Getting Started with Caddy

jessica · October 15, 2020, 5:21pm

1. Caddy version (`caddy version`):

v2.2.1 h1:Q62GWHMtztnvyRU+KPOpw6fNfeCD3SkwH7SfT1Tgt2c=

2. How I run Caddy:

Command line

a. System environment:

Ubuntu 18.04

b. Command:

caddy run --config /etc/caddy/Caddyfile

d. My complete Caddyfile or JSON config:

currencyflow.datatesting.me {
        reverse_proxy https://localhost:8050
}

3. The problem I’m having:

I am a beginner to Caddy and I am trying to setup a reverse proxy. I have a dash app running on port 8050 and I installed caddy on the same instance. I have the domain name currencyflow.datatesting.me configured using Namecheap with DNS records pointing to my server’s public IP. When I try to run caddy I get a permission denied error.

4. Error messages and/or full log output:

2020/10/15 16:51:01.662	INFO	using provided configuration	{"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
2020/10/15 16:51:01.664	INFO	admin	admin endpoint started	{"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["[::1]:2019", "127.0.0.1:2019", "localhost:2019"]}
2020/10/15 16:51:01.664	INFO	http	server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS	{"server_name": "srv0", "https_port": 443}
2020/10/15 16:51:01.665	INFO	http	enabling automatic HTTP->HTTPS redirects	{"server_name": "srv0"}
run: loading initial config: loading new config: http app module: start: tcp: listening on :443: listen tcp :443: bind: permission denied

5. What I already tried:

I tried using this command instead:
sudo caddy run --config /etc/caddy/Caddyfile
which resulted in this error:

...
2020/10/15 17:02:10.319	INFO	tls.obtain	certificate obtained successfully	{"identifier": "currencyflow.datatesting.me"}
2020/10/15 17:02:10.319	INFO	tls.obtain	releasing lock	{"identifier": "currencyflow.datatesting.me"}
2020/10/15 17:02:28.601	ERROR	http.log.error	dial tcp 127.0.0.1:8050: connect: connection refused	{"request": {"remote_addr": "24.6.12.237:52493", "proto": "HTTP/1.1", "method": "GET", "host": "currencyflow.datatesting.me", "uri": "/", "headers": {"Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Sec-Fetch-Site": ["none"], "Accept-Language": ["en-US,en;q=0.9"], "Connection": ["keep-alive"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.80 Safari/537.36"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"], "Sec-Fetch-Mode": ["navigate"], "Sec-Fetch-Dest": ["document"], "Accept-Encoding": ["gzip, deflate, br"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "", "proto_mutual": true, "server_name": "currencyflow.datatesting.me"}}, "duration": 0.000340032, "status": 502, "err_id": "qhscxbh13", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:441)"}

6. Links to relevant resources:

matt · October 15, 2020, 8:27pm

Hey Jess, welcome to Caddy!

Fortunately, this isn’t a Caddy problem (and happens with any web servers). This is usually because most operating systems don’t let user processes bind to low ports by default (sigh). Ubuntu is one of them, so you need to give it permission. The easiest way to do this is to use setcap, like so:

$ sudo setcap cap_net_bind_service=+ep $(which caddy)

We could probably mention something like this in the Getting Started guide… edit: actually nvm, there’s nothing in the quickstart guide that requires low ports.

jessica · October 15, 2020, 9:01pm

Hi Matt,
Thanks for the warm welcome! I have a follow up issue that I’m not sure is related or not. When running the same command:
sudo caddy run --config /etc/caddy/Caddyfile
I get the message:

2020/10/15 20:59:39.744	INFO	using provided configuration	{"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
run: loading initial config: loading new config: starting caddy administration endpoint: listen tcp 127.0.0.1:2019: bind: address already in use

When I look to see whats running on port 2019 (netstat -tulpn | grep 2019) I get:
tcp 0 0 127.0.0.1:2019 0.0.0.0:* LISTEN -

matt · October 15, 2020, 9:49pm

Caddy’s probably already running. :2019 is the admin interface. If you installed Caddy as a system service, it is probably already running on your system.

You’re running this in production? You should probably use the system service to control it rather than running it manually. (I assume you don’t intend to run two instances)

jessica · October 15, 2020, 11:22pm

Hi Matt thanks for the help!! I got it up and running! https://currencyflow.datatesting.me/

matt · October 16, 2020, 5:55am

Congrats – looks great!

system · November 14, 2020, 5:21pm

This topic was automatically closed after 30 days. New replies are no longer allowed.