Jump to content

Caddy v2 - update and warning


pwhodges

Recommended Posts

pwhodges

The Caddy webserver which I and others have advocated as a reverse proxy has now been released as version 2RC, replacing version 1.

 

It is still possible to get version 1, but the page for building it with any plugins you may need has been hidden somewhat obscurely, and will not be maintained for much longer.  You can get it here: https://caddyserver.com/v1/download

 

Version 2 is a complete rewrite, and the instructions for setting up version 1 are not applicable in any way to version 2. 

 

Sometime in the next couple of weeks I shall convert my setup to use Caddy 2.  I am using Caddy for much more than a single reverse proxy, so it may take me some time.  When I can, I will update this thread with new instructions for using Caddy as a reverse proxy.  As a sop, I note that the new Caddy home page has an example of a one-liner with no further configuration required:

$ caddy reverse-proxy --from example.com --to localhost:9000

How often that will be sufficient, I have no idea yet.

  • Like 3
Link to comment
Share on other sites

  • 3 weeks later...
bennystarfighter

Hi. Did you complete this? I'm so frustrated because i cant get caddy v2 working properly with emby, the webversion works like a charm but connecting through apps breaks playback.

Link to comment
Share on other sites

pwhodges

Sorry, I haven't checked this out yet, not least because a plugin that one of my websites relies on is not yet available for v2, so I can't yet go over to it.

 

But as I said that, I'll try to run a test of the proxy usage through in the next day or three...  As I have multiple IP addresses I can set that up on a spare one without interfering with my existing arrangements.

 

Paul

Link to comment
Share on other sites

  • 2 weeks later...
pwhodges

OK, I have run an initial trial of Caddy version 2, and it works as simply as they say it should.  I used Caddy 2 rc3 for the trial.  Note that you can no longer get Windows binaries of Caddy v1, only source, so v2 is where it's at now!

 

First, the setup I tried it in, and the assumptions I made.  A domain name is required for external access; you need to get that and specify your IP address in the DNS.  I use ports 80 and 443 for Caddy, because this enables it to get the required certificate from Let's Encrypt; it does this completely automatically in most circumstances, but you must have port 80 open for the process to work.  When you try to access port 80, however, Caddy automatically redirects the request to port 443 - again, you don't need to configure this or think about it.  So, I open ports 80 and 443 in my router to the machine running Caddy (and in the router's firewall as well, if this is a separate action), and ensure that the Windows firewall will also allow these ports through to caddy.exe.

 

Next, I am running Emby in another machine, which for this example has IP address 192.168.1.66.  I leave its ports as default, and only use the http one (8096).  As it's on a different machine I could change this to port 80 for convenience, but I don't bother for other reasons.

 

For an initial test, I went to the directory where I had dropped the Caddy executable and in a command window in the directory containing Caddy typed the command:

caddy reverse-proxy --from emby.mydomain.com --to http://192.168.1.66:8096

That's it - the first time it may take a little while to get the certificate organised, but subsequent runs will be almost instant, as the certificate is already in place.  The command doesn't return, so the window needs to be preserved while Caddy is running in this manner.  Then simply typing emby.mydomain.com in a browser shows me what I expect.  Note, I use the external domain name for internal access as well - this means that I can set up mobile devices to work whether I am at home or away.  This does require a router that will loop back internal requests to the outside address efficiently, though; my Draytek Vigor does this perfectly.

 

Finally I tried a config file for Caddy which enables running in the background or as a service (I haven't checked setting Caddy 2 up as a Windows service yet, which is how I'm running Caddy v1).

