Unable to run a wordpress site through Caddy v2

ProfileNam3 · August 25, 2021, 5:44am

1. Caddy version (`caddy version`):

v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

2. How I run Caddy:

sudo systemctl start caddy.service

a. System environment:

OS: Ubuntu 20.04.3 LTS aarch64
Device: Raspberry Pi 4 Model B Rev 1.4 
Kernel: 5.4.0-1041-raspi

b. Command:

See above how I run Caddy

c. Service/unit/compose file:

Using Systemd

d. My complete Caddyfile or JSON config:

{
        debug
}
trulan.net {
        # Set this path to your site's directory.
        root * /var/www/wordpress

        php_fastcgi 127.0.0.1:9000
        encode gzip
        #rewrite {
        #       if {path} not_match ^\/wp-admin
        #       to {path} {path}/ /index.php?{query}
        #}

        # Enable the static file server.
        file_server

        # Another common task is to set up a reverse proxy:
        #reverse_proxy localhost:8096

        # Or serve a PHP site through php-fpm:
        # php_fastcgi localhost:9000
}

jellyfin.trulan.net{ #THIS PART WORKS BOTH EXTERNAL AND INTERNAL
        reverse_proxy localhost:8096
}

3. The problem I’m having:

Prior to installing wordpress I had a super simple html document that caddy ran.
This website ran with 0 flaws, but it was just a dumb html document with a couple links
Im trying to setup Wordpress with Caddy v2
I am NOT using Docker, all just on the bare metal
When going to trulan.net, I get a 404 error on Chrome and a blank page on firefox
Feel free to test that yourself, trulan.net is public

4. Error messages and/or full log output:

curl -v trulan.net
*   Trying 123.243.41.74:80...
* TCP_NODELAY set
* Connected to trulan.net (123.243.41.74) port 80 (#0)
> GET / HTTP/1.1
> Host: trulan.net
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://trulan.net/
< Server: Caddy
< Date: Wed, 25 Aug 2021 05:41:39 GMT
< Content-Length: 0
< 
* Closing connection 0

sudo systemctl status caddy.service
● caddy.service - Caddy
     Loaded: loaded (/lib/systemd/system/caddy.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-08-25 05:41:25 UTC; 54s ago
       Docs: https://caddyserver.com/docs/
   Main PID: 424023 (caddy)
      Tasks: 9 (limit: 9257)
     CGroup: /system.slice/caddy.service
             └─424023 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Aug 25 05:41:25 trulan caddy[424023]: {"level":"info","ts":1629870085.7417104,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 05:41:25 trulan caddy[424023]: {"level":"debug","ts":1629870085.7418919,"logger":"http","msg":"starting server loop","address":"[::]:443","http3":false,"tls":true}
Aug 25 05:41:25 trulan caddy[424023]: {"level":"debug","ts":1629870085.742048,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
Aug 25 05:41:25 trulan caddy[424023]: {"level":"info","ts":1629870085.7420855,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["jellyfin.trulan.net","trulan.>
Aug 25 05:41:25 trulan caddy[424023]: {"level":"debug","ts":1629870085.7434876,"logger":"tls","msg":"loading managed certificate","domain":"jellyfin.trulan.net","expiration":1637559042,"iss>
Aug 25 05:41:25 trulan caddy[424023]: {"level":"info","ts":1629870085.7453785,"logger":"tls","msg":"finished cleaning storage units"}
Aug 25 05:41:25 trulan caddy[424023]: {"level":"debug","ts":1629870085.7811797,"logger":"tls","msg":"loading managed certificate","domain":"trulan.net","expiration":1637103031,"issuer_key":>
Aug 25 05:41:25 trulan caddy[424023]: {"level":"info","ts":1629870085.7827427,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Aug 25 05:41:25 trulan systemd[1]: Started Caddy.
Aug 25 05:41:25 trulan caddy[424023]: {"level":"info","ts":1629870085.7835133,"msg":"serving initial configuration"}

5. What I already tried:

Iv tried tweaking my caddyfile config file after multiple google searches to try and be better but I feel like its another issue.
I did originally start this using a guide thats for Caddy v1

https://computingforgeeks.com/host-wordpress-website-with-caddy-web-server/

6. Links to relevant resources:

None aside from above tutorial that I started with

francislavoie · August 25, 2021, 7:19am

That looks correct. Please instead try curl -vL trulan.net OR curl -v https://trulan.net. Basically the -L option tells curl to follow redirects (via the Location header, hence -L), or you can skip the HTTP->HTTPS redirect by going to HTTPS up-front.

