Contenerized SemaphoreUI behind Caddy

Przemek · May 23, 2024, 9:54pm

1. The problem I’m having:

I’d like to set up Caddy as a reverse proxy for SemaphoreUI. Both in containers (used Podnam to run those). To make it even trickier it’s behind Cloudflare (use custom image of Caddy with cloudflare plugin).

I get it somewhat working. I get HTTPS and the site itself launches. But I recieve websocket errors. I’ve looked into sample configs on SemaphoreUI site:

Sadly they do not provide samples for Caddy and I fail to recreate the entries from Nginx / Apache.

After searching I`ve tried adding:

    @ws {
        header Connection *Upgrade*
        header Upgrade websocket
    }
    reverse_proxy semaphoreui/api/ws

But that didn’t work.

2. Error messages and/or full log output:

time="2024-05-23T22:05:13+02:00" level=error msg="websocket: close 1005 (no status)" fields.level=Error
time="2024-05-23T22:05:13+02:00" level=error msg="websocket: close sent" fields.level=Error
time="2024-05-23T22:05:13+02:00" level=error msg="close tcp 10.89.0.25:3000->10.89.0.24:35370: use of closed network connection" fields.level=Error
2024-05-23 22:05:28.405 CEST [21] LOG:  checkpoint starting: time

3. Caddy version:

2.7.6

4. How I installed and ran Caddy:

It’s installed in containers. Here’s the compose file:

---
services:
  caddy:
    image: caddy-cloudflare
    name: caddy
    restart: always
    env_file:
      - $PWD/.ENV/.caddy
    cap_add:
      - NET_ADMIN
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - $PWD/Caddyfile:/etc/caddy/Caddyfile:z
      - $PWD/site:/srv:z
      - $PWD/caddy_data:/data:z
      - $PWD/caddy_config:/config:z
    networks:
      - caddynet

  postgres:
    restart: unless-stopped
    image: postgres:16
    hostname: postgres
    volumes: 
     - $PWD/semaphore-postgres:/var/lib/postgresql/data:z
    env_file:
      - $PWD/.ENV/.semaphore
    networks:
      - semnet

  semaphore:
    restart: unless-stopped
    ports:
      - 3000:3000
    image: semaphoreui/semaphore:latest
    env_file:
      - $PWD/.ENV/.semaphore
    networks:
      - caddynet
      - semnet
    volumes:
      - $PWD/semaphore-data:/etc/semaphore:Z
      - $PWD/semaphore-extras/requirements.txt:/etc/semaphore/requirements.txt

networks:
  caddynet:
    name: caddynet
    driver: bridge
  semnet:
    internal: true
...

a. System environment:

Podman on Rocky9.

Here’s the Caddyfile:

mydomain.site {
    header {
        X-Robots-Tag "none"
        -Server
    }
    tls {
        dns cloudflare {env.CF_API_TOKEN}
        resolvers 1.1.1.1
    }
    reverse_proxy semaphore:3000 {
    }
    file_server
}

Btw - apart from online docs does anyone know of a book about Caddy? Preferably for a dummy .

francislavoie · May 23, 2024, 10:04pm

You shouldn’t need any additional config for websockets to work. Caddy’s reverse_proxy handles it transparently.

You’ll probably need to get help from the SemaphoreUI community. There’s no evidence of this being a problem with Caddy.

Przemek · May 23, 2024, 10:12pm

Sure, will do - will report back if I get something.

system · June 22, 2024, 10:13pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.