1. Caddy version (caddy version
): 2.4.6
2. How I run Caddy:
Container for reverse proxy, trying to use caddy as file_server for Nextcloud.
a. System environment:
Ubuntu Server 21.04 LXC in Proxmox
Caddy installed via repository managed by systemd
Nextcloud installed locally via archive
b. Command:
Paste command here.
c. Service/unit/compose file: N/A
d. My complete Caddyfile or JSON config:
Reverse Proxy:
testcloud.my.house {
reverse_proxy 172.16.0.252:443
}
File Server:
:443 {
root * /srv
file_server
php_fastcgi unix//run/php/php7.4-fpm.sock
header {
Strict-Transport-Security max-age=31536000;
}
@forbidden {
path /.htaccess
path /data/*
path /config/*
path /db_structure
path /.xml
path /README
path /3rdparty/*
path /lib/*
path /templates/*
path /occ
path /console.php
}
respond @forbidden 404
}
3. The problem I’m having:
4. Error messages and/or full log output:
curl -v results:
Trying 123.45.678.90:443...
Connected to testcloud.my.house (123.45.678.90) port 443 (#0)
ALPN, offering h2
ALPN, offering http/1.1
successfully set certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
TLSv1.3 (OUT), TLS handshake, Client hello (1):
TLSv1.3 (IN), TLS handshake, Server hello (2):
TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
TLSv1.3 (IN), TLS handshake, Certificate (11):
TLSv1.3 (IN), TLS handshake, CERT verify (15):
TLSv1.3 (IN), TLS handshake, Finished (20):
TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
TLSv1.3 (OUT), TLS handshake, Finished (20):
SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
ALPN, server accepted to use h2
Server certificate:
subject: CN=testcloud.my.house
start date: Nov 18 21:31:36 2021 GMT
expire date: Feb 16 21:31:35 2022 GMT
subjectAltName: host "testcloud.my.house" matched cert's "testcloud.my.house"
issuer: C=US; O=Let's Encrypt; CN=R3
SSL certificate verify ok.
Using HTTP2, server supports multi-use
Connection state changed (HTTP/2 confirmed)
Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
Using Stream ID: 1 (easy handle 0x558cb7a64580)
GET / HTTP/2
Host: testcloud.my.house
user-agent: curl/7.74.0
accept: */*
TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
HTTP/2 400
server: Caddy
content-type: text/plain; charset=utf-8
date: Thu, 18 Nov 2021 23:37:53 GMT
Client sent an HTTP request to an HTTPS server.
Connection #0 to host testcloud.my.house left intact
5. What I already tried:
I’ve gone through and made both Nextcloud directories as identical as I can (serving on /srv), the reverse proxy block is identical, and keep getting HTTP requests over HTTPS.