Automatic https and reverse proxy

goncalo-oliveira · February 12, 2021, 5:13pm

1. Caddy version (`caddy version`):

v2.3.0

2. How I run Caddy:

systemctl

a. System environment:

Ubuntu 20.10

b. Command:

It’s running as a background service

d. My complete Caddyfile or JSON config:

my-domain.com {
   reverse_proxy 127.0.0.1:8080
}

3. The problem I’m having:

I’ve configured Caddy to use as a reverse proxy to a gateway serving on port 8080. The configuration worked fine, the certificate was generated and it works great when using https scheme. However, I was expecting Automatic http => https redirection, as it was pointed out that should be out of the box. Sadly, it doesn’t? If I access via http I am not redirected to https.
Do I need to configure this as well?

4. Error messages and/or full log output:

caddy[2319]: JOURNAL_STREAM=8:45971
caddy[2319]: {“level”:“info”,“ts”:1613149126.1661174,“msg”:“using provided configuration”,“config_file”:"/etc/caddy/Caddyfile",“config_adapter”:""}
caddy[2319]: {“level”:“info”,“ts”:1613149126.168445,“logger”:“admin”,“msg”:“admin endpoint started”,“address”:“tcp/localhost:2019”,“enforce_origin”:false,“origins”:[“localhost:2019”,"[::1]:2019",“127.0.0.1:2019”]}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1688745,“logger”:“http”,“msg”:“server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS”,“server_name”:“srv0”,“https_port”:443}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1690955,“logger”:“http”,“msg”:“enabling automatic HTTP->HTTPS redirects”,“server_name”:“srv0”}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1696987,“logger”:“http”,“msg”:“enabling automatic TLS certificate management”,“domains”:[“my-domain.com”]}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1773095,“logger”:“tls.cache.maintenance”,“msg”:“started background certificate maintenance”,“cache”:“0xc000227ab0”}
caddy[2319]: {“level”:“info”,“ts”:1613149126.179411,“logger”:“tls”,“msg”:“cleaned up storage units”}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1897604,“msg”:“autosaved config”,“file”:"/var/lib/caddy/.config/caddy/autosave.json"}
caddy[2319]: {“level”:“info”,“ts”:1613149126.1903179,“msg”:“serving initial configuration”}

5. What I already tried:

I’ve searched for examples and everywhere I read it should be automatic, therefore I haven’t tried adding specific rules.

6. Links to relevant resources:

Mohammed90 · February 12, 2021, 6:14pm

Can you run curl -v 'http://my-domain.com' and share the result?

goncalo-oliveira · February 12, 2021, 6:46pm

Argh! It’s awful when you did something stupid and you realise it too late. When I read your question I immediately remembered there’s a firewall allowing only 443 and not 80. Of course it couldn’t work, the request wouldn’t get to the source! I’ve opened up the port and it works perfectly fine! Returns a redirect location for the https.

Thanks! Sometimes you need to be a duck to figure out what you did wrong. And apologies for the wasted time. Maybe the situation will be useful to someone that does the same mistake.

system · March 14, 2021, 5:13pm

This topic was automatically closed after 30 days. New replies are no longer allowed.