Caddy + Bluemap : a lot of error 522/500

1. Output of caddy version:


2. How I run Caddy:

Proxmox / VM Debian 11 / Docker+Portainer

a. System environment:

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane. -->

d. My complete Caddy config:

# 2022-12-11

(logs) {
	log {
		level error
(debug) {
	log {
		level debug

(redis) {
	redis {

(olric) {
	olric {
		url olric:3320

(souin) {
	allowed_http_verbs GET POST PATCH

	api {
		souin {

	cdn {
		api_key {env.CF_DNS_API_TOKEN}
		dynamic true
		email {env.CF_API_EMAIL}
		provider cloudflare
		strategy soft

	headers Content-Type Authorization

	#log_level debug
	log_level error

	#import redis
	import olric

	default_cache_control no-store

(cache) {
	order cache before rewrite
	cache {
		import souin

(cloudflareTrustedProxies) {
	trusted_proxies fc00::/7
(cloudflare) {
	tls {
		dns cloudflare {env.CF_DNS_API_TOKEN}

	header {
		Host {upstream_hostport}

		X-Forwarded-Proto {scheme}
		X-Forwarded-For {host}


(reverseProxy) {
	import cloudflareTrustedProxies

	import keepalive

	header_up Cache-Control "public,max-age=86400,s-maxage=86400,max-stale=3600,stale-while-revalidate=86400,stale-if-error=86400"
	header_down Cache-Control "public,max-age=86400,s-maxage=86400,max-stale=3600,stale-while-revalidate=86400,stale-if-error=86400"

	header_down X-Powered-By "Zogg"

	header_up Host {host}
	header_down Host {host}

	header_up X-Real-IP {host}
	header_down X-Real-IP {host}

	header_up X-Forwarded-For {host}
	header_down X-Forwarded-For {host}

	header_up Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: https:"
	header_down Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: https:"

	header_down -Via
	header_down -X-Varnish
	header_down -X-Url
	header_down -Link
	header_down -X-Host

(headersGlobal) {
	X-Powered-By "Zogg"
	Host {host}
	X-Real-IP {host}
	X-Forwarded-For {host}

(headersSecurity) {
	Referrer-Policy "strict-origin-when-cross-origin"

	Strict-Transport-Security "max-age=31536000;includeSubDomains;preload"
	X-Permitted-Cross-Domain-Policies: "none"

	X-Content-Type-Options "nosniff"

	X-Frame-Options "SAMEORIGIN"

	X-XSS-Protection 0

	Permissions-Policy "fullscreen=(*),display-capture=(self),accelerometer=(),battery=(),camera=(),autoplay=(self),vibrate=(self),geolocation=(self),midi=(self),notifications=(*),push=(*),microphone=(self),magnetometer=(self),gyroscope=(self),payment=(self)"

	Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: wss: https:"

(headersRobots) {
	X-Robots-Tag "none,noarchive,nosnippet,notranslate,noimageindex"

(headersCaching) {
	Cache-Control "public,max-age=86400,s-maxage=86400,max-stale=3600,stale-while-revalidate=86400,stale-if-error=86400"

(keepalive) {
	transport http {
		#keepalive_idle_conns 512
		#keepalive_idle_conns_per_host 256

(common) {
	encode zstd gzip
	header {
		import headersGlobal
		import headersRobots
		import headersCaching
		import headersSecurity

(pterodadctyl) {
	encode zstd gzip
	header {
		import headersGlobal
		import headersRobots
		Sec-Fetch-Site "cross-site"
		X-Forwarded-Proto "https"
		Access-Control-Allow-Headers "*,Authorization"

	import cache
	import logs
	#import debug

	admin off

	acme_dns cloudflare {env.CF_DNS_API_TOKEN}
	email {env.CF_API_EMAIL}

import /etc/caddy/conf/entries

And the relevant entry:

# 2022-12-11

@maps-clemambpap host
handle @maps-clemambpap {
	import common
	reverse_proxy {
	#reverse_proxy {
		import reverseProxy

3. The problem I’m having:

Browsing this while http is flawless.
When I switch to https I run into error 522/500 for most of calls.

4. Error messages and/or full log output:

Paste logs/commands/output here.

5. What I already tried:

… browsing in local http mode…

6. Links to relevant resources:

Bluemap: BlueMap - Minecraft Mod and plugin

As with your other topic, I’m not seeing a problem with Caddy here. There’s not enough detail in the post to have any evidence of a problem.

Well I’ll try to clarify.

If I go to, I get full of 522 or 500.
If I browse locally (without https and without Caddy) it display without errors.

I think that adding an https layer do something ‘bad’ and maybe there is a need of tuning for Caddy ?

This software display a ‘game map’ and each part of the map is a tile which is loaded/displayed by a call to the server. So that’s why there is many many calls between the browser and the server.

And maybe (I don’t really know) this is to much for handling https/tls from Caddy and I can tune something ?

Pretty much everything in this makes no sense, frankly.

You should not use both header_up and header_down for every header. That doesn’t make sense. HTTP headers usually only either make sense in a request, or in a response, and not both.

I’ve mentioned in another topic that Caddy sets proxy headers appropriately by default, so if you override those, it can break things.

Either way, those status codes are coming from the upstream app, not from Caddy. I can’t tell you what’s going on there, we can’t provide support for other software.

You are right! I simplified my caddyfile :slight_smile: (but I kept trusted_proxies)
Let say that this is a noob error…
My apologies!

1 Like

I am an old man who tends to prefer to manage his own way.
But I have to admit that the default setup of Caddy works perfectly.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.