1. The problem I’m having:
I try to use caddy to server nextcoud and collabora on a ubuntu server 24.04. All systems are installed locally (meaning: it is no snap or docker installation). Caddy has been installed successfully. Nextcloud is running as expected. Collabora is running, but I do not get the remote-proxy to work.
I have also installed fail2ban and therefore my logging output is in form of common.log
2. Error messages and/or full log output:
May 04 13:48:29 gurkenserver systemd[1]: Stopped caddy.service - Caddy.
May 04 13:48:29 gurkenserver systemd[1]: Starting caddy.service - Caddy...
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.3190584,"msg":"maxprocs: Leaving GOMAXPROCS=4: CPU quota undefined"}
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.3192496,"msg":"GOMEMLIMIT is updated","package":"github.com/KimMachineGun/automemlimit/memlimit","GOMEMLIMIT":15033485721,"previous":9223372036854775807}
May 04 13:48:29 gurkenserver caddy[1666167]: caddy.HomeDir=/var/lib/caddy
May 04 13:48:29 gurkenserver caddy[1666167]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
May 04 13:48:29 gurkenserver caddy[1666167]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
May 04 13:48:29 gurkenserver caddy[1666167]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
May 04 13:48:29 gurkenserver caddy[1666167]: caddy.Version=v2.10.0 h1:fonubSaQKF1YANl8TXqGcn4IbIRUDdfAkpcsfI/vX5U=
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.GOOS=linux
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.GOARCH=amd64
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.Compiler=gc
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.NumCPU=4
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.GOMAXPROCS=4
May 04 13:48:29 gurkenserver caddy[1666167]: runtime.Version=go1.24.2
May 04 13:48:29 gurkenserver caddy[1666167]: os.Getwd=/
May 04 13:48:29 gurkenserver caddy[1666167]: LANG=de_DE.UTF-8
May 04 13:48:29 gurkenserver caddy[1666167]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/snap/bin
May 04 13:48:29 gurkenserver caddy[1666167]: NOTIFY_SOCKET=/run/systemd/notify
May 04 13:48:29 gurkenserver caddy[1666167]: USER=caddy
May 04 13:48:29 gurkenserver caddy[1666167]: LOGNAME=caddy
May 04 13:48:29 gurkenserver caddy[1666167]: HOME=/var/lib/caddy
May 04 13:48:29 gurkenserver caddy[1666167]: INVOCATION_ID=43efe09c44d14065b98aad06f310f4ed
May 04 13:48:29 gurkenserver caddy[1666167]: JOURNAL_STREAM=8:6818622
May 04 13:48:29 gurkenserver caddy[1666167]: SYSTEMD_EXEC_PID=1666167
May 04 13:48:29 gurkenserver caddy[1666167]: MEMORY_PRESSURE_WATCH=/sys/fs/cgroup/system.slice/caddy.service/memory.pressure
May 04 13:48:29 gurkenserver caddy[1666167]: MEMORY_PRESSURE_WRITE=c29tZSAyMDAwMDAgMjAwMDAwMAA=
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.3193645,"msg":"using config from file","file":"/etc/caddy/config.json"}
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.320519,"msg":"redirected default logger","from":"stderr","to":"/var/log/home.guerke.net/access.log"}
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.3238187,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 7168 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details."}
May 04 13:48:29 gurkenserver systemd[1]: Started caddy.service - Caddy.
May 04 13:48:29 gurkenserver caddy[1666167]: {"level":"info","ts":1746359309.325262,"msg":"serving initial configuration"}
result of var/ log/.../access.log:
93.210.46.252 - - [04/May/2025:11:51:30 +0000] "GET /hosting/capabilities HTTP/2.0" 502 -
3. Caddy version:
caddy.Version=v2.10.0
4. How I installed and ran Caddy:
installed caddy as per caddy home page
Using config.json for configuration (in the meantime I’m not sure if this was a good idea)
a. System environment:
ubuntu server 24.04
b. Command:
systemctl restart caddy
d. My complete Caddy config:
{
"logging": {
"logs" : {
"default" : {
"writer" : {
"output" : "file",
"filename" : "/var/log/home.guerke.net/access.log",
"roll_size_mb" : 10
} ,
"encoder" : {
"format" : "transform",
"template" : "{common_log}"
},
"level" : "DEBUG"
}
}
} ,
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [ {
"match": [ {
"host": [
"home.guerke.net"
]
}
],
"handle": [ {
"handler": "subroute",
"routes": [ {
"handle": [ {
"handler": "vars",
