"Unable to bind: permission denied" when running as a systemd service

1. Caddy version (caddy version):

v2.5.0-beta.1 h1:lF5wWqqDJ6HjETbnBILvTAeKcThsz1+OeWB+d1tWxp4=

2. How I run Caddy:

a. System environment:

pi@raspberrypi:~ $ cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs

b. Command:

caddy run --config /etc/caddy/Caddyfile

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

:80 {
        # Set this path to your site's directory.
        # root * /usr/share/caddy

        # Enable the static file server.
        # file_server

        # Another common task is to set up a reverse proxy:
        reverse_proxy localhost:1080

        # Or serve a PHP site through php-fpm:
        # php_fastcgi localhost:9000
}

# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

3. The problem I’m having:

I get an error that my user does not have relevant permissions to bind to port 80.

4. Error messages and/or full log output:

pi@raspberrypi:~ $ caddy run --config /etc/caddy/Caddyfile
2022/03/15 17:56:49.193	INFO	using provided configuration	{"config_file": "/etc/caddy/Caddyfile", "config_adapter": ""}
2022/03/15 17:56:49.197	INFO	admin	admin endpoint started	{"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["//127.0.0.1:2019", "//localhost:2019", "//[::1]:2019"]}
2022/03/15 17:56:49.198	WARN	http	server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server	{"server_name": "srv0", "http_port": 80}
2022/03/15 17:56:49.198	INFO	tls.cache.maintenance	started background certificate maintenance	{"cache": "0x2d23d60"}
2022/03/15 17:56:49.199	INFO	tls	cleaning storage unit	{"description": "FileStorage:/home/pi/.local/share/caddy"}
2022/03/15 17:56:49.199	INFO	tls	finished cleaning storage units
2022/03/15 17:56:49.199	INFO	tls.cache.maintenance	stopped background certificate maintenance	{"cache": "0x2d23d60"}
run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: permission denied

5. What I already tried:

This is similar to the other issue here:

Based on that discussion, I revisited the installation guide that I used:

If I understand correctly, Caddy is already installed as a systemd service. When I check its status, I see the same error:

pi@raspberrypi:~ $ systemctl status caddy
● caddy.service - Caddy
   Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2022-03-15 17:49:16 GMT; 9min ago
     Docs: https://caddyserver.com/docs/
  Process: 12216 ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile (code=exited, status=1/FAILURE)
 Main PID: 12216 (code=exited, status=1/FAILURE)

Mar 15 17:49:16 raspberrypi caddy[12216]: {"level":"warn","ts":1647366556.7552323,"logger":"http","msg":"server is list
Mar 15 17:49:16 raspberrypi caddy[12216]: {"level":"info","ts":1647366556.755231,"logger":"tls.cache.maintenance","msg"
Mar 15 17:49:16 raspberrypi caddy[12216]: {"level":"info","ts":1647366556.7563884,"logger":"tls","msg":"cleaning storag
Mar 15 17:49:16 raspberrypi caddy[12216]: {"level":"info","ts":1647366556.7564585,"logger":"tls","msg":"finished cleani
Mar 15 17:49:16 raspberrypi caddy[12216]: {"level":"info","ts":1647366556.7565138,"logger":"tls.cache.maintenance","msg
Mar 15 17:49:16 raspberrypi caddy[12216]: run: loading initial config: loading new config: http app module: start: tcp:
Mar 15 17:49:16 raspberrypi systemd[1]: Started Caddy.
Mar 15 17:49:16 raspberrypi systemd[1]: caddy.service: Main process exited, code=exited, status=1/FAILURE
Mar 15 17:49:16 raspberrypi systemd[1]: caddy.service: Failed with result 'exit-code'.
Mar 15 17:49:46 raspberrypi systemd[1]: caddy.service: Unit cannot be reloaded because it is inactive.

6. Links to relevant resources:

NA

Looks like you’re running Caddy directly, not as a systemd service.

Here’s the instructions you should follow to run it as a service:

The error message in your logs is truncated, so we can’t see what the actual problem is. Please use the command in the docs above to check your logs without truncation.

1 Like

Thank you for pointing that out! In fact, I did start Caddy as a systemd service earlier but reloading that service was giving me this output:

pi@raspberrypi:~ $ sudo systemctl start caddy
pi@raspberrypi:~ $ sudo systemctl reload caddy
caddy.service is not active, cannot reload.

That part tripped me off.

Checking for the service status looks okay now:

pi@raspberrypi:~ $ systemctl status caddy
● caddy.service - Caddy
   Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: en
   Active: active (running) since Tue 2022-03-15 18:35:59 GMT; 11s ago
     Docs: https://caddyserver.com/docs/
 Main PID: 13021 (caddy)
    Tasks: 11 (limit: 4915)
   CGroup: /system.slice/caddy.service
           └─13021 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Mar 15 18:35:59 raspberrypi caddy[13021]: JOURNAL_STREAM=8:17432058
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.274342
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.279024
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"warn","ts":1647369359.279354
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.279406
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.280094
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.280156
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.280547
Mar 15 18:35:59 raspberrypi caddy[13021]: {"level":"info","ts":1647369359.280690
Mar 15 18:35:59 raspberrypi systemd[1]: Started Caddy.

pihole reverse proxy works as expected too. I am all set now. Thanks again!

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.