Caddy + Pterodactyl allocations API connection problem

daniiii5 · November 12, 2025, 8:55am

1. The problem I’m having:

I’m trying to set up Caddy as a reverse proxy for a Pterodactyl server (Panel + Wings) that is behind CGNAT, using an exit node.
The panel works fine at panel.danicdn.tech via HTTP reverse proxy to 10.0.0.2:80. Wings is running on 10.0.0.2:8080, and the allocations are on 0.0.0.0:25565. I want Wings to be accessible over HTTP (for the panel) and TCP (for game ports 25565-25999) through Caddy.
Currently, POST requests to Wings at https://wings.danicdn.tech:25565/up fail, and plain HTTP access also does not work. SFTP to the daemon (sftp://panel.danicdn.tech:2022) works fine via FileZilla. Node settings in Pterodactyl: SSL disabled, no proxy, maintenance mode disabled, daemon port 8080, SFTP port 2022.

2. Error messages and/or full log output:

journalctl -u caddy --no-pager | less +G shows a lot of logs, nothing related to the problem, just certificates being renovated

curl -vL http://wings.danicdn.tech:25565/up

Host wings.danicdn.tech:25565 was resolved.

IPv6: (none)

IPv4: 149.102.131.92

Trying 149.102.131.92:25565…

3. Caddy version:

v2.10.2 h1:g/gTYjGMD0dec+UgMw8SnfmJ3I9+M2TdvoRL/Ovu6U8=

4. How I installed and ran Caddy:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf ‘``https://dl.cloudsmith.io/public/caddy/stable/gpg.key’`` | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf ‘``https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt’`` | sudo tee /etc/apt/sources.list.d/caddy-stable.list
chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
chmod o+r /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

a. System environment:

Ubuntu 24.04.3 LTS in VPS, connected via Wireguard to Pterodactyl via http

b. Command:

systemctl start caddy

d. My complete Caddy config:

{
debug
}

panel.danicdn.tech → 10.0.0.2

panel.danicdn.tech {
reverse_proxy 10.0.0.2:80
}

wings.danicdn.tech → 10.0.0.2 (HTTP interno)

wings.danicdn.tech {
reverse_proxy http://10.0.0.2:8080

Si Wings no soporta HTTPS correctamente, usa el esquema http:// explícitamente

}

Proxy TCP para rango de ports de Wings

:25565-25999 {
reverse_proxy 10.0.0.2:25565-25999
transport tcp
}

dokploy.danicdn.tech → 10.0.0.3

dokploy.danicdn.tech {
reverse_proxy 10.0.0.3:3000
}

status.danicdn.tech → localhost:3001

status.danicdn.tech {
reverse_proxy localhost:3001
}

5. Links to relevant resources:

system · December 12, 2025, 8:56am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.