Can't get Caddy to run Docker Containers on a VPS

DaveP · August 3, 2024, 6:54pm

1. The problem I’m having:

New to Caddy here.
I am on a VPS with one fixed IP. I installed Caddy and set up a static site which worked fine. I then installed docker and then a Docker container and put it a port on the main IP.
I can display the web page fine by webtest.petterson.network
I can access the container by [MYIP]:3000
but exttest.petterson.network times out.

It doesn’t work and times out all the time.
I tried localhost:3000 and homepage:3000 which was the docker name.
No joy.
Any ideas?

2. Error messages and/or full log output:

/etc/caddy# caddy start
2024/08/03 17:52:24.526	INFO	using adjacent Caddyfile
2024/08/03 17:52:24.529	INFO	adapted config to JSON	{"adapter": "caddyfile"}
2024/08/03 17:52:24.530	INFO	admin	admin endpoint started	{"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/08/03 17:52:24.531	INFO	http.auto_https	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2024/08/03 17:52:24.531	INFO	http.auto_https	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
2024/08/03 17:52:24.531	DEBUG	http.auto_https	adjusted config	{"tls": {"automation":{"policies":[{"subjects":["exttest.petterson.network","webtest.petterson.network"]},{}],"renew_interval":1800000000000}}, "http": {"grace_period":10000000000,"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}],"logs":{"logger_names":{"webtest.petterson.network":["log0"]},"skip_hosts":["exttest.petterson.network"]}},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"localhost:3000"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"vars","root":"/var/www/html/code"},{"encodings":{"gzip":{},"zstd":{}},"handler":"encode","prefer":["zstd","gzip"]},{"handler":"file_server","hide":["./Caddyfile"]}]}]}],"terminal":true}],"errors":{"routes":[{"match":[{"host":["webtest.petterson.network"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"body":"{http.error.status_code} {http.error.status_text}","handler":"static_response"}]}]}],"terminal":true}]},"tls_connection_policies":[{}],"automatic_https":{},"logs":{"logger_names":{"webtest.petterson.network":["log0"]},"skip_hosts":["exttest.petterson.network"]}}}}}
2024/08/03 17:52:24.531	INFO	tls.cache.maintenance	started background certificate maintenance	{"cache": "0xc0004a8c00"}
2024/08/03 17:52:24.531	INFO	http	enabling HTTP/3 listener	{"addr": ":443"}
2024/08/03 17:52:24.531	DEBUG	http	starting server loop	{"address": "[::]:443", "tls": true, "http3": true}
2024/08/03 17:52:24.532	INFO	http.log	server running	{"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/08/03 17:52:24.532	DEBUG	http	starting server loop	{"address": "[::]:80", "tls": false, "http3": false}
2024/08/03 17:52:24.532	INFO	http.log	server running	{"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/08/03 17:52:24.532	INFO	http	enabling automatic TLS certificate management	{"domains": ["exttest.petterson.network", "webtest.petterson.network"]}
2024/08/03 17:52:24.532	DEBUG	tls	loading managed certificate	{"domain": "exttest.petterson.network", "expiration": "2024/11/01 16:50:53.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/08/03 17:52:24.532	DEBUG	tls.cache	added certificate to cache	{"subjects": ["exttest.petterson.network"], "expiration": "2024/11/01 16:50:53.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508", "cache_size": 1, "cache_capacity": 10000}
2024/08/03 17:52:24.532	DEBUG	events	event	{"name": "cached_managed_cert", "id": "81a268c8-7709-4e61-a68a-863ef4933dbc", "origin": "tls", "data": {"sans":["exttest.petterson.network"]}}
