caddy-gen can't see any containers

[wdullaer]

Hey,

I've followed your tutorial to the letter, but can't get the caddy-gen container to put the details from the app to proxy into the Caddyfile. The env vars are properly set (LETSENCRYPTEMAIL and VIRTUAL_HOST), but any container specific information is not filled.

I've googled around and found 2 issues in docker-gen and nginx-proxy which sound very similar to what I'm experiencing. https://github.com/jwilder/docker-gen/issues/196 https://github.com/jwilder/nginx-proxy/issues/479 However I tried the solutions (remove -only-exposed from the docker-gen command and put all containers in external network), but they're not working for me.

I am using docker-compose (with a v3 file) to orchestrate the entire thing. Any feedback or things I can test would be much appreciated.

Here's my docker-compose file for reference (without the tweaks suggested in the two linked issues)

version: "3"
services:
  web:
    image: <my-image>
    restart: on-failure:5
    environment:
      - LOGGING_LEVEL=info
      - VIRTUAL_HOST=<my-hostname>
      - SERVER_PORT=80

  caddy-gen:
    image: alexanderjulo/caddy-gen:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - config:/etc/caddy
    links:
      - web
    environment:
      - LETSENCRYPT_EMAIL=<my-email>

  caddy:
    image: alexanderjulo/caddy
    command: caddy -restart=inproc -agree
    ports:
      - 80
      - 443
    links:
      - web
    volumes:
      - config:/srv
      - /root/ssl:/root/.caddy/letsencrypt

volumes:
  config:
    driver: local

Here's the Caddyfile that gets generated with this setup

<my-hostname> {
    tls <my-email>
    proxy / :80  {
        proxy_header Host {host}
        proxy_header X-Real-IP {remote}
        proxy_header X-Forwarded-For {remote}
        proxy_header X-Forwarded-Proto {scheme}
    }
    log stdout
}

[wdullaer]

I did some more debugging. Turns out the Addresses section in the docker-gen context only contains an IP address if you are using the default bridge network. Otherwise you have to pick the IP address from the Network section.

If you use docker-compose with syntax v2 or v3, docker-compose will create a dedicated network for your stack, creating this problem.

I've currently put network_mode: "bridge" into my compose file to force the use of the default bridge network, and the Caddyfile looks correct (even though the proxying still doesn't work, but that'll probably be another issue)

It's probably worth it to change the template so it picks up the IP from Networks[0].IP rather than Addresses[0].IP

[alexanderjulo]

Hm, that's very interesting feedback! Thank you very much for your debugging & research, I do appreciate it! Would you possibly be okay with preparing a PR with the first fixes so we can get these out? 🙂 And then we can still look into what else there is that might be wrong. I have not invested any time into this in a while to be honest, so it might very well be that it is just outdated due to other parties' changes

[wdullaer]

I think the underlying problem is that docker inspect displays the information differently when using overlay networks rather than the bridge network. I'll try to make a PR that makes this work. There's some things I'll need to figure out first: if you expose a port, does docker expose it on all the network associated with the container? You should probably also check whether the container to be proxied and the caddy container share a network

Anyway: thanks for the nice work. It's a really interesting way to implement the containerpilot pattern without having to rely on an external service discovery mechanism like consul (which didn't make sense for the small scale experiment I'm doing)

[drlogout]

I used a bit different approach to retrieve the IP addresses with docker-gen. Maybe it can help: https://github.com/drlogout/caddy-proxy