1. Caddy version (caddy version
):
v2.2.0
2. How I run Caddy:
caddy-api on ubuntu vm
a. System environment:
ubuntu 20.04
b. Command:
systemctl start caddy-api
c. Service/unit/compose file:
# caddy-api.service
#
# For using Caddy with its API.
#
# This unit is "durable" in that it will automatically resume
# the last active configuration if the service is restarted.
#
# See https://caddyserver.com/docs/install for instructions.
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target
[Service]
User=caddy
Group=caddy
Environment="CONSUL_HTTP_ADDR=https://consul01p.net.work:8500"
ExecStart=/usr/bin/caddy run --environ --resume
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile or JSON config:
N/A
3. The problem I’m having:
Hi there,
I’m trying to send traffic back to the 80 port (http) after receiving the requests on port 443 on my caddy server.
The application behind (web server) can’t run with 443 so I must redirect the traffic to 80.
This is what my configuration look like :
{
"handle": [{
"handler": "reverse_proxy",
"transport": {
"protocol": "http"
},
"upstreams": [
{
"dial": "app1.net.work:80"
}
]
}
],
"match": [
{
"host": [
"app.net.work"
],
"path": [
"/app1",
"/APP1"
]
}
]
}
4. Error messages and/or full log output:
This is what I can found on my error log (caddy)
{"level":"debug","ts":1610460556.342307,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"app1.net.work:80","request":{"remote_addr":"ip1.ip1.ip1.ip1:42906","proto":"HTTP/1.1","method":"GET","host":"app.net.work","uri":"/app1","headers":{"User-Agent":["curl/7.29.0"],"X-Forwarded-For":["ip1.ip1.ip1.ip1"],"Accept":["*/*"],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":771,"cipher_suite":49200,"proto":"","proto_mutual":true,"server_name":"app.net.work"}},"duration":0.006666728,"error":"tls: first record does not look like a TLS handshake"}
{"level":"error","ts":1610460556.3427713,"logger":"http.log.error.app","msg":"tls: first record does not look like a TLS handshake","request":{"remote_addr":"ip1.ip1.ip1.ip1:42906","proto":"HTTP/1.1","method":"GET","host":"app.net.work","uri":"/app1","headers":{"User-Agent":["curl/7.29.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":771,"cipher_suite":49200,"proto":"","proto_mutual":true,"server_name":"app.net.work"}},"duration":0.00718922,"status":502,"err_id":"rc8vpzpr0","err_trace":"reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:440)"}
5. What I already tried:
I tried to change port to 443 : app1.net.work:443 but like I said server can’t reply on this port so I’m ending up with error 502 too.
I don’t want to set to false “automatic_https” as I need it for the other servers proxied by caddy.
6. Links to relevant resources:
N/A
Also it is supposed to redirect to app1.net.work/app1 if it matches path /app1 but I did not find how to do it properly yet since I’m being stuck on the SSL offload first.
Thx for your help,
Regards,