Comments (8)
Post your full caddy config.
from server.
This is literally it, the rest is created at runtime by caddy-docker-proxy and labels, producing
gotify.my.domain {
reverse_proxy 172.25.0.11:80
}
or if I want Auth
service.my.domain {
import auth
reverse_proxy <container_ip>:<port>
}
(tls) {
import auth
tls {
dns cloudflare <token>
resolvers 1.1.1.1
}
}
(authentik) {
# always forward outpost path to actual outpost
reverse_proxy /outpost.goauthentik.io/* http://authentik_server:9000 {
#header_up Host {http.reverse_proxy.upstream.hostport}
}
# forward authentication to outpost
forward_auth http://authentik_server:9000 {
uri /outpost.goauthentik.io/auth/caddy
# capitalization of the headers is important, otherwise they will be empty
copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version authorization
# optional, in this config trust all private ranges, should probably be set to the outposts IP
trusted_proxies private_ranges
}
}
(auth) {
@internal_network {
not remote_ip 192.168.0.0/24 172.25.0.0/24
}
handle @internal_network {
import authentik
}
}
my.domain {
import auth
reverse_proxy homepage:3000
}
Gotify is the only service I seem to have issues with. I did previously use Traefik and didn't have a problem, but i'm testing Caddy out as I may move everything over to it.
from server.
copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version authorization
Gotify uses the authorization
header to transmit credentials for login. This setting overrides the authorization header with the header given by the forward auth server.
from server.
Gotify is not including the (auth) snipper so that header should not be used.
from server.
The (tls) isn't referenced in the config you listed, but it's likely used and it imports (auth). The simple examples listed in https://gotify.net/docs/caddy work fine. So must be related to your config.
from server.
I'm not sure how it would be used for Gotify though. For other services, I use
- caddy.import=tls
in my docker compose file, but not for gotify. Would having it for another service somehow affect Gotify?
from server.
I don't know the proxy you use. This config works fine.
$ docker network create caddy
version: "3.7"
services:
caddy:
image: lucaslorentz/caddy-docker-proxy:ci-alpine
ports:
- 8000:80
- 8443:443
networks:
- caddy
environment:
- CADDY_INGRESS_NETWORKS=caddy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- caddy_data:/data
restart: unless-stopped
gotify:
image: gotify/server:2.4.0
networks:
- caddy
labels:
caddy: http://localhost
caddy.reverse_proxy: "{{upstreams}}"
networks:
caddy:
external: true
volumes:
caddy_data: {}
logs
gotify-1 | 2024-04-08T11:09:02Z | 200 | 89.739509ms | 172.24.0.1 | POST "/client"
gotify-1 | 2024-04-08T11:09:02Z | 200 | 4.384848ms | 172.24.0.1 | GET "/current/user"
gotify-1 | 2024-04-08T11:09:02Z | 200 | 246.072µs | 172.24.0.1 | GET "/stream?token=[masked]"
gotify-1 | 2024-04-08T11:09:02Z | 200 | 366.304µs | 172.24.0.1 | GET "/application"
gotify-1 | 2024-04-08T11:09:02Z | 200 | 521.115µs | 172.24.0.1 | GET "/message?since=0"
from server.
from server.
Related Issues (20)
- [Enhancement]: Logging to show login attempts HOT 1
- Creating user specific applications and clients through the api HOT 3
- [UI] Show loading indicator when loading messages instead of "No messages" HOT 3
- DOCS: update swagger doc title to Gotify REST-API HOT 1
- @UNKNOWN In Header Instead of @BUILD HOT 10
- option to include back path prefix HOT 1
- Error fetching registration token HOT 2
- Database has no foreign key HOT 2
- Let other applications see other application channels HOT 1
- Doesn't work with Synology HOT 2
- Fails to run on Raspberry Pi 5 HOT 1
- gotify-windows-amd64 error report HOT 1
- Add an option to display the receive time of messages with absolute time or relative time HOT 1
- Gotify dies after a few hours of working fine HOT 3
- Win11 batch file fails "curl" notification HOT 3
- Mixed IP addresses in the log behind nginx-proxy HOT 5
- Same apps for every user HOT 2
- Do not allow deleting current client from GUI HOT 1
- Possiblilty to share particular event HOT 11
- GUI displays "Some Server" and "A Rasberry PI" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from server.