Closed tehniemer closed 6 years ago
At a glance
Is https://domain.com/auth-admin or https://domain.com/auth-user returning something other than 200 ok if the cookie is valid?
is it even valid to proxy to a url with query params?
proxy /auth-admin https://domain.com/auth.php?admin
proxy /auth-user https://domain.com/auth.php?user
I've never honestly tried.
Tell you the truth, I have no experience with web stuff at all, so I have no idea how to answer your questions. I followed these instructions https://github.com/causefx/Organizr/wiki/Caddy-Installation
Both https://domain.com/auth-admin and https://domain.com/auth-user return the 404 not found nginx page.
I think you might have to use upstream to https://domain.com/auth.php?admin and https://domain.com/auth.php?user
I don't think you can proxy to a query url, which is probably why you're getting 404 and definitely why you're getting recursive site load
Hmmm, I'm trying to do the same thing as in issue #1, and I took what you and @goofballtech came up with pretty much verbatim, other than changing the domain.
i wonder if the without /organizr
is messing with the auth path?
all that does for a user is make your page show up as domain.com instead of domain.com/organizr in the url bar of the browser if i remember correctly. try to pull that and see if it changes anything.
it might be doing a funky loop thing trying to redirect without the proper path in there.
I have since moved over to CloudFlare for SSL proxy and just have nginx running on a rasPi with F2B for all my local reverse proxies. When i made that wiki entry though that caddyfile worked as it is.
without /organizr
removes /organizr
from proxys that don't use a base url, so if I excluded it it would proxy to 172.10.0.12:80/organizr
which Organizr doesn't recognize. The url still shows as domain.com/organizr
Did you do anything additional to set up cookies? I have no web experience, so I don't know if I'm missing something there.
i was setting up in windows and did exactly what was in the procedure. No one else knew anything about caddy so i figured it was worth recording.
A bit later i ended up moving to CF for SSL and then my home IP wasnt as obvious so i went with that.
I think most of the organizr folks (people in the discord channel) are running nginx\LE docker so help with caddy users is really slim pickings.
It only made sense for me to use caddy because SSL on windows is a pain since there is no native LE functionality.
Sorry i can be of more assistance. I did all this when learning as well and only had it running for about 3 months before moving to nginx on a rasPi and just pointing it to org on the windows box.
On Tue, Apr 24, 2018, 7:00 AM tehniemer notifications@github.com wrote:
without /organizr removes /organizr from proxys that don't use a base url, so if I excluded it it would proxy to 172.10.0.12:80/organizr which Organizr doesn't recognize. The url still shows as domain.com/organizr
Did you do anything additional to set up cookies? I have no web experience, so I don't know if I'm missing something there.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/freman/caddy-reauth/issues/10#issuecomment-383905088, or mute the thread https://github.com/notifications/unsubscribe-auth/AH1uBaD1DCXBfKaLAEVlmHB6_vPYNNfuks5trxP5gaJpZM4TWntE .
No worries, thanks for the info. I'll probably just switch over to Nginx since it seems to be more supported, it's a shame since everything else is working as expected.
Here's a snippet of my Caddy log when I try to access something behind reauth
172.10.0.1 - - [24/Apr/2018:22:36:47 +0000] "GET /organizr/auth-admin HTTP/2.0" 404 132
172.10.0.1 - - [24/Apr/2018:22:36:47 +0000] "GET /radarr HTTP/2.0" 302 78
172.10.0.1 - - [24/Apr/2018:22:36:48 +0000] "GET /organizr/ HTTP/2.0" 200 13787
172.10.0.1 - - [24/Apr/2018:22:37:03 +0000] "GET /organizr/homepage.php HTTP/2.0" 200 14040
172.10.0.1 - - [24/Apr/2018:22:37:03 +0000] "GET /organizr/ajax.php?a=nzbget-update&list=listgroups HTTP/2.0" 200 84
172.10.0.1 - - [24/Apr/2018:22:37:04 +0000] "GET /organizr/ajax.php?a=get-calendar HTTP/2.0" 200 707
172.10.0.1 - - [24/Apr/2018:22:37:04 +0000] "GET /organizr/ajax.php?a=nzbget-update&list=listgroups HTTP/2.0" 200 84
172.10.0.1 - - [24/Apr/2018:22:37:04 +0000] "GET /organizr/ajax.php?a=nzbget-update&list=history HTTP/2.0" 200 2995
I'd love to support you more but I've never seen organizr before and don't have access to any running instances to do any diagnostics.
172.10.0.1 - - [24/Apr/2018:22:36:47 +0000] "GET /organizr/auth-admin HTTP/2.0" 404 132
this is where you are falling over
I really don't think proxy /auth-admin https://domain.com/organizr/auth.php?admin
works, and if it does I'm surprised (I haven't actually had time to sit down and look at it, sorry)
If it's not too much fiddling I'll try installing organizr on a vm over the weekend and take a look (it's just going to be prioritised somewhere between installing a new router, and replacing a bolt in my car).
maybe try to do a relative path instead of the absolute path with all the http://domain portion and see what changes. I know it worked at one time but maybe being in docker causes whatever was allowing it to work for me to struggle. Lots of thing in one OS don't like others, this might be one of those things.
