http://xxx.xxx.com {
proxy /api/callback api.local
log /var/log/caddy.log
gzip
}
xxx.xxx.com {
proxy / api.local
log /var/log/caddy.log
gzip
tls xxx@xxx.com
}
I’m having a bit of trouble understanding your title, exactly, but I think you mean that you want /api/callback
to be accessible over HTTP while everything else is HTTPS-only.
In the example you gave, I can see that a problem would occur where HTTP requests to your website would not be proxied upstream unless they began with /api/callback
, and would not be redirected to HTTPS.
Try something like this:
http://example.com/api/callback {
proxy / api.local
log /var/log/caddy.log
gzip
}
example.com {
proxy / api.local
log /var/log/caddy.log
gzip
tls example@example.com
}
Which should leave non-/api/callback
routes to be upgraded to HTTPS and all requests should be served normally via upstream API.
Yes, you are right. I’ll try and thank you. I give you feedback in the evening
404 Site xxx.xxx.com is not served on this interface, I used the configuration you gave, “api/callback” worked very well, But other routes can’t ok
Does xxx.xxx.com
match the domain name in the second site block?
When Caddy starts up, it prints a list of domain names it’s serving. Does xxx.xxx.com
appear there?
http://example.com/api/callback {
proxy / api.local
log /var/log/caddy.log
gzip
}
example.com {
proxy / api.local
log /var/log/caddy.log
gzip
tls example@example.com
}
other.com {
proxy / api.local
log /var/log/caddy.log
gzip
tls example@example.com
}
log
http://example.com/api/callback
2018-05-29T15:47:43.613708662Z 2018/05/29 15:47:43 http://example.com/api/callback
https://example.com/api/callback
2018-05-29T15:47:43.613770258Z 2018/05/29 15:47:43 https://example.com
http://other.com
2018-05-29T15:47:43.613708662Z 2018/05/29 15:47:43 http://other.com
https://other.com
2018-05-29T15:47:43.613770258Z 2018/05/29 15:47:43 https://other.com
This seems to be missing “http://example.com”
I think he may be in conflict with “http://example.com/api/callback”
Hmm, you might be right about some kind of conflict; it’s serving the HTTPS site but seems to have skipped the HTTP site (perhaps because it thinks you’ve defined it yourself, despite the HTTP block being only for /api/callback
).
Add this block to your Caddyfile:
http://example.com {
redir https://example.com{uri}
}
The longest matching site label wins, so all we’re doing here is re-implementing the HTTP->S upgrade redirection that seems to have been skipped for non-/api/callback
endpoints.
Or there will be some problems, “/api/callback” this route is forwarded to the “/” of api.local
Hmm, try proxy / api.local/api/callback
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.