Issue with docker-compose

[SelfHostedJawn]

1. Caddy version (caddy version): Caddy v2.2.0-builder

2. How I run Caddy: Docker on Raspberry OS

a. System environment: Raspberry Pi 3b+

3. The problem I’m having: Built Caddy using xcaddy to add the lego-deprecated plugin:

FROM arm32v6/caddy:2.2.0-builder AS builder

RUN ./xcaddy build \
   --with  github.com/caddy-dns/lego-deprecated

FROM arm32v6/caddy:2.2.0

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Running docker-compose like the following example: https://github.com/sosandroid/docker-bitwarden_rs-caddy-synology/blob/master/docker-compose_bitwarden-caddy.yml

Updated ports and environment variables for Duck dns provider.

I am getting the following log messages and am unsure what they mean:

{"level":"info","ts":1601355235.9482868,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"},
{"level":"info","ts":1601355235.9691277,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]},
{"level":"info","ts":1601355235.970322,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x3038690"},
{"level":"info","ts":1601355235.975181,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"},
{"level":"info","ts":1601355235.9815211,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["*.duckdns.org"]},
{"level":"info","ts":1601355235.9998298,"msg":"autosaved config","file":"/config/caddy/autosave.json"},
{"level":"info","ts":1601355236.00009,"msg":"serving initial configuration"},
{"level":"info","ts":1601355236.0032415,"logger":"tls","msg":"cleaned up storage units"},

My terminal then seems to just get stuck at this point and nothing else happens. I had all this working in Caddy V1, but I'm trying to update it with Caddy v2. Any insight into what the issue could be or any suggestions would be greatly appreciated. Thanks!

[francislavoie]

What's your full Caddyfile config?

That terminal output looks perfectly fine, it doesn't look like there was any problems.

[SelfHostedJawn]

xxx.duckdns.org:8051 {

tls {
     dns lego_deprecated duckdns
}

log {
 output file bitwarden_caddy.LOG_FILE {
    level INFO
    roll_size 5MiB
    roll_keep 5
}
} 

encode gzip

  header /  {
       # Enable HTTP Strict Transport Security (HSTS)
       Strict-Transport-Security "max-age=31536000;"
       # Enable cross-site filter (XSS) and tell browser to block detected attacks
       X-XSS-Protection "1; mode=block"
       # Disallow the site to be rendered within a frame (clickjacking protection)
       X-Frame-Options "DENY"
       # Prevent search engines from indexing (optional)
       X-Robots-Tag "none"
       # Server name remove
       #-Server
   }
  # The negotiation endpoint is also proxied to Rocket
  reverse_proxy /notifications/hub/negotiate bitwardenrs:80

  # Notifications redirected to the websockets server
  reverse_proxy /notifications/hub bitwardenrs:3012

  # Proxy the Root directory to Rocket
  reverse_proxy bitwardenrs:80
}

[francislavoie]

I think you should remove the :8051 from your site address. I assume you did not map that port to the host.

[SelfHostedJawn]

I tried re-running docker-compose after removing the port from my site address and got this in the log:

Caddy_proxy    | {"level":"info","ts":1601398440.6279714,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
Caddy_proxy    | {"level":"info","ts":1601398440.6389272,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
Caddy_proxy    | {"level":"info","ts":1601398440.6399758,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0x3c383c0"}
Caddy_proxy    | {"level":"info","ts":1601398440.641189,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
Caddy_proxy    | {"level":"info","ts":1601398440.6412995,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
Caddy_proxy    | {"level":"info","ts":1601398440.6453965,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["*.duckdns.org"]}
Caddy_proxy    | {"level":"info","ts":1601398440.647741,"logger":"tls","msg":"cleaned up storage units"}
Caddy_proxy    | {"level":"info","ts":1601398440.6516874,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
Caddy_proxy    | {"level":"info","ts":1601398440.6517422,"msg":"serving initial configuration"}

Similar thing happens, the terminal just gets hung on the log and I can't do anything else. Also, here's my docker-compose file if it helps:

#---
#Docker-compose file for Bitwarde_rs proxied by caddy 2.0
#--- 
version: "3"
services: 
  bitwardenrs: 
    restart: always
    # Dani Garcia image https://github.com/dani-garcia/bitwarden_rs
    image: "bitwardenrs/server:latest"
    container_name: bitwardenrs
    environment:
      # Timezone settings, important for Fail2ban to work
      - TZ=America/New_York
      # Logging connection attemps
      - LOG_FILE=/data/bitwarden.log
      - EXTENDED_LOGGING='true'
      - LOG_LEVEL=warn
      # Beef up a bit
      - ROCKET_WORKERS=20
      - WEBSOCKET_ENABLED='true'
      # Hardening a bit
      - SIGUPS_ALLOWED='false'
      #- DISABLE_ADMIN_TOKEN='true'
      #- ADMIN_TOKEN=YouRandomTokenHere
      - SHOW_PASSWORD_HINT='false'
      #- SMTP_HOST=smtphost
      #- SMTP_PORT=port
      #- SMTP_SSL='true'
      #- SMTP_FROM=address_from@domain.tld
      #- SMTP_USERNAME=smtp_user_name
      #- SMTP_PASSWORD=smtp_password
#    expose:
#      - "443"
    networks:
      - bitwarden_net
    volumes: 
      - /volume1/docker/bw-data:/data

  caddy: 
    restart: always
    #Official Caddy 2.0 image
    image: "caddydns:test"
    container_name: Caddy_proxy
    environment:
      - TZ=America/New_York
      - LOG_FILE=/data/logs/caddy.log
      - DUCKDNS_TOKEN=xxxxxx
      # Update this if SSL required according to the use of your own cert or requuest one from Let's Encrypt
      #- SSLCERTIFICATE=/path/to/ssl/fullcert.pem
      #- SSLKEY=/path/to/ssl/key.pem
      #- ACMEE_AGREE='true'
      #- DOMAIN=cad.example.org
      #- EMAIL=mail@mail.com
    ports: 
      - 8050:8050
      - 8051:8051
      - 3012:3012
      - 2015:2015
    networks:
      - bitwarden_net
    volumes: 
      - ./caddy-data/config/Caddyfile/:/etc/caddy/
      - ./caddy-data/data:/data
      - ./caddy-data/sites:/var/www/html
      - Certfiles:/root/.caddy

volumes:
  Certfiles:

networks:
  bitwarden_net:

caddydns:test is the name of the docker image i built with xcaddy.

[hairyhenderson]

got this in the log:

@SelfHostedJawn all of the log messages there are informational, there are no errors there - is there a particular issue you're having?

[hairyhenderson]

Ah, maybe this is the issue:

Similar thing happens, the terminal just gets hung on the log

You're using docker-compose up (I'm assuming, since you didn't paste your command). This behaviour is totally normal. If you want the containers to run in the background, run docker-compose up -d.

I'm going to close this for now since the issue seems unrelated to the Caddy Docker image. But feel free to re-open if you think there's a specific bug with the image.

[jerrychong25]

Hi @SelfHostedJawn ,

Do your end manage to make Caddy V2 version working?

If yes, mind to share the final Docker Compose codes as my end facing same issue?

Thanks!

[francislavoie]

@jerrychong25 please don't ask a question on a 2-year old issue. Please ask for help on the forums instead. https://caddy.community