Caddy: lookup_srv Documentation

ok I just found https://caddyserver.com/docs/json/apps/http/servers/routes/handle/reverse_proxy/ which specifies

upstreams/lookup_srv
If DNS SRV records are used for service discovery with this upstream, specify the DNS name for which to look up SRV records here, instead of specifying a dial address.

So then I completely misunderstood this option.

How do I tell Caddy the address of my consul cluster to query for SRV records without putting a split-brain recursive DNS as the default DNS server for the OS?

Maybe I don't understand the question, but isn't this all you need?

reverse_proxy srv+http://<ip-or-domain-of-your-consul-cluster>

I'll close this for now since it's a question, but feel free to continue discussion; for next please ask your usage questions on the Caddy community forums. We prefer to keep the GitHub issue board for bugs and feature requests. Don't forget to fill out the thread template so we can help you!

@francislavoie I'm trying to reverse-proxy the servers behind dev.web.service.consul but obviously consul isn't my default DNS server, so I wonder where I can tell caddy to send DNS requests for that domain (or alike) to consul instead of to 8.8.8.8.

Also noted re:Issues

Ok for anyone who gets to this point and is fortunate enough to have systemd-resolved:

ensure /etc/resolv.conf is a symlink to /run/systemd/resolve/stub-resolv.conf and edit /etc/systemd/resolved.conf adding:

[Resolve]
DNS=127.0.0.1:8600 #ommit port if your systemd is below v246
Domains=~consul
DNSSEC=no
Cache=no
DNSStubListener=yes

Make sure the service (systemd-resolved) is enabled and restart it to reload the config.

If you're on systemd <246, you need additional Iptables rules:

iptables -t nat -A OUTPUT -d localhost -p udp -m udp --dport 53 -j REDIRECT --to-ports 8600
iptables -t nat -A OUTPUT -d localhost -p tcp -m tcp --dport 53 -j REDIRECT --to-ports 8600