2024/08/03 17:52:24.533	DEBUG	tls	loading managed certificate	{"domain": "webtest.petterson.network", "expiration": "2024/11/01 16:50:53.000", "issuer_key": "acme-v02.api.letsencrypt.org-directory", "storage": "FileStorage:/root/.local/share/caddy"}
2024/08/03 17:52:24.533	DEBUG	tls.cache	added certificate to cache	{"subjects": ["webtest.petterson.network"], "expiration": "2024/11/01 16:50:53.000", "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "4de0eae9744d2d3fa321a56250ab2528f09a3d9875cba9a80d1930c7da2f02f8", "cache_size": 2, "cache_capacity": 10000}
2024/08/03 17:52:24.533	DEBUG	events	event	{"name": "cached_managed_cert", "id": "d1a15dd6-520d-4421-bfcd-4954e002552f", "origin": "tls", "data": {"sans":["webtest.petterson.network"]}}
2024/08/03 17:52:24.533	INFO	tls	storage cleaning happened too recently; skipping for now	{"storage": "FileStorage:/root/.local/share/caddy", "instance": "03dc79cf-7019-4f83-8383-ddaebd799dd4", "try_again": "2024/08/04 17:52:24.533", "try_again_in": 86399.999999689}
2024/08/03 17:52:24.533	INFO	tls	finished cleaning storage units
2024/08/03 17:52:24.533	INFO	autosaved config (load with --resume flag)	{"file": "/root/.config/caddy/autosave.json"}
2024/08/03 17:52:24.533	INFO	serving initial configuration
2024/08/03 17:52:53.949	DEBUG	events	event	{"name": "tls_get_certificate", "id": "89488c5f-7b80-4fb5-a6d8-b6a2ff9ace8c", "origin": "tls", "data": {"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"webtest.petterson.network","SupportedCurves":[29,23,30,25,24,256,257,258,259,260],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,769,770,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"RemoteAddr":{"IP":"154.28.229.112","Port":56366,"Zone":""},"LocalAddr":{"IP":<MYIP>","Port":443,"Zone":""}}}}
2024/08/03 17:52:53.949	DEBUG	tls.handshake	choosing certificate	{"identifier": "webtest.petterson.network", "num_choices": 1}
2024/08/03 17:52:53.949	DEBUG	tls.handshake	default certificate selection results	{"identifier": "webtest.petterson.network", "subjects": ["webtest.petterson.network"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "4de0eae9744d2d3fa321a56250ab2528f09a3d9875cba9a80d1930c7da2f02f8"}
2024/08/03 17:52:53.949	DEBUG	tls.handshake	matched certificate in cache	{"remote_ip": "154.28.229.112", "remote_port": "56366", "subjects": ["webtest.petterson.network"], "managed": true, "expiration": "2024/11/01 16:50:53.000", "hash": "4de0eae9744d2d3fa321a56250ab2528f09a3d9875cba9a80d1930c7da2f02f8"}
2024/08/03 17:52:54.035	DEBUG	http.handlers.file_server	sanitized path join	{"site_root": "/var/www/html/code", "fs": "", "request_path": "/", "result": "/var/www/html/code"}
2024/08/03 17:52:54.036	DEBUG	http.handlers.file_server	located index file	{"filename": "/var/www/html/code/index.html"}
2024/08/03 17:52:54.036	DEBUG	http.handlers.file_server	opening file	{"filename": "/var/www/html/code/index.html"}
2024/08/03 17:52:55.138	DEBUG	http.stdlib	http: TLS handshake error from 104.164.173.96:29554: EOF
2024/08/03 17:52:59.641	DEBUG	events	event	{"name": "tls_get_certificate", "id": "883f12ff-fe3b-4381-9f69-3f66c664cdca", "origin": "tls", "data": {"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"webtest.petterson.network","SupportedCurves":[29,23,30,25,24,256,257,258,259,260],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,769,770,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"RemoteAddr":{"IP":"104.164.173.96","Port":29560,"Zone":""},"LocalAddr":{"IP":<MYIP>","Port":443,"Zone":""}}}}
2024/08/03 17:52:59.641	DEBUG	tls.handshake	choosing certificate	{"identifier": "webtest.petterson.network", "num_choices": 1}
2024/08/03 17:52:59.641	DEBUG	tls.handshake	default certificate selection results	{"identifier": "webtest.petterson.network", "subjects": ["webtest.petterson.network"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "4de0eae9744d2d3fa321a56250ab2528f09a3d9875cba9a80d1930c7da2f02f8"}
