1. Caddy version (caddy version):
1.13 / 2.1(on flight)
2. How I run Caddy:
a. System environment:
Ubuntu 18.04 LTS Server, with Docker 19.03.12
b. Command:
docker run -d \
--name caddy \
--runtime runc \
-v /etc/ssl/caddy:/root/.caddy \
-v /root/docker/caddy/config/Caddyfile:/etc/Caddyfile \
--net host \
--restart always \
-e 'ACME_AGREE=true' \
-e 'ENABLE_TELEMETRY=' -d --entrypoint "/bin/parent caddy" abiosoft/caddy:latest '--conf' '/etc/Caddyfile' '--log' 'stdout' '--agree=$ACME_AGREE' '-quic'
c. Service/unit/compose file:
{
"AppArmorProfile": "unconfined",
"Args": [
"caddy",
"--conf",
"/etc/Caddyfile",
"--log",
"stdout",
"--agree=$ACME_AGREE",
"-quic"
],
"Config": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"--conf",
"/etc/Caddyfile",
"--log",
"stdout",
"--agree=$ACME_AGREE",
"-quic"
],
"Domainname": "",
"Entrypoint": [
"/bin/parent",
"caddy"
],
"Env": [
"ACME_AGREE=true",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"ENABLE_TELEMETRY=false",
"TZ=Asia/Shanghai"
],
"ExposedPorts": {
"2015/tcp": {},
"443/tcp": {},
"80/tcp": {}
},
"Hostname": "fine-pipe-2.localdomain",
"Image": "abiosoft/caddy:latest",
"Labels": {
"caddy_version": "1.0.3",
"maintainer": "Abiola Ibrahim <abiola89@gmail.com>"
},
"OnBuild": null,
"OpenStdin": false,
"StdinOnce": false,
"Tty": false,
"User": "",
"Volumes": {
"/etc/Caddyfile": {},
"/root/.caddy": {},
"/srv": {},
"/var/log": {},
"/var/run": {}
},
"WorkingDir": "/srv"
},
"Created": "2020-07-28T14:07:14.323269148Z",
"Driver": "overlay2",
"ExecIDs": null,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/4f7c825835e347b215db6c4719c3a3e38afb2f27aa948d0f22f02cf5591e91ac-init/diff:/var/lib/docker/overlay2/0767b8507d86050ba8e57df11fed0b7a1996f96a1b373eed0ec1de676afad6b9/diff:/var/lib/docker/overlay2/b8d2e0eafad29569035d85960e3f58052eb8ccbacb157d00ca48136de6b85df2/diff:/var/lib/docker/overlay2/a9208e9007c0bb2071355657ff61346e4daa17c7c12b3226325d6f3a7455fb95/diff:/var/lib/docker/overlay2/f6b162f269fcdd9c000074a9c8cfd8f2796956cc2fc6fb623c5d5e8ad16b4c28/diff:/var/lib/docker/overlay2/2cbd3ef94444090ccea31cdbfb97d2c6207eb56423891940320254b12dad1024/diff:/var/lib/docker/overlay2/329bc482d4eb765d6b13adf0cf7ecd888ed9b81009dcd336d802492cb5a6ca90/diff:/var/lib/docker/overlay2/3d973e112e52c23d26f0164821769bb1db40ff26cd09bb8f73cb3fc8350bf99b/diff",
"MergedDir": "/var/lib/docker/overlay2/4f7c825835e347b215db6c4719c3a3e38afb2f27aa948d0f22f02cf5591e91ac/merged",
"UpperDir": "/var/lib/docker/overlay2/4f7c825835e347b215db6c4719c3a3e38afb2f27aa948d0f22f02cf5591e91ac/diff",
"WorkDir": "/var/lib/docker/overlay2/4f7c825835e347b215db6c4719c3a3e38afb2f27aa948d0f22f02cf5591e91ac/work"
},
"Name": "overlay2"
},
"HostConfig": {
"AutoRemove": false,
"Binds": [
"81895d421fb2f4230e871f462e96ccc7f3962f710238aa9ce720364a6deb86bf:/srv",
"/root/logs:/var/log",
"/var/run:/var/run",
"/root/docker/caddy/config/Caddyfile:/etc/Caddyfile",
"/etc/ssl/caddy:/root/.caddy"
],
"BlkioDeviceReadBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceWriteIOps": null,
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"CapAdd": [
"AUDIT_WRITE",
"CHOWN",
"DAC_OVERRIDE",
"FOWNER",
"FSETID",
"KILL",
"MKNOD",
"NET_BIND_SERVICE",
"NET_RAW",
"SETFCAP",
"SETGID",
"SETPCAP",
"SETUID",
"SYS_CHROOT"
],
"CapDrop": [