 

This went as follows: in the same directory as caddy.exe I created a file called caddyfile (no extension).  In this I placed the following text:

{
    email name@maildomain.com
}

emby.mydomain.com {
    reverse_proxy http://192.168.1.66:8096
}

Note the underscore in "reverse_proxy" where the command line version had a dash.  If you can't find how to edit a file without an extension, create it with ".txt" and then delete the extension after editing it.  The email directive enables Let's Encrypt to email you warnings if problems arise in the future.  If Caddy is started in the directory containing the exe file and caddyfile, it will automatically use the specified configuration.  I first simply ran it in the command window using the following command:

caddy run

As before, this does not return, and the proxy is now operating.  It is also possible to start Caddy in the background from a command, thus:

caddy start

In this case you can stop it using the command:

caddy stop

which is rather unsurprising.  If you ran caddy using the previous commands which held the window without returning, Ctrl-C will stop it in the usual manner, as will closing the window, or using the "caddy stop" command in another window.

 

At least in my system, this really is all it takes for the proxy to work and do all the things required.  But Caddy can be extensively customised if other systems require tweaks.  There is even a facility to give it an nginx config file which it should then translate internally, but as I don't use nginx, I'm not going to try that out - in any case, it would take as much typing to specify that as to provide the trivially simple Caddy commands that work.

 

Paul

Edited by pwhodges
  • Thanks 1
Link to comment
Share on other sites

pwhodges

Hi. Did you complete this? I'm so frustrated because i cant get caddy v2 working properly with emby, the webversion works like a charm but connecting through apps breaks playback.

 

My test setup works fine with the apps I've tried.  Since they also use the web address to contact the server, I don't why they should behave differently.

 

Paul

Link to comment
Share on other sites

bennystarfighter

Great testing and thanks for your time!

 

Did you test playback through the android Emby app or something likewise, because in my testing with v2 playback through the android app didnt work, the only thing that worked was browser access. The android app still connected to the server and browsing worked as usual but playback was broken.

With v1 im passing and changing some headers to make that work properly but it didnt work as expected with v2 after converting the config to v2's syntax (at least in my testing).

 

working v1 config:

emby.mydomain.com:8920, emby.mydomain.com {
  proxy / 127.0.0.1:8096 {
          websocket
          transparent
          header_upstream Host {host}
          header_upstream X-Real-IP {remote}
          header_upstream X-Forwarded-For {remote}
          header_upstream X-Forwarded-Port {server_port}
          header_upstream X-Forwarded-Proto {scheme}
    }
}
Edited by bennystarfighter
Link to comment
Share on other sites

pwhodges

I've played back videos successfully with the Android app (on my local network, but using the external address) and the iOS app (on a phone away from the house).  Both played videos with no problem.  The iOS test was slow to start the playback, but that could have been phone network congestion, and playback was smooth once started.

 

Caddy v2 doesn't need "websocket" or "transparent" - the effect of those is the default behaviour.  I don't know about the headers - I never found the need to add or modify them.

 

Paul

Link to comment
Share on other sites

  • 2 weeks later...
JulesC

@pwhodges Thank you for sharing your learnings. I've completed the setup for the Domains and the SSL certs. I've installed Caddy 2 and ran your first suggested command line:

Example: caddy reverse-proxy --from emby.mydomain.com --to http://192.168.1.66:8096 ( my port is :80 because Caddy & Emby are running on the same box)

Attached is a screenshot. I'm new at this, so I can't totally confirm if it's working as expected or not. Can you please take a look and let me know your thoughts.

Is there any Emby Setup required with Caddy 2? For example, here are the original step fro @@Mike B111:
“ Now log in to your Emby server setup. Go to "Network," in the field "External Domain" you put your domain name, so yourdomain.net or whatever you chose. For "Custom SSL certificate path," browse to the .pfx file that was created by the le64 program. In the "Certificate Password" field put whatever password you used in the .BAT file above when you created your certificate. Then for "Secure Connection Mode" I recommend you choose "Required for all remote connections."“

Thanks in advance for your help.

Edited by JulesC
Link to comment
Share on other sites

pwhodges

I don't know what the last entry in that log is warning of, but the preceding lines are all as expected, I think.  I don't generally look at the logs, preferring to judge how the program is actually performing its role.  If all is working as required, then I'm satisfied.

 

Because Caddy is dealing with the https certificate and communicating with Emby by http, you do not set up a certificate in Emby - indeed, it would break things if you try to require secure connection mode there.

