OursBlanc
February 6, 2021, 12:35pm
1
caddy version):/srv # caddy version
I run caddy in Docker on my server (self hosted)
Armbian 21.02.1 Buster with Linux 5.10.12-rockchip64
Docker 20.10.3 (API: 1.41)
caddy run --config /etc/caddy/Caddyfile --adapter caddyfile
mydomain.xy {
root * /srv/mydomain/
file_server
}
page.mydomain.xy {
root * /srv/page/
file_server
}
rss.mydomain.xy {
log {
format single_field common_log
output file /var/log/caddy/rss.log
}
reverse_proxy 192.168.1.5:48080
}
torrent.mydomain.xy {
log {
format single_field common_log
output file /var/log/caddy/torrent.log
}
reverse_proxy 192.168.1.5:8080
}
If i try to connect to FreshRSS or Qbittorent (two container in docker) with local ip : no problem.
No error message (unless iâm mistaken)
I tried to run Caddy directly on my server (not through docker in a container) : same thing.
thank you for taking the time to help me. i am a neophyte, please excuse my ignorance.
Hmm. If you make a request with curl -v instead of via the browser, what do you see?
If you enable debug mode (by adding the below, at the top of your Caddyfile), whatâs in your logs?
{
debug
}
OursBlanc
February 7, 2021, 12:06am
3
Hi and thank you for your answer.
This is the result with curl -v from the server
root@helios64:/etc/caddy# curl -v rss.mywebsite.me
* Expire in 0 ms for 6 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 0 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 1 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 2 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 3 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 3 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 3 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 3 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 5 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 5 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 4 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 5 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 5 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 8 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 7 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 7 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 8 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 7 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 7 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 8 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 9 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 9 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 8 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 10 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 10 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 16 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 13 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 13 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 16 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 13 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 13 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 16 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 50 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 50 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 16 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 50 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 50 ms for 1 (transfer 0xaaaad6054f10)
* Expire in 50 ms for 1 (transfer 0xaaaad6054f10)
* Trying 2001:xxx:yyy:zzz:xxx:yyy:zzz:3e55...
* TCP_NODELAY set
* Expire in 149948 ms for 3 (transfer 0xaaaad6054f10)
* Expire in 200 ms for 4 (transfer 0xaaaad6054f10)
* connect to 2001:xxx:yyy:zzz:xxx:yyy:zzz:3e55... port 80 failed: Connexion refusée
* Trying 80.xx.yy.zz...
* TCP_NODELAY set
* Expire in 149948 ms for 3 (transfer 0xaaaad6054f10)
* Connected to rss.mywebsite.me (80.xx.yy.zz) port 80 (#0)
> GET / HTTP/1.1
> Host: rss.mywebsite.me
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://rss.mywebsite.me/
< Server: Caddy
< Date: Sat, 06 Feb 2021 23:51:16 GMT
< Content-Length: 0
<
* Closing connection 0
and this is the resultat from my local network
* Trying 2001:xxx:yyy:zzz:xxx:yyy:zzz:3e55...
* TCP_NODELAY set
* connect to 2001:xxx:yyy:zzz:xxx:yyy:zzz:3e55 port 80 failed: Connexion refusée
* Trying 80.xx.yy.zz...
* TCP_NODELAY set
* Connected to rss.mywebsite.me (80.xx.yy.zz) port 80 (#0)
> GET / HTTP/1.1
> Host: rss.mywebsite.me
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://rss.mywebsite.me/
< Server: Caddy
< Date: Sat, 06 Feb 2021 23:54:01 GMT
< Content-Length: 0
<
* Closing connection 0
Then this is my log (again for the RSS subdomain) .
192.168.1.1 - - [07/Feb/2021:00:05:12 +0000] âGET /themes/icons/favicon-256.png HTTP/2.0â 0 0
Ahhh I think youâre running into NAT hairpinning issues:
Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to bypass the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space. It has become a popular and essential tool in conser...
Basically, DNS for your domain is resolved to the WAN IP, then when a request goes out, it reaches your router, then because it likely doesnât support NAT hairpinning, the connection gets dropped because it doesnât know to route the request back internally.
Please read through this article to get an idea of how it works:
If you want to run a service inside a Local Area Network (LAN) such as your home or office â and especially if you want to be able to access it from outside that network â Caddy can help you accomplish this quite easily. This guide will show you how. It assumes youâve never done this before, but that you have some technical proficiency and are somewhat knowledgable about your own network.
The solution is typically to also run a DNS server in your home network, to implement split DNS. Basically this means that your local DNS server will resolve your domain to the LAN IP address of your server, instead of the WAN IP address, but when outside of your home network, the domain will still resolve to the WAN IP.
Those are your access logs, not the Caddy logs. You can see those by running docker logs <name-of-the-caddy-container>.
OursBlanc
February 7, 2021, 12:30pm
5
Hey, thank you for your answer. Unfortunately, i dont understand two points
then, i watched in my router and it support NAT hairpinning, and this option is activated.
(my routeur is a ASUS DSL N 16 and i followed the official documentation https://dlcdnets.asus.com/pub/ASUS/wireless/DSL-N16/E10544_DSL_N16_Manual.pdf?_ga=2.254814592.926661751.1568901346-1551512870.1564642544 )
Then, last thing very strange. When i try to access at my service from my laptop (and not my main computer) , everything work fine, nothing is slow.
I tried to launch my browser without any pluggin (on main computer) but nothing change.
End also, see my log : (i hope is the good one)
thank you
matt
February 7, 2021, 6:36pm
6
Maybe you have an old version of curl?
Mohammed90
February 7, 2021, 7:02pm
7
Are they both on the same network? What does the network look like? Also since youâre running it on Docker, whatâs the Docker command youâre using?
OursBlanc
February 7, 2021, 8:34pm
8
Hi @Mohammed90 , all my device are on the same network.
My router (192.168.1.1)
I used portainer to manage the container and there is the command for caddy :
About the CURL errorâŠhttps://blog.usejournal.com/how-to-manually-update-curl-on-ubuntu-server-899476062ad6
Now its curl 7.70.0 but nothing change on my main computer. But on my smartphone (not at all on my local network) or laptop, its fineâŠ
OursBlanc
February 10, 2021, 5:45pm
9
Hi there.
thank you for your help
