WSL2 Caddy Reverse Proxy In Docker

Question

I have a Caddy server running in Docker talking to a Node.JS server. This setup currently works on MacOS, but does not work on WSL2. I assume the issue has something to do with the fact that we're using http://host.docker.internal:3000 as the proxy address in the Caddyfile, but I don't know of a way to write it so it works on WSL2 and in MacOS.

docker-compose.yml:

version: '3.7'
services:
  caddy:
    image: 'abiosoft/caddy:latest'
    volumes:
      - ./certs:/root/certs # to sync mkcert certificates to Caddy
      - ./Caddyfile:/etc/Caddyfile # to mount custom Caddyfile
    ports:
      - '443:2015'
  db:
    container_name: service_local_db
    image: mysql:8.0
    environment:
      MYSQL_DATABASE: 'service_local'
      MYSQL_ROOT_PASSWORD: '******'
    ports:
      - '3306:3306'
    expose:
      - '3306'
    volumes:
      - database_volume:/var/lib/mysql
volumes:
  database_volume:

Caddyfile

servicename.url{
    log stdout
    tls /root/certs/servicename.local.pem /root/certs/servicename.local-key.pem

    proxy / http://host.docker.internal:3000 {
        websocket
        transparent
        header_upstream X-Marotagem  true
        header_upstream Host  "servicename.local"
    }
}

I have tried:

• Changing host.docker.internal to host-gateway. Even if that did work, it would inversely not allow it to work on MacOS.
• Adding 'host.docker.internal:host-gateway' as extra_hosts: under services in the docker-compose.yml. It did not work, but if it did I am not sure how it would affect MacOS.

Any help would be appreciated.

Answer 1

AFAIK host.docker.internal is not (yet?) implemented in Docker for Linux. But since you are using a bridge network (the default one), you can make something like a static IP-address for the host. There will be no need to use host.docker.internal after that, though if you like, you will be able to add it to a container with extra_hosts.

version: "2"
networks:
  default:
    ipam:
      driver: default
      config:
          # (mandatory) IP-address range for the containers
        - subnet: "10.50.0.0/24"
          # (optional) IP-address of the host
          # if not specified it will be the first IP-address of the subnet (10.50.0.1 in this case)
          gateway: 10.50.0.20
          # 'gateway' is only available in docker-compose version 2 at the moment

In this example gateway will be a host machine IP-address for containers in that network. You can use this value to create a working extra_hosts record:

extra_hosts:
- "host.docker.internal:10.50.0.20"

Unfortunately, gateway option is only supported in version 2 compose file specification at the moment, with version 3 you can specify only subnet. If gateway is not specified explicitly, it will be the first IP-address of the range (10.50.0.1 for the example above).

The configuration would not require changes, unless you would stumble into IP range overlapping. In other words, if the machine(s) where you will be running this would have no subnets (docker or other), overlapping with the range you've selected, there will be no problem. Otherwise you can pick another subnet and write a different address in extra_hosts.

Also note that changes to IPAM configuration are not permitted once a network has been created. You need to delete the old network before creating a new one. Use docker-compose down or docker network rm <network_name>.