This Caddy module provides a handler that proxies traffic from your Caddy server to your origin. Using the sibling clientproxy package, your origin initiates and maintains a connection to your Caddy server. Caddy uses this connection to proxy requests to your origin. This way your origin does not need to accept any connections, and need only support outbound connections.

1. Make sure you're using https as appropriate.
2. Use a sufficiently large shared secret.
3. Order the handlers correctly. This is a terminal handler, in that it does not continue the chain if the reverse proxy is available.
4. Use clientproxy to make your origin(s) available via your caddy.

1. A single TCP connection is used to connect to the origin.
2. Only one active origin is supported.
3. Connection upgrades like WebSockets are not supported.

You'll need to order this handler, or use route:

{
	order client_proxy before respond
}

example.com {
	client_proxy 46f20973162c43d09bf7ca2311a9c3ca
}

On the machine which hosts your origin, you'll need to run clientproxy. This process will maintain a connection to your Caddy instance, and accept and proxy requests to your origin. You'll need a configuration file:

[[proxy]]
register = "https://example.com/46f20973162c43d09bf7ca2311a9c3ca"
forward = "http://localhost:8080"

Run the clientproxy daemon:

clientproxy config.toml

Now a request to https://example.com should get proxied to your origin.

In Caddy, when the module recieves a valid client request that intends to become the origin, it Hijacks the connection, and uses yamux to make the client the server. This serves as the reverse proxy target.

In terminal 1, start the caddy server with the sample Caddyfile:

xcaddy run -c Caddyfile

In terminal 2, start the example server. This is actually the process that handles the HTTP requests, but it does not listen on any ports.

cd clientproxy
go run ./cmd/example-server

In terminal 3, make a request using curl to your caddy server:

curl -k https://localhost:4430/