Hello! Im a newbie when it comes to Linux & Caddy and have been playing around with both for the last couple weeks. However, for the past couple days I have been unsuccessful in trying to setup outside access to my media server using Caddy as a reverse proxy that points to cloudflare. The media server is being hosted on Linux Mint Cinnamon 21.2, and I have the stable version of Caddy (not docker) installed by using the following commands:
Previously, I did have it setup and working with a duckdns domain, however I wanted to enhance security a bit by purchasing my own domain and then using cloudflare for some added security.
After some research into this, I found that by default Caddy doesn’t support this natively and the program + cloudflare module could be downloaded via Download Caddy. So I downloaded Caddy-dns/cloudflare (Linux amd64). But the problem now is that I have no idea what to do with this downloaded file. I thought it was an installer of some sort? When I click on it, I’m being asked what to open it with. Nothing seems to open it? When I edit the permissions to allow it to execute as a program, it doesn’t do anything. Am I supposed to place this somewhere? I tried seeking the documentation but couldn’t find anything too specific to this situation… I feel goofy about this because I feel like it’s something super simple I’m missing, but have spent hours on this.
Appreciate and advice!
2. Error messages and/or full log output:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
3. Caddy version:
4. How I installed and ran Caddy:
a. System environment:
b. Command:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
c. Service/unit/compose file:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
d. My complete Caddy config:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
If you’re using a custom build on a debian-based system, you should follow these steps to set up a diversion:
The file you downloaded is a binary executable, it’s the actual Caddy program.
The program you have from installing the package is at /usr/bin/caddy (/usr/bin is where most programs are installed, it’s one of the paths in your PATH environment variable which determines where shells will look for commands to run).
The instructions at the link above set up a diversion to allow both your custom binary and the one from the deb package to coexist without causing problems when you try to upgrade the package.
Keep in mind that you’ll be responsible for upgrading Caddy yourself when new versions are released, but you can use sudo caddy upgrade to make it easy.
Sorry for the vague information and perhaps poor terminology, this is all quite new to me. So I followed the instructions within the link and all seemed to go okay.
Would I then just drop my downloaded binary into the caddy.custom folder and verify that caddy is using that folder using the “update-alternatives --config caddy” command? (Which it appears to be).
If so, would my caddy.config file be placed in the caddy.custom folder as well? Or would I continue to leave it in the caddy folder?
Thanks once more! I think I’m understanding. But now when I go to start Caddy, I seem to be getting an error message.
PC@Server:/etc/caddy$ caddy start
2023/10/03 03:04:24.834 INFO using adjacent Caddyfile
2023/10/03 03:04:24.836 INFO admin admin endpoint started {“address”: “localhost:2019”, “enforce_origin”: false, “origins”: [“//localhost:2019”, “//[::1]:2019”, “//127.0.0.1:2019”]}
2023/10/03 03:04:24.837 INFO http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {“server_name”: “srv0”, “https_port”: 443}
2023/10/03 03:04:24.837 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {“server_name”: “srv0”}
2023/10/03 03:04:24.837 INFO tls.cache.maintenance started background certificate maintenance {“cache”: “0xc000092a00”}
2023/10/03 03:04:24.838 INFO tls cleaning storage unit {“description”: “FileStorage:/home/myserver/.local/share/caddy”}
2023/10/03 03:04:24.838 INFO tls.cache.maintenance stopped background certificate maintenance {“cache”: “0xc000092a00”}
Error: loading initial config: loading new config: http app module: start: listening on :443: listen tcp :443: bind: permission denied
Error: caddy process exited with error: exit status 1
That’s when trying to start the service with the following config:
From the error output that I’m seeing, It doesn’t even seem to be using my caddyfile located at /etc/caddy/? Not too sure where I’m going wrong
Edit: A systemctl status caddy has given me some insight into this issue.
Oct 02 22:53:53 myserver systemd[1]: Starting Caddy…
Oct 02 22:53:53 myserver systemd[1638]: caddy.service: Failed to locate executable /usr/bin/caddy: Permission denied
Oct 02 22:53:53 myserver systemd[1638]: caddy.service: Failed at step EXEC spawning /usr/bin/caddy: Permission denied
Oct 02 22:53:53 myserver systemd[1]: caddy.service: Main process exited, code=exited, status=203/EXEC
Oct 02 22:53:53 myserver systemd[1]: caddy.service: Failed with result ‘exit-code’.
Oct 02 22:53:53 myserver systemd[1]: Failed to start Caddy.
Oct 02 23:04:19 myserver systemd[1]: caddy.service: Unit cannot be reloaded because it is inactive.
Working on restoring the executable to see what happens next… I’m a hot mess! lol.
