Example HTTP/3 conf and Port change

Kartheek · October 7, 2023, 11:37am

1. The problem I’m having:

Hi Team,

I am very new to caddy and I have installed caddy in my Ubuntu machine.

I am planning to change my quic conf in caddy conf file but unable to do.

Could you please share example conf file and any info where can i change my listening port?

2. Error messages and/or full log output:

journalctl -u caddy --no-pager | less +G
Oct 07 08:18:35 ubuntu systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
Oct 07 08:18:35 ubuntu systemd[1]: caddy.service: Failed with result 'exit-code'.
Oct 07 08:18:35 ubuntu systemd[1]: Failed to start Caddy.
Oct 07 08:26:47 ubuntu systemd[1]: Starting Caddy...
Oct 07 08:26:47 ubuntu caddy[270620]: caddy.HomeDir=/var/lib/caddy
Oct 07 08:26:47 ubuntu caddy[270620]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Oct 07 08:26:47 ubuntu caddy[270620]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Oct 07 08:26:47 ubuntu caddy[270620]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Oct 07 08:26:47 ubuntu caddy[270620]: caddy.Version=v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.GOOS=linux
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.GOARCH=amd64
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.Compiler=gc
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.NumCPU=8
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.GOMAXPROCS=8
Oct 07 08:26:47 ubuntu caddy[270620]: runtime.Version=go1.21.0
Oct 07 08:26:47 ubuntu caddy[270620]: os.Getwd=/
Oct 07 08:26:47 ubuntu caddy[270620]: LANG=en_US.UTF-8
Oct 07 08:26:47 ubuntu caddy[270620]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Oct 07 08:26:47 ubuntu caddy[270620]: NOTIFY_SOCKET=/run/systemd/notify
Oct 07 08:26:47 ubuntu caddy[270620]: HOME=/var/lib/caddy
Oct 07 08:26:47 ubuntu caddy[270620]: LOGNAME=caddy
Oct 07 08:26:47 ubuntu caddy[270620]: USER=caddy
Oct 07 08:26:47 ubuntu caddy[270620]: INVOCATION_ID=cc8e561be4374d73952f0b519134c33f
Oct 07 08:26:47 ubuntu caddy[270620]: JOURNAL_STREAM=8:28466630
Oct 07 08:26:47 ubuntu caddy[270620]: SYSTEMD_EXEC_PID=270620
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8008668,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"warn","ts":1696667207.8012938,"logger":"caddyfile","msg":"Using a path in a site address is deprecated; please use the 'handle' directive instead","address":"http://:6443/udp"}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.802933,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.803422,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000311500"}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8034494,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8036158,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8036592,"logger":"tls","msg":"finished cleaning storage units"}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8063788,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Oct 07 08:26:47 ubuntu caddy[270620]: {"level":"info","ts":1696667207.8065386,"msg":"serving initial configuration"}
Oct 07 08:26:47 ubuntu systemd[1]: Started Caddy.

3. Caddy version:

root@ubuntu:~# caddy version
v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=

4. How I installed and ran Caddy:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf ‘https://dl.cloudsmith.io/public/caddy/stable/gpg.key’ | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf ‘https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt’ | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

a. System environment:

Linux ubuntu 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

b. Command:

root@ubuntu:~# curl -k -v -# -o /tmp/BPS.pdf https://localhost:6443/
*   Trying [::1]:6443...
* Connected to localhost (::1) port 6443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* OpenSSL/3.0.10: error:0A00010B:SSL routines::wrong version number
* Closing connection
curl: (35) OpenSSL/3.0.10: error:0A00010B:SSL routines::wrong version number

d. My complete Caddy config:

# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

:6443/udp {
        # Set this path to your site's directory.
        root * /var/www/html/

        # Enable the static file server.
        file_server

        # Another common task is to set up a reverse proxy:
        # reverse_proxy localhost:8080

        # Or serve a PHP site through php-fpm:
        # php_fastcgi localhost:9000
}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

5. Links to relevant resources:

Whitestrake · October 9, 2023, 12:45am

Howdy @Kartheek, welcome to the Caddy community.

