add caddy config example

add environment values
2025-07-01 10:30:48 +00:00 · 2022-01-07 10:05:29 +01:00 · 2022-01-06 23:37:03 +01:00
7 changed files with 82 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -58,6 +58,8 @@ The app currently has 4 runtime flags:
 - `-x / --disable-x-forwarded-for` -- disables checking for the X-Forwarded-For header
 - `-l / --allow-private` -- allows lookups of private IP ranges

+All of the Flags also have an accompanying environment value: `PROBEHOST_LOGPATH`, `PROBEHOST_ALLOW_PRIVATE`, `PROBEHOST_LISTEN_PORT` and `PROBEHOST_DISABLE_X_FORWARDED_FOR` but the options given via commandline have priority.
+
 The app will log every request including the IP thats querying and show failed requests on stdout.

 Requests that contain an X-Forwarded-For header (implying the app is behind a reverse proxy) will automatically log that address instead of the requesting IP (the proxy itself), this can be turned off with -x.
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@ -0,0 +1,29 @@
+{
+        email [your email]
+        order rate_limit before basicauth
+}
+
+:80, :443 {
+        redir * https://[your domain]
+}
+
+[your domain] {
+        reverse_proxy [host]:[port]
+        log {
+                output file [path] {
+                        roll_size 10GiB
+                        roll_keep 10
+                }
+                level INFO
+        }
+        handle_errors {
+                respond "{http.error.status_code} {http.error.status_text}"
+        }
+        rate_limit {
+                zone dynamic {
+                        key {remote_host}
+                        events 2
+                        window 5s
+                }
+        }
+}
--- a/caddy/Dockerfile
+++ b/caddy/Dockerfile
@ -0,0 +1,8 @@
+FROM caddy:builder AS builder
+
+RUN xcaddy build \
+    --with github.com/mholt/caddy-ratelimit \
+    --with github.com/caddy-dns/cloudflare
+FROM caddy:latest
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
--- a/caddy/README.md
+++ b/caddy/README.md
@ -0,0 +1,5 @@
+# caddy
+
+This folder contains a sample configuration for caddy with ratelimiting enabled. this will allow 2 requests per IP every 5 seconds. For more on that, check here: https://github.com/mholt/caddy-ratelimit
+
+I have also included a dockerfile to build caddy with the ratelimiting module.
--- a/caddy/build.sh
+++ b/caddy/build.sh
@ -0,0 +1 @@
+xcaddy build --with github.com/mholt/caddy-ratelimit
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@ -5,6 +5,11 @@ services:
    container_name: probehost2
    image: byreqz/probehost2:latest
    restart: unless-stopped
+    environment:
+     - PROBEHOST_LOGPATH=/probehost2.log
+     - PROBEHOST_ALLOW_PRIVATE=false
+     - PROBEHOST_DISABLE_X_FORWARDED_FOR=false
+     - PROBEHOST_LISTEN_PORT=8000
    ports:
     - 1234:8000
    volumes:
--- a/main.go
+++ b/main.go
@ -6,6 +6,7 @@ import (
  "strings"
  "net/http"
  "net"
+  "strconv"

  log "github.com/sirupsen/logrus"
  flag "github.com/spf13/pflag"
@ -20,17 +21,41 @@ var disablexforwardedfor bool
 var allowprivate bool

 func init() {
-  var logfilepath string
-  flag.StringVarP(&logfilepath, "logfilepath", "o","probehost2.log", "sets the output file for the log")
-  flag.IntVarP(&listenport, "port", "p", 8000, "sets the port to listen on")
-  flag.BoolVarP(&disablexforwardedfor, "disable-x-forwarded-for", "x", false, "whether to show x-forwarded-for or the requesting IP")
-  flag.BoolVarP(&allowprivate, "allow-private", "l", false, "whether to show lookups of private IP ranges")
-  flag.Parse()
-
  logstdout.SetFormatter(&log.TextFormatter{
    FullTimestamp: true})
  logstdout.SetOutput(os.Stdout)
  logstdout.SetLevel(log.InfoLevel)
+  var logfilepath string
+
+  if _, exists := os.LookupEnv("PROBEHOST_LOGPATH"); exists == true {
+    logfilepath, _ = os.LookupEnv("PROBEHOST_LOGPATH")
+  } else {
+    logfilepath = "probehost2.log"
+  }
+  if exists, _ := os.LookupEnv("PROBEHOST_ALLOW_PRIVATE"); exists == "true" {
+    allowprivate = true
+  } else {
+    allowprivate = false
+  }
+  if envvalue, exists := os.LookupEnv("PROBEHOST_LISTEN_PORT"); exists == true {
+    var err error
+    listenport, err = strconv.Atoi(envvalue)
+    if err != nil {
+      logstdout.Fatal("Failed to read PROBEHOST_LISTEN_PORT: ", err.Error())
+    }
+  } else {
+    listenport = 8000
+  }
+  if exists, _ := os.LookupEnv("PROBEHOST_DISABLE_X_FORWARDED_FOR"); exists == "true" {
+    disablexforwardedfor = true
+  } else {
+    disablexforwardedfor = false
+  }
+  flag.StringVarP(&logfilepath, "logfilepath", "o", logfilepath, "sets the output file for the log")
+  flag.IntVarP(&listenport, "port", "p", listenport, "sets the port to listen on")
+  flag.BoolVarP(&disablexforwardedfor, "disable-x-forwarded-for", "x", disablexforwardedfor, "whether to show x-forwarded-for or the requesting IP")
+  flag.BoolVarP(&allowprivate, "allow-private", "l", allowprivate, "whether to show lookups of private IP ranges")
+  flag.Parse()

  logpath, err := os.OpenFile(logfilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0660)
  if err != nil {
Author	SHA1	Message	Date
Nils	a94503ba7a	add caddy config example	2022-01-07 10:05:29 +01:00
Nils	ce95696ef0	add environment values	2022-01-06 23:37:03 +01:00
				`@ -0,0 +1 @@`
				`xcaddy build --with github.com/mholt/caddy-ratelimit`