When using docker to create wordpress-fpm and Caddy, Caddy cannot proxy port 9000 of php-fpm

1. Caddy version

Caddy v2

2. How I run Caddy:

a. System environment:

Fedora Server 35, podman version 3.4.7

b. Command:

I use podman to create Caddy container and assign it a bridged network.

podman run --network mybridge --name caddy -d -p 80:80 -p 443:443 -v Caddyfile:/etc/caddy/Caddyfile caddy:latest

And I used podman to create a fpm tag WordPress using the following command. The container wordpress and Caddy are in a same bridged network.

podman run --network mybridge --name wordpress -d -v ./wordpress_volume/html:/var/www/html wordpress:fpm

c. My complete Caddyfile

example.com

reverse_proxy wordpress:9000
root * /var/www/html
file_server

3. The problem I’m having:

I hope to visit example.com to be able to see the wordpress installer, but it doesn’t. Also curl doesn’t get any information on the host.
chrome shows error code. HTTP ERROR 502.

4. Error messages and/or full log output:

caddy logs

{"level":"info","ts":1652022268.3539407,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
{"level":"warn","ts":1652022268.3554807,"msg":"Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies","adapter":"caddyfile","file":"/etc/caddy/Caddyfile","line":1}
{"level":"info","ts":1652022268.3562734,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"info","ts":1652022268.3563845,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1652022268.356401,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1652022268.3566067,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x40002a75e0"}
{"level":"info","ts":1652022268.3567123,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/data/caddy"}
{"level":"info","ts":1652022268.3567233,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["[example.com"]}
{"level":"info","ts":1652022268.357134,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1652022268.357493,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1652022268.3575084,"msg":"serving initial configuration"}
{"level":"error","ts":1652022282.2875233,"logger":"http.log.error","msg":"read tcp 10.89.0.3:39894->10.89.0.2:9000: read: connection reset by peer","request":{"remote_ip":"10.89.0.3","remote_port":"53606","proto":"HTTP/2.0","method":"GET","host":"http://example.com","uri":"/","headers":{"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Dnt":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Language":["zh-CN,zh-TW;q=0.9,zh;q=0.8,en-US;q=0.7,en;q=0.6"],"Sec-Ch-Ua":["\" Not A;Brand\";v=\"99\", \"Chromium\";v=\"101\", \"Google Chrome\";v=\"101\""],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36"],"Upgrade-Insecure-Requests":["1"],"Accept-Encoding":["gzip, deflate, br"],"Cookie":[],"Purpose":["prefetch"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Dest":["document"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"example.com"}},"duration":0.001114922,"status":502,"err_id":"rp11p6war","err_trace":"reverseproxy.statusError (reverseproxy.go:1196)"}

wordpress logs

[08-May-2022 15:04:24] NOTICE: fpm is running, pid 1
[08-May-2022 15:04:24] NOTICE: ready to handle connections

5. What I already tried:

I think this is a stupid question. I try to use wordpress:latest with apache, and use caddy’s reverse proxy to get to the installation page. Tried using other ports as well, didn’t work. and some other attempts.

php-fpm is a fastcgi server, not an HTTP server.

You need to use php_fastcgi, not reverse_proxy.

Also, you need to mount /var/www/html in the Caddy container as well.

Make sure to persist /data from the Caddy container as a volume, otherwise you risk losing your certificates and keys.

2 Likes

Thanks, I also tried to use php_fastcgi before, but I didn’t mount /var/www/html, I think the problem is here.
Thanks for your help!