Webtop (and/or Guacamole) behind Caddy reverse proxy

I originally asked this on reddit and was told to post here. I was freeform there but I tried to adapt this to the prompts./

I also had to put some links as code because of limitations as a new user. Sorry about that.

1. Caddy version (caddy version):

v2.2.1 h1:Q62GWHMtztnvyRU+KPOpw6fNfeCD3SkwH7SfT1Tgt2c=

2. How I run Caddy:

I cd to the directory with my Caddyfile and do

$ sudo caddy start

(I haven’t started it in a long time. My notes just say caddy start but I suspect I have to do sudo because of the ports)

a. System environment:

Debian VPS. Caddy is not run in Docker though the problem I am having is with a Docker container

b. Command:

N/A

c. Service/unit/compose file:

N/A

d. My complete Caddyfile or JSON config:

webtop.winokur.us {
    reverse_proxy 127.0.0.1:25011
}

That is just the baseline. See below

3. The problem I’m having:

I have been trying for the better part of the weekend to get linuxserver webtop working behind a Caddy v2 reverse proxy. The proxy works on other sites just fine but I cannot get it to work on webtop.

From this prompt, I also tested with curl and it just timed out.

I’ve been googling around both for webtop specifically and for guacamole.

My baseline docker-compose is:

version: "2.1"
services:
  webtop:
    image: lscr.io/linuxserver/webtop
    container_name: webtop
    privileged: true #optional
    security_opt:
      - seccomp:unconfined #optional
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Denver
      - SUBFOLDER=/ #optional
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock #optional
      - /home/<ME>/serve/persist:/config #optional
    ports:
      - 127.0.0.1:25011:3000
    shm_size: "1gb" #optional

4. Error messages and/or full log output:

As noted above, I get nothing. And when I say that, I mean there is zero activity in the docker container so it isn’t even getting through

Here is the full curl -v for the baseline

winokur.us: hosting$ curl -v https://webtop.winokur.us
* Expire in 0 ms for 6 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 0 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 2 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
* Expire in 1 ms for 1 (transfer 0x55738ad3cf50)
*   Trying 207.244.233.74...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55738ad3cf50)
* Connected to webtop.winokur.us (207.244.233.74) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=webtop.winokur.us
*  start date: Nov 18 22:11:16 2021 GMT
*  expire date: Feb 16 22:11:15 2022 GMT
*  subjectAltName: host "webtop.winokur.us" matched cert's "webtop.winokur.us"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55738ad3cf50)
> GET / HTTP/2
> Host: webtop.winokur.us
> User-Agent: curl/7.64.0
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 502
< server: Caddy
< content-length: 0
< date: Mon, 22 Nov 2021 16:34:56 GMT
<
* Connection #0 to host webtop.winokur.us left intact

5. What I already tried:

Below is some of the different things.

Note that I also tried without changing

ports:
    - 127.0.0.1:25011:3000

to

ports:
    - 25011:3000

and that doesn’t fix it either. I tried that on all of them.

What DOES work…but is not acceptable

I changed the ports to 25011:3000 (so that docker opening them in my firewall). Then when I go to http://winokur.us:25011 it works.

But this is not acceptable. I want to go through my reverse proxy for many reasons and I don’t like opening the firewall

What I’ve tried

For the rest of this, I not modifying the docker compose. And for each of them, I’ve tried going to https://webtop.winokur.us/guacamole and https://webtop.winokur.us

Baseline Caddy

I tried simply

webtop.winokur.us {
    reverse_proxy 127.0.0.1:25011
}

since this most matches my others but it didn’t work.

Adding flush

I forget where I read this but I did

webtop.winokur.us {
    reverse_proxy 127.0.0.1:25011 {
        flush_interval -1
    }
}

Headers

I read a few places that have you set headers

webtop.winokur.us {
    reverse_proxy 127.0.0.1:25011 {
        flush_interval -1
        header_up X-Forwarded-Ssl on
        header_up Host {host}
        header_up X-Real-IP {remote}
        header_up X-Forwarded-For {remote}
        header_up X-Forwarded-Port {server_port}
        header_up X-Forwarded-Proto {scheme}
        header_up X-Url-Scheme {scheme}
        header_up X-Forwarded-Host {host}
    }
}

Nope

Redirect

Again, I forget which of the 100 posts I read suggested it but I tried to add a forward. I suspect this isn’t the issue since, like I said, I am also testing with /guacamole

webtop.winokur.us {
    redir / /guacamole/
    reverse_proxy 127.0.0.1:25011 {
        flush_interval -1
        header_up X-Forwarded-Ssl on
        header_up Host {host}
        header_up X-Real-IP {remote}
        header_up X-Forwarded-For {remote}
        header_up X-Forwarded-Port {server_port}
        header_up X-Forwarded-Proto {scheme}
        header_up X-Url-Scheme {scheme}
        header_up X-Forwarded-Host {host}
    }
}

And I did the same but without the header_up

Verify Everything else

Just to test, I did

webtop.winokur.us {
    respond "test123"
}

And that worked.

