Unable to access services via URL

jeff · April 12, 2025, 12:23pm

1. The problem I’m having:

Within my local network, I cannot access any of my services via URL. If I use the local IP, I can. For example pics.smithbury.com fails but 192.168.1.118:2283 works. I can access the services via mobile device, not connected to local network. A complication to this is I have Authentik for SSO setup which my services need to reference but cannot because internally the URL cannot be found.

This is an intermittent issue I’ve experienced previously which seems to go away overnight. But I haven’t worked out why.

I switched my DNS from 8.8.8.8 to 1.1.1.1 and used the purge cache tool, thinking it was simple DNS. But after flushing my workstation DNS (Win11, ipconfig /flushdns), the issue continues

2. Error messages and/or full log output:

I’m not seeing errors within Caddy logs, just time out in browser. Here is the log after a reload and trying to access pics.smithbury.com.

Apr 12 12:05:49 hermes systemd[1]: Reloading Caddy...
Apr 12 12:05:49 hermes caddy[19241]: {"level":"info","ts":1744459549.8273442,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
Apr 12 12:05:49 hermes caddy[19241]: {"level":"info","ts":1744459549.8320148,"msg":"adapted config to JSON","adapter":"caddyfile"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8339176,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"59524","headers":{"Accept-Encoding":["gzip"],"Cache-Control":["must-revalidate"],"Content-Length":["28534"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.837975,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.838961,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8393772,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8399823,"logger":"http.auto_https","msg":"adjusted config","tls":{"automation":{"policies":[{"subjects":["prowlarr.smithbury.com","hoarder.smithbury.com","request.smithbury.com","readarr.smithbury.com","budget.smithbury.com","bazarr.smithbury.com","dockge.smithbury.com","lidarr.smithbury.com","radarr.smithbury.com","sonarr.smithbury.com","wallos.smithbury.com","auth.smithbury.com","pics.smithbury.com","plex.smithbury.com","rss.smithbury.com","nzb.smithbury.com","vik.smithbury.com","ab.smithbury.com","qb.smithbury.com"]},{}]}},"http":{"servers":{"remaining_auto_https_redirects":{"listen":[":80"],"routes":[{},{}],"logs":{"logger_names":{"ab.smithbury.com":["log1"],"auth.smithbury.com":["log2"],"bazarr.smithbury.com":["log3"],"budget.smithbury.com":["log0"],"dockge.smithbury.com":["log4"],"hoarder.smithbury.com":["log5"],"lidarr.smithbury.com":["log7"],"nzb.smithbury.com":["log14"],"pics.smithbury.com":["log6"],"plex.smithbury.com":["log9"],"prowlarr.smithbury.com":["log10"],"qb.smithbury.com":["log11"],"radarr.smithbury.com":["log12"],"readarr.smithbury.com":["log13"],"request.smithbury.com":["log8"],"sonarr.smithbury.com":["log15"],"vik.smithbury.com":["log16"],"wallos.smithbury.com":["log17"]},"skip_hosts":["rss.smithbury.com"]}},"srv0":{"listen":[":443"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:9696"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:3000"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:5055"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:8787"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:5006"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:6767"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:5001"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:8686"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:7878"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handle_response":[{"match":{"status_code":[2]},"routes":[{"handle":[{"handler":"vars"}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Email":["{http.reverse_proxy.header.X-Authentik-Email}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Email}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Groups":["{http.reverse_proxy.header.X-Authentik-Groups}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Groups}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Jwt":["{http.reverse_proxy.header.X-Authentik-Jwt}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Jwt}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-App":["{http.reverse_proxy.header.X-Authentik-Meta-App}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-App}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Jwks":["{http.reverse_proxy.header.X-Authentik-Meta-Jwks}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Jwks}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Outpost":["{http.reverse_proxy.header.X-Authentik-Meta-Outpost}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Outpost}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Provider":["{http.reverse_proxy.header.X-Authentik-Meta-Provider}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Provider}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Meta-Version":["{http.reverse_proxy.header.X-Authentik-Meta-Version}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Meta-Version}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Name":["{http.reverse_proxy.header.X-Authentik-Name}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Name}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Uid":["{http.reverse_proxy.header.X-Authentik-Uid}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Uid}":[""]}}]}]},{"handle":[{"handler":"headers","request":{"set":{"X-Authentik-Username":["{http.reverse_proxy.header.X-Authentik-Username}"]}}}],"match":[{"not":[{"vars":{"{http.reverse_proxy.header.X-Authentik-Username}":[""]}}]}]}]}],"handler":"reverse_proxy","headers":{"request":{"set":{"X-Forwarded-Method":["{http.request.method}"],"X-Forwarded-Uri":["{http.request.uri}"]}}},"rewrite":{"method":"GET","uri":"/outpost.goauthentik.io/auth/caddy"},"upstreams":[{"dial":"192.168.1.118:9000"}]