Body size upload limits with HTTPS

[timothyallan]

I've got a production site running Laravel 5.3 which I'm trialling Caddy with on a staging server. There's a main image upload feature, where people can upload images of various sizes: 500Kb-75MB or so. This works great with NGINX, but is pulling funnies with Caddy.

Files < 400Kb or so upload just fine through Caddy, however, if I throw something > 1MB at it, Caddy just hangs. No errors reported that I can find. Caddy gets the SSL cert, serves all my 'regular' files just fine, but conks out on large uploads.

I'm using the stock download with no plugins.

PhpInfo is the same as the working live site, and reports:

post_max_size   100M
upload_max_filesize 100M
max_execution_time  300

so I'm pretty sure it's not a PHP issue. Any suggestions on how to fix the silent hanging?

1. What version of Caddy are you running (caddy -version)?

.93

2. What are you trying to do?

Upload largish image files

3. What is your entire Caddyfile?

'my staging website here' {
    tls 'my email address here'

    root /var/www/public

    log stdout
    errors stdout

    fastcgi / 127.0.0.1:9000 php {
        index index.php
    }

    rewrite {
        to {path} {path}/ /index.php?{query}
    }
}

4. How did you run Caddy (give the full command and describe the execution environment)?

via Supervisor in a Docker container:

[program:caddy]
command=/usr/bin/caddy -conf="/etc/Caddyfile" -ca "https://acme-staging.api.letsencrypt.org/directory"
autorestart=true
stdout_events_enabled=true
stderr_events_enabled=true
redirect_stderr=true
stdout_logfile=/var/log/supervisor/caddy.log

5. What did you expect to see?

Files uploaded!

6. What did you see instead (give full error messages and/or log)?

I've got Charles Proxy monitoring the whole thing, and it just sits there waiting to hear back from Caddy. Caddy Log is normal

7. How can someone who is starting from scratch reproduce this behavior as minimally as possible?

Upload some large jpgs??

[elimisteve]

Hi @timothyallan, I'm about to set Caddy up and I'm curious why Supervisor is being used if you're running Caddy in a Docker container?

[timothyallan]

Oh, that's because I've got caddy and php7 running in the same container, plus a startup script that needs to do some housekeeping while they're all starting up.

[timothyallan]

Okay, after much more mucking around, this only happens on HTTPS connections. With HTTP I can upload any file size to my hearts content. I've got it on a Digital Ocean droplet currently, with a valid HTTPS cert from the cme-staging.api.letsencrypt.org CA.

Commenting out the HTTPS code, and using the following 'fixes' the mysterious hanging issue.

#'my staging website here' 
0.0.0.0:80 {
  #  tls 'my email address here'

[timothyallan]

Still trying to get this going. HTTP works great, as soon as HTTPS is enabled, it dies on large file uploads. Here's a report from Charles Proxy, do any of the settings ring an alarm bell?

URL https://staging.myrealurl.com/api/v1
Status  Sending request body…
Response Code   -
Protocol    HTTP/2.0
SSL TLSv1.2 (TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
Method  POST
Kept Alive  Yes
Content-Type    -
Client Address  /127.0.0.1
Remote Address  staging.myrealurl.com/my.real.ip.here
Connection  
Connection  #969448758
Stream Id   59
Client Settings 
SETTINGS_HEADER_TABLE_SIZE = 4096
SETTINGS_ENABLE_PUSH = 1
SETTINGS_MAX_CONCURRENT_STREAMS = 1000
SETTINGS_INITIAL_WINDOW_SIZE = 6291456
SETTINGS_MAX_FRAME_SIZE = 16384
SETTINGS_MAX_HEADER_LIST_SIZE = unlimited

Server Settings 
SETTINGS_HEADER_TABLE_SIZE = 4096
SETTINGS_ENABLE_PUSH = 1
SETTINGS_MAX_CONCURRENT_STREAMS = 250
SETTINGS_INITIAL_WINDOW_SIZE = 65535
SETTINGS_MAX_FRAME_SIZE = 1048576
SETTINGS_MAX_HEADER_LIST_SIZE = 1048896

[timothyallan]

So, it would seem that while using the -ca "https://acme-staging.api.letsencrypt.org/directory" will give you a green lock icon, and will work perfectly fine uploading small files, it won't, for whatever reason, allow you to upload large files with .93. Once you stop using the staging/test LE cert, it appears that you can then upload large files.

Edit: aaaand disregard, lots of large uploads still kill caddy with SSL enabled. Sigh.

[mholt]

Did you figure out the issue?

[timothyallan]

Nope, nobody else seemed to be having that issue, and I've blown too much time trying to get it going, so I'll just use nginx for now.

[mholt]

@timothyallan Try upgrading to 0.9.5 and see if that helps. We fixed some weird issues. (Remember to disable or increase the default timeouts!)