I was able to get caddy working with default port. I would like to have seafile use another port (like 8999) but I get 502 error when I try to run this setup.
seafile:
image: seafileltd/seafile-mc:12.0.9
container_name: seafile
ports:
- "8999:80" # When using default port this portion is commented out, since it conflicts with caddy
env-files:
- ".env"
labels:
caddy: https://example.com
caddy.reverse_proxy: "{{upstreams 8999}}" # When this was default , it would say upstreams 80
depends_on:
seafilemariadb:
condition: service_healthy
seafilememcached:
condition: service_started
networks:
- caddy
.env
SEAFILE_SERVER_HOSTNAME=example.com
SEAFILE_SERVER_PROTOCOL=https
SEADOC_SERVER_URL=${SEAFILE_SERVER_PROTOCOL}://${SEAFILE_SERVER_HOSTNAME}/sdoc-server
SEAHUB_SERVICE_URL=$SEAFILE_SERVER_PROTOCOL://$SEAFILE_SERVER_HOSTNAME
Caddy Log messages when using 8999:
caddy-1 | {"level":"info","ts":1741135481.4532886,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv
0","https_port":443}
caddy-1 | {"level":"info","ts":1741135481.453302,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv0"}
caddy-1 | {"level":"info","ts":1741135481.45348,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
caddy-1 | {"level":"info","ts":1741135481.4534893,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
caddy-1 | {"level":"warn","ts":1741135481.4535124,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
caddy-1 | {"level":"warn","ts":1741135481.4535148,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
caddy-1 | {"level":"info","ts":1741135481.453516,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
caddy-1 | {"level":"info","ts":1741135481.4535177,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["example.com","unrelated.example.com"]}
caddy-1 | {"level":"info","ts":1741135481.4538198,"logger":"http","msg":"servers shutting down with eternal grace period"}
caddy-1 | {"level":"info","ts":1741135481.454009,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
caddy-1 | {"level":"info","ts":1741135481.454018,"logger":"admin.api","msg":"load complete"}
caddy-1 | {"level":"info","ts":1741135481.4541187,"logger":"docker-proxy","msg":"Successfully configured","server":"localhost"}
caddy-1 | {"level":"info","ts":1741135481.455182,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
caddy-1 | {"level":"error","ts":1741135725.4403815,"logger":"http.log.error","msg":"dial tcp 172.18.0.7:8999: connect: connection refused","request":{"remote_ip":"xx.xx.xx.xx","remote_port":"65479","client_ip":"xx.xx.xx.xx","proto":"HTTP/2.0","method":"GET","host":"example.com","uri":"/","headers":{"Accept-Encoding":["gzip, deflate, br, zstd"],"Dnt":["1"],"Priority":["u=0, i"],"Sec-Fetch-User":["?1"],"Accept-Language":["en-US,en;q=0.5"],"Sec-Fetch-Dest":["document"],"Sec-Fetch-Mode":["navigate"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:135.0) Gecko/20100101 Firefox/135.0"],"Cookie":["REDACTED"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Site":["none"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],"Te":["trailers"],"Sec-Gpc":["1"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"example.com"}},"duration":0.000267603,"status":502,"err_id":"rfemf24mk","err_trace":"reverseproxy.statusError (reverseproxy.go:1373)"}
caddy-1 | {"level":"error","ts":1741135725.544444,"logger":"http.log.error","msg":"dial tcp 172.18.0.7:8999: connect: connection refused","request":{"remote_ip":"xx.xx.xx.xx","remote_port":"65479","client_ip":"xx.xx.xx.xx","proto":"HTTP/2.0","method":"GET","host":"example.com","uri":"/favicon.ico","headers":{"Dnt":["1"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Referer":["https://example.com/"],"Sec-Fetch-Mode":["no-cors"],"Sec-Gpc":["1"],"Sec-Fetch-Dest":["image"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:135.0) Gecko/20100101 Firefox/135.0"],"Cookie":["REDACTED"],"Sec-Fetch-Site":["same-origin"],"Accept":["image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5"],"Accept-Language":["en-US,en;q=0.5"],"Priority":["u=6"]},"tls":{"resumed":true,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"example.com"}},"duration":0.000271529,"status":502,"err_id":"a9tfv1u5k","err_trace":"reverseproxy.statusError (reverseproxy.go:1373)"}
seafile logs
seafile | [2025-03-05 00:44:41] Skip running setup-seafile-mysql.py because there is existing seafile-data folder.
seafile |
seafile | Starting seafile server, please wait ...
seafile | Seafile server started
seafile |
seafile | Done.
seafile |
seafile | Starting seahub at port 8000 ...
seafile |
seafile | Seahub is started
seafile |
seafile | Done.
seafile |
Inside seafile container
root@a0402ad4d2b2:/opt/seafile# netstat -tlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8082 0.0.0.0:* LISTEN -
tcp 0 0 localhost:8889 0.0.0.0:* LISTEN -
tcp 0 0 localhost:8000 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.11:40093 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN 30/nginx: master pr
Can you advise?
It feels like caddy is redirecting traffic to seafile container correctly. Seafile container is not listening/refusing connection. Another thought is that I am exposing port 8999 to my localhost. But there is another I am not as connecting 8999 in my caddy network to Seafile container’s port 80.
Another way to fix this up is to have caddy container’s nginx conf to listen to 8999 instead. If we can do it with docker, it is probably better.
