Reverse-proxying non-http content (IRC)

1. The problem I’m having:

I’m trying to use Caddy to reverse proxy for an IRC server, to have Caddy manage the TLS. With nginx, the official documentation for this exact usecase is to use the streams_enabled directive, to avoid http processing: testnet.ergo.chat/nginx_stream.conf at master · ergochat/testnet.ergo.chat · GitHub

With Caddy there does not seem to be any equivalent. I tried using a naive reverse-proxy:

irc.4clop.com:6697 {
        reverse_proxy unix//var/run/ergo_sock
}

But this does not seem to work.

Is this something that is supported at all? Or should I just use e.g. nginx if I want to reverse-proxy non-http content like this? I thought I’d give Caddy a try due to its automatic HTTPS management, saving me the trouble of setting up certbot and the like on my own.

2. Error messages and/or full log output:

Neither Caddy nor my IRC server output any logs.

Attempting to connect over irssi gives the following output:

04.001353 -!- Irssi: Looking up irc.4clop.com
04.001353 -!- Irssi: Connecting to irc.4clop.com [95.216.9.186] port 6697
04.001353 -!- Irssi: Certificate Chain:
04.001353 -!- Irssi:   Subject: CN: irc.4clop.com
04.001353 -!- Irssi:   Issuer:  C: US, O: Let's Encrypt, CN: R3
04.001353 -!- Irssi:   Subject: C: US, O: Let's Encrypt, CN: R3
04.001353 -!- Irssi:   Issuer:  C: US, O: Internet Security Research Group, CN: ISRG Root X1
04.001353 -!- Irssi:   Subject: C: US, O: Internet Security Research Group, CN: ISRG Root X1
04.001353 -!- Irssi:   Issuer:  O: Digital Signature Trust Co., CN: DST Root CA X3
04.001353 -!- Irssi: Protocol: TLSv1.3 (128 bit, TLS_AES_128_GCM_SHA256)
04.001353 -!- Irssi: EDH Key: 253 bit Unknown
04.001353 -!- Irssi: Public Key: 256 bit EC, valid from Mar  3 20:15:11 2023 GMT to Jun  1 20:15:10 2023 GMT
04.001353 -!- Irssi: Public Key Fingerprint:  CF:B9:D6:67:C1:7F:03:DC:37:F0:F9:96:B4:05:56:45:19:7C:31:0D:21:9F:AA:A6:03:EA:DA:58:47:27:BD:A6 (SHA256)
04.001353 -!- Irssi: Certificate Fingerprint: B4:A6:26:C0:DE:20:68:45:F5:51:8F:F2:18:B3:2C:8E:86:16:D2:A2:49:4E:70:BF:E3:1D:6F:5E:8C:7F:34:F4 (SHA256)
04.001353 Waiting for CAP LS response...
04.001353 -!- Irssi: Connection to irc.4clop.com established
04.001353 -!- HTTP/1.1 400 Bad Request
04.001353 -!- Content-Type: text/plain; charset=utf-8
04.001353 -!- Connection: close
04.001353 -!- Request
04.001353 -!- Irssi: Connection lost to irc.4clop.com

3. Caddy version:

v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=

4. How I installed and ran Caddy:

Using the debian installation instructions from the website.

a. System environment:

Linux Debian-1101-bullseye-amd64-base 5.10.0-17-amd64 #1 SMP Debian 5.10.136-1 (2022-08-13) x86_64 GNU/Linux

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

irc.4clop.com {
        root * /var/www/gamja
        reverse_proxy /webirc unix//var/run/ergo/ergo_websocket # no issues there by the way
        file_server
}

irc.4clop.com:6697 {
        reverse_proxy unix//var/run/ergo/ergo_sock
}

5. Links to relevant resources:

Ergo’s own manual section on reverse proxies: ergo/MANUAL.md at master · ergochat/ergo · GitHub
The example nginx config I mentioned earlier, that I would like to emulate in caddy: testnet.ergo.chat/nginx_stream.conf at master · ergochat/testnet.ergo.chat · GitHub

Caddy’s standard distribution ships with an HTTP server, not a general purpose TCP/UDP server. If you need that, then you can use GitHub - mholt/caddy-l4: Layer 4 (TCP/UDP) app for Caddy, but unfortunately it doesn’t have Caddyfile support at this time so you’d have to use JSON. You can adapt your existing Caddyfile to JSON with the caddy adapt command.

Interesting, thanks! I’ll look into that then, looks like it could do exactly what I need.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.