[GH-ISSUE #3122] 使用proxy protocol caddy vaultwarden无法访问 #2502

New issue

Closed

opened 2026-05-05 13:36:42 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented 2026-05-05 13:36:42 -06:00

Owner

Copy link

Originally created by @swhoro on GitHub (Oct 9, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/3122

Bug Description

frpc运行于openwrt上，caddy运行于群晖的docker中，vaultwarden也位于群晖的docker中
如果去掉proxy_protocol_version=v1可以正常访问
设置为v2也不可以正常访问

frpc Version

0.44.0

frps Version

0.44.0

System Architecture

linux/amd64

Configurations

frpc.ini:

[common]
server_addr=
server_port=
token=
log_level=info
log_max_days=3
protocol=kcp
log_file=/var/etc/frp/frpc.log
tcp_mux=true
tls_enable=false
login_fail_exit=false

[vw]
type=tcp
remote_port=9000
local_ip=192.168.1.4
local_port=4433
proxy_protocol_version=v1
use_encryption=true
use_compression=true

caddyfile:

vw.carriage.fun:443 {
  encode gzip
  tls /etc/caddy/ssl/7483023_***.pem /etc/caddy/ssl/7483023_***.key
  header / {
       # Enable HTTP Strict Transport Security (HSTS)
       Strict-Transport-Security "max-age=31536000;"
       # Enable cross-site filter (XSS) and tell browser to block detected attacks
       X-XSS-Protection "1; mode=block"
       # Disallow the site to be rendered within a frame (clickjacking protection)
       X-Frame-Options "DENY"
       # Prevent search engines from indexing (optional)
       X-Robots-Tag "none"
       # Server name removing
       -Server
   }

  # Notifications redirected to the websockets server
  reverse_proxy /notifications/hub 192.168.1.4:3012

  # Proxy the Root directory to Rocket
  reverse_proxy 192.168.1.4:8082 {
       # Send the true remote IP to Rocket, so that bitwarden_rs can put this in the
       # log, so that fail2ban can ban the correct IP.
       header_up X-Real-IP {remote_host}
  }
}

Logs

No response

Steps to reproduce

...

Affected area

• Docs
• Installation
• Performance and Scalability
• Security
• User Experience
• Test and Release
• Developer Infrastructure
• Client Plugin
• Server Plugin
• Extensions
• Others

Originally created by @swhoro on GitHub (Oct 9, 2022). Original GitHub issue: https://github.com/fatedier/frp/issues/3122 ### Bug Description frpc运行于openwrt上，caddy运行于群晖的docker中，vaultwarden也位于群晖的docker中 如果去掉proxy_protocol_version=v1可以正常访问 设置为v2也不可以正常访问 ### frpc Version 0.44.0 ### frps Version 0.44.0 ### System Architecture linux/amd64 ### Configurations frpc.ini: ``` [common] server_addr= server_port= token= log_level=info log_max_days=3 protocol=kcp log_file=/var/etc/frp/frpc.log tcp_mux=true tls_enable=false login_fail_exit=false [vw] type=tcp remote_port=9000 local_ip=192.168.1.4 local_port=4433 proxy_protocol_version=v1 use_encryption=true use_compression=true ``` caddyfile: ``` vw.carriage.fun:443 { encode gzip tls /etc/caddy/ssl/7483023_***.pem /etc/caddy/ssl/7483023_***.key header / { # Enable HTTP Strict Transport Security (HSTS) Strict-Transport-Security "max-age=31536000;" # Enable cross-site filter (XSS) and tell browser to block detected attacks X-XSS-Protection "1; mode=block" # Disallow the site to be rendered within a frame (clickjacking protection) X-Frame-Options "DENY" # Prevent search engines from indexing (optional) X-Robots-Tag "none" # Server name removing -Server } # Notifications redirected to the websockets server reverse_proxy /notifications/hub 192.168.1.4:3012 # Proxy the Root directory to Rocket reverse_proxy 192.168.1.4:8082 { # Send the true remote IP to Rocket, so that bitwarden_rs can put this in the # log, so that fail2ban can ban the correct IP. header_up X-Real-IP {remote_host} } } ``` ### Logs _No response_ ### Steps to reproduce 1. 2. 3. ... ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others

gitea-mirror 2026-05-05 13:36:42 -06:00

• closed this issue
• added the
  lifecycle/stale
  label

gitea-mirror commented 2026-05-05 13:36:45 -06:00

Author

Owner

Copy link

@Becods commented on GitHub (Oct 11, 2022):

https://pkg.go.dev/github.com/francislavoie/caddy2-proxyprotocol

proxy_protocol {
    timeout <duration>
    allow <IPs...>
}

or

Using nginx, nginx natively supports proxy_protocol.

<!-- gh-comment-id:1274053380 --> @Becods commented on GitHub (Oct 11, 2022): https://pkg.go.dev/github.com/francislavoie/caddy2-proxyprotocol ``` proxy_protocol { timeout <duration> allow <IPs...> } ``` or Using nginx, nginx natively supports proxy_protocol.

gitea-mirror commented 2026-05-05 13:36:46 -06:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Nov 11, 2022):

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

<!-- gh-comment-id:1311080387 --> @github-actions[bot] commented on GitHub (Nov 11, 2022): Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

gitea-mirror referenced this issue 2026-05-05 14:44:53 -06:00

[PR #2502] [CLOSED] Fix Chrome 92 ERROR_CONNECTION_RESET #4585

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

new

master

copilot/review-pull-request-5198

v0.68.1

v0.68.0

v0.67.0

v0.66.0

v0.65.0

v0.64.0

v0.63.0

v0.62.1

v0.62.0

v0.61.2

v0.61.1

v0.61.0

v0.60.0

v0.59.0

v0.58.1

v0.58.0

v0.57.0

v0.56.0

v0.55.1

v0.55.0

v0.54.0

v0.53.2

v0.53.1

v0.53.0

v0.52.3

v0.52.2

v0.52.1

v0.52.0

v0.51.3

v0.51.2

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.1

v0.46.0

v0.45.0

v0.44.0

v0.43.0

v0.42.0

v0.41.0

v0.40.0

v0.39.1

v0.39.0

v0.38.0

v0.37.1

v0.37.0

v0.36.2

v0.36.1

v0.36.0

v0.35.1

v0.35.0

v0.34.3

v0.34.2

v0.34.1

v0.34.0

v0.33.0

v0.32.1

v0.32.0

v0.31.2

v0.31.1

v0.31.0

v0.30.0

v0.29.1

v0.29.0

v0.28.2

v0.28.1

v0.28.0

v0.27.1

v0.27.0

v0.26.0

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.3

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.0

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.1

v0.8.0

v0.7.0

v0.6.0

v0.5.0

v0.3.0

v0.2.0

v0.1.0

Labels

Clear labels   

In Progress

  

WIP

  

WaitingForInfo

  

bug

  

doc

  

duplicate

  

easy

  

enhancement

  

future

  

help wanted

  

invalid

  

lifecycle/stale

  

need-issue-template

  

need-usage-help

  

no plan

  

proposal

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

todo

No labels

In Progress

WIP

WaitingForInfo

bug

doc

duplicate

easy

enhancement

future

help wanted

invalid

lifecycle/stale

need-issue-template

need-usage-help

no plan

proposal

pull-request

question

todo

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2502

No description provided.