2024/08/03 17:52:59.641	DEBUG	tls.handshake	matched certificate in cache	{"remote_ip": "104.164.173.96", "remote_port": "29560", "subjects": ["webtest.petterson.network"], "managed": true, "expiration": "2024/11/01 16:50:53.000", "hash": "4de0eae9744d2d3fa321a56250ab2528f09a3d9875cba9a80d1930c7da2f02f8"}
2024/08/03 17:52:59.849	DEBUG	http.handlers.file_server	sanitized path join	{"site_root": "/var/www/html/code", "fs": "", "request_path": "/", "result": "/var/www/html/code"}
2024/08/03 17:52:59.849	DEBUG	http.handlers.file_server	located index file	{"filename": "/var/www/html/code/index.html"}
2024/08/03 17:52:59.849	DEBUG	http.handlers.file_server	opening file	{"filename": "/var/www/html/code/index.html"}
2024/08/03 17:53:20.489	DEBUG	events	event	{"name": "tls_get_certificate", "id": "f2867747-e397-4a66-bcf3-64d96eb58ac0", "origin": "tls", "data": {"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"exttest.petterson.network","SupportedCurves":[29,23,30,25,24,256,257,258,259,260],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,769,770,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"RemoteAddr":{"IP":"154.28.229.141","Port":38046,"Zone":""},"LocalAddr":{"IP":"<MYIP>","Port":443,"Zone":""}}}}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	choosing certificate	{"identifier": "exttest.petterson.network", "num_choices": 1}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	default certificate selection results	{"identifier": "exttest.petterson.network", "subjects": ["exttest.petterson.network"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	matched certificate in cache	{"remote_ip": "154.28.229.141", "remote_port": "38046", "subjects": ["exttest.petterson.network"], "managed": true, "expiration": "2024/11/01 16:50:53.000", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:20.489	DEBUG	events	event	{"name": "tls_get_certificate", "id": "a083d5c7-ea3a-4137-b2a6-595dd918b549", "origin": "tls", "data": {"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"exttest.petterson.network","SupportedCurves":[29,23,30,25,24,256,257,258,259,260],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,769,770,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"RemoteAddr":{"IP":"154.28.229.75","Port":62040,"Zone":""},"LocalAddr":{"IP":"<MYIP>","Port":443,"Zone":""}}}}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	choosing certificate	{"identifier": "exttest.petterson.network", "num_choices": 1}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	default certificate selection results	{"identifier": "exttest.petterson.network", "subjects": ["exttest.petterson.network"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:20.489	DEBUG	tls.handshake	matched certificate in cache	{"remote_ip": "154.28.229.75", "remote_port": "62040", "subjects": ["exttest.petterson.network"], "managed": true, "expiration": "2024/11/01 16:50:53.000", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:20.573	DEBUG	http.handlers.reverse_proxy	selected upstream	{"dial": "localhost:3000", "total_upstreams": 1}
2024/08/03 17:53:20.573	DEBUG	http.handlers.reverse_proxy	selected upstream	{"dial": "localhost:3000", "total_upstreams": 1}
