1. Caddy version (caddy version
): v2.0.0 h1:pQSaIJGFluFvu8KDGDODV8u4/QRED/OPyIR+MWYYse8=
2. How I run Caddy:
a. System environment:
Debian buster (Proxmox specifically. I want to move it to an Ubuntu LXC in the future)
b. Command:
caddy run -config CaddyfileV2
c. Service/unit/compose file:
n/a still running from command line before using service unit.
d. My complete Caddyfile or JSON config:
search.fakeadddress.com {
reverse_proxy 192.168.1.237:5000
}
rss.fakeadddress.com {
reverse_proxy 192.168.1.47:8080
}
walla.fakeadddress.com {
reverse_proxy 192.168.1.47:80
}
komga.fakeadddress.com {
reverse_proxy 192.168.1.47:81
}
radarr.fakeadddress.com {
reverse_proxy 192.168.1.228:7878
}
sonarr.fakeadddress.com {
reverse_proxy 192.168.1.228:8989
}
nas.fakeadddress.com {
reverse_proxy 192.168.1.152:80
}
mine.fakeadddress.com {
reverse_proxy 192.168.1.195:443
}
home.fakeadddress.com {
reverse_proxy 192.168.1.228:8899
}
3. The problem I’m having:
The only 2 instances that urls that work are the search.fakeaddress.com
and nas.fakeaddress.com
, which are a search engine and FreeNAS web UI respectively.
4. Error messages and/or full log output:
2020/06/11 13:46:49.434 INFO using provided configuration {"config_file": "CaddyfileV2", "config_adapter": ""}
run: loading initial config: loading new config: starting caddy administration endpoint: listen tcp 127.0.0.1:2019: bind: address already in use
root@pve:~# caddy stop
root@pve:~# caddy run -config CaddyfileV2
2020/06/11 13:46:56.966 INFO using provided configuration {"config_file": "CaddyfileV2", "config_adapter": ""}
2020/06/11 13:46:56.968 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["127.0.0.1:2019", "localhost:2019", "[::1]:2019"]}
2020/06/11 13:46:56.968 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2020/06/11 13:46:56.968 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2020/06/11 14:46:56 [INFO][cache:0xc0000f46e0] Started certificate maintenance routine
2020/06/11 13:46:56.970 INFO tls cleaned up storage units
2020/06/11 13:46:56.970 INFO http enabling automatic TLS certificate management {"domains": ["radarr.fakeaddress.com", "walla.fakeaddress.com", "home.fakeaddress.com", "search.fakeaddress.com", "komga.fakeaddress.com", "mine.fakeaddress.com", "sonarr.fakeaddress.com", "rss.fakeaddress.com", "nas.fakeaddress.com"]}
2020/06/11 13:46:56.981 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2020/06/11 13:46:56.981 INFO serving initial configuration
^C2020/06/11 13:47:02.878 INFO shutting down {"signal": "SIGINT"}
2020/06/11 14:47:02 [INFO][cache:0xc0000f46e0] Stopped certificate maintenance routine
2020/06/11 13:47:02.879 INFO admin stopped previous server
2020/06/11 13:47:02.879 INFO shutdown done {"signal": "SIGINT"}
root@pve:~# nano CaddyfileV2
root@pve:~# caddy run -config CaddyfileV2
2020/06/11 13:47:56.455 INFO using provided configuration {"config_file": "CaddyfileV2", "config_adapter": ""}
2020/06/11 13:47:56.456 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2020/06/11 13:47:56.456 INFO http server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2020/06/11 13:47:56.457 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2020/06/11 14:47:56 [INFO][cache:0xc0005a26e0] Started certificate maintenance routine
2020/06/11 13:47:56.459 INFO tls cleaned up storage units
2020/06/11 13:47:56.459 INFO http enabling automatic TLS certificate management {"domains": ["search.fakeaddress.com", "radarr.fakeaddress.com", "walla.fakeaddress.com", "komga.fakeaddress.com", "mine.fakeaddress.com", "nas.fakeaddress.com", "sonarr.fakeaddress.com", "home.fakeaddress.com", "rss.fakeaddress.com"]}
2020/06/11 13:47:56.470 INFO autosaved config {"file": "/root/.config/caddy/autosave.json"}
2020/06/11 13:47:56.470 INFO serving initial configuration
2020/06/11 13:49:01.766 ERROR http.log.error dial tcp 192.168.1.47:8080: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53400", "host": "rss.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "rss.fakeaddress.com"}}, "duration": 10.000246137, "status": 502, "err_id": "9s6sfzyxx", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:49:50.523 ERROR http.log.error dial tcp 192.168.1.47:8080: i/o timeout {"request": {"method": "GET", "uri": "/api/greader.php/reader/api/0/unread-count?output=json", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53400", "host": "rss.fakeaddress.com", "headers": {"Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["*/*"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Authorization": ["GoogleLogin auth=shash/e9323bd68e2a5c25168f4d8e6de40ec140cd04c3"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "rss.fakeaddress.com"}}, "duration": 10.000245481, "status": 502, "err_id": "wcsghh536", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 14:50:09 http: TLS handshake error from 107.178.200.195:57573: no certificate available for 'qbitt.fakeaddress.com'
