Wondering if there is a plugin to allow for Traefik to support the CONNECT method to itself.
My use case is that i'd like to use Traefik as a forward proxy to a https entry in itself. This is to simulate an application gateway/reverse proxy running on another port (443 can't be used). To accomplish this I would setup a PAC file for a domain that would point to a localhost running on port 2001/2002 (traefik can't open 443 because the developers do not have admin access to open that port).
I've created a config and a PAC file but it seems that once the browser uses the CONNECT method on the traefik instance it fails. This works for non tunnelling requests.
I imagine that there would need to be an entrypoint at port 2001 that could accept CONNECT verb and then proxy the connection to the tls entrypoint running on 2002
function FindProxyForURL (url, host) {
if (shExpMatch(host, "*.test") ) {
return 'PROXY localhost:2001';
}
return 'DIRECT';
}
./traefik \
--log.level=DEBUG \
--global.sendAnonymousUsage=false \
--api.dashboard=true \
--api.insecure=true \
--entrypoints.http.address=:2001 \
--entrypoints.https.address=:2002 \
--providers.file.directory=./ \
--providers.file.watch=true
tls:
stores:
default:
defaultCertificate:
certFile: ./certs/localhost.crt
keyFile: ./certs/localhost.key
http:
middlewares:
autodetect:
contentType:
autoDetect: true
stripprefix-app:
stripPrefix:
prefixes:
- "/app1/"
forceSlash: false
routers:
dashboard:
rule: (PathPrefix(`/api`) || PathPrefix(`/dashboard`))
service: api@internal
entryPoints:
- "http"
- "https"
shell:
rule: ((Host(`devsetup.test`) || Host(`localhost`)) && PathPrefix(`/app1/`))
service: app1
middlewares:
- stripprefix-app
entryPoints:
- "https"
- "http"
services:
app1:
loadBalancer:
servers:
- url: "http://localhost:3000"