Caddy not working with proxy

Hi,

I’m trying to get caddy working for my containerized websites.

My set up is as follows:

  1. a laradock container suite running caddy and serving 2 domains with multiple sub domains. that seems to be working to an extent.

hijk . com
mnop . com
beta . mnop . com

  1. A containerized version of owncloud running on port 81 that i attempt to proxy to for one of the sub-domains.

cloud . mnop . com

When i try and access the proxied sub-domain i get bad gateway 502 if i try and connect to it from the server its self (localhost:81) it works fine.

my caddyfile is a follows (except there are no spaces between the domain names only did that so the post would allow me to create this post)

www . hijk . com hijk . com {
root /var/www/hijk . com
fastcgi / php-fpm:9000 php {
index index.php
}
ext / .html
rewrite {
to {path} {path}/ /index.php?{query}
}
gzip
browse
log /var/log/caddy/access.log
errors /var/log/caddy/error.log
tls mn@example.net
}

cloud . mnop . com {
proxy / localhost:81 {
transparent
}
}

www . mnop . com mnop . com {
root /var/www/mnop . com/public
ext / .html
tls mn@example.net
}

beta . mnop . com {
root /var/www/beta . mnop . com/Mapping
tls mn@example.net
rewrite {
to {path} {path}/ /index.php?{query}
}
}

Hi @red-smeg, welcome to the Caddy community.

Can you post the output of curl -ILX GET localhost:81 from the Cady host?

You might also want to add errors /path/to/error.log to the site in question, provoke the error, and then look in the log for details - Caddy should put something in there to say why it generated a 502.

HTTP/1.1 302 Found
Date: Thu, 15 Aug 2019 00:25:36 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Set-Cookie: oc4w4l909iud=tpos5f28mseu1rocn9p9g732tp; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=BCViebXOesbAu%2FvC2c%2FKsVQ9qK51i2zEaw%2F5YehqLkmLbseQ5WGWZvtBZwtyEbxmja4owqv5tmOfUNkxkeD9VIxiQsHpM405ZSfhsbOMWesacoNvH1vUDZGlX%2Bzh3qO8; path=/; HttpOnly
Content-Security-Policy: default-src ‘self’; script-src ‘self’ ‘unsafe-eval’; style-src ‘self’ ‘unsafe-inline’; frame-src *; img-src * data: blob:; font-src ‘self’ data:; media-src *; connect-src *
Location: http://localhost:81/login
Content-Length: 0
Content-Type: text/html; charset=UTF-8

HTTP/1.1 200 OK
Date: Thu, 15 Aug 2019 00:25:36 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Set-Cookie: oc4w4l909iud=8uu8tkvpl72n3qrc1dvp8jjbje; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=3tHK8nZvFbKDax1PW0b%2B%2BUJ%2FOrl%2FrNhwJPVgHdpetN0c2EFrFKQA6Yih%2BNUM%2B5CVIljQHXL5V3Q7ZdwLxws4tWZS2Pzuwq5IlIXwyGmTIw2IMn%2Fem4S3eTn%2Frta2rEPP; path=/; HttpOnly
Content-Security-Policy: default-src ‘none’;manifest-src ‘self’;script-src ‘self’ ‘unsafe-eval’;style-src ‘self’ ‘unsafe-inline’;img-src ‘self’ data: blob:;font-src ‘self’;connect-src ‘self’;media-src ‘self’
Content-Length: 10204
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

Pretty rare to have curl work but Caddy fail… Try the errors directive and let me know what Caddy outputs there.

15/Aug/2019:02:08:27 +0000 [ERROR 502 /] dial tcp 127.0.0.1:81: connect: connection refused

You said Caddy is containerized. Did you run curl from within the container (i.e. the Caddy host), or on the Docker host?

Bear in mind that localhost within the container is not the same as localhost on the Docker host. Containers are, in many respects, their own machine.

Aplogies that was from the host not from inside the container. I’ve been doing some reading up and i think the issue is to do with the docker container network.

In detail I am using a premade docker container for owncloud which uses docker-compose to spin up the set of containers and exposes port 81 for access to the owncloud website.

I then use laradock to spin up a caddy server as outlined above. So i can see that the problem i have is that from the host machine i can access owncloud using localhost:81 but that does not mean i can access from inside the caddy container.

I’m honestly out of my depth with how to merge the two as they spin up from different docker-compose.yml’s I was hoping to keep each separate so that the containers could be updated independently

Ok I got it working here’s what i did

  1. I changed the caddyfile to point to cloud.proxy:81 instead of localhost.
  2. on the host machine i added the local IP address of the host as cloud.proxy in the etc/hosts file.

so the only issue i have now is that when i browse www . hijk . com it doesn’t seem to load but if i put hijk . com its ok ?

and now it seems like it works for the first request and then doesn’t respond ?

Those sound like networking issues more than Caddy issues.

If you’ve configured Caddy to respond to the www subdomain as well as the bare domain, it’ll do both. It’s possible one of them follows a different network path.

I’m not sure about it working for the first request and then not responding. Firewall issue?