1. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
2. How I installed, and run Caddy:
a. System environment:
Debian 11 with systemd.
b. Command:
sudo service caddy start
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateDevices=yes
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddy config:
wrote below
3. The problem I’m having:
Guys, I’ve got two questions:
Q1. First, I wonder why would these two Caddyfile behave differently:
# 1.1
test.forserve.com {
file_server
handle_path /heimdall/* {
reverse_proxy localhost:8000 {
header_up Host {upstream_hostport}
}
}
}
http://localhost:8000 {
file_server
root * /srv/www/heimdall/public
# root * /srv/www/debug
php_fastcgi unix//run/php/php-fpm.sock
}
# 1.2
test.forserve.com {
file_server
php_fastcgi unix//run/php/php-fpm.sock
handle_path /heimdall/* {
root * /srv/www/heimdall/public
}
}
Q2. Second, I found out that no matter what I use like localhost:8000
or 127.0.0.1:8000
or :8000
in Caddyfile, caddy will always listening on *:8000
. Is it possible to make caddy listen locally on 127.0.0.1:8000
, so it would be a CONNECTION_REFUSED
instead of an empty 200 respond to a http(s) request from Internet?
4. Error messages and/or full log output:
`sudo journalctl -u caddy -f`
Got no logs while visting https://test.forserve.com/heimdall/
5. What I already tried:
As guys might know, heimdall is a php landing page project. It provides docker for easy deployment.
The heimdall docker image use Nginx and PHP, exposes port 80 and 443 for connection. So reverse_proxy to heimdall_docker:80 will be the easiest way to deploy, even if running on a sub-path. Just write the sub-path as APP_URL in the .env file, programs do the works.
But that not so cool isn’t it? Cause I’m using Caddy, I want to make it run with just caddy and PHP, natively without docker.
Imitating the way to run with docker. First, I setup a http service on localhost:8000, then use reverse_proxy with handle_path in front. Surprisingly, everythings works well. Heimdall runs on a sub-path with Caddyfile(# 1.1) attach above.
Lately, I try to merge those two blocks into one(# 1.2). However, it didn’t works. Every request return a 404 page.
Wondering why, I figure out a static file test:
# make a simple static index page for test
echo "<table width=100% height=100%><tr><td><center><pre>I will be back.</pre></center></td></tr></table>" | sudo -u caddy tee /srv/www/debug/index.html
These 2 Caddyfile behave the same for the static index:
# 3.1
test.forserve.com {
file_server
handle_path /heimdall/* {
reverse_proxy localhost:8000 {
header_up Host {upstream_hostport}
}
}
}
http://localhost:8000 {
file_server
root * /srv/www/debug
php_fastcgi unix//run/php/php-fpm.sock
}
# 3.2
test.forserve.com {
file_server
php_fastcgi unix//run/php/php-fpm.sock
handle_path /heimdall/* {
root * /srv/www/debug
}
}
So confused…Is this blame for PHP?