`caddy run` works as expected but `systemctl start caddy` causes 502

1. The problem I’m having:

I’ve set up a caddy server with cloudflare (xcaddy version 0.4.2)

I’m trying to host Pterodactyl, I’ve done it on another node, works perfectly there. I’ve checked a few things (permissions, caddy.service file, Caddyfile) and it seems to be the same in both of the nodes.

I get a 502 error every time I try to access the panel at panel.rajtech.me

Now, the weird thing is that if I cd /etc/caddy and then caddy run, it works perfectly! And no 502s too.

Now the issue. I don’t seem to get any error messages while running with either of them, no mater if the result is a 502 or if it’s a 200.

2. Error messages and/or full log output:

from /var/log/caddy/pterodactyl.log:

{"level":"info","ts":1719067250.2897885,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.2912579,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.3121483,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.3443904,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.3777118,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.4004006,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067250.8701012,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719067251.2758243,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"192.168.100.50","remote_port":"60045","client_ip":"192.168.100.50","proto":"HTTP/>{"level":"info","ts":1719168727.6295526,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"78.46.88.58","remote_port":"52428","client_ip":"78.46.88.58","proto":"HTTP/2.0",">{"level":"info","ts":1719168727.9666343,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"78.46.88.58","remote_port":"52430","client_ip":"78.46.88.58","proto":"HTTP/2.0",">{"level":"info","ts":1719168741.598044,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"43.230.163.178","remote_port":"34128","client_ip":"43.230.163.178","proto":"HTTP/2>{"level":"info","ts":1719168743.950465,"logger":"http.log.access.log0","msg":"handled request","request": 
 {"remote_ip":"172.105.37.103","remote_port":"55028","client_ip":"172.105.37.103","proto":"HTTP/2>

from the command:

