I’m running a syncthing discovery server container and a caddy container as reverse proxy via podman rootless. But the discovery server still reports no certificates.
This is my Caddyfile:
{
debug
}
sync.example.com:10443 {
tls {
dns cloudflare ***
client_auth {
mode request
}
}
reverse_proxy /* syncthing-discovery:8443 {
header_up X-Forwarded-For {http.request.remote.host}
header_up X-Client-Port {http.request.remote.port}
header_up X-SSL-Cert {http.request.tls.client.certificate_der_base64}
}
}
and the log of caddy:
{"level":"debug","ts":1659198997.878383,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"syncthing-discovery:8443","duration":0.004028418,"request":{"remote_ip":"10.89.1.15","remote_port":"55602","proto":"HTTP/1.1","method":"POST","host":"sync.example.com:10443","uri":"/","headers":{"X-Forwarded-Proto":["https"],"X-Forwarded-Host":["sync.example.com:10443"],"Content-Type":["application/json"],"Accept-Encoding":["gzip"],"X-Forwarded-For":["10.89.1.15"],"X-Client-Port":["55602"],"X-Ssl-Cert":["MIICH********************37OvaXi2w=="],"User-Agent":["Go-http-client/1.1"],"Content-Length":["133"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"sync.example.com","client_common_name":"syncthing","client_serial":"6081856432655817123"}},"headers":{"Retry-After":["1500"],"X-Content-Type-Options":["nosniff"],"Date":["Sat, 30 Jul 2022 16:36:37 GMT"],"Content-Length":["10"],"Content-Type":["text/plain; charset=utf-8"]},"status":403}
Is there something wrong?