Your log messages are truncated. Please use the command listed here to read your logs, instead of systemctl status:

The most common problem with php-fpm sites is file permissions. What user/group are files in /var/www/wordpress owned by?

Files need to both be accessible by the caddy user, and the user php-fpm runs as (usually the default is www-data). The caddy use by default is part of the www-data group, so if your files are group-owned by www-data and group-readable, then it should work. If your file permissions are something else, it may not work. Please run ls -la /var/www/wordpress to see the permissions.

ProfileNam3 · August 25, 2021, 7:42am

curl -vL trulan.net
*   Trying 123.243.41.74:80...
* TCP_NODELAY set
* Connected to trulan.net (123.243.41.74) port 80 (#0)
> GET / HTTP/1.1
> Host: trulan.net
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://trulan.net/
< Server: Caddy
< Date: Wed, 25 Aug 2021 07:34:38 GMT
< Content-Length: 0
< 
* Closing connection 0
* Issue another request to this URL: 'https://trulan.net/'
*   Trying 123.243.41.74:443...
* TCP_NODELAY set
* Connected to trulan.net (123.243.41.74) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_CHACHA20_POLY1305_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=trulan.net
*  start date: Aug 18 22:50:33 2021 GMT
*  expire date: Nov 16 22:50:31 2021 GMT
*  subjectAltName: host "trulan.net" matched cert's "trulan.net"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0xaaaae0de3200)
> GET / HTTP/2
> Host: trulan.net
> user-agent: curl/7.68.0
> accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 502 
< server: Caddy
< content-length: 0
< date: Wed, 25 Aug 2021 07:34:38 GMT
< 
* Connection #1 to host trulan.net left intact

