[SOLVED] Subdomain and reverse_proxy config

Luca_Moiana · November 6, 2020, 7:11pm

1. Caddy version (`caddy version`):

Caddy version v2.2.1

2. How I run Caddy:

Docker on portainer

a. System environment:

Ubuntu 20.04.1 LTS

b. Command:

c. Service/unit/compose file:

Docker version 19.03.8

d. My complete Caddyfile or JSON config:

{
email [MYEMAIL]
}

[MYDOMAIN], [MYDOMAIN]

{
root *  /var/www

file_server

}


portainer.[MYDOMAIN]
{
reverse_proxy  localhost:9000
}

nextcloud.[MYDOMAIN]
{
reverse_proxy  localhost:8080
}

3. The problem I’m having:

I have set 3 A domain in Server Zone DNS
[MYDOMAIN]
www.[MYDOMAIN]
portainer.[MYDOMAIN]
nexcloud.[MYDOMAIN]

All pointing to [MYIP]
I can reach [MYDOMAIN] and www.[MYDOMAIN] on browser but
portainer.[MYDOMAIN] and nextcloud.[MYDOMAIN] give me HTTP ERROR 502

4. Error messages and/or full log output:

{“level”:“error”,“ts”:1604688101.0248196,“logger”:“http.log.error”,“msg”:“dial tcp 127.0.0.1:8080: connect: connection refused”,“request”:{“remote_addr”:“47.53.143.134:49194”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“nextcloud.[MYDOMAIN]”,“uri”:"/",“headers”:{“Cache-Control”:[“max-age=0”],“User-Agent”:[“Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Site”:[“cross-site”],“Sec-Fetch-Dest”:[“document”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“it-IT,it;q=0.9”],“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:["?1"]},“tls”:{“resumed”:false,“version”:772,“cipher_suite”:4865,“proto”:“h2”,“proto_mutual”:true,“server_name”:“nextcloud.[MYDOMAIN]”}},“duration”:0.000933191,“status”:502,“err_id”:“n7s1hyaun”,“err_trace”:“reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:441)”}

5. What I already tried:

6. Links to relevant resources:

francislavoie · November 6, 2020, 7:29pm

When running in docker, localhost points to the Caddy container itself, so you’re asking Caddy to connect to a service running on port 8080, in the Caddy container, which isn’t a thing.

Instead, you’ll want to use the container name, if it’s in the same docker network. Probably something like nextcloud:8080 for example.

Luca_Moiana · November 6, 2020, 7:41pm

hi, thank you for your reply, I did edited Caddyfile as suggested:

nextcloud.[MYDOMAIN]
{
reverse_proxy nextcloud_app_1:8080
}

And even added the dockers to caddyserver default network.
I still getting HTTP ERROR 502
and the following log, from caddyserver docker:

{“level”:“error”,“ts”:1604691493.0354574,“logger”:“http.log.error”,“msg”:“dial tcp: lookup portainer on 127.0.0.11:53: no such host”,“request”:{“remote_addr”:“47.53.143.134:49906”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“portainer.[MYDOMAIN]”,“uri”:"/",“headers”:{“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Site”:[“cross-site”],“Sec-Fetch-User”:["?1"],“Sec-Fetch-Dest”:[“document”],“Accept-Language”:[“it-IT,it;q=0.9”],“Cache-Control”:[“max-age=0”],“User-Agent”:[“Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.75 Safari/537.36”],“Accept-Encoding”:[“gzip, deflate, br”],“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-Mode”:[“navigate”]},“tls”:{“resumed”:false,“version”:772,“cipher_suite”:4865,“proto”:“h2”,“proto_mutual”:true,“server_name”:“portainer.[MYDOMAIN]”}},“duration”:0.006948508,“status”:502,“err_id”:“5sa6mwsi7”,“err_trace”:“reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:441)”}

francislavoie · November 6, 2020, 7:52pm

That’s the problem there, it doesn’t know how to resolve the name portainer to an IP address.

Luca_Moiana · November 6, 2020, 7:55pm

sorry, but I don’t get it, should I use an internal IP given by docker or else?
thanks for your patience

francislavoie · November 6, 2020, 8:09pm

I don’t use portainer, so I can’t say how things are configured there, but you should use a name that will resolve to the IP of the container you want to proxy to. You could use the IP address directly, but there’s no guarantee that the IP won’t change later.

Luca_Moiana · November 6, 2020, 9:07pm

I don’t see what’s portainer’s role in managing IP, for what I understood is just a managing GUI.
Btw, I did insert the VPS IP in the Caddyfile and got me Error 502
I did use the IP of the local docker network and I still get Error 502

francislavoie · November 6, 2020, 9:20pm

Yeah Portainer doesn’t manage any IPs, that’s all Docker. But you do decide the service names of the things you run in Portainer, no? Those service names are what Docker uses as DNS names that resolve to the IP of the containers.

Luca_Moiana · November 6, 2020, 9:55pm

Ok, I did use dockers names coming from portainers and even added them to caddyserver_web network,
it is currently working from portainer.[MYDOMAIN]
but still won’t work from nextcloud.[MYDOMAIN] errore 502

francislavoie · November 6, 2020, 10:12pm

Are you sure you’re using the right port number? You need to use the port internal to the docker network, not the port being published to the host.

Luca_Moiana · November 7, 2020, 11:33am

oh yes! That solved my problem, thank you so much for your help

DevilsCoder · November 7, 2020, 11:08pm

ive been having this same issue could you possibly share how you created your caddy network on portainer host. Im using portainer also and i cant find anwhere where they said how to make a network bridge with the ability to run other apps through caddy network bridge

Luca_Moiana · November 8, 2020, 10:32am

Hi, dunno if this is the answer you are looking for, but what I did is just have dockers connecting to the caddyserver2_web network that was already created by Caddyserver Docker and everyghting seems to run smooth. Oh well, except for Nextcloud who’s opening on nextcloud.[MYDOMAIN] but then it raises a permission issue … but I think it has to do with nextcloud config

DevilsCoder · November 9, 2020, 1:48am

Could you please provide the docker hub link and docker-compose.yml. I have to use cloudflare with my install everything works fine but the local domain will not load or see it. Im pretty sure its because caddy cant show or see my docker containers on the outside. I know it has something to do with docker networks and caddy not fully synicng. My caddy2 install done here from this github maker from docker for cloudflare GitHub - mr-karan/caddy-plugins-docker: Docker image for Caddy with custom plugins baked into the image. there was no setup or install for networks. Could you possibly share your dockerfile or stack you used?

Luca_Moiana · November 10, 2020, 10:00pm

I did run caddyserver inside Portainer, from app template, and edited Caddyfile as mentioned in the first post

DevilsCoder · November 11, 2020, 2:06am

huh thats weird i dont get a network made by caddy by default could you possibly display more information without details like api key and others

system · December 6, 2020, 7:11pm

This topic was automatically closed after 30 days. New replies are no longer allowed.