Caddy docker image point to a host port that isn't a docker image?

1. Caddy version (caddy version):

No idea, but it pulls caddy/caddy from docker

2. How I run Caddy:

via docker

a. System environment:

Ubuntu 18.04
Docker version 20.10.16, build aa7e414

b. Command:

docker-compose up -d

c. Service/unit/compose file:

version: '3.6'
    image: hasura/graphql-engine:v2.6.0
    restart: always
      - graphql-engine
      - serve
    image: caddy/caddy
      - 'graphql-engine'
    restart: always
      - '80:80'
      - '443:443'
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy_certs:/root/.caddy
      - host.docker.internal:host-gateway


d. My complete Caddyfile or JSON config: {
  reverse_proxy * graphql-engine:8080 {
      header_up Host {}
      header_up X-Real-IP {http.request.remote}
      header_up X-Forwarded-For {http.request.remote}
      header_up X-Forwarded-Port {http.request.port}
      header_up X-Forwarded-Proto {http.request.scheme}
} {
  reverse_proxy * localhost:5001

3. The problem I’m having:

I am relatively new in caddy world.

I run caddy via docker, and a non-dockerize node.js app listen on host port 5001 managed by PM2.

I’m trying to

map to docker service

map to host nodejs with port 5001

The is working fine, but raise connection refused exception.

4. Error messages and/or full log output:

{“level”:“error”,“ts”:1653664366.1785572,“logger”:“http.log.error”,“msg”:“dial tcp localhost:5001: connect: connection refused”,“request”:{“method”:“GET”,“uri”:"/",“proto”:“HTTP/2.0”,“remote_addr”:“”,“host”:“”,“headers”:{“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Mode”:[“navigate”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9,zh;q=0.8”],“Sec-Ch-Ua-Mobile”:["?0"],“Upgrade-Insecure-Requests”:[“1”],“Dnt”:[“1”],“User-Agent”:[“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Sec-Ch-Ua”:["" Not A;Brand";v=“99”, “Chromium”;v=“101”, “Google Chrome”;v=“101"”],“Sec-Ch-Ua-Platform”:["“macOS”"]},“tls”:{“resumed”:false,“version”:772,“ciphersuite”:4865,“proto”:“h2”,“proto_mutual”:true,“server_name”:“”}},“status”:502,“err_id”:“ce1ngdisx”,“err_trace”:“reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:362)”}

5. What I already tried:

6. Links to relevant resources:

You shouldn’t be using caddy/caddy. That’s not the official image, that’s our CI target. Use caddy instead. See on Docker Hub

Also, you can run docker-compose exec caddy caddy version to find out which version you’re running.

That’s not the right volume to use. See the docs on Docker Hub

Remove all these lines. They’re not necessary, and in some cases actively harmful. Caddy already sets these headers appropriately:

I think you want to do reverse_proxy host.docker.internal:5001. That domain (with that extra_hosts line you added to your docker-compose.yml) will be the IP address of your host machine.

1 Like