Hello the good people of Caddy community! I was referred here from the Unifi Discord and I am hoping you can help me with a setup that should be simple but I am having some difficulty wrapping my head around.
1. The problem I’m having:
My networking knowledge is somewhat limited to basic port forwarding and such, but I will make an effort to explain in clear terms.
I own two .fi domain names (psycholynx and urakoodi). I want to use the first domain to access my Pelican panel web interface and the second domain to access a Wordpress website I am hosting. Both Pelican and Wordpress are running in their own VMs under Proxmox VE.
My home network is managed by Unifi Network (also running as Proxmox LXC) and I initially tried to set up port forwarding based on domain using that (forwarding incoming 80 and 443 to both containers). However, this ended up pointing connections to psycholynx.fi to urakoodi.fi (both have A-records pointing to my router’s WAN address) and I was told in Unifi’s discord I should instead forward the traffic to Caddy and let it handle the domain-based routing
I now have Caddy v.2.8.4 running as it’s own LXC container in Proxmox (installed using the Caddy script from Proxmox VE Helper-Scripts). I am able to access the Caddy Congratulations page at 192.168.1.233. That’s where I start to draw a blank
My understanding is that I need to set up Caddy as a reverse proxy and in Unifi forward traffic from 80 and 443 to it at 192.168.1.233 and from Caddy based on the domain, i.e.
(pelican.)psycholynx.fi -> 192.168.1.46 (Pelican)
urakoodi.fi -> 192.168.1.61 (WordPress)
I naturally want both to have valid SSL certificates.
I tried adding a reverse proxy using
caddy reverse-proxy --from pelican.psycholynx.fi --to 192.168.1.46
which gave the below output but then writing
caddy reverse-proxy --from urakoodi.fi --to 192.168.1.61:8976
did nothing. This is probably just me not knowing how to use Linux (the LXC runs Debian).
I then tried making a Caddyfile (below), using “caddy adapt”, "caddy fmt --overwrite " and “run caddy”. It runs, but I cannot connect to either site (if i add :80 at the end of the caddyfile, the error message changes from ERR_CONNECTION_REFUSED to ERR_SSL_UNRECOGNIZED_NAME_ALERT).
Not sure where to go from here. Any help getting this to work is highly appreciated!
2. Error messages and/or full log output:
root@caddy:~# caddy run
2024/12/29 14:22:20.933 INFO using adjacent Caddyfile
2024/12/29 14:22:20.934 INFO adapted config to JSON {"adapter": "caddyfile"}
2024/12/29 14:22:20.936 INFO admin admin endpoint started {"address": "localhost:2019", "enforce_origin": false, "origins": ["//localhost:2019", "//[::1]:2019", "//127.0.0.1:2019"]}
2024/12/29 14:22:20.937 INFO http.auto_https server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS {"server_name": "srv0", "https_port": 443}
2024/12/29 14:22:20.937 INFO http.auto_https enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2024/12/29 14:22:20.937 INFO http enabling HTTP/3 listener {"addr": ":443"}
2024/12/29 14:22:20.937 INFO failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 7168 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details.
2024/12/29 14:22:20.937 INFO http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2024/12/29 14:22:20.937 INFO http.log server running {"name": "remaining_auto_https_redirects", "protocols": ["h1", "h2", "h3"]}
2024/12/29 14:22:20.937 INFO http enabling automatic TLS certificate management {"domains": ["pelican.psycholynx.fi", "urakoodi.fi"]}
2024/12/29 14:22:20.938 INFO autosaved config (load with --resume flag) {"file": "/root/.config/caddy/autosave.json"}
2024/12/29 14:22:20.938 INFO serving initial configuration
2024/12/29 14:22:20.938 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0000e7780"}
2024/12/29 14:22:20.941 INFO tls storage cleaning happened too recently; skipping for now {"storage": "FileStorage:/root/.local/share/caddy", "instance": "bdcd5380-e256-4930-80f6-69e88ca9dcb4", "try_again": "2024/12/30 14:22:20.941", "try_again_in": 86399.999999254}
2024/12/29 14:22:20.941 INFO tls finished cleaning storage units
3. Caddy version:
v2.8.4 h1:q3pe0wpBj1OcHFZ3n/1nl4V4bxBrYoSoab7rL9BMYNk=
4. How I installed and ran Caddy:
Caddy was installed as an LXC under Proxmox using the Caddy script from Proxmox VE Helper-Scripts
I tried adding a reverse proxy using
caddy reverse-proxy --from pelican.psycholynx.fi --to 192.168.1.46
a. System environment:
Caddy is running in a LXC under Proxmox. The LXC runs on Debian (version unknown).
b. Command:
caddy reverse-proxy --from pelican.psycholynx.fi --to 192.168.1.46
after that “caddy run”
d. My complete Caddy config:
pelican.psycholynx.fi {
reverse_proxy 192.168.1.46:80
}
urakoodi.fi {
reverse_proxy 192.168.1.61:80
}