Caddy on docker RPI block all connection RPI not accesible until stop

fabioperencin · March 23, 2022, 3:09pm

1. Caddy version (`caddy version`):

caddy:latest

2. How I run Caddy:

docker with docker-container

a. System environment:

Raspberry PI 3b raspOS 5.10.103-v7+ armv7l

b. Command:

docker-compose up -d caddy

c. Service/unit/compose file:

 caddy:
    container_name: caddy
    image: caddy:latest
    volumes:
    - /home/pi/caddy/Caddyfile:/etc/caddy/Caddyfile
    - /home/pi/caddy/data:/data
    environment:
    - TZ=Europe/Rome
    restart: always
    ports:
    - 80:80
    - 443:443

d. My complete Caddyfile or JSON config:

(https_header) {
        header {
                Strict-Transport-Security "max-age=31536000; includeSubdomains"
                X-XSS-Protection "1; mode=block"
                X-Content-Type-Options "nosniff"
                X-Frame-Options "SAMEORIGIN"
                Referrer-Policy "same-origin"
        }
}

{
        # Global options block. Entirely optional, https is on by default
        # Optional email key for lets encrypt
       email <my_email>
        # Optional staging lets encrypt for testing. Comment out for production.
        # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
}
https://<my_domain>.duckdns.org {
    respond "Saluti da Fabio"
    file_server
}

https://<my_domain>.duckdns.org:9000 {
        import https_header
        reverse_proxy http://192.168.1.11:8123
}

3. The problem I’m having:

After I instaced the caddy docker all connections are dropped. If I’m connected trough SSH the connection was closed and it cant access anymore. Inside the RPI I can’t ping anything outside, google or the router. If I stop the docker docker stop caddy all return to normal status.
What I did wrong?
Thanks

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

francislavoie · March 23, 2022, 3:22pm

Which version exactly? Please run caddy version inside your container to find it.

It’s strongly discouraged to use the latest tag, because it doesn’t let you control your version updates. It’s best to pin to a specific version, and upgrade by changing the tag to the newest version, periodically.

Huh? That doesn’t make sense… you must have a misconfiguration of your RPI’s system, this definitely has nothing to do with Caddy.

fabioperencin · March 24, 2022, 2:26pm

I set the version to the 2.4.6-alpine with the same result. Yes I know that it is very strange, infact I don’t understant where is the problem with this, but if i run another docker in the same system I didn’t had an isolation of the RPI. Maybe the iptables? Or what?
Thanks

system · April 22, 2022, 3:09pm

This topic was automatically closed after 30 days. New replies are no longer allowed.