Using Caddy as reverse proxy for a subdomain

Hi,
fyi I’m very new to Caddy (and networking) and I did try to read docs, still got lost.

1. The problem I’m having:

I’m trying to install Nextcloud-AIO on Ubuntu server jammy and using Caddy as a reverse-proxy. Caddy is installed with apt.
My site is aronkvh.hu running on web storage.
I’m trying to port forward 192.168.10.114 in my local network to a subdomain (felho.aronkvh.hu).
Nameservers are Cloudflare.
The Nextcloud container and subdomain itself probably works, before setting up the proxy it was reachable without TLS.

2. Error messages and/or full log output:

Logs from nextcloud docker:

{"level":"info","ts":1710954842.9967988,"msg":"using provided configuration","config_file":"/Caddyfile","config_adapter":""}
[Wed Mar 20 17:14:03.039106 2024] [mpm_event:notice] [pid 135:tid 140501328452360] AH00489: Apache/2.4.58 (Unix) OpenSSL/3.1.4 configured -- resuming normal operations
[Wed Mar 20 17:14:03.039147 2024] [core:notice] [pid 135:tid 140501328452360] AH00094: Command line: 'httpd -D FOREGROUND'
[20-Mar-2024 17:14:03] NOTICE: fpm is running, pid 145
[20-Mar-2024 17:14:03] NOTICE: ready to handle connections
NOTICE: PHP message: The response of the connection attempt to "https://felho.aronkvh.hu:443" was: 
NOTICE: PHP message: Expected was: 2e008d30c124f5baa061a3f7cc236d4b7db360e917911a1b
NOTICE: PHP message: The error message was: Operation timed out after 10002 milliseconds with 0 bytes received
NOTICE: PHP message: Please follow https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md#6-how-to-debug-things in order to debug things!
Deleting duplicate sessions

Caddy logs: Bepasty
(I exceeded the post limit when pasting)

3. Caddy version:

4. How I installed and ran Caddy:

Following the docs,

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

a. System environment:

Ubuntu server 22.04 LTS, x86 (5.15.0-101-generic #111-Ubuntu SMP )
Caddy v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
nextcloud is running in docker engine 25.0.5

systemd 249 (249.11-0ubuntu3.12)
+PAM +AUDIT +SELINUX +APPARMOR +IMA +SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMO
D +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -XKBCOMMON +UTMP +SYSVINIT default-hierarc
hy=unifie

b. Command:

autostarted by systemd

d. My complete Caddy config:

{
    debug
}

felho.aronkvh.hu:443 {
    reverse_proxy 192.168.10.114:11000
}

5. Links to relevant resources:

Port forwarding router settings:

Thanks in advance for your help.

You will need to forward ports 80 and 443 to your caddyserver IP. Caddy will handle port 11000 for you on the backend.

Thanks, so like this?

Yes. That should work.

Nextcloud still says:
Domain does not point to this server or the reverse proxy is not configured correctly. See the mastercontainer logs for more details. ('sudo docker logs -f nextcloud-aio-mastercontainer')
If I try to check in the browser, I either get ERR_CONNECTION_TIMED_OUT or ERR_SSL_PROTOCOL_ERROR

Did you restart caddy?

Did you also edit your Nextcloud config file to trust caddy as the proxy?

1 Like

I can’t help much with the Nextcloud end, but if you forward those ports to the IP that is serving caddy, then caddy will work.

I forgot to restart. the all-in-one image apparently sets up trusted proxies automatically. Now everything seems to work,
Thanks very much for the help :slight_smile: