I’m setting up a jellyfin server, and want to access it on the internet. I created a xxxxxxx.duckdns.org address for it. I have installed caddy with duckdns addon (first installed regular caddy, then overwrote /usr/bin/caddy with this custom caddy). My caddy file is as follows

XXXXXX.duckdns.org:9091 {
    reverse_proxy 127.0.0.1:8096
    tls {
        dns duckdns     XXXXXXXXXXXXXXXXX
    }
}

Started caddy and here’s my status. Doesn’t show any errors:

● caddy.service - Caddy
     Loaded: loaded (/lib/systemd/system/caddy.service; enabled; preset: enabled)
     Active: active (running) since Sun 2023-09-24 22:45:57 EDT; 32min ago
       Docs: https://caddyserver.com/docs/
   Main PID: 2132 (caddy)
      Tasks: 9 (limit: 8907)
     Memory: 11.7M
        CPU: 313ms
     CGroup: /system.slice/caddy.service
             └─2132 /usr/bin/caddy run --environ --config /etc/caddy/Caddyfile

Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1027205,"logger":"tls","msg":"cleaning storage unit","description":"FileStorage:/var/lib/caddy/.local/share/caddy"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1027687,"logger":"http","msg":"enabling HTTP/3 listener","addr":":9091"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1030562,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.103145,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1031566,"logger":"http","msg":"enabling automatic TLS certificate management","domains":["xxxxxx.duckdns.org"]}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1034396,"logger":"tls","msg":"finished cleaning storage units"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.104117,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695609957.1041856,"msg":"serving initial configuration"}
Sep 24 22:45:57 mediaserver-wyse5070thinclient systemd[1]: Started caddy.service - Caddy.
Sep 24 22:49:54 mediaserver-wyse5070thinclient caddy[2132]: {"level":"info","ts":1695610194.0222473,"logger":"admin.api","msg":"received request","method":"GET","host":"localhost:2019","uri":"/config","remote_ip":"127.0.0.1","remote_port":"53888","headers":{"Accept":["*/*"],"User-Agent":["curl/7.88.1"]}}

However, my reverse proxy doesn’t work. I can’t ping it. Same thing happens when I ping my global ip

PING xxxxxx.duckdns.org (104.183.123.226) 56(84) bytes of data.
From 192.168.1.254 (192.168.1.254) icmp_seq=4 Destination Host Unreachable
From 192.168.1.254 (192.168.1.254) icmp_seq=7 Destination Host Unreachable

I have previously setup dynamic dns successfully on raspberry pi for jellyfin, but unfortunately I didn’t document the steps.

I’m on ATT Fiber with BGW320-505, and have a Deco X5700. Please advise.

  • nieceandtowsOP
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Yeah I’ve port forwarded 9091, 443, 80, and 8096 for good measure.

    • SteveTech
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Do you have CGNAT?

      If you run traceroute 1.1.1.1 the first hop should be your router, and if the second starts with 100, 10, 172, or 192, then you probably have CGNAT.

      • nieceandtowsOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        The second one is the ip I use to login to my modem settings. (192.168.1.254)

          • nieceandtowsOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago
             1  _gateway (10.0.0.1)  0.443 ms  0.488 ms  0.557 ms
             2  192.168.1.254 (192.168.1.254)  1.977 ms  1.936 ms  2.006
             ms
             3  107-129-188-1.lightspeed.gnbonc.sbcglobal.net (107.129.1
            88.1)  2.454 ms  2.412 ms  2.605 ms
            
            • SteveTech
              link
              fedilink
              English
              arrow-up
              4
              ·
              1 year ago

              Oh so you’ve got double NAT. You’ll either have to put the modem into bridge mode, or port forward on both the router and modem.

              • nieceandtowsOP
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                That worked, thank you! I added all the ports at the modem level and after restart it’s working now, thank you so much!

                • SteveTech
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  No worries! I’d probably prefer bridge mode instead of double NAT, but I guess whatever works for you.