reverse_proxy nesting - Githubissues

lucaslorentz / caddy-docker-proxy

Caddy as a reverse proxy for Docker

MIT License

3.07k stars 174 forks source link

reverse_proxy nesting #589

Closed twinsuns closed 9 months ago

twinsuns commented 9 months ago

What is the correct way to nest under the reverse_proxy directive? I am trying to achieve this:

sub.domain.net {
    reverse_proxy 172.17.0.3:8265 {
       header_up Host {host}
       header_up X-Real-IP {remote}
       header_up X-Forwarded-For {remote}
   }
}

From my understanding of the wiki instructions my labels should be:

caddy: sub.domain.net
caddy.reverse_proxy: "{{upstreams 8265}}"
caddy.reverse_proxy.1_header_up: "Host {host}"
caddy.reverse_proxy.2_header_up: "X-Real-IP {remote}"
caddy.reverse_proxy.3_header_up: "X-Forwarded-For {remote}"

And yet my generated Caddyfile ends up being this (missing the IP and port):

sub.domain.net {
   reverse_proxy {
      header_up Host {host}
      header_up X-Real-IP {remote}
      header_up X-Forwarded-For {remote}
    }
}

Am I missing something here?

francislavoie commented 9 months ago

You don't need those header_up lines, they're useless. Caddy already sets those headers appropriately. https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#defaults

The upstreams list is probably empty because your container isn't actually seen as being up. Tear down your whole stack with docker compose down then docker system prune then bring it back up. Should give you a clean slate.

twinsuns commented 9 months ago

Okay right okay thanks. I thought that the issue was with the nesting as the three containers with this issues just happened to have the nesting, however I've just realised that one of them is in bridge mode and two are in host mode, therefore not in my caddy network.

Is there a smart way to handle this or do I have to manually specify the IP addresses?

francislavoie commented 9 months ago

If you use host mode then you'd need to proxy to the host IP (you can use host.docker.internal, Google it) but reconsider if you actually need host mode, it makes it a lot harder to use in a setup like this.

twinsuns commented 9 months ago

Removed the header_up lines and added the IP and port in manually and now they all work great. Many thanks!

smultar commented 7 months ago

Removed the header_up lines and added the IP and port in manually and now they all work great. Many thanks!

Can you provide an example?

twinsuns commented 7 months ago

Removed the header_up lines and added the IP and port in manually and now they all work great. Many thanks!

Can you provide an example?

I just changed from this:

caddy: sub.domain.net
caddy.reverse_proxy: "{{upstreams 8265}}"
caddy.reverse_proxy.1_header_up: "Host {host}"
caddy.reverse_proxy.2_header_up: "X-Real-IP {remote}"
caddy.reverse_proxy.3_header_up: "X-Forwarded-For {remote}"

to this:

caddy: sub.domain.net
caddy.reverse_proxy: http://192.168.0.10:8265

Note the app running on port 8265 is running in host mode. The following gets added to the Caddyfile:

sub.domain.net {
        reverse_proxy http://192.168.0.10:8265
}