Reverse proxy multiple webpaths to a single domain

Help
1

1. The problem I’m having:

I have only one single domain and I can’t use subdomains, but I want to put multiple services on that one domain, by putting each of them on its own webpath.
For example, I want a mainpage broadcasting to mainpage:8080/ accessible at domain.tld/, a Nextcloud server broadcasting to nextcloud:8081 accessible at domain.tld/nextcloud etc.

To put it simply, I just want to proxy all of the services I want and have them be accessible in their own custom webpath. I want to access, say, web:8081/* at domain.tld/web/* and have that be transparent to the service that gets proxied.

For now I’ve just been testing to reverse proxy an empty Nginx container to a custom webpath

How can I do this? I tried multiple combinations of rewrites, handle_paths, reverse_proxies etc. to no avail. I don’t want to make the container broadcast to /web too, I just want to reverse proxy to domain.tld/web even if the container doesn’t broadcast to web:8081/web, and is just simply broadcasting to its webroot, web:8081/

2. Error messages and/or full log output:

I'm not getting any errors

3. Caddy version:

Latest from Docker, v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

a. System environment:

Docker version 20.10.24+dfsg1, build 297e128
docker-compose version 1.29.2, build unknown
Debian GNU/Linux 12 (bookworm) aarch64
Linux 6.1.21-v8+ aarch64 GNU/Linux
Raspberry Pi 4 Model B Rev 1.1

b. Command:

docker-compose up -d

c. Service/unit/compose file:

version: '3'

services:
  proxy:
    image: lucaslorentz/caddy-docker-proxy:ci-alpine
    restart: always
    tty: true
    cap_add:
      - NET_ADMIN
    ports:
      - "80:80"
      - "443:443"
    environment:
      - CADDY_INGRESS_NETWORKS=network
    volumes:
      - proxy-data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    networks:
      - network

  web:
    image: nginx:alpine
    restart: always
    tty: true
    labels:
      caddy: domain.tld
      caddy.reverse_proxy: "/web* web:80"
    networks:
      - network

volumes:
  proxy-data:
    external: true

networks:
  network:
    driver: bridge

d. My complete Caddy config:

domain.tld {
	reverse_proxy /web* web:80
}

5. Links to relevant resources:

2

See this article:

Why can’t you use a subdomain? It’s by far the easiest and most reliable solution. Otherwise, you’re at the whims of the apps you want to proxy to. Not all of them support “base path” configuration.

3

Because, the truth is, I don’t really own my own ‘domain’. I enabled my ISP’s dynamic DNS option, and I do not really want to pay for a domain. Even if I did, I’d have to set up a static IP address for that, which, judging by the fact that it’s just my home network, it doesn’t sound like a good idea

4

Get a domain from DuckDNS, it’s free and allows subdomains. You can use a dynamic DNS tool to keep it updated to point to your IP address. You could even use GitHub - mholt/caddy-dynamicdns: Caddy app that keeps your DNS records (A/AAAA) pointed at itself. plugin to keep it up to date.

1 Like
5

Honestly, now that you give me this solution, I’ll look into it. I’m sick of trying to get webpaths running. I’ve literally been procrastinating making my server functional for almost two years because of it. I’ll keep you updated if I have any more issues with this approach

1 Like
6

I’m following this approach currently but I’ve stumbled across something. How do I use the Caddy dynamic dns app/plugin/whatever without putting my DuckDNS token in plaintext in my Caddyfile? I use Docker secrets across my entire config so I’m wondering if there’s any other way to put secrets in the Caddyfile? All I can see is that I can use environment variables to do so

7

Currently docker secrets aren’t supported. We have replacer: Implement `file.*` global replacements by francislavoie · Pull Request #5463 · caddyserver/caddy · GitHub which should add support for it, but it’s not ready yet.

You’ll need to use env vars for now.

1 Like
8

Oh, alright, I’ll just stick to my duckdns container provided by the people at linuxserver, at least for now

9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.