Reverse Proxy Config for Website and Tor hidden service

1. The problem I’m having:

Hi, I am configuring a Caddyfile for a Caddy web server which is:

  1. acting as a reverse proxy for a website at internal Port 9000 (ie, IRC web client TheLounge) using a secure TLS-encrypted connection (via https) and
  2. acting as reverse proxy for a hidden service using a Tor server at internal port 9050.

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network.

The services are running at:
https://aeree.net,
but the .onion address:
dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
is not working.

I assume that the Caddyfile configuration is incorrect.

2. Error messages and/or full log output:

I can access the Tor service with:
$ curl -i -s -S -f --socks5 localhost:9050 --socks5-hostname localhost:9050 https://check.torproject.org/api/ip
and I get the expected output (not shown).

However, I try to access the .onion address in the browser:
dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
the browser shows the error: “This site can’t be reached”.

If I try to access the .onion address with the curl command,
$ curl -vL dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion

I get:

* Not resolving .onion address (RFC 7686)
* Could not resolve host: dbu76nyipqlspc7mb4d3woxbqxzrw425kkyzx5rsklm6jkkuosc2h5ad.onion
* Closing connection
curl: (6) Not resolving .onion address (RFC 7686)

3. Caddy version:

$ docker exec -it caddy /bin/sh
/srv # caddy version
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=

4. How I installed and ran Caddy:

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network.

I am running Caddy as a Docker container using this compose.yaml:

services:
  caddy:
     image: caddy:latest
     container_name: caddy
     restart: unless-stopped
     ports:
       - "80:80"
       - "443:443"
       - "443:443/udp"
     networks:
       - caddy-net
     volumes:
       - /share/homes/user/confs/caddy/Caddyfile:/etc/caddy/Caddyfile
       - /share/homes/user/confs/caddy/caddy_data:/data
       - /share/homes/user/confs/caddy/caddy_config:/config

volumes:
  caddy_data:
    external: true
  caddy_config:

networks:
  caddy-net:
    driver: bridge

I am using this Caddyfile:

aeree.net:443 {
        tls first.last@provider.me
        reverse_proxy thelounge:9000
}

tor.aeree.net:80 {
        tls first.last@provider.me
        reverse_proxy tor:9050
}

The torrc.conf file is here:
https://pastebin.mozilla.org/tzROkr3n

a. System environment:

All services (Caddy, TheLounge, Inspircd, Tor) are running as docker containers in a Docker network on a QNAP TS-653A NAS (with QTS 5.2.2.2950)

Docker Engine: 27.1.2-qnap4
https://pastebin.mozilla.org/Ok0ob8sS

b. Command:

docker compose  up -d # for caddy compose.yaml

c. Service/unit/compose file:

see above

d. My complete Caddy config:

I am using this Caddyfile (same as above):

aeree.net:443 {
        tls first.last@provider.me
        reverse_proxy thelounge:9000
}

tor.aeree.net:80 {
        tls first.last@provider.me
        reverse_proxy tor:9050
}

5. Links to relevant resources:

NA

Thank you in advance for your help,

Shiny