Translating LibrePhoto's nginx.conf

Help
1

1. Caddy version (caddy version):

v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=

2. How I run Caddy:

a. System environment:

Ubuntu 20.10

b. Command:

paste command here

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

:7680 {
    reverse_proxy * :7682 {
        header_up Host {http.request.host}
    }
    reverse_proxy /api/* :7681 {
        header_up Host backend
        header_up X-Real-IP {http.request.remote}
        header_up X-Forwarded-Proto {http.request.scheme}
    }
    reverse_proxy /media/* :7681 {
        header_up Host backend
        header_up X-Real-IP {http.request.remote}
        header_up X-Forwarded-Proto {http.request.scheme}
    }
    file_server /protected_media* {
        root /var/lib/librephotos/protected_media/
    }
    file_server /original* {
        root /var/lib/librephotos/data/
    }
    file_server /nextcloud_original* {
        root /var/lib/librephotos/data/nextcloud_media/
    }
}

3. The problem I’m having:

LibrePhotos will load but it’s not allowing access to any of the images. I think maybe I’m missing something from my translation? The given nginx.conf is linked below. I couldn’t figure out how to translate include uwsgi_params; or internal;

4. Error messages and/or full log output:

Mar 30 21:11:59 Yamato librephotos-backend[3428]: Forbidden: /media/avatars/avatar_9OrpE1t.png
Mar 30 21:12:10 Yamato librephotos-backend[3428]: Forbidden: /media/avatars/avatar_9OrpE1t.png
Mar 30 21:12:11 Yamato librephotos-backend[3428]: Forbidden: /media/avatars/avatar_cNj6PoI.png

5. What I already tried:

I tried translating the .conf myself

6. Links to relevant resources:

2

You don’t need this line, it gets set by Caddy automatically:

When looking for files on disk, Caddy takes the root then appends the current request path to it. This means that you’ll be looking in /var/lib/librephotos/protected_media/protected_media.

You can combine these with a named matcher:

@api path /api/* /media/*
reverse_proxy @api localhost:7681 {
	...
}
1 Like
3

Ok so I rewrote it as the following but I still have the same issue:

:7680 {
    reverse_proxy * :7682 {
        header_up Host {http.request.host}
    }
    @api path /api/* /media/*
    reverse_proxy @api :7681 {
        header_up Host backend
        header_up X-Real-IP {http.request.remote}
    }
    file_server /protected_media* {
        root /var/lib/librephotos/protected_media/
    }
    handle_path /original* {
        uri strip_prefix /original
        file_server {
            root /var/lib/librephotos/data/
        }
    }
    handle_path /nextcloud_original* {
        uri strip_prefix /nextcloud_original
        file_server {
            root /var/lib/librephotos/data/nextcloud_media/
        }
    }
}
4

Oh and this:

    file_server /protected_media* {
        root /var/lib/librephotos/
    }
5

I tried to download a Caddy executable with the NGINX adapter but it still says unrecognized. Tried to download this: https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddyserver%2Fnginx-adapter&idempotency=51926895223959
And run this: ./caddy-nginx adapt --config nginx.conf --adapter nginx

6

I think this’ll account for internal?

:7680 {
    reverse_proxy * :7682 {
        header_up Host {http.request.host}
    }
    @api path /api/* /media/*
    reverse_proxy @api :7681 {
        header_up Host backend
        header_up X-Real-IP {http.request.remote}
    }
    @protected_media {
        remote_ip 127.0.0.1
        path /protected_media*
    }
    file_server @protected_media {
        root /var/lib/librephotos/
    }
    @original {
        remote_ip 127.0.0.1
        path /original*
    }
    handle @original {
        uri strip_prefix /original
        file_server {
            root /var/lib/librephotos/data/
        }
    }
    @nextcloud_original {
        remote_ip 127.0.0.1
        path /nextcloud_original*
    }
    handle @nextcloud_original {
        uri strip_prefix /nextcloud_original
        file_server {
            root /var/lib/librephotos/data/nextcloud_media/
        }
    }
}

Edit: This doesn’t work
Edit^2: It does work I’m just an idiot. Was testing from my server with its LAN IP. It worked with localhost

7

I tried accessing :7680 via localhost but that didn’t work.

8

Oh that isn’t what internal means- Content-disposition and internal (nginx to caddy) - #8 by lecris

@francislavoie Would I be able to set up a NGINX server alongside caddy and have Caddy redirect to it?

9

Yes, run it on a specific port, and then you can just reverse_proxy to there. E.g.

your.site.url {
   # Assuming nginx server is exposed on port 8080
   # If you serve multiple sites you would need to specify the url as well,
   # otherwise localhost or 127.0.0.1 or any appropriate IP will suffice.
   reverse_proxy nginx.site.url:8080
}

I’m curious if in order to get an internal like behaviour, you have to specify all of the web-server’s IP or would 127.0.0.1 in remote_ip suffice.

10

This topic was automatically closed after 30 days. New replies are no longer allowed.