Reverse Proxy Config for Website and Tor hidden service

shinyrhino · January 10, 2025, 7:17am

1. The problem I’m having:

Hi, I am configuring a Caddyfile for a Caddy web server which is:

acting as a reverse proxy for a website at internal Port 9000 (ie, IRC web client TheLounge) using a secure TLS-encrypted connection (via https) and
acting as reverse proxy for a hidden service using a Tor server at internal port 9050.

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network.

The services are running at:
https://aeree.net,
but the .onion address:
dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
is not working.

I assume that the Caddyfile configuration is incorrect.

2. Error messages and/or full log output:

I can access the Tor service with:
$ curl -i -s -S -f --socks5 localhost:9050 --socks5-hostname localhost:9050 https://check.torproject.org/api/ip
and I get the expected output (not shown).

However, I try to access the .onion address in the browser:
dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
the browser shows the error: “This site can’t be reached”.

If I try to access the .onion address with the curl command,
$ curl -vL dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion

I get:

* Not resolving .onion address (RFC 7686)
* Could not resolve host: dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
* Closing connection
curl: (6) Not resolving .onion address (RFC 7686)

3. Caddy version:

$ docker exec -it caddy /bin/sh
/srv # caddy version
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network.

I am running Caddy as a Docker container using this compose.yaml:

services:
  caddy:
     image: caddy:latest
     container_name: caddy
     restart: unless-stopped
     ports:
       - "80:80"
       - "443:443"
       - "443:443/udp"
     networks:
       - caddy-net
     volumes:
       - /share/homes/user/confs/caddy/Caddyfile:/etc/caddy/Caddyfile
       - /share/homes/user/confs/caddy/caddy_data:/data
       - /share/homes/user/confs/caddy/caddy_config:/config

volumes:
  caddy_data:
    external: true
  caddy_config:

networks:
  caddy-net:
    driver: bridge

I am using this Caddyfile:

aeree.net:443 {
        tls first.last@provider.me
        reverse_proxy thelounge:9000
}

tor.aeree.net:80 {
        tls first.last@provider.me
        reverse_proxy tor:9050
}

The torrc.conf file is here:
https://pastebin.mozilla.org/tzROkr3n

a. System environment:

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network on a QNAP TS-653A NAS (with QTS 5.2.2.2950)

Docker Engine: 27.1.2-qnap4
https://pastebin.mozilla.org/Ok0ob8sS

b. Command:

docker compose  up -d # for caddy compose.yaml

c. Service/unit/compose file:

see above

d. My complete Caddy config:

I am using this Caddyfile (same as above):

aeree.net:443 {
        tls first.last@provider.me
        reverse_proxy thelounge:9000
}

tor.aeree.net:80 {
        tls first.last@provider.me
        reverse_proxy tor:9050
}

5. Links to relevant resources:

NA

Thank you in advance for your help,

Shiny

TheRettom · February 6, 2025, 4:43am

Sorry that nobody was able to help you.

I’d like to try at least, unless you’ve figured it out by now. If you still need help, can you post the output of your Caddy logs so we can see what’s happening?

system · March 8, 2025, 4:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.