Jun 23 19:00:47 one caddy[6488]: {"level":"debug","ts":1719169247.806457,"logger":"http.log.error.log0","msg":"dialing backend: dial unix /run/php/php8.1-fpm.sock: connect: permission denied","request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/server/d9af940b","headers":{"Sec-Fetch-Mode":["navigate"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Upgrade-Insecure-Requests":["1"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Fetch-Site":["same-origin"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Cookie":["REDACTED"],"Sec-Ch-Ua-Platform":["\"Windows\""],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Cache-Control":["max-age=0"],"Accept-Encoding":["gzip, deflate, br, zstd"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}},"duration":0.000800255,"status":502,"err_id":"ckdr1mtd0","err_trace":"reverseproxy.statusError (reverseproxy.go:1269)"}
Jun 23 19:00:48 one caddy[6488]: {"level":"debug","ts":1719169248.2728646,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/server/d9af940b","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Upgrade-Insecure-Requests":["1"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Accept-Language":["en-US,en;q=0.9"],"Cookie":["REDACTED"],"Cache-Control":["max-age=0"],"Sec-Fetch-Site":["same-origin"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}},"method":"GET","uri":"/index.php"}
Jun 23 19:00:48 one caddy[6488]: {"level":"debug","ts":1719169248.2729306,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"/run/php/php8.1-fpm.sock","total_upstreams":1}
Jun 23 19:00:48 one caddy[6488]: {"level":"debug","ts":1719169248.2730718,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/index.php","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-For":["192.168.100.50"],"X-Forwarded-Proto":["https"],"Cookie":["REDACTED"],"Sec-Fetch-Site":["same-origin"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Host":["panel.rajtech.me"],"Cache-Control":["max-age=0"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}},"env":{"SERVER_SOFTWARE":"Caddy/v2.8.4","HTTPS":"on","PHP_VALUE":"upload_max_filesize = 100M \\n post_max_size = 100M","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.9","HTTP_SEC_FETCH_USER":"?1","AUTH_TYPE":"","GATEWAY_INTERFACE":"CGI/1.1","REMOTE_PORT":"65510","HTTP_X_FORWARDED_PROTO":"https","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_SEC_FETCH_SITE":"same-origin","SERVER_NAME":"panel.rajtech.me","SCRIPT_NAME":"/index.php","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","HTTP_PROXY":"","HTTP_CACHE_CONTROL":"max-age=0","SERVER_PROTOCOL":"HTTP/3.0","HTTP_HOST":"panel.rajtech.me","SSL_PROTOCOL":"TLSv1.3","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","HTTP_USER_AGENT":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0","HTTP_ACCEPT_ENCODING":"gzip, deflate, br, zstd","REMOTE_ADDR":"192.168.100.50","REMOTE_USER":"","HTTP_X_FORWARDED_FOR":"192.168.100.50","REQUEST_SCHEME":"https","DOCUMENT_ROOT":"/var/www/pterodactyl/public","DOCUMENT_URI":"/index.php","HTTP_SEC_CH_UA_PLATFORM":"\"Windows\"","HTTP_SEC_FETCH_DEST":"document","REMOTE_IDENT":"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","QUERY_STRING":"","HTTP_SEC_FETCH_MODE":"navigate","HTTP_SEC_CH_UA":"\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\"","PATH_INFO":"","REMOTE_HOST":"192.168.100.50","HTTP_SEC_CH_UA_MOBILE":"?0","SERVER_PORT":"443","HTTP_COOKIE":"","HTTP_X_FORWARDED_HOST":"panel.rajtech.me","CONTENT_LENGTH":"","REQUEST_URI":"/server/d9af940b","SCRIPT_FILENAME":"/var/www/pterodactyl/public/index.php"},"dial":"/run/php/php8.1-fpm.sock","env":{"SERVER_PROTOCOL":"HTTP/3.0","HTTP_HOST":"panel.rajtech.me","SSL_PROTOCOL":"TLSv1.3","HTTP_PROXY":"","HTTP_CACHE_CONTROL":"max-age=0","REMOTE_ADDR":"192.168.100.50","REMOTE_USER":"","HTTP_X_FORWARDED_FOR":"192.168.100.50","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","HTTP_USER_AGENT":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0","HTTP_ACCEPT_ENCODING":"gzip, deflate, br, zstd","REMOTE_IDENT":"","CONTENT_TYPE":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"https","DOCUMENT_ROOT":"/var/www/pterodactyl/public","DOCUMENT_URI":"/index.php","HTTP_SEC_CH_UA_PLATFORM":"\"Windows\"","HTTP_SEC_FETCH_DEST":"document","QUERY_STRING":"","HTTP_SEC_FETCH_MODE":"navigate","PATH_INFO":"","REMOTE_HOST":"192.168.100.50","HTTP_SEC_CH_UA_MOBILE":"?0","HTTP_SEC_CH_UA":"\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\"","CONTENT_LENGTH":"","REQUEST_URI":"/server/d9af940b","SCRIPT_FILENAME":"/var/www/pterodactyl/public/index.php","SERVER_PORT":"443","HTTP_COOKIE":"","HTTP_X_FORWARDED_HOST":"panel.rajtech.me","AUTH_TYPE":"","GATEWAY_INTERFACE":"CGI/1.1","REMOTE_PORT":"65510","SERVER_SOFTWARE":"Caddy/v2.8.4","HTTPS":"on","PHP_VALUE":"upload_max_filesize = 100M \\n post_max_size = 100M","HTTP_ACCEPT_LANGUAGE":"en-US,en;q=0.9","HTTP_SEC_FETCH_USER":"?1","SERVER_NAME":"panel.rajtech.me","SCRIPT_NAME":"/index.php","SSL_CIPHER":"TLS_AES_128_GCM_SHA256","HTTP_X_FORWARDED_PROTO":"https","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_SEC_FETCH_SITE":"same-origin"},"request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/index.php","headers":{"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Host":["panel.rajtech.me"],"Cookie":["REDACTED"],"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-For":["192.168.100.50"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Fetch-Site":["same-origin"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Upgrade-Insecure-Requests":["1"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}}}
Jun 23 19:00:48 one caddy[6488]: {"level":"debug","ts":1719169248.2733037,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//run/php/php8.1-fpm.sock","duration":0.000322879,"request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/index.php","headers":{"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Fetch-Site":["same-origin"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"X-Forwarded-Host":["panel.rajtech.me"],"Cookie":["REDACTED"],"Sec-Ch-Ua-Platform":["\"Windows\""],"X-Forwarded-For":["192.168.100.50"],"X-Forwarded-Proto":["https"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}},"error":"dialing backend: dial unix /run/php/php8.1-fpm.sock: connect: permission denied"}
Jun 23 19:00:48 one caddy[6488]: {"level":"debug","ts":1719169248.2734032,"logger":"http.log.error.log0","msg":"dialing backend: dial unix /run/php/php8.1-fpm.sock: connect: permission denied","request":{"remote_ip":"192.168.100.50","remote_port":"65510","client_ip":"192.168.100.50","proto":"HTTP/3.0","method":"GET","host":"panel.rajtech.me","uri":"/server/d9af940b","headers":{"Accept-Encoding":["gzip, deflate, br, zstd"],"Accept-Language":["en-US,en;q=0.9"],"Cookie":["REDACTED"],"Cache-Control":["max-age=0"],"Sec-Fetch-Site":["same-origin"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 OPR/109.0.0.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua":["\"Opera GX\";v=\"109\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\""],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Upgrade-Insecure-Requests":["1"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"panel.rajtech.me"}},"duration":0.000795734,"status":502,"err_id":"4jvx92yc5","err_trace":"reverseproxy.statusError (reverseproxy.go:1269)"}