2024/08/03 17:53:20.580	DEBUG	http.handlers.reverse_proxy	upstream roundtrip	{"upstream": "localhost:3000", "duration": 0.007595039, "request": {"remote_ip": "154.28.229.141", "remote_port": "38046", "client_ip": "154.28.229.141", "proto": "HTTP/1.1", "method": "GET", "host": "exttest.petterson.network", "uri": "/", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9"], "Sec-Fetch-Mode": ["navigate"], "X-Forwarded-For": ["154.28.229.141"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"], "Sec-Ch-Ua": ["Google Chrome\";v=\"111\", \"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"111"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"], "X-Forwarded-Proto": ["https"], "X-Forwarded-Host": ["exttest.petterson.network"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "http/1.1", "server_name": "exttest.petterson.network"}}, "headers": {"Content-Type": ["text/html; charset=utf-8"], "Content-Encoding": ["gzip"], "Connection": ["keep-alive"], "X-Nextjs-Cache": ["HIT"], "Etag": ["\"kcgw0fwo0ttcp\""], "Cache-Control": ["s-maxage=31536000, stale-while-revalidate"], "Vary": ["Accept-Encoding"], "Date": ["Sat, 03 Aug 2024 17:53:20 GMT"], "Keep-Alive": ["timeout=5"], "X-Powered-By": ["Next.js"]}, "status": 200}
2024/08/03 17:53:20.581	DEBUG	http.handlers.reverse_proxy	upstream roundtrip	{"upstream": "localhost:3000", "duration": 0.007523954, "request": {"remote_ip": "154.28.229.75", "remote_port": "62040", "client_ip": "154.28.229.75", "proto": "HTTP/1.1", "method": "GET", "host": "exttest.petterson.network", "uri": "/", "headers": {"Sec-Fetch-Mode": ["navigate"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"], "X-Forwarded-Host": ["exttest.petterson.network"], "X-Forwarded-For": ["154.28.229.75"], "Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36"], "Sec-Ch-Ua": ["Google Chrome\";v=\"111\", \"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"111"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "http/1.1", "server_name": "exttest.petterson.network"}}, "headers": {"Vary": ["Accept-Encoding"], "Date": ["Sat, 03 Aug 2024 17:53:20 GMT"], "Keep-Alive": ["timeout=5"], "X-Nextjs-Cache": ["HIT"], "Etag": ["\"kcgw0fwo0ttcp\""], "Content-Type": ["text/html; charset=utf-8"], "Cache-Control": ["s-maxage=31536000, stale-while-revalidate"], "X-Powered-By": ["Next.js"], "Content-Encoding": ["gzip"], "Connection": ["keep-alive"]}, "status": 200}
2024/08/03 17:53:23.882	DEBUG	events	event	{"name": "tls_get_certificate", "id": "042dee1a-2e7b-46c8-9036-dda6214c78da", "origin": "tls", "data": {"client_hello":{"CipherSuites":[4866,4867,4865,49196,49200,49195,49199,52393,52392,159,158,52394,49327,49325,49326,49324,49188,49192,49187,49191,49162,49172,49161,49171,49315,49311,49314,49310,107,103,57,51,157,156,49313,49309,49312,49308,61,60,53,47,255],"ServerName":"exttest.petterson.network","SupportedCurves":[29,23,30,25,24,256,257,258,259,260],"SupportedPoints":"AAEC","SignatureSchemes":[1027,1283,1539,2055,2056,2057,2058,2059,2052,2053,2054,1025,1281,1537,771,769,770,1026,1282,1538],"SupportedProtos":["http/1.1"],"SupportedVersions":[772,771],"RemoteAddr":{"IP":"154.28.229.141","Port":38058,"Zone":""},"LocalAddr":{"IP":"<MYIP>","Port":443,"Zone":""}}}}
2024/08/03 17:53:23.882	DEBUG	tls.handshake	choosing certificate	{"identifier": "exttest.petterson.network", "num_choices": 1}
2024/08/03 17:53:23.882	DEBUG	tls.handshake	default certificate selection results	{"identifier": "exttest.petterson.network", "subjects": ["exttest.petterson.network"], "managed": true, "issuer_key": "acme-v02.api.letsencrypt.org-directory", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:23.882	DEBUG	tls.handshake	matched certificate in cache	{"remote_ip": "154.28.229.141", "remote_port": "38058", "subjects": ["exttest.petterson.network"], "managed": true, "expiration": "2024/11/01 16:50:53.000", "hash": "ea8300010542d1f09d86dea88864238d7208298f274faa5141cca4cc702cd508"}
2024/08/03 17:53:23.978	DEBUG	http.handlers.reverse_proxy	selected upstream	{"dial": "localhost:3000", "total_upstreams": 1}
