Rewrite Path and Proxy with Headers and SSL

1. Output of caddy version:

v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

2. How I run Caddy:

I run Caddy on Azure for two sites, and a subdomain.,, and They are all reverse proxied to services for each site.

a. System environment:

Ubuntu 18.04

b. Command:

sudo run caddy

d. My complete Caddy config:

(logging) {
    log {
       output file /home/azureuser/logs/caddy.log
} {
    import logging
} {
    import logging
} {
    import logging
    root * /home/azureuser/klabo-blog/_site/
    encode gzip
} {
    import logging
    route /.well-known/nostr.json {
	rewrite * /nostrnip5/api/v1/domain/GjxYKGTjwDVawdPBLSLPsr/nostr.json

3. The problem I’m having:

I am attempting to handle GET requests to and proxy them to with the path /nostrnip5/api/v1/domain/GjxYKGTjwDVawdPBLSLPsr/nostr.json.

When I try this I get a 404 from the service. redirect doesn’t work here b/c I need the request to appear to be getting returned from with HTTPS etc.

I’m not an expert at in this type of configuration so forgive me if I’m not explaining well. This is the nginx example I’m attempting to replicate:

## Proxy Server Caching
proxy_cache_path /tmp/nginx_cache keys_zone=nip5_cache:5m levels=1:2 inactive=300s max_size=100m use_temp_path=off;

location /.well-known/nostr.json {
   proxy_pass https://{your_lnbits}/nostrnip5/api/v1/domain/{domain_id}/nostr.json;
   proxy_set_header Host {your_lnbits};
   proxy_ssl_server_name on;

   expires 5m;
   add_header Cache-Control "public, no-transform";

   proxy_cache nip5_cache;
   proxy_cache_lock on;
   proxy_cache_valid 200 300s;
   proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;

4. Error messages and/or full log output:

2023/01/08 17:56:40.181	error	http.log.access.log3	handled request	{"request": {"remote_ip": "", "remote_port": "54732", "proto": "HTTP/2.0", "method": "GET", "host": "", "uri": "/.well-known/nostr.json", "headers": {"Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"], "Accept-Language": ["en-US,en;q=0.9"], "Accept-Encoding": ["gzip, deflate, br"], "User-Agent": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15"]}, "tls": {"resumed": false, "version": 772, "cipher_suite": 4865, "proto": "h2", "server_name": ""}}, "user_id": "", "duration": 0.251674802, "size": 19, "status": 404, "resp_headers": {"Content-Type": ["text/plain; charset=utf-8"], "Date": ["Sun, 08 Jan 2023 17:56:40 GMT"], "Server": ["Caddy", "Caddy"], "Alt-Svc": ["h3=\":443\"; ma=2592000"], "Vary": ["Origin"], "X-Content-Type-Options": ["nosniff"], "Content-Length": ["19"]}}

5. What I already tried:

I tried redirect, and also handle instead of route

6. Links to relevant resources:

Link to the guide explaining how to set up with nginx here: lnbits/lnbits/extensions/nostrnip5 at main · lnbits/lnbits · GitHub

That reverse_proxy doesn’t override the Host, so the upstream (which is Caddy itself) doesn’t know how to route the request. See the docs:

But really, you don’t need to proxy like that. Just do reverse_proxy localhost:8000 which is the same thing as your other site is doing. Much simpler, avoids having Caddy make an HTTP request to itself which is kinda weird and unnecessary.

1 Like

Yeah, that was it. Thank you! Makes a lot of sense now that I think about it. Much appreciated!


This topic was automatically closed after 30 days. New replies are no longer allowed.