When curl --unix-socket /tmp/http.sock http://app1.test, I got Client sent an HTTP request to an HTTPS server. But with curl --unix-socket /tmp/http.sock https://app1.test, Caddy works as expected. AFAICT, there is no way to tell a unix socket to serve HTTP or HTTPS. All unix sockets serve HTTPS requests only.
Is there a reason that Caddy can’t serve HTTP on a Unix socket? Perhaps Conventions — Caddy Documentation needs a way to specify whether the unix socket path is for HTTP or HTTPS.
I think the problem is that you’re trying to use one server for both HTTP and HTTPS. You can’t really do both on a single server (as in, apps/http/servers in your config). There’s nothing there to tell Caddy to not serve HTTPS on one of them.
So I think you need to make one server for your HTTP listener socket, and a 2nd for HTTPS. And on your HTTP one, I think you’ll need to set "automatic_https": {"disable": true}.
Yeah, Francis beat me to it; but a server can either serve HTTP or HTTPS, it can’t do both (well, not without protocol sniffing) (with the single exception of knowing not to serve HTTPS on the HTTP port, if listening on both - but unix sockets are not ports).
Cool, I will check out splitting into two servers. FWIW, if I listen on ports instead (:80 and :443), I was able to get both HTTP & HTTPS to work with one server and I wouldn’t need to disable automatic_https.
The server is serving HTTPS, but it also knows that the standardized HTTP port is 80, so it will not enable HTTPS on that port. This allows you to specify both HTTP and HTTPS versions of your site more conveniently. But with unix sockets, there is no such convention.