 

Paul

Link to comment
Share on other sites

JulesC

I don't know what the last entry in that log is warning of, but the preceding lines are all as expected, I think. I don't generally look at the logs, preferring to judge how the program is actually performing its role. If all is working as required, then I'm satisfied.

 

Because Caddy is dealing with the https certificate and communicating with Emby by http, you do not set up a certificate in Emby - indeed, it would break things if you try to require secure connection mode there.

 

Paul

@@pwhodges I wasn’t sure about the log entries either, especially the last line. Sorry about the Emby Server Setup steps above. I’ve updated in my last post with the steps from “SSL made easier with a Reverse Proxy”. I’m assuming these steps are still needed with Caddy v2.

https://emby.media/community/index.php?/topic/81476-ssl-made-easier-with-a-reverse-proxy/

 

I tried testing accessing my domain via my iPhone browser with no WiFi and I get this error:

 

This site can’t be reached

 

jgcmedia.net's server IP address could not be found.

 

Try:

Checking the connection

ERR_NAME_NOT_RESOLVED

 

Here is my caddyfile:

 

{
    email myemail@domain.com
 
}
 
emby.mydomain.net {
    
   reverse_proxy http://192.168.1.89:80
 
}

 

When I run "caddy start" (after caddy run), here is the error message I receive:

"caddy process exited with error: exit status 1" 

Do you see any errors in my caddyfile?

 

I've checked the IP address (WAN/Public) associated to my Domain - via Google Domain.

 

I've tested the Port Forwarding for :80 and :443 and they both tested successful

 

Any ideas? Thanks for your assistance.

Edited by JulesC
Link to comment
Share on other sites

pwhodges

That's nothing to do with Caddy, nor Emby.  The domain "jgcmedia.net" is not yet set up!  Assuming you've bought that domain (it's less than a month old, if I read it right), you have missed the step where you configure it, telling it your IP address, where you want mail sent, and so on.

 

Paul

Link to comment
Share on other sites

JulesC
On 5/18/2020 at 12:50 PM, pwhodges said:

That's nothing to do with Caddy, nor Emby. The domain "jgcmedia.net" is not yet set up! Assuming you've bought that domain (it's less than a month old, if I read it right), you have missed the step where you configure it, telling it your IP address, where you want mail sent, and so on.

 

Paul

@pwhodges thank you. Yes, I’ve recently switched ISP and added a new router (new variables). I can access my home server through the IP address with the port forwarding in place, but not via the domain name. I’ll redo the domain steps and SSL.

 

With Caddy V2, do I still need to perform these setup steps for Emby:

Go to your Emby server configuration, under Network. Keep local HTTP as 8096 and local HTTPS as 8920. Be sure to check "Allow remote connections to this Emby server." Change public HTTP port to 80 and public HTTPS port to 443. Under external domain put in media.mydomain.net (substitute with your actual domain name of course). You don't need anything for certificates. Then for Secure Connection Mode, choose "Handled by reverse proxy." Uncheck enable automatic port mapping, because you've already set up port forwarding in your router to your Caddy server.

 

UPDATE: These steps were required for my particular setup.

 

Please note: I have Emby and Caddy V2 running on the same box. Also, I’m starting with Caddy V2 fresh, I never used V1.

 

Thank you again for your help.

Edited by JulesC
Link to comment
Share on other sites

JulesC

@pwhodges  just wanted to let you know that I FINALLY got Caddy 2 (Reverse Proxy) working with my old Windows Home Server 2011 (yea, I'm working on replacing this dinosaur). IIS 7.5 wouldn't allow me to point to an external domain and I was unable to upgrade to a later version. Once I disabled (IIS 7.5) the resolving conflicts stopped and it's working like a champ.

 

FYI - In case anyone else is looking for another resource for Windows and Caddy V2 - check this out: http://shorturl.at/dezE7 - it references Emby ;) (I'm not interested in the other media solutions). Hope this is helpful

Edited by JulesC
  • Like 1
Link to comment
Share on other sites

  • 4 months later...
neunghaha28
On 5/4/2020 at 8:53 PM, pwhodges said:

 

My test setup works fine with the apps I've tried.  Since they also use the web address to contact the server, I don't why they should behave differently.

