On Fri, Apr 20, 2018 at 02:55:04PM -0700, Aaron Miller wrote: > Hi all, > > I was able to setup relayd(8) with URL-based redirection to either a > local application server or to httpd(8), both listening on lo0; relayd > also terminates TLS. However, the man pages were not very helpful and I > ended up resorting to stackoverflow and trial and error. > > I recommend an example like this be added to relayd.conf(5) man page: > > table <localhost> { 127.0.0.1 } > table <localhostapi> { 127.0.0.1 } > > http protocol "https" { > match header set "X-Forwarded-For" \ > value "$REMOTE_ADDR" > match header set "X-Forwarded-By" \ > value "$SERVER_ADDR:$SERVER_PORT" > match header set "Keep-Alive" value "$TIMEOUT" > > pass request quick path "/api/*" forward to <localhostapi> > pass request quick forward to <localhost> > block > } > > relay "main" { > protocol "https" > listen on 0.0.0.0 port 443 tls > forward to <localhostapi> port 3000 > forward to <localhost> port 4443 > } > > I think that would be helpful for others who want to do what I did... > any thoughts? > > --Aaron >
Hi, I think this example is a common use-case and probably helpful. I don't mean to hijack the thread, but have you been able to forward the HTTP request and modifying the path? I've researched the code, but I don't think it's possible at the moment. Locally I have a patch which changes the matching logic to the httpd Lua pattern matching. This has some side-effects and complicates the code though, so is probably not suitable for upstream. One of the reasons I don't use relayd (yet) is because I'd like to reverse proxy HTTP traffic but strip the path, for example: somedomain.org/someservice to 127.0.0.1:8080/ (stripping "someservice"). Do you perhaps have a solution or idea to do this? -- Kind regards, Hiltjo