Organizr on Caddy v2

1. Caddy version (caddy version):

Caddy v2.0.0

2. How I run Caddy:

As a service for reverse proxies and hosting Organizr hopefully.

a. System environment:

Ubuntu Server 20.04 LTS

b. Command:

I have caddy running as a service so this is what I used to start it

sudo systemctl daemon-reload
sudo systemctl enable caddy
sudo systemctl start caddy

This is what I use to reload it after caddy file changes

sudo systemctl reload caddy

c. Service/unit/compose file:

I am running it on the main OS, no containers or anything.

d. My complete Caddyfile or JSON config:

dankflix.xyz
{
        reverse_proxy 192.168.1.100:5000
}

:8082 {
root * /var/www/dankflix.me/index.php
php_fastcgi / localhost:9000
}

3. The problem I’m having:

I’m unable to get Organizr to work in general. When navigating to 192.168.1.100:8082, it is just a white screen.

4. Error messages and/or full log output:

Caddy is running and active.

Jun 10 00:42:30 linux-server caddy[769]: 2020/06/10 00:42:30 http: TLS handshake error from 208.93.152.17:55122: no certificate available for ‘My IP adr’
Jun 10 00:53:40 linux-server caddy[769]: 2020/06/10 00:53:40 http: TLS handshake error from 146.88.240.11:47278: no certificate available for '192.168.1.100'
Jun 10 00:55:59 linux-server caddy[769]: 2020/06/10 00:55:59 http: TLS handshake error from 46.4.78.216:43810: no certificate available for 'dankflix.me'
Jun 10 00:56:55 linux-server caddy[769]: 2020/06/10 00:56:55 http: TLS handshake error from 172.105.89.161:41728: no certificate available for '192.168.1.100'
Jun 10 01:05:21 linux-server caddy[769]: 2020/06/10 01:05:21 http: TLS handshake error from 41.216.186.89:246: tls: first record does not look like a TLS handshake
Jun 10 01:17:55 linux-server caddy[769]: 2020/06/10 01:17:55 http: TLS handshake error from 46.4.78.216:60266: no certificate available for 'dankflix.me'
Jun 10 01:43:50 linux-server caddy[769]: {"level":"info","ts":1591771430.5392969,"logger":"tls","msg":"cleaned up storage units"}
Jun 10 02:29:23 linux-server caddy[769]: 2020/06/10 02:29:23 http: TLS handshake error from 71.6.146.186:36656: no certificate available for '192.168.1.100'
Jun 10 02:29:37 linux-server caddy[769]: 2020/06/10 02:29:37 http: TLS handshake error from 34.76.78.209:42265: no certificate available for '192.168.1.100'
Jun 10 02:54:07 linux-server caddy[769]: 2020/06/10 02:54:07 http: TLS handshake error from 193.118.53.210:37062: no certificate available for ‘My IP adr’

5. What I already tried:

I used the bash script (steps posted below) and did the requirements install and then git cloned Organizr into my var/www/domain folder. I am new to Caddy/Caddy files so the issue is probably in there. I could not find any resources for organizr on Caddyv2 anywhere, the official install only has instructions for Nginx.

1) sudo apt-get install git
2) sudo git clone https://github.com/elmerfdz/OrganizrInstaller /opt/OrganizrInstaller
3) cd /opt/OrganizrInstaller/ubuntu/oui
4) sudo bash ou_installer.sh
5) Requirements install 
6) sudo git clone https://github.com/causefx/Organizr /var/www/dankflix.me

6. Links to relevant resources:

Organizr GitHub readme

Organizr Install guide
https://docs.organizr.app/books/installation/page/ubuntudebian

Organizr Installer I also tried

Tried this as well with no luck

Let me know if I missed anything! There’s also a Organizr install with Caddy on GitHub that I have seen linked on a few forms during my research that is blank.

Three things.

In Caddy v2, path matching is exact. That means you need to remove the / as your path matcher for php_fastcgi, because it only matches requests to / and not /foo. Removing it makes it assume *, meaning “all requests”. See the request matching docs for more detail:

root should be the path to the root directory of your app, not your index file. Just make it /var/www/dankflix.me.

And finally, in Caddy v2, a file server isn’t enabled by default unlike Caddy v1. You need to explicitly enable one using the file_server directive.

2 Likes

Thanks! I made the changes and reloaded with no errors and still have a white screen on 192.168.1.100:8082. Here is my new Caddyfile.

:8082 {
root * /var/www/dankflix.me
file_server
php_fastcgi localhost:9000
}

After reading the file server doc it says if you leave it blank it will point to your root folder, would this be the correct way to do that then?