"AUDIT_CONTROL",
"BLOCK_SUSPEND",
"DAC_READ_SEARCH",
"IPC_LOCK",
"IPC_OWNER",
"LEASE",
"LINUX_IMMUTABLE",
"MAC_ADMIN",
"MAC_OVERRIDE",
"NET_ADMIN",
"NET_BROADCAST",
"SYSLOG",
"SYS_ADMIN",
"SYS_BOOT",
"SYS_MODULE",
"SYS_NICE",
"SYS_PACCT",
"SYS_PTRACE",
"SYS_RAWIO",
"SYS_RESOURCE",
"SYS_TIME",
"SYS_TTY_CONFIG",
"WAKE_ALARM"
],
"Capabilities": null,
"Cgroup": "",
"CgroupParent": "",
"ConsoleSize": [
0,
0
],
"ContainerIDFile": "",
"CpuCount": 0,
"CpuPercent": 0,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpuShares": 0,
"CpusetCpus": "",
"CpusetMems": "",
"DeviceCgroupRules": null,
"DeviceRequests": null,
"Devices": [],
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IOMaximumBandwidth": 0,
"IOMaximumIOps": 0,
"IpcMode": "private",
"Isolation": "",
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"Links": null,
"LogConfig": {
"Config": {},
"Type": "json-file"
},
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"Memory": 268435456,
"MemoryReservation": 67108864,
"MemorySwap": -1,
"MemorySwappiness": null,
"NanoCpus": 750000000,
"NetworkMode": "host",
"OomKillDisable": false,
"OomScoreAdj": 0,
"PidMode": "",
"PidsLimit": null,
"PortBindings": {},
"Privileged": true,
"PublishAllPorts": false,
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
],
"ReadonlyRootfs": false,
"RestartPolicy": {
"MaximumRetryCount": 0,
"Name": "always"
},
"Runtime": "runc",
"SecurityOpt": [
"label=disable"
],
"ShmSize": 67108864,
"UTSMode": "",
"Ulimits": null,
"UsernsMode": "",
"VolumeDriver": "",
"VolumesFrom": null
},
"HostnamePath": "/var/lib/docker/containers/bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e/hostname",
"HostsPath": "/var/lib/docker/containers/bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e/hosts",
"Id": "bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e",
"Image": "sha256:f2eece677796be745b1906e69bd011e89d5af224b16cd77c0b78e38f6bd3bfd4",
"LogPath": "/var/lib/docker/containers/bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e/bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e-json.log",
"MountLabel": "",
"Mounts": [
{
"Destination": "/etc/Caddyfile",
"Mode": "",
"Propagation": "rprivate",
"RW": true,
"Source": "/root/docker/caddy/config/Caddyfile",
"Type": "bind"
},
{
"Destination": "/root/.caddy",
"Mode": "",
"Propagation": "rprivate",
"RW": true,
"Source": "/etc/ssl/caddy",
"Type": "bind"
},
{
"Destination": "/srv",
"Driver": "local",
"Mode": "z",
"Name": "81895d421fb2f4230e871f462e96ccc7f3962f710238aa9ce720364a6deb86bf",
"Propagation": "",
"RW": true,
"Source": "/var/lib/docker/volumes/81895d421fb2f4230e871f462e96ccc7f3962f710238aa9ce720364a6deb86bf/_data",
"Type": "volume"
},
{
"Destination": "/var/log",
"Mode": "",
"Propagation": "rprivate",
"RW": true,
"Source": "/root/logs",
"Type": "bind"
},
{
"Destination": "/var/run",
"Mode": "",
"Propagation": "rprivate",
"RW": true,
"Source": "/var/run",
"Type": "bind"
}
],
"Name": "/caddy",
"NetworkSettings": {
"Bridge": "",
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"HairpinMode": false,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"MacAddress": "",
"Networks": {
"host": {
"Aliases": null,
"DriverOpts": null,
"EndpointID": "7007fb48204f9af469e44fae0c5f61ab3be59ac7e712e415eb2e768f15dd0593",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": {},
