1. The problem I’m having:
my issue is that
remote_ip = 127.0.0.1 , so geo location allow not working
I was tried to change :
client_ip_headers CF-Connecting-IP X-Forwarded-For
to
client_ip_headers Cf-Connecting-Ip X-Forwarded-For
also same issue
Access log by getting request ip is working good
My caddy implemenation :
Linux Server running cloudflared tunnel —> Docker —> Caddy Container
2. Error messages and/or full log output:
Nothing , everything is working good except the remote_ip issue
3. Caddy version:
caddy:2.8
4. How I installed and ran Caddy:
Docker container
FROM caddy:2.8-builder-alpine AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/abiosoft/caddy-hmac \
--with github.com/caddy-dns/dnspod \
--with github.com/caddy-dns/gandi \
--with github.com/caddy-dns/route53 \
--with github.com/caddy-dns/alidns \
--with github.com/caddy-dns/azure \
--with github.com/caddy-dns/digitalocean \
--with github.com/caddy-dns/duckdns \
--with github.com/caddy-dns/hetzner \
--with github.com/caddy-dns/openstack-designate \
--with github.com/caddy-dns/vultr \
--with github.com/lolPants/caddy-requestid \
--with github.com/mholt/caddy-webdav \
--with github.com/abiosoft/caddy-json-parse \
--with github.com/hslatman/caddy-crowdsec-bouncer \
--with github.com/porech/caddy-maxmind-geolocation \
--with github.com/WeidiDeng/caddy-cloudflare-ip \
--with github.com/fvbommel/caddy-combine-ip-ranges \
--with github.com/corazawaf/coraza-caddy/v2 \
--with github.com/caddyserver/transform-encoder
FROM caddy:2.8-alpine
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
RUN mkdir -p /usr/share/GeoIP
COPY GeoData /usr/share/GeoIP
a. System environment:
Debian 12
Docker version 26.1.2, build 211e74b
Caddy 2.8
b. Command:
command: ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--watch"]
c. Service/unit/compose file:
Docker Compose file
version: '2.4'
services:
caddy:
image: chunky/caddy:latest
container_name: caddy
restart: always
network_mode: "host"
volumes:
- type: "bind"
source: "./Caddyfile"
target: "/etc/caddy/Caddyfile"
- "./data:/data/caddy"
- "./logs:/var/log/caddy"
command: ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--watch"]
d. My complete Caddy config:
{
# runtime logs
log {
format json # set runtime log format to json mode
}
# server options
servers {
trusted_proxies cloudflare
client_ip_headers CF-Connecting-IP X-Forwarded-For
}
}
domain.net {
@geofilter {
maxmind_geolocation {
db_path "/usr/share/GeoIP/GeoLite2-Country.mmdb"
allow_countries SA
}
}
respond "Hello, Chunky!! {client_ip} "
log {
output file /var/log/caddy/access.log
format transform `{request>host}:443 {request>headers>X-Forwarded-For>[0]:request>headers>Cf-Connecting-Ip>[0]:request>remote_ip} - {request>user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{requ>
time_format "02/Jan/2006:15:04:05 -0700"
}
}
}