1. Caddy version (caddy version
):
v2.3.0
2. How I run Caddy:
Using debian’s systemctl re/start caddy
a. System environment:
debian stretch, systemd
b. Command:
systemctl start caddy
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
# Caddyfile
import ./gonic
# gonic
http://gonic.lan {
@blocked {
not {
remote_ip fd9b:3f17:1e9::a89
}
}
respond @blocked "no" 403
reverse_proxy /* 127.0.0.1:8765
}
3. The problem I’m having:
Trying to have a global level ip filter but i’m unsure about how i can have a global matcher (@blocked) for all imported caddy files.
Moving from nginx, this could be done in something like this using nginx:
# allowedIps.conf
allow ip1;
allow ip2;
deny all;
# nginx server config
include allowedIPs.conf
I get this if i try moving the @blocked matcher to the Caddyfile and have it respond there. Can anyone help direct me to a way where i can specify the allowed IPs in one place and have it be inherited by the rest of the imported caddyfiles?
Thanks!
4. Error messages and/or full log output:
validate: adapting config using caddyfile: cannot define a matcher outside of a site block: ‘@blocked’
5. What I already tried:
# caddyfile
@blocked {
not {
remote_ip fd9b:3f17:1e9::a89
}
}
respond @blocked "no" 403
import ./gonic
# gonic
http://gonic.lan {
reverse_proxy /* 127.0.0.1:8765
}