Having issue getting first container working

[samcro1967]

I am currently running the official latest caddy image with the Caddyfile at the bottom and it is working as expected. Trying to migrate to caddy-docker-proxy, but am not having any luck. I am not able to access local.dozzle. The resulting CaddyFile is pointing at the docker container IP address (172.21.0.2) instead of the docker host IP (192.168.1.104). Not sure how to make it listen on the host IP. I am probably just missing something obvious in the readme, but nothing is jumping out at me.

docker-compose.yml

version: '3.8'
services:
  caddy:
    image: lucaslorentz/caddy-docker-proxy:ci-alpine
    container_name: caddy
    ports:
      - 80:80
      - 443:443
    networks:
      - caddy
    environment:
      - TZ=America/Chicago
      - PUID=1000
      - PGID=1000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - "${docker}/caddy2/data:/data"
    labels: # Global options
      caddy.email: user@domain.net
  dozzle:
    image: amir20/dozzle:latest
    container_name: dozzle
    ports:
     - 8888:1224
    volumes:
     - "/var/run/docker.sock:/var/run/docker.sock"
    environment:
     - TZ=America/Chicago
     - PUID=1000 # set to UID of your user
     - PGID=1000 # set to GID of your user
     - DOZZLE_LEVEL=debug
     - DOZZLE_ADDR=:1224
    labels:
     - caddy.address="local.dozzle"
     - caddy.reverse_proxy="{{upstreams http 8888}}"
     - caddy.tls="off"
    networks:
     - caddy
  networks:
    caddy:

Caddy Logs

2021/05/15 14:00:43 [INFO] Running caddy proxy server
{"level":"info","ts":1621087243.4674718,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["[::1]:2019","127.0.0.1:2019","localhost:2019"]}
{"level":"info","ts":1621087243.46771,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
2021/05/15 14:00:43 [INFO] Running caddy proxy controller
2021/05/15 14:00:43 [INFO] CaddyfilePath:
2021/05/15 14:00:43 [INFO] LabelPrefix: caddy
2021/05/15 14:00:43 [INFO] PollingInterval: 30s
2021/05/15 14:00:43 [INFO] ProcessCaddyfile: true
2021/05/15 14:00:43 [INFO] ProxyServiceTasks: true
2021/05/15 14:00:43 [INFO] IngressNetworks: []
2021/05/15 14:00:43 [INFO] Caddy ContainerID: b2b5bb14981d0db6f83563831063cce47570023fa22ffc492a0788001d7706af
2021/05/15 14:00:43 [INFO] Connecting to docker events
2021/05/15 14:00:43 [INFO] IngressNetworksMap: map[0c4bead6d638d6a4e52911fe9770afa32a356202efcb5487b400830556b1c708:true]
2021/05/15 14:00:43 [INFO] Swarm is available: false
2021/05/15 14:00:43 [INFO] Skipping default Caddyfile because no path is set
[INFO] Skipping configs because swarm is not available
[INFO] Skipping services because swarm is not available
2021/05/15 14:00:43 [INFO] New Caddyfile:
{
        email user@domain.net
}
local.dozzle {
        reverse_proxy http://172.21.0.2:8888
}
2021/05/15 14:00:43 [INFO] New Config JSON:
{"apps":{"http":{"servers":{"srv0":{"listen":[":443"],"routes":[{"match":[{"host":["local.dozzle"]}],"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"172.21.0.2:8888"}]}]}]}],"terminal":true}]}}},"tls":{"automation":{"policies":[{"subjects":["local.dozzle"],"issuers":[{"email":"user@domain.net","module":"acme"},{"email":"user@domain.net","module":"zerossl"}]}]}}}}
2021/05/15 14:00:43 [INFO] Sending configuration to localhost
{"level":"info","ts":1621087243.4961004,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_addr":"127.0.0.1:49858","headers":{"Accept-Encoding":["gzip"],"Content-Length":["463"],"Content-Type":["application/json"],"User-Agent":["Go-http-client/1.1"]}}
{"level":"info","ts":1621087243.4964085,"logger":"admin","msg":"admin endpoint started","address":"tcp/localhost:2019","enforce_origin":false,"origins":["localhost:2019","[::1]:2019","127.0.0.1:2019"]}
{"level":"info","ts":1621087243.496574,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00033e3f0"}
{"level":"info","ts":1621087243.4965894,"logger":"http","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv0","https_port":443}
{"level":"info","ts":1621087243.496597,"logger":"http","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
{"level":"info","ts":1621087243.4967923,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["local.dozzle"]}
{"level":"info","ts":1621087243.4969134,"msg":"autosaved config","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1621087243.496931,"logger":"admin.api","msg":"load complete"}
2021/05/15 14:00:43 [INFO] Successfully configured localhost
{"level":"info","ts":1621087243.4971676,"logger":"tls.obtain","msg":"acquiring lock","identifier":"local.dozzle"}
{"level":"info","ts":1621087243.5020258,"logger":"tls","msg":"cleaned up storage units"}

