Caddy in separate container while using service name as reverse_proxy target

1. Caddy version (caddy version):

2.4.3

2. How I run Caddy:

a. System environment:

Debian 9+10

b. Command:

docker-compose up

c. Service/unit/compose file:

version: "3"
services:

  caddy:
    image: caddy:alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./Data:/data
      - ./Config:/config
    networks:
      REDACTED-network:
        aliases:
          - REDACTED-docker
networks:
  REDACTED-network:

d. My complete Caddyfile or JSON config:

xx.REDACTED.TLD {
	reverse_proxy <REDACTED SERVICE NAME TO ANOTHER CONTAINER>
}

3. The problem I’m having:

I want to know if it is possible to:

  • Application A started with its own docker-compose file on a bridged network
  • Run Caddy Reverse Proxy from its own docker-compose file on a bridged network
  • Use the docker service name of Application A instead of DNS to avoid publishing Ports from Application A

4. Error messages and/or full log output:

{"level":"error","ts":1629898679.523692,"logger":"http.log.error","msg":"dial tcp: lookup <REDACTED SERVICE NAME TO ANOTHER CONTAINER> on 127.0.0.11:53: no such host","request":{"remote_addr":"91.REDACTED:50597","proto":"HTTP/2.0","method":"GET","host":"xx.REDACTED.TLD","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Mobile":["?0"],"Accept-Language":["de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,cs;q=0.6"],"Dnt":["1"],"Upgrade-Insecure-Requests":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua":["\"Chromium\";v=\"92\", \" Not A;Brand\";v=\"99\", \"Google Chrome\";v=\"92\""],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"xx.REDACTED.TLD"}},"duration":0.029153824,"status":502,"err_id":"wbi0qqcin","err_trace":"reverseproxy.statusError (reverseproxy.go:857)"}

5. What I already tried:

I confirmed that it only worked when I place the content of Caddys docker-compose file into the same docker-compose file of Application A. Once its separated it cannot resolve the service.
My goal is to have running multiple applications with their own docker-compose files behind a caddy as a reverse proxy. Why? To don’t stop ALL containers when I maintain one of the application.

6. Links to relevant resources:

You can do that, but you need to make one of the networks external, and add both to that same network. Docker will not be able to connect two containers on separate networks, they must share a network. (This doesn’t really have anything to do with Caddy)

Thank you very much! Could you give me a last hint what exactly you mean with “external network”? e.g. a link to the Part of the Docker documentation?

One of the options for networks in docker-compose is external: true. This tells docker-compose to not attempt to create a network, but instead reference one that already exists, that you’ve created with docker network create.

See the “Use a pre-existing network” section, in particular.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.