caddy_remote_host

package module

v0.0.0-...-b21775a Latest Latest Go to latest Published: Oct 13, 2021 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/muety/caddy-remote-host

Links

Open Source Insights

README ¶

Coding Time

caddy-remote-host

Caddy plugin to match a request's client IP against A and AAAA DNS records of a host name (analogously to remote_ip). Can be useful to restrict route access to a client, that uses dynamic DNS. Uses the host machine's local DNS resolver (uses LookupIP internally).

Usage

remote_host [forwarded] [nocache] <hosts...>

Accepts valid host names. If forwarded is given as an argument, then the first IP in the X-Forwarded-For request header, if present, will be preferred as the reference IP, rather than the immediate peer's IP, which is the default. If nocache is given as an argument, this module will not cache DNS responses and instead resolve the given hosts' for every request. By default, responses are cached for 60 seconds, regardless of the DNS record's time-to-live (TTL).

Multiple remote_host matchers will be OR'ed together.

Example

Match requests from a client, whose IPv4 or IPv6 address is the same as what ddns.example.org resolves to.

remote_host ddns.example.org

License

Apache 2.0

Documentation ¶

Index ¶

type MatchRemoteHost

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type MatchRemoteHost ¶

type MatchRemoteHost struct {
	// Host names, whose corresponding IPs to match against
	Hosts []string `json:"hosts,omitempty"`

	// If true, prefer the first IP in the request's X-Forwarded-For
	// header, if present, rather than the immediate peer's IP, as
	// the reference IP against which to match. Note that it is easy
	// to spoof request headers. Default: false
	Forwarded bool `json:"forwarded,omitempty"`

	// By default, DNS responses are cached for 60 seconds, regardless
	// of the DNS record's TTL. Set nocache to true to disable this
	// behavior and never use caching. Default: false
	NoCache bool `json:"nocache,omitempty"`
	// contains filtered or unexported fields
}

MatchRemoteHost matches based on the remote IP of the connection. A host name can be specified, whose A and AAAA DNS records will be resolved to a corresponding IP for matching.

Note that IPs can sometimes be spoofed, so do not rely on this as a replacement for actual authentication.

func (MatchRemoteHost) CaddyModule ¶

func (MatchRemoteHost) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information.

func (*MatchRemoteHost) Match ¶

func (m *MatchRemoteHost) Match(r *http.Request) bool

Match returns true if r matches m.

func (*MatchRemoteHost) Provision ¶

func (m *MatchRemoteHost) Provision(ctx caddy.Context) (err error)

Provision implements caddy.Provisioner.

func (*MatchRemoteHost) UnmarshalCaddyfile ¶

func (m *MatchRemoteHost) UnmarshalCaddyfile(d *caddyfile.Dispenser) error

UnmarshalCaddyfile implements caddyfile.Unmarshaler.

func (*MatchRemoteHost) Validate ¶

func (m *MatchRemoteHost) Validate() error

Validate implements caddy.Validator.

Source Files ¶

View all Source files

plugin.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL