tidy up caddy config

caddy/Caddyfile

@@ -1,10 +1,8 @@
-import conf/*.caddy
-
 {
-	import dynamic_dns
+	import conf/dynamic_dns.caddy
-	import auth
+	import conf/auth.caddy
-	import geoip2
+	import conf/geoip2.caddy
-	# import layer4
+	# import conf/layer4.caddy
 }
 
 (unprotected) {
@@ -18,7 +16,7 @@ import conf/*.caddy
 
 (protected) {
 	{args[0]}.{$SUBDOMAIN}.{$DOMAIN} {
-		import authentik
+		import conf/authentik.caddy
 		reverse_proxy {args[1]}
 	}
 }

caddy/conf/auth.caddy

@@ -1,4 +1,3 @@
-(auth) {
 order authenticate before respond
 order authorize before reverse_proxy
 security {
@@ -46,4 +45,3 @@
 		inject headers with claims
 	}
 }
-}

caddy/conf/authentik.caddy

@@ -1,4 +1,3 @@
-(authentik) {
 reverse_proxy /outpost.goauthentik.io/* http://host:19000
 forward_auth http://host:19000 {
 	uri /outpost.goauthentik.io/auth/caddy?rd={http.request.uri}
@@ -24,4 +23,3 @@
 		X-User-Header
 	}
 }
-}

caddy/conf/dynamic_dns.caddy

@@ -1,4 +1,3 @@
-(dynamic_dns) {
 dynamic_dns {
 	provider route53
 	domains {
@@ -6,4 +5,3 @@
 	}
 	versions ipv4
 }
-}

caddy/conf/geoip2.caddy

@@ -1,4 +1,3 @@
-(geoip2) {
 order geoip2_vars first
 geoip2 {
 	#	accountId {$GEO_ACCOUNT_ID}
@@ -9,4 +8,3 @@
 	updateUrl https://updates.maxmind.com
 	updateFrequency 86400 # in seconds
 }
-}

caddy/conf/layer4.caddy

@@ -1,4 +1,3 @@
-(layer4) {
 layer4 {
 	:443 {
 		@openvpn openvpn
@@ -7,4 +6,3 @@
 		}
 	}
 }
-}

caddy/sites/geo.caddy

@@ -9,7 +9,7 @@ geo.{$SUBDOMAIN}.{$DOMAIN} {
 	# trusted_proxies: Trust 'X-Forwarded-For' header_up if trusted_proxies is also valid (see https://caddyserver.com/docs/caddyfile/options#trusted-proxies)
 	# default: trusted_proxies
 
-	@geofilter expression ({geoip2.country_code} == "NL")
+	@geofilter expression ({geoip2.country_code} != "FR")
 
 	route @geofilter {
 		reverse_proxy host:12345 {