Logs below

-- Logs begin at Tue 2021-07-13 12:36:58 UTC, end at Wed 2021-08-25 07:40:09 UTC. --
Jul 14 14:24:33 trulan systemd[1]: Starting Caddy...
Jul 14 14:24:36 trulan caddy[1768]: caddy.HomeDir=/var/lib/caddy
Jul 14 14:24:36 trulan caddy[1768]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Jul 14 14:24:36 trulan caddy[1768]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Jul 14 14:24:36 trulan caddy[1768]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Jul 14 14:24:36 trulan caddy[1768]: caddy.Version=v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=
Jul 14 14:24:36 trulan caddy[1768]: runtime.GOOS=linux
Jul 14 14:24:36 trulan caddy[1768]: runtime.GOARCH=arm64
Jul 14 14:24:36 trulan caddy[1768]: runtime.Compiler=gc
Jul 14 14:24:36 trulan caddy[1768]: runtime.NumCPU=4
Jul 14 14:24:36 trulan caddy[1768]: runtime.GOMAXPROCS=4
Jul 14 14:24:36 trulan caddy[1768]: runtime.Version=go1.16.5
Jul 14 14:24:36 trulan caddy[1768]: os.Getwd=/
Jul 14 14:24:36 trulan caddy[1768]: LANG=C.UTF-8
Jul 14 14:24:36 trulan caddy[1768]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Jul 14 14:24:36 trulan caddy[1768]: NOTIFY_SOCKET=/run/systemd/notify
Jul 14 14:24:36 trulan caddy[1768]: HOME=/var/lib/caddy
Jul 14 14:24:36 trulan caddy[1768]: LOGNAME=caddy
Jul 14 14:24:36 trulan caddy[1768]: USER=caddy
Jul 14 14:24:36 trulan caddy[1768]: INVOCATION_ID=43582ef1810749c283da2aa4b9cb0a87
Jul 14 14:24:36 trulan caddy[1768]: JOURNAL_STREAM=9:62057
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.2578366,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"warn","ts":1626272676.2721188,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":14}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.2750905,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.275565,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.2759335,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.2756073,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x400019f1f0"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.277744,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["jellyfin.trulan.net","trulan.net"]}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.2848651,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"info","ts":1626272676.3535202,"logger":"tls","msg":"finished cleaning storage units"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"error","ts":1626272676.8709276,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8096: connect: connection refused","request":{"remote_addr":"209.58.163.227:37970","proto":"HTTP/2.0","method":"GET","host":"jellyfin.trulan.net","uri":"/system/info/public","headers":{"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0"],"Accept":["*/*"],"Accept-Language":["en-US,en;q=0.5"],"Accept-Encoding":["gzip, deflate, br"],"Dnt":["1"],"Te":["trailers"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"jellyfin.trulan.net"}},"duration":0.006180963,"status":502,"err_id":"amt02h7m6","err_trace":"reverseproxy.statusError (reverseproxy.go:857)"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"error","ts":1626272676.8710036,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8096: connect: connection refused","request":{"remote_addr":"209.58.163.227:37970","proto":"HTTP/2.0","method":"GET","host":"jellyfin.trulan.net","uri":"/ScheduledTasks?IsEnabled=true","headers":{"Dnt":["1"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0"],"Accept":["application/json"],"Accept-Language":["en-US,en;q=0.5"],"Accept-Encoding":["gzip, deflate, br"],"X-Emby-Authorization":["MediaBrowser Client=\"Jellyfin Web\", Device=\"Firefox\", DeviceId=\"TW96aWxsYS81LjAgKFgxMTsgVWJ1bnR1OyBMaW51eCB4ODZfNjQ7IHJ2Ojg5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvODkuMHwxNjI2MjU1Mzc3MDgx\", Version=\"10.7.6\", Token=\"afef8ca83e1c40c283edd3a449287504\""]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"jellyfin.trulan.net"}},"duration":0.006622241,"status":502,"err_id":"wxth24deu","err_trace":"reverseproxy.statusError (reverseproxy.go:857)"}
Jul 14 14:24:36 trulan caddy[1768]: {"level":"error","ts":1626272676.8711572,"logger":"http.log.error","msg":"dial tcp 127.0.0.1:8096: connect: connection refused","request":{"remote_addr":":

Because im troubleshooting, currently, /var/www/wordpress has a full 777, everygroup and user has full access. Will tweak this once its working.

ls -la /var/www/wordpress
total 220
drwxrwxrwx  5  777 trulan  4096 Aug 25 04:29 .
drwxr-xr-x  5 root root    4096 Aug 25 04:28 ..
-rw-r--r--  1  777 trulan   405 Feb  6  2020 index.php
-rw-r--r--  1  777 trulan 19915 Jan  1  2021 license.txt
-rw-r--r--  1  777 trulan  7346 Jul  6 12:23 readme.html
-rw-r--r--  1  777 trulan  7165 Jan 21  2021 wp-activate.php
drwxr-xr-x  9  777 trulan  4096 Jul 20 16:22 wp-admin
-rw-r--r--  1  777 trulan   351 Feb  6  2020 wp-blog-header.php
-rw-r--r--  1  777 trulan  2328 Feb 17  2021 wp-comments-post.php
-rw-r--r--  1  777 trulan  2982 Aug 25 04:29 wp-config.php
drwxr-xr-x  4  777 trulan  4096 Jul 20 16:22 wp-content
-rw-r--r--  1  777 trulan  3939 Jul 30  2020 wp-cron.php
drwxr-xr-x 25  777 trulan 12288 Jul 20 16:22 wp-includes
-rw-r--r--  1  777 trulan  2496 Feb  6  2020 wp-links-opml.php
-rw-r--r--  1  777 trulan  3900 May 15 17:38 wp-load.php
-rw-r--r--  1  777 trulan 45463 Apr  6 18:39 wp-login.php
-rw-r--r--  1  777 trulan  8509 Apr 14  2020 wp-mail.php
-rw-r--r--  1  777 trulan 22297 Jun  1 23:09 wp-settings.php
-rw-r--r--  1  777 trulan 31693 May  7 20:16 wp-signup.php
-rw-r--r--  1  777 trulan  4747 Oct  8  2020 wp-trackback.php
-rw-r--r--  1  777 trulan  3236 Jun  8  2020 xmlrpc.php

I appreciate your help

francislavoie · August 25, 2021, 7:59am

Looks like Caddy can’t connect to your Jellyfin service. Are you sure Jellyfin is running?

