1. Caddy version (caddy version
):
Tried both 2 and 2.2.1
2. How I run Caddy:
I run Caddy as a reverse proxy to external cloudfront domains.
a. System environment:
Using Ubunte 18.0.4 on AWS Lightsail with docker-compose.
b. Command:
docker-compose up
c. Service/unit/compose file:
docker-compose.yml
version: "3.7"
networks:
web:
external: true
services:
caddy:
image: caddy:2.2.1-alpine
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- "$HOME/Caddyfile:/etc/Caddyfile"
- "$HOME/caddy:/root/.caddy"
networks:
- web
d. My complete Caddyfile or JSON config:
grailbyte.de:443 {
reverse_proxy * dcsu781bfzy0r.cloudfront.net:443 {
# added those as they were mentioned in caddy v1 configs / transparent option, default in v2?
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-For {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-Proto {http.request.scheme}
}
# unfortunately does not work, as rewrite only works for internal urls, according to one post
# rewrite * https://dcsu781bfzy0r.cloudfront.net:443
}
3. The problem I’m having:
Getting a 400 error from cloudfront when opening the website → If I redirect, it works like a charm, but I need the client-side url to stay the same. So figured use a reverse-proxy.
No errors logged by Caddy.
4. Error messages and/or full log output:
5. What I already tried:
tried to solve it
- using rewrite (only for internal, already mentioned above)
- checked if redir works → it does
- added headers as they were in the tutorials for caddy v1 or configuration with option “transparent”. If I recall correctly, that is default behavior for caddy v2, but just to keep it safe.
- Went through all post regarding and/or mentioning cloudfront, as I suspect it to be the problem. Tried all of the suggestions mentioned in those posts. If needed, I will link all of them in a separate answer down below, as I saw new users can only add 4 links.
6. Links to relevant resources:
Used the following ressources apart from the docs as well as community posts
Happy for all the help I can get on this! Really appreciate it!