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}],"match":[{"path":["/outpost.goauthentik.io/*"]}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:8989"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:8282"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:9000"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:2283"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.117:32400"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:8778"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:8080"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:3456"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.118:13378"}]}]}]}],"terminal":true},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"192.168.1.110:8998"}]}]}]}],"terminal":true}],"tls_connection_policies":[{}],"automatic_https":{},"logs":{"logger_names":{"ab.smithbury.com":["log1"],"auth.smithbury.com":["log2"],"bazarr.smithbury.com":["log3"],"budget.smithbury.com":["log0"],"dockge.smithbury.com":["log4"],"hoarder.smithbury.com":["log5"],"lidarr.smithbury.com":["log7"],"nzb.smithbury.com":["log14"],"pics.smithbury.com":["log6"],"plex.smithbury.com":["log9"],"prowlarr.smithbury.com":["log10"],"qb.smithbury.com":["log11"],"radarr.smithbury.com":["log12"],"readarr.smithbury.com":["log13"],"request.smithbury.com":["log8"],"sonarr.smithbury.com":["log15"],"vik.smithbury.com":["log16"],"wallos.smithbury.com":["log17"]},"skip_hosts":["rss.smithbury.com"]}}}}}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.844794,"logger":"crowdsec","msg":"initializing streaming bouncer","instance_id":"e9ef8e27"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8452852,"logger":"crowdsec","msg":"using API key auth","instance_id":"e9ef8e27","address":"http://localhost:8080/"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8457115,"logger":"crowdsec","msg":"started","instance_id":"e9ef8e27"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.846053,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.84641,"logger":"http","msg":"starting server loop","address":"[::]:443","tls":true,"http3":true}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8470383,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Apr 12 12:05:49 hermes caddy[603]: {"level":"warn","ts":1744459549.8474145,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8478038,"logger":"http","msg":"starting server loop","address":"[::]:80","tls":false,"http3":false}
Apr 12 12:05:49 hermes caddy[603]: {"level":"warn","ts":1744459549.8482625,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8486207,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.848678,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["nzb.smithbury.com","bazarr.smithbury.com","hoarder.smithbury.com","dockge.smithbury.com","qb.smithbury.com","vik.smithbury.com","readarr.smithbury.com","rss.smithbury.com","request.smithbury.com","budget.smithbury.com","pics.smithbury.com","lidarr.smithbury.com","auth.smithbury.com","wallos.smithbury.com","sonarr.smithbury.com","ab.smithbury.com","prowlarr.smithbury.com","radarr.smithbury.com","plex.smithbury.com"]}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8487616,"logger":"http","msg":"servers shutting down with eternal grace period"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8468664,"logger":"crowdsec","msg":"starting streaming bouncer","instance_id":"e9ef8e27"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8468728,"logger":"crowdsec","msg":"starting decision processing","instance_id":"e9ef8e27"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8468757,"logger":"crowdsec","msg":"starting metrics provider","instance_id":"e9ef8e27"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8489597,"logger":"crowdsec","msg":"usage metrics disabled","instance_id":"e9ef8e27","address":"http://localhost:8080/"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.8468804,"logger":"dynamic_dns","msg":"beginning IP address check"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8493705,"logger":"crowdsec","msg":"stopping ...","instance_id":"7b167817"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8494563,"logger":"crowdsec","msg":"processing new and deleted decisions stopped","instance_id":"7b167817"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8515637,"logger":"crowdsec","msg":"finished","instance_id":"7b167817"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8517025,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.8520095,"logger":"admin.api","msg":"load complete"}
Apr 12 12:05:49 hermes systemd[1]: Reloaded Caddy.
Apr 12 12:05:49 hermes caddy[603]: {"level":"info","ts":1744459549.856836,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.92485,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup","type":"IPv4","endpoint":"https://icanhazip.com","ip":"118.210.34.26"}
Apr 12 12:05:49 hermes caddy[603]: {"level":"debug","ts":1744459549.924869,"logger":"dynamic_dns","msg":"no IP address change; no update needed"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.766459,"logger":"crowdsec","msg":"processing 4809 deleted decisions","instance_id":"e9ef8e27"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.7673793,"logger":"crowdsec","msg":"skipped logging for 4809 deleted decisions","instance_id":"e9ef8e27"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.767824,"logger":"crowdsec","msg":"finished processing 4809 deleted decisions","instance_id":"e9ef8e27"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.7681997,"logger":"crowdsec","msg":"processing 80993 new decisions","instance_id":"e9ef8e27"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.8349693,"logger":"crowdsec","msg":"skipped logging for 80993 new decisions","instance_id":"e9ef8e27"}
Apr 12 12:05:50 hermes caddy[603]: {"level":"debug","ts":1744459550.8366854,"logger":"crowdsec","msg":"finished processing 80993 new decisions","instance_id":"e9ef8e27"}

