Caddy equivalent of nginx's proxy_pass_header


I’m trying to serve Transmission BT client behind caddy as a proxy. I’m getting a http 409 error because a security header isn’t passed. It shows me the following error:

Your request had an invalid session-id header.

To fix this, follow these steps:

When reading a response, get its X-Transmission-Session-Id header and remember it
Add the updated header to your outgoing requests
When you get this 409 error message, resend your request with the updated header

In nginx one can pass headers with proxy_pass_header. I’ve read the caddy docs but i’m unable to get this working in my config. When I add the following line to my proxy settings caddy won’t start anymore:

header_upstream X-Transmission-Session-Id

Anyone knows what the correct syntax is or how to do this? Thanks in advance!

Hi @Bechrissed,

Looking over the docs regarding header_upstream:

header_upstream sets headers to be passed to the backend. The field name is name and the value is value. This option can be specified multiple times for multiple headers, and dynamic values can also be inserted using request placeholders.

You need to use the format header_upstream [name] [value].

You can take [value] dynamically from an existing header given by the client, using the request placeholders linked above. A request header placeholder looks like {>X-Transmission-Session-Id}.

Your result should look like:

header_upstream X-Transmission-Session-Id {>X-Transmission-Session-Id}

1 Like

Huh. Shouldn’t the header be proxied by default? (You’re right though, in your answer.)

Uhh, yeah, actually. That’s odd. Otherwise stuff like basic auth behind my reverse proxy would fail, and it’s still working fine as far as I can tell…

This is worth a quick look if anyone has a chance!

Okay, a couple of things:

First of all, thanks for helping everybody :slight_smile:

@matt you are right, the header is proxied by default. So the problem must be something else.

@Whitestrake header_upstream X-Transmission-Session-Id {>X-Transmission-Session-Id} this was indeed the syntax I was looking for. But as mentioned by Matt, the header was passed by default so there shouldn’t be any need to manually configure it.

I have tried setting the header specifically both upstream and downstream, and without adding anything specific line. The same error message is still there. I understand it’s not an error on the Caddy side so I’ll keep searching if i can find a working caddy or nginx config.

1 Like

Would you mind elaborating a bit on the environment you run Caddy and Transmission in?

I’m running both Caddy and Transmission on Ubuntu server 16.04.

Caddy is on version 0.10.4 and Transmission is on version transmission-daemon 2.92 (14714)

This is my caddy.conf file:

} {
    root /home/chris/web/

    log /home/chris/web/log/ {
        rotate_size 100  # Rotate after 100 MB
        rotate_age  14   # Keep log files for 14 days
        rotate_keep 10   # keep maximum of 10 lof files

# not working yet
    proxy /tvheadend localhost:9981 {

# not working yet
    proxy /transmission localhost:9091/transmission/web/ {
        #header_upstream X-Transmission-Session-Id {>X-Transmission-Session-Id}

    errors /home/chris/web/log/



I start caddy using systemd service, and transmission with init.d sctipt but both are under the same user. This is my start line for caddy:

ExecStart=/usr/local/bin/caddy -quic -log stdout -agree=true -conf=/home/chris/web/conf/caddy.conf

When I search for transmission behin nginx, the first results in Google are some gists whith different nginx configs, most of them are more about enabling ssl in the proxy and the path is just server:port

Okay, i’ve found the solution and it’s stupid :smiley:

I was opening the wrong url, when transmission isn’t behind a proxy it redirects to /transmission/web/ i’ve now found out this doesn’t work when behind the proxy and results in the 409 error. When visiting the full url, the web interface is working.

Again thanks for the help!


This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.