Reverese Proxy with path does not work anymore

Help
1

1. Caddy version (caddy version):

Caddy 2.0.0

2. How I run Caddy:

Ubuntu 18.04 using the default systemd unit file that comes with the .deb package provided on the GH release page

a. System environment:

Ubuntu 18.04 using systemd

b. Command:

c. Service/unit/compose file:

systemd unit file from GH release deb file

d. My complete Caddyfile or JSON config:

See below

3. The problem I’m having:

I have been trying all day to migrate my Caddyfile at work to the new Caddyfile format.
This config below, the old one, works flawlessly using Caddy 1 but it doesn’t work on Caddy 2.
The issue I am currently having is the following:

This piece of Caddyfile configuration has worked flawlessly.
Here I am running a ttyd daemon and have Caddy act as a reverse proxy in front of it.

http://10.0.0.2:4444/share {
    proxy / localhost:7681 {
        health_check /
        health_check_interval 5s
        transparent
        websocket
        # To get the custom error page displayed correctly I have to make these exception
        except 500.html styles.css favicon.ico
    }
}

now when I adapt this to the new Caddyfile syntax this looks like this

http://10.0.0.2:4444/share {                                                                                                                                                                                                                                                                                                                                                                                                                                                
    reverse_proxy {                                                                                                                                                                                                                                                             
        to localhost:7681                                                                                                                                                                                                                                                       
    }                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
}

{"level":"error","ts":1588698482.697211,"logger":"http.log.access.log0","msg":"handled request","request":{"method":"GET","uri":"/share","proto":"HTTP/1.1","remote_addr":"127.0.0.1:54358","host":"10.0.0.2:4444","headers":{"Accept-Language":["en-US,de-DE;q=0.7,en;q=0.3"]
,"Accept-Encoding":["gzip, deflate"],"Upgrade-Insecure-Requests":["1"],"Cache-Control":["no-cache"],"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/
*;q=0.8"],"Dnt":["1"],"Connection":["keep-alive"],"Pragma":["no-cache"]}},"common_log":"127.0.0.1 - - [05/May/2020:19:08:02 +0200] \"GET /share HTTP/1.1\" 404 38","duration":0.000467393,"size":38,"status":404,"resp_headers":{"Server":["Caddy","ttyd/1.6.0-29507ed (libwebso
ckets/2.0.3)"],"Content-Type":["text/html"],"Content-Length":["38"]}}
{"level":"info","ts":1588698482.7877393,"logger":"http.log.access.log0","msg":"handled request","request":{"method":"GET","uri":"/favicon.ico","proto":"HTTP/1.1","remote_addr":"127.0.0.1:54358","host":"10.0.0.2:4444","headers":{"User-Agent":["Mozilla/5.0 (X11; Ubuntu; L
inux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0"],"Accept":["image/webp,*/*"],"Accept-Language":["en-US,de-DE;q=0.7,en;q=0.3"],"Connection":["keep-alive"],"Pragma":["no-cache"],"Accept-Encoding":["gzip, deflate"],"Dnt":["1"],"Cache-Control":["no-cache"]}},"common_log":"
127.0.0.1 - - [05/May/2020:19:08:02 +0200] \"GET /favicon.ico HTTP/1.1\" 0 0","duration":0.000007586,"size":0,"status":0,"resp_headers":{"Server":["Caddy"]}}

This is the ttyd output:

$ ttyd -i lo -T  screen-256color tmux attach -t 2
[2020/05/05 19:06:46:6493] NOTICE: ttyd 1.6.0-29507ed (libwebsockets 2.0.3)
[2020/05/05 19:06:46:6493] NOTICE: tty configuration:
[2020/05/05 19:06:46:6493] NOTICE:   start command: tmux attach -t 2
[2020/05/05 19:06:46:6493] NOTICE:   close signal: SIGHUP (1)
[2020/05/05 19:06:46:6493] NOTICE:   terminal type: screen-256color
[2020/05/05 19:06:46:6493] NOTICE: Initial logging level 7
[2020/05/05 19:06:46:6493] NOTICE: Libwebsockets version: 2.0.3 unknown-build-hash
[2020/05/05 19:06:46:6494] NOTICE: IPV6 not compiled in
[2020/05/05 19:06:46:6494] NOTICE: libev support compiled in but disabled
[2020/05/05 19:06:46:6494] NOTICE: libuv support compiled in and enabled
[2020/05/05 19:06:46:6494] NOTICE:  Threads: 1 each 1024 fds
[2020/05/05 19:06:46:6494] NOTICE:  mem: platform fd map:  8192 bytes
[2020/05/05 19:06:46:6494] NOTICE:  Compiled with OpenSSL support
[2020/05/05 19:06:46:6494] NOTICE:  SSL disabled: no LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT
[2020/05/05 19:06:46:6494] NOTICE: Creating Vhost 'default' port 7681, 2 protocols
[2020/05/05 19:06:46:6496] NOTICE:  Listening on port 7681
[2020/05/05 19:06:46:6496] NOTICE:  mem: per-conn:          920 bytes + protocol rx buf
[2020/05/05 19:06:46:6496] NOTICE:  canonical_hostname = LC0013
[2020/05/05 19:06:46:6496] NOTICE:  Listening on port: 7681
[2020/05/05 19:06:46:6496] NOTICE:  Using foreign event loop...
[2020/05/05 19:06:46:6598] NOTICE: lws_protocol_init
[2020/05/05 19:07:32:9590] NOTICE: HTTP /share - 127.0.0.1
[2020/05/05 19:08:02:6970] NOTICE: HTTP /share - 127.0.0.1
^C[2020/05/05 19:09:32:0065] NOTICE: received signal: SIGINT (2), exiting...

The problem seems to be that the reverse_proxy module passes the /share URI as well; which is not desired as ttyd does not server anything at /share.

When I open the URL I just get a 404.
Anybody have any ideas or clues?

4. Error messages and/or full log output:

see above

5. What I already tried:

Omitting the /share path makes the reverse proxy work.
The port 4444 is temporary and I might want to remove it as well. I actually have it some places without it.

6. Links to relevant resources:

Using this software that I want to make accessible through the reverse proxy GitHub - tsl0922/ttyd: Share your terminal over the web

2

You can use uri strip_prefix /share before the reverse_proxy.

You can also reduce your proxy to one line: reverse_proxy localhost:7681

1 Like
3

I actually tried uri strip_prefix /share and it didn’t work.
I am not in front of the machine, but I can say for sure that it didn’t work.

In a couple of hours I can test and get back to you.

4

Ok I just checked on my macOS machine with the same setup. It seems to be working - kind of. It seems to be getting to the ttyd application.

But it still only works when I don’t use /share in the matcher there.
It might be something with ttyd though - I can’t say for sure.
Would you be able to tell me how I can identify if it is not caddy?

What I am seeing in Safari is this:

image
image2654×292 65.9 KB

This is using the following Caddyfile:

http://localhost/share {
 uri strip_prefix /share
    reverse_proxy {
        to localhost:7681
    }
}
5

http://localhost/share

That only matches http://localhost/share exactly. Read how path matchers work: Request matchers (Caddyfile) — Caddy Documentation

You want to match a prefix, not an exact/full match.

1 Like
6

Thanks Matt! Fixed the Caddyfile accordingly and now it works like expected.

http://localhost/share/* {
     uri strip_prefix /share
     reverse_proxy {
         to localhost:7681
     }
}
1 Like
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.