1. Caddy version (caddy version
):
v2.20-rc1
2. How I run Caddy:
As a service on an EC2 instance.
a. System environment:
Amazon Linux running on a t2.small EC2 instance
b. Command:
caddy start
c. Service/unit/compose file:
d. My complete Caddyfile or JSON config:
proxy-01.hrpartner.company {
respond "Caddy Proxy Up!"
}
hr.mybookshoponline.com {
reverse_proxy https://bookshop.hrpartner.company {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Proto {scheme}
header_up Access-Control-Allow-Origin *
header_up Access-Control-Allow-Credentials true
header_up Access-Control-Allow-Headers Cache-Control,Content-Type
transport http {
read_buffer 8192
}
}
}
myhr.villageone.biz {
reverse_proxy https://villageone.hrpartner.company {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Proto {scheme}
header_up Access-Control-Allow-Origin *
header_up Access-Control-Allow-Credentials true
header_up Access-Control-Allow-Headers Cache-Control,Content-Type
transport http {
read_buffer 8192
}
}
}
3. The problem I’m having:
I am trying to set up Caddy as a reverse proxy to enable several customers to use their own CNAMEs for our SaaS app (which uses a separate (subdomain).hrpartner.company for each customer).
The headers need to be configured as my Caddyfile above, in order for the authentication cookies to work properly.
So far it is working well, however I can see the Caddyfile getting quite verbose with lots of similar header directives for each customer site (we could have over 1000 sites that we wish to act as a reverse proxy for).
I was wondering if there was another way to format the Caddyfile to specify common header parameters that would apply to ALL reverse proxy redirects (see my suggestion in 5 below)?
4. Error messages and/or full log output:
5. What I already tried:
I was wondering if a Caddyfile layout similar to the following would be possible? I already tried something similar, but caddy would not start, giving an error (invalid ‘header_up’ on line 6, so I assume it is invalid and we need to do it differently?
proxy-01.hrpartner.company {
respond "Caddy Proxy Up!"
}
reverse_proxy * {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Proto {scheme}
header_up Access-Control-Allow-Origin *
header_up Access-Control-Allow-Credentials true
header_up Access-Control-Allow-Headers Cache-Control,Content-Type
transport http {
read_buffer 8192
}
from hr.mybookshoponline.com {
to https://bookshop.hrpartner.company
}
from myhr.villageone.biz {
to https://villageone.hrpartner.company
}
..etc..
}