Sending original source ip to Qnap NAS

mr_n0x · October 28, 2025, 2:14pm

1. The problem I’m having:

Hi, im facing the issue, that my Qnap NAS doesn't get the original client ip. It's just logging the caddy ip address.

2. Error messages and/or full log output:

Actually not an error message. My Qnap NAS only shows the local caddy ip address in the access log.

3. Caddy version:

2.10.0 with cloudflare module as docker container.

4. How I installed and ran Caddy:

Docker

a. System environment:

Qnap Container Station; Docker container

b. Command:

none

c. Service/unit/compose file:

services:
  caddy:
    image: mr-n0cturne/caddy-cf-extended:latest
    restart: unless-stopped
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /share/Apps/container/proxy/caddy/resolv.conf:/etc/resolv.conf:ro
      - /share/Apps/container/proxy/caddy/config:/config
      - /share/Apps/container/proxy/caddy/data:/data
      - /share/Apps/container/proxy/caddy/0_configs.caddy:/etc/caddy/Caddyfile:ro
      - /share/Apps/container/proxy/caddy/1_global_config.caddy:/etc/caddy/global.caddy:ro
      - /share/Apps/container/proxy/caddy/2_global_tls.caddy:/etc/caddy/tls.caddy:ro
      - /share/Apps/container/proxy/caddy/3_global_header.caddy:/etc/caddy/header.caddy:ro
      - /share/Apps/container/proxy/caddy/Caddyfile.d:/etc/caddy/Caddyfile.d:ro
      # Wordpress spezifisch
      - /share/Apps/container/www/tt-gang.de/wordpress:/var/www/html:ro
    environment:
      - TZ=Europe/Berlin
      - CF_API_TOKEN_myfrohn=***
      - CF_EMAIL_myfrohn=home@myfrohn.de
    hostname: bf-netprx
    dns:
      - 192.168.242.2
      - 1.1.1.1
      - 1.0.0.1
    ports:
      - "80:80"
      - "443:443"
    networks:
      qnet-static:
        ipv4_address: 192.168.242.10

d. My complete Caddy config:

nas.myfrohn.de {
	import LOGGING nas
	import DOMAIN_LIGHT_myfrohn
	reverse_proxy https://192.168.242.1:9443 {
		transport http {
			tls_insecure_skip_verify
			versions h1
			dial_timeout 10s
			read_timeout 60s
			keepalive 30s
			tls_server_name 192.168.242.1
		}
		header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
		header_up X-Real-IP {http.request.header.CF-Connecting-IP}
	}
}

5. Links to relevant resources:

none

timelordx · October 28, 2025, 8:42pm

I’m assuming you’re taking about QNAP’s logs?

You need to configure QNAP to log the value of the X-Forwarded-For or X-Real-IP headers instead of the TCP client IP. This isn’t an issue with Caddy, it’s on QNAP’s side. Caddy is already sending all the necessary information in those headers.