How to reverse proxy subdomain

tranducit95 · June 15, 2019, 1:57pm

Caddyfile

        api.domain.local:443 {
        root /var/www/project-api/public
        fastcgi / php-fpm:9000 php {
            index index.php
        }

    rewrite {
        to {path} {path}/ /index.php?{query}
    }

    gzip
    browse

    log /var/log/caddy/access.log
    errors /var/log/caddy/error.log

    tls self_signed

    #tls {
    #  dns cloudflare
    #}
}


admin.domain.local:443 {
    root /var/www/project-web/dist

    ext / .html
    rewrite / {
        to {path} /
    }

    gzip
    browse

    log /var/log/caddy/access.log
    errors /var/log/caddy/error.log

    proxy /api api.domain.local:443 {
        transparent
    }

    tls self_signed
}

want when the request to admin.domain.local/api/* => api.domain.local/api/* how can I do that?

Whitestrake · June 16, 2019, 11:34pm

Hi @tranducit95, welcome to the Caddy community.

You can either serve the same site to either domain:

api.domain.local:443, admin.domain.local:443 {
   # config here
}

Or you can redirect admin. visitors to api.:

admin.domain.local:443 {
  redir api.domain.local{uri}
}

tranducit95 · June 18, 2019, 9:30am

I do not understand

api.domain.local:443, admin.domain.local:443 {
   # config here
}

How to caddy understand the root directory of each domain (2 different projects, separate api and client)

admin.domain.local:443 {
  redir api.domain.local{uri}
}

If using redir I have to fix how to access https://admin.domain.local/api/* will redir to https://api.domain.local

note: Client: Reactjs, Backend: Laravel, env docker (laradock)

Whitestrake · June 18, 2019, 10:50am

You need to copy the site config into a separate section and change the root for the different website.

With {uri} on the end there, it preserves the /api/* when it redirects.

So a request to /api/foo/bar will be redirected to https://api.domain.local/api/foo/bar.

tranducit95 · June 18, 2019, 2:55pm

I do not understand how caddy works, but I need to fix this error quickly, can you help me in more detail?

I use redir api.domain.local{uri}, when I access admin.domain.local will redirect directly to api.domain.local this is incorrect, I revised theredir /api api.domain.local{uri}but it does not work, it does not seem to recognize the request containing /api, I tried using the if {path} test / api condition to redirect to https://api.domain.local{uri}, it navigated to api.domain.local, but api doesn’t receive this request, OPTIONS https://api.domain.local/api/auth/login net::ERR_CERT_AUTHORITY_INVALID, I’m quite confused about this, I’m still trying to fix it.

Whitestrake · June 18, 2019, 11:24pm

from is the request path to match (it must match exactly, except for / , which is a catch-all).

— https://caddyserver.com/docs/redir

So yeah, redir /api api.domain.local{uri} wouldn’t work if you want to be redirected from, for example, admin.domain.local/api/foo. Only the literal, exact path /api will be redirected.

If you tried something like:

redir {
  if {path} starts_with /api
  to api.domain.local{uri}
}

That should work.

As for…

Sounds like whatever program is trying to access it doesn’t trust the SSL certificate that the api.domain.local site is offering.

tranducit95 · June 19, 2019, 3:03am

redir {
    if {path} starts_with /api
    / https://api.domain.local{uri}
}

It worked, but now I have a problem with Access-Control-Allow-Origin,

Access to fetch at 'https://api.domain.local/api/auth/login' (redirected from 'https://admin.domain.local/api/auth/login') from origin 'https://admin.domain.local' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
My server has set Access-Control-Allow-Origin to accept all requests, but it doesn’t work, I think the problem is when using redirect.
What do I need to do to resolve this issue, can I use reverse proxy instead of redir?

Whitestrake · June 19, 2019, 3:24am

I don’t know what the client is, but the answer is in the error it’s produced for you:

Disable the CORS checking in your client, or add a CORS header to your site.

Using a reverse proxy might be feasible, but might probably also run into the CORS issue. You’re hosting both sites on the same Caddy instance, right? In which case, whether you reverse proxy or not is orthogonal to the CORS issue.

tranducit95 · June 19, 2019, 9:58am

Thank you,

if using this writing method:

api.domain.local:443, admin.domain.local:443 {
   # config here
}

#You need to copy the site config into a separate section and change the root for the different website.

Can you for example help me, I can’t find an example like this.

Whitestrake · June 19, 2019, 10:50am

admin.domain.local:443 {
  root /path/to/admin/root
  # config here
}

api.domain.local:443 {
  root /path/to/api/root
  # config here
}

system · September 17, 2019, 10:55am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.