Caddy: Websocket problem after upgrading from 0.9.2 to 0.9.3

Created on 8 Oct 2016  路  11Comments  路  Source: caddyserver/caddy

1. What version of Caddy are you running (caddy -version)?

0.9.3

2. What are you trying to do?

I am trying to proxy to drone server (https://github.com/drone/drone).

3. What is your entire Caddyfile?

https://xx.yy.zz {
    tls {
        dns digitalocean
    }
    proxy / localhost:8000 {
        websocket
        header_upstream Host {host}
        header_upstream X-Real-IP {remote}
        header_upstream X-Forwarded-For {remote}
        header_upstream X-Forwarded-Proto {scheme}
    }
}

4. How did you run Caddy (give the full command and describe the execution environment)?

Ubuntu 14.04 with following command:

DO_AUTH_TOKEN=xx /usr/local/bin/caddy -agree=true -http2=false -conf=/etc/caddy/Caddyfile -pidfile=/var/run/caddy.pid -log=/var/log/caddy/caddy.log

5. What did you expect to see?

Working websocket connections, everything was working on 0.9.2 with no config changes.

6. What did you see instead (give full error messages and/or log)?

For websockets connection i get errors like:

WebSocket connection to 'wss://xx.yy.zz/ws/feed' failed: Error during WebSocket handshake: Unexpected response code: 200

7. How can someone who is starting from scratch reproduce this behavior as minimally as possible?

The hard way:

  1. Setup drone server: http://readme.drone.io/0.5/installation/server/
  2. Setup caddy proxy using provided config.
bug
Source
picture jbub

All 11 comments

Hey @jbub, thanks for the report. Do you have the ability to build from source? If so, can you try building it at a661007a559e23aaef7952b9a87fb1608da127ad ? (I'm traveling so a little too busy to install drone, etc. at the moment.) Or try bisecting until you find the commit that broke it? Apparently we need more tests...

mholt picture mholt on 9 Oct 2016

Hello @mholt, just tried with a661007 and its working. I also tried bisecting and the last working commit is 617012c3fb701502f98ad9b7c27617a94560c581, original behaviour was broken by d0ddfc849df4c7e50487a8d0f1c2cac6d057be3f. Thank you.

jbub picture jbub on 9 Oct 2016

Oops. @tw4452852, apparently that change broke something with websockets. I won't have a chance to check it out for a while, if you wanted to take a look maybe.

mholt picture mholt on 9 Oct 2016

Sure, I will check it. Sorry for regression.

tw4452852 picture tw4452852 on 10 Oct 2016

Weird, d0ddfc8 only for header plugin, but header plugin isn't used from the Caddyfile @jbub supplied.

@jbub Do you upload the entire Caddyfile you used?

tw4452852 picture tw4452852 on 10 Oct 2016
😕1

@tw4452852 no i stripped the header parts :)

After debugging the config, this is the actual part that breaks it:

header / {
    Content-Security-Policy "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/"
    Strict-Transport-Security "max-age=31536000; preload" # 30 days
}

The full unstripped config:

https://xx.yy.zz {
    tls {
        dns digitalocean
    }
    gzip {
        ext .css .js .jpeg .jpg .png .gif
    }
    proxy / localhost:8000 {
        websocket
        transparent
    }
    log /var/log/caddy/drone-access.log {
        rotate {
            size 100 # rotate after 100 MB
            age  14  # keep log files for 14 days
            keep 10  # keep at most 10 log files
        }
    }
    errors {
        log /var/log/caddy/drone-error.log {
            size 100 # rotate after 100 MB
            age  14  # keep log files for 14 days
            keep 10  # keep at most 10 log files
        }
    }
    header / {
        Content-Security-Policy "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/"
        Strict-Transport-Security "max-age=31536000; preload" # 30 days
    }
    header /favicon.ico {
        Cache-Control "max-age=2592000" # 30 days
    }
    header /static {
        Cache-Control "max-age=2592000" # 30 days
    }
    cors / {
        origin https://xx.yy.zz
        allow_credentials false
    }
}
jbub picture jbub on 10 Oct 2016

@jbub Ah, _thank you_ for posting the full Caddyfile (this is why we ask for the _entire_ Caddyfile in the issue template!) - that helps a lot.

mholt picture mholt on 10 Oct 2016

Yes im sorry, should have posted the full config first time, my bad. Hopefully it will help you find the problem :)

jbub picture jbub on 10 Oct 2016
👍1

It should works now.

@jbub Could you please have a try with my patch to confirm? Thanks.

@mholt Seem ci has broken due to my refactor, need some changes.

tw4452852 picture tw4452852 on 10 Oct 2016

@tw4452852 can confirm that 974b16a8789c985986f7d54270f5f0b41e6da369 works.

jbub picture jbub on 10 Oct 2016

As usual, thanks to Tw for fixing the bug. :smile:

mholt picture mholt on 14 Oct 2016
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

aeroxy picture aeroxy  路  3Comments
ericmdantas picture ericmdantas  路  3Comments
mschneider82 picture mschneider82  路  3Comments
klaasel picture klaasel  路  3Comments
xfzka picture xfzka  路  3Comments