Anyone got caddy working? It’s driving me mad

Currently reading
Anyone got caddy working? It’s driving me mad

36
8
NAS
Synology DS218+
I’ve had my synology ds 218+ for a while now and have slowly started to tinker with it more and more. I started just using syno community packages and official apps but have increasingly moved to have almost everything in docker. Spent a lot of time trying to learn how to use docker and I’m at the point where I have most things running as I’d like - e.g. sonarr, radarr, Calibre web, organizr, etc.

Recently I’ve been trying to make my setup more secure and efficient so I’ve been trying to more from using the in build application portal reverse proxy to access my apps to something like traefik or caddy so I can go through organizr and then use authentication to access all other apps.

Started with traefik but I had issues adding labels to containers as I believe DSM uses an old version of docker and the links i have setup there don’t play well with portainer, plus I figured I wouldn’t be able to add labels again easily each time the container image updated.

So I’ve moved to caddy. I have this setup in docker with a basic Caddyfile that someone on the caddy community has had a quick look at and sees no issues with. My problem is that I don’t think that traffic is reaching caddy at the moment. I’ve removed all my existing application portal setup and have forwarded ports 81/444 from my router to my NAS ip using the same ports. These are defined as the local ports on my caddy docker container and also allowed in my router and DSM firewalls.

I’m using the built in synology ddns but when I try to access xxxx.synology.me/sonarr for example this redirects me to the DSM login on port 50005 (I have the option to redirect to https in DSM enabled).

I can’t for the life of me figure out why traffic isn’t hitting caddy when I believe the ports all line up, don’t think it can be a firewall issue as the traffic gets through to th3 DSM login.

Any help from anyone running an alternative reverse proxy in docker would really be appreciated as at the moment I’m completely stuck.
 
Hey dude... maybe take a chill pill :rolleyes:... you've posted this on at least 3 forums today (more?). Maybe find an answer on one (or not) then move to another. Just saying... When I'm feeling under the weather 😷 I don't call all the docs in town seeking relief.🤕
 
Cheers, appreciate I have asked for help in a few places - spent hours and hours on this and it’s driving me insane so this is a sign of my desperation.

This is my caddyfile at the moment:

Xxxxxxxxx.synology.me {

tls [email protected]

errors stdout

log stdout

gzip



header / {

Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"

X-XSS-Protection "1; mode=block"

X-Content-Type-Options "nosniff"

X-Frame-Options "DENY"

}



basicauth [admin] [admin] {

/radarr

/hydra

/nzbget

/sonarr

}



proxy /radarr 172.17.0.09:32774

proxy /hydra 192.168.1.116:32778

proxy /nzbget 192.168.1.116:32772

proxy /sonarr 172.17.0.11:32711

proxy /organizr localhost:40009



}



sub.example.com/lazylibrarian {

redir /organizr/

}

I realise I have different sub domains mapped to different ip addresses but I wasn’t sure if I should have localhost, my NAS op address or the docker container ip so thought I’d include all three for testing. None of them work and no errors logged to the log files created from the caddyfile.

As far as I can tell there is some redirection happening that is pushing anything I try that is setup in caddy to the xxxxx.synology.me:50005 that DSM uses.

Completely stuck here so any help really appreciated.
 
It’s looking like something is blocking port 81 - after some advice from caddy community I’ve run the following.

curl -IH "Host:mysynologyddns/sonarr" synologyip:81

Failed to connect to 192.168.1.116 port 81: Connection refused
When I try the same curl command with port 80 I get this
HTTP/1.1 400 Bad Request
Server: nginx
Date: Wed, 24 Apr 2019 08:29:36 GMT
Content-Type: text/html
Content-Length: 166
Connection: close

So that looks to me like port 80 goes to built in Nginx then fails as no rules are setup. I’ve checked my router setup again and port 81/443 are forwarded to my nas and traffic is allowed both ways over my router firewall.

Can’t see anything blocking ports 81/444 in my nas but I’m assuming that there is something. I’ve added a firewall rule to allow traffic from any ip to access source port 81/443, another to allow access to destination port 81/443 and another to allow access to the caddy docker container from any ip (realise this is dangerous but I will revoke or amend when I get caddy working).

I’ve also reviewed the logs from the caddy docker container and synology log centre and no issues relating to ports noted in either.

Any ideas why 81 isn’t open?
 
Running a netstat command that I just found via google it looks like the built in proxy and caddy are listening on the right ports assuming I’m reading this right as I’m quite new to all this.

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 10670/nginx: master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 10670/nginx: master
tcp6 0 0 :::80 :::* LISTEN 10670/nginx: master
tcp6 0 0 :::81 :::* LISTEN 12287/docker-proxy

tcp6 0 0 :::443 :::* LISTEN 10670/nginx: master
tcp6 0 0 :::444 :::* LISTEN 12268/docker-proxy
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
You could build your own: https://github.com/SynoCommunity/spksrc Or they may be able to advise on their...
Replies
1
Views
1,467

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top