However, I can’t figure out how to do the same thing with a Caddyfile. This Caddy file seems to be close but the response to the browser is never returned. What am I missing?
localhost:3000
tls off
root html
reverse_proxy / {
to www.starryhope.com:433
header_up -Accept-Encoding
transport http {
tls
}
}
localhost:3000
root html
reverse_proxy / {
to www.starryhope.com:443
header_up -Accept-Encoding
transport http {
tls
}
}
With or without the header_up line. It returns a 403 error from Cloudfront. Other sites don’t work as well. What’s the difference between this config and the reverse-proxy command from the CLI?
What about JSON format - does anyone have a solution to do the exact same thing (reverse proxy) but in Caddy’s native JSON config format ?
Here is my attempt:
Actually let me amend my question: I want to be able to point both mydomain1.com and mydomain2.com to the same caddy server (running in docker-compose) and have each domain serviced by a different docker container/service OR serviced at different ports.
What would the Caddy v2 JSON config look like? my attempt (see github repo) works for one domain/IP but I can’t find documentation to help me expand that so that I can serve multiple domains on a single IP
I was able to fix my issue by using caddy adapt --config Caddyfile --pretty to discover what Caddy v2 expects as correct JSON. But I also realized some of the documentation and wiki content had the particular information I was looking for. I hope the documentation will be fully centralized soon.
I would like to register appreciation for the guys working on this, esp. Matt. KUDOS
Great, glad to hear! Yes, I’m finishing up some breaking changes in the Caddyfile to fix some design flaws that remained from v1, and then I will be writing new documentation for it on our website. That awful wiki page will go away eventually.
Thanks - consider sponsoring the project, if you would like! Sponsor @mholt on GitHub Sponsors · GitHub (it’s my full-time job and as of right now can only work on it full-time for a few more weeks at this rate)
matt: I have almost the same question - as far I did not get completely HOWTO to make transparent reverse proxy, I want to ask you n’ other gurus to help me, if its possible:
I have myhost.tld:443 with external real IP address, and I have http (not https) web-file server (HFS, in case of interest), that is running in local network only (192.168 - accessible by that myhost.tld). I want to set-up rule in caddy that will enable downloading files THROUGH the myhost.tld - redirecting request to local 192 HFS.
I mean it - if I browse https://myserver.tld/files - I see root of 192 HFS server, if I browse /files/myproject - caddy should repost this request to 192 HFS server.
And - when I’ll download file from that /files section on myhost.tld → redirected to 192 HFS server - the download should be completed in HTTPS transport, not 192’s HTTP.
Big plus should be to set-up browse list DISABLE rule, too, like - if you have url with file - you get this file, if you want to browse https://myhost.tld/files - you’ll get error 404 or something like that.
Can you, or someone else, provide such rule set for caddy v1 ?
I’d avoid the term “redirecting” here - in the context of a web server, a redirect means a specific status response containing a header instructing the client to browse to a different URL instead.
But yes, this is how the default proxy functions. You access Caddy, it passes the request through to the upstream server (local 192 HFS).
A very simple proxy has this behaviour.
With this reverse proxy you will be talking HTTPS to Caddy but you’re getting your upstream server’s actual content. So yes, downloading a file from your HTTP server, but through the HTTPS connection to Caddy. You should see the green padlock in your browser, etc.
If you have url with file - you get this file: this is a redirect if it’s visible to the browser - i.e. your URL bar updates to the correct URL - or a rewrite if it’s invisible, i.e. you simply get the other file instead without your browser’s URL bar updating.
If you want to browse /files - you’ll get error 404: this can be done with the status directive. You can specify a path like /files and have that whole section produce a 404 result if you want.
- consider sponsoring the project, if you would like!