Problem with caddy and vaultwarden server misbehaving

LuckyFire · November 29, 2022, 11:46am

so it seems and I’m not sure what I changed (if I changed anything at all don’t remember)
but I seem to be getting this server misbehaving error looking at the docker logs for vaultwarden I can’t seem to see anything so I’m assuming its an issue with caddy but just in case decided to post here please correct me if it is

{"level":"error","ts":1669721245.8633182,"logger":"http.log.error","msg":"dial tcp: lookup vaultwarden on 127.0.0.53:53: server misbehaving","request":{"remote_ip":"192.168.1.124","remote_port":"32667","proto":"HTTP/2.0","method":"POST","host":"viperhome.skye.moe","uri":"/identity/connect/token","headers":{"Bitwarden-Client-Name":["browser"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36"],"Accept-Language":["en-US,en;q=0.9"],"Accept":["application/json"],"Bitwarden-Client-Version":["2022.10.1"],"Sec-Gpc":["1"],"Accept-Encoding":["gzip, deflate, br"],"Device-Type":["2"],"Sec-Fetch-Mode":["cors"],"Sec-Fetch-Dest":["empty"],"Sec-Fetch-Site":["none"],"Content-Length":["151"],"Content-Type":["application/x-www-form-urlencoded; charset=utf-8"],"Origin":["chrome-extension://nngceckbapebfimnlniiiahkandclblb"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"domain.1"}},"duration":0.005867847,"status":502,"err_id":"r67eimsxx","err_trace":"reverseproxy.statusError (reverseproxy.go:1272)"} {"level":"error","ts":1669721443.0998595,"logger":"http.log.error","msg":"dial tcp: lookup vaultwarden on 127.0.0.53:53: server misbehaving","request":{"remote_ip":"192.168.1.124","remote_port":"32667","proto":"HTTP/2.0","method":"POST","host":"viperhome.skye.moe","uri":"/identity/connect/token","headers":{"Bitwarden-Client-Version":["2022.10.1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36"],"Content-Type":["application/x-www-form-urlencoded; charset=utf-8"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["cors"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-US,en;q=0.9"],"Device-Type":["2"],"Bitwarden-Client-Name":["browser"],"Origin":["chrome-extension://nngceckbapebfimnlniiiahkandclblb"],"Sec-Fetch-Dest":["empty"],"Content-Length":["151"],"Accept":["application/json"],"Sec-Gpc":["1"]},"tls":{"resumed":false,"version":772,"cipher_suite":4867,"proto":"h2","server_name":"domain.1"}},"duration":0.008268213,"status":502,"err_id":"d081549mi","err_trace":"reverseproxy.statusError (reverseproxy.go:1272)"}

DOMAIN.1:443 {
  # Use the ACME DNS-01 challenge to get a cert for the configured domain.
  tls {
    dns cloudflare 
  }

  # This setting may have compatibility issues with some browsers
  # (e.g., attachment downloading on Firefox). Try disabling this
  # if you encounter issues.
  encode gzip

  # Notifications redirected to the WebSocket server
  reverse_proxy /notifications/hub vaultwarden:3012

  # Proxy everything else to Rocket
  reverse_proxy vaultwarden:8080

}

https://DOMAIN.2 {
        @hs-options {
                host DOMAIN.2
                method OPTIONS
        }
        @hs-other {
                host domain.2
        }
        handle @hs-options {
                header {
                        Access-Control-Allow-Origin domain.2
                        Access-Control-Allow-Headers *
                        Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE"
                }
                respond 204
        }
        handle @hs-other {
                reverse_proxy http://domain.2:8080 {
                        header_down Access-Control-Allow-Origin domain.2
                        header_down Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE"
                        header_down Access-Control-Allow-Headers *
                }
        }
}

https://DOMAIN.3 {
          log
          reverse_proxy * 172.25.0.100:13000
        }

