1. The problem I’m having:
Hey
I would like to use the templates directive to “fill” out data in my HTML files that are served via the file_server
.
The data that should be used to fill out the template should come from a different end-point that is accessible via the reverse proxy and that utilizes header data, specifically X-Forwarded-For
.
The client IP can be trusted in my environment, and it is used in my application.
From what I understand, it should be possible to use the httpInclude template to run a request to the reverse proxy and insert the data into it.
This seems to work for “plain requests,” but I am having trouble with the headers.
I understand that the X-Forwarded-For
header is set when the request passes through the reverse proxy, which I can verify since the correct “data” is returned if I “directly” query the path that is handled by the reverse proxy.
But when the request passes through the file_server first and the reverse proxy is queried indirectly from the file_server the X-Forwarded-For
header is not set, or rather dropped.
I assume I am trying to solve the issues with the wrong approach and would appreciate any help
Maybe a bit more motivation: An alternative would be to have two end-points, where one contains the template rendering engine. This rendering end-point could sit behind the reverse-proxy, parse the X-Forwarded-For
header, and copy it with a different name to the HTTP request for the ‘backend’ end-point. But as my template requirements are very simple, I was thinking of trying to solve it directly with Caddy to skip over an additional round-trip to the rendering service.
If this sounds like a bad idea or and abuse of httpInclude, please let me know!
2. Error messages and/or full log output:
2023/09/12 22:08:57.660 INFO using adjacent Caddyfile
2023/09/12 22:08:57.663 INFO admin admin endpoint started {"address": "localhost:8999", "enforce_origin": false, "origins": ["//localhost:8999", "//[::1]:8999", "//127.0.0.1:8999"]}
2023/09/12 22:08:57.663 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0002e4580"}
2023/09/12 22:08:57.663 DEBUG http.auto_https adjusted config {"tls": {"automation":{"policies":[{}]}}, "http": {"servers":{"srv0":{"listen":[":8088"],"routes":[{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"vars","root":"web"},{"handler":"templates"}]},{"handle":[{"handler":"subroute","routes":[{"handle":[{"handler":"rewrite","strip_path_prefix":"/api"}]},{"handle":[{"handler":"reverse_proxy","upstreams":[{"dial":"localhost:3000"}]}]}]}],"match":[{"path":["/api/*"]}]},{"handle":[{"handler":"file_server","hide":["./Caddyfile"]}]}]}],"terminal":true}],"automatic_https":{"skip":["localhost"]},"logs":{"logger_names":{"localhost:8088":""}}}}}}
2023/09/12 22:08:57.663 DEBUG http starting server loop {"address": "[::]:8088", "tls": false, "http3": false}
2023/09/12 22:08:57.663 INFO http.log server running {"name": "srv0", "protocols": ["h1", "h2", "h3"]}
2023/09/12 22:08:57.663 INFO tls cleaning storage unit {"description": "FileStorage:/home/kai/.local/share/caddy"}
2023/09/12 22:08:57.663 INFO tls finished cleaning storage units
2023/09/12 22:08:57.663 INFO autosaved config (load with --resume flag){"file": "/home/kai/.config/caddy/autosave.json"}
2023/09/12 22:08:57.663 INFO serving initial configuration
2023/09/12 22:09:03.362 DEBUG http.handlers.file_server sanitized path join {"site_root": "web", "request_path": "/", "result": "web"}
2023/09/12 22:09:03.363 DEBUG http.handlers.file_server located index file {"filename": "web/index.html"}
2023/09/12 22:09:03.363 DEBUG http.handlers.file_server opening file {"filename": "web/index.html"}