2024/08/03 17:53:23.982	DEBUG	http.handlers.reverse_proxy	upstream roundtrip	{"upstream": "localhost:3000", "duration": 0.004074703, "request": {"remote_ip": "154.28.229.141", "remote_port": "38058", "client_ip": "154.28.229.141", "proto": "HTTP/1.1", "method": "GET", "host": "exttest.petterson.network", "uri": "/", "headers": {"Sec-Fetch-Mode": ["navigate"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"], "Sec-Ch-Ua": ["Google Chrome\";v=\"111\", \"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"111"], "Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"], "X-Forwarded-For": ["154.28.229.141"], "X-Forwarded-Proto": ["https"], "X-Forwarded-Host": ["exttest.petterson.network"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "http/1.1", "server_name": "exttest.petterson.network"}}, "headers": {"X-Nextjs-Cache": ["HIT"], "X-Powered-By": ["Next.js"], "Etag": ["\"kcgw0fwo0ttcp\""], "Cache-Control": ["s-maxage=31536000, stale-while-revalidate"], "Date": ["Sat, 03 Aug 2024 17:53:23 GMT"], "Content-Type": ["text/html; charset=utf-8"], "Vary": ["Accept-Encoding"], "Content-Encoding": ["gzip"], "Connection": ["keep-alive"], "Keep-Alive": ["timeout=5"]}, "status": 200}
2024/08/03 17:53:24.974	DEBUG	http.handlers.reverse_proxy	selected upstream	{"dial": "localhost:3000", "total_upstreams": 1}
2024/08/03 17:53:24.980	DEBUG	http.handlers.reverse_proxy	upstream roundtrip	{"upstream": "localhost:3000", "duration": 0.005954273, "request": {"remote_ip": "154.28.229.141", "remote_port": "38058", "client_ip": "154.28.229.141", "proto": "HTTP/1.1", "method": "GET", "host": "exttest.petterson.network", "uri": "/site.webmanifest?v=4", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Accept-Language": ["en-US,en;q=0.9"], "Sec-Fetch-Mode": ["navigate"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"], "X-Forwarded-For": ["154.28.229.141"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"], "Sec-Ch-Ua": ["Google Chrome\";v=\"111\", \"Not(A:Brand\";v=\"8\", \"Chromium\";v=\"111"], "X-Forwarded-Proto": ["https"], "X-Forwarded-Host": ["exttest.petterson.network"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "http/1.1", "server_name": "exttest.petterson.network"}}, "headers": {"Content-Encoding": ["gzip"], "Date": ["Sat, 03 Aug 2024 17:53:24 GMT"], "Connection": ["keep-alive"], "Keep-Alive": ["timeout=5"], "Content-Type": ["application/manifest+json"], "Vary": ["Accept-Encoding"]}, "status": 200}
2024/08/03 17:53:33.765	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42096: EOF
2024/08/03 17:53:33.767	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42080: EOF
2024/08/03 17:53:33.769	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42110: EOF
2024/08/03 17:53:33.770	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42120: EOF
2024/08/03 17:53:33.771	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42122: EOF
2024/08/03 17:53:33.780	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42154: EOF
2024/08/03 17:53:33.781	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42130: EOF
2024/08/03 17:53:33.781	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42140: EOF
2024/08/03 17:53:33.781	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42144: EOF
2024/08/03 17:53:33.784	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42160: EOF
2024/08/03 17:53:33.785	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42174: EOF
2024/08/03 17:53:33.787	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42170: EOF
2024/08/03 17:53:33.793	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42186: EOF
2024/08/03 17:53:33.844	DEBUG	http.stdlib	http: TLS handshake error from 154.28.229.141:42188: EOF
^C

