1. The problem I’m having:
I am trying to run a qwik app on a subdomain (new.blue-borders.ch).
The app uses fastify to serve the built app and qwick also uses post requests to communicate with the server (db queries).
The new part in the caddyfile is:
new.blue-borders.ch {
reverse_proxy * {
to bb_app:3000
header_down Access-Control-Allow-Origin *
header_down Access-Control-Allow-Methods "HEAD, GET, POST, OPTIONS"
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}
I also added the new app entry into the docker-compose.yml:
version: '3.7'
services:
(...others)
caddy:
build:
context: ./caddy
container_name: bb_caddy
depends_on:
- db
restart: always
# original image downgrades user but that seems not to work
user: root
ports:
- '80:80'
- '443:443'
env_file:
- ./.env
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
- caddy_certs:/data
- caddy_config:/config
app:
build:
context: ./app
container_name: bb_app
restart: always
env_file:
- ./.env
expose:
- '3000'
ports:
- '3000:3000'
depends_on:
- db
volumes:
- app_data:/app_data
volumes:
app_data:
(...others)
It seems that the app has started up and is listening:
root@172-105-69-235:~/bb# docker logs bb_app
{"level":30,"time":1688061483144,"pid":1,"hostname":"f02a63bffd37","msg":"Server listening at http://127.0.0.1:3000"}
Certs have been created for new.blue-borders.ch.
2. Error messages and/or full log output:
But it seems that caddy is having a problem with the reverse proxy:
root@172-105-69-235:~/bb# docker logs bb_caddy
{"level":"error","ts":1688063187.6974585,"logger":"http.log.error","msg":"dial tcp 172.19.0.6:3000: connect: connection refused","request":{"remote_ip":"171.244.43.14","remote_port":"53756","proto":"HTTP/1.1","method":"GET","host":"new.blue-borders.ch","uri":"/robots.txt","headers":{"Accept":["*/*"],"Accept-Encoding":["gzip, deflate"],"User-Agent":["Mozilla/5.0 (Linux; Android 13; Pixel 6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36"],"Accept-Language":["ja,en-US;q=0.9,en;q=0.8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"new.blue-borders.ch"}},"duration":0.007817105,"status":502,"err_id":"efcjcr7uh","err_trace":"reverseproxy.statusError (reverseproxy.go:1299)"}
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
a. System environment:
ubuntu virtual machine using docker.
b. Command:
See docker-compose.yml
c. Service/unit/compose file:
Running docker-compose in docker. This is the whole docker-compose.yml:
version: '3.7'
services:
db:
container_name: bb_db
restart: always
image: db
build:
context: ./db
env_file:
- ./.env
ports:
# make the Postgres database accessible from outside the Docker container on port 5432
- '5432:5432'
volumes:
- db_data:/var/lib/postgresql/data
- sik_data:/sik_data
# hasura needs higher max_locks_per_transaction
command: postgres -c max_locks_per_transaction=2000
logging:
options:
max-size: '10m'
max-file: '3'
auth:
build:
context: ./auth
container_name: bb_auth
restart: always
env_file:
- ./.env
expose:
- '7000'
ports:
- '7000:7000'
depends_on:
- db
- graphql
graphql:
image: 'hasura/graphql-engine:v2.28.1'
container_name: bb_graphql
ports:
- '8080:8080'
depends_on:
- db
restart: always
env_file:
- ./.env
command:
- graphql-engine
- serve
caddy:
build:
context: ./caddy
container_name: bb_caddy
depends_on:
- db
restart: always
# original image downgrades user but that seems not to work
# see: https://caddy.community/t/basic-docker-compose-setup-failing/6892/7?u=alexander_gabriel
user: root
ports:
- '80:80'
- '443:443'
env_file:
- ./.env
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
- caddy_certs:/data
- caddy_config:/config
app:
build:
context: ./app
container_name: bb_app
restart: always
env_file:
- ./.env
expose:
- '3000'
ports:
- '3000:3000'
depends_on:
- db
volumes:
- app_data:/app_data
volumes:
db_data:
caddy_certs:
caddy_config:
sik_data:
app_data:
Here is the Dockerfile for caddy:
FROM caddy:latest
COPY Caddyfile /etc/caddy/Caddyfile
d. My complete Caddy config:
# https://github.com/caddyserver/caddy-docker
{
email alex.barbalex@gmail.com
#acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
#debug
}
api.blue-borders.ch {
reverse_proxy * {
to bb_graphql:8080
header_down Access-Control-Allow-Origin *
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}
auth.blue-borders.ch {
reverse_proxy * {
to bb_auth:7000
header_down Access-Control-Allow-Origin *
header_down Access-Control-Allow-Methods "HEAD, GET, POST, OPTIONS"
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}
new.blue-borders.ch {
reverse_proxy * {
to bb_app:3000
header_down Access-Control-Allow-Origin *
header_down Access-Control-Allow-Methods "HEAD, GET, POST, OPTIONS"
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}
api.mediterranean-migration.com {
reverse_proxy * {
to bb_graphql:8080
header_down Access-Control-Allow-Origin *
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}
auth.mediterranean-migration.com {
reverse_proxy * {
to bb_auth:7000
header_down Access-Control-Allow-Origin *
header_down Access-Control-Allow-Methods "HEAD, GET, POST, OPTIONS"
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
}
}