Can Caddy do TLS termination for rsyncd?

bones_was_here · February 19, 2022, 8:25pm

1. Caddy version (`caddy version`): 2.4.6

2. How I run Caddy:

Debian packages linked at Install — Caddy Documentation

a. System environment:

Debian 11.2

b. Command:

sudo systemctl start caddy

c. Service/unit/compose file:

The one from the package

d. My complete Caddyfile or JSON config:

not relevant at this time…

3. The problem I’m having:

I want to implement TLS terminating reverse proxy for rsyncd but can’t find anything relevant in the documentation or forums. The reverse_proxy directive supports two transports, http and fastcgi, but this isn’t either of those.

The man page rsyncd.conf(5) describes how to do this with nginx under SSL/TLS Daemon Setup:

An example nginx proxy setup is as follows:

           stream {
              server {
                  listen 874 ssl;
                  listen [::]:874 ssl;

                  ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
                  ssl_certificate_key /etc/letsencrypt/example.com/privkey.pem;

                  proxy_pass localhost:873;
                  proxy_protocol on; # Requires "proxy protocol = true"
                  proxy_timeout 1m;
                  proxy_connect_timeout 5s;
              }
           }

Is this possible with Caddy? Is it worth filing a feature request (is this something the Caddy project would be interested in supporting)?

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

francislavoie · February 19, 2022, 9:22pm

Does rsyncd use TCP or HTTP? Caddy is an HTTP server.

If you want to proxy raw TCP, you can consider using caddy-l4:

system · March 21, 2022, 8:26pm

This topic was automatically closed after 30 days. New replies are no longer allowed.