Now i am trying to allow only local network users and VPN access users
so i put the remote_ip with network public ip and local ip
and it works for local user but it did not work for VPN user
i think to Caddy did not recognize the VPN ip address and that recognize to public ip of client without VPN
because i set the respond to {{.RemoteIP}} and that shows the public ip of client without VPN
but when i search “what is my ip address” on google i can get result to VPN public IP address
it have any way to get another ip address for client?
4. Error messages and/or full log output:
5. What I already tried:
i already test forwarded option but it not work
i thought it need another option for get ip address of client but i cannot found
I’m not really sure I understand what you’re trying to do or what the problem is. But you can get the remote IP with the {remote_host} placeholder.
If you’re trying to block access by IP, the remote_ip matcher is the right thing to use:
Could you explain in more detail what you want to see happen, and what you’re seeing happen with your existing config? Make requests with curl -v to show us. Enable the debug global option and share what’s in Caddy’s logs.
You probably want to wrap your last 4 lines of that config in a handle with no matcher, to isolate those directives from affecting the reverse_proxy. The handle directive defines mutually exclusive handlers, so only the first matching handle will be run. Otherwise, they will run according to the Caddyfile’s predetermined directive order:
i thought to i having a problem with {remote_host}.
when i access my server with out side network. {remote_host} shows 99.99.99.99(example)
but if i access my server with VPN, also {remote_host} shows 99.99.99.99
and when i test VPN with ipaddress.my for checking my ip address. it shows VPN ip address
but it was not Caddy’s problem, maybe that reason of my VPN and server
i wanted to using my gitlab server for only local user and vpn user.
for now i think that was wrong way to implementing. i will find another way to implementing.
Hmm. I think your VPN might not be configured to resolve the domain of your gitlab to a “LAN” IP address of your server inside your VPN, so the packets end up going the same way as usual (over the internet, not over the VPN). You might need to adjust the resolver settings in your VPN, I think. Something like that.