1. The problem I’m having:
We have ancient IoT API clients that are sending incorrect content-length headers when performing an upload of a gzipped file.
If we use the following curl command, we can simulate what is happening:
curl -v \
http://local.redacted.com/api/v1/machine-info \
-H "Authorization: Basic redacted" \
-H "Content-Encoding: gzip" -H "Content-Type: application/gzip" -H "Content-Length: 123" \
--data-binary @uploaded-mac-info-20240329-204042.572958-redacted.gz
Removing the content-length header from the curl command works because curl calculates the size of the file correctly.
2. Error messages and/or full log output:
Logs are not relevant (I think) because the symptom is Flask not receiving a complete response from Caddy.
3. Caddy version:
2.7.6
4. How I installed and ran Caddy:
Docker containers running on ECS/Fargate
a. System environment:
Docker
b. Command:
c. Service/unit/compose file:
FROM caddy:2.7.6-builder-alpine AS builder
RUN xcaddy build \
--with github.com/caddy-dns/route53 \
--with github.com/caddyserver/transform-encoder
RUN ls -l
RUN pwd
RUN find / -name Caddyfile
FROM caddy:2.7.6-alpine
RUN apk -U add curl
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
RUN --mount=type=bind,source=deploy,target=/deploy cp /deploy/caddy/Caddyfile /etc/caddy/Caddyfile
d. My complete Caddy config:
{
default_sni {$FQDN}
auto_https disable_redirects
log {
output stdout
format transform `https {request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
time_format "02/Jan/2006:15:04:05 -0700"
}
level INFO
}
admin 0.0.0.0:2019 {
}
servers {
trusted_proxies static private_ranges
client_ip_headers X-Forwarded-For X-Real-IP
}
}
http:// {
log {
output stdout
format transform `http {request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
time_format "02/Jan/2006:15:04:05 -0700"
}
level INFO
}
request_body {
max_size 96MB
}
handle {
reverse_proxy {$SERVICE}
}
}
{$FQDN} {
request_body {
max_size 1GB
}
tls {
dns route53 {
}
}
log {
output stdout
format transform `https {request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
time_format "02/Jan/2006:15:04:05 -0700"
}
level INFO
}
encode zstd gzip
handle {
reverse_proxy {$SERVICE}
}
}