3. Caddy version:

v2.9.0 h1:rteY8N18LsQn+2KVk6R10Vg/AlNsID1N/Ek9JLjm2yE=

4. How I installed and ran Caddy:

Installed directly using this guide.

a. System environment:

OS: Ubuntu 22.04.5 LTS
Architecture: 64 bit
Systemd: Yes.

Installed using these instructions. Then default installed replaced with custom pakage these instructions.

This is the custom package I used which includes plugins for:

Caddy DNS
Caddy Dynamic DNS
CrowdSec
DNS Provider Cloudflare

b. Command:

sudo systemctl reload caddy.service

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

{
	debug # Uncomment to enable debug logs

	email [EMAIL]

	acme_dns cloudflare [APIKEY]

	dynamic_dns {
		provider cloudflare [APIKEY]
		domains {
			smithbury.com @ *
		}
		versions ipv4
	}

	crowdsec {
		api_url http://localhost:8080
		api_key [APIKEY]
		ticker_interval 15s
	}

	order crowdsec before encode
}

(authentik) {
	reverse_proxy /outpost.goauthentik.io/* 192.168.1.118:9000
	forward_auth 192.168.1.118:9000 {
		uri /outpost.goauthentik.io/auth/caddy
		copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version
	}
}

(log) {
	log {
		output file /var/log/caddy/{args[0]}.log
	}
}

# ActualBudget
budget.smithbury.com {
	import log actualbudget
	reverse_proxy 192.168.1.118:5006
}

# AudiobookShelf
ab.smithbury.com {
	import log audiobookshelf
	reverse_proxy 192.168.1.118:13378
}

# Authentik
auth.smithbury.com {
	import log authentik
	reverse_proxy 192.168.1.118:9000
}

# Bazarr
bazarr.smithbury.com {
	import authentik
	import log bazarr
	reverse_proxy 192.168.1.118:6767
}

# Dockge
dockge.smithbury.com {
	import authentik
	import log dockge
	reverse_proxy 192.168.1.118:5001
}

# FreshRSS
rss.smithbury.com {
	# import authentik
	# import log freshrss
	reverse_proxy 192.168.1.118:8778
}

# Hoarder
hoarder.smithbury.com {
	import log hoarder
	reverse_proxy 192.168.1.118:3000
}

# Immich
pics.smithbury.com {
	import log immich
	reverse_proxy 192.168.1.118:2283
}

# Lidarr
lidarr.smithbury.com {
	import authentik
	import log lidarr
	reverse_proxy 192.168.1.110:8686
}

# Overseerr
request.smithbury.com {
	import log overseerr
	reverse_proxy 192.168.1.118:5055
}

# Plex
plex.smithbury.com {
	import log plex
	reverse_proxy 192.168.1.117:32400
}

# Prowlarr
prowlarr.smithbury.com {
	import authentik
	import log prowlarr
	reverse_proxy 192.168.1.110:9696
}

# qBittorent
qb.smithbury.com {
	import log qbittorrent
	reverse_proxy 192.168.1.110:8998
}

# Radarr
radarr.smithbury.com {
	import authentik
	import log radarr
	reverse_proxy 192.168.1.110:7878
}

# Readarr
readarr.smithbury.com {
	import authentik
	import log readarr
	reverse_proxy 192.168.1.110:8787
}

# SABnzbd
nzb.smithbury.com {
	# import authentik
	import log sabnzbd
	reverse_proxy 192.168.1.110:8080
}

# Sonarr
sonarr.smithbury.com {
	import authentik
	import log sonarr
	reverse_proxy 192.168.1.110:8989
}

# Vikunja
vik.smithbury.com {
	import log vikunja
	reverse_proxy 192.168.1.118:3456
}

# Wallos
wallos.smithbury.com {
	import log wallos
	reverse_proxy 192.168.1.118:8282
}

5. Links to relevant resources:

NA

timelordx · April 12, 2025, 2:18pm

jeff · April 17, 2025, 2:08pm

Thanks for the info. I’ve stood up pihole with unbound but still intermittently getting the issue previously described and intermittently unable to access from external networks via URL either.

