1. My Caddy version (caddy -version
):
Caddy 0.11.2
2. How I run Caddy:
Docker
Please provide all of the relevant information and DO NOT REDACT anything except passwords/keys. Thank you!
I have docker on 192.168.10.41.
MailCow on 192.168.10.47
I am trying to set up external access on mail.mydomain.com to redirect to my mailcow instance. For information, I already have home.mydomain.com going to another machine. From what i can tell the two domains are working as they should, with caddy redirecting to the correct machine depending on the url the user enters.
But I don’t want to expose the mail mailcow admin page to the internet. Preferrring to only allow the SOGo web mail instance.
Here is my caddy entry:
#take portforwarded router:443 to caddy instance:8443
https://mail.mydomain.com:8443 {
tls letsencrypt@mydomain.com {
dns cloudflare
}
log stdout
errors stdout
#Port 443 from USG to 443 to 8443 on 192.168.10.7
proxy / http://192.168.10.47:80/SOGo/ {
without SOGo/
transparent
#websocket
#insecure_skip_verify
}
}
But what I get from this is a bunch of 403 errors:
198.41.238.79 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/lodash.min.js HTTP/1.1" 403 251
198.41.238.117 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-messages.min.js HTTP/1.1" 403 251
198.41.238.117 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-sanitize.min.js HTTP/1.1" 403 251
198.41.238.97 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/img/sogo-full.svg HTTP/1.1" 403 251
198.41.238.115 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-animate.min.js HTTP/1.1" 403 251
198.41.238.113 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular.min.js HTTP/1.1" 403 251
198.41.238.113 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/Main.js?lm=1579862807 HTTP/1.1" 403 251
198.41.238.79 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-aria.min.js HTTP/1.1" 403 251
198.41.238.85 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/css/theme-default.css HTTP/1.1" 403 251
198.41.238.91 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/css/styles.css HTTP/1.1" 403 251
198.41.238.111 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-cookies.min.js HTTP/1.1" 403 251
198.41.238.129 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/Common.js?lm=1579862807 HTTP/1.1" 403 251
198.41.238.121 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/custom-sogo.js?lm=1580426093 HTTP/1.1" 403 251
198.41.238.97 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-ui-router.min.js HTTP/1.1" 403 251
198.41.238.111 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/angular-material.min.js HTTP/1.1" 403 251
198.41.238.97 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/img/sogo-full.svg HTTP/1.1" 403 251
198.41.238.79 - - [03/Feb/2020:05:35:30 +0000] "GET /SOGo.woa/WebServerResources/js/vendor/lodash.min.js HTTP/1.1" 403 251
If I remove the SOGo part of the proxy address, then I successfully get the main mailcow admin page…and then I can manually redirect to https://mail.mydomain.com/SOGo
https://mail.mydomain.com/SOGo/SOGo/so/user@mydomain.com/Mail/view
I can see it’s trying to use SOGo/SOGo - which the without SOGo/
should be removing.
Any tips?
I’d rather not butcher their nginx config, as that will break upgrades etc.