1. Caddy version:
docker-compose exec caddy caddy version
v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=
2. How I installed, and run Caddy:
It is running on a docker container
a. System environment:
Host system: macOS Ventura 13.2
Chip: Apple M1 Pro
Docker version 20.10.21
b. Command:
N/A
c. Service/unit/compose file:
services:
partners-api.test:
build:
context: ./vendor/laravel/sail/runtimes/8.1
dockerfile: Dockerfile
args:
WWWGROUP: '${WWWGROUP}'
image: sail-8.1/app
extra_hosts:
- 'host.docker.internal:host-gateway'
ports:
- '${VITE_PORT:-5173}:${VITE_PORT:-5173}'
expose:
- '${APP_PORT:-80}:80'
environment:
WWWUSER: '${WWWUSER}'
LARAVEL_SAIL: 1
XDEBUG_MODE: '${SAIL_XDEBUG_MODE:-off}'
XDEBUG_CONFIG: '${SAIL_XDEBUG_CONFIG:-client_host=host.docker.internal}'
volumes:
- '.:/var/www/html'
networks:
- sail
caddy:
image: caddy:latest
restart: unless-stopped
ports:
- '2443:443'
volumes:
- './docker/Caddyfile:/etc/caddy/Caddyfile'
- sail-caddy:/data
- sail-caddy:/config
depends_on:
- partners-api.test
networks:
- sail
networks:
sail:
driver: bridge
d. My complete Caddy config:
# docker/Caddyfile
{
on_demand_tls {
ask http://partners-api.test/.well-known/caddy-check
}
local_certs
}
:443 {
tls internal {
on_demand
}
reverse_proxy partners-api.test {
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-Port 443
health_timeout 5s
}
}
3. The problem I’m having:
When I try to visit my domain through Chrome browser, I see the following error message:
4. Error messages and/or full log output:
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.6975405,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
partners-apimydomain-caddy-1 | {"level":"warn","ts":1674745412.6984694,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.6992054,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.699716,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4000500930"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.6997588,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.6997736,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
partners-apimydomain-caddy-1 | {"level":"warn","ts":1674745412.7116919,"logger":"pki.ca.local","msg":"installing root certificate (you might be prompted for password)","path":"storage:pki/authorities/local/root.crt"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7119513,"msg":"Warning: \"certutil\" is not available, install \"certutil\" with \"apt install libnss3-tools\" or \"yum install nss-tools\" and try again"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7119637,"msg":"define JAVA_HOME environment variable to use the Java trust"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7321715,"msg":"certificate installed properly in linux trusts"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7325108,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7325208,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7325916,"logger":"tls","msg":"finished cleaning storage units"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7327018,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details."}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.732917,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7329533,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7330842,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
partners-apimydomain-caddy-1 | {"level":"info","ts":1674745412.7330997,"msg":"serving initial configuration"}
5. What I already tried:
I’ve tried to set the minimum TLS version (despite I’m running TLSv1.3) but it didn’t work:
tls {
protocols tls1.0 tls1.3 #min max
}