proxy openvpn from caddy

caddy/Caddyfile

@@ -7,6 +7,15 @@
 		versions ipv4
 	}
 
+	layer4 {
+		:443 {
+			@openvpn openvpn
+			route @openvpn {
+				proxy host:444 # Proxy OpenVPN traffic to its backend
+			}
+		}
+	}
+
 	order geoip2_vars first
 	geoip2 {
 		accountId {$GEO_ACCOUNT_ID}
@@ -159,8 +168,6 @@ geo.rik.veenboer.xyz {
 
 	@geofilter expression ({geoip2.country_code} == "NL")
 
-    # @geofilter expression {geoip2.country_eu}
-
 	route @geofilter {
 		reverse_proxy host:12345 {
 			header_up X-Real-IP {remote_host}

caddy/Dockerfile

@@ -3,13 +3,9 @@ FROM caddy:2.9-builder AS builder
 RUN xcaddy build \
     --with github.com/caddy-dns/route53 \
     --with github.com/mholt/caddy-dynamicdns \
-    --with github.com/zhangjiayin/caddy-geoip2
+    --with github.com/zhangjiayin/caddy-geoip2 \
-    #--with github.com/shift72/caddy-geo-ip \
+    --with github.com/mholt/caddy-l4
-    #--with github.com/aablinov/caddy-geoip \
-    #--with github.com/porech/caddy-maxmind-geolocation
 
 FROM caddy:2.9-alpine
 
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-
-

docker-compose.openvpn-server.yml

@@ -6,7 +6,8 @@ services:
         extra_hosts:
         - host:192.168.2.200
         image: kylemanna/openvpn:2.4
-        network_mode: host
+        ports:
+        - 444:443
         privileged: true
         restart: unless-stopped
         volumes:

docker-compose.yml

@@ -28,7 +28,7 @@ include:
 
 # Networking
 - docker-compose.surfshark.yml
-#- docker-compose.openvpn-server.yml
+- docker-compose.openvpn-server.yml
 - docker-compose.dns-ad-blocker.yml
 
 # Backup