Run Caddy2 / Varnish 66 / Magento2

ArmorK · September 1, 2021, 6:07pm

1. Caddy version (`caddy version`):

2.4.3

2. How I run Caddy:

I want to run Caddy as Reverse Proxy with Varnish 6.6 and Magento 2.4.2

a. System environment:

Ubuntu 20.04 Focal ( Digitalocean droplet )

b. Command:

systemctl start caddy

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

# Caddyfile
{
   admin 0.0.0.0:2020
}

https://mysite.com {
	root * /var/www/mysite
	reverse_proxy /pub/* 127.0.0.1:8443
	file_server
}

3. The problem I’m having:

Hi guys,
1- can someone help me to get config file ( Caddyfile or Json ) to run Caddy2 with Varnish >6.0lts and Magento 2.4.2, and use Caddy as Reverse proxy with Aytomatic Https or LetsEncrypt.

PS: my ports config
Apache2 listening = 8080
Apache2 TCP6 listening = 443
Varnish listening = 80
Varnish listening = 8443
Varnish TCP6 listening = 80
Caddy listening = 80

thank you in advance

4. Error messages and/or full log output:

-------------------( curl -I mysite.com )

HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Sep 2021 18:00:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://mysite.com/
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1
X-Varnish: 32907
Age: 0
Via: 1.1 varnish (Varnish/6.6)
Connection: keep-alive

-------------------( journalctl -u caddy --no-pager | less )

Sep 01 18:26:48 myhost systemd[1]: Started Caddy.
Sep 01 18:26:48 myhost caddy[816]: caddy.HomeDir=/var/lib/caddy
Sep 01 18:26:48 myhost caddy[816]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Sep 01 18:26:48 myhost caddy[816]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Sep 01 18:26:48 myhost caddy[816]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Sep 01 18:26:48 myhost caddy[816]: caddy.Version=v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=
Sep 01 18:26:48 myhost caddy[816]: runtime.GOOS=linux
Sep 01 18:26:48 myhost caddy[816]: runtime.GOARCH=amd64
Sep 01 18:26:48 myhost caddy[816]: runtime.Compiler=gc
Sep 01 18:26:48 myhost caddy[816]: runtime.NumCPU=2
Sep 01 18:26:48 myhost caddy[816]: runtime.GOMAXPROCS=2
Sep 01 18:26:48 myhost caddy[816]: runtime.Version=go1.16.5
Sep 01 18:26:48 myhost caddy[816]: os.Getwd=/
Sep 01 18:26:48 myhost caddy[816]: LANG=C.UTF-8
Sep 01 18:26:48 myhost caddy[816]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Sep 01 18:26:48 myhost caddy[816]: HOME=/var/lib/caddy
Sep 01 18:26:48 myhost caddy[816]: LOGNAME=caddy
Sep 01 18:26:48 myhost caddy[816]: USER=caddy
Sep 01 18:26:48 myhost caddy[816]: INVOCATION_ID=448b04d13cbf44cf84212bd4d4d3b5e6
Sep 01 18:26:48 myhost caddy[816]: JOURNAL_STREAM=9:25575
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8303964,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Sep 01 18:26:48 myhost caddy[816]: {"level":"warn","ts":1630520808.8375862,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":3}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8609362,"logger":"admin","msg":"admin endpoint started","address":"tcp/0.0.0.0:2020","enforce_origin":false,"origins":["0.0.0.0:2020"]}
Sep 01 18:26:48 myhost caddy[816]: {"level":"warn","ts":1630520808.8609786,"logger":"admin","msg":"admin endpoint on open interface; host checking disabled","address":"tcp/0.0.0.0:2020"}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8707194,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8707848,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8711464,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00026caf0"}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8786216,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8786795,"logger":"tls","msg":"finished cleaning storage units"}
Sep 01 18:26:48 myhost caddy[816]: {"level":"info","ts":1630520808.8787818,"logger":"tls.cache.maintenance","msg":"stopped background certificate maintenance","cache":"0xc00026caf0"}
Sep 01 18:26:48 myhost caddy[816]: run: loading initial config: loading new config: http app module: start: tcp: listening on :443: listen tcp :443: bind: address already in use
Sep 01 18:26:48 myhost systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
Sep 01 18:26:48 myhost systemd[1]: caddy.service: Failed with result 'exit-code'.

5. What I already tried:

6. Links to relevant resources:

francislavoie · September 1, 2021, 6:12pm

Please use ``` backticks before and after your configs and logs, on their own lines, to use code formatting. It’s very difficult to read your post without it, because whitespace is not preserved.

Also, please run the command listed in the docs below to view your logs. You’ll notice your logs are truncated with a > at the end of each line when using systemctl status caddy, which hides the important messages.

ArmorK · September 1, 2021, 7:50pm

Hi, its my first time posting here, thank you

francislavoie · September 1, 2021, 8:04pm

This error is saying Caddy failed to start because some other process is already using port 443.

It’s not possible for two different processes to use the same ports. You’ll need to move your Varnish and Apache servers away from using ports 80 and 443, because Caddy needs ports 80 and 443 to solve ACME challenges, to automate certificate issuance for you.

ArmorK · September 1, 2021, 8:08pm

this is my ports.conf apache2

Listen 127.0.0.1:8080

<IfModule ssl_module>
	Listen 443
</IfModule>

<IfModule mod_gnutls.c>
	Listen 443
</IfModule>

ArmorK · September 1, 2021, 8:15pm

i removed Listen 443 from Apache2 and change Varnish to 8880,
now i have error HTTP ERROR 404.

curl -I mysite.com

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://mysite.com/
Server: Caddy
Date: Wed, 01 Sep 2021 20:14:31 GMT

francislavoie · September 1, 2021, 8:20pm

That’s not an error. That’s Caddy performing an HTTP->HTTPS redirect. Use the -L flag in curl to follow redirects (i.e. L for the Location header), or just use https://mysite.com as the address.

ArmorK · September 1, 2021, 8:24pm

but the website still not accessible in the browser.
ERROR 404

ArmorK · September 3, 2021, 6:47pm

can someone help me to get config file ( Caddyfile or Json ) to run Caddy2 with Varnish >6.0lts and Magento 2.4.2, and use Caddy as Reverse proxy with Aytomatic Https or LetsEncrypt, ON APACHE2

system · October 1, 2021, 6:07pm

This topic was automatically closed after 30 days. New replies are no longer allowed.