Trust X-Forwarded-Host

WhiteRabbitDE · July 18, 2022, 3:50pm

1. Caddy version (`caddy version`):

Latest Caddy:2 docker image

2. How I run Caddy:

Inside k8s to serve my php application.

Request from outside are handled by a nginx that has a proxy_pass to a traefik that routes the request to my k8s deployment (caddy / php pods).

a. System environment:

K8S , Caddy:2 docker image

b. Command:

Paste command here.

d. My complete Caddyfile or JSON config:

{
    # Debug
    {$DEBUG}
    # HTTP/3 support
    servers {
        protocol {
            experimental_http3
        }
    }
    local_certs
}

{$SERVER_NAME}

log

route {
    root * /srv/app/public
    push

    php_fastcgi unix//var/run/php/php-fpm.sock
    encode zstd gzip
    file_server
}

3. The problem I’m having:

It looks like the x-forwarded-host is not passed into my php container. I found this documentation → reverse_proxy (Caddyfile directive) — Caddy Documentation
which says that the header i need is not passed unless i set the trusted_proxies.

My problem is that im not sure how i can set it in my configuration, it seems to only be available inside of reverse proxy directive.

4. Error messages and/or full log output:

There is no actual error message. In the caddy log i can see that x-forwarded-host is now correctly set to the hostname of the nginx “example.mycompany.de”.

5. What I already tried:

I tried to add the trusted_proxies to my caddyfile but it says its unknown.

6. Links to relevant resources:

francislavoie · July 18, 2022, 3:52pm

All subdirectives of reverse_proxy are available in php_fastcgi.

The docs mention that:

Since this directive is an opinionated wrapper over a reverse proxy, you can use any of reverse_proxy’s subdirectives to customize it.

WhiteRabbitDE · July 18, 2022, 4:13pm

I totally missed that part, im sorry ! That did cost me so much time
Thanks a lot !

system · August 17, 2022, 3:50pm

This topic was automatically closed after 30 days. New replies are no longer allowed.