Okay, thanks for details.
Introduction: Iâm hosting a website on VPS, that can be accessed using IP or domain name.
In this site I use Docker for some projects to show by URL.
Docker container deploy in example.com:8501 (docker run --restart=always -d -p 8501:8501 streamlit
) using http only. I want to have an URL: https://project.example.com.
Here is current Caddyfile:
#www.example.com, www.example.com/ {
# redir https://example.com{uri}
#}
example.com {
root * /var/www/example.com
encode gzip
file_server
tls {
dns digitalocean {env.DO_AUTH_TOKEN}
}
}
project.example.com {
reverse_proxy http://SITE IP:8501
}
Al so Iâve tried @francislavoie solution:
project.example.com {
reverse_proxy localhost:8501
}
The main problem is that https://project.example.com redirects to https://example.com, http://example.com:8501 works without any redirects.
In my expectations after setting Caddyfile it should be deployed from http://example.com:8501 to https://project.example.com and works at least in https://project.example.com (or maybe also in http://example.com:8501).
Here is the log of curl --verbose -L project.example.com
:
Logs
root@root:~# curl --verbose -L project.example.com
* Trying IP1:80...
* Connected to project.example.com (IP1) port 80 (#0)
> GET / HTTP/1.1
> Host: project.example.com
> User-Agent: curl/7.81.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 307 Temporary Redirect
< Server: openresty
< Date: Sun, 30 Oct 2022 10:17:21 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 168
< Connection: keep-alive
< Location: http://example.com
< X-Frame-Options: sameorigin
<
* Ignoring the response-body
* Connection #0 to host project.example.com left intact
* Issue another request to this URL: 'http://example.com/'
* Trying SITE IP:80...
* Connected to example.com (SITE IP) port 80 (#1)
> GET / HTTP/1.1
> Host: example.com
> User-Agent: curl/7.81.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://example.com/
< Server: Caddy
< Date: Sun, 30 Oct 2022 10:17:21 GMT
< Content-Length: 0
<
* Closing connection 1
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://example.com/'
* Trying SITE IP:443...
* Connected to example.com (SITE IP) port 443 (#2)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=example.com
* start date: Oct 23 04:02:42 2022 GMT
* expire date: Jan 21 04:02:41 2023 GMT
* subjectAltName: host "example.com" matched cert's "example.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len= 0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle value)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/2
> Host: example.com
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 200
< accept-ranges: bytes
< alt-svc: h3=":443"; ma=values
< content-type: text/html; charset=utf-8
< etag: "tagvalue"
< last-modified: Sat, 22 Oct 2022 19:02:12 GMT
< server: Caddy
< content-length: 11552
< date: Sun, 30 Oct 2022 10:17:21 GMT
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<-- SITE CODE -->
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection #2 to host example.com left intact
The thing that I notice is that IP1 was blocked in my country, but maybe itâs not related in this topic.
I also have 2 A records in domain management site with SITE IP to example.com and www.example.com, 1 CNAME record and 3 NS records.