Caddy2 caddyfile for tls without renewal and default port 80

hi,
i tried to setup without port 80 and trying to reverse proxy to my grpc services,
but it seems to trying to bind to port 443 even thou ive specified my custom port
here is my sample /etc/caddy/Caddyfile

https://grpc.example.com:8080 {
  tls /etc/letsencrypt/archive/grpc.example.com/fullchain1.pem /etc/letsencrypt/archive/grpc.example.com/privkey1.pem

  reverse_proxy localhost:8096
  reverse_proxy localhost:8097
  reverse_proxy localhost:8098
  reverse_proxy localhost:8099
}

skip_certificates ["grpc.example.com"]

and got this logs with caddy failing:

Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: JOURNAL_STREAM=9:33512689
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: {"level":"info","ts":1591725435.4115653,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: {"level":"info","ts":1591725435.4188461,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: 2020/06/09 17:57:15 [INFO][cache:0xc000778370] Started certificate maintenance routine
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: {"level":"info","ts":1591725435.4203157,"logger":"http","msg":"skipping automatic certificate management because one or more matching certificates are already loaded","domain":"grpc.example.com","server_name":"srv0"}
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: {"level":"info","ts":1591725435.4257758,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: {"level":"info","ts":1591725435.4264827,"logger":"tls","msg":"cleaned up storage units"}
Jun 09 17:57:15 ip-192-168-0-202 caddy[22116]: run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
Jun 09 17:57:15 ip-192-168-0-202 systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
Jun 09 17:57:15 ip-192-168-0-202 systemd[1]: caddy.service: Failed with result 'exit-code'.

Is that part of your Caddyfile? That’s invalid syntax.

This also doesn’t make sense either. Are you trying to load balance to multiple backends? In that case, then the correct syntax is this:

  reverse_proxy localhost:8096 localhost:8097 localhost:8098 localhost:8099

Or even shorter, you can use a port range:

  reverse_proxy localhost:8096-8099

Caddy tries to bind to port 80 to enable automatic HTTP->HTTPS redirects.

In Caddy v2.0, there’s no way to disable this from the Caddyfile, you would need to adapt your Caddyfile to JSON and disable automatic HTTPS:

If you’re willing to use a beta version, we’ve just released v2.1 beta 1 yesterday which adds an auto_https global option which allows you to disable either just the redirects or automatic HTTPS altogether.

You can get Caddy v2.1 beta 1 from here:

hi,

okay thank you, i will try using json file

You can do that, and there’s nothing wrong with that; but to clarify, you don’t need to; v2.1 (currently in beta, but available) can do it from the Caddyfile.

how do i setup tls with json?
the documentation is showing very weird json config

That’s the tls directive for the Caddyfile. If you’re configuring in JSON, you can safely set aside any Caddyfile-specific documentation.

Start by adapting your current Caddyfile: Command Line — Caddy Documentation

Once you have the adapted JSON, you’ll need to start editing it. Specifically, this key is the one you want to edit (previously linked above by @francislavoie): JSON Config Structure - Caddy Documentation

This topic was automatically closed after 30 days. New replies are no longer allowed.