Can't access docker container running with network-mode host

Help
1

1. The problem I’m having:

Im trying to setup UpSnap for my homelab in order to use it to start some devices like my NAS remotely. Hoewever, I’m struggling with integrating it with Caddy. I have deployed Caddy as well as all my services using Docker with them all being in the same network. This works great, but I need to run UpSnap with network-mode set to host as otherwise sending the WOL magic packets won’t work. Now I can’t access the UpSnap container from my Caddy container. Any help or alternative solutions would be welcome! Thanks!

2. Error messages and/or full log output:

{
	"level": "error",
	"ts": 1719072621.3118887,
	"logger": "http.log.error",
	"msg": "dial tcp 172.17.0.1:8090: i/o timeout",
	"request": {
		"remote_ip": "172.18.0.1",
		"remote_port": "58399",
		"client_ip": "172.18.0.1",
		"proto": "HTTP/2.0",
		"method": "GET",
		"host": "upsnap.ts.krimphove.site",
		"uri": "/",
		"headers": {
			"Sec-Fetch-Dest": ["document"],
			"Dnt": ["1"],
			"Sec-Gpc": ["1"],
			"Te": ["trailers"],
			"User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0"],
			"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],
			"Accept-Language": ["en-GB,en;q=0.5"],
			"Upgrade-Insecure-Requests": ["1"],
			"Priority": ["u=1"],
			"Accept-Encoding": ["gzip, deflate, br, zstd"],
			"Sec-Fetch-Mode": ["navigate"],
			"Sec-Fetch-Site": ["none"],
			"Sec-Fetch-User": ["?1"]
		},
		"tls": {
			"resumed": false,
			"version": 772,
			"cipher_suite": 4867,
			"proto": "h2",
			"server_name": "upsnap.ts.krimphove.site"
		}
	},
	"duration": 3.002459921,
	"status": 502,
	"err_id": "zx82vjgb8",
	"err_trace": "reverseproxy.statusError (reverseproxy.go:1269)"
}

3. Caddy version:

v2.8.4

4. How I installed and ran Caddy:

a. System environment:

Running it on a Raspberry Pi (Ubuntu Server 24.04 LTS) inside a Docker container using docker compose. All my devices including the pi are on a Tailscale tailnet and the I have a wildcard DNS entry pointing to the tailnet ip of the pi.

b. Command:

docker compose up -d

c. Service/unit/compose file:

dockerfile:

FROM caddy:2.8.4-builder AS caddy-builder

RUN xcaddy build \
    --with github.com/caddy-dns/cloudflare

FROM caddy:2.6.1-alpine

COPY --from=caddy-builder /usr/bin/caddy /usr/bin/caddy

Caddy:

services:
  caddy:
    build:
      context: ./
      dockerfile: dockerfile
    image: caddy:cloudflare
    container_name: caddy
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
    networks:
      - caddy

    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy_data:/data
      - caddy_config:/config

    extra_hosts:
      - host.docker.internal:host-gateway


volumes:
  caddy_data:
  caddy_config:

networks:
  caddy:
    external: true

UpSnap:

services:
  upsnap:
    container_name: upsnap
    image: ghcr.io/seriousm4x/upsnap:latest
    network_mode: host
    restart: unless-stopped
    volumes:
      - ./data:/app/pb_data
    environment:
      - TZ=Europe/Berlin

d. My complete Caddy config:

(cloudflare) {
  tls {
    dns cloudflare <key>
  }
}

# whoami
whoami.ts.krimphove.site {
  reverse_proxy whoami:80
  import cloudflare
}

# upsnap
upsnap.ts.krimphove.site {
  reverse_proxy host.docker.internal:8090
  import cloudflare
}

5. Links to relevant resources:

2

I don’t think this is necessary anymore, but I might be wrong. I think it was only needed in earlier versions of Docker.

Are you sure that app is listening on port 8090?

Either way, this is a networking issue with your Docker setup, not really a Caddy issue specifically.

1 Like
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.