CaddyFile

http://local.dozzle {
    reverse_proxy 192.168.1.104:8888
}

[francislavoie]

When in Docker, you want to be proxying to the internal port, i.e. 1224 it looks like, not the port you bound to the host (8888).

[samcro1967]

I changed it to that and tested. It did not work. I am not sure I understand how that would work. As I understand docker, the dozzle container listens on the port exposed externally to the container, 8888. Port 1224 is not exposed externally and would not be accessible outside the dozzle container on it's IP of 172.21.0.2 for Caddy to access.

[francislavoie]

When one container proxies to another, it uses Docker's internal networking. Any docker container in the same network as another can connect to the ports they listen on. The port mapping to the host is for connections from outside that docker network.

Other things I'm seeing in your docker labels that don't make sense:

• tls off is not an option in Caddy v2, that was something from v1. See https://caddyserver.com/docs/caddyfile/directives/tls

• caddy.address="local.dozzle" this isn't right, please check the README of this repo for how site blocks are defined. You probably want caddy: "http://local.dozzle" instead.

[samcro1967]

Thanks you for all of the help and apologize for the newbie questions. Adding http to the caddy label has it working internally.

I double checked the README of this repo and all of the examples show example.com in the server block. without http. Want to make sure I am not missing something and am looking at the right documentation. Might explain why I am struggling.

Hoping maybe it has examples of mixing internal http and external https sites like you can in Caddyfile. I tried the below following the README, but it breaks the internal site and the external loads a blank white page.

labels:

• caddy_0= "http://local.filebrowser"
• caddy.reverse_proxy_0= "{{upstreams http 1224}}"
• caddy_1= "dozzle.domain.net"
• caddy.reverse_proxy_1= "{{upstreams http 1224}}"
• cadddy.tls_1= "user@domain.net"

[francislavoie]

{{upstreams http 1224}}

I don't think you need http here, btw. It's the default.

cadddy.tls_1= "user@domain.net"

You got a typo, 3 ds.

What's in your logs?

If you use caddy_0 for a first site, then you need to use caddy_0 again for each subsequent label referring to the same site.

[samcro1967]

I saw that and updated, but still no joy. It does not like the block, but not sure why. So everything with caddy_0 would go into 1 block, and everything with caddy_1 goes into another block if I understand correctly?

Is this the proper way to replicate Dockerfile syntax below to container labels to get the same result? I am not seeing an example of this in the README file, but I may not know what I am looking for.

Dockerfile syntax

dozzle.domain.net http://local.dozzle {
    reverse_proxy host ip"port
}

Updated Labels

    labels:
     - caddy_0= "http://local.dozzle"
     - caddy.reverse_proxy_0= "{{upstreams http 1224}}"
     - caddy_1= "dozzle.domain.net"
     - caddy.reverse_proxy_1= "{{upstreams http 1224}}"
     - caddy.tls_1= "user@domain.net"

Logs https://pastebin.com/DwfhvhmD

[francislavoie]

I think you misunderstood. If you use caddy_0 then you need to then use caddy_0.reverse_proxy for directives that go inside that.

[samcro1967]

Ah, you are correct. I did not interpret your guidance correctly. Changing it to the updated labels below solved it. Both internal and external is now working. Thanks!

labels:
 - caddy_0= "http://local.dozzle"
 - caddy_0.reverse_proxy= "{{upstreams http 1224}}"
 - caddy_1= "dozzle.domain.net"
 - caddy_1.reverse_proxy= "{{upstreams http 1224}}"
 - caddy_1.tls= "user@doamin.net"