Super noob, undoubtedly. I’ve been doing a metric poop-ton of fabricobbling all kinds of configs together and feel I have landed on the most promising, but I’m at a loss. Any help is much appreciated. I’ve honestly tried so many things, I do not know if I am coming or going, love this project, though.
1. Caddy version (caddy version
):
v2.4.6
2. How I run Caddy:
a. System environment:
System: Home Assistant OS 7.6 (aarch64 / raspberrypi4-64)
Home Assistant Core: 2022.4.7
Home Assistant Supervisor: 2022.04.0
Add-on version: 1.1.0
b. Command:
N/A
Paste command here.
c. Service/unit/compose file:
args:
- '--watch'
env_vars:
- name: EMAIL
value: email@protonmail.com
- name: DOMAIN
value: cj2quared
- name: SUB_DOMAIN_1
value: nextcloud
- name: PORT
value: '8123'
- name: SUB_PORT_1
value: '8088'
- name: DUCKDNS_TOKEN
value: '!secret duckdns_token'
log_level: debug
non_caddyfile_config:
destination: localhost
domain: unuseddomain.com
email: your@email.com
port: 8123
config_path: /share/caddy/Caddyfile
custom_binary_path: /share/caddy/caddy
caddy_upgrade: false
caddy_fmt: false
d. My complete Caddyfile or JSON config:
{
email {env.EMAIL}
}
(common) {
tls {
dns duckdns {env.DUCKDNS_TOKEN}
on_demand
}
header {
Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
Referrer-Policy "same-origin"
Content-Security-Policy "frame-ancestors {env.DOMAIN}.duckdns.org *-{env.DOMAIN}.duckdns.org"
-Server
Permissions-Policy "geolocation=(self), microphone=()"
}
}
{env.DOMAIN}.duckdns.org {
import common
reverse_proxy localhost:{env.PORT}
}
{env.SUB_DOMAIN_1}-{env.DOMAIN}.duckdns.org {
import common
reverse_proxy localhost:{env.SUB_PORT_1}
}
3. The problem I’m having:
I’m running Home Assistant OS on a rPi4. The rPi has some resources available and I thought I would run Nextcloud as a file server. Both Caddy and Nextcloud are add-ons (essentially managed, docker containers) running on the same rPi as Home Assistant.
I am able to reach my Home Assistant instance via the desired url. However, when I attempt to reach the Nextcloud instance, I am only able to accomplish “ERR_TOO_MANY_REDIRECTS”
4. Error messages and/or full log output:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] scripts: applying...
[fix-attrs.d] scripts: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...
-----------------------------------------------------------
Add-on: Caddy 2
Open source web and proxy server with automatic HTTPS
-----------------------------------------------------------
Add-on version: 1.1.0
There is an update available for this add-on!
Latest add-on version: 1.1.1
Please consider upgrading as soon as possible.
System: Home Assistant OS 7.6 (aarch64 / raspberrypi4-64)
Home Assistant Core: 2022.4.7
Home Assistant Supervisor: 2022.04.0
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
Log level is set to DEBUG
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
INFO: Setting EMAIL to email@protonmail.com
INFO: Setting DOMAIN to cj2quared
INFO: Setting SUB_DOMAIN_1 to nextcloud
INFO: Setting PORT to 8123
INFO: Setting SUB_PORT_1 to 8088
INFO: Setting DUCKDNS_TOKEN to <redacted>
INFO: Prepare Caddy...
DEBUG: Set custom Caddy binary path
INFO: Found custom Caddy at /share/caddy/caddy
v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=
INFO: Prepare Caddyfile...
DEBUG: Set custom Caddyfile path
INFO: Caddyfile found at /share/caddy/Caddyfile
INFO: Run Caddy...
DEBUG: '/share/caddy/caddy' run --config '/share/caddy/Caddyfile' '--watch'
{"level":"info","ts":1650934676.109111,"msg":"using provided configuration","config_file":"/share/caddy/Caddyfile","config_adapter":""}
{"level":"warn","ts":1650934676.115702,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/share/caddy/Caddyfile","line":2}
{"level":"info","ts":1650934676.1205304,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1650934676.1216671,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x291d5e0"}
{"level":"info","ts":1650934676.1224818,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1650934676.1225903,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"warn","ts":1650934676.1246877,"logger":"tls","msg":"YOUR SERVER MAY BE VULNERABLE TO ABUSE: on-demand TLS is enabled, but no protections are in place","docs":"https://caddyserver.com/docs/automatic-https#on-demand-tls"}
{"level":"info","ts":1650934676.1250205,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/ssl/caddy"}
{"level":"info","ts":1650934676.126279,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["cj2quared.duckdns.org","nextcloud-cj2quared.duckdns.org"]}
{"level":"info","ts":1650934676.1281104,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1650934676.133375,"msg":"autosaved config (load with --resume flag)","file":"/data/caddy/autosave.json"}
{"level":"info","ts":1650934676.1335027,"msg":"serving initial configuration"}
{"level":"info","ts":1650934676.1340487,"logger":"watcher","msg":"watching config file for changes","config_file":"/share/caddy/Caddyfile"}
{"level":"info","ts":1650934999.1352873,"logger":"watcher","msg":"config file changed; reloading","config_file":"/share/caddy/Caddyfile"}
{"level":"info","ts":1650934999.1362777,"msg":"using provided configuration","config_file":"/share/caddy/Caddyfile","config_adapter":""}
{"level":"warn","ts":1650934999.1433623,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/share/caddy/Caddyfile","line":2}
{"level":"info","ts":1650934999.1473007,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["127.0.0.1:2019","localhost:2019","[::1]:2019"]}
{"level":"info","ts":1650934999.1480482,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x2995ae0"}
{"level":"info","ts":1650934999.1487734,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1650934999.1488652,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1650934999.1494017,"logger":"admin","msg":"stopped previous server","address":"tcp/localhost:2019"}
{"level":"warn","ts":1650934999.150705,"logger":"tls","msg":"YOUR SERVER MAY BE VULNERABLE TO ABUSE: on-demand TLS is enabled, but no protections are in place","docs":"https://caddyserver.com/docs/automatic-https#on-demand-tls"}
{"level":"info","ts":1650934999.1510751,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["cj2quared.duckdns.org","nextcloud-cj2quared.duckdns.org"]}
{"level":"info","ts":1650935000.2284508,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0x291d5e0"}
{"level":"info","ts":1650935000.2296348,"msg":"autosaved config (load with --resume flag)","file":"/data/caddy/autosave.json"}
5. What I already tried:
Honestly, I’ve tried so many things over the past 4 days. I would love to provide an intelligent response here, but I’m ill-equipped at the moment.
6. Links to relevant resources:
Link to Caddy add-on repo: GitHub - einschmidt/addon-caddy-2
Thank you for any insight and for entertaining this one-man clown parade.