Messages

I think i got this going after adding a custom config: https://docs.opnsense.org/manual/how-tos/caddy.html#custom-configuration-files

Gonna leave this here for others who might get stuck as well.

Code Select Expand

(cors) {
  @cors_preflight method OPTIONS
  @cors header Origin {args.0}

  handle @cors_preflight {
    header Access-Control-Allow-Origin "{args.0}"
    header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
    header Access-Control-Allow-Headers "Content-Type, x-api-key"
    header Access-Control-Max-Age "3600"
    respond "" 204
  }

  handle @cors {
    header Access-Control-Allow-Origin "{args.0}"
    header Access-Control-Expose-Headers "Link"
  }
}

[immich domain] {
  handle /api* {
    import cors [domain making the CORS call (homeassistant wallpanel)]
    reverse_proxy [ip:port of immich]
  }

  handle {

    reverse_proxy [ip:port of immich]
  }
}



Im having a heck of a time getting opnsense caddy plugin working with immich. The logs are stating that CORS is failing. Immich states that all i should need to do is set the reverse_proxy (https://immich.app/docs/administration/reverse-proxy#caddy-example-config) which i have done but it fails on CORS requests. I was able to add 4 or 5 additional headers (more here: https://forum.opnsense.org/index.php?topic=46177.msg239034#msg239034) but its stating that the preflight response was a non 2xx response. Any help would be greatly appreciated.

[It does not have HTTP ok status.]

@gtmax500 did you get this figured out? Im running into the exact same issue having moved from swag to caddy. I have following headers being added to the immich response:

access-control-allow-headers
'X-Api-Key, User-Agent, Content-Type' always
access-control-allow-methods
'GET, PUT, POST, DELETE, OPTIONS' always
access-control-allow-origin
*
access-control-max-age
1728000
content-length
121
content-type
text/plain; charset=utf-8

but still getting an error: has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status. . Is there a way to respond with a 2xx response for the ORIGIN requests?

Any updates on this? I just noticed that my unbound response times are like 156ms and i have this same setup. I honestly dont know if its an issue, but ive been experiencing odd results with my devices (typically wifi so i doubt its this) connecting to an AP and then no longer getting internet until i toggle wifi on/off/on. That seems more like AP issues than DNS but for every issue i've debugged, im always shocked at how many times it ends up being DNS.

Did you ever get this figured out? Im currently trying to debug through my new install of frontier. I have an ONT > frontier provided router > Opnsense dual nic box i built. I know opnsense works just fine cuz it had been working for 4 years before i went with fiber. What i want to do is: ONT > Opnsense and get rid of the frontier provided router. I've seen people talking about vlan 0 and all sorts of stuff, but when i plug the ONT directly into my Opnsense box, nothing works. No ip, no internet, nothing. Contacting cust support was worthless, but i might try and reach out to them via twitter as i've heard you have to get through their first line of phone people before you get decent techs. Any help would be greatly appreciated.