Problems migrating working reverse_proxy to V2 between Caddy and Cockpit

joelvazquez · November 12, 2020, 5:19pm

1. Caddy version (`caddy version`):

Caddy Version: v2.2.1

2. How I run Caddy:

Docker Container

a. System environment:

Ubuntu 20.04.1 LTS
Kernel Version 5.4.0-52-generic
Docker Version: 19.03.12

b. Command:

Command called inside the container

caddy run --config /etc/caddy/Caddyfile --adapter caddyfile

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

www.we0dx.us {

  root we0dx.us
  file_server
  tls xxemailxx@xaddressx.xxx

  log {
        output stderr
        format console
        level info
  }
#Cockpit
   redir /cabina /cabina/
   handle_path /cabina/* {
        rewrite / /cabina/
        reverse_proxy 192.168.1.121:9090 {
                header_up X-Forwarded-Proto {scheme}
                header_up Host {host}
                transport http {
                        tls
                        tls_insecure_skip_verify
                }

        }
   }
}
##End of New configuration

##OLD WORKING CONFIG FROM V1:
www.we0dx.us {
  root we0dx.us
  
  proxy /cabina/        192.168.1.121:9090 {    #cockpit
                insecure_skip_verify
                transparent
                websocket
        }

}

3. The problem I’m having:

I run Caddy in a docker, and cockpit at the host level. Im trying to make Caddy reverse_proxy to Cockpit like it used to work on version 1. I still have the old docker created, and if I stop the v2 docker and start the v1, Cockpit works. But so far I havent figure our how to make caddy version 2 play nice with Cockpit. I can reach cockpit from local network with https://192.168.1.121:9090/cabina/

4. Error messages and/or full log output:

on the page, it just show the login side, but with Not Found instead of the login form.

2020-11-12T17:10:39.848559184Z 1.6052010398483164e+09	info	http.log.access.log0	handled request	{"request": {"remote_addr": "192.168.1.201:60762", "proto": "HTTP/2.0", "method": "GET", "host": "www.we0dx.us", "uri": "/cabina/", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Cookie": ["zmEventRate=50; session=eyJ2aWV3Ijp7fX0.X6wwUA.lnI_bR8tbcOEvOyg2dPDTmU9ADU; cockpit=deleted; PHPSESSID=ffbfms7hnn3j6l8899qjp3un21"], "Upgrade-Insecure-Requests": ["1"], "Cache-Control": ["max-age=0"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:82.0) Gecko/20100101 Firefox/82.0"], "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"], "Te": ["trailers"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "www.we0dx.us"}}, "common_log": "192.168.1.201 - - [12/Nov/2020:17:10:39 +0000] \"GET /cabina/ HTTP/2.0\" 200 43270", "duration": 0.091544382, "size": 43270, "status": 200, "resp_headers": {"Server": ["Caddy"], "Content-Security-Policy": ["connect-src 'self' https://www.we0dx.us wss://www.we0dx.us; form-action 'self' https://www.we0dx.us; base-uri 'self' https://www.we0dx.us; object-src 'none'; font-src 'self' https://www.we0dx.us data:; img-src 'self' https://www.we0dx.us data:; block-all-mixed-content; default-src 'self' https://www.we0dx.us 'unsafe-inline'"], "Set-Cookie": ["cockpit=deleted; PATH=/; Secure; HttpOnly"], "Cache-Control": ["no-cache, no-store"], "X-Dns-Prefetch-Control": ["off"], "Referrer-Policy": ["no-referrer"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["text/html"]}}


2020-11-12T17:10:39.884511782Z 1.6052010398842716e+09	error	http.log.access.log0	handled request	{"request": {"remote_addr": "192.168.1.201:60762", "proto": "HTTP/2.0", "method": "GET", "host": "www.we0dx.us", "uri": "/cabina/cockpit/static/branding.css", "headers": {"Dnt": ["1"], "Cookie": ["zmEventRate=50; session=eyJ2aWV3Ijp7fX0.X6wwUA.lnI_bR8tbcOEvOyg2dPDTmU9ADU; cockpit=deleted; PHPSESSID=ffbfms7hnn3j6l8899qjp3un21"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:82.0) Gecko/20100101 Firefox/82.0"], "Accept": ["text/css,*/*;q=0.1"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "www.we0dx.us"}}, "common_log": "192.168.1.201 - - [12/Nov/2020:17:10:39 +0000] \"GET /cabina/cockpit/static/branding.css HTTP/2.0\" 404 3428", "duration": 0.001299958, "size": 3428, "status": 404, "resp_headers": {"X-Dns-Prefetch-Control": ["off"], "Referrer-Policy": ["no-referrer"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["text/html; charset=utf8"], "Server": ["Caddy"]}}