3. Caddy version:

v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

# Installing xcaddy

CADDY_ARCH="amd64"

wget -q "https://github.com/caddyserver/xcaddy/releases/download/v0.4.2/xcaddy_0.4.2_linux_${CADDY_ARCH}.deb"
apt install "./xcaddy_0.4.2_linux_${CADDY_ARCH}.deb"



# Installing GO

curl -OL https://golang.org/dl/go1.22.4.linux-amd64.tar.gz
sudo tar -C /usr/local -xvf go1.22.4.linux-amd64.tar.gz

sudo nano ~/.profile

# paste in LAST line:
export PATH=$PATH:/usr/local/go/bin

source ~/.profile
go version


# Creating files

mkdir /etc/caddy

sudo nano /etc/caddy/Caddyfile
# PUT ONE SPACE INTO THE FILE AND THEN SAVE (to save it to disk instead of just exiting)


# Building with xcaddy

xcaddy build --with github.com/caddy-dns/cloudflare

sudo mv caddy /usr/bin/

sudo groupadd --system caddy

sudo useradd --system \
    --gid caddy \
    --create-home \
    --home-dir /var/lib/caddy \
    --shell /usr/sbin/nologin \
    --comment "Caddy web server" \
    caddy



# Adding caddy as a service

sudo nano /etc/systemd/system/caddy.service
# PASTE IN STUFF FROM: https://github.com/caddyserver/dist/blob/master/init/caddy.service
# some changes were made

sudo systemctl daemon-reload
sudo systemctl enable --now caddy

a. System environment:

  • Ubuntu 24.04
  • 64 bit
  • Caddy v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

b. Command:

systemctl start caddy

and

caddy run

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --envfile /etc/caddy/.secrets.env --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

{
        servers {
                trusted_proxies static private_ranges
        }
}

#
#       rajtech.me
#

rajtech.me {
        root * /var/www/rajtech.me
        root /share/* /mnt/A/server-files/

        file_server /share/
        file_server /share/* browse

        file_server

        # Redirect root domain to /me
        redir / /me
        redir /share /share/

        # 404 handler
        handle_errors {
                @404 {
                        expression {http.error.status_code} == 404
                }
                redir @404 /me/404
                file_server
        }

        # Other redirects
        redir /r/srg https://discord.gg/0
        redir /r/analytics-bot https://discord.com/api/oauth2/authorize?client_id=0&permissions=76816&scope=bot%20applications.commands

