Reverse proxy - How do I pass client's remote ip to service?

Smalltalkjava · November 21, 2020, 1:52am

1. Caddy version (`caddy version`):

v2.2.0 h1:sMUFqTbVIRlmA8NkFnNt9l7s0e+0gw+7GPIrhty905A=

2. How I run Caddy:

I run a JellyFin server with and use caddy server as a reverse proxy to it. Jellyfin and Caddy are on the same Windows 10 box. I have NoIP with a free DNS name to point to my jellyfin/caddy setup. – JellyFin has a baseURL set to my value that is in the caddyfile.

a. System environment:

b. Command:

caddy start

c. Service/unit/compose file:

n/a  I don't use docker.

d. My complete Caddyfile or JSON config:

{
email  xxxxxxxxxxxxxx@gmail.com 
}


melbatoast.hopto.org {

	encode gzip
		log {
			output file C:\caddy\logs\hopto_access.log {
				roll true				# Rotate logs, enabled by default
				roll_size_mb 5		        # Set max size 5 MB
				roll_gzip true			# Whether to compress rolled files
				roll_local_time true	        # Use localhost time
				roll_keep 10			# Keep at most 10 log files
				roll_keep_days 21		# Keep log files for 21 days 
			}
		}
	
	# this part sets up the reverse proxy for the baseURL that is configured in the JellyFin console	
	redir /eggplantView /eggplantView/
	
	handle /eggplantView/* {
		reverse_proxy localhost:8096 
	}
	
 	# this part sends everything else to a 404 response
	handle {
		respond  "404 - Not Found" 404 { 
		     close 
		}
	}
	
}

3. The problem I’m having:

Jellyfin has a setting to allow Lan/local network users login using a PIN. I have found that when I use caddy with the config file that I am using, if I am off of my local network and I login using my id/PIN instead of my ID/Password it lets me in like I am on the same network. I have the functionality disabled right now until I find a resolution.

How do I make sure that caddy is passing the clients remote IP to Jellyfin?

4. Error messages and/or full log output:

5. What I already tried:

I tried google searching, and found reference to this: header_up Host {http.reverse_proxy.upstream.hostport} but I haven’t tried it, because i don’t want to break any security and expose anything. I also found some references to this "It adds or augments the X-Forwarded-For header field.
It sets the X-Forwarded-Proto header field." in the documentation, but I have no idea what it actually does, and I don’t know how to use it in the first place.

6. Links to relevant resources:

Here is a reference to a situation where they mentioned that you need to forward the client’s remote IP to jellyfin.
https://github.com/jellyfin/jellyfin/issues/2671

francislavoie · November 21, 2020, 2:44am

The X-Forwarded-For header is filled with the client’s IP address. It’s up to the app being proxied to read this header.

From reading the github issue you linked, it seems that they do read that header, so it should already work out of the box.

Smalltalkjava · November 21, 2020, 5:18am

Thanks for the information. I went back and did some more testing. It worked correctly after I restarted my phone. The only thing I can see from looking at my log files is maybe my phone wasn’t fully disconnecting from my wifi.

system · December 21, 2020, 1:52am

This topic was automatically closed after 30 days. New replies are no longer allowed.