Is there any way I can get it to just skip to Nextcloud?
It also seems to keep trying watch.haddock.cc, instead of going to the next domain.
I’m not sure what you mean by “it” here. This log:
2020/05/21 19:55:32 http: TLS handshake error from 116.203.17.124:55644: no certificate available for 'watch.haddock.cc'
Comes from someone (that someone being 116.203.17.124, specifically) trying to connect and access watch.haddock.cc. It’s not coming from Caddy itself, it’s not going to “skip” a domain (it’s just one client trying one address), and it doesn’t iterate through domains (unless the client decides to try iterating through domains).
Oh. That makes sense I guess. I’ll see what the output for Nextcloud is tomorrow.
Oh, @Whitestrake now we’re cooking. Here’s all the debug output I get when going to my Nextcloud url:
2020/05/22 09:54:36 http: TLS handshake error from 66.249.64.109:36796: no certificate available for 'git.haddock.cc'
2020/05/22 09:54:40 http: TLS handshake error from 192.168.50.1:45692: no certificate available for 'watch.haddock.cc'
2020/05/22 16:54:42.720 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000876485, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.725 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Dnt": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "X-Forwarded-Proto": ["https"], "Accept-Encoding": ["gzip, deflate, br"], "Upgrade-Insecure-Requests": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.00032613, "headers": {"Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"]}, "status": 301}
2020/05/22 16:54:42.741 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Accept-Encoding": ["gzip, deflate, br"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000347375, "headers": {"Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"]}, "status": 301}
2020/05/22 16:54:42.746 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Dnt": ["1"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000364878, "headers": {"Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"]}, "status": 301}
2020/05/22 16:54:42.758 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000382702, "headers": {"Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"]}, "status": 301}
2020/05/22 16:54:42.764 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Dnt": ["1"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000403037, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.778 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000384923, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.791 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000360566, "headers": {"Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"]}, "status": 301}
2020/05/22 16:54:42.796 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000321827, "headers": {"Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"]}, "status": 301}
2020/05/22 16:54:42.806 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Dnt": ["1"], "X-Forwarded-For": ["192.168.50.1"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000335186, "headers": {"Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"]}, "status": 301}
2020/05/22 16:54:42.810 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Encoding": ["gzip, deflate, br"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000321207, "headers": {"Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"]}, "status": 301}
2020/05/22 16:54:42.820 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000363217, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.824 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Dnt": ["1"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Language": ["en-US,en;q=0.5"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000329912, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.828 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Encoding": ["gzip, deflate, br"], "Te": ["trailers"], "X-Forwarded-Proto": ["https"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "X-Forwarded-For": ["192.168.50.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000349397, "headers": {"Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"]}, "status": 301}
2020/05/22 16:54:42.838 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.00034074, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.843 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Dnt": ["1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Encoding": ["gzip, deflate, br"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.00033983, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.858 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "Te": ["trailers"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000381101, "headers": {"Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"]}, "status": 301}
2020/05/22 16:54:42.892 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000391809, "headers": {"Location": ["https://cloud.haddock.cc/"], "Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"]}, "status": 301}
2020/05/22 16:54:42.907 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "Te": ["trailers"], "X-Forwarded-Proto": ["https"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "X-Forwarded-For": ["192.168.50.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000345064, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.932 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "Te": ["trailers"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "X-Forwarded-For": ["192.168.50.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000313701, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
2020/05/22 16:54:42.959 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8080", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:45694", "host": "cloud.haddock.cc", "headers": {"Accept-Encoding": ["gzip, deflate, br"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "Upgrade-Insecure-Requests": ["1"], "Dnt": ["1"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000383292, "headers": {"Server": ["nginx/1.16.1"], "Date": ["Fri, 22 May 2020 16:54:42 GMT"], "Content-Type": ["text/html"], "Content-Length": ["169"], "Connection": ["keep-alive"], "Location": ["https://cloud.haddock.cc/"]}, "status": 301}
@Whitestrake from looking at this output, none of this seems very useful. Did I do something wrong? Can I produce better output somehow?
Well, you’ve got the latest version, which is what you needed to test. Is Nextcloud still not working now?
