Access Caddy server API from remote http

1. Caddy version (caddy version):

v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=

2. How I run Caddy:

caddy start

a. System environment:

AWS EC2 Ubuntu 18.04

b. Command:

Run server

caddy start

Load config

curl localhost:2019/load -H 'Content-Type: application/json' -d @config.json

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

{
  "admin": {
    "disabled": false,
    "enforce_origin": false,
    "origins": ["localhost:2019","103.55.1.2:2019","54.190.1.2:2019"]
  },
  "apps": {
    "HTTP": {
      "servers": {
        "scanning": {
          "listen": [":443"],
          "routes": [{
            "handle": [{
              "handler": "file_server",
              "root": "/var/www/html/app-frontend"
            }],
            "match": [{
              "host": ["caddy.example.com"]
            }]
          }]
        }
      }
    }
  }
}

Where the IP address

  • 103.55.1.2: My ISP IP address
  • 54.190.1.2: The EC2 private IP address

3. The problem I’m having:

I’m trying to get the config from the postman using the EC2 IP address but it does not work.

http://54.190.1.2:2019/config/

4. Error messages and/or full log output:

It gives Request Time out in the Postman.

5. What I already tried:

I tried this solution
https://caddy.community/t/host-not-allowed-when-calling-the-api-remotely/7670/2?u=anujs

6. Links to relevant resources:

You need to change the listen address from its default of localhost:2019 to 0.0.0.0:2019 to make it accessible from outside.

Make sure to have somekind of authentication or firewall limiting access to only you, otherwise anyone could push configuration changes to your server.

Frankly, the better approach would be to set up an SSH tunnel to your VPS such that requests locally to port 2019 would be routed through the tunnel to your VPS. That way the config API is protected by your SSH key.

ssh <username>@<server-ip> -L 2019:localhost:2019

This essentially means “bind port 2019 (on the local machine) to the SSH remote such that it makes requests to localhost:2019 on the remote”.

This topic was automatically closed after 30 days. New replies are no longer allowed.