 

Paul

@pwhodges @Luke Caddy v2 on Kodi addons Embycon and Emby Cannot Resume because It will always start over.

how to fix problem?

Edited by neunghaha28
Link to comment
Share on other sites

neunghaha28
3 hours ago, Luke said:

Hi, can we please look at an example? Please attach the information requested in how to report a media playback issue. thanks !

@pwhodges @Luke

Caddy v2.2.0

emby.xxx.me {
encode gzip
push
  tls xxx {
  dns cloudflare xxx
}
                log {
                        output file /config/log/caddy.e.log {
                                roll true                               # Rotate logs, enabled by default
                                roll_size_mb 5                  # Set max size 5 MB
                                roll_gzip true                  # Whether to compress rolled files
                                roll_local_time true    # Use localhost time
                                roll_keep 2                             # Keep at most 2 log files
                                roll_keep_days 7                # Keep log files for 7 days
                        }
                }
    reverse_proxy 127.0.0.1:8096
}

Embyserver  v4.5.0.30 Beta

Kodi v18.8.0 Addons Emby 4.1.20

Log time 12:37 Onwards.

 

embyserver.txt kodi.log

Edited by neunghaha28
Link to comment
Share on other sites

neunghaha28
14 minutes ago, Luke said:

Questions -

  • are you able to seek normally during playback?
  • are you able to resume from the web app?

@Luke

  • are you able to seek normally during playback?

            Can't scroll like in the video

  • are you able to resume from the web app?

           Resume from web app or app emby android No problem. It works flawlessly.

Edited by neunghaha28
Link to comment
Share on other sites

Quote
  • are you able to seek normally during playback?

           I don't understand

meaning are you able to skip around?

Link to comment
Share on other sites

neunghaha28
4 minutes ago, Luke said:

meaning are you able to skip around?

@Luke

Can't skip from kodi Addons Emby and Embycon.

Edited by neunghaha28
Link to comment
Share on other sites

have you tried it without caddy for testing/comparison purposes? from past experience this sounds like some of the request or response headers are getting lost while passing through the reverse proxy. Specifically I mean the range request and response headers that would be needed for skipping (which is what a resume essentially does).

I realize caddy isn't the same as nginx, but i would suggest comparing your reverse proxy configuration to that of @pir8radio 's nginx configuration.

Link to comment
Share on other sites

neunghaha28
29 minutes ago, Luke said:

have you tried it without caddy for testing/comparison purposes? from past experience this sounds like some of the request or response headers are getting lost while passing through the reverse proxy. Specifically I mean the range request and response headers that would be needed for skipping (which is what a resume essentially does).

I realize caddy isn't the same as nginx, but i would suggest comparing your reverse proxy configuration to that of @pir8radio 's nginx configuration.

 

@Luke

I have never used nginx.

 

I use Caddy only.

😭😭 😭

Link to comment
Share on other sites

pir8radio
14 hours ago, neunghaha28 said:

 

@Luke

I have never used nginx.

 

I use Caddy only.

😭😭 😭

I can't help with caddy, but google how to add your own headers to the config..  you will probably want to add the below.    So you want the Range header to map the HTTP_RANGE value from the client and If-Range header to the http_if_range from the client. 

proxy_set_header Range $http_range; 
proxy_set_header If-Range $http_if_range; 
  • Thanks 1
Link to comment
Share on other sites

pwhodges
20 hours ago, neunghaha28 said:

@pwhodges @Luke Caddy v2 on Kodi addons Embycon and Emby Cannot Resume because It will always start over.

how to fix problem?

I have no problem with resuming, using Caddy v1.  I have no added headers or anything, as Caddy's defaults are generally correct.  I'm not at home, so I can't test it with my Caddy v2 setup until Sunday, but I'm pretty sure I tested that behaviour previously and found no problem.

However, I don't use the add-ons you have, nor CloudFlare.

Paul

  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...