The correct place to configure which protocols are supported by Caddy is in the Global Options.

HTTP/3 is the specification for HTTP over QUIC, and is enabled by default since Caddy 2.6, I believe.

To configure which port a site listens on, you can include the port information in the address in your Caddyfile. For more information, see this documentation:

Kartheek · October 9, 2023, 5:01am

Could you please share me example Caddyfile with h3 support and port 443 open.

Whitestrake · October 9, 2023, 5:14am

As far as I know, the following Caddyfile should listen on port 443 and support HTTP/3:

localhost

Kartheek · October 9, 2023, 6:49am

Am i missing anything in my configuration

Below is my configuration

root@ubuntu:~# cat /etc/caddy/Caddyfile
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

:8090 {
        # Set this path to your site's directory.
        root * /var/www/html
        encode gzip

        # Enable the static file server.
        file_server

        # Another common task is to set up a reverse proxy:
        # reverse_proxy localhost:8080

        # Or serve a PHP site through php-fpm:
        # php_fastcgi localhost:9000
}

# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

Caddy is running

root@ubuntu:~#
root@ubuntu:~# sudo systemctl status caddy
● caddy.service - Caddy
     Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2023-10-09 06:46:13 UTC; 14s ago
       Docs: https://caddyserver.com/docs/
   Main PID: 219746 (caddy)
      Tasks: 12 (limit: 19048)
     Memory: 10.7M
        CPU: 65ms
     CGroup: /system.slice/caddy.service
             └─219746 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9804316,"msg":"using provided configuration","config_file":"/etc>
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"warn","ts":1696833973.9812472,"msg":"Caddyfile input is not formatted; run 'caddy fmt >
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9820154,"logger":"admin","msg":"admin endpoint started","address>
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9823434,"logger":"http.log","msg":"server running","name":"srv0">
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9823442,"logger":"tls.cache.maintenance","msg":"started backgrou>
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9832017,"msg":"autosaved config (load with --resume flag)","file>
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9832036,"logger":"tls","msg":"cleaning storage unit","descriptio>
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.9834845,"logger":"tls","msg":"finished cleaning storage units"}
Oct 09 06:46:13 ubuntu caddy[219746]: {"level":"info","ts":1696833973.983459,"msg":"serving initial configuration"}
Oct 09 06:46:13 ubuntu systemd[1]: Started Caddy.
root@ubuntu:~#

Below is the curl output

root@ubuntu:~# curl -v -k --http3 https://127.0.0.1:8090/
*   Trying 127.0.0.1:8090...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* QUIC: connection to 127.0.0.1 port 8090 refused
* QUIC connect to 127.0.0.1 port 8090 failed: Couldn't connect to server
* Failed to connect to 127.0.0.1 port 8090 after 4 ms: Couldn't connect to server
*   Trying 127.0.0.1:8090...
* Connected to 127.0.0.1 (127.0.0.1) port 8090
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL/3.0.10: error:0A00010B:SSL routines::wrong version number
* Closing connection
curl: (7) QUIC: connection to 127.0.0.1 port 8090 refused
root@ubuntu:~#

Could you please help me with the configuration

francislavoie · October 9, 2023, 8:39am

HTTP/3 requires TLS. If you don’t use a domain, Caddy can’t set up TLS for you. So Caddy is only listening for HTTP requests with that config.

Kartheek · October 9, 2023, 9:14am

Could you please help me with the config

francislavoie · October 9, 2023, 9:26am

@whitestrake has already told you what you need. You need a domain as your site address, not only a port number. See Caddyfile Concepts — Caddy Documentation

Kartheek · October 9, 2023, 11:03am

okay, Could you please provide some example configuration
i would like to open quic port 443

francislavoie · October 9, 2023, 11:15am

We literally have given you an example. Please don’t ignore what we write.

Kartheek · October 9, 2023, 3:18pm

okay, Thank you

system · November 8, 2023, 3:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.