1. Output of caddy version
:
2. How I run Caddy:
v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=
a. System environment:
Ubuntu 20.04.4 LTS, sh script
b. Command:
/usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile --adapter caddyfile
c. Service/unit/compose file:
#!/bin/bash
/usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile --adapter caddyfile
d. My complete Caddy config:
{
order request_id before header
http_port 8080
https_port 8443
auto_https off
log stdout
grace_period 10s
}
http://portal.user.local {
log
request_id
header * X-Request-Id "{http.request_id}"
# list of whitelisted ips.
# Does not seems to carry over to handle*
@blocked not remote_ip forwarded 127.0.0.1
respond @blocked "Access Denied." 403
root * /home/user/public
handle_path /assets/* {
root * /home/user/assets
file_server
}
handle_path /static/* {
root * /home/user/static
file_server
}
php_fastcgi backend_php:9000 {
trusted_proxies private_ranges
env SCRIPT_FILENAME /app/public/index.php
env X_REQUEST_ID "{http.request_id}"
@is_files header X-Accel-Redirect /_files/*
@is_assets header X-Accel-Redirect /_assets/*
handle_response @is_files {
rewrite {http.reverse_proxy.header.X-Accel-Redirect}
root * /home/user/private/storage
uri strip_prefix "/_files"
file_server
}
handle_response @is_assets {
rewrite {http.reverse_proxy.header.X-Accel-Redirect}
root * /home/user/private/assets
uri strip_prefix "/_assets"
file_server
}
}
file_server
}
3. The problem I’m having:
I have this full nginx config and im trying to convert to caddy. However, i hit a dead end i cannot grasp how to handle specific section of the config the full config as the following
server {
root /home/user/public;
server_name portal.user.local;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico {
access_log off;
log_not_found off;
return 204;
}
location /_files/ {
internal;
expires 30d;
alias /home/user/private/storage/;
}
location /_assets/ {
internal;
expires 30d;
alias /home/user/private/assets/;
}
location /assets/ {
alias /home/user/assets/;
try_files $uri =404;
}
location /static/ {
alias /home/user/static/;
try_files $uri =404;
}
location ~ ^/_hosted_files/(.*?)/(.*?)/(.*) {
# Only allow internal redirects
internal;
# Extract the remote URL parts
set $download_scheme $1;
set $download_host $2;
set $download_path $3;
# Construct the remote URL
set $download_url $download_scheme://$download_host/$download_path;
# Headers for the remote server, unset Authorization and Cookie for security reasons.
resolver 127.0.0.53 ipv6=off;
proxy_ssl_server_name on;
proxy_pass_request_headers on;
proxy_set_header Host $download_host;
proxy_set_header Authorization '';
proxy_set_header Cookie '';
proxy_set_header X-Apikey 'app_api_key';
# Headers for the response, by using $upstream_http_... here we can inject
# other headers from Django, proxy_hide_header ensures the header from the
# remote server isn't passed through.
proxy_hide_header Content-Disposition;
add_header Content-Disposition $upstream_http_content_disposition;
# Stops the local disk from being written to (just forwards data through)
proxy_max_temp_file_size 0;
# For performance
proxy_buffering off;
# Proxy the remote file through to the client
proxy_pass $download_url$is_args$args;
}
location ~ ^/esevent/(.*?)/ {
# Protect url
satisfy any;
# removed ips.
allow 127.0.0.1;
deny all;
#End
set $event_name $1;
set $event_host 'es_main.portal.user.local';
if ($event_name = "backup") {
set $event_host 'es_backup.portal.user.local';
}
resolver 127.0.0.53 ipv6=off;
proxy_ssl_server_name on;
proxy_pass_request_headers on;
proxy_buffering off;
proxy_cache off;
proxy_set_header Host $event_host;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_set_header X-Apikey 'app_api_key';
proxy_pass https://$event_host/logs/stream/$is_args$args;
}
location ~* (index|test)\.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass backend_php:9000;
}
}
i managed to convert the majority of the config. however this part
server {
location ~ ^/_hosted_files/(.*?)/(.*?)/(.*) {
# Only allow internal redirects
internal;
# Extract the remote URL parts
set $download_scheme $1;
set $download_host $2;
set $download_path $3;
# Construct the remote URL
set $download_url $download_scheme://$download_host/$download_path;
# Headers for the remote server, unset Authorization and Cookie for security reasons.
resolver 127.0.0.53 ipv6=off;
proxy_ssl_server_name on;
proxy_pass_request_headers on;
proxy_set_header Host $download_host;
proxy_set_header Authorization '';
proxy_set_header Cookie '';
proxy_set_header X-Apikey 'app_api_key';
# Headers for the response, by using $upstream_http_... here we can inject
# other headers from Django, proxy_hide_header ensures the header from the
# remote server isn't passed through.
proxy_hide_header Content-Disposition;
add_header Content-Disposition $upstream_http_content_disposition;
# Stops the local disk from being written to (just forwards data through)
proxy_max_temp_file_size 0;
# For performance
proxy_buffering off;
# Proxy the remote file through to the client
proxy_pass $download_url$is_args$args;
}
location ~ ^/esevent/(.*?)/ {
# Protect url
satisfy any;
# removed ips.
allow 127.0.0.1;
deny all;
#End
set $event_name $1;
set $event_host 'es_main.portal.user.local';
if ($event_name = "backup") {
set $event_host 'es_backup.portal.user.local';
}
resolver 127.0.0.53 ipv6=off;
proxy_ssl_server_name on;
proxy_pass_request_headers on;
proxy_buffering off;
proxy_cache off;
proxy_set_header Host $event_host;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_set_header X-Apikey 'app_api_key';
proxy_pass https://$event_host/logs/stream/$is_args$args;
}
}
is hard for me to translate to caddy syntax, im not sure if it even possible
4. Error messages and/or full log output:
No error messages.
5. What I already tried:
I am out of my depth trying to convert the config to caddy, i managed to convert what i could. However going deep and running circles in docs for the last 3 hours and i couldn’t see how i can convert this. either i am blind or the docs does not have examples to convert this kind of config.
If anyone has an idea on how to redo this part in caddy i’ll be grateful, i already moved 28 sites over to caddy only two that has the same problem left.