On Wed, Apr 25, 2018 at 6:50 PM, Shannon Wynter notifications@github.com wrote:
I'd love to support you more but I've never seen organizr before and don't have access to any running instances to do any diagnostics.
172.10.0.1 - - [24/Apr/2018:22:36:47 +0000] "GET /organizr/auth-admin HTTP/2.0" 404 132 this is where you are falling over
I really don't think proxy /auth-admin https://domain.com/organizr/ auth.php?admin works, and if it does I'm surprised (I haven't actually had time to sit down and look at it, sorry)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/freman/caddy-reauth/issues/10#issuecomment-384468631, or mute the thread https://github.com/notifications/unsubscribe-auth/AH1uBe28PiDYKSdT36g8rynkMV9wLfllks5tsQuxgaJpZM4TWntE .
Sorry for the ignorant question, but when you say relative path do you mean
172.10.0.12:80/auth.php?admin
or
/srv/foo/bar/auth.php?admin
or something else?
Look back at my first post and see how the syntax is there. i wasnt using IP or URL. Just a straigh path relative to local webroot.
On Thu, Apr 26, 2018, 6:14 AM tehniemer notifications@github.com wrote:
Relative path didn't work, this is the error I got
Activating privacy features... done., 2018/04/26 11:09:20 unable to parse url 172.10.0.12:80/auth-admin: parse 172.10.0.12:80/auth-admin: first path segment in URL cannot contain colon for upstream (/etc/Caddyfile:55), exit status 1,
Could it be something with Organizr not having a base URL and having to strip off the /organzr during proxying?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/freman/caddy-reauth/issues/10#issuecomment-384602963, or mute the thread https://github.com/notifications/unsubscribe-auth/AH1uBXfrTLGXheP6z3S8-HrVfQz7xOINks5tsawmgaJpZM4TWntE .
Well, using the relative path got rid of the 404 error, now I'm left with
access log
172.10.0.1 - - [26/Apr/2018:23:07:22 +0000] "GET /auth-admin HTTP/2.0" 502 40
172.10.0.1 - - [26/Apr/2018:23:07:22 +0000] "GET /radarr HTTP/2.0" 302 65
error log
26/Apr/2018:23:07:22 +0000 [ERROR 502 /auth-admin] http: no Host in request URL
This is how I changed my Caddyfile
proxy /auth-admin /organizr/www/Dashboard/auth.php?admin
proxy /auth-user /organizr/www/Dashboard/auth.php?user
reauth {
path /sonarr
path /radarr
path /lidarr
path /mylar
path /lazy
path /nzbget
path /hydra2
path /pihole
failure redirect target=https://google.com
upstream url=https://domain.com/auth-admin,cookies=true
}
reauth {
path /tautulli
failure redirect target=https://google.com
upstream url=https://domain.com/auth-user,cookies=true
}
I read your comment about 502 errors, but that seemed to be windows specific, any ideas what I need to do with this running in docker?
The whole thing was windows specific. Because at the time i didn't even know what a docker was....
My vote is to run NGINX/LE docker and hop on over to the Org discord channel if you have issues because those guys know all the little issues folks run into and are very helpful. just my 2 cents.
On Thu, Apr 26, 2018 at 7:29 PM, tehniemer notifications@github.com wrote:
Well, using the relative path got rid of the 404 error, now I'm left with
172.10.0.1 - - [26/Apr/2018:23:07:22 +0000] "GET /auth-admin HTTP/2.0" 502 40 172.10.0.1 - - [26/Apr/2018:23:07:22 +0000] "GET /radarr HTTP/2.0" 302 65
I read your comment about 502 errors, but that seemed to be windows specific, any ideas what I need to do with this running in docker?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/freman/caddy-reauth/issues/10#issuecomment-384828127, or mute the thread https://github.com/notifications/unsubscribe-auth/AH1uBd1MahU4j8GPMHPz0vavDD-Uxu69ks5tsmZ6gaJpZM4TWntE .
I figured it out with the help of @causefx. The proxys to auth.php were the issue, that path had to be set directly as the upstream url.
reauth {
path /sonarr
path /radarr
path /lidarr
path /mylar
path /lazy
path /nzbget
path /hydra2
path /pihole
failure redirect target=https://domain.com/organizr/
upstream url=https://domain.com/organizr/auth.php?admin,cookies=true
}
reauth {
path /tautulli
failure redirect target=https://domain.com/organizr/
upstream url=https://domain.com/organizr/auth.php?user,cookies=true
}
I'm sure that I just have something setup wrong, but can't figure out what that may be. I am using this to allow access to subdirectories through organizr but it seems to just be opening another instance of organizr instead of proxying to the correct subdirectory. If I disable the path for the subdirectory it loads as expected.
Everything is running in Docker.
This is what I'm experiencing![organizr](https://user-images.githubusercontent.com/11021632/38814196-8f5475ac-4156-11e8-8034-c12811b15bec.png)
here's my Caddyfile