I don’t see any logs for your wordpress site, only for jellyfin.

No, you changed the owner of the files to the user with ID 777, which doesn’t exist. Notice how all the permissions for files are still -rw-r--r-- which is actually 644, not 777. If you wanted to change actual permission bits, than you need to use chmod, not chown.

The files should be group owned by www-data.

Run this:

sudo chown -R www-data:www-data /var/www/wordpress

This will change the ownership for both user and group to www-data.

ProfileNam3 · August 25, 2021, 8:50am

Yeah Jellyfin is running, unsure what that error might relate to, feel free to try yourself.

Ah right yes I am being dumb and should do chmod
I have now run the chown command you suggested AND run sudo chmod 777 on the wordpress folder

Restarted Caddy and the issue persists

francislavoie · August 25, 2021, 9:06am

What’s in your logs now? With debug mode on, Caddy should report any permission issues.

Edit: Oh, the logs you showed were from July 14th.

Make sure to jump to the bottom of your logs, for the most recent messages. Use the command journalctl -u caddy --no-pager | less +G which will jump to the bottom immediately.

ProfileNam3 · August 25, 2021, 9:23am

Aug 25 09:09:20 trulan systemd[1]: Starting Caddy...
Aug 25 09:09:20 trulan caddy[457635]: caddy.HomeDir=/var/lib/caddy
Aug 25 09:09:20 trulan caddy[457635]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Aug 25 09:09:20 trulan caddy[457635]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Aug 25 09:09:20 trulan caddy[457635]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/autosave.json
Aug 25 09:09:20 trulan caddy[457635]: caddy.Version=v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=
Aug 25 09:09:20 trulan caddy[457635]: runtime.GOOS=linux
Aug 25 09:09:20 trulan caddy[457635]: runtime.GOARCH=arm64
Aug 25 09:09:20 trulan caddy[457635]: runtime.Compiler=gc
Aug 25 09:09:20 trulan caddy[457635]: runtime.NumCPU=4
Aug 25 09:09:20 trulan caddy[457635]: runtime.GOMAXPROCS=4
Aug 25 09:09:20 trulan caddy[457635]: runtime.Version=go1.16.5
Aug 25 09:09:20 trulan caddy[457635]: os.Getwd=/
Aug 25 09:09:20 trulan caddy[457635]: LANG=C.UTF-8
Aug 25 09:09:20 trulan caddy[457635]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin
Aug 25 09:09:20 trulan caddy[457635]: NOTIFY_SOCKET=/run/systemd/notify
Aug 25 09:09:20 trulan caddy[457635]: HOME=/var/lib/caddy
Aug 25 09:09:20 trulan caddy[457635]: LOGNAME=caddy
Aug 25 09:09:20 trulan caddy[457635]: USER=caddy
Aug 25 09:09:20 trulan caddy[457635]: INVOCATION_ID=0c4e6ddf7bba48ff87c79f827810a0bc
Aug 25 09:09:20 trulan caddy[457635]: JOURNAL_STREAM=9:4468741
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.668063,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"warn","ts":1629882560.672429,"msg":"input is not formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":10}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.676842,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["127.0.0.1:2019","localhost:2019","[::1]:2019"]}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.6777518,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x4000447420"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.677781,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.6792002,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.6815455,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"debug","ts":1629882560.6816945,"logger":"http","msg":"starting server loop","address":"[::]:443","http3":false,"tls":true}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"debug","ts":1629882560.6818244,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.6818516,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["jellyfin.trulan.net","lounge.trulan.net","trulan.net"]}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"debug","ts":1629882560.6834555,"logger":"tls","msg":"loading