1. Caddy version (caddy version
):
v2.0.0
2. How I run Caddy:
Default way after installing by official installation manual for Ubuntu:
a. System environment:
Ubuntu 18.04.4 (4.15.0-99-generic)
b. Command:
paste command here
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
Config is based on instructions I’ve found here
{
# email to use on Let's Encrypt
email [removed for privacy]
# Uncomment for debug
#acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
#debug
}
# Add gzip compression to requests
(webconf) {
encode gzip
}
# Add forward headers to requests
(theheaders) {
header_up X-Forwarded-Ssl on
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Port {server_port}
header_up X-Forwarded-Proto {scheme}
header_up X-Url-Scheme {scheme}
header_up X-Forwarded-Host {host}
}
build.joycraft-games.com {
reverse_proxy http://172.15.1.3:8080 {
import theheaders
}
import webconf
}
svn.joycraft-games.com {
reverse_proxy http://172.15.1.4 {
import theheaders
}
import webconf
}
doc.joycraft-games.com {
reverse_proxy http://172.15.1.8:80 {
import theheaders
}
import webconf
}
ftp.joycraft-games.com {
reverse_proxy http://172.15.1.5 {
import theheaders
}
import webconf
}
box.joycraft-games.com {
reverse_proxy http://172.15.1.2:80 {
import theheaders
header_down Strict-Transport-Security "max-age=15552000;"
header_down Referrer-Policy "strict-origin-when-cross-origin"
header_down X-XSS-Protection "1; mode=block"
header_down X-Content-Type-Options "nosniff"
header_down X-Frame-Options "SAMEORIGIN"
}
import webconf
}
3. The problem I’m having:
With config I’ve pasted above everything works great except I need some other functions for proxy and I have no idea how to make that because I’m a complete reverse-proxy noob.
So first problem is with IP address of connected user. I’m using bruteforce protection on my “box” domain (NextCloud, 172.15.1.2) and when someone failed to enter credentials for 3 times in a row everyone is blocked for 30 seconds because Box thinks what all users are on same IP (172.15.1.1) - where Caddy is. Is there a way to pass user’s IP instead of proxy IP to box?
I have header_up X-Real-IP {remote}
in confing which I think should do the job. But looks it does nothing or is used in wrong way.
My second one is that I have to open and additional port to build domain, so it have to listen to 80, 443 and, let’s say, 99995 at same time for build.joycraft-games.com and then redirect 80 and 443 to 172.15.1.3:8080 (as it is in current config) and also from build.joycraft-games.com:99995 to 172.15.1.3:99995. I’ve found this on reverse proxy quick start guide but even if it looks like that can help me I have to idea how to add that to my Caddyfile.
4. Error messages and/or full log output:
5. What I already tried:
Looking through community forums and official docs but it looks I’m not that good at that.