@francislavoie
Really nice of you to spot that!
After correcting that I got cors errors. So I tried enabling cors and now with this Caddyfile:
(inspired by V2: how to add the CORS authorization via Caddyfile?)
{
email alex.barbalex@gmail.com
}
api.arten-foerdern.ch {
reverse_proxy /graphql* localhost:5000
reverse_proxy /graphiql* localhost:5000
reverse_proxy /artendb/* localhost:4000
reverse_proxy /evab* localhost:4000
reverse_proxy /alt* localhost:4000
header / {
Access-Control-Allow-Origin *
-Server
}
}
I get this log after rebuilding:
root@artdaten-docker:~/ae# docker logs ae_caddy
2020/02/03 19:16:46.069 INFO using provided configuration {"config_file": "/etc/caddy/Caddyfile", "config_adapter": "caddyfile"}
2020/02/03 19:16:46.143 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["localhost:2019"]}
2020/02/03 19:16:46.143 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2020/02/03 19:16:46.143 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2020/02/03 19:16:46.144 INFO http enabling automatic TLS certificate management {"domains": ["api.arten-foerdern.ch"]}
2020/02/03 19:16:46.144 INFO tls cleaned up storage units
2020/02/03 19:16:46.146 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2020/02/03 19:16:46.146 INFO serving initial configuration
2020/02/03 19:16:46 [INFO][cache:0xc000160d20] Started certificate maintenance routine
2020/02/03 19:16:47 [INFO] acme: Registering account for alex.barbalex@gmail.com
2020/02/03 19:16:47 [INFO][api.arten-foerdern.ch] Obtain certificate
2020/02/03 19:16:47 [INFO][api.arten-foerdern.ch] Obtain: Waiting on rate limiter...
2020/02/03 19:16:47 [INFO][api.arten-foerdern.ch] Obtain: Done waiting
2020/02/03 19:16:47 [INFO] [api.arten-foerdern.ch] acme: Obtaining bundled SAN certificate
2020/02/03 19:16:47 [INFO] [api.arten-foerdern.ch] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2625990049
2020/02/03 19:16:47 [INFO] [api.arten-foerdern.ch] acme: Could not find solver for: tls-alpn-01
2020/02/03 19:16:47 [INFO] [api.arten-foerdern.ch] acme: use http-01 solver
2020/02/03 19:16:47 [INFO] [api.arten-foerdern.ch] acme: Trying to solve HTTP-01
2020/02/03 19:16:48 [INFO][api.arten-foerdern.ch] Served key authentication (distributed)
2020/02/03 19:16:48 [INFO][api.arten-foerdern.ch] Served key authentication (distributed)
2020/02/03 19:16:48 [INFO][api.arten-foerdern.ch] Served key authentication (distributed)
2020/02/03 19:16:48 [INFO][api.arten-foerdern.ch] Served key authentication (distributed)
2020/02/03 19:16:55 [INFO] [api.arten-foerdern.ch] The server validated our request
2020/02/03 19:16:55 [INFO] [api.arten-foerdern.ch] acme: Validations succeeded; requesting certificates
2020/02/03 19:16:56 [INFO] [api.arten-foerdern.ch] Server responded with a certificate.
But can’t connect to https://api.arten-foerdern.ch/graphql:
2020/02/03 19:17:14.107 ERROR http.log.error dial tcp 127.0.0.1:5000: connect: connection refused {"request": {"method": "OPTIONS", "uri": "/graphql", "proto": "HTTP/2.0", "remote_addr": "77.57.29.8:54225", "host": "api.arten-foerdern.ch", "headers": {"Accept-Language": ["de-CH,de;q=0.9,en-US;q=0.8,en;q=0.7,es-CR;q=0.6,es;q=0.5,de-DE;q=0.4"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"], "Accept-Encoding": ["gzip, deflate, br"], "Access-Control-Request-Headers": ["content-type"], "Origin": ["https://arten-foerdern.ch"], "Sec-Fetch-Mode": ["cors"], "Sec-Fetch-Site": ["same-site"], "Referer": ["https://arten-foerdern.ch/"], "Accept": ["*/*"], "Access-Control-Request-Method": ["POST"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "api.arten-foerdern.ch"}}, "status": 502, "err_id": "u81h92ats", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:362)"}
On the app side a cors error is still logged:
Access to fetch at 'https://api.arten-foerdern.ch/graphql' from origin 'https://arten-foerdern.ch' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I am a frontend guy. Probably I am completely bungling up this routing…