AWS ElasticBeanstalk Docker platform with Caddy

Help
1

1. The problem I’m having:

I’m trying to deploy this github repository[1] to aws elasticbeanstalk, but for some reason the default configuration does not work in that environment while it does in my machine.

I suspect the reason is that meanwhile in my computer the connection is directly done against the caddy server using https, in aws I have a loadbalancer which is the one handling the https and then connecting to the caddy container using http. So what I should configure is something like CLIENT — HTTPS —> LOAD BALANCER — HTTP —> CADDY —> PHP.

How could I modify the Caddy configuration to work with the http protocol in this scenario?

Thank you for your time

2. Error messages and/or full log output:

Loops multiple times getting HTTP 308 response from caddy.

3. Caddy version:

4. How I installed and ran Caddy:

a. System environment:

Docker

FROM caddy:2

b. Command:

Whatever does the official image to run the container

c. Service/unit/compose file:

version: "3.4"

services:
  php:
    build:
      context: .
      target: symfony_php
      args:
        SYMFONY_VERSION: ${SYMFONY_VERSION:-}
        SKELETON: ${SKELETON:-symfony/skeleton}
        STABILITY: ${STABILITY:-stable}
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
    healthcheck:
      interval: 10s
      timeout: 3s
      retries: 3
      start_period: 30s

  caddy:
    build:
      context: .
      target: symfony_caddy
    depends_on:
      - php
    environment:
      SERVER_NAME: ${SERVER_NAME:-localhost, caddy:80}
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
      - caddy_data:/data
      - caddy_config:/config
    ports:
      # HTTP
      - target: 80
        published: ${HTTP_PORT:-80}
        protocol: tcp
      # HTTPS
      - target: 443
        published: ${HTTPS_PORT:-443}
        protocol: tcp
      # HTTP/3
      - target: 443
        published: ${HTTP3_PORT:-443}
        protocol: udp

volumes:
  php_socket:
  caddy_data:
  caddy_config:

d. My complete Caddy config:

{
    # Debug
    {$DEBUG}
}

{$SERVER_NAME}

log

route {
    root * /srv/app/public
    mercure {
        # Transport to use (default to Bolt)
        transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
        # Publisher JWT key
        publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
        # Subscriber JWT key
        subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
        # Allow anonymous subscribers (double-check that it's what you want)
        anonymous
        # Enable the subscription API (double-check that it's what you want)
        subscriptions
        # Extra directives
        {$MERCURE_EXTRA_DIRECTIVES}
    }
    vulcain
    push
    php_fastcgi unix//var/run/php/php-fpm.sock
    encode zstd gzip
    file_server
}

5. Links to relevant resources:

[1] GitHub - mtarld/apip-ddd: An example of hexagonal API Platform 3 implementation

2

Just set your site address to :80 to only use HTTP.

3

Changing the following line does not modify Caddy’s behaviour.

{$SERVER_NAME}

to

{$SERVER_NAME}:80

I also tried to disable it using the global option in the 2.6.4 version, but that was also not working.

{
    auto_https off
}

{
    auto_https disable_redirects
}

And even I tried with the following configs

http://{$SERVER_NAME}

http://{$SERVER_NAME}:80

Also modifying the route directive which gave me a HTTP 503

Service Unavailable: Back-end server is at capacity

http://{$SERVER_NAME} {
...
}

http://{$SERVER_NAME}:80 {
...
}
4

I mean change the value of {$SERVER_NAME} in your environment variables to simply :80. Don’t append/prepend anything in your config to that. Or do away with the {$SERVER_NAME} altogether and hard-code :80 in your config.

5

That made it work, thank you so much for your time :smile:

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.