Hello.
Pretty sure I’m doing something stupid, but I can’t find it.
I have Caddy and Uptime-kuma installed as Docker containers. They are on the same Docker bridge network. Both work fine (with the below exception).
I’m trying to monitor Caddy virtual hosts from Uptime-kuma and getting a timeout.
If I exec into the Uptime-kuma container, I can ping the host name I want to monitor (and the DNS is resolving correctly to the Docker hosts external IP).
But I can’t reach port 80/443 using telnet
or openssl
.
Any suggestions for what I might be doing wrong?
Thanks!
The way I have my monitoring set up is to poll the containers from behind the proxy layer. Ex. if I’m trying to poll Portainer for example:
--- services: portainer: ...
with the service name
portainer
from uptime-kuma within the same docker network it would look like this:
Can confirm this is working correctly to monitor that the service is reachable. This doesn’t however ensure that you can reach it from your computer, because that depends on if your reverse proxy is configured correctly and isn’t down, but that’s what I wanted in my case.
Edit: If you’re wanting to poll the http endpoint you would add it before like
http://whatever_service:whatever_port
Thanks. In this case I’m trying to monitor Caddy itself (sites that are just html files that it hosts rather than redirect to other containers). I could point the monitor at caddy:443 but then I’d need to find someway to specify the HOST: for the virtualhosting to work?
Oh I see, I definitely misunderstood what you were asking. How is your caddy server set up? Is it serving one site per subdomain (site.your.domain) or is it one site per path (your.domain/site/)? I am running traefik so I probably won’t be able to help with specifics, but it’s worth a shot.
Caddy is server subdomains and standalone domains, doesn’t seem to make a difference which is which … neither work. For the moment I’m monitoring them from another server but that’s annoying … which I could figure out what I’m doing wrong!
Are you hosting behind NAT / at home? If so, you may need to enable NAT reflection on your router.
I am behind cgnat but why would that matter for trying to reach a service on the same box?
It matters only if “the docker hosts external IP” your dns resolves is a public IP. In that case packets travel to the router which needs to map/send them back to the docker hosts LAN IP (NAT-Reflection). With cgnat this would need to be enabled on the carrier side, where you set up the port forwarding. If that’s not possible, split-DNS may be an alternative.
If “the docker hosts external IP” is actually your docker hosts LAN IP, all of that is irrelevant. Split-DNS would accomplish that.
Sorry I’m being stupid. I’m on CGNAT at home but this is actually on a VPS.