Unable to replicate NGINX config into caddy

Help
1

1. Caddy version (caddy version):

v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

2. How I run Caddy:

a. System environment:

Centos 8
systemd service

b. Command:

systemctl start caddy

c. Service/unit/compose file:

N/A

d. My complete Caddyfile or JSON config:

mydomain.com {

  encode gzip
  
  handle /assets/* {
    root * /etc/pootle/venv-pootle/lib/python2.7/site-packages/pootle/assets/
  }

  reverse_proxy localhost:8080
  
  log {
    format single_field common_log
  }
}

3. The problem I’m having:

So I’m trying to convert an NGINX config which is placed as a reverse proxy for an application called Pootle.

At the moment the NGINX config is working properly which means that DNS and the backend are working as intended. However I’m not quite sure what I need to add for the reverse-proxy with caddy if I want to replace NGINX.

server {
   listen  80;
   server_name mydomain.com;

   access_log /var/log/pootle/nginx-access.log;
   gzip on; # Enable gzip compression

   charset utf-8;

   location /assets {
       alias /etc/pootle/venv-pootle/lib/python2.7/site-packages/pootle/assets/;
       expires 14d;
       access_log off;
   }

   location / {
     proxy_pass         http://localhost:8000;
     proxy_redirect     off;

     proxy_set_header   Host             $host;
     proxy_set_header   X-Real-IP        $remote_addr;
     proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
   }
}

4. Error messages and/or full log output:

HTTP ERROR 502

5. What I already tried:

Previously I did try websockets out of curiosity and the page did load with our the 502, however only blank.

@websockets {
  header Connection *Upgrade*
  header Upgrade    websocket
}

6. Links to relevant resources:

http://docs.translatehouse.org/projects/pootle/en/stable-2.8.x/server/web.html#proxying-with-nginx

2

You need the file_server directive to enable Caddy’s file server. You can put it just after root.

What’s in your logs? Run journalctl -u caddy --no-pager | less to see them.

Your config looks fine. Are you sure you have your python app running and listening to requests on port 8080?

1 Like
3

Sorry about the missing logs; when I do check jctl for caddy I can see these two when I request the domain (translate-neo.surfly.com).

