1. Caddy version (caddy version
):
dpkg -s caddy
Package: caddy
Version: 2.4.5
Conffiles:
/etc/caddy/Caddyfile 8cbf072a3e390217a88c242a7f18ee76
2. How I run Caddy:
a. System environment:
NAME="Ubuntu"
VERSION="20.04.3 LTS (Focal Fossa)"
Not installed in docker, from repo.
b. Command:
systemctl start caddy.service
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile or JSON config:
### Proxmox ###
http://proxmox.pfi.lan {
reverse_proxy https://10.0.11.240:8006 {
transport http {
tls_insecure_skip_verify
}
}
}
### Unifi ###
http://unifi.pfi.lan {
reverse_proxy localhost:8443 {
transport http {
tls_insecure_skip_verify
}
header_up -Authorization
header_up Host {host}
}
}
3. The problem I’m having:
Caddy it’s working fine with almost all my services installed in my network/docker but I can’t get working with some [proxmox,unifi] because these works with https.
#PROXMOX
- I can acces proxmox.pfi.lan
- I can write username and password
- click login
- after i login successfully i get this error from proxmox [not caddy].
I think it’s missing something to redirect.
#UNIFI
I can acces only on this https://unifi.pfi.lan:8443/ but i want only unifi.pfi.lan without the port.
4. Error messages and/or full log output:
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.361524,"logger":"http.stdlib","msg":"http: TLS handshake error from 10.0.10.100:41884: no certificate available for 'proxmox.pfi.lan'"}
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.364087,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"proxmox.pfi.lan"}
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.3641033,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.pfi.lan"}
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.3641112,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.lan"}
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.3641176,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"*.*.*"}
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.3641438,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","server_name":"proxmox.pfi.lan","remote":"10.0.10.100:41886","identifier":"proxmox.pi>
Nov 01 14:51:17 docker caddy[148734]: {"level":"debug","ts":1635771077.3642328,"logger":"http.stdlib","msg":"http: TLS handshake error from 10.0.10.100:41886: no certificate available for 'proxmox.pfi.lan'"}
5. What I already tried:
I searched on forums and tried different approach but I can’t get it working.
6. Links to relevant resources:
https://community.ui.com/questions/Unifi-Controller-error-with-Caddy-reverse-proxy/4de66e17-dc43-4661-b2ad-2885c2a3e3f7
https://community.ui.com/questions/Trivial-Reverse-Proxy-for-Unifi-Controller-with-automatic-LetsEncrypt-SSL-on-internal-IP-with-Caddy/043c50aa-78ae-47e0-a819-3d3c358370a1