Trying to curl from Caddy host to a hosted service:

$ curl https://vik.smithbury.com
curl: (28) Failed to connect to vik.smithbury.com port 443 after 130335 ms: Connection timed out```

timelordx · April 17, 2025, 7:16pm

When troubleshooting, try using -v with curl. It provides extra info that might be helpful.

You can also run:

sudo ss -tulpn

to see what’s currently listening on the Caddy host.

jeff · April 18, 2025, 12:15am

It’s come good again overnight. What’s odd is I can see my WAN IP and Cloudflare DNS records haven’t changed in that time. I’ll try those commands and share the output next time it happens. It’s usually a couple times a week.

jeff · April 20, 2025, 10:55am

Tested tonight when the issue recurred.

$ curl -v https://ab.smithbury.com
*   Trying 118.210.34.26:443...
* connect to 118.210.34.26 port 443 failed: Connection timed out
* Failed to connect to ab.smithbury.com port 443 after 130854 ms: Connection timed out
* Closing connection 0
curl: (28) Failed to connect to ab.smithbury.com port 443 after 130854 ms: Connection timed out

$ sudo ss -tulpn
Netid                      State                        Recv-Q                       Send-Q                                                                 Local Address:Port                                              Peer Address:Port                      Process                                                         
udp                        UNCONN                       0                            0                                                                      127.0.0.53%lo:53                                                     0.0.0.0:*                          users:(("systemd-resolve",pid=588,fd=13))                      
udp                        UNCONN                       0                            0                                                                192.168.1.108%ens18:68                                                     0.0.0.0:*                          users:(("systemd-network",pid=586,fd=18))                      
udp                        UNCONN                       0                            0                                                  [fe80::be24:11ff:fe61:5608]%ens18:546                                                       [::]:*                          users:(("systemd-network",pid=586,fd=15))                      
udp                        UNCONN                       0                            0                                                                                  *:443                                                          *:*                          users:(("caddy",pid=601,fd=8))                                 
tcp                        LISTEN                       0                            4096                                                                       127.0.0.1:2019                                                   0.0.0.0:*                          users:(("caddy",pid=601,fd=3))                                 
tcp                        LISTEN                       0                            128                                                                          0.0.0.0:22                                                     0.0.0.0:*                          users:(("sshd",pid=669,fd=3))                                  
tcp                        LISTEN                       0                            4096                                                                       127.0.0.1:8080                                                   0.0.0.0:*                          users:(("crowdsec",pid=780,fd=17))                             
tcp                        LISTEN                       0                            4096                                                                       127.0.0.1:6060                                                   0.0.0.0:*                          users:(("crowdsec",pid=780,fd=20))                             
tcp                        LISTEN                       0                            4096                                                                   127.0.0.53%lo:53                                                     0.0.0.0:*                          users:(("systemd-resolve",pid=588,fd=14))                      
tcp                        LISTEN                       0                            1024                                                                       127.0.0.1:38469                                                  0.0.0.0:*                          users:(("code-17baf84113",pid=2253,fd=9))                      
tcp                        LISTEN                       0                            4096                                                                               *:80                                                           *:*                          users:(("caddy",pid=601,fd=10))                                
tcp                        LISTEN                       0                            128                                                                             [::]:22                                                        [::]:*                          users:(("sshd",pid=669,fd=4))                                  
tcp                        LISTEN                       0                            4096                                                                               *:443                                                          *:*                          users:(("caddy",pid=601,fd=9))

This may be dumb, but I think CrowdSec is blocking me from accessing my own services?

This is a screenshot my CrowdSec Console that I checked out on a hunch. It says it’s applied a ban for my OWN public IP. Has anyone encountered this type of behaviour?

jeff · April 20, 2025, 12:43pm

Deleting the referenced decision using cli, that resolved my issue. Appears to be a CrowdSec problem rather than a Caddy one.