2020-11-12T17:10:40.008804649Z 1.6052010400084364e+09	error	http.log.access.log0	handled request	{"request": {"remote_addr": "192.168.1.201:60762", "proto": "HTTP/2.0", "method": "GET", "host": "www.we0dx.us", "uri": "/cabina/cockpit/static/fonts/RedHatText-Regular.woff2", "headers": {"Cookie": ["zmEventRate=50; session=eyJ2aWV3Ijp7fX0.X6wwUA.lnI_bR8tbcOEvOyg2dPDTmU9ADU; cockpit=deleted; PHPSESSID=ffbfms7hnn3j6l8899qjp3un21"], "Cache-Control": ["max-age=0"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:82.0) Gecko/20100101 Firefox/82.0"], "Accept": ["application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["identity"], "Dnt": ["1"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "www.we0dx.us"}}, "common_log": "192.168.1.201 - - [12/Nov/2020:17:10:40 +0000] \"GET /cabina/cockpit/static/fonts/RedHatText-Regular.woff2 HTTP/2.0\" 404 3428", "duration": 0.001322992, "size": 3428, "status": 404, "resp_headers": {"Server": ["Caddy"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["text/html; charset=utf8"], "X-Dns-Prefetch-Control": ["off"], "Referrer-Policy": ["no-referrer"]}}


2020-11-12T17:10:40.009525254Z 1.6052010400093007e+09	error	http.log.access.log0	handled request	{"request": {"remote_addr": "192.168.1.201:60762", "proto": "HTTP/2.0", "method": "GET", "host": "www.we0dx.us", "uri": "/cabina/cockpit/static/fonts/RedHatText-Medium.woff2", "headers": {"Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["identity"], "Dnt": ["1"], "Cookie": ["zmEventRate=50; session=eyJ2aWV3Ijp7fX0.X6wwUA.lnI_bR8tbcOEvOyg2dPDTmU9ADU; cockpit=deleted; PHPSESSID=ffbfms7hnn3j6l8899qjp3un21"], "Cache-Control": ["max-age=0"], "Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:82.0) Gecko/20100101 Firefox/82.0"], "Accept": ["application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "www.we0dx.us"}}, "common_log": "192.168.1.201 - - [12/Nov/2020:17:10:40 +0000] \"GET /cabina/cockpit/static/fonts/RedHatText-Medium.woff2 HTTP/2.0\" 404 3428", "duration": 0.002065749, "size": 3428, "status": 404, "resp_headers": {"Server": ["Caddy"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["text/html; charset=utf8"], "X-Dns-Prefetch-Control": ["off"], "Referrer-Policy": ["no-referrer"]}}


2020-11-12T17:10:40.166425946Z 1.6052010401662357e+09	error	http.log.access.log0	handled request	{"request": {"remote_addr": "192.168.1.201:60762", "proto": "HTTP/2.0", "method": "GET", "host": "www.we0dx.us", "uri": "/cabina/cockpit/login", "headers": {"Te": ["trailers"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:82.0) Gecko/20100101 Firefox/82.0"], "Accept": ["*/*"], "Accept-Language": ["en-US,en;q=0.5"], "Accept-Encoding": ["gzip, deflate, br"], "Dnt": ["1"], "Cookie": ["zmEventRate=50; session=eyJ2aWV3Ijp7fX0.X6wwUA.lnI_bR8tbcOEvOyg2dPDTmU9ADU; cockpit=deleted; PHPSESSID=ffbfms7hnn3j6l8899qjp3un21"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "proto_mutual": true, "server_name": "www.we0dx.us"}}, "common_log": "192.168.1.201 - - [12/Nov/2020:17:10:40 +0000] \"GET /cabina/cockpit/login HTTP/2.0\" 404 3428", "duration": 0.001378652, "size": 3428, "status": 404, "resp_headers": {"X-Dns-Prefetch-Control": ["off"], "Server": ["Caddy"], "Referrer-Policy": ["no-referrer"], "X-Content-Type-Options": ["nosniff"], "Content-Type": ["text/html; charset=utf8"]}}

5. What I already tried:

I have tried several tries modifying the rewrite lines, adding several header_up as the following:

header_upstream X-Forwarded-For {remote}
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-Proto {scheme}

but havent found the correct “recipe”. The most I have been able to achieve is with what I have posted up.

6. Links to relevant resources:

I found this wiki, but works just for V1:

Any help will be much appreciated, as I’m not an expert in this…

matt · November 12, 2020, 6:13pm

Are you sure? That wiki is for Caddy 2, not v1.

joelvazquez · November 12, 2020, 6:29pm

Ok, I’ll give it to you, I’m an idiot! hihi…

I commented all the section I had, and copy almost exactly what was in the wiki (adjusting the sub-directory portion) and it work just fine…
I really thought I had done that, seems the coffee this morning actually kicked in…
Thanks for pointing out my mistake!

system · December 12, 2020, 5:19pm

This topic was automatically closed after 30 days. New replies are no longer allowed.