"root": "/var/www/nextcloud"
} , {
"encodings": {
"gzip": {}
} ,
"handler": "encode",
"prefer": [
"gzip"
]
}
]
} , {
"handle": [ {
"handler": "headers",
"response": {
"set": {
"Cache-Control": [
"max-age=15778463, immutable"
]
}
}
}
],
"match": [ {
"path": [
"*.css",
"*.js",
"*.mjs",
"*.svg",
"*.gif",
"*.png",
"*.jpg",
"*.ico",
"*.wasm",
"*.tflite"
],
"query": {
"v": [
"*"
]
}
}
]
} , {
"handle": [ {
"handler": "headers",
"response": {
"set": {
"Cache-Control": [
"max-age=15778463"
]
}
}
}
],
"match": [ {
"not": [ {
"query": {
"v": [
"*"
]
}
}
],
"path": [
"*.css",
"*.js",
"*.mjs",
"*.svg",
"*.gif",
"*.png",
"*.jpg",
"*.ico",
"*.wasm",
"*.tflite"
]
}
]
} , {
"handle": [ {
"handler": "headers",
"response": {
"set": {
"Cache-Control": [
"max-age=604800"
]
}
}
}
],
"match": [ {
"path": [
"*.woff2"
]
}
]
} , {
"handle": [ {
"handler": "headers",
"response": {
"deferred": true,
"delete": [
"X-Powered-By"
],
"set": {
"Permissions-Policy": [
"interest-cohort=()"
],
"Referrer-Policy": [
"no-referrer"
],
"Strict-Transport-Security": [
"max-age=31536000"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Frame-Options": [
"SAMEORIGIN"
],
"X-Permitted-Cross-Domain-Policies": [
"none"
],
"X-Robots-Tag": [
"noindex, nofollow"
],
"X-Xss-Protection": [
"1; mode=block"
]
}
}
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"/remote.php/dav"
]
} ,
"status_code": 301
}
],
"match": [ {
"path": [
"/.well-known/carddav"
]
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"/remote.php/dav"
]
} ,
"status_code": 301
}
],
"match": [ {
"path": [
"/.well-known/caldav"
]
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"/index.php{http.request.uri}"
]
} ,
"status_code": 301
}
],
"match": [ {
"path": [
"/.well-known/*"
]
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"/remote.php{http.request.uri}"
]
} ,
"status_code": 301
}
],
"match": [ {
"path": [
"/remote/*"
]
}
]
} , {
"handle": [ {
"encodings": {
"gzip": {},
"zstd": {}
} ,
"handler": "encode",
"prefer": [
"zstd",
"gzip"
]
}
]
} , {
"handle": [ {
"handler": "error",
"status_code": 404
}
],
"match": [ {
"not": [ {
"path": [
"/.well-known/*"
]
}
],
"path": [
"/build/*",
"/tests/*",
"/config/*",
"/lib/*",
"/3rdparty/*",
"/templates/*",
"/data/*",
"/.*",
"/autotest*",
"/occ*",
"/issue*",
"/indie*",
"/db_*",
"/console*"
]
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"{http.request.orig_uri.path}/{http.request.orig_uri.prefixed_query}"
]
} ,
"status_code": 308
}
],
"match": [ {
"file": {
"try_files": [
"{http.request.uri.path}/index.php"
]
} ,
"not": [ {
"path": [
"*/"
]
}
]
}
]
} , {
"handle": [ {
"handler": "rewrite",
"uri": "{http.matchers.file.relative}"
}
],
"match": [ {
"file": {
"split_path": [
".php"
],
"try_files": [
"{http.request.uri.path}",
"{http.request.uri.path}/index.php",
"index.php"
],
"try_policy": "first_exist_fallback"
}
}
]
} , {
"handle": [ {
"handler": "static_response",
"headers": {
"Location": [
"{http.request.uri.path}/"
]
} ,
"status_code": 308
}
],
"match": [ {
"file": {
"try_files": [
"{http.request.uri.path}/index.php"
]
} ,
"not": [ {
"path": [
"*/"
]
}
]
}
]
} , {
"handle": [ {
"handler": "reverse_proxy",
"transport": {
"env": {
"front_controller_active": "true",
"modHeadersAvailable": "true",
"PHP_VALUE": "memory_limit = 512M"
} ,
"protocol": "fastcgi",
"split_path": [
".php"
]
} ,
"upstreams": [ {
"dial": "unix//run/php/php8.4-fpm.sock"
}
]
}
],
"match": [ {
"path": [
"*.php"
]
}
]
} , {
"handle": [ {
"handler": "file_server",
"hide": [
"/etc/caddy/Caddyfile"
]
}
]
}
]
}
],
"terminal": true
},
{
"match": [ {
"host": [
"office.guerke.net"
]
}
],
"handle": [ {
"handler": "subroute",
"routes": [ {
"handle": [ {
"encodings": {
"gzip": {}
} ,
"handler": "encode",
"prefer": [
"gzip"
]
}
]
} , {
"handle": [ {
"handler": "reverse_proxy",
"transport": {
"protocol": "http",
"tls": {
"insecure_skip_verify": true
}
} ,
"upstreams": [ {
"dial": "localhost:9980"
}
]
}
]
}
]
}
],
"terminal": true
}
]
}
}
}
}
}
5. Links to relevant resources:
I tried several versions of reverse proxy like “:9980”, “127.0.0.1:9980”, “192.168.178.35:9980”,
I can reach the Collabora service locally running curl http://127.0.0.1:9980/hosting/capabilities, but when I try to curl https://office.guerke.net/hosting/capabilities This returns 502