Hello everyone,
I'm trying different things on my homelab
And I wanted to add a traefik rp instead of nginx, with that I wanted to add the geoblock plugin
But wathever i've configured, it continue to see a local IP in the logs
## Geoblock.log
INFO: GeoBlock: 2025/04/30 22:58:40 my-geoblock@file: request allowed [192.168.48.1] since local IP addresses are allowed
## Access.log
192.168.48.1 - - [01/May/2025:08:13:45 +0000] "GET /debug/pprof/ HTTP/1.1" 404 19 "-" "-" 48 "-" "-" 0ms
192.168.48.1 - - [01/May/2025:08:13:54 +0000] "GET /metrics HTTP/1.1" 404 19 "-" "-" 49 "-" "-" 0ms
I'm running traefik on docker (host on Synology), there is my docker-compose, I'm using an external network to access my others containers
(I also have tried without the additional config on ports 443)
#################################
## Traefik - Reverse Proxy ##
#################################
---
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
security_opt:
- no-new-privileges:true
ports:
- target: 443
published: 10001
protocol: tcp
mode: host
- "10000:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.yml:/etc/traefik/traefik.yml:ro
- ./acme.json:/letsencrypt/acme.json:rw
- ./dynamic:/etc/traefik/dynamic:ro
- ./logs:/var/log/:rw
env_file: .env
networks:
- rp-net
networks:
rp-net:
external: true
There is my static entrypoint, that should let pass the headers
entryPoints:
websecure:
address: ":443"
forwardedHeaders:
insecure: true
proxyProtocol:
insecure: true
And the plugin (static part)
experimental:
plugins:
geoblock:
moduleName: "github.com/PascalMinder/geoblock"
version: "v0.3.3"
And dynamic (I've allowed local request temporary, until I found a fix)
http:
middlewares:
my-geoblock:
plugin:
geoblock:
allowLocalRequests: "true"
allowUnknownCountries: "false"
api: https://get.geojs.io/v1/ip/country/{ip}
apiTimeoutMs: "150"
cacheSize: "15"
countries:
- BE
- FR
- LU
- NL
- DE
forceMonthlyUpdate: "true"
logAllowedRequests: "true"
logApiRequests: "true"
logLocalRequests: "true"
silentStartUp: "false"
unknownCountryApiResponse: nil
logFilePath: "/var/log/geoblock.log"
I also have notice this in the logs from geoblock, is it related ? because as showed earlier, the access.log are wrong too
traefik | INFO: GeoBlock: 2025/05/01 08:17:57 use custom HTTP header field for country lookup: false
PS: I'm on 3.3.6
PS2: Only have ACME creds in .env fyi
Thanks a lot