2020/06/11 13:50:25.822 ERROR http.log.error dial tcp 192.168.1.47:80: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53462", "host": "walla.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "walla.fakeaddress.com"}}, "duration": 10.00027823, "status": 502, "err_id": "qikt3pimn", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:50:35.924 ERROR http.log.error dial tcp 192.168.1.47:80: i/o timeout {"request": {"method": "GET", "uri": "/favicon.ico", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53462", "host": "walla.fakeaddress.com", "headers": {"Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["image/webp,*/*"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "walla.fakeaddress.com"}}, "duration": 10.000224067, "status": 502, "err_id": "wgfxse37j", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:50:56.117 ERROR http.log.error remote error: tls: internal error {"request": {"method": "GET", "uri": "/index.php/204", "proto": "HTTP/1.1", "remote_addr": "192.168.1.1:48225", "host": "mine.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Android) Nextcloud-android/3.11.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "mine.fakeaddress.com"}}, "duration": 0.001173779, "status": 502, "err_id": "2kx17n7zy", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:52:09.158 ERROR http.log.error remote error: tls: internal error {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53524", "host": "mine.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Cookie": ["oc43um0qgdpv=dqbc92mjet06m410thesh0k76e; oc_sessionPassphrase=UYCajRZqkmY5gPvhz2UXCODgXh76x5kxKQhQ8Taf%2F8%2BQJXH%2Fxtj4%2FMfhd%2BG%2Bcc%2BCPuS9cmz9PlLIi7tzrtzeZa47ZhDjz2WgdKAAe1wZILjjsj5vEQQPwLX8JjhPeV7T; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "mine.fakeaddress.com"}}, "duration": 0.000849436, "status": 502, "err_id": "svq9b483f", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:53:09.700 ERROR http.log.error dial tcp 192.168.1.47:8080: i/o timeout {"request": {"method": "POST", "uri": "/api/pshb.php?k=3fccd4f193c9f88491307c9f89f32f203d02cb58", "proto": "HTTP/1.1", "remote_addr": "66.249.84.235:44477", "host": "rss.fakeaddress.com", "headers": {"Content-Length": ["4488"], "Connection": ["keep-alive"], "From": ["googlebot(at)googlebot.com"], "Accept-Encoding": ["gzip,deflate,br"], "Link": ["<http://feeds.arstechnica.com/arstechnica/index>; rel=self, <http://pubsubhubbub.appspot.com/>; rel=hub"], "Content-Type": ["application/rss+xml"], "User-Agent": ["FeedFetcher-Google; (+http://www.google.com/feedfetcher.html)"], "Cache-Control": ["no-cache,max-age=0"], "Pragma": ["no-cache"], "Accept": ["*/*"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "rss.fakeaddress.com"}}, "duration": 10.000331364, "status": 502, "err_id": "yw3sgm54j", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:53:45.947 ERROR http.log.error dial tcp 192.168.1.47:8080: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53594", "host": "rss.fakeaddress.com", "headers": {"Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "rss.fakeaddress.com"}}, "duration": 10.00025098, "status": 502, "err_id": "4882mf36t", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:54:36.407 ERROR http.log.error dial tcp 192.168.1.228:8899: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53646", "host": "home.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Cookie": ["organizrLanguage=en"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "home.fakeaddress.com"}}, "duration": 10.000227638, "status": 502, "err_id": "4kz53qn9k", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:55:17.852 ERROR http.log.error remote error: tls: internal error {"request": {"method": "GET", "uri": "/index.php/204", "proto": "HTTP/1.1", "remote_addr": "192.168.1.1:38617", "host": "mine.fakeaddress.com", "headers": {"User-Agent": ["Mozilla/5.0 (Android) Nextcloud-android/3.11.1"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "", "proto_mutual": true, "server_name": "mine.fakeaddress.com"}}, "duration": 0.000908067, "status": 502, "err_id": "fd8rqggd1", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:55:25.513 ERROR http.log.error dial tcp 192.168.1.228:8899: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53646", "host": "home.fakeaddress.com", "headers": {"Cache-Control": ["max-age=0"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Upgrade-Insecure-Requests": ["1"], "Cookie": ["organizrLanguage=en"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "home.fakeaddress.com"}}, "duration": 10.000229595, "status": 502, "err_id": "pzk3aby34", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
2020/06/11 13:57:00.853 ERROR http.log.error dial tcp 192.168.1.228:8899: i/o timeout {"request": {"method": "GET", "uri": "/", "proto": "HTTP/2.0", "remote_addr": "37.120.198.77:53646", "host": "home.fakeaddress.com", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Cookie": ["organizrLanguage=en"], "Upgrade-Insecure-Requests": ["1"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"]}, "tls": {"resumed": false, "version": 772, "ciphersuite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "home.fakeaddress.com"}}, "duration": 10.000239089, "status": 502, "err_id": "q76qavs3r", "err_trace": "reverseproxy.(*Handler).ServeHTTP (reverseproxy.go:380)"}
5. What I already tried:
- Tried rebooting the systems that didnt work, like wallabag container etc.
- I use Caddy V1 in a FreeNAS jail currently, tried just using that config file with Caddy V1 in Debian, didn’t work, either sames issues.
- So i have a feeling my config is fine for the most part. But I cant figure out why I can’t actually get to the website.