1. The problem I’m having:
Given a network constraint, I need to use git through a proxy.
The proxy is Caddy and the team allowed to configure it for me, I gave a configuration to use, but it seems it’s not working, looks like the communication can’t get back to the client.
2. Error messages and/or full log output:
Seems no error are shown on the caddy side. I did add the debug option but there is no line involving the endpoint of interest.
3. Caddy version:
lucaslorentz/caddy-docker-proxy:2.8.10
4. How I installed and ran Caddy:
/
a. System environment:
Docker
b. Command:
/
c. Service/unit/compose file:
/
d. My complete Caddy config:
Relevant part I provided under handle_path /github/*
api.<redacted>.it {
handle_path /github/* {
reverse_proxy https://github.com {
header_up Host {upstream_hostport} <-- seemed relevant to allow Github to recognize the original request
}
}
reverse_proxy <redacted>:3001
}
5. Links to relevant resources:
git has been configured to use the proxy by issuing the commands below in the repo:
git config http.proxy <redacted>:80/github
, same for https 443.
I had to specify the ports otherwise git attempted a connection to port 1080 (socks?)
which results to the block in .git\config
[http]
proxy = http://api.<redacted>.it:80/github/
[https]
proxy = https://api.<redacted>.it:443/github/
GIT LOGS
C:\Users\federicod\Downloads\test-proxy>set GIT_CURL_VERBOSE=1
C:\Users\federicod\Downloads\test-proxy>git fetch
22:11:16.915353 http.c:937 == Info: Host <redacted>:80 was resolved.
22:11:16.916341 http.c:937 == Info: IPv6: (none)
22:11:16.917355 http.c:937 == Info: IPv4: <redacted>
22:11:16.919855 http.c:937 == Info: Trying <redacted>:80...
22:11:16.931407 http.c:937 == Info: CONNECT tunnel: HTTP/1.1 negotiated
22:11:16.931407 http.c:937 == Info: allocate connect buffer
22:11:16.931407 http.c:937 == Info: Establish HTTP proxy tunnel to github.com:443
22:11:16.932378 http.c:884 => Send header, 0000000121 bytes (0x00000079)
22:11:16.933405 http.c:896 => Send header: CONNECT github.com:443 HTTP/1.1
22:11:16.933405 http.c:896 => Send header: Host: github.com:443
22:11:16.934384 http.c:896 => Send header: User-Agent: git/2.46.1.windows.1
22:11:16.934384 http.c:896 => Send header: Proxy-Connection: Keep-Alive
22:11:16.934384 http.c:896 => Send header:
22:11:16.942400 http.c:884 <= Recv header, 0000000033 bytes (0x00000021)
22:11:16.943379 http.c:896 <= Recv header: HTTP/1.1 308 Permanent Redirect
22:11:16.943379 http.c:884 <= Recv header, 0000000019 bytes (0x00000013)
22:11:16.945772 http.c:896 <= Recv header: Connection: close
22:11:16.946815 http.c:884 <= Recv header, 0000000031 bytes (0x0000001f)
22:11:16.947791 http.c:896 <= Recv header: Location: https://github.com/
22:11:16.947791 http.c:884 <= Recv header, 0000000015 bytes (0x0000000f)
22:11:16.948813 http.c:896 <= Recv header: Server: Caddy
22:11:16.948813 http.c:884 <= Recv header, 0000000037 bytes (0x00000025)
22:11:16.948813 http.c:896 <= Recv header: Date: Wed, 23 Oct 2024 20:11:16 GMT
22:11:16.949798 http.c:884 <= Recv header, 0000000019 bytes (0x00000013)
22:11:16.949798 http.c:896 <= Recv header: Content-Length: 0
22:11:16.949798 http.c:884 <= Recv header, 0000000002 bytes (0x00000002)
22:11:16.950796 http.c:896 <= Recv header:
22:11:16.950796 http.c:937 == Info: CONNECT tunnel failed, response 308
22:11:16.950796 http.c:937 == Info: closing connection #0
fatal: unable to access 'https://github.com/maxiride/upptime.git/': CONNECT tunnel failed, response 308
C:\Users\federicod\Downloads\test-proxy>
From my understanding, git did attempt the connection through the proxy, successfully resolved the address and subsequent connection to github but couldn’t complete the round trip I guess.
The 308 error code made me think I provided a wrong configuration, I also did try to reverse proxy to http://github.com with the same results.