No it’s still not working
Yeah. I have no idea why it’s not working. I tried asking @Dougy for their docker-compose.yml because it seemed to be working for them, but they haven’t answered me. I feel like the Caddy logs should be giving me something useful, but they’re just not.
No, it’s useful.
Looking at one of those lines, formatted out for readability:
{
"upstream": "localhost:8080",
"request": {
"method": "GET",
"uri": "/",
"proto": "HTTP/2.0",
"remote_addr": "192.168.50.1:45694",
"host": "cloud.haddock.cc",
"headers": {
"Accept-Encoding": [
"gzip, deflate, br"
],
"Cookie": [
"__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"
],
"Dnt": [
"1"
],
"User-Agent": [
"Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"
],
"Accept-Language": [
"en-US,en;q=0.5"
],
"Upgrade-Insecure-Requests": [
"1"
],
"Te": [
"trailers"
],
"X-Forwarded-For": [
"192.168.50.1"
],
"X-Forwarded-Proto": [
"https"
],
"Accept": [
"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
]
},
"tls": {
"resumed": false,
"version": 772,
"ciphersuite": 4865,
"proto": "h2",
"proto_mutual": true,
"server_name": "cloud.haddock.cc"
}
},
"duration": 0.000329912,
"headers": {
"Server": [
"nginx/1.16.1"
],
"Date": [
"Fri, 22 May 2020 16:54:42 GMT"
],
"Content-Type": [
"text/html"
],
"Content-Length": [
"169"
],
"Connection": [
"keep-alive"
],
"Location": [
"https://cloud.haddock.cc/"
]
},
"status": 301
}
We can see that in the response back from Nextcloud, we’re getting Status 301 with a redirect to
https://cloud.haddock.cc/. Every response is like this.
Problem is, the client - externally - is probably already accessing this site from https://cloud.haddock.cc/! Hence, redirect loop.
The easy solution is to have Caddy connect to their HTTPS endpoint like they request.
Change your Compose file to expose Nextcloud’s port 443 out to host port 8443 and proxy to https://localhost:8443 instead of localhost:8080.
Then, add tls_insecure_skip_verify as a subdirective to your reverse_proxy, because it’s unlikely Nextcloud is using anything other than a self-signed certificate.
That still doesn’t work. It should like this, right?
docker-compose.yml:
nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
hostname: nextcloud
environment:
- PUID=1001
- PGID=1001
- TZ=$TZ
volumes:
- /opt/docker/config/nextcloud:/config
- /opt/docker/data/nextcloud:/data
ports:
- 8443:443
depends_on:
- nextcloud-db
restart: unless-stopped
Caddyfile:
cloud.{$DOMAIN} {
reverse_proxy nextcloud:8443 {
transport http {
tls_insecure_skip_verify
}
}
}
Maybe I need to use some of the stuff from @ben.jones’s config:
Or maybe @Dougy’s:
mydomain.com {
root * /usr/local/www/nextcloud
file_server
log {
output file /var/log/mydomain.com.log
format single_field common_log
}
php_fastcgi 127.0.0.1:9000
header {
# enable HSTS
Strict-Transport-Security max-age=31536000;
}
redir /.well-known/carddav /remote.php/dav 301
redir /.well-known/caldav /remote.php/dav 301
# .htaccess / data / config / ... shouldn't be accessible from outside
@forbidden {
path /.htaccess
path /data/*
path /config/*
path /db_structure
path /.xml
path /README
path /3rdparty/*
path /lib/*
path /templates/*
path /occ
path /console.php
}
respond @forbidden 404
}
I’d avoid complicating Caddyfile config just yet.
Get something simple working first. All the other stuff is extraneous.
(It’s also not applicable to you. You’re not serving Nextcloud directly from Caddy, you’re using Caddy to reverse proxy to a Nextcloud container.)
Change nextcloud:8443 in your latest Caddyfile to https://localhost:8443. Remember you’re running Caddy outside of Docker right now, so it doesn’t know what nextcloud is. Leave the scheme (https://) there so it’s unambiguous to Caddy that you’re talking to a HTTPS upstream.
