1. Caddy version (caddy version
):
Caddy version: v2.3.0.
2. How I run Caddy:
Caddy is runned as docker container.
a. System environment:
Docker
b. Command:
wget https:caddy:8080
Wget command returns same error like my express server via proxy.
c. Service/unit/compose file:
caddy:
build:
context: api/
depends_on:
- php
- pwa
environment:
PWA_UPSTREAM: pwa:3000
SERVER_NAME: ${SERVER_NAME:-localhost}
SERVER_NAME_API: ${SERVER_NAME_API:-api.localhost, caddy:8080}
MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_PUBLISHER_JWT_KEY:-!ChangeMe!}
MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_SUBSCRIBER_JWT_KEY:-!ChangeMe!}
restart: unless-stopped
volumes:
- php_socket:/var/run/php
- caddy_data:/data
- caddy_config:/config
ports:
# HTTP
- target: 80
published: 80
protocol: tcp
# HTTPS
- target: 443
published: 443
protocol: tcp
# HTTP/3
- target: 443
published: 443
protocol: udp
# API
- target: 8080
published: 8080
protocol: tcp
d. My complete Caddyfile or JSON config:
{
# Debug
{$DEBUG}
# HTTP/3 support
servers {
protocol {
experimental_http3
}
}
}
# Matches requests for HTML documents, for static files and for
{$SERVER_NAME} {
reverse_proxy http://{$PWA_UPSTREAM}
log
}
{$SERVER_NAME_API} {
route {
root * /srv/api/public
mercure {
# Transport to use (default to Bolt)
transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
# Publisher JWT key
publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
# Subscriber JWT key
subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
# Allow anonymous subscribers (double-check that it's what you want)
anonymous
# Enable the subscription API (double-check that it's what you want)
subscriptions
# Extra directives
{$MERCURE_EXTRA_DIRECTIVES}
}
vulcain
push
# Add links to the API docs and to the Mercure Hub if not set explicitly (e.g. the PWA)
header ?Link `</docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation", </.well-known/mercure>; rel="mercure"`
# Comment the following line if you don't want Next.js to catch requests for HTML documents.
# In this case, they will be handled by the PHP app.
# reverse_proxy @pwa http://{$PWA_UPSTREAM}
php_fastcgi unix//var/run/php/php-fpm.sock
encode zstd gzip
file_server
}
}
3. The problem I’m having:
I’m trying to proxy requests in node.js server. I’m using express server.
app.use(
'/api',
proxy(process.env.REACT_APP_API_ENTRYPOINT || 'https://caddy:8080', {
limit: '100mb',
proxyReqOptDecorator(opts) {
// Remove in production
const cookies = parseCookies(opts);
opts.rejectUnauthorized = false;
opts.headers['x-forward-host'] = process.env.REACT_APP_BASE_URI || 'https://localhost';
opts.headers.cookie = '';
delete opts.headers.cookie;
if (cookies.token && cookies.token.length > 0)
opts.headers.Authorization = `Bearer ${cookies.token}`;
return opts;
},
proxyErrorHandler: function(err, res, next) {
console.log([err, res]);
next(err);
},
}),
);
4. Error messages and/or full log output:
Error: write EPROTO 140150939962696:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:…/deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 80
5. What I already tried:
I have access from my local machine via https://api.localhost and https://localhost.
I can’t use api.localhost insight my node container, so that must be part ot docker network. That’s why I’m using caddy:8080.