managed certificate","domain":"jellyfin.trulan.net","expiration":1637559042,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.6868734,"logger":"tls","msg":"finished cleaning storage units"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"debug","ts":1629882560.7221243,"logger":"tls","msg":"loading managed certificate","domain":"lounge.trulan.net","expiration":1637711999,"issuer_key":"acme.zerossl.com-v2-DV90","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"debug","ts":1629882560.7243793,"logger":"tls","msg":"loading managed certificate","domain":"trulan.net","expiration":1637103031,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.7259438,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Aug 25 09:09:20 trulan caddy[457635]: {"level":"info","ts":1629882560.7261562,"msg":"serving initial configuration"}
Aug 25 09:09:20 trulan systemd[1]: Started Caddy.
Aug 25 09:09:30 trulan caddy[457635]: {"level":"debug","ts":1629882570.1075385,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_addr":"123.243.41.74:40234","proto:
":"HTTP/2.0","method":"GET","host":"trulan.net","uri":"/","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"trulan.net"}},"method":"GET","uri":"/index.php"}
Aug 25 09:09:30 trulan caddy[457635]: {"level":"debug","ts":1629882570.107895,"logger":"http.reverse_proxy.transport.fastcgi","msg":"roundtrip","request":{"remote_addr":"123.243.41.74:40234","proto":"HTTP/2.0","method":"GET","host":"trulan.net","uri":"/index.php","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"],"X-Forwarded-For":["123.243.41.74"],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"trulan.net"}},"dial":"127.0.0.1:9000","env":{"AUTH_TYPE":"","CONTENT_LENGTH":"","CONTENT_TYPE":"","DOCUMENT_ROOT":"/var/www/wordpress","DOCUMENT_URI":"/index.php","GATEWAY_INTERFACE":"CGI/1.1","HTTPS":"on","HTTP_ACCEPT":"*/*","HTTP_HOST":"trulan.net","HTTP_USER_AGENT":"curl/7.68.0","HTTP_X_FORWARDED_FOR":"123.243.41.74","HTTP_X_FORWARDED_PROTO":"https","PATH_INFO":"","QUERY_STRING":"","REMOTE_ADDR":"123.243.41.74","REMOTE_HOST":"123.243.41.74","REMOTE_IDENT":"","REMOTE_PORT":"40234","REMOTE_USER":"","REQUEST_METHOD":"GET","REQUEST_SCHEME":"https","REQUEST_URI":"/","SCRIPT_FILENAME":"/var/www/wordpress/index.php","SCRIPT_NAME":"/index.php","SERVER_NAME":"trulan.net","SERVER_PROTOCOL":"HTTP/2.0","SERVER_SOFTWARE":"Caddy/v2.4.3","SSL_CIPHER":"TLS_CHACHA20_POLY1305_SHA256","SSL_PROTOCOL":"TLSv1.3"}}
Aug 25 09:09:30 trulan caddy[457635]: {"level":"debug","ts":1629882570.109662,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:9000","request":{"remote_addr":"123.243.41.74:40234","proto":"HTTP/2.0","method":"GET","host":"trulan.net","uri":"/index.php","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"],"X-Forwarded-For":["123.243.41.74"],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"trulan.net"}},"duration":0.001937086,"error":"fcgi: invalid header version"}
Aug 25 09:09:30 trulan caddy[457635]: {"level":"error","ts":1629882570.1099923,"logger":"http.log.error","msg":"fcgi: invalid header version","request":{"remote_addr":"123.243.41.74:40234","proto":"HTTP/2.0","method":"GET","host":"trulan.net","uri":"/","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"trulan.net"}},"duration":0.002763223,"status":502,"err_id":"a0hsgmqyb","err_trace":"reverseproxy.statusError (reverseproxy.go:857)"}

francislavoie · August 25, 2021, 9:39am

Hmm, that’s a new one, never seen that before, but that message is coming from Caddy’s code.

