Combination of Labels and Wildcard for Reverse Proxy?

I’m looking to use something like the following to extract and proxy subdomains. Is this possible, or is there something similar?

*.example.com {
reverse_proxy http://{labels.2}.internal.example.com{uri}
}

Thanks!

Hi @rupertbg, welcome to the Caddy community!

Per the docs for the reverse_proxy directive, there’s a few issues with http://{labels.2}.internal.example.com{uri}, emphasis mine.

Additionally, upstream addresses cannot contain paths or query strings, as that would imply simultaneous rewriting the request while proxying, which behavior is not defined or supported. You may use the rewrite directive should you need this.

If the address is not a URL (i.e. does not have a scheme), then placeholders can be used, but this makes the upstream dynamically static, meaning that potentially many different backends act as a single, static upstream in terms of health checks and load balancing.

reverse_proxy (Caddyfile directive) — Caddy Documentation

2 Likes

Thanks heaps for that, I must have missed that when I was reading through.

I don’t entirely understand what it means by “dynamically static”. To me that sounds like an oxymoron.

I’m hoping to be able to load balance against n number of IPs that are registered to {label}.internal.example.com. Is this possible?

Also - if I am not including the scheme then is it using http or https for the backend connection?

As I understand it, this means that unlike a series of upstreams such as:

reverse_proxy example1.internal.example.com example2.internal.example.com example3.internal.example.com

Which can independently track health checks and failed requests and the like and load balance between the upstreams, {labels.2}.internal.example.com counts as a single upstream for the purposes of health checks and such, despite representing a possibly wide set of hosts. You can’t load balance between all the possible hosts of {labels.2}.

By default, HTTP.

You can tell it to use HTTPS without specifying the scheme in the upstream using the transport subdirective: https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#the-http-transport

Assuming the label is known in advance, and the DNS resolver returns the entire set of IPs you want to load balance between on that one FQDN, you can use the resolver to build your dynamic list of upstreams for this proxy: https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#aaaaa

(You can do this with A, AAAA, and SRV records.)

Assuming the label is not known in advance, load balancing is effectively impossible, as you won’t be able to configure true dynamic upstreams properly and your “false dynamic” (actually single variable upstream) won’t be load balanced.

2 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.