Caching `forward_auth` responses

1. The problem I’m having:

I have this working Caddy config:

https://mysite {
  reverse_proxy backend-container:8000

  forward_auth * https://external-auth-service {
    uri /api/v2/auth
  }
}

Which works correctly. I now, however, want to cache the responses from the auth service so I’m not hammering it with requests. I’ve added cache-handler to Caddy, but can’t work out how to cache responses from the auth service without caching responses from backend-container. Is this possible?

2. Error messages and/or full log output:

N/A

3. Caddy version:

2.9.1

4. How I installed and ran Caddy:

Dockerfile:

FROM caddy:2.9.1-builder AS builder

RUN xcaddy build \
      --with github.com/caddyserver/cache-handler

FROM caddy:2.9.1-alpine

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

I’m deploying this with Kamal, which is simply doing a docker run.

I worked it out and this is working nicely, adding a separate reverse proxy for the auth which I can then add caching to


{
  cache {
    stale 10m
  }
}

https://mysite {
  reverse_proxy backend-container:8000

  forward_auth * https://auth.mysite {
    header_up Host {upstream_hostport}
    uri /api/v2/auth
  }
}

https://auth.mysite {
  cache
  reverse_proxy https://external-auth-service {
    header_up Host {upstream_hostport}
    header_down -cache-control # Remove as marks as private to prevent caching
  }
}
3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.