github.com

caddyserver/caddy/blob/f70a7578faa1ab9169bc05a121911bf33d7d3da3/modules/caddyhttp/reverseproxy/fastcgi/client.go#L155


      
          type record struct {
          	h    header
          	rbuf []byte
          }
          
          func (rec *record) read(r io.Reader) (buf []byte, err error) {
          	if err = binary.Read(r, binary.BigEndian, &rec.h); err != nil {
          		return
          	}
          	if rec.h.Version != 1 {
          		err = errors.New("fcgi: invalid header version")
          		return
          	}
          	if rec.h.Type == EndRequest {
          		err = io.EOF
          		return
          	}
          	n := int(rec.h.ContentLength) + int(rec.h.PaddingLength)
          	if len(rec.rbuf) < n {
          		rec.rbuf = make([]byte, n)
          	}

This seems to mean the upstream returned something unexpected, i.e. the response didn’t look like valid fastcgi.

Are you sure you have php-fpm listening on port 9000 and that it isn’t something else listening on that port?

ProfileNam3 · August 25, 2021, 11:26am

oh it needs port 9000?
Yes I have another service on port 9000
I will see if I can change that service’s port

I know I come off as a dumbass here, I havnt done much web stuff

francislavoie · August 25, 2021, 11:38am

It depends. PHP-FPM can use a Unix socket instead. Check your PHP-FPM configuration to see what listen is set to.

ProfileNam3 · August 25, 2021, 11:40am

Aug 25 11:35:45 trulan systemd[1]: Starting Caddy...
Aug 25 11:35:45 trulan caddy[4130]: caddy.HomeDir=/var/lib/caddy
Aug 25 11:35:45 trulan caddy[4130]: caddy.AppDataDir=/var/lib/caddy/.local/share/caddy
Aug 25 11:35:45 trulan caddy[4130]: caddy.AppConfigDir=/var/lib/caddy/.config/caddy
Aug 25 11:35:45 trulan caddy[4130]: caddy.ConfigAutosavePath=/var/lib/caddy/.config/caddy/aut
osave.json
Aug 25 11:35:45 trulan caddy[4130]: caddy.Version=v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoO
cAiZTM8C0I=
Aug 25 11:35:45 trulan caddy[4130]: runtime.GOOS=linux
Aug 25 11:35:45 trulan caddy[4130]: runtime.GOARCH=arm64
Aug 25 11:35:45 trulan caddy[4130]: runtime.Compiler=gc
Aug 25 11:35:45 trulan caddy[4130]: runtime.NumCPU=4
Aug 25 11:35:45 trulan caddy[4130]: runtime.GOMAXPROCS=4
Aug 25 11:35:45 trulan caddy[4130]: runtime.Version=go1.16.5
Aug 25 11:35:45 trulan caddy[4130]: os.Getwd=/
Aug 25 11:35:45 trulan caddy[4130]: LANG=C.UTF-8
Aug 25 11:35:45 trulan caddy[4130]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/s
bin:/bin:/snap/bin
Aug 25 11:35:45 trulan caddy[4130]: NOTIFY_SOCKET=/run/systemd/notify
Aug 25 11:35:45 trulan caddy[4130]: HOME=/var/lib/caddy
Aug 25 11:35:45 trulan caddy[4130]: LOGNAME=caddy
Aug 25 11:35:45 trulan caddy[4130]: USER=caddy
Aug 25 11:35:45 trulan caddy[4130]: INVOCATION_ID=d3ea9f6bccce4ca79d3392bf8c3e663f
Aug 25 11:35:45 trulan caddy[4130]: JOURNAL_STREAM=9:73576
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.105642,"msg":"using provi
ded configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":""}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"warn","ts":1629891345.109876,"msg":"input is no
t formatted with 'caddy fmt'","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":10}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.1146927,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x400010d570"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.1151655,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.115247,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"debug","ts":1629891345.121697,"logger":"http","msg":"starting server loop","address":"[::]:443","http3":false,"tls":true}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"debug","ts":1629891345.1218765,"logger":"http","msg":"starting server loop","address":"[::]:80","http3":false,"tls":false}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.1219053,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["jellyfin.trulan.net","lounge.trulan.net","trulan.net"]}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"debug","ts":1629891345.1233916,"logger":"tls","msg":"loading managed certificate","domain":"jellyfin.trulan.net","expiration":1637559042,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"debug","ts":1629891345.163021,"logger":"tls","msg":"loading managed certificate","domain":"lounge.trulan.net","expiration":1637711999,"issuer_key":"acme.zerossl.com-v2-DV90","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"debug","ts":1629891345.1651344,"logger":"tls","msg":"loading managed certificate","domain":"trulan.net","expiration":1637103031,"issuer_key":"acme-v02.api.letsencrypt.org-directory","storage":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.1663473,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.1667109,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Aug 25 11:35:45 trulan systemd[1]: Started Caddy.
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.167677,"msg":"serving initial configuration"}
Aug 25 11:35:45 trulan caddy[4130]: {"level":"info","ts":1629891345.173005,"logger":"tls","msg":"finished cleaning storage units"}
Aug 25 11:37:09 trulan caddy[4130]: {"level":"debug","ts":1629891429.122135,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"localhost:8096","request":{"remote_addr":"209.226.141.53:38236","proto":"HTTP/2.0","method":"GET","host":"jellyfin.trulan.net","uri":"/web/index.html/favicon.ico","headers":{"X-Forwarded-For":["209.226.141.53"],"Accept":["image/avif,image/webp,*/*"],"Te":["trailers"],"Accept-Encoding":["gzip, deflate, br"],"Referer":["https://caddy.community/"],"Sec-Fetch-Dest":["empty"],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Site":["cross-site"],"X-Forwarded-Proto":["https"],"User-Agent":["Mozilla/5.0 (Android 12; Mobile; rv:93.0) Gecko/93.0 Firefox/93.0"],"Accept-Language":["en-US,en-CA;q=0.5"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","proto_mutual":true,"server_name":"jellyfin.trulan.net"}},"headers":{"Date":["Wed, 25 Aug 2021 11:37:08 GMT"],"Server":["Kestrel"],"Content-Length":["0"],"X-Response-Time-Ms":["1"]},"status":404}

