Yeah the remote ip is always local. This comes from a podman configuration, not a caddy one. Setting the podman network mode to pasta or slirp4netns will show the proper remote ips

I’m using this right now but I’m switching to having all my services under one domain and blocking non internal ips. Technically someone can access your site by providing the host manually, althought it’s unlikely since they would need to know it

I use ddclient but in a docker container. Works great with minimal config