Hi,
I've set up Caddy plugin and bound it to a specific interface by following the doc here : https://docs.opnsense.org/manual/how-tos/caddy.html#bind-caddy-to-interfaces. It works fine.
Now, I'm trying to run it unprivileged (https://docs.opnsense.org/manual/how-tos/caddy.html#run-caddy-process-unprivileged), but even if I change the ports to 8080 and 8443 in the Advanced Settings page, it tries to listen on port 443 when applying the change and restarting.
In the logs :
Error: loading initial config: loading new config: http app module: start: listening on 10.0.0.5:443: listen tcp 10.0.0.5:443: bind: permission denied
And in Caddy > Diagnotics > JSON Configuration, I see that it specifically tries to listen to port 443 :
{
"apps": {
"http": {
"grace_period": 10000000000,
"http_port": 8080,
"https_port": 8443,
"servers": {
"srv0": {
"automatic_https": {
"disable": true
},
"listen": [
"10.0.0.5:443"
],
Any idea ? Are these 2 features (binding to a specific interface and running unprivileged) imcompatible with each other ?
I don't know for sure. The default bind thing is not something that I test with while maintaining this plugin.
So for me it is unsupported in the scope of the os-caddy plugin.
You can try out the Caddy forum instead with your Caddyfile and ask what to do differently.
https://caddy.community/
Thanks for your answer. I managed to get it working, I stupidely forgot that I have an other custom config file in /usr/local/etc/caddy/caddy.d, and it was listing to 443... I changed it to 8443 (same port as defined in Advanced Settings) and now everything's fine.
Sorry for this useless post !
Its okay Im glad you figured this out. No shame for asking something after all. :)