search

caddyserver / caddy

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
https://caddyserver.com
Apache License 2.0
55.45k stars 3.91k forks source link

Feature Request: Support for SSH Protocol Forwarding #6400

Closed sudolxwh closed 2 weeks ago

sudolxwh commented 2 weeks ago

Description:

Caddy is an excellent web server that provides automatic HTTPS, simple configuration, and a powerful feature set for managing HTTP/HTTPS traffic. However, I have encountered a scenario where I need to forward SSH traffic alongside HTTP/HTTPS. Currently, Caddy does not support forwarding SSH protocol, which necessitates the use of additional tools such as Nginx or HAProxy.

Request:

I would like to request the addition of SSH protocol forwarding support in Caddy. This feature would allow Caddy to handle SSH traffic similarly to how it manages HTTP/HTTPS traffic, providing a unified and simplified configuration for both web and SSH services.

Use Case:

Unified Configuration: Managing both web and SSH traffic through a single Caddy configuration file would simplify server management and deployment. Enhanced Security: With Caddy's automatic HTTPS features, a similar approach for SSH could potentially offer automated and streamlined security enhancements for SSH traffic. Streamlined DevOps Workflow: By supporting SSH protocol forwarding, Caddy can further enhance the DevOps workflow, reducing the need for additional reverse proxy tools. Proposed Implementation:

Stream Module: Introduce a stream module to handle TCP traffic, similar to how Nginx's stream module works. Configuration Example: caddyfile example.com { reverse_proxy { to ssh://localhost:22 } } Automatic Certificate Management: Optionally, provide automated certificate management for SSH traffic if feasible, leveraging existing Caddy infrastructure. Conclusion:

Integrating SSH protocol forwarding into Caddy would greatly enhance its capabilities, making it an even more powerful and versatile tool for developers and system administrators. I believe this feature would be a valuable addition to the Caddy community.

Thank you for considering this request.

francislavoie commented 2 weeks ago

I think you're looking for https://github.com/mholt/caddy-l4 or possibly https://github.com/kadeessh/kadeessh. SSH is out of scope of Caddy; Caddy's standard distribution only has an HTTP server.

We do have a plan to port caddy-l4 to this repo so it would be included by default, but that's still a long-term plan.