Behind reverse proxy, not logging the right IP

I’m behind Caddy, which forwards the client IP by default. Nonetheless, all I see in this plugin is attempts from the IP address from the reverse proxy server. After some efforts I got to see the client ip in Apache’s access.log.

How do I get WP Fail2ban to work with the client ip instead of the reverse proxy ip?
Is it possible to just write these to a seperate log fail (why use syslog at all?) like other apps using fail2ban do?

I assume Caddy sets the standard X-Forwarded-For header; have you defined WP_FAIL2BAN_PROXIES?