EDIT:
So Its still not working, gives error HTTP ERROR 502 on Chromium
Set the OTHER service to port 9808

francislavoie · August 25, 2021, 11:52am

I’m not seeing anything for PHP in those logs, only one request to jellyfin.

Again, are you sure php-fpm is running and bound to port 9000? Check its config, check its service status etc.

ProfileNam3 · August 25, 2021, 12:19pm

Hmm seems to be running but not bound to port 9000

trulan@trulan:~$ ps aux | grep php-fpm
root 1807 0.0 0.3 225564 28896 ? Ss 11:32 0:00 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf)
www-data 2200 0.0 0.1 225996 14232 ? S 11:32 0:00 php-fpm: pool www
www-data 2201 0.0 0.1 225996 14232 ? S 11:32 0:00 php-fpm: pool www
trulan 11048 0.0 0.0 7652 660 pts/0 S+ 12:18 0:00 grep --color=auto php-fpm
trulan@trulan:~$ netstat -an | grep :9000
trulan@trulan:~$ netstat -an | grep php
unix 2 [ ACC ] STREAM LISTENING 67633 /run/php/php7.4-fpm.sock
unix 2 [ ACC ] STREAM LISTENING 65283 /var/run/lighttpd/php.socket-0

ProfileNam3 · August 25, 2021, 12:29pm

Ok so in the php-fpm.conf file I have appended listen = 127.0.0.1:9000 to it

;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;

; Multiple pools of child processes may be started with different listening
; ports and different management options. The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway

; Include one or more files. If glob(3) exists, it is used to include a bunch of
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it’s been set (-p argument)
; - /usr otherwise
include=/etc/php/7.4/fpm/pool.d/*.conf
listen = 127.0.0.1:9000

ProfileNam3 · August 25, 2021, 12:33pm

Issue resolved with about troubleshooting steps.

francislavoie · August 25, 2021, 12:42pm

You can see here it’s bound to a Unix socket by default. You could connect to it with Caddy like this:

php_fastcgi unix//run/php/php7.4-fpm.sock

Unix sockets are technically more efficient than TCP sockets, but the difference probably won’t matter for a single one-off WordPress.

system · September 24, 2021, 5:45am

This topic was automatically closed after 30 days. New replies are no longer allowed.