1. The problem I’m having:
I’m running Caddy on Alpine Linux primarily but not exclusively as a reverse proxy. The configuration validates and works without any issues. However the daemon does not seem to want to keep running. The init system is OpenRC and there appears to be a disconnect between the init system and the actual daemon for the following reasons:
- even though the service is enabled, it does not start on a reboot
- I can start the service with
rc-service caddy start
and it will start, but runningrc-service caddy status
about 30 seconds later will show the caddy.service as stopped, even though it is still serving a static site and working as a reverse proxy. - I can start Caddy with
caddy start
and it starts just fine, but this does not update the status in OpenRC as runningrc-service caddy status
shows it as stopped - some hours after starting Caddy, I am not sure how long, it seems to stop on its own, and I have to SSH to the server and run
caddy start
to get it going again.
The primary purpose if this server is to allow me access to Apache Guacamole, so it needs to stay running or I may not have access to SSH to restart the service, depending on where I am.
caddy:/etc/caddy# cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.18.3
PRETTY_NAME="Alpine Linux v3.18"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"
caddy:/etc/caddy# rc-update show --all
bootmisc | boot
caddy | default
crond | default
devfs | boot
hostname | boot
killprocs | shutdown
networking | boot default
savecache | shutdown
sshd | default
syslog | boot
2. Error messages and/or full log output:
Not getting any error messages anywhere, unless you consider the output of rc-service caddy status
showing as “stopped” when it is in fact running.
caddy:/etc/caddy# rc-service caddy status
* status: stopped
caddy:/etc/caddy# caddy stop
caddy:/etc/caddy# rc-service caddy status
* status: stopped
caddy:/etc/caddy# caddy start
2023/08/22 21:47:46.972 INFO using adjacent Caddyfile
2023/08/22 21:47:46.974 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2023/08/22 21:47:46.974 INFO http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2023/08/22 21:47:46.974 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2023/08/22 21:47:46.974 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv1"}
2023/08/22 21:47:46.974 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003f8400"}
2023/08/22 21:47:46.975 INFO http enabling HTTP/3 listener {"addr": ":443"}
2023/08/22 21:47:46.975 INFO failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details.
2023/08/22 21:47:46.975 INFO http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2023/08/22 21:47:46.975 INFO http enabling HTTP/3 listener {"addr": ":8000"}
2023/08/22 21:47:46.975 INFO http.log server running {"name": "srv1", "protocols": ["h1", "h2", "h3"]}
2023/08/22 21:47:46.976 INFO http.log server running {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2023/08/22 21:47:46.976 INFO http enabling automatic TLS certificate management {"domains": ["access.reid.li", "port.reid.li", "guac.reid.li", "pve.reid.li", "gw.reid.li", "guac.prime42.wtf"]}
2023/08/22 21:47:46.978 INFO tls cleaning storage unit {"description": "FileStorage:/root/.local/share/caddy"}
2023/08/22 21:47:46.978 INFO autosaved config (load with --resume flag) {"file": "/root/.config/caddy/autosave.json"}
2023/08/22 21:47:46.978 INFO serving initial configuration
Successfully started Caddy (pid=732) - Caddy is running in the background
2023/08/22 21:47:46.979 INFO tls finished cleaning storage units
caddy:/etc/caddy# rc-service caddy status
* status: stopped
3. Caddy version:
caddy:/etc/caddy# caddy version
v2.7.3 h1:eMCNjOyMgB5A1KgOzT2dXKR4I0Va+YHCJYC8HHu+DP0=
4. How I installed and ran Caddy:
apk add caddy
a. System environment:
Running in a Linux Container (LXC) on Proxmox. The only issue I am having is the service not starting at boot and not remaining running after a time. I am not sure what part of the running environment is relevant to include.
b. Command:
caddy start
Caddy file is in the default location of /etc/caddy, and I have cd /etc/caddy
in the .profile to make it easier to work with, IE I don’t need to specify full path if I edit, validate, etc. the Caddyfile. This is a single purpose container, so nothing is running on it that does not need to.
c. Service/unit/compose file:
d. My complete Caddy config:
caddy:/etc/caddy# cat Caddyfile
access.reid.li {
basicauth {
john [Hashed Password REDACTED]
}
root * /var/www
encode gzip
file_server {
hide .git
}
log {
output file /var/log/caddy/access.log
}
header {
?Cache-Control "max-age=1800"
}
}
pve.reid.li {
reverse_proxy 172.20.17.50:8006 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
port.reid.li:443 {
reverse_proxy 172.20.17.51:9443 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
tcp://port.reid.li:8000 {
reverse_proxy 172.20.17.51:8000 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
guac.reid.li {
basicauth {
john [Hashed Password REDACTED]
admin [Hashed Password REDACTED]
}
reverse_proxy 172.20.17.53:8080
}
guac.prime42.wtf {
basicauth {
marc [Hashed Password REDACTED]
}
reverse_proxy 172.20.17.53:8080
}
gw.reid.li {
basicauth {
john [Hashed Password REDACTED]
}
reverse_proxy 172.20.17.1:443 {
transport http {
tls
tls_insecure_skip_verify
}
}
}
5. Links to relevant resources:
https://wiki.alpinelinux.org/wiki/OpenRC
.EOF