Caddy docker image point to a host port that isn't a docker image?

1. Caddy version (caddy version):

No idea, but it pulls caddy/caddy from docker

2. How I run Caddy:

via docker

a. System environment:

Ubuntu 18.04
Docker version 20.10.16, build aa7e414

b. Command:

docker-compose up -d

c. Service/unit/compose file:

version: '3.6'
services:
  graphql-engine:
    image: hasura/graphql-engine:v2.6.0
    restart: always
    command:
      - graphql-engine
      - serve
  caddy:
    image: caddy/caddy
    depends_on:
      - 'graphql-engine'
    restart: always
    ports:
      - '80:80'
      - '443:443'
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy_certs:/root/.caddy
    extra_hosts:
      - host.docker.internal:host-gateway

volumes:
  db_data:
  caddy_certs:

d. My complete Caddyfile or JSON config:

https://hasura.__domain__.io {
  reverse_proxy * graphql-engine:8080 {
      header_up Host {http.request.host}
      header_up X-Real-IP {http.request.remote}
      header_up X-Forwarded-For {http.request.remote}
      header_up X-Forwarded-Port {http.request.port}
      header_up X-Forwarded-Proto {http.request.scheme}
  }
}

https://api.__domain__.io {
  reverse_proxy * localhost:5001
}

3. The problem I’m having:

I am relatively new in caddy world.

I run caddy via docker, and a non-dockerize node.js app listen on host port 5001 managed by PM2.

I’m trying to

map hasura.domain.io to docker service

map api.__domain.io to host nodejs with port 5001

The hasura.domain.io is working fine, but api.domain.io raise connection refused exception.

4. Error messages and/or full log output:

{“level”:“error”,“ts”:1653664366.1785572,“logger”:“http.log.error”,“msg”:“dial tcp localhost:5001: connect: connection refused”,“request”:{“method”:“GET”,“uri”:"/",“proto”:“HTTP/2.0”,“remote_addr”:“73.76.131.33:53641”,“host”:“api.funcube.io”,“headers”:{“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Mode”:[“navigate”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9,zh;q=0.8”],“Sec-Ch-Ua-Mobile”:["?0"],“Upgrade-Insecure-Requests”:[“1”],“Dnt”:[“1”],“User-Agent”:[“Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Sec-Ch-Ua”:["" Not A;Brand";v=“99”, “Chromium”;v=“101”, “Google Chrome”;v=“101"”],“Sec-Ch-Ua-Platform”:["“macOS”"]},“tls”:{“resumed”:false,“version”:772,“ciphersuite”:4865,“proto”:“h2”,“proto_mutual”:true,“server_name”:“api.funcube.io”}},“status”:502,“err_id”:“ce1ngdisx”,“err_trace”:“reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:362)”}

5. What I already tried:

6. Links to relevant resources:

You shouldn’t be using caddy/caddy. That’s not the official image, that’s our CI target. Use caddy instead. See on Docker Hub

Also, you can run docker-compose exec caddy caddy version to find out which version you’re running.

That’s not the right volume to use. See the docs on Docker Hub

Remove all these lines. They’re not necessary, and in some cases actively harmful. Caddy already sets these headers appropriately:

I think you want to do reverse_proxy host.docker.internal:5001. That domain (with that extra_hosts line you added to your docker-compose.yml) will be the IP address of your host machine.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.