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"Links": null,
"MacAddress": "",
"NetworkID": "db2798a9f970c90a0cceefd9da6de91f1c9609e75f0c045c342532914be7cb3d"
}
},
"Ports": {},
"SandboxID": "1dab269249c6318c2b0aacaf0b09a13dfb19c06decc051a3c4933569142037e6",
"SandboxKey": "/var/run/docker/netns/default",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null
},
"Path": "/bin/parent",
"Platform": "linux",
"Portainer": {
"ResourceControl": {
"Id": 2,
"ResourceId": "bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e",
"SubResourceIds": [],
"Type": 1,
"UserAccesses": [],
"TeamAccesses": [],
"Public": false,
"AdministratorsOnly": true,
"System": false
}
},
"ProcessLabel": "",
"ResolvConfPath": "/var/lib/docker/containers/bb0811122817106dc071d4e9e16d3db99d1fd7e3dc9768d65eaa57b75d445e5e/resolv.conf",
"RestartCount": 0,
"State": {
"Dead": false,
"Error": "",
"ExitCode": 0,
"FinishedAt": "2020-08-23T16:38:55.670886673Z",
"OOMKilled": false,
"Paused": false,
"Pid": 150781,
"Restarting": false,
"Running": true,
"StartedAt": "2020-08-23T16:38:56.321314192Z",
"Status": "running"
}
}
d. My complete Caddyfile or JSON config:
domain.example {
tls my.email@address.com
gzip
timeouts 30s
errors /var/log/caddy/domain.example.log {
rotate_size 5
rotate_age 5
rotate_keep 2
rotate_compress
}
proxy / https://www.baidu.com {
except /v2ray_ws
except /v2ray_h2
except /ds
}
proxy /v2ray_ws localhost:53478 {
websocket
}
proxy /v2ray_h2 https://localhost:53479 {
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}
insecure_skip_verify
}
proxy /ds {
upstream unix:/var/run/v2ray/v2ray.sock
}
}
3. The problem I’m having:
Hi folks,
[TL; DL]
Dose Caddy 1.x or 2 support Abstract Unix Socket?
I’m just trying to use Caddy as my front gateway to receive any TLS encrypted traffic, then decrypt it and pass through to corresponding V2ray (A proxy to jailbreak Chinese Internet censorship) with specific PATH of request.
With Docker V2ray’s limitation(see link below), it cannot handle any exist Unix Socket file, even if it was created by Caddy. Fortunately, V2ray’s developer says that it does support Abstract Unix Socket.
I just failed to pass any traffic from Caddy to Abstract Unix Socket backend of V2ray, with log no such file or directory.
For your great kindness, please correct me if anything that I ignored in my caddyfile. Thanks in advance!
Regards,
nJhEqnvK
4. Error messages and/or full log output:
25/Aug/2020:23:28:00 +0800 [ERROR 502 /ds] dial unix /var/run/v2ray/v2ray.sock: connect: no such file or directory
5. What I already tried:
/ -(Common Traffic)-->(Caddy reverse proxy)-->baidu.com
Client--(h2 / ws+tls)-->Caddy(80/443)--(ws+tls V2ray Traffic)-->(Caddy with unencrypted ws / low performance caused by ws)-->V2ray ws inbound
\ -(h2+tls V2ray Traffic)-->(Caddy with re-encrypted h2 / low performance caused by redundancy encrypt)-->V2ray h2 inbound
What I expect:
/ -(Common Traffic)-->(Caddy reverse proxy)-->baidu.com
Client--(h2/ws/QUIC+tls)-->Caddy(80/443)--(Caddy Unix Socket)-->V2ray ds inbound
6. Links to relevant resources:
- V2ray Guide Link or previous one
- V2ray Github Link for issue with Abstract Unix Socket
- Abstract Unix Socket.
Thanks!