Beginners issues for reverse_proxy

pootwaddle · August 29, 2023, 3:16pm

1. The problem I’m having:

I am trying to reverse proxy a golang server (http not https) hosted on a windows server in my local network. I need to translate from dns subdomain (dadjoke.pootwaddle.com) to a go server that serves at the location http://192.168.106.253:9999/dadjoke, and will also have static assets like css, favicon, etc.
Ultimately, I want Caddy to be the terminator for TLS, accept tls and provide certificates to the WAN portion of my setup, but use just http inside my LAN, unless I need to enable it for a site I am proxying.
That’s an ultimate wish, but if I need to change configurations around my go app, then so be it.

2. Error messages and/or full log output:

Error: adapting config using caddyfile: Caddyfile:11: unrecognized directive: auto_https

3. Caddy version:

v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=

4. How I installed and ran Caddy:

Installed using sudo apt install caddy, and also debian-keyring debian-archive-keyring apt-transport-https

a. System environment:

This is a virtual machine of ubuntu

PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy

b. Command:

used caddy start as root from within a folder with my Caddyfile, and
have been making incremental changes and testing as I go using

root@webbby:/home/bjarvis/caddy# caddy reload
2023/08/29 15:11:53.903 INFO    using adjacent Caddyfile
Error: adapting config using caddyfile: Caddyfile:11: unrecognized directive: auto_https
root@webbby:/home/bjarvis/caddy#

c. Service/unit/compose file:

d. My complete Caddy config:

{
        debug
}

thesingingscoutmaster.com, 192.168.106.141 {
        root * /var/www/singing
        file_server
}

dadjoke.pootwaddle.com {
        auto_https off
        reverse_proxy /dadjoke http://192.168.106.253:9999
        reverse_proxy /static http://192.168.106.253:9999
        file_server
}

5. Links to relevant resources:

This is a portion of my nginx configuration that seems to work “ok”

server {
   listen 443 ssl http2;

   server_name dadjoke.pootwaddle.com;
   access_log /var/log/nginx/dadjoke.pootwaddle.com.log custom;
   error_log /var/log/nginx/dadjoke.pootwaddle.com.err.log notice;

   include snippets/pootwaddle.com.cert.conf;
   include snippets/ssl-params.conf;

   location / {
        include snippets/proxy-params.conf;
        proxy_pass http://192.168.106.253:9999/dadjoke;
        }
   location /dadjoke {
        include snippets/proxy-params.conf;
        proxy_pass http://192.168.106.253:9999;
        }
   location /static {
        include snippets/proxy-params.conf;
        proxy_pass http://192.168.106.253:9999/static;
        }
}

francislavoie · August 29, 2023, 8:56pm

auto_https is a global option, not a directive. You can’t use it there (it would go next to debug, in the global options block)

Why are you trying to turn this off? What’s the goal exactly? Are you trying to serve dadjoke.pootwaddle.com from HTTP only? If so, prepend http:// to your site address.

This matches /dadjoke, i.e. it expects the path to be exactly /dadjoke on the incoming request and will only proxy if that path matches exactly.

Are you looking to rewrite the request path instead? Then you’re looking for handle_path as a replacement for nginx’s location, or use the rewrite directive to add a path prefix before proxying.

pootwaddle · August 29, 2023, 9:16pm

Hello, Francis -

Well, I want to have TLS / HTTPS from the internet to Caddy, but from Caddy to my backend server(s) have only HTTP. I believe that’s the way it is currently working in my nginx config.

I’ll look into handle_path and the rewrite directive.

Thank you for your response

francislavoie · August 29, 2023, 10:43pm

That’s the default. Remove auto_https off then. That’s for controlling whether Caddy sets up HTTPS for incoming connections.