1. The problem I’m having:
I am having some issues getting the Symfony toolbar (WebProfiler) to work when having my webserver behind a reverse proxy using Caddy (Caddy Docker Proxy). This is because the reverse proxy terminates the TLS so the phpserver behind it is actually serving it’s content in HTTP.
Now is there a solution, accoring to the Symfony docs, which is to set the HTTPS
and SERVER_PORT
variables and gives an example on how one should go about doing this using nginx, which is: using the “fastcgi_param” directive.
So now I was wondering if there is something similar in Caddy? I had found a related topic with a link to some code that seems to suggest Caddy determines those variables dynamically if I understood correctly, but it wasn’t really clear to me if you could still use those directives manually?
I did try to enter fastcgi_param but that just gave me a “unrecognized subdirective fastcgi_param,”.
2. Error messages and/or full log output:
Error: adapting config using caddyfile: parsing caddyfile tokens for 'reverse_proxy': unrecognized subdirective fastcgi_param, at Caddyfile.autosave:7
/config/caddy #
3. Caddy version:
/config/caddy # caddy version
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
4. How I installed and ran Caddy:
Docker container
a. System environment:
Caddy Docker Proxy running in Docker container on Raspberry Pi 4
b. Command:
docker compose up
c. Service/unit/compose file:
php:
container_name: app.local
build:
context: .
target: frankenphp_dev
volumes:
- ./:/app
- ./frankenphp/Caddyfile:/etc/caddy/Caddyfile:ro
- ./frankenphp/conf.d/app.dev.ini:/usr/local/etc/php/conf.d/app.dev.ini:ro
# If you develop on Mac or Windows you can remove the vendor/ directory
# from the bind-mount for better performance by enabling the next line:
#- /app/vendor
environment:
MERCURE_EXTRA_DIRECTIVES: demo
# See https://xdebug.org/docs/all_settings#mode
MERCURE_URL: ${CADDY_MERCURE_URL:-http://app.local/.well-known/mercure}
MERCURE_PUBLIC_URL: https://${SERVER_NAME:-localhost}/.well-known/mercure
XDEBUG_MODE: "${XDEBUG_MODE:-off}"
MAILER_DSN: smtp://mailhog:1025
TRUSTED_HOSTS: ''
extra_hosts:
# Ensure that host.docker.internal is correctly defined on Linux
- host.docker.internal:host-gateway
labels:
caddy.reverse_proxy: "{{upstreams 80}}"
caddy: api.localhost, app.local
caddy.reverse_proxy.header_down_1: +Access-Control-Allow-Origin "https://localhost"
#caddy.reverse_proxy.header_down_1: +Access-Control-Allow-Origin "*"
caddy.reverse_proxy.header_down_2: +Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
caddy.reverse_proxy.header_down_3: +Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
caddy.reverse_proxy.header_down_4: +Access-Control-Allow-Credentials "true"
d. My complete Caddy config:
Note that I manually added the fastcgi_param just to try it out, I had also tried several ways to add them with the Caddy Docker Proxy syntax, but the final test was using manually added directives.
api.localhost, app.local {
reverse_proxy 172.18.0.4:80 {
header_down +Access-Control-Allow-Credentials true
header_down +Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
header_down +Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
header_down +Access-Control-Allow-Origin https://localhost
fastcgi_param HTTPS "on"
fastcgi_param SERVER_PORT 443
}
}
mail.localhost {
reverse_proxy 172.18.0.2:8025
}
5. Links to relevant resources:
Symfony docs: How to Configure Symfony to Work behind a Load Balancer or a Reverse Proxy (Symfony Docs)
Thanks.