Hi,

I'm running the image: ckulka/baikal:latest on my docker host and want to use crowsdsec to block brute force attacks on my env. My problem is that I don't get the public IP of the client who try to login.

In error log of baikal I see only this on my docker host
baikal | [Sat Mar 29 22:35:16.806944 2025] [php:error] [pid 38:tid 38] [client 192.168.30.1:31634] user admin authentication failure for Baikal, referer: https://baikal.domain.com/admin/

If I test with https://ealenn.github.io/Echo-Server and my Caddy Reverse Baikal URL I see the x-forwarded-for":"x.x.x.x" with my public IP. The header information for the ip exists. How can I see the public WAN IP in my error.log of baikal in my docker env?

Thanks for helping