1. Caddy version (caddy version
):
On the reverse proxy:
v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
On the caddy web server
v2.1.1 h1:X9k1+ehZPYYrSqBvf/ocUgdLSRIuiNiMo7CvyGUQKeA=
2. How I run Caddy:
Caddy Reverse proxy in the cloud, and Caddy on the backend
a. System environment:
Debian 9
b. Command:
sudo systemctl start caddy
c. Service/unit/compose file:
N/A
d. My complete Caddyfile or JSON config:
Caddy Reverse Proxy: (floatboat.ninja)
floatboat.ninja
{
header {
# Set server header
Server "Apache"
# enable HSTS
Strict-Transport-Security "max-age=31536000"
# disable clients from sniffing the media type
X-Content-Type-Options nosniff
# clickjacking protection
X-Frame-Options DENY
# keep referrer data off of HTTP connections
Referrer-Policy no-referrer-when-downgrade
}
reverse_proxy vpc1029.mkz.com:5656 {
header_down X-Real-IP {http.request.remote}
}
log {
level DEBUG
output file /var/log/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
}
}
Caddy Webserver (vpc1029.mkz.com):
:5656 {
root * c:\users\caddy\documents\caddyroot
encode gzip
header {
-Server
-X-Content-Type-Options
}
file_server
log {
level DEBUG
output file c:\users\caddy\documents\access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 720h
}
}
handle_errors {
@404 {
expression {http.error.status_code} == 404
}
templates
respond @404 "404"
}
}
3. The problem I’m having:
I’m trying to get the real IP address of the connecting client from a reverse proxy so that I can return it in the respond of the handle_errors section on the caddy webserver. When I use {remote}, it’s returning the IP address of the proxy server, not the originating client (which is expected). I’ve looked for a way of passing over the IP address in the reverse proxy and while it works, I’m not sure if there’s a directive / template that I can then use that will allow me to specify the custom header and return it in the 404 directive. i.e.
handle_errors {
@404 {
expression {http.error.status_code} == 404
}
templates
respond @404 "{header.X-Real-IP}"
}
4. Error messages and/or full log output:
None
5. What I already tried:
I’ve tried to use {http.request.remote.host} {remote} but they both return the proxy ip address, not the client’s ip.
6. Links to relevant resources:
N/A