1. The problem I’m having:
I’ve been running matrix and wanted to enhance its capability with ntfy.sh. I run Caddy as rootless revproxy for my docker host but so far ntfy has been causing me the biggest headaches because Caddy doesn’t seem to want to resolve the container-name, whereas it does it for all the other services without fail. I’m not sure where to go from here
2. Error messages and/or full log output:
{"level":"error","ts":1701742697.6973655,"logger":"http.log.error","msg":"dial tcp: lookup matrix-ntfy on 127.0.0.11:53: no such host","request":{"remote_ip":"194.x.x.x","remote_port":"19978","proto":"HTTP/1.1","method":"GET","host":"ntfy.domain.tld","uri":"/upeF3xoBFLDsPD/ws?since=none","headers":{"Accept-Encoding":["gzip"],"User-Agent":["ntfy/1.16.0 (fdroid; Android 14; SDK 34)"],"Upgrade":["websocket"],"Sec-Websocket-Key":["kW8bSKbZq/NI1lvsdMOW4w=="],"Sec-Websocket-Extensions":["permessage-deflate"],"Connection":["Upgrade"],"Sec-Websocket-Version":["13"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"http/1.1","server_name":"ntfy.domain.tld"}},"duration":0.001157049,"status":502,"err_id":"f60q9gy9b","err_trace":"reverseproxy.statusError (reverseproxy.go:1299)"}
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
caddy:
image: caddy:2-alpine
container_name: matrix-caddy
restart: unless-stopped
read_only: true
user: 1000:1000
depends_on:
- ntfy
- element
- synapse
networks:
- element
- synapse
- ntfy
ports:
- "80:80"
- "443:443"
- "8448:8448"
volumes:
- ./configs/caddy/Caddyfile:/etc/caddy/Caddyfile
- matrix_caddy_data:/data
a. System environment:
Alpine Linux 3.18
Docker version 23.0.6, build ef23cbc4315ae76c744e02d687c09548ede461bd
b. Command:
c. Service/unit/compose file:
ntfy:
image: binwiederhier/ntfy:latest
container_name: matrix-ntfy
restart: unless-stopped
read_only: true
networks:
- ntfy
command:
- serve
environment:
NTFY_BASE_URL: http://ntfy.domain.tld
NTFY_CACHE_FILE: /var/lib/ntfy/cache.db
NTFY_BEHIND_PROXY: true
NTFY_LISTEN_HTTP: ":2586"
NTFY_LOG_LEVEL: debug
user: 1000:1000
tmpfs:
- /var/lib/ntfy
healthcheck:
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:2586/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 60s
timeout: 10s
retries: 3
start_period: 40s
d. My complete Caddy config:
https://domain.tld {
header /.well-known/matrix/* Content-Type application/json
header /.well-known/matrix/* Access-Control-Allow-Origin *
respond /.well-known/matrix/client "{ \"m.homeserver\": {\"base_url\": \"https://domain.tld\" }, \"org.matrix.msc3575.proxy\": {\"url\": \"https://syncv3.domain.tld\" } }"
respond /.well-known/matrix/server "{ \"m.server\": {\"base_url\": \"https://domain.tld:8448\" }"
#doesn't work
#reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync matrix-sliding-sync:8888
#reverse_proxy /client/* matrix-sliding-sync:8888
reverse_proxy /_matrix/* matrix-synapse:8008
reverse_proxy /_synapse/client/* matrix-synapse:8008
redir / https://element.domain.tld
}
https://matrix.domain.tld {
reverse_proxy /_matrix/* localhost:8008
reverse_proxy /_synapse/client/* localhost:8008
redir / https://element.domain.tld
}
https://element.domain.tld {
encode zstd gzip
reverse_proxy matrix-element:80
header {
X-Content-Type-Options nosniff
Referrer-Policy strict-origin-when-cross-origin
Strict-Transport-Security "max-age=63072000; includeSubDomains;"
Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()"
X-Frame-Options SAMEORIGIN
X-XSS-Protection 1
X-Robots-Tag none
-server
}
}
ntfy.domain.tld, http://ntfy.domain.tld, https://ntfy.domain.tld {
reverse_proxy matrix-ntfy:2586
@httpget {
protocol http
method GET
path_regexp ^/([-_a-z0-9]{0,64}$|docs/|static/)
}
redir @httpget https://{host}{uri}
}