I would also be really interested in a solution while running organizr on a docker container. With Caddy v1, it used to work only on the local network as follows:

reverse_proxy /organizr/ http://organizer_IP:port {
without /organizr
transparent
header_upstream Host {host}
}

I have converted this to Caddy v2 as follows, but it doesn’t even work on the local network (I get 404 Not Found, nginx/1.14.2)

reverse_proxy /organizr/ http://organizer_IP:port {
	header_up Host {host}
}

Put this at the top of your Caddyfile:

{
  debug
}

Reload, make another request, and then copy the output from Caddy over here on the forums. It might tell us why you’re getting a blank page.

In this version, you can see without /organizr in the reverse_proxy block. You haven’t copied this functionality over to the Caddy v2 config, so you’re leaving that path prefix in and the app is returning 404s because the path isn’t correct.

This, too, will likely fail most of the time. It will literally only ever proxy requests for exactly /organizr/, not any of its subpaths. v2 path matching is exact, so this needs a wildcard.

As for stripping a prefix, you want the uri directive. You’ll also want to route it so that you can strip the prefix immediately before proxying. The recommended method looks like this:

route /organizr/* {
  uri strip_prefix /organizr
  reverse_proxy organizr:port
}
1 Like

Here’s the debug logs

Jun 10 21:25:28 linux-server caddy[770]: {"level":"debug","ts":1591842328.6134026,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"method":"GET","uri":"/","proto":"HTTP/1.1","remote_addr":"192.168.1.102:63978","host":"192.168.1.100:8082","headers":{"Accept-Encoding":["gzip, deflate"],"Connection":["keep-alive"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"Upgrade-Insecure-Requests":["1"],"Cookie":["login_cookie=35255a916cc520c8ec14e9196a63bb120877d5bf; login_salt=638; tautulli_token_5c2446144e774cac881000b9d4d597ce=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxOTM4MTIxNCwidXNlciI6InpkaGFsdm9yc29uQHNiY2dsb2JhbC5uZXQiLCJleHAiOjE1OTM1MTg2NDgsInVzZXJfZ3JvdXAiOiJhZG1pbiJ9.ypcs47R-JRsNeEk1fWjI7vdvzWtkiFm5iawMV7yYGC4"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15"],"Accept-Language":["en-us"]}},"method":"GET","uri":"/index.php"}
Jun 10 21:25:28 linux-server caddy[770]: {"level":"debug","ts":1591842328.6143963,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"method":"GET","uri":"/index.php","proto":"HTTP/1.1","remote_addr":"192.168.1.102:63978","host":"192.168.1.100:8082","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15"],"Accept-Language":["en-us"],"Accept-Encoding":["gzip, deflate"],"X-Forwarded-Proto":["http"],"X-Forwarded-For":["192.168.1.102"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"Upgrade-Insecure-Requests":["1"],"Cookie":["login_cookie=35255a916cc520c8ec14e9196a63bb120877d5bf; login_salt=638; tautulli_token_5c2446144e774cac881000b9d4d597ce=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxOTM4MTIxNCwidXNlciI6InpkaGFsdm9yc29uQHNiY2dsb2JhbC5uZXQiLCJleHAiOjE1OTM1MTg2NDgsInVzZXJfZ3JvdXAiOiJhZG1pbiJ9.ypcs47R-JRsNeEk1fWjI7vdvzWtkiFm5iawMV7yYGC4"]}},"dial":"localhost:9000","env":{"AUTH_TYPE":"","CONTENT_LENGTH":"","CONTENT_LENGTH":"","CONTENT_TYPE":"","DOCUMENT_ROOT":"/var/www/dankflix.me","DOCUMENT_URI":"/index.php","GATEWAY_INTERFACE":"CGI/1.1","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","HTTP_ACCEPT_ENCODING":"gzip, deflate","HTTP_ACCEPT_LANGUAGE":"en-us","HTTP_COOKIE":"login_cookie=35255a916cc520c8ec14e9196a63bb120877d5bf; login_salt=638; tautulli_token_5c2446144e774cac881000b9d4d597ce=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxOTM4MTIxNCwidXNlciI6InpkaGFsdm9yc29uQHNiY2dsb2JhbC5uZXQiLCJleHAiOjE1OTM1MTg2NDgsInVzZXJfZ3JvdXAiOiJhZG1pbiJ9.ypcs47R-JRsNeEk1fWjI7vdvzWtkiFm5iawMV7yYGC4","HTTP_HOST":"192.168.1.100:8082","HTTP_UPGRADE_INSECURE_REQUESTS":"1","HTTP_USER_AGENT":"Mozilla/5.0 (Macintosh; Intel MacOS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15","HTTP_X_FORWARDED_FOR":"192.168.1.102","HTTP_X_FORWARDED_PROTO":"http","PATH_INFO":"","QUERY_STRING":"","REMOTE_ADDR":"192.168.1.102","REMOTE_HOST":"192.168.1.102","REMOTE_IDENT":"","REMOTE_PORT":"63978","REMOTE_USER":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"http","REQUEST_URI":"/","SCRIPT_FILENAME":"/var/www/dankflix.me/index.php","SCRIPT_NAME":"/index.php","SERVER_NAME":"192.168.1.100","SERVER_PORT":"8082","SERVER_PROTOCOL":"HTTP/1.1","SERVER_SOFTWARE":"Caddy/v2.0.0"}}
Jun 10 21:25:28 linux-server caddy[770]: {"level":"error","ts":1591842328.615105,"logger":"http.log.error","msg":"dialing backend: dial tcp 127.0.0.1:9000: connect: connection refused","request":{"method":"GET","uri":"/","proto":"HTTP/1.1","remote_addr":"192.168.1.102:63978","host":"192.168.1.100:8082","headers":{"Accept-Language":["en-us"],"Accept-Encoding":["gzip, deflate"],"Connection":["keep-alive"],"Accept":["text/html,application/xhtml+xml;q=0.9,*/*;q=0.8"],"Upgrade-Insecure-Requests":["1"],"Cookie":["login_cookie=35255a916cc520c8ec14e9196a63bb120877d5bf; login_salt=638; tautulli_token_5c2446144e774cac881000b9d4d597ce=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxOTM4MTIxNCwidXNlciI6InpkaGFsdm9yc29uQHNiY2dsb2JhbC5uZXQiLCJleHAiOjE1OTM1MTg2NDgsInVzZXJfZ3JvdXAiOiJhZG1pbiJ9.ypcs47R-JRsNeEk1fWjI7vdvzWtkiFm5iawMV7yYGC4"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15"]}},"duration":0.006237382,"status":502,"err_id":"xhbbixyff","err_trace":"reverseproxy.((*Handler).ServeHTTP (reverseproxy.go:380)"}

