Reverse proxy returning blank page in docker

1. Caddy version (caddy version):

2.4.6

2. How I run Caddy:

I run caddy through docker compose

a. System environment:

Docker on macOS Server

b. Command:

No commands used

c. Service/unit/compose file:

version: "3.8"

services:
  komga:
    container_name: komga
    image: gotson/komga
    restart: unless-stopped
    environment:
      - PUID=${PUID}
      - PGID=${PGID}
      - TZ=${TZ}
      - JAVA_TOOL_OPTIONS=-Xmx4g
      - SERVER_PORT=8081
    volumes:
      - ${ROOT_CONF}/komga:/config # config files
      - ${ROOT_DATA}/Media/Comics:/data # data folder
    ports:
      - 8081:8081

  caddy:
    container_name: caddy
    image: caddy
    restart: unless-stopped
    environment:
      - PUID=${PUID}
      - PGID=${PGID}
      - TZ=${TZ}  
    volumes:
      - ${ROOT_APP}/caddy/Caddyfile:/etc/caddy/Caddyfile
      - ${ROOT_APP}/caddy/site:/srv
      - ${ROOT_APP}/caddy/data:/data
      - ${ROOT_APP}/caddy/config:/config
    ports:
      - 80:80
      - 443:443     

d. My complete Caddyfile or JSON config:

myserver.com {
  log
  reverse_proxy /komga/* komga:8081
}

3. The problem I’m having:

When I navigate to https://myserver.com/komga it returns a blank webpage. I expected it to show the komga webpage which works using http://127.0.0.1:8081

4. Error messages and/or full log output:

Log file

{"level":"info","ts":1637778544.7673826,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"warn","ts":1637778544.7679336,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":2}
{"level":"info","ts":1637778544.7692125,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1637778544.7693286,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1637778544.769336,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1637778544.7695339,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x400029c0e0"}
{"level":"info","ts":1637778544.7699456,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
{"level":"info","ts":1637778544.770441,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["myserver.com"]}
{"level":"info","ts":1637778544.8046563,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1637778544.8046868,"msg":"serving initial configuration"}
{"level":"info","ts":1637778544.8106759,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1637778556.4096696,"logger":"http.log.access","msg":"handled request","request":{"remote_addr":"172.18.0.1:65084","proto":"HTTP/2.0","method":"GET","host":"myserver.com","uri":"/komga","headers":{"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua":["\" Not A;Brand\";v=\"99\", \"Chromium\";v=\"96\", \"Google Chrome\";v=\"96\""],"Sec-Ch-Ua-Platform":["\"macOS\""],"Upgrade-Insecure-Requests":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36"],"Sec-Fetch-Site":["none"],"Sec-Fetch-User":["?1"],"Accept-Language":["en-US,en;q=0.9"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"myserver.com"}},"common_log":"172.18.0.1 - - [24/Nov/2021:18:29:16 +0000] \"GET /komga HTTP/2.0\" 0 0","user_id":"","duration":0.000377875,"size":0,"status":0,"resp_headers":{"Server":["Caddy"]}}
{"level":"info","ts":1637778556.4399047,"logger":"http.log.access","msg":"handled request","request":{"remote_addr":"172.18.0.1:65084","proto":"HTTP/2.0","method":"GET","host":"myserver.com","uri":"/favicon.ico","headers":{"Accept-Language":["en-US,en;q=0.9"],"Sec-Ch-Ua":["\" Not A;Brand\";v=\"99\", \"Chromium\";v=\"96\", \"Google Chrome\";v=\"96\""],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36"],"Sec-Ch-Ua-Platform":["\"macOS\""],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Dest":["image"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"Sec-Fetch-Site":["same-origin"],"Referer":["https://myserver.com/komga"],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"myserver.com"}},"common_log":"172.18.0.1 - - [24/Nov/2021:18:29:16 +0000] \"GET /favicon.ico HTTP/2.0\" 0 0","user_id":"","duration":0.000029292,"size":0,"status":0,"resp_headers":{"Server":["Caddy"]}}

Curl

curl -v https://myserver.com/komga
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=myserver.com
*  start date: Oct  3 15:21:05 2021 GMT
*  expire date: Jan  1 15:21:04 2022 GMT
*  subjectAltName: host "myserver.com" matched cert's "myserver.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x154812800)
> GET /komga HTTP/2
> Host: myserver.com
> user-agent: curl/7.77.0
> accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 200 
< server: Caddy
< content-length: 0
< date: Wed, 24 Nov 2021 18:46:34 GMT
< 
* Connection #0 to host myserver.com left intact

5. What I already tried:

  • Used respond to ensure caddy is working properly without reverse proxy
  • Used wget from the caddy container to the komga container to make sure the service name could be used and it returned the HTML I expected
  • Different types of configurations in the caddy config file like including http:// in the docker service name, using subdomains komga.myserver.com for example.
  • Installed caddy on the host OS (macOS) and still had the same issue, wanted to eliminate an issue with docker desktop. I uninstalled caddy from the OS since this didn’t work.
  • Curl commands to find any errors

6. Links to relevant resources:

Your path matcher is /komga/* so a request like /komga will not match, because it doesn’t have the expected trailing slash. Use /komga* instead, (or just omit the matcher entirely, if it’s the only thing you’re proxying).

1 Like

Thank you, that resolved the reverse proxy issue with Caddy.

For anyone else running into this problem with Komga, I also needed to add the following environment variable to the Komga (via the docker compose file) so it can support the base url needed for the reverse proxy to work.

SERVER_SERVLET_CONTEXT_PATH=/komga
1 Like