Caddy as reverse proxy, how to? (newb)


(Claudioita) #1

Hi!, I am trying to setup a proxy server in order to access (more) easily my services in my home network.

For example, when I am abroad I would like to type on a browser

https xxx.duckdns.org :8123 and go to my Home Assistant website 192 .168.1.12:8123
https xxx.duckdns.org :5050 and go to my Hadashboard website 192 .168.1.12:5050
https xxx.duckdns.org :8080 and go to my Qnap 192.168.1.21:8080

and other services.

Is this possible? If yes, how?


(Matthew Fay) #2

Hi @claudioita, welcome to the Caddy community. It absolutely is possible. Assuming you have:

  1. xxx.duckdns.org pointed at your public IP address
  2. Ports 80, 443, 8123, 5050, and 8080 forwarded to your Caddy host

You’ll want to use site labels exactly as you’ve typed - e.g. https://xxx.duckdns.org:8123. One site definition block for each port/proxy.

https://caddyserver.com/docs/caddyfile#structure

The proxy is pretty straightforward, too, just proxy everything to the back end as you’ve typed it, e.g. 192.168.1.12:8123.

https://caddyserver.com/docs/proxy

If you have any issues, let us know what your current Caddyfile is, and what you’ve already tried, and we can help you get it going.


(Claudioita) #3

Thats my caddyfile I would like to use (as new user in this forum I can’t put more then 4 links … wtf …?). Is the below ok (please note first adddress without port)?

   https://xxx.duckdns.org {      
    tls  /ssl/fullchain.pem /ssl/privkey.pem   {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.12:8123 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}

   https://xxx.duckdns.org:8080 {      
    tls /ssl/fullchain.pem /ssl/privkey.pem {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.21:8080 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}

   https://xxx.duckdns.org:5050 {      
    tls /ssl/fullchain.pem /ssl/privkey.pem {                            
        alpn http/1.1                                                    
    }                                                                    
    proxy / 192.168.1.12:5050 {                                            
        transparent                                                      
        websocket                                                        
    }                                                                    
    log stdout                                                         
    errors stderr                                                      
}

(Claudioita) #4

I see, before I forwarded only 80 and 443. One of the reason I wanted a proxy server is to not open too many ports … I guess I have no other choice …


(Paul Hodges) #5

Surely you could use the same port and subdirectories instead of messing around with more ports:

https://xxx.duckdns.org/site1
https://xxx.duckdns.org/site2
https://xxx.duckdns.org/site3

and proxy each of them based on that:

proxy /site1 192.168.1.12:8123 {
  without /site1
}
proxy /site2 192.168.1.12:5050 {
  without /site2
}
proxy /site3 192.168.1.21:8080 {
  without /site3
}

You may need to use the filter plugin to put the /site# back on any returned URLs.


(system) #6

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.