docs icon indicating copy to clipboard operation
docs copied to clipboard

Published 20 hours ago verified publisher icon syncthing

Add Discovery Server reverse proxy guide for Caddy

Open Corey-Keller opened this issue 3 years ago • 3 comments

The reverse proxy section of Syncthing Discovery Server has no guide on setting it up with Caddy (v2). I can't for the life of me figure out how to make it work.

Corey-Keller avatar Apr 06 '21 20:04 Corey-Keller

Hi Corey,

as you might have seen in the caddy issue https://github.com/caddyserver/caddy/issues/3767, reverse proxying with caddy is, at the time I'm writing this, NOT possible due to a missing feature for passing a client certificate via a header (see linked issue).

And as mentioned in the linked issue aswell, I solved the issue myself by adding the missing feature (see commit https://github.com/mc0239/caddy/commit/df63c2d78fc3c2d6daf5ccf8c42a4dc4cc1f4572) and building the caddy binary myself.

With my own caddy binary, my Caddyfile configuration looks as follows:

mydiscosrv.example.com {
	reverse_proxy 127.0.0.1:8443 {
		header_up X-Forwarded-For {http.request.remote.host}
		header_up X-Client-Port {http.request.remote.port}
		header_up X-SSL-Cert {http.request.tls.client.certificate_pem_escaped} # this is not (yet) supported in caddy v2!
	}

	tls {
		client_auth {
			mode request
		}
	}
}

mcebular avatar Apr 07 '21 08:04 mcebular

It's fixed now. caddyserver/caddy#4241

aoxiangtianji avatar Jul 30 '22 03:07 aoxiangtianji

I have added a PR for the docs here: https://github.com/syncthing/docs/pull/812

MrOggy85 avatar Aug 01 '23 13:08 MrOggy85