1. Caddy version (caddy version):
v2.2.1
2. How I run Caddy:
I run caddy using Caddyfile
a. System environment:
Docker on Raspberry pi
b. Command: I use docker-compose to run the container
version: '3.3'
services:
# Webserver
caddy:
container_name: webserver
image: caddy:alpine
restart: always
ports:
- 80:80
- 443:443
- 8080:8080
- 2016:2016
volumes:
- ./caddy_data:/data
- ./Caddyfile:/etc/caddy/Caddyfile
d. My complete Caddyfile or JSON config:
{
debug
}
# 192.168.200.184 is the IP of my Raspberry pi
192.168.200.184:80 {
respond "<h1>Hello, world!</h1>"
}
192.168.200.184:2016 {
respond "<h1>2016 world!</h1>"
}
192.168.200.184:8080 {
respond "<h1>8080 world!</h1>"
}
3. The problem I’m having:
I want Caddy to show different content on different ports:
Important note: I am connecting to the Raspberry pi from another machine which is not Raspberry pi, but it is located in the same network without any firewall.
- 192.168.200.184:80 - Hello, world!
- 192.168.200.184:2016 - 2016 world!
- 192.168.200.184:8080 - 8080 world!
192.168.200.184:80 is working giving me the Hello, world! output.
Other two adresses give me “Client sent an HTTP request to an HTTPS server.” error.
When I try to curl :
curl https://192.168.200.184:2016/
curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
4. Error messages and/or full log output:
Docker webserver container log:
{"level":"info","ts":1607416224.9398613,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"info","ts":1607416224.9444163,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["[::1]:2019","127.0.0.1:2019","localhost:2019"]}
{"level":"info","ts":1607416224.9449062,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"}
{"level":"info","ts":1607416224.9449925,"logger":"http","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv2","http_port":80}
{"level":"info","ts":1607416224.944985,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x3030ff0"}
{"level":"info","ts":1607416224.945098,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1607416224.9484563,"logger":"tls","msg":"setting internal issuer for automation policy that has only internal subjects but no issuer configured","subjects":["192.168.200.184"]}
{"level":"warn","ts":1607416224.948698,"logger":"http","msg":"user server is listening on same interface as automatic HTTP->HTTPS redirects; user-configured routes might override these redirects","server_name":"srv2","interface":"tcp/:80"}
{"level":"warn","ts":1607416225.0678256,"logger":"pki.ca.local","msg":"installing root certificate (you might be prompted for password)","path":"storage:pki/authorities/local/root.crt"}
2020/12/08 08:30:25 Warning: "certutil" is not available, install "certutil" with "apt install libnss3-tools" or "yum install nss-tools" and try again
2020/12/08 08:30:25 define JAVA_HOME environment variable to use the Java trust
2020/12/08 08:30:25 certificate installed properly in linux trusts
{"level":"debug","ts":1607416225.1643808,"logger":"http","msg":"starting server loop","address":"[::]:2016","http3":false,"tls":true}
{"level":"debug","ts":1607416225.1647718,"logger":"http","msg":"starting server loop","address":"[::]:8080","http3":false,"tls":true}
{"level":"debug","ts":1607416225.1649318,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
{"level":"info","ts":1607416225.1649745,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["192.168.200.184"]}
{"level":"warn","ts":1607416225.1680658,"logger":"tls","msg":"stapling OCSP","error":"no OCSP stapling for [192.168.200.184]: no OCSP server specified in certificate"}
{"level":"info","ts":1607416225.1686044,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1607416225.1686516,"msg":"serving initial configuration"}
{"level":"info","ts":1607416225.1707876,"logger":"tls","msg":"cleaned up storage units"}
5. What I already tried:
I tried to map different ports in docker-compose.yml like:
version: '3.3'
services:
# Webserver
caddy:
container_name: webserver
image: caddy:alpine
restart: always
ports:
- 80:80
- 443:443
- 8080:8000
- 2016:2000
volumes:
- ./caddy_data:/data
- ./Caddyfile:/etc/caddy/Caddyfile
Which gave me - “192.168.200.184 refused to connect” when connecting to 8080 or 2016 ports.
Also tried:
version: '3.3'
services:
# Webserver
caddy:
container_name: webserver
image: caddy:alpine
restart: always
ports:
- 80:80
- 443:443
- 8080:80
- 2016:80
volumes:
- ./caddy_data:/data
- ./Caddyfile:/etc/caddy/Caddyfile
Which gave me - “Hello, world!” when connecting to 80, 8080 or 2016 ports.
6. Links to relevant resources:
I am following quickstart tutorial: Caddyfile Quick-start — Caddy Documentation
I know this is probably a supernoob question, but I can not understand what am I doing wrong and why is it trying to make 8080 and 2016 ports go to https.
Thank you very much!