I suggest you take a bit of time to familiarize yourself better with the concept of exposing ports in Docker. Inside the Docker network, each container is its own host, think of them like their own little computers. Exposing a port is like saying “this port on the Docker host will wire up to that port on the container”. You expose nextcloud:443 on localhost:8443. You can also think of it as similar to port forwarding from a router. At no point is nextcloud:8443 a thing.
The type of network a container uses, whether it is a bridge, an overlay, a macvlan network, or a custom network plugin, is transparent from within the container. From the container’s point of view, it has a network interface with an IP address, a gateway, a routing table, DNS services, and other networking details (assuming the container is not using the
nonenetwork driver).
Containers connected to the same user-defined bridge network effectively expose all ports to each other. For a port to be accessible to containers or non-Docker hosts on different networks, that port must be published using the
-por--publishflag.
2 Likes
Still nothing:
2020/05/26 22:27:41.241 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8443", "request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:46376", "host": "cloud.haddock.cc", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "X-Forwarded-For": ["192.168.50.1"], "X-Forwarded-Proto": ["https"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Encoding": ["gzip, deflate, br"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.001098218, "error": "tls: first record does not look like a TLS handshake"}
2020/05/26 22:27:41.241 ERROR http.log.error tls: first record does not look like a TLS handshake {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "192.168.50.1:46376", "host": "cloud.haddock.cc", "headers": {"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Cookie": ["__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; oc_sessionPassphrase=jtGvwQ0k22QOmsGIjtQ9qY3MEURz04m8g90Jv29oH6qIV8Rqt6l2HcPf3tTHklOxFn0Iif3nw2YumdCRMskcwEFrMSZvobHzRxkYGR48gEfxC%2BU2fqtusxs5dko6k9ax; i18next=en-US; oc6mbe5vxaa7=hnb90f9hh1lktfn44p50i0h1cg; ocgiijrqfwz6=qkm9m4jmv2rkp9iadsg3lvnchr"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.001268387, "status": 502, "err_id": "inr2myedw", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/05/26 22:27:44.729 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8443", "request": {"method": "GET", "uri": "/status.php", "proto": "HTTP/1.1", "remote_addr": "192.168.50.1:46378", "host": "cloud.haddock.cc", "headers": {"Accept-Encoding": ["gzip, deflate"], "Accept-Language": ["en-US,*"], "X-Forwarded-For": ["192.168.50.1"], "User-Agent": ["Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)"], "Accept": ["*/*"], "X-Request-Id": ["c392b1c2-cdc4-4b12-941b-dbbd37927f45"], "X-Forwarded-Proto": ["https"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000990892, "error": "tls: first record does not look like a TLS handshake"}
2020/05/26 22:27:44.729 ERROR http.log.error tls: first record does not look like a TLS handshake {"request": {"method": "GET", "uri": "/status.php", "proto": "HTTP/1.1", "remote_addr": "192.168.50.1:46378", "host": "cloud.haddock.cc", "headers": {"User-Agent": ["Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)"], "Accept": ["*/*"], "X-Request-Id": ["c392b1c2-cdc4-4b12-941b-dbbd37927f45"], "Connection": ["Keep-Alive"], "Accept-Encoding": ["gzip, deflate"], "Accept-Language": ["en-US,*"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.001179244, "status": 502, "err_id": "r810j4h0f", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/05/26 15:28:03 http: TLS handshake error from 66.249.79.205:53001: no certificate available for 'git.haddock.cc'
2020/05/26 15:28:06 http: TLS handshake error from 116.202.82.37:58624: no certificate available for 'watch.haddock.cc'
2020/05/26 15:28:11 http: TLS handshake error from 88.99.75.82:56494: no certificate available for 'watch.haddock.cc'
