Try wrapping your reverse_proxy in a handle block. See How to stop remote access - #2 by Whitestrake.
git.jeelabs.org {
@local {
remote_ip 192.168.188.0/24
}
handle @local {
reverse_proxy localhost:3001
}
log {
output discard
}
}