Unable to connect to reverse_proxy host

1. The problem I’m having:

I can access the vue page located at /var/www/html. When a network request prefixed with /api/ is initiated in the vue page, the upstream service cannot be accessed (8081 in the reverse proxy)

backend server

this is my backend server, it’s accessible.

[caddyDemo]$ curl 'localhost:8081/auth/notion/weibo?code=138&state=246'
auth success[caddyDemo]$

auth success is success response.

caddy server

Caddyfile

www.shangshy.com {
	# 前端
	root * /var/www/html
	try_files {path} /
	file_server
	# 反向代理
	@api {
		path /api/*
	}
	reverse_proxy @api localhost:8081
	log {
		output file /var/log/access.log
		format filter {
			wrap console
			fields {
				request>headers>User-Agent delete
			}
		}
	}
}

2. Error messages and/or full log output:

network

caddy access.log

{
  "level": "info",
  "ts": 1681971647.1484964,
  "logger": "http.log.access.log0",
  "msg": "handled request",
  "request": {
    "remote_ip": "170.39.227.140",
    "remote_port": "8415",
    "proto": "HTTP/2.0",
    "method": "GET",
    "host": "www.shangshy.com",
    "uri": "/api/auth/notion/weibo?code=140&state=246",
    "headers": {
      "Sec-Ch-Ua": [
        "\"Chromium\";v=\"112\", \"Microsoft Edge\";v=\"112\", \"Not:A-Brand\";v=\"99\""
      ],
      "Accept": [
        "application/json, text/plain, */*"
      ],
      "Sec-Fetch-Mode": [
        "cors"
      ],
      "Referer": [
        "https://www.shangshy.com/other?code=140&state=246"
      ],
      "Accept-Encoding": [
        "gzip, deflate, br"
      ],
      "Accept-Language": [
        "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6"
      ],
      "Sec-Ch-Ua-Mobile": [
        "?0"
      ],
      "User-Agent": [
        "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.48"
      ],
      "Sec-Ch-Ua-Platform": [
        "\"macOS\""
      ],
      "Sec-Fetch-Site": [
        "same-origin"
      ],
      "Sec-Fetch-Dest": [
        "empty"
      ]
    },
    "tls": {
      "resumed": false,
      "version": 772,
      "cipher_suite": 4865,
      "proto": "h2",
      "server_name": "www.shangshy.com"
    }
  },
  "user_id": "",
  "duration": 0.000157556,
  "size": 423,
  "status": 200,
  "resp_headers": {
    "Server": [
      "Caddy"
    ],
    "Alt-Svc": [
      "h3=\":443\"; ma=2592000"
    ],
    "Etag": [
      "\"rte83bbr\""
    ],
    "Content-Type": [
      "text/html; charset=utf-8"
    ],
    "Last-Modified": [
      "Thu, 20 Apr 2023 02:54:47 GMT"
    ],
    "Accept-Ranges": [
      "bytes"
    ],
    "Content-Length": [
      "423"
    ]
  }
}

3. Caddy version:

v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=

4. How I installed and ran Caddy:

a. System environment:

Amazon Linux2

b. Command:

sudo yum -y install yum-plugin-copr
sudo yum -y copr enable @caddy/caddy epel-7-$(arch)
sudo yum -y install caddy

Hi, welcome around

Your upstream expects the path without the /api, so you should tell Caddy to strip it out. One way to do this is by using the handle_path directive.

Hi, I used in Caddyfile:

	@api {
		path /api/*
	}
	reverse_proxy @api localhost:8081

Isn’t this acting as a reverse proxy? What is the difference between handle_path?
Thanks for your help

I fixed it.

www.shangshy.com {
	# 前端
	handle {
		root * /var/www/html
		try_files {path} /index.html
		file_server
	}
	# 反向代理后端
	handle /api/* {
		uri strip_prefix /api
		reverse_proxy localhost:8081
	}
}

Caddy doesn’t manipulate the path when proxying the request. It will send it as-is, which means your upstream will receive the request with the /api prefix. Using the matcher will not strip the prefix.

The handle directive tells Caddy to match in mutual-exclusive manner. It will only match 1 handle block. The handle_path directive to similar to handle, but it will add uri strip_prefix, exactly like you did.

You’ve re-invented the handle_path directive.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.