3. Caddy version:

Linus Install
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

Uses linesa from Caddy documentation for an Ubuntu 2204 install.

a. System environment:

Ubuntu 2204
Docker
Client: Docker Engine - Community
Version: 27.1.1
API version: 1.46
Go version: go1.21.12
Git commit: 6312585
Built: Tue Jul 23 19:57:01 2024
OS/Arch: linux/amd64
Context: default

Server: Docker Engine - Community
Engine:
Version: 27.1.1
API version: 1.46 (minimum version 1.24)
Go version: go1.21.12
Git commit: cc13f95
Built: Tue Jul 23 19:57:01 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.19
GitCommit: 2bf793ef6dc9a18e00cb12efb64355c2c9d5eb41
runc:
Version: 1.7.19
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0

b. Command:

System starts Caddy automatically. I only edit the Caddyfile and then
service caddy restart

c. Service/unit/compose file:

For Docker Container trying to connect to
docker-compose.yaml

services:
  homepage:
    image: ghcr.io/gethomepage/homepage:latest
    container_name: homepage_external
    ports:
      - 3000:3000
    volumes:
      - ./config:/app/config
      - ./icons:/app/public/icons
      - ./images:/app/public/images
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      PUID: 1000
      PGID: 1000
    restart: always

d. My complete Caddy config:

{
        grace_period 10s
        email certs@pseudo.co.uk
        renew_interval 30m
        debug
}

webtest.petterson.network {
        root * /var/www/html/code
        encode zstd gzip
        file_server
        log {
                output file /var/www/logs/webtest.petterson.network-access.log {
                        format json
                }
        }
        handle_errors {
                respond "{err.status_code} {err.status_text}"
        }
}

exttest.petterson.network {
        reverse_proxy localhost:3000
}

5. Links to relevant resources:

Can’t think of anything to add here.

francislavoie · August 8, 2024, 3:41am

Sorry for the delay, I was on vacation.

DaveP:

2024/08/03 17:53:24.980	DEBUG	http.handlers.reverse_proxy	upstream roundtrip	{"upstream": "localhost:3000", "duration": 0.005954273, "request": {"remote_ip": "154.28.229.141", "remote_port": "38058", "client_ip": "154.28.229.141", "proto": "HTTP/1.1", "method": "GET", "host": "exttest.petterson.network", "uri": "/site.webmanifest?v=4", "status": 200}

Your logs show that it does connect, actually.

I don’t understand what the problem is.

Careful, running caddy start doesn’t run Caddy as a service, it runs it as a detached process. Don’t use this, if you want Caddy to stay alive through server reboots etc. Make sure to always use the systemctl commands to interact with Caddy.

DaveP · August 8, 2024, 10:50am

I do use the systemctl commands normally but while debugging I dropped into running it as a process.

If the logs show that it is connecting then that is frustrating as at the browser end it just sits there until it times out.

Is there any way I can test further? I’ve tried Caddy installed as a docker image and I have exactly the same issue.

Whitestrake · August 8, 2024, 1:52pm

First port of call is a separate browser, just to rule out any client shenanigans.

If it’s not a browser-specific issue, second step would be to curl -L -v your website. You can post the result here, it should tell us a fair bit about what’s going on.

DaveP · August 12, 2024, 10:28am

Mmmm. I think I have some DNS issues. I tried other browsers with no change and I added in another subdomain to test and hit a different issue.

I set up the A record for external and exttest to be the same IP and added the new domain to the Caddyfile.

I got two different responses to the curl. One mentioned nginx which was used previously but I rebuilt that entire systems. So something is cached somewhere. One had an existing SSL cert and one was new and they provided different returns to the curls. Both point to a DrawIO container

curl -L -v exttest.petterson.network
curl -L -v external.petterson.network

I’m going to go back step by step and clear my caches and try this on other peoples systems to see what responses I get.

system · September 11, 2024, 10:29am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.