1. Caddy version (caddy version
):
v2.0.0 h1:pQSaIJGFluFvu8KDGDODV8u4/QRED/OPyIR+MWYYse8=
2. How I run Caddy:
caddy.service file (not API)
or
caddy start/stop/reload
a. System environment:
Raspberry Pi (Raspbian Buster Lite)
Open Media Vault 5
Portainer
(Home NAS)
b. Command:
N/A
c. Service/unit/compose file:
N/A
d. My complete Caddyfile or JSON config:
mydomain.duckdns.org {
log {
output file /var/log/caddy.log
format console
}
@internal {
remote_ip 192.168.0.0/16
}
handle @internal {
reverse_proxy 127.0.0.1:9000
}
respond 403
}
jellyfin.mydomain.duckdns.org {
log {
output file /var/log/caddy.log
format console
}
reverse_proxy 127.0.0.1:8096
}
omv.mydomain.duckdns.org {
reverse_proxy 127.0.0.1:81
}
nas.mydomain.duckdns.org {
root * /srv/dev-disk-by-label-HomeDrive/
file_server browse
}
3. The problem I’m having:
Hello all I am trying to figure out the best method for me to access the files on my home drive from anywhere. Well that was actually the easy part, but unfortunately I made it accessible to anyone that finds my domain address.
What I’m hoping to get help with is setting up some kind of security (usrname, passwd) or access for only certain IP addresses. I’m not sure if using a DNS is the proper way to securely access my files or if I should be using SFTP or some other form of file transfer.
Does Caddy have an option to only allow access by IP or a password enable function? I would like to use an app I have on my phone called FileExplorer which has many file transfer option available but they require a ‘host’ which if I used my local address would only give me access while internal to my network. Is there some other way I should be enabling a usr/passwd option so when someone stumbles across my DNS they can’t access my files?
Thank you in advance.
4. Error messages and/or full log output:
N/A
5. What I already tried:
Adding file_server to my caddyfile with hide. Looking up option for this but not finding any methods using the installed programs I have.