1. The problem I’m having:
I tried to use Caddy to transfer https://epicapi.rustsoft.cn/api/games/dvorakchen to 127.0.0.1:8080, but not work, message appears
{"level":"error","ts":1713873399.6952975,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8080: connect: connection refused","request":{"remote_ip":"119.34.164.26","remote_port":"48465","client_ip":"119.34.164.26","proto":"HTTP/2.0","method":"GET","host":"epicapi.rustsoft.cn","uri":"/api/games/dvorakchen","headers":{"Sec-Fetch-User":["?1"],"Pragma":["no-cache"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Cache-Control":["no-cache"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],"Accept-Language":["en-US,en;q=0.5"],"Te":["trailers"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Gpc":["1"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Site":["none"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"epicapi.rustsoft.cn"}},"duration":0.00034339,"status":502,"err_id":"7qb0wfp1n","err_trace":"reverseproxy.statusError (reverseproxy.go:1267)"}
2. Error messages and/or full log output:
{"level":"info","ts":1713873970.155319,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1713873970.1553805,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1713873970.1554139,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1713873970.1557417,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1713873970.1557512,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1713873970.7808378,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"warn","ts":1713873970.7845635,"msg":"Caddyfile input is not formatted; run 'caddy fmt --overwrite' to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
{"level":"info","ts":1713873970.7854888,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1713873970.7857308,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1713873970.7857945,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1713873970.785884,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0001e6800"}
{"level":"info","ts":1713873970.7863822,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
{"level":"info","ts":1713873970.786561,"msg":"failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details."}
{"level":"info","ts":1713873970.7869954,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1713873970.7871592,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
{"level":"info","ts":1713873970.7872033,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["epicapi.rustsoft.cn","static.rustsoft.cn","www.rustsoft.cn","rustsoft.cn","cyberkitten.rustsoft.cn"]}
{"level":"info","ts":1713873970.79022,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1713873970.7902784,"msg":"serving initial configuration"}
{"level":"warn","ts":1713873970.791232,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"7c007acd-65ce-41f7-bfb8-999720154a60","try_again":1713960370.7912304,"try_again_in":86399.999999685}
{"level":"info","ts":1713873970.7913508,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"error","ts":1713873982.0622962,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8080: connect: connection refused","request":{"remote_ip":"119.34.164.26","remote_port":"24345","client_ip":"119.34.164.26","proto":"HTTP/2.0","method":"GET","host":"epicapi.rustsoft.cn","uri":"/api/games/dvorakchen","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Dest":["document"],"Pragma":["no-cache"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"],"Accept-Language":["en-US,en;q=0.5"],"Sec-Gpc":["1"],"Sec-Fetch-User":["?1"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Site":["none"],"Cache-Control":["no-cache"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"epicapi.rustsoft.cn"}},"duration":0.000369537,"status":502,"err_id":"0ic09zjsv","err_trace":"reverseproxy.statusError (reverseproxy.go:1267)"}
{"level":"error","ts":1713873982.1897428,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8080: connect: connection refused","request":{"remote_ip":"119.34.164.26","remote_port":"24345","client_ip":"119.34.164.26","proto":"HTTP/2.0","method":"GET","host":"epicapi.rustsoft.cn","uri":"/favicon.ico","headers":{"Sec-Fetch-Site":["same-origin"],"Sec-Gpc":["1"],"Pragma":["no-cache"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"],"Accept":["image/avif,image/webp,*/*"],"Accept-Language":["en-US,en;q=0.5"],"Sec-Fetch-Mode":["no-cors"],"Accept-Encoding":["gzip, deflate, br"],"Referer":["https://epicapi.rustsoft.cn/api/games/dvorakchen"],"Sec-Fetch-Dest":["image"],"Cache-Control":["no-cache"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"epicapi.rustsoft.cn"}},"duration":0.000337794,"status":502,"err_id":"1ahunqqt0","err_trace":"reverseproxy.statusError (reverseproxy.go:1267)"}
3. Caddy version:
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
4. How I installed and ran Caddy:
I use docker compose
sudo docker compose up -d
a. System environment:
Docker and Docker Compose in Debian 6.1.55-1 (2023-09-29) x86_64 GNU/Linux
b. Command:
docker compose up -d
c. Service/unit/compose file:
compose.yml
services:
caddy:
image: caddy:latest
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./site:/srv
- caddy_data:/data
- caddy_config:/config
volumes:
caddy_data:
caddy_config:
d. My complete Caddy config:
www.rustsoft.cn, rustsoft.cn {
root * /srv/homepage/
file_server
}
cyberkitten.rustsoft.cn {
root * /srv/cyber-kitten/
file_server
}
static.rustsoft.cn {
root * /srv/static/
file_server browse
}
epicapi.rustsoft.cn {
reverse_proxy 127.0.0.1:8080
}
More debug information
If I access this address: http://epicapi.rustsoft.cn/api/games/dvorakchen in browser it will redirect to https, that indicated Caddy received my request and redirect to https, but response status would be 502.
I’m sure my Backend app listening port 8080, cause I can use curl access it in server machine:
curl 127.0.0.1:8080/api/games/dvorakchen
{"ok":true,"error":"","content":[{"id":1,"name":"Black Myth: Wukong","cover_url":"https://rustsoft.cn/black-myth-wukong.jpg","achievements_amount":2,"achievements_completed":10}]}lighthouse@VM-16-8-debian
And I tried open the port 8080 to the public network, I can access it directly by IP address:8080 on browser.