Caddy reverse_proxy always returns 0 size

Raggaer · July 12, 2021, 2:14am

1. Caddy version (`caddy version`):

v2.4.3 h1:Y1FaV2N4WO3rBqxSYA8UZsZTQdN+PwcoOcAiZTM8C0I=

2. How I run Caddy:

On one server (AWS EC2) I am running a somple caddyfile (caddy run --config caddyfile --adapter caddyfile):

https://XXX.com {
        tls {
                dns cloudflare XXX
        }
        log {
                output stdout
        }
        reverse_proxy * http://10.0.1.1:8081
}

On 10.0.1.1 (Another server, connected with a VPN) I am running another very simple caddyfile (caddy run --config caddyfile --adapter caddyfile):

http://10.0.1.1:8081 {
        root * /home/hello
        file_server browse
        log {
                output stdout
        }
}

a. System environment:

Both are Ubuntu 20.04, one is a simple EC2 (under CF) server and another is a linux container on another server.

b. Command:

caddy run --config caddyfile --adapter caddyfile

d. My complete Caddyfile or JSON config:

https://XXX.com {
        tls {
                dns cloudflare XXX
        }
        log {
                output stdout
        }
        reverse_proxy * http://10.0.1.1:8081
}

http://10.0.1.1:8081 {
        root * /home/hello
        file_server browse
        log {
                output stdout
        }
}

3. The problem I’m having:

When connecting to my site, I always get an empty blank page, on the logs of both server I can see theat the request is arriving fine, however it fails to serve any content, for some reason…

This is what I can see on the stdout:

On the main HTTPS server that I connect to with my browser:

{
   "request":{
      "remote_addr":"141.101.68.11:25382",
      "proto":"HTTP/1.1",
      "method":"GET",
      "host":"XXXX",
      "uri":"/",
      "headers":{
         "Sec-Ch-Ua":[
            "\" Not;A Brand\";v=\"99\", \"Google Chrome\";v=\"91\", \"Chromium\";v=\"91\""
         ],
         "User-Agent":[
            "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
         ],
         "Sec-Fetch-Site":[
            "cross-site"
         ],
         "Sec-Fetch-Mode":[
            "navigate"
         ],
         "Cdn-Loop":[
            "cloudflare"
         ],
         "Accept-Encoding":[
            "gzip"
         ],
         "X-Forwarded-For":[
            "XXXX"
         ],
         "Connection":[
            "Keep-Alive"
         ],
         "Cf-Ray":[
            "66d6b4a0ea0b32b8-CDG"
         ],
         "Sec-Ch-Ua-Mobile":[
            "?0"
         ],
         "Cf-Visitor":[
            "{\"scheme\":\"https\"}"
         ],
         "Sec-Fetch-User":[
            "?1"
         ],
         "Upgrade-Insecure-Requests":[
            "1"
         ],
         "Accept":[
            "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
         ],
         "Sec-Fetch-Dest":[
            "document"
         ],
         "Accept-Language":[
            "es-ES,es;q=0.9,en;q=0.8,pt;q=0.7,gl;q=0.6,ca;q=0.5"
         ],
         "Cf-Connecting-Ip":[
            "XXXX"
         ],
         "Cf-Ipcountry":[
            "ES"
         ],
         "X-Forwarded-Proto":[
            "https"
         ],
         "Cache-Control":[
            "max-age=0"
         ]
      },
      "tls":{
         "resumed":false,
         "version":772,
         "cipher_suite":4865,
         "proto":"",
         "proto_mutual":true,
         "server_name":"XXX.com"
      }
   },
   "common_log":"141.101.68.11 - - [12/Jul/2021:02:05:16 +0000] \"GET / HTTP/1.1\" 200 0",
   "duration":0.026203309,
   "size":0,
   "status":200,
   "resp_headers":{
      "Date":[
         "Mon,
12 Jul 2021 02:05:16 GMT"
      ],
      "Content-Length":[
         "0"
      ],
      "Server":[
         "Caddy",
         "Caddy"
      ]
   }
}

As you can see I get HTTP OK but with size 0, on the logs from the server that serves the file I get the following:

{
   "request":{
      "remote_addr":"10.0.0.1:40168",
      "proto":"HTTP/1.1",
      "method":"GET",
      "host":"XXX",
      "uri":"/",
      "headers":{
         "Sec-Ch-Ua":[
            "\" Not;A Brand\";v=\"99\", \"Google Chrome\";v=\"91\", \"Chromium\";v=\"91\""
         ],
         "Sec-Ch-Ua-Mobile":[
            "?0"
         ],
         "Sec-Fetch-Dest":[
            "document"
         ],
         "Cache-Control":[
            "max-age=0"
         ],
         "Accept-Encoding":[
            "gzip"
         ],
         "Cf-Visitor":[
            "{\"scheme\":\"https\"}"
         ],
         "Sec-Fetch-Site":[
            "cross-site"
         ],
         "Sec-Fetch-User":[
            "?1"
         ],
         "X-Forwarded-Proto":[
            "https"
         ],
         "User-Agent":[
            "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36"
         ],
         "Cdn-Loop":[
            "cloudflare"
         ],
         "Cf-Connecting-Ip":[
            "XXX"
         ],
         "Cf-Ipcountry":[
            "ES"
         ],
         "Cf-Ray":[
            "66d6b9e01c18ee89-CDG"
         ],
         "Sec-Fetch-Mode":[
            "navigate"
         ],
         "Upgrade-Insecure-Requests":[
            "1"
         ],
         "X-Forwarded-For":[
            "XXX, 141.101.69.230"
         ],
         "Accept":[
            "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
         ],
         "Accept-Language":[
            "es-ES,es;q=0.9,en;q=0.8,pt;q=0.7,gl;q=0.6,ca;q=0.5"
         ]
      }
   },
   "common_log":"10.0.0.1 - - [12/Jul/2021:02:08:51 +0000] \"GET / HTTP/1.1\" 0 0",
   "duration":0.000007938,
   "size":0,
   "status":0,
   "resp_headers":{
      "Server":[
         "Caddy"
      ]
   }
}

For some reason the response is empty.

If I try to run curl -o - http://10.0.1.1:8081/index.html I get the contents of the file perfectly fine.

So the problem is when passing the reverse_proxy I assume.

5. What I already tried:

I tried navigating with the browser, using curl on another machine connected to the Internet, but nothing.

Doing curl from the main server to the reverse_proxy address works fine.

matt · July 12, 2021, 2:54am

The empty 200 response is probably because you don’t have a site defined for host XXXX, only XXX.com and 10.0.1.1:8081. Your request’s Host header should match one of the sites defined in the Caddyfile.

francislavoie · July 12, 2021, 4:32am

Caddy passes through the Host header from the original request by default.

You likely need to override the Host header with the header_up option to match one of the site addresses on your upstream server. You can make reverse_proxy inherit the upstream address as the Host header with this line:

header_up Host {http.reverse_proxy.upstream.hostport}

More simply though, you could change your upstream Caddy instance to remove the IP address from the site address; i.e. use this instead:

http://:8081 {
        root * /home/hello
        file_server browse
        log {
                output stdout
        }
}

This way, it won’t try to match on the Host header.

Raggaer · July 12, 2021, 2:33pm

Thank you both, that was clearly the issue, my bad!

system · August 11, 2021, 2:15am

This topic was automatically closed after 30 days. New replies are no longer allowed.