V2 rewrite with basicauth

Help
1

1. My Caddy version (caddy version):

v2 RC3

2. How I run Caddy:

./caddy2.0 run --config ./config2.1 --adapter caddyfile

a. System environment:

Linux Ubuntu 18.04.4 LTS

b. Command:

n/a

c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

{
    order basicauth before rewrite
}

x.x.x.x:7443 {
    reverse_proxy * localhost:5443 {
        header_up X-Real-IP {remote}
    }
    basicauth /* {
        monitor xxxxxxxx

    }

    respond /forbidden 403
    @monitor {
        expression {user} == 'monitor'
        path /test*
    }
    rewrite @monitor /forbidden
}

3. The problem Iā€™m having:

Iā€™m attempting to use a {user} placeholder in a rewrite. In prior versions on caddy, I built caddy and reordered the basicauth directive before the rewrite to make this work correctly. In v2, I believe there is a ā€˜globalā€™ section that iā€™ve tried in my config to reorder the directives which I though would achieve teh same thing. I havenā€™t been able to get this to work but honestly Iā€™m not sure if my syntax is even completely right since v2 is very different.
So the underlying question here is: Does the global reordering i do in the first set of lines of my config suposed to achieve what iā€™m trying to accomplish?

4. Error messages and/or full log output:

Not particularly relevant I donā€™t think.

5. What I already tried:

Iā€™ve tried to use the globals to reorder. Iā€™ve verified by rewrite block works by using other criteria and I get 403s correctly. Iā€™ve verified my expression itself is fine by adding this ā€œexpression ā€˜monitorā€™ == ā€˜monitorā€™ā€ instead of the placeholder as a test

6. Links to relevant resources:

2

The placeholder youā€™re looking for is actually {http.auth.user.id}

Also, your Caddyfile looks incomplete, youā€™re missing a site label. Please donā€™t omit parts of your config, it only makes it harder for us to help.

3

Ah. That worked. May I ask how you determined that was the placeholder? Is there a way I could have determined that myself for future placeholders? I saw many are included in the docs but some arenā€™t. Thanks.

Yea. Youā€™re right. Noted for the future.

4

I went digging through the code to find it - unfortunately Iā€™m not spotting it in the docs right now. Iā€™ll make sure itā€™s added. Sorry for the inconvenience!

I think your re-ordering of directives might not be necessary here - try without it as well to see if it does what you need!

Iā€™m glad to see more people using the CEL expression matcher. The more use it gets, the quicker we can improve it and make it non-experimental!

1 Like
5

Its pretty powerful. As feedback, iā€™d really like to see more examples in the docs. I found it very difficult to formulate what I really want to do. I can create a new topic for that but for hte docs it would be very helpful to have a pretty good size list of examples to grow from.

6

Noted, we could definitely add more examples. If you want to help improve the docs, feel free to make PRs to GitHub - caddyserver/website: The Caddy website!

The tricky part about documenting CEL expressions is we donā€™t necessarily want to maintain documentation for how the spec works because itā€™s an external lib. We need to make sure to limit ourselves to just the parts that are relevant to Caddy. The CEL spec is available here:

2 Likes
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.