Here’s the problem:

"msg": "dialing backend: dial tcp 127.0.0.1:9000: connect: connection refused",

Resulting in:

"status": 502,

i.e. Bad Gateway. Is FastCGI actually listening on port 9000?

I do not see it listed when running sudo lsof -i -P -n is this a root/permission error? I tried it on a different port with no success.

Here’s the caddy ports listed

caddy       770            root    3u  IPv4  31958      0t0  TCP 127.0.0.1:2019 (LISTEN)
caddy       770            root    7u  IPv6  35938      0t0  TCP *:443 (LISTEN)
caddy       770            root    8u  IPv6  35939      0t0  TCP *:8082 (LISTEN)
caddy       770            root    9u  IPv6  35940      0t0  TCP *:80 (LISTEN)

If it’s not listed, it’s possibly not running.

How do you usually run it?

I haven’t gotten it to work yet and this is pretty over my head currently lol. Is there something I need to do to get FastCGI running initially? I didn’t see anything in the docs about it.

Yeah. FastCGI / PHP-FPM is it’s own beast. There’s nothing for it in the Caddy docs because it’s outside the scope of Caddy itself; Caddy is just compatible with it to power PHP sites.

You’ll want to look up some guides for setting up PHP-FPM on your distro (Ubuntu Server 20.04 LTS).

So I installed php-fpm and added listen=9000 to /etc/php/7.0/fpm/pool.d/www.conf reloaded the daemon and still do not see the port active. If this is getting outside of the spec of this form I can ask elsewhere, but I figured I’d ask for future visitors or in case you knew.

Is the service running?

Can you check its status (e.g. systemctl status <service>)? Does that have any log output that might indicate why it’s not listening on port 9000 as you’ve configured?

It is running. The log show no errors or anything abnormal. I have 7.2 and 7.0 running, both show no errors. I modified the 7.0 config file.

Jun 11 01:26:18 linux-server systemd[1]: Starting The PHP 7.2 FastCGI Process Manager...
Jun 11 01:26:18 linux-server systemd[1]: Started The PHP 7.2 FastCGI Process Manager.

I think I figured it out. Will post solution if so.

1 Like

I got it running. For future people you need to install php-fpm (ver 7.2+) and modify the /etc/php/7.2/fpm/pool.d/www.conf and add listen=9000 so it will listen on port 9000.

The caddy file is

:8082 {
root * /var/www/domain
file_server
php_fastcgi localhost:9000
}

You can access this on localhost:8082

Thanks for the help!

2 Likes

Thanks! That fixes the problem, now i will trz to see if i can manage to configure it for remote access.

This topic was automatically closed after 30 days. New replies are no longer allowed.