proxyprotocol prevents from reloading with kill -USR1

Question

proxyprotocol prevents from reloading with kill -USR1

Closed this issue 5 years ago · 8 comments

Not sure if the problem comes from caddy or the proxyprotocol plugin.

If I setup caddy as a reverse proxy (with haproxy in front of it) and define the proxyprotocol directive, as soon as I kill -USR caddy, I end-up in an unusable state with an SSL error in the browser and the following error in the caddy log:

caddy_1 | 2018/06/16 21:25:06 http: TLS handshake error from 172.18.0.4:51960: tls: oversized record received with length 22617

Answer 1 · 2018-06-16T21:46:11.000Z

If I remove the proxyprotocol, (and disable the send-proxy in haproxy), I can kill -USR1 caddy, and the configuration is reloaded correctly without leading to an TLS error.

Answer 2 · 2018-11-06T23:48:05.000Z

This appears to be a bug in Caddy with listener middleware not being re-applied after reload.

I'll update/close this once the fix has been merged.

Answer 3 · 2018-11-23T12:49:18.000Z

is there already an issue in mholt/caddy repo to link to ?

Answer 4 · 2018-11-24T15:18:43.000Z

I don't think there is, yet.

However, this branch has a fix, if you are able to validate:
https://github.com/mholt/caddy/tree/reload-ln-middleware

Answer 5 · 2018-11-26T09:02:58.000Z

@mastercactapus,

Thanks for the reference I'll give a try.

Answer 6 · 2019-01-04T01:48:39.000Z

Fix has been merged into caddy master. I'll close this once it makes it into a release, assuming no issues crop up.
caddyserver/caddy@620f968

Answer 7 · 2019-02-04T08:15:26.000Z

As far as I understand this is part of Caddy v0.11.2. I'll test it some how in a couple of days.

Answer 8 · 2019-04-25T01:29:13.000Z

Closing this from age and seems to be resolved.