Need help with reverse proxy to HTPC containers


(LP) #1

I’ve setup a number of docker containers for my HTPC (plex, muximux, sabnzbd, transmission-vpn, sonarr, radarr, headphones, mylar, mylar, lazy librarian, jackett, hydranzb) and I would like to have a reverse proxy to help me manage traffic to each of them.
Ideally I want to be able to use a single domain and prefix it with a path.
For example: (htpc.mydomain.com/muximux, htpc.mydomain.com/sonarr, etc)
I’ve tried doing this with nginx and traefik and have ran into problems with css and javascript not loading because it can’t find the files. I recently heard about Caddy and thought I’d give it a shot and see if I have better luck!
Here are my files:
docker-compose.yml

version: ‘3’

services:
caddy:
image: abiosoft/caddy
volumes:
- $PWD/config/caddy/html:/srv
- $PWD/config/caddy/Caddyfile:/etc/Caddyfile
ports:
- 80:2015

# MUXIMUX

muximux:
image: linuxserver/muximux
container_name: muximux
volumes:
- .config/muximux:/config
environment:
- PGID=1000
- PUID=1000
- TZ=America/Denver
restart: always
ports:
- 8000:80

# SABNZBD

sabnzbd:
image: linuxserver/sabnzbd:latest
container_name: sabnzbd
volumes:
- ./config/sabnzbd:/config
- ./downloads/complete/sabnzbd:/downloads
- ./downloads/incomplete/sabnzbd:/incomplete-downloads
ports:
- 8080:8080
environment:
- EDGE=1
- PGID=1000
- PUID=1000
- TZ=America/Denver
restart: always

Caddyfile

htpc.mydomain.com {
tls off

proxy /muximux localhost:8000 {
without /muximux
}

proxy /sabnzbd localhost:8080 {
without /sabnzbd
}
}

When I try to access the page using http://htpc.mydomain.com/muximux and http://htpc.mydomain.com/sabnzbd, I get 502 Bad Gateway error. The only way I can access the pages are if I access them using http://localhost:8000 and http://localhost:8080.

I’m trying to keep things simple and not include authentication or SSL at the moment. I figured it should be pretty straight forward, but I’m not having much luck. Could anyone give me some pointers to get me going in the right direction. Thx.!


(Matthew Fay) #2

Hi @ubun2Junky, welcome to the Caddy community!

Unfortunately, in this regard Caddy faces the same obstacles as any other web server; each back-end app thinks, by virtue of having no reason to think otherwise, that it owns the entire URI starting at /.

That is to say, when a browser client sends a request for example.com/sonarr, Caddy translates that to an upstream request to localhost:8080. The upstream directs the client to also fetch /example.js and /example.css. Unfortunately, these aren’t prepended with /sonarr, so Caddy doesn’t know which upstream to send it to.

It’s a problem that comes up quite frequently - I’ve written a few times on the topic before, within these forums - and it’s one that is difficult to solve without assistance from the back-end app.

There’s some tools Caddy has available for you to rectify the situation, and I can help you with those to a degree if you like, but lets look at this other issue you mentioned…

This looks like a fairly simple Docker-specific mistake - remember that localhost in the Caddy container is not the actual Docker host! Caddy thinks it’s running on its own entire machine, separate from the other services, and there’s nothing listening on ports 8000 and 8080 inside that container.

Since you’ve Composed Caddy with the other services, you can refer to them by their service name. Try instead to proxy /sabnzbd http://sabnzbd:8080, and see how that goes.

Smart move - always best to get all your ducks in a row first. When you do start adding HTTPS, remember to try with the staging endpoint first: https://letsencrypt.org/docs/staging-environment/

Could save you a big headache later on!


(system) #3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.