2023/09/12 22:09:03.372 DEBUG http.handlers.rewrite rewrote request {"request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "", "headers": {"User-Agent": ["curl/8.2.1"], "Accept": ["*/*"], "Accept-Encoding": ["identity"], "Caddy-Templates-Include": ["1"]}}, "method": "GET", "uri": "/rpc/client"}
2023/09/12 22:09:03.372 DEBUG http.handlers.reverse_proxy selected upstream {"dial": "localhost:3000", "total_upstreams": 1}
2023/09/12 22:09:03.378 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:3000", "duration": 0.006815538, "request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "/rpc/client", "headers": {"User-Agent": ["curl/8.2.1"], "Accept": ["*/*"], "Accept-Encoding": ["identity"], "Caddy-Templates-Include": ["1"]}}, "headers": {"Content-Type": ["application/json; charset=utf-8"], "Date": ["Tue, 12 Sep 2023 22:09:03 GMT"], "Server": ["postgrest/11.2.0"], "Content-Range": ["0-0/*"]}, "status": 200}
2023/09/12 22:09:03.379 INFO http.log.access handled request {"request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "", "headers": {"User-Agent": ["curl/8.2.1"], "Accept": ["*/*"], "Accept-Encoding": ["identity"], "Caddy-Templates-Include": ["1"]}}, "bytes_read": 0, "user_id": "", "duration": 0.007106501, "size": 163, "status": 200, "resp_headers": {"Server": ["Caddy", "postgrest/11.2.0"], "Date": ["Tue, 12 Sep 2023 22:09:03 GMT"], "Content-Range": ["0-0/*"], "Content-Type": ["application/json; charset=utf-8"]}}
2023/09/12 22:09:03.379 DEBUG http.handlers.rewrite rewrote request {"request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "", "headers": {"Accept": ["*/*"], "Accept-Encoding": ["identity"], "Caddy-Templates-Include": ["1"], "User-Agent": ["curl/8.2.1"]}}, "method": "GET", "uri": "/rpc/sample"}
2023/09/12 22:09:03.379 DEBUG http.handlers.reverse_proxy selected upstream {"dial": "localhost:3000", "total_upstreams": 1}
2023/09/12 22:09:03.380 DEBUG http.handlers.reverse_proxy upstream roundtrip {"upstream": "localhost:3000", "duration": 0.001410221, "request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "/rpc/sample", "headers": {"Caddy-Templates-Include": ["1"], "User-Agent": ["curl/8.2.1"], "Accept": ["*/*"], "Accept-Encoding": ["identity"]}}, "headers": {"Date": ["Tue, 12 Sep 2023 22:09:03 GMT"], "Server": ["postgrest/11.2.0"], "Content-Range": ["0-0/*"], "Content-Type": ["application/json; charset=utf-8", "text/html; charset=utf-8"]}, "status": 200}
2023/09/12 22:09:03.380 INFO http.log.access handled request {"request": {"remote_ip": "", "remote_port": "", "client_ip": "", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "", "headers": {"Accept-Encoding": ["identity"], "Caddy-Templates-Include": ["1"], "User-Agent": ["curl/8.2.1"], "Accept": ["*/*"]}}, "bytes_read": 0, "user_id": "", "duration": 0.001540195, "size": 280, "status": 200, "resp_headers": {"Server": ["Caddy", "postgrest/11.2.0"], "Date": ["Tue, 12 Sep 2023 22:09:03 GMT"], "Content-Range": ["0-0/*"], "Content-Type": ["application/json; charset=utf-8", "text/html; charset=utf-8"]}}
2023/09/12 22:09:03.381 INFO http.log.access handled request {"request": {"remote_ip": "::1", "remote_port": "44822", "client_ip": "::1", "proto": "HTTP/1.1", "method": "GET", "host": "localhost:8088", "uri": "/", "headers": {"User-Agent": ["curl/8.2.1"], "Accept": ["*/*"]}}, "bytes_read": 0, "user_id": "", "duration": 0.018479596, "size": 1288, "status": 200, "resp_headers": {"Server": ["Caddy"], "Content-Type": ["text/html; charset=utf-8"], "Content-Length": ["1288"]}}
3. Caddy version:
2.7.4
4. How I installed and ran Caddy:
a. System environment:
NixOS (unstable branch)
b. Command:
caddy run
c. Service/unit/compose file:
d. My complete Caddy config:
{
debug
}
http://localhost:8088 {
log
root * web
handle_path /api/* {
reverse_proxy localhost:3000
}
templates
file_server
}