1. The problem I’m having:
I want to require authentication for only a part of reverse proxy url space.
nodered.foo.com/public/* -> without auth
nodered.foo.com -> with auth
(auth) {
forward_auth nforwardauth:9999 {
uri /
}
}
nodered.foo.com {
import auth
reverse_proxy http://nodered:1880
}
What I have tried is:
nodered.foo.com {
handle /public/* {
reverse_proxy http://nodered:1880
}
import auth
reverse_proxy http://nodered:1880
}
What I am unclear here is whether specifying the upstream twice is a bad idea.
And for some reason auth seems to required also for /public
curl -k -I https://nodered.foo.com/public/foo
HTTP/2 307
alt-svc: h3=":443"; ma=2592000
date: Thu, 02 May 2024 13:09:28 GMT
location: https://auth.foo.com/login?r=https://nodered.foo.com/public/foo
2. Error messages and/or full log output:
NA
3. Caddy version:
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
4. How I installed and ran Caddy:
NA
a. System environment:
Docker on x86
b. Command:
NA
c. Service/unit/compose file:
NA
d. My complete Caddy config:
NA
5. Links to relevant resources:
NA