6. Links to relevant resources:

So, so many that I lost count. Just searching again for what I tried:

(I had to make these code blocks because it is too many links as a new user)

- https://caddy.community/t/guacamole-on-caddy-reverse-proxy/3297
- https://caddy.community/t/reverse-proxy-guacamole/8035
    - I tried the `@notGuac` stuff too but didn't include it above
- https://www.reddit.com/r/selfhosted/comments/gfwduy/help_assistance_reverse_proxying_guacamole_with/
    - Specifically modified versions of https://www.reddit.com/r/selfhosted/comments/gfwduy/comment/fpx408d/?utm_source=share&utm_medium=web2x&context=3

And the list goes on.

Thanks in advance. I am a novice but I hope you see that I really did try!

That’s a pretty old version, over a year old.

Please upgrade to the latest version, v2.4.6, which has a whole lot of fixes since.

That’s not a great way to run Caddy reliably. You should run Caddy as a service. Since you’re running on Debian, you can run it as a systemd service.

Our apt repo sets up Caddy to run as a systemd service out of the box. Try that instead.

As francis indicated, get your caddy version to current release. Follow the documentation he shared to properly set up your systemd unit file so you can use:

systemctl start caddy
systemctl status caddy
systemctl stop caddy

when managing the server.

What happens when (from the server caddy is running on) you attempt a wget or curl against the localhost port that the docker container is assumed to be listening on?

e.g.

curl -sSf http://127.0.0.1:25011 > /dev/null

Read this docker discussion about attempting to use localhost with docker containers, as there is a internal to docker container localhost context, as well as the actual host’s localhost…

Done. Should have checked that. Sorry. Still didn’t fix

That is where I installed it so I do think that is how it is running. I will confirm in the future. (like I said, I am a beginner)

I did that with the most vanilla caddyfile as noted before and got

 $ curl -sSf http://127.0.0.1:25011 > /dev/null
 curl: (56) Recv failure: Connection reset by peer

with no action in the docker container

Thanks for pointing me there. I read it but (a) I am not happy about trying to bind to everything since I don’t want to do - 0.0.0.0:25011:3000 because that makes Docker open my firewall.

But nonetheless, with both - 0.0.0.0:25011:3000 and - 25011:3000, I can access the container by going to http://winokur.us:25011/ (around the Caddy proxy) but that is not what I am looking for.

And the caddy proxy still does not work.

$ curl -sSf https://webtop.winokur.us > /dev/null
curl: (22) The requested URL returned error: 502 

I appreciate the help. Any other ideas?

Are you reviewing/implementing the reverse proxy configuration requirements for webtop?
https://www.sonicle.com/docs/webtop5/installation.html#run-behind-a-reverse-proxy

The 502 status code made me wonder if there was config guidance for this…

Apparently “Webtop” is not a particularly unique name. That is a totally different product.

It got a bit burried in the post. I am trying to run GitHub - linuxserver/docker-webtop: Ubuntu, Alpine, Arch, and Fedora based Webtop images, Linux in a web browser supporting popular desktop environments.

What do you see in Caddy’s logs? Turn on the debug global option if you haven’t already, to show as much information as possible.

You can find the recommended command to see your logs when running as a systemd service, here:

Also, are you sure that the traffic you’re trying to proxy is actually HTTP? I’m not sure I understand how webtop is meant to work, but it seems like a container with an RDP server installed, and RDP is not HTTP, it’s another kind of TCP protocol. If that’s the case, then a standard Caddy installation won’t be able to proxy it.

You could the GitHub - mholt/caddy-l4: Layer 4 (TCP/UDP) app for Caddy plugin though, which would let you do this, although configuration is a bit more challenging because it doesn’t have Caddyfile support yet.

On top of the RDP is Apache Guacamole turning it into HTTP. It works from the web browser when configured without the proxy in front. So I am 99% sure this is HTTP.

Unless I am missing something which is possible.

I will turn that on later and see and report back. Thanks.

This topic was automatically closed after 30 days. New replies are no longer allowed.