1. The problem I’m having:
I am currently setting up a caddy + prometheus + grafana monitoring,
caddy is installed natively on the server while prometheus and grafana are dockerized.
once I run curl -s http://localhost:2019/metrics
I get the metric just fine
I’m trying to change the admin endpoint to either 10.0.0.146
or 0.0.0.0
but it won’t let me and just give a 403 host not allowed
2. Error messages and/or full log output:
Error: sending configuration to instance: caddy responded with error: HTTP 403: {"error":"host not allowed: 10.0.0.146:2019"}
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
ran the lines on the caddy documentation
with sudo apt install caddy
and caddy reload --config /etc/caddy/Caddyfile
d. My complete Caddy config:
{
admin 10.0.0.146:2019
servers {
metrics
}
}
https://www.nyuware.pw, https://nyuware.pw {
tls nyuware@protonmail.com
root * /var/www/nyuware
file_server
encode zstd gzip
route {
respond /.well-known/matrix/server `{"m.server": "matrix.nyuware.pw:443"}`
}
header / {
-Server
Strict-Transport-Security "max-age=31536000; includesubdomains; preload"
X-Content-Type-Options nosniff
X-Frame-Options deny
X-XSS-Protection 1; mode=block
Referrer-Policy same-origin
Content-Security-Policy "default-src 'none'; base-uri 'self'; style-src 'self' 'unsafe-inline';script-src 'self'; font-src 'self'; img-src 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none';"
}
handle_errors {
rewrite * /error.html
templates
file_server
}
log {
output file /var/log/caddy/nyuware.pw-access.log {
roll_size 10mb
roll_keep 20
roll_keep_for 720h
}
}
}
132.145.254.107:80 {
route {
redir https://nyuware.pw
}
}
132.145.254.107:443 {
route {
redir https://nyuware.pw
}
}
mumble.nyuware.pw {
reverse_proxy http://localhost:64738
}
matrix.nyuware.pw {
reverse_proxy /_matrix/* http://localhost:8008
reverse_proxy /_synapse/client/* http://localhost:8008
}
bitwarden.nyuware.pw {
reverse_proxy /* http://localhost:8080
log {
output file /var/log/caddy/bitwarden/bitwarden.nyuware.pw-access.log {
roll_size 10mb
roll_keep 20
roll_keep_for 720h
}
}
}
wireguard.nyuware.pw {
reverse_proxy /* http://localhost:51820
log {
output file /var/log/wireguard/wireguard.nyuware.pw-access.log {
roll_size 10mb
roll_keep 20
roll_keep_for 720h
}
}
}
element.nyuware.pw {
root * /var/www/element
file_server
}
grafana.nyuware.pw {
reverse_proxy /* http://localhost:3000
}