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    # line above must be uncommented to allow external containers to connect. See https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun#external-container-to-gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 6881:6881
      - 6881:6881/udp
      - 5801:5800
      - 8112:8112
      - 58846:58846
      - 58946:58946
    volumes:
      - /home/rainee/config/gluetun:/gluetun
    environment:
      # See https://github.com/qdm12/gluetun/wiki
      - VPN_SERVICE_PROVIDER=
      - VPN_TYPE=wireguard
      - SHADOWSOCKS=on
      - SHADOWSOCKS_LOG=on
      - SHADOWSOCKS_PASSWORD=
  # Wireguard:
      - WIREGUARD_PRIVATE_KEY=
      - WIREGUARD_ADDRESSES=
      - SERVER_HOSTNAMES=
      - TZ=America/
    # Firewall
      - FIREWALL_OUTBOUND_SUBNETS=1
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0
  jdownloader-2:
    image: jlesage/jdownloader-2
    container_name: jdownloader2
    network_mode: "service:gluetun"
    volumes:
      - "/home/rainee/config/jdownloader-2:/config:rw"
      - "/mnt/skycloud/downloads:/output:rw"
  fenrus:
    image: revenz/fenrus
    container_name: fenrus
    environment:
      - TZ=America/
    volumes:
      - /home/rainee/config/fenrus:/app/data
      - /home/rainee/config/fenrus/images:/app/wwwroot/images
    ports:
      - 3000:3000
    restart: unless-stopped
  deluge:
    image: lscr.io/linuxserver/deluge:latest
    container_name: deluge
    network_mode: "service:gluetun"
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Los_Angeles
      - DELUGE_LOGLEVEL=error
    volumes:
      - /home/rainee/config/deluge:/config
      - /mnt/skycloud/downloads:/downloads
      - /mnt/skycloud/data/torrent:/data/torrents
  metube:
    image: alexta69/metube
    container_name: metube
    restart: unless-stopped
    ports:
      - "8081:8081"
    volumes:
      - /mnt/skycloud/downloads:/downloads
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    expose:
      - "3012"
      - "8080"
    environment:
      WEBSOCKET_ENABLED: "true"
      ADMIN_TOKEN: ""
      YUBICO_CLIENT_ID: ""
      YUBICO_SECRET_KEY: ""
      ROCKET_PORT: 8080
    volumes:
      - /home/rainee/config/bitwarden/bw-data:/data
  shoko_server:
    container_name: shokoserver
    image: shokoanime/server:latest
    restart: always
    environment:
      - "PUID=1000"
      - "PGID=1000"
      - "TZ=America/Los_Angeles"
    ports:
      - "8111:8111"
    volumes:
      - "/home/rainee/config/shoko-config:/home/shoko/.shoko"
      - "/mnt/skycloud/data/media/anime:/mnt/anime"
      - "/mnt/skycloud/downloads:/mnt/import"
  deemix:
    image: registry.gitlab.com/bockiii/deemix-docker
    container_name: Deemix
    volumes:
      - /mnt/skycloud/data/media/music:/downloads
      - /home/rainee/config/deemix:/config
    environment:
      - PUID=1000
      - PGID=1000
      - UMASK_SET=022
      - DEEMIX_SINGLE_USER=true
    ports:
      - 6595:6595
  caddy:
    image: caddy:2
    container_name: caddy
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./caddy:/usr/bin/caddy  # Your custom build of Caddy.
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - /home/rainee/config/caddyconfig/caddy-config:/config
      - /home/rainee/config/caddyconfig/caddy-data:/data
    environment:
      DOMAIN: "domainhere"  # Your domain.
      EMAIL: "emailhere"                 # The email address to use for ACME registration.
      LOG_FILE: "/data/access.log"
    network_mode: "host"
  headscale:
    container_name: headscale
    image: headscale/headscale:latest-alpine
    restart: unless-stopped
  #  ports:
  #    - 8080:8080
    volumes:
      - /home/rainee/config/headscale/config:/etc/headscale
      - /home/rainee/config/headscale/data:/var/lib/headscale
    entrypoint: headscale serve
    networks:
      reverseproxy-nw:

  headscale-ui:
    container_name: headscale-ui
    image: ghcr.io/gurucomputing/headscale-ui:latest
    restart: unless-stopped
    networks:
      reverseproxy-nw:
  firezone:
    image: firezone/firezone
    ports:
      - 51820:51820/udp
    env_file:
      # This should contain a list of env vars for configuring Firezone.
      # See https://docs.firezone.dev/reference/env-vars for more info.
      - ${FZ_INSTALL_DIR:-.}/.env
    volumes:
      # IMPORTANT: Persists WireGuard private key and other data. If
      # /var/firezone/private_key exists when Firezone starts, it is
      # used as the WireGuard private. Otherwise, one is generated.
      - ${FZ_INSTALL_DIR:-.}/firezone:/var/firezone
    cap_add:
      # Needed for WireGuard and firewall support.
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      # Needed for masquerading and NAT.
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv4.ip_forward=1
      - net.ipv6.conf.all.forwarding=1
    depends_on:
      - postgres
    networks:
      firezone-network:
        ipv4_address: 172.25.0.100

  postgres:
    image: postgres:15
    volumes:
      - postgres-data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: ${DATABASE_NAME:-firezone}
      POSTGRES_USER: ${DATABASE_USER:-postgres}
      POSTGRES_PASSWORD: ${DATABASE_PASSWORD:?err}
    networks:
      - firezone-network

# Postgres needs a named volume to prevent perms issues on non-linux platforms
volumes:
  postgres-data:

networks:
  reverseproxy-nw:
    external: true
  firezone-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.25.0.0/16

Topic		Replies	Views
Self host vaultwarden stops working suddenly Help	1	1975	October 31, 2021
I get a "Client sent an HTTP request to an HTTPS server" error on all pages Help	2	3988	February 1, 2023
vaultwarden+Caddy+iOS app not working Third Party Help	1	793	June 12, 2022
Unable to install vaultwarden on docker (Ubuntu 20.04)	8	1755	February 22, 2022
SSL Error on admin panel with caddy Help	0	421	October 15, 2022

Problem with caddy and vaultwarden server misbehaving

Related topics