        # Social Media Redirects
        redir /r/instagram https://instagram.com/0
        redir /r/reddit https://reddit.com/r/0
        redir /r/github https://github.com/0
        redir /r/telegram https://t.me/0
        redir /r/discord https://discord.com/users/0
}

panel.rajtech.me {
        root * /var/www/pterodactyl/public

        file_server

        php_fastcgi unix//run/php/php8.1-fpm.sock {
                root /var/www/pterodactyl/public
                index index.php

                env PHP_VALUE "upload_max_filesize = 100M \n post_max_size = 100M"
                env HTTP_PROXY ""
                env HTTPS "on"

                read_timeout 300s
                dial_timeout 300s
                write_timeout 300s
        }

        header Strict-Transport-Security "max-age=16768000; preload;"
        header X-Content-Type-Options "nosniff"
        header X-XSS-Protection "1; mode=block;"
        header X-Robots-Tag "none"
        header Content-Security-Policy "frame-ancestors 'self'"
        header X-Frame-Options "DENY"
        header Referrer-Policy "same-origin"

        request_body {
                max_size 100m
        }

        respond /.ht* 403

        tls {
                dns cloudflare {env.RAJ_CLOUDFLARE_API_TOKEN}
        }

        log {
                output file /var/log/caddy/pterodactyl.log {
                    roll_size 100MiB
                    roll_keep_for 7d
                }
                level INFO
            }

}

bpsapi.rajtech.me {
        root * /var/www/bpsapi.rajtech.me/

        # Define routes for static backends
        handle_path /three/* {
                rewrite * {path}
                reverse_proxy http://three.nodes.rajtech.me:5641
        }

        handle_path /oracleone/* {
                rewrite * {path}
                reverse_proxy http://oracleone.nodes.rajtech.me:5001
        }

        # Give preference to the local server for circular images
        route /circular-image/* {
                reverse_proxy http://three.nodes.rajtech.me:5641 http://oracleone.nodes.rajtech.me:5001 {
                        health_uri /
                        lb_try_duration 5s
                        lb_policy first

                        @error status 500 502 503
                        handle_response @error {
                                reverse_proxy * http://oracleone.nodes.rajtech.me:5001
                        }
                }
        }

        # Give preference to the off-site server for the rest of the API
        route /* {
                file_server /docs*
                reverse_proxy http://oracleone.nodes.rajtech.me:5001 http://three.nodes.rajtech.me:5641 {
                        health_uri /
                        lb_try_duration 5s
                        lb_policy first

                        @error status 500 502 503
                        handle_response @error {
                                reverse_proxy * http://three.nodes.rajtech.me:5641
                        }
                }
        }

        # Redirect /v1/* to /* (legacy api url)
        redir /v1 /
        handle_path /v1/* {
                rewrite * {path}
        }

        # Other Redirects
        redir /r/discord-bot-invite https://discord.com/api/oauth2/authorize?client_id=1009533262533767258&permissions=16&scope=bot%20applications.commands
        redir /r/discord-bot https://github.com/BPS-Circular-API/discord-bot
        redir /r/docs-page https://github.com/BPS-Circular-API/docspage
        redir /r/python-package https://github.com/BPS-Circular-API/python-package
        redir /r/api https://github.com/BPS-Circular-API/api

        # For SSL
        tls {
                dns cloudflare {env.RAJ_CLOUDFLARE_API_TOKEN}
        }
}

#share.rajtech.me {
#       reverse_proxy http://192.168.100.80:9090
#
#       tls {
#               dns cloudflare {RAJ_CLOUDFLARE_API_TOKEN}
#       }
#}

#
#       valnarrator.tech
#

api.valnarrator.tech {
        reverse_proxy http://192.168.100.80:8005

        tls {
                dns cloudflare {env.YASH_CLOUDFLARE_API_TOKEN}
        }
}

valnarrator.tech {
        reverse_proxy http://192.168.100.80:8006

        tls {
                dns cloudflare {env.YASH_CLOUDFLARE_API_TOKEN}
        }
}


5. Links to relevant resources:

Make sure the caddy user has permissions to read that. If it’s owned by www-data like I assume, your caddy user should also be part of the www-data group.

If you install Caddy using our apt repo, it would do this for you automatically. See Install — Caddy Documentation, and Build from source — Caddy Documentation to set things up for your custom build, then follow Keep Caddy Running — Caddy Documentation for usage.

2 Likes