1. The problem I’m having:
Hi! I try to set up a reverse proxy to the server which runs on a host machine with the address 172.17.0.1:8385. IP address of the service was selected intentionally to match the IP of docker0 and host.docker.internal. The service is reachable from the host. However, the reverse proxy does not work and results in the 502 error.
2. Error messages and/or full log output:
caddy_reverse_proxy | {"level":"error","ts":1691255735.0020468,"logger":"http.log.error.log1","msg":"dial tcp 172.17.0.1:8385: i/o timeout","request":{"remote_ip":"MY_REMOTE_IP","remote_port":"33830","client_ip":"CLIENT_IP","proto":"HTTP/2.0","method":"GET","host":"example.org","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Sec-Gpc":["1"],"Cache-Control":["max-age=0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8"],"Sec-Fetch-Site":["cross-site"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua":["\"Brave\";v=\"113\", \"Chromium\";v=\"113\", \"Not-A.Brand\";v=\"24\""],"Upgrade-Insecure-Requests":["1"],"Accept-Language":["en-US,en;q=0.9"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"example.org"}},"duration":3.001929959,"status":502,"err_id":"gq02k5326","err_trace":"reverseproxy.statusError (reverseproxy.go:1246)"}
3. Caddy version:
v2.7.2
4. How I installed and ran Caddy:
Docker compose
Docker version 24.0.5, build ced0996
a. System environment:
Ubuntu 22.04.2 LTS aarch64.
b. Command:
docker compose up -d
c. Service/unit/compose file:
version: '3'
services: caddy:
image: caddy:latest
container_name: caddy_reverse_proxy
restart: always
ports:
- 80:80
- 443:443
user: ${UID}:${GID}
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy-config:/config
- ./caddy-data:/data
networks:
- vaultwarden # I use it for the reverse-proxy to vaultwarden docker container, and it works fine
extra_hosts:
- "host.docker.internal:host-gateway"
env_file:
- docker-compose.env
networks:
vaultwarden:
external: true # I use it for the reverse-proxy to vaultwarden docker container, and it works fine
d. My complete Caddy config:
example.org {
log {
level DEBUG
format console
}
reverse_proxy host.docker.internal:8385 {
header_up Host {upstream_hostport}
header_up X-Real-IP {remote_host}
}
}