first : i know i shouldnt redact the URLs but this is about security for a password manager and dont want to call for hackers to try and attack it… i hope you guys understand.
Caddy Version?
v2.4.6
My Caddyfile config
fs01.example.com {
reverse_proxy /* {
to 192.168.168.248:443
transport http {
tls
tls_insecure_skip_verify
}
}
}
2a.how do i run Caddy?
i run Proxmox with a VM running Debian 11 runnning Caddy.
2b. Command used ?
service caddy restart
&
vi /etc/caddy/Caddyfile
The problem i need help with
I recently have setup a PSONO.PW server and experianced some issues uploading files to the fileserver(file upload in the webclient gets stuck at 75%)
Ive contacted the developer of PSONO and after troubleshooting, we found that it Caddy needs to add a header to the traffic, but he wasnt able to tell me how to do this in Caddy but gave me a hint how to on NGINX.
The error messages.
it is not really giving errors, the file upload just gets stuck at 75%.
inspecting the webclient network traffic does give me a
Content Security Policy: The page’s settings blocked the loading of a resource at https://fs01.example.com/fileserver/upload/ (“connect-src”). angular.js:13692:6
What i came up after lots of reading the Caddy Docs and Forum.
You’re using a / matcher here, which means “match only requests to exactly / and nothing else”. Path matching in Caddy is exact. So, remove the / here so that this applies to all requests.
Also, you should probably avoid newlines and spaces in your header value here, just put it all on one line. I’m not sure browsers will accept the value properly if it includes newlines.
You can remove the /* here, it’s redundant because all request paths start with a / anyways. See the request matcher docs for more details:
You can simplify it to this:
reverse_proxy https://192.168.168.248 {
transport http {
tls_insecure_skip_verify
}
}
what the developer told me exactly after troubleshooting was :
You need to modify the content security policy for pass.example.com and allow in your connect-src the connection to fs01.example.com.
so after reading that again i figured i might be doing this the wrong way around and so placed the header (restructured on your advice :D) in the pass.example.com part
Remove those { } braces. You should only use them if you’re writing a “block”, i.e. a multi-line block of config. Also, remove the ; semicolon, the Caddyfile format doesn’t use those.
tryed the line in both sections like in the pass.example.com (restart caddy) and in the fs01.example.com (restart caddy), hell i even tried putting the header line in both sections simultaniously(restart caddy)… yet no worky …
so maybe if i fill you in on whats happinging maybe you have a better picture ? iunno.
so i access the pass.example.com part and log in on a web iterface being a password manager, in there i have the option to upload a file and when i click upload it would upload it the a fileserver at fs01.example.com… i dont know maybe this helps explaining what im trying to achive here…