fyx(me)

Web Proxies

Caddy

Common infinite redirect issues

cloudflare not in Full TLS mode (strict)

The “classic” issue with Cloudflare proxy is when the client connects to Cloudflare over TLS but Cloudflare connects to Caddy over HTTP (Flexible mode), causing Caddy redirecting Cloudflare to HTTPS, but the end client is already on HTTPS, so they try again… and receive a redirect to what looks like the same place, ad nauseum.

cloudflare dns token is not whitelisted from ipv4 or ipv6

$ journalctl -xeu caddy.service

...

Code:9109 Message:Cannot use the access token from location: <ip>

hostname not being passed down

sub.example.com {
    reverse_proxy http://localhost:10002 {
        header_up Host {http.reverse_proxy.upstream.host}
    }
}

dont forget to reload the service after fixing issues

sudo systemctl reload caddy

Web Dev Cheatsheet