Can't set up reverse proxy

I am hosting two websites on an ec2 instance. Each website is running on apache server inside a docker container. I have nginx running on a separate container as a reverse proxy.

I wanted to migrate to Caddy because I wanted to add SSL and I read tons of tweets saying that it is pretty straightforward to set up.

I setup a new ec2 instance and have a new subdomain pointing there. I’m running the website on apache in a container, exposing port 3000 and I can access it through curl localhost:3000 just fine. But when I run caddy server and try to access my subdomain, I get connection refused.

I really appreciate the help.

1. Caddy version (caddy version):


2. How I run Caddy:

Docker image
docker-compose up

a. System environment:

Linux version 4.14.246-187.474.amzn2.x86_64 (mockbuild@ip-10-0-1-132) (gcc version 7.3.1 20180712
(Red Hat 7.3.1-13) (GCC)) #1 SMP Tue Sep 7 21:48:11 UTC 2021

Docker version 20.10.7, build f0df350

b. Command:

docker-compose up

c. Service/unit/compose file:

This is the docker-compose.yml for my Caddy server

version: "3.7"

    image: caddy:2.4.5
    restart: unless-stopped
      - "80:80"
      - "443:443"
      - $PWD/Caddyfile:/etc/caddy/Caddyfile
      - $PWD/caddy_data:/data
      - $PWD/caddy_config:/config
    external: true

Here’s the docker-compose.yml for my website:

version: '3.7'
    image: roloum/apache_ssl:0.1
    container_name: prueba-jardinesecologicos
      - ./src/:/var/www/html/
      - ./conf.d/:/etc/apache2/sites-enabled/
      - 3000:80
      - 80
      - .env

This is the apache config file for my website:

# <VirtualHost *:443>
<VirtualHost *:80>


    DocumentRoot /var/www/html


d. My complete Caddyfile or JSON config: {
    reverse_proxy localhost:3000

3. The problem I’m having:

Connection refused to the website running in the container. This is an error I see in the logs.

Curl doesn’t show anything

$ curl

4. Error messages and/or full log output:

This is the full output of docker-compose up for the caddy container and running curl

$ docker-compose up
Creating network "caddy_default" with the default driver
Creating caddy_caddy_1 ... done
Attaching to caddy_caddy_1
caddy_1  | {"level":"info","ts":1636084571.0160828,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
caddy_1  | {"level":"warn","ts":1636084571.017693,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
caddy_1  | {"level":"info","ts":1636084571.0198941,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019",""]}
caddy_1  | {"level":"info","ts":1636084571.0210536,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
caddy_1  | {"level":"info","ts":1636084571.021483,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy_1  | {"level":"info","ts":1636084571.0327163,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0000d90a0"}
caddy_1  | {"level":"info","ts":1636084571.0331597,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
caddy_1  | {"level":"info","ts":1636084571.0446072,"logger":"http","msg":"enabling automatic TLS certificate management","domains":[""]}
caddy_1  | {"level":"info","ts":1636084571.0505126,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
caddy_1  | {"level":"info","ts":1636084571.050929,"msg":"serving initial configuration"}
caddy_1  | {"level":"info","ts":1636084571.05159,"logger":"tls","msg":"finished cleaning storage units"}

caddy_1  | {"level":"error","ts":1636084581.192345,"logger":"http.log.error","msg":"dial tcp connect: connection refused","request":{"remote_addr":"","proto":"HTTP/2.0","method":"GET","host":"","uri":"/","headers":{"User-Agent":["curl/7.76.1"],"Accept":["*/*"]},"tls":{"resumed":false,"version":771,"cipher_suite":49195,"proto":"h2","proto_mutual":true,"server_name":""}},"duration":0.003791853,"status":502,"err_id":"vp8s2ints","err_trace":"reverseproxy.statusError (reverseproxy.go:858)"}

5. What I already tried:

I’ve tried Reverse Proxy Multiple Domains Using Caddy 2 · JDHeyburn

and every link in the first google results page:

I also tried running everything, Caddy and website, from the caddy’s docker-compose.yml but the result was the same.

6. Links to relevant resources:

When running in Docker, localhost refers to this current container. So Caddy is trying to connect to a service within the same Docker container. That won’t work, because the only thing running in that container is Caddy.

Instead, you should use the container name of the thing you’re trying to proxy to. They need to be in the same Docker network. In this case, that would be prueba-jardinesecologicos. Also, you would proxy to the port of the internal service, i.e. 80 (not 3000).

So you would do this: {
    reverse_proxy prueba-jardinesecologicos:80

Thanks for the prompt response.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.