502 bad gateway

[lc3t35]

1. What version of Caddy are you using (caddy -version)?

0.10.10

2. What are you trying to do?

Having Caddy work again after a docker update and reboot

3. What is your entire Caddyfile?

www.x.com {
  root /home/x.com
  tls [email protected] {
    max_certs 10 
  }
  log /var/log/caddy/www.x.com
}

yyy.x.com {
  tls [email protected] {
    max_certs 10
  }
  log /var/log/caddy/yyy.x.com
  proxy / localhost:800x {
    policy ip_hash
    websocket
    transparent
  }
}

4. How did you run Caddy (give the full command and describe the execution environment)?

docker with this command line :

docker run -d \
     -v $(pwd)/Caddyfile:/etc/Caddyfile \
     -v $(pwd)/logs:/var/log/caddy \
     -v /home/x.com:/home/x.com \
     -v $HOME/.caddy:/root/.caddy \
     -p 80:80 -p 443:443 \
     --name caddy \
     abiosoft/caddy

5. Please paste any relevant HTTP request(s) here.

Access from remote navigator (a.b.c.d) and local curl command gives

a.b.c.d - - [05/Nov/2017:09:40:16 +0000] "GET / HTTP/2.0" 502 16
a.b.c.d - - [05/Nov/2017:09:40:16 +0000] "GET /favicon.ico HTTP/2.0" 502 16
a.b.c.d - - [05/Nov/2017:09:40:18 +0000] "GET / HTTP/2.0" 502 16
(server ip) - - [05/Nov/2017:10:07:56 +0000] "HEAD / HTTP/1.1" 502 16
(server ip) - - [05/Nov/2017:10:10:44 +0000] "HEAD / HTTP/1.1" 502 16

6. What did you expect to see?

2 web sites running at x.com and yyy.x.com

7. What did you see instead (give full error messages and/or log)?

x.com is working fine
502 bad gateway for yyy.x.com
test with

curl -Iv https://yyy.x.com
* Rebuilt URL to: https://yyy.x.com/
*   Trying 146.185.134.77...
* Connected to yyy.x.com (server ip) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: yyy.x.com (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: CN=yyy.x.com
* 	 start date: Sun, 29 Oct 2017 13:23:13 GMT
* 	 expire date: Sat, 27 Jan 2018 13:23:13 GMT
* 	 issuer: C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
* 	 compression: NULL
* ALPN, server accepted to use http/1.1
> HEAD / HTTP/1.1
> Host: yyy.x.com
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 502 Bad Gateway
HTTP/1.1 502 Bad Gateway
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8
< Server: Caddy
Server: Caddy
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< Date: Sun, 05 Nov 2017 10:07:56 GMT
Date: Sun, 05 Nov 2017 10:07:56 GMT
< Content-Length: 16
Content-Length: 16

< 
* Connection #0 to host yyy.x.com left intact

8. How can someone who is starting from scratch reproduce the bug as minimally as possible?

Docker version 17.09.0-ce, build afdb6d4

I did a fresh new server reinstall from DigitalOcean -> I have the same behaviour

see https://caddy.community/t/gnutls-handshake-failed-the-tls-connection-was-non-properly-terminated/2923

[elimisteve]

I'm having the same issue, but with version 0.9.3; DOMAIN.org works fine, xyz.DOMAIN.org -> HTTP 502 response.

EDIT: nevermind! Was my fault: I was proxying to another process that had died.

[lc3t35]

It seems to be related to /etc/hosts ipv6 configuration ... I solved by adding yyy.x.com as localhost for both v4 and v6

127.0.0.1	localhost yyy.x.com

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback localhost yyy.x.com

can someone print here his /etc/hosts file ::1 configuration ?

[francislavoie]

Rather than proxy / localhost:800x {, maybe try proxy / 127.0.0.1:800x { ?

[mholt]

Mine is simply ::1 localhost.

Going to close this, it doesn't appear to be a bug in Caddy.