I don’t know where to find this one unfortunately, I’m sorry!
d. My complete Caddy config:
## Global Options ##
{
admin off
https_port 443
auto_https disable_redirects
email admin@jemgaming.co.uk
debug
}
## Local HTTPS ##
127.0.0.1,
*.local,
localhost,
photoprism,
photoprismpi,
photoprism.local,
*.photoprism.local,
photoprismpi.local,
*.photoprismpi.local {
tls internal {
on_demand
}
# reverse_proxy 127.0.0.1:443
}
## External HTTPS ###
https://photos.jemgaming.co.uk {
reverse_proxy 127.0.0.1:443
}