Jul 21 11:21:07 translate-neo caddy[895897]: {"level":"error","ts":1626859267.5895658,"logger":"http.log.error.log0","msg":"dial tcp [::1]:8080: connect: connection refused","request":{"remote_addr":"37.139.21.65:62168","proto":"HTTP/2.0","method":"GET","host":"translate-neo.surfly.com","uri":"/","headers":{"Sec-Fetch-Site":["none"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Accept-Language":["en,sv;q=0.9,nl;q=0.8,es;q=0.7"],"Cookie":["intercom-id-34243f4a3eeaeec18e497f2ab9d722b6fcd5957b=f3d7dace-ad15-41a1-a2f6-00d19c30ea99; ajs_user_id=%22david%40surfly.com%22; ajs_anonymous_id=%22ca393ea0-9699-4e5a-aa00-41a032c81911%22; _iub_cs-605791=%7B%22timestamp%22%3A%222021-07-09T14%3A21%3A16.108Z%22%2C%22version%22%3A%221.31.1%22%2C%22purposes%22%3A%7B%221%22%3Atrue%2C%222%22%3Atrue%2C%224%22%3Atrue%2C%225%22%3Atrue%7D%2C%22id%22%3A605791%7D; euconsent-v2=CPJE5F_PJE5GaB7EABENBiCsAP_AAFMAAAAAIENf_X__bX9j-_59f_t0eY1f9_r_v-Qzjhfdt-8N2L_W_L0X92E7NF36pq4KuR4Eu3LBIQNlHMHUTUmw6okVrzPsak2Mr7NKJ7LEmnMZO2dYGHtfn91TuZKY7_78_9fz3z-v_v___9f3_-__3__59X---_f_V3997Lv9_____93N__wQEAJMNS6AC7MscCRaNKoEQIwrCQ6AUAFEAMLRMYQMDgp2VgEOoAGACA1ARgQAgxBRiwCAAQSAJCIgJADwQCIAgAAAAgBUgIQAETAILACwMAgAFANChAigCECQgyOCo5TAgKkWignsrAEou9hTCEMtcCKBR_RUYCNZogWBkJCwcxwBIAoaBQAFYALgAhgBkADLAGoANkAfgBAACCgEYAKWAU8Aq8BaAFpANYAbwA6oB8gENgIdARUAi8BIgCbAE7AKRAXIAwIBhIDDwGMAMnAZyAzwBnwDkgHKAOsAfgKgPgAUACGAEwALgAjgBlgDUAH4ARgAjgBSwCrwFoAWkA3gCQQExAJsAU2AtgBcgC8wGBAMPAZEAzkBngDPgG5AOSAcoA_AZAdAAoAEMAJgAjgBlgDUgH2AfgBGACOAFLAKuAVsA3gCTgExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwDkgHKAPiAfgSgfgAIAAWABQADIAHAARQAwADEAHgARAAmABVAC4AF8AMQAZgA2gCEAENAIgAiQBHACjAFKALcAYQAygBqgDZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAYeAyIBk4DLAGcgM8AZ8A0gBrADgAHWAO1Ae0A_ApBVAAXABQAFQAMgAcgA-AEAAIoAYABlADQANQAeQBDAEUAJgATwApABVACwAF8AMQAZgA5gB-AEIAIaARABEgCjAFKALEAW4AwgBlADRAGqANkAd8A-wD9AIsARgAjgBKQCggFDAKuAVsAuYBeQDFAG0ANwAegBDoCLwEiAJOATYAnYBQ4CtgFigLQAWwAuABcgC7QF5gMNAYeAxgBkQDJAGTgMuAZyAzwBn0DSANJgawBrIDYwG6wOTA5QBy4DrAHagPHAe0A-UB-AAAA; _iub_cs-605791-granular=%7B%22gac%22%3A%22MX4mAQMBAgEIAQUBBAEDAQwBBQEDAQ4BCAEEAQEBBgEDAgYCAgEBAQkBAgEEAQMBFAEDAQUBCAEGAQkBAQEIAQEBCwEFAQYBBQENAQQBEwEFAQQCAgIKARwBAwENAQMBBAECAQkBBQEBAQgBBQEFAQMBBAECAgMBHAEDAQQBAgIFAQEBAQEQAhABCQEIAgcBBQEBAQcBAgEDAcKNAQMBBwEiAQYBDgINAQICBwEJAQ0BCgECAQYBGAEEAREBCAEGASgBAQEDAREBFAECAQMBAQIFAQUBBAEBAQ0BEQEGAQIBAQEBAQcBEwEHAQcBBQECAQkBAwETAQEBAwEIAQMBBQEDAQoCAgEVAQ8BAQEFAQcBAQEDAQoBBQEEARABDwEKAQcCCQEbAQcBAwICARQBAQEGAQUCCAEdARABAwEIAQ4BBwEGAQIBBQEFAQYBAQEDAgYBCwEMARUBDAEBAQsBAQEJAgMBDgEBAQMBCAEDAQQCAgEGAQwBBAEOAQMBDAEDAQ0BBwEBAQ4BAQEEAQQCAQEBAgEBDQEGAQMBBwEBAQgBCQERAQsBDAEBAREDAgMIARgBAwISAQcBAwEEAQECBAEDAQcBAwEBAQEBAQENAQEBDAEDAQEBBQEIAQUBAgEDAQIBBAEBAQIBBQEJAQoBAQEDAQIBDwECAQoBAgIBAQIBCAESAQoBDgECAQkBBgEFAQMBAgEDAQgBAgECAQIEBQEKAQIDBgEDAQUCCQEEAQEBBQECAQEBAQEDAQIBAQEBAQYBAQEMAQYBCwEBAgUBAwEEAQMBAgEBAQEBAwICBAEBCAIFAQgCBAEBAgYBAQEHAQoCAgMBAgIBAQEFAgQBBQIEAQICAgMBAQEBBgEGAgMCAQEFAgEDAgMDAwECBwIGAQMBAgEBAgIBBAECAQgBBQIOAQkBGwIBAwsBAgEDAgUBAgEDAQYCAgMCAgQBAgICAQEBAQMDAQECAQQBAQEBAwEBAgEBAQEBAQMEAQwBAQEDAQIBAgYCAQQBBQEDAgEBAwcEBAEBAgUBBAYBAQEBAgMDAwEBAQMDAQEDAQECAQECAQECBQMEBAIIAQICBAMCAQMCAQECAgMBAQIBAQEBAQcKAgIDAQEBAgMBAQECAQECAwYCAQEDAQEEAggBAwMCAgMBAgIDAQQCBgEBBAEEAwEBAgsDAgIBAQEBAgIBBAEDAQUBAgICBAIBAQMB%22%7D; csrftoken=7vVV3Nf2U3Xk8kHiWdJjsVCZgsb3coGxepe2fusNVaZBGgq6yUXNrSKZhAE1xenF; pootle-language=sv"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\" Not;A Brand\";v=\"99\", \"Google Chrome\";v=\"91\", \"Chromium\";v=\"91\""],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","proto_mutual":true,"server_name":"translate-neo.surfly.com"}},"duration":0.003279724,"status":502,"err_id":"5wnnnai1d","err_trace":"reverseproxy.statusError (reverseproxy.go:857)"}
Jul 21 11:21:07 translate-neo caddy[895897]: 37.139.21.65 - - [21/Jul/2021:11:21:07 +0200] "GET / HTTP/2.0" 502 0

However when I add websockets, this is what I get from the same logging but the page is now just blank/white.


@websockets {
  header Connection *Upgrade*
  header Upgrade    websocket
}
reverse_proxy @websockets localhost:8080

Jul 21 11:23:37 translate-neo caddy[896621]: 37.139.21.65 - - [21/Jul/2021:11:23:37 +0200] “GET / HTTP/2.0” 0 0
Jul 21 11:23:37 translate-neo caddy[896621]: 37.139.21.65 - - [21/Jul/2021:11:23:37 +0200] “GET /favicon.ico HTTP/2.0” 0 0
4

Right, because that request is not a websocket connection request, so Caddy doesn’t attempt to proxy it and it just falls through unhandled which results in Caddy’s default empty response (because Caddy did what it was configured to do, i.e. nothing).

But it’s clear Caddy isn’t able to connect to your upstream app. Make sure it’s actually running and listening to requests on port 8080.

1 Like
5

Alright, problem was fixed and here’s the config used to mimic nginx alias with static file content.

domain.company.com {

    handle_path /assets/* {
      file_server {
        root /etc/pootle/venv-pootle/lib/python2.7/site-packages/pootle/assets/
      }
    }

    reverse_proxy localhost:8000

    log {
        format single_field common_log
    }
}
1 Like
6

This topic was automatically closed after 30 days. New replies are no longer allowed.