Comment on Assign privileged port to caddy running with rootless podman
Svinhufvud@sopuli.xyz 1 week ago
Rootless podman caddy doesn’t need those priviliged ports, if you have your server behind a firewall device. You can map your ports on the firewall/router 80:8080 and then on the caddy container 8080:80. This way there is no need for priviliged ports and the traffic seems to go on ports 80 (and 443 the same way).
SinTan1729@programming.dev 1 week ago
I mentioned in the post that it seems to make the client IP opaque to
caddy.WASTECH@lemmy.world 1 week ago
I’ve never used your exact setup, but I have had issues with a web server behind a WAF not getting the client IP (all user traffic was shown as the WAF IP). In my case, the WAF was appending the client IP in a header, and I just had to tell web app to use that header as the client IP instead of the actual IP. Again, not sure if this helps since I have never used podman or caddy (this setup was with Wordpress and an Azure Application Gateway) but the same principles might apply.