OPNsense 26.1.3 / os-caddy 2.1.0: be aware of important upstream change

[hansen-pansen]

Dear OPNsense users,

this post is only to make you aware of an important Caddy upstream change that is carried with os-caddy 2.1.0 in OPNsense 26.1.3:

The "Host" header of the upstream connection is now set to the address of the upstream host ("{upstream_hostport}"). Before Caddy 2.11.0 it was set to "{host}".

This might bite you in case you are running the upstream servers in a DMZ, depending on your setup. This can be easily fixed by adding a new "Header" object that carries the value of {host}, and in the "Handlers" sections at this header to the reverse_proxy handler.

Upstream commit that introduced this change: https://github.com/caddyserver/caddy/pull/7454.

[Monviech (Cedrik)]

https://forum.opnsense.org/index.php?topic=51150

[hansen-pansen]

Thank you! I swear I did a forum search for "Caddy" before posting. sigh