1. Caddy version (caddy version
):
Latest docker
2. How I run Caddy:
Reverse proxy for all internal services on home network
a. System environment:
Ubuntu 20 LTS all Dockerized
b. Command:
sudo docker run -d \
--name pihole \
--network=mynetworkname \
-p 0.0.0.0:53:53/tcp -p 0.0.0.0:53:53/udp \
-p 6968:80 \
-p 6967:443 \
-e TZ="Europe/London" \
-v "$(pwd)/etc-pihole/:/etc/pihole/" \
-v "$(pwd)/etc-dnsmasq.d/:/etc/dnsmasq.d/" \
--dns=127.0.0.1 --dns=1.1.1.1 \
--restart=unless-stopped \
pihole/pihole:latest
sudo docker run -d -p 80:80 -p 443:443 \
--restart always \
--name caddy \
--network mynetworkname \
-v /home/mydir/Caddy/usr/share/caddy:/usr/share/caddy \
-v /home/mydir/Caddy/data:/data \
-v /home/mydir/Caddy/config:/config \
-v /home/mydir/Caddy/caddy:/caddy \
-v /home/mydir/Caddy/www:/var/www \
-v /home/mydir/Caddy/logs:/logs \
-v /home/mydir/Caddy/etc/caddy/Caddyfile:/etc/caddy/Caddyfile \
caddy/caddy:2.0.0-rc.3
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
(theheaders) {
header_up X-Forwarded-Ssl on
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Port {server_port}
header_up X-Forwarded-Proto {scheme}
header_up X-Url-Scheme {scheme}
header_up X-Forwarded-Host {host}
}
(MANY OTHER SERVICES GO HERE WHICH WORK FINE)
pihole.mydomain.com {
reverse_proxy pihole:6968 {
import theheaders //have tried with and without this
}
@notLocal {
not remote_ip 192.168.1.1/24
}
basicauth @notLocal {
me
xxx }
log {
output file /logs/access.log
format single_field common_log
}
}
3. The problem I’m having:
502 error for just pihole- all other services run fine.
Pihole fully accessible by IP at 192.168.1.2:6968/admin
4. Error messages and/or full log output:
{“level”:“error”,“ts”:1590430795.3831286,“logger”:“http.log.access.log9”,“msg”:“handled request”,“request”:{“method”:“GET”,“uri”:"/admin",“proto”:“HTTP/2.0”,“remote_addr”:“192.168.1.1:64558”,“host”:“pihole.mydomain.com”,“headers”:{“Sec-Fetch-Dest”:[“document”],“Accept-Language”:[“en-US,en;q=0.9”],“Dnt”:[“1”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-User”:["?1"],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36”],“Sec-Fetch-Mode”:[“navigate”],“Accept-Encoding”:[“gzip, deflate, br”]},“tls”:{“resumed”:false,“version”:772,“ciphersuite”:4865,“proto”:“h2”,“proto_mutual”:true,“server_name”:“pihole.mydomain.com”}},“common_log”:“192.168.1.1 - - [25/May/2020:18:19:55 +0000] “GET /admin HTTP/2.0” 502 0”,“latency”:0.001302416,“size”:0,“status”:502,“resp_headers”:{“Server”:[“Caddy”]}}
192.168.1.1 - - [25/May/2020:18:16:11 +0000] “GET /api/v3/command HTTP/2.0” 200 926
192.168.1.1 - - [25/May/2020:18:16:11 +0000] “GET /api/v3/queue/status HTTP/2.0” 200 99
192.168.1.1 - - [25/May/2020:18:16:11 +0000] “GET /api/v3/health HTTP/2.0” 200 22
192.168.1.1 - - [25/May/2020:18:16:12 +0000] “GET /api/v3/series HTTP/2.0” 200 216850
192.168.1.1 - - [25/May/2020:18:16:17 +0000] “GET /admin HTTP/2.0” 502 0
192.168.1.1 - - [25/May/2020:18:16:17 +0000] “GET /signalr/reconnect?transport=serverSentEvents&messageId=d-ABE24591-B%2
C7%7CC%2C2&clientProtocol=2.1&apiKey=1dfec57d66db4f0db90a08dd363caa34&connectionToken=LtlK2gieYwU2RHHdFzEo0sA0kRxE1jqg7k
AHbzkxx0ZAza0386t7jwWmSwclBeTSYFjJPvpcWdLHaA%2BNUwZM7lMSxGb3sncNvjXndkcZetY19KQl02Y%2FlPvQnmJ1B4N3OGwbxrNHcRLFINf11UgmTT
%2B55pfFEOCNVR2hwV4s2CRbD%2Bqkzsg8IWRk0iYgpm5%2FmbqNtBB11Zb%2FI2ZKJvEFiMYUza%2FGvyosSYdEC2ZDhN6pPzdQtGQ0M259lZqjqnjksaWw
I4VMtRO8tmT20UyJ0ggYUYxUc2ooKomxQxmegCvcNTQuUQBcVrsbuwNMBtQI&tid=3 HTTP/2.0” 200 109
192.168.1.1 - - [25/May/2020:18:16:17 +0000] “POST /signalr/abort?transport=serverSentEvents&clientProtocol=2.1&apiKey=1
dfec57d66db4f0db90a08dd363caa34&connectionToken=LtlK2gieYwU2RHHdFzEo0sA0kRxE1jqg7kAHbzkxx0ZAza0386t7jwWmSwclBeTSYFjJPvpc
WdLHaA%2BNUwZM7lMSxGb3sncNvjXndkcZetY19KQl02Y%2FlPvQnmJ1B4N3OGwbxrNHcRLFINf11UgmTT%2B55pfFEOCNVR2hwV4s2CRbD%2Bqkzsg8IWRk
0iYgpm5%2FmbqNtBB11Zb%2FI2ZKJvEFiMYUza%2FGvyosSYdEC2ZDhN6pPzdQtGQ0M259lZqjqnjksaWwI4VMtRO8tmT20UyJ0ggYUYxUc2ooKomxQxmegC
vcNTQuUQBcVrsbuwNMBtQI HTTP/2.0” 0 0
192.168.1.1 - - [25/May/2020:18:16:20 +0000] “GET /admin HTTP/2.0” 502 0
5. What I already tried:
Tried lots of different header configs but nothing seems to work properly