1. Caddy version (caddy version
):
Caddy v2.4.3
2. How I run Caddy:
- Running Caddy on TrueNAS inside a jail as a reverse proxy. Its my front server
2)Running Caddy as a webserver for Nextcloud
a. System environment:
TrueNAS Core 12.2
FreeBSD 12.2
b. Command:
service caddy start
c. Service/unit/compose file:
xcaddy build
d. My complete Caddyfile or JSON config:
Front Caddy As Reverse Proxy:
cloud.myserver.com {
tls {
dns cloudflare redactedtoked
}encode gzip reverse_proxy http://192.168.0.79 { header_up X-Forwarded-Host {host} } }
Caddy as webserver for Nextcloud
cloud.myserver.com:80, 192.168.0.79:80 {
root * /usr/local/www/nextcloud
file_server
log {
output file /var/log/caddy.log
format single_field common_log
}php_fastcgi 127.0.0.1:9000 { env front_controller_active true } # client support (e.g. os x calendar / contacts) redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 redir /.well-known/webfinger /index.php/.well-known/webfinger 301 redir /.well-known/nodeinfo /index.php/.well-known/nodeinfo 301 # .htaccess / data / config / ... shouldn't be accessible from outside @forbidden { path /.htaccess path /data/* path /config/* path /db_structure path /.xml path /README path /3rdparty/* path /lib/* path /templates/* path /occ path /console.php } respond @forbidden 404
}
3. The problem I’m having:
Caddy as my webserver always sees IP from caddy reverse proxy instead of the real remote ip. This is a issue as I want to setup fail2ban. How do I get caddy to send the real ip, from my understanding I do not need to use http x forward as caddy automatically does that. I have tried with
header_up Host {http.request.host}
header_up X-Real-IP {http.request.remote}
header_up X-Forwarded-For {http.request.remote}
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-Proto {http.request.scheme}
and the same thing.
4. Error messages and/or full log output:
192.168.0.71 is my Caddy reverse proxy
Caddy Nextcloud webserver log:
192.168.0.71 - - [06/Jul/2021:11:41:32 -0400] “GET /apps/logreader/poll?lastReqId=VhBA3M5Xng7xnkur5Lqg HTTP/1.1” 200 484
192.168.0.71 - - [06/Jul/2021:11:41:32 -0400] “GET /apps/logreader/poll?lastReqId=02eLf3Ksem3BHUf2wen3 HTTP/1.1” 200 482
192.168.0.71 - - [06/Jul/2021:11:41:33 -0400] “GET /apps/logreader/poll?lastReqId=WSMq6CRWbvUYodqxH77c HTTP/1.1” 200 482
192.168.0.71 - - [06/Jul/2021:11:41:33 -0400] “GET /apps/logreader/poll?lastReqId=e3Y1UUmScIN0IsHblak0 HTTP/1.1” 200 483
Thank You!