2020/05/26 22:28:16.777 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:8443", "request": {"method": "GET", "uri": "/status.php", "proto": "HTTP/1.1", "remote_addr": "192.168.50.1:46394", "host": "cloud.haddock.cc", "headers": {"Accept": ["*/*"], "X-Request-Id": ["6e5a2e9d-4efc-43f6-94ed-1b8ed357108c"], "X-Forwarded-Proto": ["https"], "Accept-Encoding": ["gzip, deflate"], "Accept-Language": ["en-US,*"], "X-Forwarded-For": ["192.168.50.1"], "User-Agent": ["Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.000959164, "error": "tls: first record does not look like a TLS handshake"}
2020/05/26 22:28:16.777 ERROR http.log.error tls: first record does not look like a TLS handshake {"request": {"method": "GET", "uri": "/status.php", "proto": "HTTP/1.1", "remote_addr": "192.168.50.1:46394", "host": "cloud.haddock.cc", "headers": {"Accept": ["*/*"], "X-Request-Id": ["6e5a2e9d-4efc-43f6-94ed-1b8ed357108c"], "Connection": ["Keep-Alive"], "Accept-Encoding": ["gzip, deflate"], "Accept-Language": ["en-US,*"], "User-Agent": ["Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "cloud.haddock.cc"}}, "duration": 0.001095509, "status": 502, "err_id": "b2xs0trxu", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
Caddyfile:
{
#acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
debug
}
cloud.haddock.cc {
reverse_proxy https://localhost:8443 {
transport http {
tls_insecure_skip_verify
}
}
}
docker-compose.yml:
nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
hostname: nextcloud
environment:
- PUID=1001
- PGID=1001
- TZ=$TZ
volumes:
- /opt/docker/config/nextcloud:/config
- /opt/docker/data/nextcloud:/data
ports:
- 8443:443
depends_on:
- nextcloud-db
restart: unless-stopped
Yeah, I forgot that Caddy wasn’t inside the Docker network when I put it as nextcloud:8443.
{
"upstream": "localhost:8443",
"request": {
"method": "GET",
"uri": "/status.php",
"proto": "HTTP/1.1",
"remote_addr": "192.168.50.1:46394",
"host": "cloud.haddock.cc",
"headers": {
"Accept": [
"*/*"
],
"X-Request-Id": [
"6e5a2e9d-4efc-43f6-94ed-1b8ed357108c"
],
"X-Forwarded-Proto": [
"https"
],
"Accept-Encoding": [
"gzip, deflate"
],
"Accept-Language": [
"en-US,*"
],
"X-Forwarded-For": [
"192.168.50.1"
],
"User-Agent": [
"Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)"
]
},
"tls": {
"resumed": false,
"version": 772,
"ciphersuite": 4865,
"proto": "",
"proto_mutual": true,
"server_name": "cloud.haddock.cc"
}
},
"duration": 0.000959164,
"error": "tls: first record does not look like a TLS handshake"
}
Looks like Caddy tried to connect to Nextcloud on port 8443 (which connects to the container’s port 443) but Nextcloud didn’t respond with HTTPS.
Can you run curl -kIL localhost:8443 from the command line of the Docker host?
1 Like
@Whitestrake that gives me:
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 28 May 2020 23:52:01 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: ocgiijrqfwz6=vpsoda7qqen88dsur22dphbu81; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=Jq62hdLwsHxtszxwkxkWCZTgZLbf1rdYSTHLhuTkuTGIOnGRYubYEH2rc6Vgq6kRuGS0u3TCUqKgZGiWPDaxOyukWZV0zgfWog6zxcqhqvT9JkYgo3ukVDbt7vidHpwx; path=/; secure; HttpOnly
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-UHpoRHFiWnYxMFlEQnRDRm9qbmk3ZEJScS9wdXQ2amR2Slh3OXFKSFVzND06RGt3SzNPRWRvemQzWmVIMWwxdlZyUDhCNDh0RjR1Q2Y5T1BFbjhZMEpJRT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Set-Cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
Set-Cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Location: https://cloud.haddock.cc/login
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
HTTP/2 502
server: Caddy
date: Thu, 28 May 2020 23:52:01 GMT
This is awkward, but your Nextcloud instance is responding with HTTP on its HTTPS port.
It seems to be OK, though.
Try just reverse_proxy localhost:8443 in your Caddyfile (remove the other stuff, scheme and transport block).
That worked! What do I do now to get it to work through Docker?
Go back to the setup you had back in this post: "The page isn’t redirecting properly" when runn - #6 by PopeRigby
And then remove the transport subdirective, just like you did just now.
Like this?
cloud.{$DOMAIN} {
reverse_proxy nextcloud:443 {
}
That doesn’t work.