Hi all. Hoping someone in the #SelfHosting community can help. I’m trying to set up #Linkwarden in #Docker behind #Caddy. The service is running, but I’m unable to create a user account. This is what I see in my browser console when I try:
register:1 [Intervention] Images loaded lazily and replaced with placeholders. Load events are deferred. See https://go.microsoft.com/fwlink/?linkid=2048113register%3A1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <input data-testid="password-input" type="password" placeholder="••••••••••••••" class="w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:border-primary duration-100 bg-base-100" value="tyq5ghp!QVH-mva1agc">register:1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <input data-testid="password-confirm-input" type="password" placeholder="••••••••••••••" class="w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:border-primary duration-100 bg-base-100" value="tyq5ghp!QVH-mva1agc">Errorapi/v1/users:1 Request unavailable in the network panel, try reloading the inspected page Failed to load resource: the server responded with a status of 400 () Failed to load resource: the server responded with a status of 400 ()
compose file:
services: postgres: image: postgres:16-alpine container_name: linkwarden_postgres env_file: .env restart: always volumes: - ./pgdata:/var/lib/postgresql/data networks: - linkwarden_net linkwarden: env_file: .env environment: - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@linkwarden_postgres:5432/postgres restart: always # build: . # uncomment this line to build from source image: ghcr.io/linkwarden/linkwarden:latest # comment this line to build from source container_name: linkwarden ports: - 3009:3000 volumes: - ./data:/data/data networks: - linkwarden_net depends_on: - postgresnetworks: linkwarden_net: driver: bridge
Relevant part of .env file:
NEXTAUTH_URL=https://bookmarks.laniecarmelo.tech/api/v1/authNEXTAUTH_SECRET=x8az9q9w8ofAxnrVcer2vsPHeMmKSPbf Manual installation database settings# Example: DATABASE_URL=postgresql://user:password@localhost:5432/linkwardenDATABASE_URL= Docker installation database settingsPOSTGRES_PASSWORD=redacted# Additional Optional SettingsPAGINATION_TAKE_COUNT=STORAGE_FOLDER=AUTOSCROLL_TIMEOUT=NEXT_PUBLIC_DISABLE_REGISTRATION=falseNEXT_PUBLIC_CREDENTIALS_ENABLED=true
Caddyfile snippet
*.laniecarmelo.tech { tls redacted { dns cloudflare redacted } header { Content-Security-Policy "default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' https: data:; frame-src 'self' https:; object-src 'none'" Referrer-Policy "strict-origin-when-cross-origin" Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" X-Content-Type-Options "nosniff" X-Xss-Protection "1; mode=block" } encode br gzip # Bookmarks @bookmarks host bookmarks.laniecarmelo.tech handle @bookmarks { reverse_proxy 127.0.0.1:3009 }}
Can anyone help? I have no idea how to fix this.
#SelfHosted #CaddyServer #Linux #Tech #Technology
@selfhost @selfhosted @selfhosting
I know this is just internal stuff and doesn’t matter much, but you NEVER want to post a *_SECRET env variable.
@nick Thanks. I thought I redacted all of that.
Just keepin an eye out for ya! At least you can rotate the secret, no big deal.
- You really don’t need to explicitly set all these misc headers. Caddy takes care of 99% of them by default regardless, and for the most part they’re really not doing much for you considering these are self-hosted services.
bris mostly inferior tozstd.
Your API endpoint doesn’t exist, so something isn’t configured correctly here;
❯ xhs https://bookmarks.laniecarmelo.tech/api/v1/auth HTTP/2.0 404 Not Found alt-svc: h3=":443"; ma=2592000 content-encoding: gzip content-security-policy: default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' https: data:; frame-src 'self' https:; object-src 'none' content-type: text/html; charset=utf-8 date: Sun, 09 Mar 2025 02:31:59 GMT etag: "55v7hh2i2t1fq" referrer-policy: strict-origin-when-cross-origin server: Caddy strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-powered-by: Next.js x-xss-protection: 1; mode=blockCheck the docker config and ensure that 2 webservers aren’t being spawned here. One for the front end
reverse_proxy 127.0.0.1:3009and an additional one for the API server on a different port.Works for me. I was able to create an account and log in.
Also, you should probably not be exposing this to the Internet.
@catloaf Once I create an account, I plan to turn off registrations. I wanted to be able to access it with an easy to remember domain rather than an IP address and port. That’s why I’m exposing it.
Well, check your web server access and error logs, and your app logs, and compare them to your own attempts, because I was successful in creating an account.
