On Fri, Apr 20, 2018 at 02:55:04PM -0700, Aaron Miller wrote:
> Hi all,
>
> I was able to setup relayd(8) with URL-based redirection to either a
> local application server or to httpd(8), both listening on lo0; relayd
> also terminates TLS. However, the man pages were not very helpful and I
> ended up resorting to stackoverflow and trial and error.
>
> I recommend an example like this be added to relayd.conf(5) man page:
>
> table { 127.0.0.1 }
> table { 127.0.0.1 }
>
> http protocol "https" {
> match header set "X-Forwarded-For" \
> value "$REMOTE_ADDR"
> match header set "X-Forwarded-By" \
> value "$SERVER_ADDR:$SERVER_PORT"
> match header set "Keep-Alive" value "$TIMEOUT"
>
> pass request quick path "/api/*" forward to
> pass request quick forward to
> block
> }
>
> relay "main" {
> protocol "https"
> listen on 0.0.0.0 port 443 tls
> forward to port 3000
> forward to port 4443
> }
>
> I think that would be helpful for others who want to do what I did...
> any thoughts?
>
> --Aaron
>
Hi,
I think this example is a common use-case and probably helpful.
I don't mean to hijack the thread, but have you been able to forward the
HTTP request and modifying the path? I've researched the code, but I don't
think it's possible at the moment.
Locally I have a patch which changes the matching logic to the httpd Lua
pattern matching. This has some side-effects and complicates the code though,
so is probably not suitable for upstream.
One of the reasons I don't use relayd (yet) is because I'd like to reverse
proxy HTTP traffic but strip the path, for example:
somedomain.org/someservice to 127.0.0.1:8080/ (stripping "someservice").
Do you perhaps have a solution or idea to do this?
--
Kind regards,
Hiltjo