Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#371604 - 29/01/2019 14:03 Ubuntu + Docker + Caddy
sn00p
addict

Registered: 24/07/2002
Posts: 618
Loc: South London
Hi,

I'm struggling here.....

I need to run 2 instances of Caddy on the same machine, obviously this is a problem because they'll both want to bind to the same ports.

The reason for doing this is that I want to run one instance with the public facing proxy and another instance for private internal proxies.

That is to say, there are some services that I want available available on the WAN and some I don't.

Now, I've managed to get this working, but I don't really understand how and I can't make it persist across reboots.

I'm using macvlan to create a virtual adaptor so that the second caddy instance can bind to that, if somebody has any detailed information on achieving this across reboots I'd be grateful.

To recap.

1.) Running Ubuntu
2.) Running Docker
3.) First Caddy instance is the WAN facing proxy.
4.) Second Caddy instance needs to be on a separate IP and will be the LAN facing proxy.
5.) Needs to persist across reboots

Both caddy instances are configured to get certificates from lets encrypt using dns verification.

Top
#371607 - 29/01/2019 16:52 Re: Ubuntu + Docker + Caddy [Re: sn00p]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14496
Loc: Canada
You can stuff things into /etc/rc.local to have them run automatically on reboot. Which means you'll need to use command-line versions of the tools.

I have never used macvlan nor Caddy, but I did find this tutorial on the former:
https://sreeninet.wordpress.com/2016/05/29/macvlan-and-ipvlan/

The Caddy site doesn't seem to have a basic "what is Caddy" explanation, but it appears to just be yet another web server. Apache is the most commonly used web server, fully Open Source, and there are tons of tutorials on how to use it. I run one Apache instance internally, and another for the WAN. Without need for macvlan or similar magic.

Top
#371608 - 29/01/2019 20:09 Re: Ubuntu + Docker + Caddy [Re: mlord]
sn00p
addict

Registered: 24/07/2002
Posts: 618
Loc: South London


I seem to keep getting myself in a pickle, I can get it working but then I appear to break other things, like autofs mounts fail if I have Macvlan working, going to have to dig a little deeper, will take a look at that link.

Caddy is awesome, I’m using it as a reverse proxy, but it automatically handles getting let’s encrypt certificates and renewals, it’s considerably easier and more straightforward to configure than Nginx
Or apache.

The other solution is to allow the connections in, but use one of the plugins to deny access if the source was not an internal IP address.

Third solution, use one of my pi’s purely as a caddy proxy....I’m leaning towards this right now,

How you doing Mark? Hope you’re well.

Top
#371609 - 29/01/2019 20:53 Re: Ubuntu + Docker + Caddy [Re: sn00p]
sn00p
addict

Registered: 24/07/2002
Posts: 618
Loc: South London
I just realised I’m making this much more difficult than needed, currently I am using a Nginx reverse proxy running on the Synology for the internal services.

I’m just going to remove that, install caddy under docker and use it to do the same as it’s on a different machine to the one running the external accessible sites.

No idea why I didn’t think about this earlier. Also means I don’t have to alter my DNS settings on my router as everything will continue to point to the same machine.

D’oh,

Top
#371610 - 29/01/2019 22:41 Re: Ubuntu + Docker + Caddy [Re: sn00p]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14496
Loc: Canada
Originally Posted By: sn00pH
ow you doing Mark? Hope you’re well.

I am well, thanks. SWMBO not so good, but stable at the moment. Still hoping we might make it over this June.

Cheers

Top
#371611 - 29/01/2019 23:58 Re: Ubuntu + Docker + Caddy [Re: mlord]
sn00p
addict

Registered: 24/07/2002
Posts: 618
Loc: South London
Originally Posted By: mlord
Originally Posted By: sn00pH
ow you doing Mark? Hope you’re well.

I am well, thanks. SWMBO not so good, but stable at the moment. Still hoping we might make it over this June.

Cheers


Ahh man, hope things sort themselves.

I’ve been pretty unwell, spent 2 weeks in hospital just before Christmas, had to have a liver transplant assessment as well but not quite at the point of requiring a transplant yet, so we plod on.

Haven’t been around here much, but it’s still my goto place for tech questions when I get stumped! I appreciate th knowledge on this board and especially your input (youre my Linux guru!)

If you make it over be sure to let me know, would love to show you some British hospitality!

Top
#371612 - 30/01/2019 01:53 Re: Ubuntu + Docker + Caddy [Re: sn00p]
LittleBlueThing
addict

Registered: 11/01/2002
Posts: 612
Loc: Reading, UK
One thing to notice with macvlan is you cannot easily talk between the container/guest and the host. This is by design.
_________________________
LittleBlueThing Running twin 30's

Top
#371624 - 01/02/2019 16:55 Re: Ubuntu + Docker + Caddy [Re: LittleBlueThing]
sn00p
addict

Registered: 24/07/2002
Posts: 618
Loc: South London
Originally Posted By: LittleBlueThing
One thing to notice with macvlan is you cannot easily talk between the container/guest and the host. This is by design.


Yeah, this was the whole problem I was having.

I've solved the issue now, I have a Raspberry Pi connected with POE to my switch and I've installed Caddy on that and have that set up to proxy internal sites, my main server is running another instance of caddy which exposes external services.

Working like a charm.

I did try to use the Synology, but it's a clusterf**k on that, it regenerates config files at boot and it has a proxy service running on port 80 which you can't disable, so I played around for a couple of hours, got nowhere and pulled the pi out of a box and had it running within an hour or so.

Top