1. My Caddy version (caddy version
):
v2.0.0-rc.3 h1:z2H/QnaRscip6aZJxwTbghu3zhC88Vo8l/K57WUce4Q=
2. How I run Caddy:
a. System environment:
Ubuntu 18.04, Systemd
As a reverse proxy for many devices on my LAN
b. Command:
sudo systemctl start caddy
c. Service/unit/compose file:
# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# `caddy run` command or use the caddy-api.service file instead.
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target
[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile or JSON config:
https://skyview.millhousen.com/ {
reverse_proxy 192.168.0.151:80
encode gzip
}
https://wx.millhousen.com/ {
reverse_proxy 192.168.0.180:80
encode gzip
}
https://wx.millhousen.com:9001 {
reverse_proxy 192.168.0.15:9001
}
https://jellyfin.kstr.us/ {
reverse_proxy docker.stier.network:8096 {
transport http {
tls_insecure_skip_verify
}
}
encode gzip
}
https://spdtst.me {
reverse_proxy 192.168.0.55:80
}
#:8080 {
# forwardproxy
#}
3. The problem I’m having:
I am working on moving from Caddy 1. The upgrade guide was very helpful! The only thing it didn’t mention was the change in basicauth
.
Most of the reverse proxies are not functioning properly.
SPDTST.ME works fine.
The Skyview site looks strange (appears to lack CSS)
The WX site has CSS errors
Jellyfin throws a 502 error
4. Error messages and/or full log output:
Apr 26 00:25:58 caddy caddy[11064]: {"level":"error","ts":1587875158.9507868,"logger":"http.log.error","msg":"tls: first record does not look like a TLS handshake","request":{"method":"GET","uri":"/","proto":"HTTP/2.0","remote_addr":"192.168.0.1:55640","host":"jellyfin.kstr.us","headers":{"Accept-Language":["en-US,en;q=0.9"],"Upgrade-Insecure-Requests":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["cross-site"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br"],"Cache-Control":["max-age=0"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"],"Sec-Fetch-Dest":["document"]},"tls":{"resumed":false,"version":772,"ciphersuite":4865,"proto":"h2","proto_mutual":true,"server_name":"jellyfin.kstr.us"}},"status":502,"err_id":"iak7qgifw","err_trace":"reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:362)"}
CSS-less WX site
(Twitter and Google Analytics errors are DNS blocked, thus normal)
Skyview Site Error
5. What I already tried:
I tried taking the encode directive out of one of the sites, but this did not return any different results.
I also tried accessing these domains from outside of my local network, this does not return different results either.
6. Links to relevant resources:
These sites aren’t super important, so I am going to let them run while broken. If you need to check HTTP headers, go right ahead.