1. The problem I’m having:
I have am reverse proxying to Audiobookshelf. Audiobookshelf has OIDC support, which I had working before I installed Caddy reverse proxy. Now that reverse proxy is enabled, Audiobookshelf oauth is broken. I get redirect_uri_mismatch
from Google SSO because Google cloud is expecting https, but Audiobookshelf is sending http, I guess something to do with the reverse-proxy. In my browser it appears that I am on SSL https as I’m logging in, but then Google cloud gets an http redirect uri.
2. Error messages and/or full log output:
Google: redirect_uri_mismatch
3. Caddy version:
v2.7.6
4. How I installed and ran Caddy:
a. System environment:
Bare metal, raspberry pi 4, arm64 binary with Cloudflare DNS module
Services (incl. ABS) running in Docker
Cloudflare tunnel (CGNAT ISP)
- Cloudflare manages DNS, directs domain to the tunnel address
b. Command:
./caddy run
c. Service/unit/compose file:
d. My complete Caddy config:
{
acme_dns cloudflare ABCDEF
}
http://sevenlayercookie.xyz {
reverse_proxy http://localhost:3000
encode zstd gzip
}
localhost {
reverse_proxy :3000
encode zstd gzip
}
192.168.4.73 {
reverse_proxy :3000
encode zstd gzip
}
http://abs.sevenlayercookie.xyz {
#abs.sevenlayercookie.xyz {
encode zstd gzip
reverse_proxy http://localhost:13378 {
# reverse_proxy localhost:13378 {
header_up X-Forwarded-Proto {scheme}
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
}
}