Basic reverse proxy on Cloudflare

1. The problem I’m having:

Trying to set up jellyfin as a reverse proxy, but something is misconfigured…

2. Error messages and/or full log output:

text  error  warn  system  array  login  

{"level":"info","ts":1741629074.2059858,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629074.2061577,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629074.2061615,"msg":"serving initial configuration"}
{"level":"info","ts":1741629074.2066343,"logger":"tls","msg":"cleaning storage unit","storage":"FileStorage:/data/caddy"}
{"level":"info","ts":1741629074.2068803,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1741629200.583151,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1741629200.5831907,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1741629200.5831974,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1741629200.5833302,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1741629200.5833359,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1741629200.9283364,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
{"level":"info","ts":1741629200.9286826,"msg":"adapted config to JSON","adapter":"caddyfile"}
{"level":"info","ts":1741629200.9290082,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1741629200.929058,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1741629200.929166,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0004e6500"}
{"level":"warn","ts":1741629200.9291723,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"warn","ts":1741629200.9291751,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"info","ts":1741629200.9291775,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629200.9292643,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629200.929268,"msg":"serving initial configuration"}
{"level":"info","ts":1741629200.9295766,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"90cb01b0-ac44-49fa-9431-425e82e233e5","try_again":1741715600.929576,"try_again_in":86399.999999835}
{"level":"info","ts":1741629200.929609,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1741629508.0431206,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1741629508.043344,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1741629508.0433555,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1741629508.0436661,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1741629508.0436728,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1741629508.3900383,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
{"level":"info","ts":1741629508.3906012,"msg":"adapted config to JSON","adapter":"caddyfile"}
{"level":"info","ts":1741629508.390992,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1741629508.3910627,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1741629508.3911226,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc000453f00"}
{"level":"warn","ts":1741629508.3911676,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"warn","ts":1741629508.3911712,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"info","ts":1741629508.3911726,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629508.3912613,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629508.3912659,"msg":"serving initial configuration"}
{"level":"info","ts":1741629508.391621,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"90cb01b0-ac44-49fa-9431-425e82e233e5","try_again":1741715908.39162,"try_again_in":86399.999999836}
{"level":"info","ts":1741629508.3916545,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1741629651.8556306,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1741629651.855658,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1741629651.855666,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1741629651.855951,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1741629651.855958,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1741629652.1945386,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
{"level":"info","ts":1741629652.1950908,"msg":"adapted config to JSON","adapter":"caddyfile"}
{"level":"info","ts":1741629652.195425,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1741629652.195475,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1741629652.1955307,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0004a9c80"}
{"level":"warn","ts":1741629652.195582,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"warn","ts":1741629652.1955853,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"info","ts":1741629652.1955864,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629652.1956918,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629652.1956968,"msg":"serving initial configuration"}
{"level":"info","ts":1741629652.195983,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"90cb01b0-ac44-49fa-9431-425e82e233e5","try_again":1741716052.195982,"try_again_in":86399.999999829}
{"level":"info","ts":1741629652.1960096,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1741629684.2719834,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1741629684.2720327,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1741629684.2720392,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1741629684.272154,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1741629684.2721608,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1741629684.623285,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
{"level":"info","ts":1741629684.623729,"msg":"adapted config to JSON","adapter":"caddyfile"}
{"level":"info","ts":1741629684.624212,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1741629684.6242752,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1741629684.6243343,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc00050f900"}
{"level":"warn","ts":1741629684.6243966,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"warn","ts":1741629684.6244001,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"info","ts":1741629684.6244013,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629684.6244905,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629684.6244948,"msg":"serving initial configuration"}
{"level":"info","ts":1741629684.6248121,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"90cb01b0-ac44-49fa-9431-425e82e233e5","try_again":1741716084.6248112,"try_again_in":86399.999999852}
{"level":"info","ts":1741629684.624838,"logger":"tls","msg":"finished cleaning storage units"}
{"level":"info","ts":1741629772.7915711,"msg":"shutting down apps, then terminating","signal":"SIGTERM"}
{"level":"warn","ts":1741629772.7915912,"msg":"exiting; byeee!! 👋","signal":"SIGTERM"}
{"level":"info","ts":1741629772.7916124,"logger":"http","msg":"servers shutting down with eternal grace period"}
{"level":"info","ts":1741629772.7917314,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
{"level":"info","ts":1741629772.7917361,"msg":"shutdown complete","signal":"SIGTERM","exit_code":0}
{"level":"info","ts":1741629773.1341603,"msg":"using config from file","file":"/etc/caddy/Caddyfile"}
{"level":"info","ts":1741629773.1345572,"msg":"adapted config to JSON","adapter":"caddyfile"}
{"level":"info","ts":1741629773.1349494,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
{"level":"warn","ts":1741629773.1350017,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}
{"level":"info","ts":1741629773.1350706,"logger":"tls.cache.maintenance","msg":"started background certificate maintenance","cache":"0xc0004f8b80"}
{"level":"warn","ts":1741629773.135104,"logger":"http","msg":"HTTP/2 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"warn","ts":1741629773.1351085,"logger":"http","msg":"HTTP/3 skipped because it requires TLS","network":"tcp","addr":":80"}
{"level":"info","ts":1741629773.1351097,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
{"level":"info","ts":1741629773.1352012,"msg":"autosaved config (load with --resume flag)","file":"/config/caddy/autosave.json"}
{"level":"info","ts":1741629773.1352048,"msg":"serving initial configuration"}
{"level":"info","ts":1741629773.1355035,"logger":"tls","msg":"storage cleaning happened too recently; skipping for now","storage":"FileStorage:/data/caddy","instance":"90cb01b0-ac44-49fa-9431-425e82e233e5","try_again":1741716173.1355026,"try_again_in":86399.999999822}
{"level":"info","ts":1741629773.1355288,"logger":"tls","msg":"finished cleaning storage units"}

3. Caddy version:

iarekylew00t/caddy-cloudflare:latest

4. How I installed and ran Caddy:

a. System environment:

Unraid 6.12.4

b. Command:

docker run
  -d
  --name='caddy'
  --net='bridge'
  -e TZ="America/Los_Angeles"
  -e HOST_OS="Unraid"
  -e HOST_HOSTNAME="Tower"
  -e HOST_CONTAINERNAME="caddy"
  -l net.unraid.docker.managed=dockerman
  -l net.unraid.docker.icon='https://hub.docker.com/api/media/repos_logo/v1/library%2Fcaddy'
  -p '1443:443/tcp'
  -p '180:80/tcp'
  -p '1443:443/udp' 'iarekylew00t/caddy-cloudflare'
1623917a6856ee76733959c568abc694fea20c83fd4b11615a90ad450431a64d

d. My complete Caddy config:

https://jellyfin.nagpal.house {
        reverse_proxy 10.0.0.141
        tls {
                dns cloudflare REDACTED API KEY
        }
}

5. Links to relevant resources:

Screenshot 2025-03-10 at 11.06.511259×116 14 KB

What exactly is the misconfiguration you believe you’re having? Is it due to not having HTTPS with Jellyfin? If so, it’s because of this error:

{"level":"warn","ts":1741629200.929058,"logger":"http.auto_https","msg":"server is listening only on the HTTP port, so no automatic HTTPS will be applied to this server","server_name":"srv0","http_port":80}

It appears you may have some kind of misconfiguration, which is likely the ports. No idea why you aren’t using the default ports, but you’ll need to add this to your global options block.

{
	http_port 180
	https_port 1443
}

That log message means the shared config isn’t the same as the one applied and given to Caddy.

@tknx please share proper details. We cannot help on hypotheticals.