etique57
(Etique57)
May 6, 2018, 5:03pm
1
Hello,
Just joined the caddy bandwagon
Coming from an apache2-based reverse proxy setup, I’m just impressed by how much simpler and leaner the Caddyfile is !!
Anyway, I’m just wondering, is there a way setup a reverse proxy for mail protocols, like NGINX feature? I would like my caddy setup to be the only frontal reverse proxy exposed.
I guess the answer is no for now at least
Thanks!
Hi @etique57 , welcome to the Caddy community!
Looks like the net
server type for Caddy is capable of proxying TCP/UDP to another host, and it seems it can also do it with TLS:
https://caddyserver.com/docs/net
1 Like
etique57
(Etique57)
May 8, 2018, 7:56am
3
Thanks a lot!
that seems to do the trick indeed.
That said, I tried to do it using a docker image from Caddy (abiosoft), but I run into the following problem:
opened 06:29AM - 08 May 18 UTC
closed 12:10AM - 13 Nov 18 UTC
Hello,
I'm successfully running one docker instance for my HTTP frontend. I'm… trying to set up a second caddy instance with the net plugin to support mail redirection, but this time it doesn't work.
Here's what I'm doing:
Building an image with the net plugin:
```
docker build -t caddy_net --build-arg plugins=net github.com/abiosoft/caddy-docker.git
```
Caddyfile:
```
proxy :143 :143 {
host server
}
```
Running the image with this command:
`docker run --name caddy-net -e "ACME_AGREE=true" -v /home/caddy/conf/Caddyfile-net:/etc/Caddyfile -v /home/caddy/srv:/srv -v /home/caddy/certs:/root/.caddy -v /home/caddy/log:/var/log/caddy -p 143:143 caddy_net --type=net`
But it instantly exits though without error on stdout.
Am I doing something wrong?
Thanks!
Not sure if related to the docker image or my misuse of caddy itself.
Thanks!
To clarify, it worked with a binary from caddyserver.com , but abiosoft/caddy
failed as you describe when built with the net server type plugin?
etique57
(Etique57)
May 9, 2018, 5:35am
5
No, I actually didn’t try with a simple binary. I’ll give it a try.
etique57
(Etique57)
May 9, 2018, 6:19am
6
Ok with the binary the server starts properly.
But the redirection doesn’t work. I assume it may be a TLS issue, I probably have to enable TLS on caddy and disable it on dovecot.
etique57
(Etique57)
May 9, 2018, 12:15pm
7
Ok, I had the excellent idea to enable logging to stdout, and here’s what it gets:
[INFO] Proxying from :143 -> :143
2018/05/09 12:13:58 accept tcp [::]:143: accept4: too many open files
I unfortunately don’t know what this means.
Ronsor
(Ronsor)
May 9, 2018, 4:53pm
8
You have too many open file descriptors (includes TCP/UDP sockets, files, etc)
Increase the limit using ulimit -n 8192
etique57
(Etique57)
May 9, 2018, 5:31pm
9
Thanks @Ronsor
I did so, I tried to telnet to the mail server from another pc, I got connected. So the redirection initially works.
Then my telnet command hung out (not working anymore), and then I saw in the stdout the “too many open files”.
I killed the telnet command and the stdout issues this:
Activating privacy features... done.
[INFO] Proxying from :58846 -> :58846
[INFO] Proxying from :143 -> :143
2018/05/09 17:24:13 accept tcp [::]:143: accept4: too many open files
Done proxying: 192.168.0.203:143 127.0.0.1:46288
Done proxying: 127.0.0.1:143 127.0.0.1:46290
Done proxying: 127.0.0.1:143 127.0.0.1:46292
Done proxying: 127.0.0.1:143 127.0.0.1:46294
Done proxying: 127.0.0.1:143 127.0.0.1:46296
Done proxying: 127.0.0.1:143 127.0.0.1:46298
Done proxying: 127.0.0.1:143 127.0.0.1:46300
Done proxying: 127.0.0.1:143 127.0.0.1:46302
Done proxying: 127.0.0.1:143 127.0.0.1:46304
And it goes on and on.
I’m not sure what it tries to do with this 127.0.0.1 proxying.
etique57
(Etique57)
May 9, 2018, 7:34pm
10
Just to make sure:
the server running caddy is called frontend
the server I want to redirect to is call (very conveniently) server
proxy :143 :143 {
host server
tls off
}
Reading again the help, I’m not sure anymore it is intended to work as I thought it would:
frontend:143 → server:143
could it work that way?
I actually would need something like this:
proxy :143 server:143 {
host my.domain
tls webmaster@my.domain
}
Well, I just did the modification and it worked
Maybe we should update the help…
1 Like
system
(system)
Closed
August 7, 2018, 7:34pm
11
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.