Caddy returns blank page: HAProxy > Caddy > Docker Service

stitch10925 · January 7, 2024, 10:12pm

1. The problem I’m having:

I have HAProxy as front-end loadbalancer. It forwards the requests to a Caddy server running inside of Docker which then forwards the request to the correct Docker service.

When I access the local URL (So directly from Client > Caddy > Docker service) the page loads fine. However, when accessing via the public URL (Client > HAProxy > Caddy > Docker service) a blank page with status 200 is returned.

Some more background info:

At first I got a “too many redirects” error when trying to access the public URL. After I disabled https in Caddy this error disappeared but then I was confronted with the blank page issue I am having now.

2. Error messages and/or full log output:

Oddly enough nothing is logged in Caddy about the request. I also see no helpful logging in HAProxy (??).

2024-01-07T23:01:37	haproxy[79500]	Connect from 192.168.13.51:39672 to 212.233.45.115:443 (HTTPS/HTTP)	 
2024-01-07T23:01:37	haproxy[79500]	Connect from 192.168.13.51:39672 to 212.233.45.115:443 (HTTPS/HTTP)	 
2024-01-07T23:01:35	haproxy[79500]	Connect from 192.168.13.51:39672 to 212.233.45.115:443 (HTTPS/HTTP)	 
2024-01-07T23:01:35	haproxy[79500]	Connect from 192.168.13.51:39672 to 212.233.45.115:443 (HTTPS/HTTP)

3. Caddy version:

v2.7.6

4. How I installed and ran Caddy:

Caddy is running in Docker started via a Stack.

version: '3.8'

services:
  app:
    restart: always
    image: caddy:2.7.6-alpine
    dns: 127.0.0.11 # Prevent name resolution for domains outside of docker
    ports:
    - target: 80
      published: 80
      protocol: tcp
      mode: host
    - target: 443
      published: 443
      protocol: tcp
      mode: host
    - target: 443
      published: 443
      protocol: udp
      mode: host
    - target: 2019
      published: 62019
      protocol: tcp
      mode: host
    hostname: lb.dobbelr.lan
    networks:
    - host
    volumes:
    - config:/config
    - data:/data
    - file:/srv
    command: ["caddy", "run", "--resume"]
    deploy:
      endpoint_mode: dnsrr
      mode: replicated
      replicas: 1
      placement:
        constraints:
        - node.role==manager
    environment:
      CADDY_ADMIN: 0.0.0.0:2019

volumes:
  config:
    driver: local
    driver_opts:
      type: "nfs"
      o: <redacted>
      device: <redacted>
  data:
    driver: local
    driver_opts:
      type: "nfs"
      o: <redacted>
      device: <redacted>
  file:
    driver: local
    driver_opts:
      type: "nfs"
      o: <redacted>
      device: <redacted>

networks:
  host:
    name: caddy-network
    external: true

My complete Caddy config:

{
	debug
	auto_https off
}

ntfy.internal.lan:80 {
	reverse_proxy {
		dynamic a {hostport} {
			resolvers 127.0.0.11
		}
		lb_policy cookie
	}
}

francislavoie · January 7, 2024, 10:48pm

Make sure HAProxy preserves & forwards the Host header, or sets it to the same Host that Caddy expects (e.g. ntfy.internal.lan).

stitch10925 · January 7, 2024, 11:38pm

@francislavoie

Thank you for the fast reply! I didn’t know what you meant at first. I looked into it but it seems that HAProxy does not strip host headers. Then it clicked: My public URL is not the same as the internal URL, and since I didn’t override it, Caddy received a host header it had no entries for, and so it just did nothing.

Setting the host header in HAProxy did the trick!

Thank you very much.