V2 rewrite with basicauth

1. My Caddy version (caddy version):

v2 RC3

2. How I run Caddy:

./caddy2.0 run --config ./config2.1 --adapter caddyfile

a. System environment:

Linux Ubuntu 18.04.4 LTS

b. Command:


c. Service/unit/compose file:

paste full file contents here

d. My complete Caddyfile or JSON config:

    order basicauth before rewrite

x.x.x.x:7443 {
    reverse_proxy * localhost:5443 {
        header_up X-Real-IP {remote}
    basicauth /* {
        monitor xxxxxxxx


    respond /forbidden 403
    @monitor {
        expression {user} == 'monitor'
        path /test*
    rewrite @monitor /forbidden

3. The problem I’m having:

I’m attempting to use a {user} placeholder in a rewrite. In prior versions on caddy, I built caddy and reordered the basicauth directive before the rewrite to make this work correctly. In v2, I believe there is a ‘global’ section that i’ve tried in my config to reorder the directives which I though would achieve teh same thing. I haven’t been able to get this to work but honestly I’m not sure if my syntax is even completely right since v2 is very different.
So the underlying question here is: Does the global reordering i do in the first set of lines of my config suposed to achieve what i’m trying to accomplish?

4. Error messages and/or full log output:

Not particularly relevant I don’t think.

5. What I already tried:

I’ve tried to use the globals to reorder. I’ve verified by rewrite block works by using other criteria and I get 403s correctly. I’ve verified my expression itself is fine by adding this “expression ‘monitor’ == ‘monitor’” instead of the placeholder as a test

6. Links to relevant resources:

The placeholder you’re looking for is actually {http.auth.user.id}

Also, your Caddyfile looks incomplete, you’re missing a site label. Please don’t omit parts of your config, it only makes it harder for us to help.

Ah. That worked. May I ask how you determined that was the placeholder? Is there a way I could have determined that myself for future placeholders? I saw many are included in the docs but some aren’t. Thanks.

Yea. You’re right. Noted for the future.

I went digging through the code to find it - unfortunately I’m not spotting it in the docs right now. I’ll make sure it’s added. Sorry for the inconvenience!

I think your re-ordering of directives might not be necessary here - try without it as well to see if it does what you need!

I’m glad to see more people using the CEL expression matcher. The more use it gets, the quicker we can improve it and make it non-experimental!

1 Like

Its pretty powerful. As feedback, i’d really like to see more examples in the docs. I found it very difficult to formulate what I really want to do. I can create a new topic for that but for hte docs it would be very helpful to have a pretty good size list of examples to grow from.

Noted, we could definitely add more examples. If you want to help improve the docs, feel free to make PRs to GitHub - caddyserver/website: The Caddy website!

The tricky part about documenting CEL expressions is we don’t necessarily want to maintain documentation for how the spec works because it’s an external lib. We need to make sure to limit ourselves to just the parts that are relevant to Caddy. The CEL spec is available here:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.