Moving from RPi3 to RPi4 (reverse proxy)

1. Caddy version (caddy version): 2.2.1

2. How I run Caddy:

a. System environment:

dietpi 32 bits on RPi3
dietpi 64 bits on RPi4
systemd

b. Command:

paste command here

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

xxxxx.ddns.net {
        encode gzip
        reverse_proxy localhost:3000
}

3. The problem I’m having:

I use rocket.chat on my RPi3B to chat and exchange files with my music band, as we cannot rehearse (lockdown…). RPI 3B shows its limits so I moved it to RPi 4B --> Rocket.chat works great now but the reverse proxy is still on the RPi 3B and I want Caddy to be on the RPi 4B as well so I remove RPi 3B from the chain.

4. Error messages and/or full log output:

I installed Caddy v2.2.1 and copy and paste the caddy file with only change the ip address of the Pi changed with localhost.
When I run caddy I have :

caddy run --config Caddyfile
2020/11/20 15:08:46.227 INFO using provided configuration {“config_file”: “Caddyfile”, “config_adapter”: “”}
2020/11/20 15:08:46.231 INFO admin admin endpoint started {“address”: “tcp/localhost:2019”, “enforce_origin”: false, “origins”: [“localhost:2019”, “[::1]:2019”, “127.0.0.1:2019”]}
2020/11/20 15:08:46.232 INFO tls.cache.maintenance started background certificate maintenance {“cache”: “0x4000452bd0”}
2020/11/20 15:08:46.232 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {“server_name”: “srv0”, “https_port”: 443}
2020/11/20 15:08:46.232 INFO http enabling automatic HTTP->HTTPS redirects {“server_name”: “srv0”}
2020/11/20 15:08:46.233 INFO tls cleaned up storage units
run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use

If service is restarted I see :

systemctl status caddy
● caddy.service - Caddy
Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2020-11-20 16:09:04 CET; 9s ago
Docs: https://caddyserver.com/docs/
Process: 19650 ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile (code=exited, status=1/FAILURE)
Main PID: 19650 (code=exited, status=1/FAILURE)

nov. 20 16:09:04 pi4 caddy[19650]: JOURNAL_STREAM=9:72853
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9411397,“msg”:“using provided configuration”,“config_file”:"/etc/caddy/Caddyfile",“config_adapter”:""}
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9458637,“logger”:“admin”,“msg”:“admin endpoint started”,“address”:“tcp/localhost:2019”,“enforce_origin”:false,“ori
gins”:["[::1]:2019",“127.0.0.1:2019”,“localhost:2019”]}
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9464664,“logger”:“http”,“msg”:“server is listening only on the HTTPS port but has no TLS connection policies; addi
ng one to enable TLS”,“server_name”:“srv0”,“https_port”:443}
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9465518,“logger”:“http”,“msg”:“enabling automatic HTTP->HTTPS redirects”,“server_name”:“srv0”}
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9473023,“logger”:“tls.cache.maintenance”,“msg”:“started background certificate maintenance”,“cache”:“0x400033af50”
}
nov. 20 16:09:04 pi4 caddy[19650]: {“level”:“info”,“ts”:1605884944.9475303,“logger”:“tls”,“msg”:“cleaned up storage units”}
nov. 20 16:09:04 pi4 caddy[19650]: run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
nov. 20 16:09:04 pi4 systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
nov. 20 16:09:04 pi4 systemd[1]: caddy.service: Failed with result ‘exit-code’.

5. What I already tried:

Changed the Caddyfile several times with no success.
I was just afraid for Let’s Encrypt as both Raspberries will be running with caddy on it

6. Links to relevant resources:

Do you have another web server running on it, like apache maybe? You should turn off whatever is already using port 80.

Caddy needs port 80 to properly solve ACME challenges to fetch TLS certificates from Let’s Encrypt.

1 Like

Hi Francis,
Indeed, I am so dumb… When I installed the new RPi, I decided to install nginx with nextcloud and completely forgot to change the default port…
Sorry, and thanks a lot :slight_smile:

Everything works now!

1 Like