Use of basicauth only outside my network

epb · January 18, 2022, 2:08pm

1. Caddy version (`caddy version`):

v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=

2. How I run Caddy:

a. System environment:

Ubuntu 20.04.3 LTS

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane.

d. My complete Caddyfile or JSON config:

domoticz.####.nl {

   @mygeofilter {
      maxmind_geolocation {
         db_path "/home/###/Country.mmdb"
         allow_countries NL DE UNK
      }
   }
        handle @mygeofilter {

           basicauth * {
              #######  123456
           }
           reverse_proxy 192.168.2.3:8080
        }
}

3. The problem I’m having:

Is it possible to make the Caddyfile like this:

outside my local network: login with basicauth or something like that.
inside my local network: direct to the web application without basicauth.
If so, how?

I had remote_ip in my Caddyfile (below) but I could not make it happen. It is either always login or not.

 @outside {
               remote_ip 192.168.2.0/24 127.0.0.1 127.0.1.1
       }

4. Error messages and/or full log output:

5. What I already tried:

6. Links to relevant resources:

francislavoie · January 18, 2022, 2:26pm

I think you want to invert that matcher – it’s easier to match against private IP ranges, so to match against public ranges you can basically say “NOT private” which means “public”.

So use the not matcher, which you can put just before remote_ip. Like this:

not remote_ip <ranges...>

epb · January 19, 2022, 6:19pm

Oh Yes, you are right. I did the adjustment and now it is working. Thanks.

system · February 17, 2022, 2:08pm

This topic was automatically closed after 30 days. New replies are no longer allowed.