Not working in reverse_proxy scope

[rawtaz]

Thanks a ton for this module! I wish Caddy had this in its core, it's frankly silly that we cannot by default specify DNS hostnames for trusted_proxies, in particular since we all know that DNS is never at fault :-)

If I put the following at the top of my Caddyfile, it works just fine:

{
        servers {
                trusted_proxies dns proxyhostname
        }
}

But if I put it inside the reverse_proxy directive I have for my site, I get an error:

        php_fastcgi upstream:9000 {
                ...
                trusted_proxies dns proxyhostname
        }

Error: loading initial config: loading new config: loading http app module: provision http: server srv0: setting up route handlers: route 6: loading handler modules: position 0: loading module 'reverse_proxy': provision http.handlers.reverse_proxy: invalid IP address: 'dns': ParseAddr("dns"): unable to parse IP

Is this expected? Can it be fixed?

[fvbommel]

There are at least two types of trusted_proxies directives in Caddy, and they are handled differently.

A trusted_proxies directive directly in a server block (and so also in a servers global config) is allows plugging in IP source modules like this one.

A trusted_proxies directive in a reverse_proxy block currently does not support plugins like this one, unfortunately.

php_fastcgi is just a shortcut for reverse_proxy with some useful defaults, so it presumably does not support this either.

I think this can be fixed, but it would need to be fixed in Caddy itself. I did not find an issue for this on a quick check of their issues list, but please check more thoroughly yourself before creating an issue there.