May 20, 2023, 5:07pm
1. The problem I’m having:
I am trying to reverse proxy my text microservice.
it has the following routes :
ws api chat?username=foo
http api GET /users
2. Error messages and/or full log output:
3. Caddy version:
e8352aef38642c20ff528836b6581094f087eb99 (16 May 23 05:18 UTC)
I think v2.6.4.
4. How I installed and ran Caddy:
I just clone from repo.
a. System environment:
I’m not running docker. my architecture is debian.
Debian GNU/Linux 11 (bullseye)
I made a caddyfile and ran caddy run
d. My complete Caddy config:
header Connection *Upgrade*
header Upgrade websocket
reverse_proxy @websockets localhost:6000
reverse_proxy /chat localhost:6000
reverse_proxy /users* localhost:6000
Since you’re proxying everything to the same place, change all this to simply this:
You don’t need to use matchers if you don’t need to do anything different with the request.
Where are you seeing this? What’s in Caddy’s logs? Turn on the
debug global option for more detailed logs.
Are you proxying to the TLS endpoint of your app? Make sure your app is expecting HTTP, not HTTPS.
May 22, 2023, 12:38am
I change it to the following :
though, it only proxies on http and ws. I’m a bit lost why I can’t connect through wss or https ?!
also, if I just do this reverse_proxy localhost:6000 in Caddyfile, I get the following error:
Error: loading initial config: loading new config: http app module: start: listening on :6000: listen tcp :6000: bind: address already in use
I am setting using the following commands:
wscat -c 'ws://localhost:2015/chat?username=foo'
the error I get for wss is
wscat -c 'wss://localhost:2015/chat?username=foo'
error: write EPROTO C0D76DAA167F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:
wscat -c 'wss://localhost:443/chat?username=foo'
error: connect ECONNREFUSED ::1:443
Caddy will default to listening for HTTPS if you use a valid domain name as your site address. If you use a non-standard port, it will only listen for HTTP. See the docs:
Caddyfile Concepts — Caddy Documentation
The reason you get that error if you remove
:2015 is because it becomes an invalid Caddyfile. See the docs page above, it explains how the Caddyfile is structured. You
must have a site address as the first thing (except for global options and snippets).
wss is not a real protocol scheme, is just a shortcut in the browser to mean “WebSockets over HTTPS”. In reality, it’s just an HTTPS connection to start, which gets upgraded to a raw TCP connection (with TLS) after the handshake.