Reverse_proxy wiht unix socket not working

speedwheel · March 22, 2024, 12:22am

1. The problem I’m having:

I am trying to reverse proxy a unix socket, but it’s not working.

If I use this commands it works fine, I get the response from the server:

$ curl --unix-socket /tmp/srv.sock http://localhost:8082
$ echo -e "GET / HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n" | nc -U /tmp/srv.sock

Response:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Fri, 22 Mar 2024 00:36:44 GMT
Content-Length: 46
Connection: close

{"message":"Welcome from inside the go app!"}

Also it work with nginx using this config:

server {
    listen 8082;
    server_name localhost;

    location / {
         proxy_pass http://unix:/tmp/srv.sock;
   }
}

2. Error messages and/or full log output:

Mar 22 02:15:03 DESKTOP-1IAIK6Q caddy[133519]: {"level":"debug","ts":1711066503.673956,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"unix//tmp/srv.sock","duration":0.000174006,"request":{"remote_ip":"::1","remote_port":"52862","client_ip":"::1","proto":"HTTP/1.1","method":"GET","host":"localhost:8082","uri":"/","headers":{"Sec-Fetch-Site":["none"],"Sec-Fetch-Dest":["document"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Sec-Fetch-Mode":["navigate"],"Cache-Control":["max-age=0"],"Upgrade-Insecure-Requests":["1"],"Sec-Ch-Ua":["\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Microsoft Edge\";v=\"122\""],"X-Forwarded-For":["::1"],"X-Forwarded-Proto":["http"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0"],"X-Forwarded-Host":["localhost:8082"]}},"error":"dial unix /tmp/srv.sock: connect: no such file or directory"}
Mar 22 02:15:03 DESKTOP-1IAIK6Q caddy[133519]: {"level":"error","ts":1711066503.6740086,"logger":"http.log.error.log0","msg":"dial unix /tmp/srv.sock: connect: no such file or directory","request":{"remote_ip":"::1","remote_port":"52862","client_ip":"::1","proto":"HTTP/1.1","method":"GET","host":"localhost:8082","uri":"/","headers":{"Upgrade-Insecure-Requests":["1"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Connection":["keep-alive"],"Sec-Ch-Ua":["\"Chromium\";v=\"122\", \"Not(A:Brand\";v=\"24\", \"Microsoft Edge\";v=\"122\""],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-GB,en;q=0.9,en-US;q=0.8"],"Cache-Control":["max-age=0"],"Sec-Fetch-User":["?1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Ch-Ua-Platform":["\"Windows\""]}},"duration":0.00034089,"status":502,"err_id":"w5277cjk8","err_trace":"rever
seproxy.statusError (reverseproxy.go:1267)"}

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

a. System environment:

Ubuntu 22.04.4 LTS via Windows WSL 2

b. Command:

sudo service caddy start

d. My complete Caddy config:

{
	debug
}
:80 {
	# Set this path to your site's directory.
	root * /usr/share/caddy

	# Enable the static file server.
	file_server

	# Another common task is to set up a reverse proxy:
	# reverse_proxy localhost:8080

	# Or serve a PHP site through php-fpm:
	# php_fastcgi localhost:9000
}

# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

:8082 { 
	reverse_proxy unix//tmp/srv.sock
	log {
	output file /var/log/caddy/test.log {
		roll_size 100mb
		roll_keep 30
		level DEBUG
		roll_keep_for 720h
	}
    }

}

5. Links to relevant resources:

francislavoie · March 22, 2024, 2:56am

That’s because the Caddy service uses PrivateTmp which isolates /tmp for the service, replaced with something like /tmp/systemd-private-<some-hash>-caddy.service-<some-id>/tmp

Try putting your socket file somewhere else like /run which is usually where services put their socket files.

speedwheel · March 22, 2024, 12:28pm

@francislavoie thanks that worked

system · April 21, 2024, 12:29pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.