Caddy 2 infinite redirect with reverse_proxy

1. My Caddy version (caddy -version):

The latest beta version: 2.0 beta 14

By the way, caddy -version command didn’t work:

[ERROR] first argument must be a subcommand; see 'caddy help'

2. How I run Caddy:

a. System environment:

  • Ubuntu 18.04.4
  • systemd 237
  • Ruby 2.7.0
  • Rails
  • Puma 4.3.1

b. Command:

After copying all config files and creating caddy user/group:

sudo systemctl daemon-reload
sudo systemctl enable caddy
sudo systemctl start caddy

c. Service/unit/compose file:

Description=Caddy Web Server

ExecStart=/usr/bin/caddy run --config /etc/caddy/Caddyfile --adapter caddyfile --resume --environ
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --adapter caddyfile


d. My complete Caddyfile: {
  reverse_proxy localhost:3000  

3. The problem I’m having:

  • Running Caddy without any directives (except the FQDN) works – I get a 200 response code and the empty response body
  • Running Caddy with a respond directive works – I get a 200 response and the response body
  • Running Caddy with a reverse_proxy directive but with inactive backend (puma server) works as well – I get a 502 (Bad Gateway) response code (something that I’d expect)
  • Running Caddy with a reverse_proxy directive and active backend (puma listening on tcp:// causes the infinite redirect

4. Error messages and/or full log output:

Requests never reach Puma server so no logs from there.

Output from grep "caddy" /var/log/syslog (timestamps & hostname not included):

caddy[893]: caddy.HomeDir=/var/lib/caddy
caddy[893]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
caddy[893]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
caddy[893]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
caddy[893]: runtime.GOOS=linux
caddy[893]: runtime.GOARCH=amd64
caddy[893]: runtime.Compiler=gc
caddy[893]: runtime.NumCPU=1
caddy[893]: runtime.GOMAXPROCS=1
caddy[893]: runtime.Version=go1.13.7
caddy[893]: os.Getwd=/
caddy[893]: LANG=C.UTF-8
caddy[893]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
caddy[893]: HOME=/var/lib/caddy
caddy[893]: LOGNAME=caddy
caddy[893]: USER=caddy
caddy[893]: INVOCATION_ID=bac5a082bf424d5aa981240272b2f5f0
caddy[893]: JOURNAL_STREAM=9:17536
caddy[893]: 2020/02/17 07:56:32.574#011#033[34mINFO#033[0m#011resuming from last configuration#011{"autosave_file": "/var/lib/caddy/.config/caddy/autosave.json"}
caddy[893]: 2020/02/17 07:56:32.636#011#033[34mINFO#033[0m#011admin#011admin endpoint started#011{"address": "localhost:2019", "enforce_origin": false, "origins": ["localhost:2019"]}
caddy[893]: 2020/02/17 07:56:32.636#011#033[34mINFO#033[0m#011http#011server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS#011{"server_name": "srv0", "https_port": 443}
caddy[893]: 2020/02/17 07:56:32.636#011#033[34mINFO#033[0m#011http#011enabling automatic HTTP->HTTPS redirects#011{"server_name": "srv0"}
caddy[893]: 2020/02/17 07:56:32.637#011#033[34mINFO#033[0m#011http#011enabling automatic TLS certificate management#011{"domains": [""]}
caddy[893]: 2020/02/17 07:56:32 [INFO][cache:0xc0000945a0] Started certificate maintenance routine
caddy[893]: 2020/02/17 07:56:32.782#011#033[34mINFO#033[0m#011tls#011cleaned up storage units
caddy[893]: 2020/02/17 07:56:32.782#011#033[34mINFO#033[0m#011autosaved config#011{"file": "/var/lib/caddy/.config/caddy/autosave.json"}
caddy[893]: 2020/02/17 07:56:32.782#011#033[34mINFO#033[0m#011serving initial configuration

5. What I already tried:

Infinite redirect: {

The same: {
  reverse_proxy / localhost:3000

You guessed it :slight_smile:

reverse_proxy localhost:3000

The problem was in a Rails configuration that 301’ed all HTTP connections to HTTPS:

config.force_ssl = true
1 Like

Progress report: to enable the force_ssl directive in your Rails app, send the following headers to your Rails backend:

reverse_proxy {

  header_up X-Forwarded-For {http.request.remote}
  header_up X-Forwarded-Port {server_port}
  header_up X-Forwarded-Proto {http.request.scheme}

Btw, the command is caddy version in v2: Command Line — Caddy Documentation, the instructions in the thread template are for v1, @matt I think the template needs updating?

Also, you could write your directive like this, a bit simpler:

reverse_proxy {
  header_up X-Forwarded-For {remote_host}
  header_up X-Forwarded-Port {server_port}
  header_up X-Forwarded-Proto {scheme}
1 Like

What template, where?

The thread template for the help category, i.e. 1. My Caddy version (caddy -version): :stuck_out_tongue:

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.