Configure Caddy with Api Platform docker on prod

I try to put my projet in production for a demo, but I don’t able to configure correctly my server, or my hosting service.

1. Caddy version (caddy version):

2 and 2-builder-alpine from docker

2. How I run Caddy:

I just run
docker-compose up -d

a. System environment:

Docker that provide by api_platform docker distribution

b. Command:

docker-compose up -d

c. Service/unit/compose file:

version: "3.4"

services:
  php:
    build:
      context: ./api
      target: api_platform_php
    depends_on:
      - database
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
    healthcheck:
      interval: 10s
      timeout: 3s
      retries: 3
      start_period: 30s

  pwa:
    build:
      context: ./pwa
      target: api_platform_pwa_prod
    environment:
      API_PLATFORM_CLIENT_GENERATOR_ENTRYPOINT: http://caddy
      NEXT_PUBLIC_ENTRYPOINT: http://caddy

  caddy:
    build:
      context: api/
      target: api_platform_caddy
    depends_on:
      - php
      - pwa
    environment:
      PWA_UPSTREAM: pwa:3000
      SERVER_NAME: ${SERVER_NAME:-api.localhost, localhost, caddy:80}
      MERCURE_PUBLISHER_JWT_KEY: ${MERCURE_PUBLISHER_JWT_KEY:-!ChangeMe!}
      MERCURE_SUBSCRIBER_JWT_KEY: ${MERCURE_SUBSCRIBER_JWT_KEY:-!ChangeMe!}
    restart: unless-stopped
    volumes:
      - php_socket:/var/run/php
      - caddy_data:/data
      - caddy_config:/config
    ports:
      # HTTP
      - target: 80
        published: 80
        protocol: tcp
      # HTTPS
      - target: 443
        published: 443
        protocol: tcp
      # HTTP/3
      - target: 443
        published: 443
        protocol: udp

  database:
    image: postgres:13-alpine
    environment:
      - POSTGRES_DB=api
      - POSTGRES_PASSWORD=!ChangeMe!
      - POSTGRES_USER=api-platform
    volumes:
      - db_data:/var/lib/postgresql/data:rw
      # you may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
      # - ./api/docker/db/data:/var/lib/postgresql/data:rw

volumes:
  php_socket:
  db_data:
  caddy_data:
  caddy_config:

d. My complete Caddyfile or JSON config:

{
    # Debug
    {$DEBUG}
    # HTTP/3 support
    servers {
        protocol {
            experimental_http3
        }
    }
}

{$SERVER_NAME}

log

# Matches requests for HTML documents, for static files and for Next.js files,
# except for known API paths and paths with extensions handled by API Platform
@pwa expression `(
        {header.Accept}.matches("\\btext/html\\b")
        && !{path}.matches("(?i)(?:^/docs|^/graphql|^/bundles/|^/_profiler|^/_wdt|\\.(?:json|html$|csv$|ya?ml$|xml$))")
    )
    || {path} == "/favicon.ico"
    || {path} == "/manifest.json"
    || {path} == "/robots.txt"
    || {path}.startsWith("/_next")
    || {path}.startsWith("/sitemap")`

route {
    root * /srv/api/public
    mercure {
        # Transport to use (default to Bolt)
        transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
        # Publisher JWT key
        publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
        # Subscriber JWT key
        subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
        # Allow anonymous subscribers (double-check that it's what you want)
        anonymous
        # Enable the subscription API (double-check that it's what you want)
        subscriptions
        # Extra directives
        {$MERCURE_EXTRA_DIRECTIVES}
    }
    vulcain
    push

    # Add links to the API docs and to the Mercure Hub if not set explicitly (e.g. the PWA)
    header ?Link `</docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation", </.well-known/mercure>; rel="mercure"`
    # Disable Google FLOC tracking if not enabled explicitly: https://plausible.io/blog/google-floc
    header ?Permissions-Policy "interest-cohort=()"

    # Comment the following line if you don't want Next.js to catch requests for HTML documents.
    # In this case, they will be handled by the PHP app.
    reverse_proxy @pwa http://{$PWA_UPSTREAM}

    php_fastcgi unix//var/run/php/php-fpm.sock
    encode zstd gzip
    file_server
}

3. The problem I’m having:

Whatever path I try, the connection is refused.

$ curl localhost/config/
curl: (7) Failed to connect to localhost port 80: Connection refused

$ curl localhost:443/config/
curl: (7) Failed to connect to localhost port 443: Connection refused

$ curl localhost:2019/config/
curl: (7) Failed to connect to localhost port 2019: Connection refused

4. Error messages and/or full log output:

I don’t have any log on my server ! But just this error on my browser.

ERR_CONNECTION_REFUSED

And the connection refused in console

5. What I already tried:

I’m trying add my website domain with the route definition like that:

mydomain.bzh,
route {
    root * /srv/api/public
    mercure {
        # Transport to use (default to Bolt)
        transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
        # Publisher JWT key
        publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} 
        {env.MERCURE_PUBLISHER_JWT_ALG}
...

Without that, I have an SSL_ERR

6. Links to relevant resources:

What version, exactly? Run docker-compose exec caddy caddy version to find it.

You should be changing the SERVER_NAME environment variable in your .env.

Are you sure? Run docker-compose logs caddy.

Thanks for your reply.

I have this error:

Error response from daemon: Container ff683707d3088e6e443f17473f11d3e8effafa5c097049f8f3efaac28c921309 is restarting, wait until the container is running

I keep this

SERVER_NAME: ${SERVER_NAME:-mydomain.bzh, api.localhost, localhost, caddy:80}

I am not a regular user of docker-compose, and I am loosing this command.

run: adapting config using caddyfile: /etc/caddy/Caddyfile:35: unrecognized directive: mydomain.bzh

I try with deleting the mydomain.bzh… and that works !!!

Sorry for this disturb, thanks a lot.

That’s in your docker-compose.yml. Don’t change that. Instead, in your .env file, change SERVER_NAME= to the value you need.

That happened because you had a syntax error in your Caddyfile. Caddy couldn’t start.

But I think that I have to keep the localhost server_name for the API. Am I right?

My version is: v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

This topic was automatically closed after 30 days. New replies are no longer allowed.