Route directive file server not picking up index.html

1. Caddy version (caddy version):

v2.4.0-beta.1 h1:Ed/tIaN3p6z8M3pEiXWJL/T8JmCqV62FrSJCHKquW/I=

2. How I run Caddy:

I’m using caddy to make an authorization server, with a login and signup page, as well as an admin dashboard to oversee operations. The authorizations is based on JWT using a plugin.

a. System environment:

Operating System: Ubuntu 20.10
Kernel: Linux 5.8.0-53-generic
Architecture: x86-64

b. Command:

sudo systemctl start caddy

c. Service/unit/compose file:

# caddy.service
#
# For using Caddy with a config file.
#
# Make sure the ExecStart and ExecReload commands are correct
# for your installation.
#
# See https://caddyserver.com/docs/install for instructions.
#
# WARNING: This service does not use the --resume flag, so if you
# use the API to make changes, they will be overwritten by the
# Caddyfile next time the service is restarted. If you intend to
# use Caddy's API to configure it, add the --resume flag to the
# caddy run command or use the caddy-api.service file instead.

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

test.palmiotto.duckdns.org {
tls {
        issuer acme {
                disable_http_challenge
        }
        issuer zerossl {
                disable_http_challenge
        }
}
encode gzip
route {
        jwt {
        trusted_tokens {
                static_secret {
                        token_name xxxxxxxxxxxxxxxxxxxxxx
                        token_secret xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

                }
        }
        auth_url https://auth.palmiotto.duckdns.org/api/token
}
        reverse_proxy localhost:3000
}

#reverse_proxy /jellyfin/* 192.168.1.199:8096

#route /planes/* {
#     uri strip_prefix /planes
#     reverse_proxy 192.168.1.134:8754
#}

handle_errors {
        rewrite * /{http.error.status_code}
        reverse_proxy https://http.cat {
                header_up Host http.cat
        }
}
}

auth.palmiotto.duckdns.org {
tls {
        issuer acme {
                disable_http_challenge
        }
        issuer zerossl {
                disable_http_challenge
        }
}
encode gzip

reverse_proxy 192.168.1.199:6060

route /admin* {
        jwt {
        primary yes
        trusted_tokens {
                static_secret {
                        token_name xxxxxxxxxxx
                        token_secret xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
                }
        }
        option validate_bearer_header
        auth_url https://auth.palmiotto.duckdns.org/api/token
        allow roles admin
        }
        reverse_proxy 192.168.1.199:6060
}

route /dashboard/* {
        jwt
        root *  /home/server/admin-svelte/public
        handle_path /dashboard/* {
                file_server
        }
}
}

dashboard.auth.palmiotto.duckdns.org {
route {
        jwt
        root *  /home/server/admin-svelte/public
        file_server
        }
}

3. The problem I’m having:

The problem is in the /dashboard/ route. I need to use routes in order to pass the request through the JWT plugin. However if I try to connect to /dashboard/ instead of being shown the index.html file i get redirected at the root of the website. If I connect to /dashboard/index.html I can see the page and everything seems to work fine. If I just use the handle_path directive then on /dashboard/ i get the index. How can I see the index without specifiyng index.html?

4. Error messages and/or full log output:

5. What I already tried:

I tried using the JWT directive inside handle_path but I get

reload: adapting config using caddyfile: parsing caddyfile tokens for 'handle_path': directive 'jwt' is not ordered, so it cannot be used here

I created successfully another subdomain with the file_server and a route directive without a request matcher. However I would like to serve the site from a subdirectory so it is not of much help.

I thought that maybe I could issue a rewrite of some sort buth honestly I don’t think it would solve the problem.

Thank you very much for your help.

6. Links to relevant resources:

Please upgrade to v2.4.1

The trouble is when you do a path rewrite, the file_server is not aware of the rewrite when it tries to do a canonicalization redirect. You could maybe use try_files to forcibly rewrite the path to the index.html before passing it to file_server. (I’m on mobile so I’m sorry I can’t be much more specific, I’ll circle back to this when I can)

Might be fixed in fileserver: Redirect within the original URL by diamondburned · Pull Request #4179 · caddyserver/caddy · GitHub.

1 Like