1. The problem I’m having:
Attempting to set up a caddyfile to reverse proxy a series of different ports on a local machine to a subdirectory of a domain name. One of these (ombi) is working as intended, and reverse proxies perfectly. The remainder don’t work - either they result in a black screen (in the case of plex, dynmap) or a 200 error.
2. Error messages and/or full log output:
* Trying 193.237.139.13:80...
* Connected to www.olliemon.co.uk (193.237.139.13) port 80 (#0)
> GET /plex HTTP/1.1
> Host: www.olliemon.co.uk
> User-Agent: curl/7.81.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://www.olliemon.co.uk/plex
< Server: Caddy
< Date: Tue, 05 Mar 2024 12:22:32 GMT
< Content-Length: 0
<
* Closing connection 0
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://www.olliemon.co.uk/plex'
* Trying 193.237.139.13:443...
* Connected to www.olliemon.co.uk (193.237.139.13) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=www.olliemon.co.uk
* start date: Mar 2 07:25:52 2024 GMT
* expire date: May 31 07:25:51 2024 GMT
* subjectAltName: host "www.olliemon.co.uk" matched cert's "www.olliemon.co.uk"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x55b9f25c9eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /plex HTTP/2
> Host: www.olliemon.co.uk
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 502
< alt-svc: h3=":443"; ma=2592000
< server: Caddy
< content-length: 0
< date: Tue, 05 Mar 2024 12:22:32 GMT
<
* Connection #1 to host www.olliemon.co.uk left intact
3. Caddy version:
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
4. How I installed and ran Caddy:
linux package - apt get
a. System environment:
Ubuntu 22.04.4 LTS - x86-64
b. Command:
Editing caddyfile via nano and reloading with caddy reload --config /etc/caddy/Caddyfile
d. My complete Caddy config:
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.
{
debug
}
https://www.olliemon.co.uk {
# Set this path to your site's directory.
root * /usr/share/caddy
# Enable the static file server.
file_server
# Another common task is to set up a reverse proxy:
# reverse_proxy localhost:8080
# Or serve a PHP site through php-fpm:
# php_fastcgi localhost:9000#
route /ombi* {
reverse_proxy 127.0.0.1:5000
}
route /map/* {
reverse_proxy 127.0.0.1:8123
}
route /plex* {
reverse_proxy 127.0.0.1:32400/web
}
route /webmin* {
reverse_proxy 127.0.0.1:10000
}
route /amp* {
reverse_proxy 127.0.0.1:8080
}
}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile