Log_append: Logging a Response Header Field in Caddy Reverse Proxy without Returning to Client

Help
1

1. The problem I’m having:

I can’t figure out how to log a header being sent by my upstream but not have that sent to the client. I found this question which is exactly what i need but the solution isn’t spelled out which is what i need. I’ve tried tons of variations to attempt to get this to work.

If i remove the header_down -X-MyApp-Route-Pattern line in the snippet i can see that where i expect in the resp_headers.

2. Error messages and/or full log output:

n/a

3. Caddy version:

v2.10.0 h1:fonubSaQKF1YANl8TXqGcn4IbIRUDdfAkpcsfI/vX5U=

4. How I installed and ran Caddy:

dnf install 'dnf-command(copr)'
dnf copr enable @caddy/caddy
dnf install caddy

a. System environment:

b. Command:

systemctl start caddy

c. Service/unit/compose file:

default

d. My complete Caddy config:

{
        debug
        on_demand_tls {
                ask http://localhost:5555/check
        }
        email support@domain.com
}

# reusable snippet
(headers_common) {
        header_up Host {host}
        header_up X-MyApp-INI {http.request.host.labels.2}.ini
        header_up X-Request-Id {http.request.uuid}
        header_down X-Request-Id {http.request.uuid}
        header_down -Set-Cookie
        header_down -X-MyApp-Route-Pattern
        header_down -X-MyApp-User-Unid
}

https:// {
        tls {
                on_demand
        }

        log {
                output file /var/log/caddy/access.json.log
                format json
        }

        # make Public requests consistent
        @public path_regexp publicPath ^/(C2/)*Public/(?P<stuff>.*)$
        rewrite @public /C2/Public/{http.regexp.publicPath.stuff}

        @logs path /logs/*
        reverse_proxy @logs 192.168.100.235 {
                import headers_common
                header_up Host admin.{http.request.host.labels.2}.domain.com
        }

        @socket path /api/socket.io*
        reverse_proxy @socket 192.168.100.102:12220 {
                header_up Upgrade {>Upgrade}
                header_up Connection "Upgrade"
                header_up X-Real-IP {remote_host}
                import headers_common
        }

        handle_path /api/* {
                reverse_proxy 192.168.100.235 {
                        import headers_common
                }
                log_append app_route_pattern {rp.header.X-MyApp-Route-Pattern}
        }

        @attachments path /attachments/*
        reverse_proxy @attachments 192.168.100.235 {
                import headers_common
        }

        reverse_proxy @public 192.168.100.235 {
                import headers_common
        }

        # Fallback to UI
        reverse_proxy 192.168.100.55 {
                import headers_common
        }
}

5. Links to relevant resources:

2

Figured out a slightly different solution with the help from discord!

handle /api/* {
        uri strip_prefix /api
        reverse_proxy 192.168.100.235 {
                import headers_common
                handle_response {
                        log_append app_route_pattern {rp.header.X-MyApp-Route-Pattern}
                        copy_response
                }
        }
}

This will add a new app_route_pattern key to the json log i can use.

3 Likes