reverseproxy: Configurable forward proxy URL (#6114)

Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
caddyserver · Mar 18, 2024 · a9768d2 · a9768d2
1 parent 52822a4
commit a9768d2
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 1 deletion.
diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go
@@ -907,6 +907,7 @@ func (h *Handler) FinalizeUnmarshalCaddyfile(helper httpcaddyfile.Helper) error
 //	    read_buffer             <size>
 //	    write_buffer            <size>
 //	    max_response_header     <size>
+//	    forward_proxy_url       <url>
 //	    dial_timeout            <duration>
 //	    dial_fallback_delay     <duration>
 //	    response_header_timeout <duration>
@@ -994,6 +995,12 @@ func (h *HTTPTransport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 				return d.Errf("invalid proxy protocol version '%s'", proxyProtocol)
 			}
 
+		case "forward_proxy_url":
+			if !d.NextArg() {
+				return d.ArgErr()
+			}
+			h.ForwardProxyURL = d.Val()
+
 		case "dial_timeout":
 			if !d.NextArg() {
 				return d.ArgErr()

diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go
@@ -23,6 +23,7 @@ import (
 	weakrand "math/rand"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"reflect"
 	"strings"
@@ -71,6 +72,22 @@ type HTTPTransport struct {
 	// connecting to an upstream. Default: off.
 	ProxyProtocol string `json:"proxy_protocol,omitempty"`
 
+	// URL to the server that the HTTP transport will use to proxy
+	// requests to the upstream. See http.Transport.Proxy for
+	// information regarding supported protocols. This value takes
+	// precedence over `HTTP_PROXY`, etc.
+	//
+	// Providing a value to this parameter results in
+	// requests flowing through the reverse_proxy in the following
+	// way:
+	//
+	// User Agent ->
+	//  reverse_proxy ->
+	//  forward_proxy_url -> upstream
+	//
+	// Default: http.ProxyFromEnvironment
+	ForwardProxyURL string `json:"forward_proxy_url,omitempty"`
+
 	// How long to wait before timing out trying to connect to
 	// an upstream. Default: `3s`.
 	DialTimeout caddy.Duration `json:"dial_timeout,omitempty"`
@@ -265,8 +282,21 @@ func (h *HTTPTransport) NewTransport(caddyCtx caddy.Context) (*http.Transport, e
 		return conn, nil
 	}
 
+	// negotiate any HTTP/SOCKS proxy for the HTTP transport
+	var proxy func(*http.Request) (*url.URL, error)
+	if h.ForwardProxyURL != "" {
+		pUrl, err := url.Parse(h.ForwardProxyURL)
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse transport proxy url: %v", err)
+		}
+		caddyCtx.Logger().Info("setting transport proxy url", zap.String("url", h.ForwardProxyURL))
+		proxy = http.ProxyURL(pUrl)
+	} else {
+		proxy = http.ProxyFromEnvironment
+	}
+
 	rt := &http.Transport{
-		Proxy:                  http.ProxyFromEnvironment,
+		Proxy:                  proxy,
 		DialContext:            dialContext,
 		MaxConnsPerHost:        h.MaxConnsPerHost,
 		ResponseHeaderTimeout:  time.Duration(h.ResponseHeaderTimeout),